last executing test programs: 1.831622616s ago: executing program 2 (id=11758): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_COALESCE_PKT_RATE_LOW={0x8, 0xd, 0x2fa7}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x800) 1.526391142s ago: executing program 3 (id=11763): openat$auto_ima_measurements_count_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000180), 0x410000, 0x0) r0 = socket(0x11, 0x3, 0x6) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000180), 0x5ea}, 0x7, 0x0, 0x0, 0x1001}, 0x5}, 0x2, 0x140) 1.523116917s ago: executing program 0 (id=11764): r0 = socket(0x2, 0x1, 0x106) setreuid$auto(0xffffffffffffffff, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) setsockopt$auto(r0, 0x6, 0xd, &(0x7f0000000140)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00}\xc9\xd0ghB\x8a\n\x8bw\xc8\x9f\x8f\xd1\xd0\xc3i\xd4\x8cO\x90\xaf?J\t\xce%\xcb\xb7Sq)\x12k\xb6\xa7(\\Vpm\xc6Q6\xe2\x0f\xae\xd6\x15\\\xf3\xefOA\xf1G\n\xd6u\x9b\x18+\x83\xc9g*v@\x90\xc6\xc2\xb9\n\a]\x86VDLp\xa2\xb0\xbd`\x144\xb2', 0x4) 1.505059608s ago: executing program 2 (id=11765): lstat$auto(0x0, &(0x7f0000000180)={0x80000000000001, 0x0, 0x0, 0x2, 0xee01, 0x0, 0x0, 0x2, 0x4, 0x80000002041000a, 0x4, 0x10000, 0x6, 0xffffffff80000000, 0xe0, 0x6, 0xfffffffffffffffb}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r0 = socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) 1.361342519s ago: executing program 3 (id=11766): socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) setsockopt$auto(0x3, 0x10000000084, 0x84, 0x0, 0x90) 1.351975368s ago: executing program 0 (id=11767): r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d}) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{&(0x7f0000000000), 0x3ff, &(0x7f0000000180)={0x0, 0x434b}, 0x9, &(0x7f00000001c0), 0x3ff, 0x24000000}, 0xb6}, 0x2, 0x2) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x6, &(0x7f0000000180), 0x5, 0x3}, 0x5}, 0x63, 0x100) 1.246073009s ago: executing program 3 (id=11768): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000180)='7\x00\\\xa0\x04|4\x00\x00\x03\x00\x00\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\x00rRVr\xc4O\xdc1\x9b%\x10Z\'\xb9\'\xa3stC=\x85\xc6\xf6\x13 \xeb\xff%\x11\x82\x05\xdfV\x02\xca&\xd8$<\xab&\xc8B-\xcc\x15\x04&\x13;\xfe\xbdQ\xaa\x16o\x1f\xc7\x94\xa3\xc9\x9a\xe1d\xf5\n\xe2\x88\x84\vT?\x98\xa2\x00'/206, 0x5) shmctl$auto_IPC_INFO(0x7, 0x3, 0x0) setfsuid$auto(0xee00) 897.737952ms ago: executing program 2 (id=11769): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1c, 0x9, 0x63, 0x0, 0x0, 0x0, 0xffc, 0x8, 0x80000000000000a, 0x0, 0x9, 0x9, 0xffffffff80000000, 0xd, 0x6, 0x200000100103}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) 789.437534ms ago: executing program 0 (id=11777): sendmsg$auto_NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)={0xd4, 0x0, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_COORDINATOR={0xc0, 0x1e, 0x0, 0x1, [@nested={0xba, 0xc, 0x0, 0x1, [@generic="48f8ed2b5310ced5f945239dd9c403c09327e84145b005e38778478d97ec8cea56cd0885cc76f047f3098e4cf072b87a6e1ebc49ee98f2428aa3de007995e2866a638eaf8912ca589683e3714dea5d62f087a9a389ae573de7b0d04725d70f1c2fe62590bae518173a0275dfba90c43d56a60939b499e08cc9e045696d79f8cf17bbe71627ecc78d25c90e1062144cd69cdfa75f766d6e952feb64b64b030b6bd4358911e6052033f3d0526a6f4f8ed09344aac49b60"]}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x10}, 0x1) setfsuid$auto(0x0) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b63", 0xfdef) 777.999676ms ago: executing program 1 (id=11770): socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0x81) 776.766407ms ago: executing program 2 (id=11771): ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@raw=0x7, 0x1, 0xfffffffb, 0x480008, "3112d58500a8b47148e22af9ffb683dbede3d0bf828bbf100000e5e2f96ee50484b0755015e48d00", @raw=0xfffffffe}, 0x2, 0x5, 0x4, @inferred, @integer64={0x8, 0x0, 0xf}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090d70925450ece0bb32777702b07552d000000000000000000ebff0000000000000059a200"}) rt_sigqueueinfo$auto(0x0, 0xffff7b6f, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x1, @_sigpoll={0xd}}}) r0 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x21}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) 674.121999ms ago: executing program 1 (id=11772): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r0, 0x2, 0x9) ioctl$auto(r0, 0x400c4d00, r0) 557.168857ms ago: executing program 1 (id=11773): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) 524.747349ms ago: executing program 2 (id=11774): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) timer_create$auto(0x8, 0x0, 0x0) timer_settime$auto(0x0, 0xffff7ffc, &(0x7f0000000380)={{}, {0x800002000009, 0x4b}}, 0x0) timer_gettime$auto(0x0, 0x0) 497.380592ms ago: executing program 0 (id=11775): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x10000000000048, 0x0) r0 = socket(0x2, 0x5, 0x0) getsockopt$auto(r0, 0x84, 0x82, 0x0, 0x0) 443.974553ms ago: executing program 1 (id=11776): openat$dir(0xffffffffffffff9c, &(0x7f00000004c0)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)\x00', 0x40140, 0x12d) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) rename$auto(&(0x7f0000000180)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', &(0x7f0000000300)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)') rename$auto(&(0x7f00000003c0)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)', &(0x7f0000000000)=':-.\x00') 419.475036ms ago: executing program 3 (id=11778): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) clock_nanosleep$auto(0x8, 0x0, 0x0, 0x0) 367.293361ms ago: executing program 0 (id=11779): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x44, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) 315.2371ms ago: executing program 1 (id=11780): sendmsg$auto_NFSD_CMD_LISTENER_SET(0xffffffffffffffff, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000000)={0x1c, 0x0, 0x1, 0x870bd2b, 0x25dfdbfc, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x8, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x4}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000) r0 = socket(0x10, 0x3, 0x15) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}}, 0x400c001) write$auto(r0, &(0x7f0000000000)='-\x00', 0x2fb) 235.942452ms ago: executing program 0 (id=11781): mmap$auto(0x0, 0x20009, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x100000000000031, 0x0) futex$auto(&(0x7f0000000080)=0x1, 0xb, 0x1, 0x0, 0x0, 0xfffffffa) futex$auto(&(0x7f0000000080)=0xfffffffa, 0xc, 0x1, 0x0, 0x0, 0xfffffffa) 157.739728ms ago: executing program 2 (id=11782): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) read$auto_proc_pid_maps_operations_internal(r0, &(0x7f00000020c0)=""/4093, 0xffd) 131.99286ms ago: executing program 1 (id=11783): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x2e, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 77.175284ms ago: executing program 3 (id=11784): bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) sendmmsg$auto(r0, &(0x7f0000000000)={{0x0, 0x6, 0x0, 0x106, 0x0, 0x1, 0x3}, 0x57177fc5}, 0x9, 0x0) r1 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_map_fd=r0}, 0xa3) 0s ago: executing program 3 (id=11785): bpf$auto(0x18, &(0x7f0000000040)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x5, 0x8, 0xffffffffffffffff, @relative_id=0x13, 0x41b5c1ff}, 0x92) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='d\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x1000000, &(0x7f0000000100)={&(0x7f0000000080), 0x1}, 0x3, &(0x7f0000000180), 0xf, 0xa504}, 0x800}, 0x7, 0x8) kernel console output (not intermixed with test programs): ][T24576] ? down_write+0x146/0x1f0 [ 465.206556][T24576] __key_link_begin+0xf5/0x260 [ 465.206573][T24576] key_link+0x103/0x390 [ 465.206589][T24576] ? __up_read+0x2c5/0x700 [ 465.206609][T24576] ? __pfx_key_link+0x10/0x10 [ 465.206623][T24576] ? bpf_lsm_key_permission+0x9/0x10 [ 465.206647][T24576] ? key_task_permission+0x2c7/0x3c0 [ 465.206670][T24576] keyctl_get_persistent+0x5e2/0x8b0 [ 465.206686][T24576] ? __pfx_keyctl_get_persistent+0x10/0x10 [ 465.206704][T24576] ? __x64_sys_futex+0x34f/0x4d0 [ 465.206730][T24576] ? __x64_sys_futex+0x358/0x4d0 [ 465.206751][T24576] ? xfd_validate_state+0x129/0x190 [ 465.206777][T24576] __do_sys_keyctl+0x3b2/0x5a0 [ 465.206797][T24576] do_syscall_64+0x106/0xf80 [ 465.206814][T24576] ? clear_bhb_loop+0x40/0x90 [ 465.206831][T24576] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.206847][T24576] RIP: 0033:0x7f8dfe59c629 [ 465.206860][T24576] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 465.206874][T24576] RSP: 002b:00007f8dff373028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 465.206889][T24576] RAX: ffffffffffffffda RBX: 00007f8dfe815fa0 RCX: 00007f8dfe59c629 [ 465.206899][T24576] RDX: 7fffffffffffffff RSI: 000000000000ee00 RDI: 0000000000000016 [ 465.206908][T24576] RBP: 00007f8dfe632b39 R08: 000000000000000c R09: 0000000000000000 [ 465.206916][T24576] R10: 00000000000099a7 R11: 0000000000000246 R12: 0000000000000000 [ 465.206925][T24576] R13: 00007f8dfe816038 R14: 00007f8dfe815fa0 R15: 00007fffa610a268 [ 465.206945][T24576] [ 466.208298][T22064] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 466.208324][T22064] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 466.225319][T22064] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 466.225335][T22064] Bluetooth: hci2: Unknown advertising packet type: 0x7b [ 466.232619][T22064] Bluetooth: hci2: adv larger than maximum supported [ 466.239626][T22064] Bluetooth: hci2: Malformed LE Event: 0x0d [ 466.263160][T24603] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 467.219878][T24642] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9219'. [ 467.620143][T24663] ima: policy update failed [ 467.654100][ T30] audit: type=1802 audit(4294967301.312:39): pid=24663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.9230" res=0 errno=0 [ 468.487689][ T6215] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 468.555650][ T6215] CPU: 0 UID: 0 PID: 6215 Comm: syz-executor Tainted: G U I L syzkaller #0 PREEMPT(full) [ 468.555679][ T6215] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 468.555686][ T6215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 468.555695][ T6215] Call Trace: [ 468.555700][ T6215] [ 468.555706][ T6215] dump_stack_lvl+0x100/0x190 [ 468.555731][ T6215] dump_header+0xfb/0x606 [ 468.555748][ T6215] oom_kill_process.cold+0xd/0x330 [ 468.555766][ T6215] out_of_memory+0x340/0x14f0 [ 468.555790][ T6215] ? __pfx_out_of_memory+0x10/0x10 [ 468.555815][ T6215] mem_cgroup_out_of_memory+0xc6/0x130 [ 468.555834][ T6215] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 468.555851][ T6215] ? find_held_lock+0x2b/0x80 [ 468.555877][ T6215] ? do_raw_spin_unlock+0x145/0x1e0 [ 468.555897][ T6215] ? _raw_spin_unlock+0x28/0x50 [ 468.555913][ T6215] try_charge_memcg+0x652/0xc90 [ 468.555940][ T6215] ? __pfx_try_charge_memcg+0x10/0x10 [ 468.555967][ T6215] ? find_held_lock+0x2b/0x80 [ 468.555988][ T6215] ? rcu_read_unlock+0x17/0x60 [ 468.556001][ T6215] ? rcu_read_unlock+0x17/0x60 [ 468.556017][ T6215] charge_memcg+0xa6/0x280 [ 468.556039][ T6215] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 468.556058][ T6215] __swap_cache_prepare_and_add+0x528/0x9e0 [ 468.556085][ T6215] ? __pfx___swap_cache_prepare_and_add+0x10/0x10 [ 468.556104][ T6215] ? __pfx_swap_entry_swapped+0x10/0x10 [ 468.556131][ T6215] swap_cache_alloc_folio+0x1cb/0x300 [ 468.556151][ T6215] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 468.556171][ T6215] ? finish_task_switch.isra.0+0x2c6/0xb80 [ 468.556189][ T6215] swap_cluster_readahead+0x53b/0x770 [ 468.556213][ T6215] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 468.556235][ T6215] ? update_cfs_rq_load_avg+0x51/0x550 [ 468.556255][ T6215] ? __lock_acquire+0x4a5/0x2630 [ 468.556274][ T6215] ? get_vma_policy+0x23f/0x3b0 [ 468.556290][ T6215] swapin_readahead+0x160/0x12c0 [ 468.556315][ T6215] ? __pfx_swapin_readahead+0x10/0x10 [ 468.556333][ T6215] ? find_held_lock+0x2b/0x80 [ 468.556363][ T6215] ? swap_table_get+0x103/0x2c0 [ 468.556379][ T6215] ? swap_table_get+0x103/0x2c0 [ 468.556400][ T6215] ? swap_table_get+0x10d/0x2c0 [ 468.556417][ T6215] ? swap_cache_get_folio+0x1ae/0x600 [ 468.556436][ T6215] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 468.556453][ T6215] ? __pfx_get_swap_device+0x10/0x10 [ 468.556479][ T6215] ? do_swap_page+0xb2e/0x68e0 [ 468.556495][ T6215] do_swap_page+0xb2e/0x68e0 [ 468.556522][ T6215] ? __pfx_do_swap_page+0x10/0x10 [ 468.556541][ T6215] ? __free_object+0x2a8/0x400 [ 468.556558][ T6215] ? lockdep_hardirqs_on+0x78/0x100 [ 468.556576][ T6215] ? rcu_is_watching+0x12/0xc0 [ 468.556597][ T6215] ? __pte_offset_map+0x179/0x310 [ 468.556622][ T6215] __handle_mm_fault+0x18c1/0x2b60 [ 468.556644][ T6215] ? reacquire_held_locks+0xce/0x1e0 [ 468.556661][ T6215] ? __pfx___handle_mm_fault+0x10/0x10 [ 468.556683][ T6215] ? lock_vma_under_rcu+0x17c/0x590 [ 468.556712][ T6215] handle_mm_fault+0x36d/0xa20 [ 468.556734][ T6215] do_user_addr_fault+0x5a3/0x12f0 [ 468.556762][ T6215] exc_page_fault+0x6f/0xd0 [ 468.556778][ T6215] asm_exc_page_fault+0x26/0x30 [ 468.556793][ T6215] RIP: 0033:0x7f6b9895cece [ 468.556806][ T6215] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 468.556820][ T6215] RSP: 002b:00007fffe13d83f8 EFLAGS: 00010246 [ 468.556832][ T6215] RAX: 0000000000000000 RBX: 000055555f9a6500 RCX: 00007f6b9895cece [ 468.556842][ T6215] RDX: 00007fffe13d8450 RSI: 0000000000000000 RDI: 0000000000000000 [ 468.556850][ T6215] RBP: 00007fffe13d84bc R08: 0000000000000000 R09: 0000000000000000 [ 468.556859][ T6215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388 [ 468.556867][ T6215] R13: 00000000000927c0 R14: 0000000000072ba0 R15: 00007fffe13d8510 [ 468.556887][ T6215] [ 468.556893][ T6215] memory: usage 3072kB, limit 3072kB, failcnt 59859 [ 468.984448][T24715] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9254'. [ 469.080907][T24714] NFSD: Failed to start, no listeners configured. [ 469.256098][ T6215] memory+swap: usage 3272kB, limit 9007199254740988kB, failcnt 0 [ 469.341871][ T6215] kmem: usage 3048kB, limit 9007199254740988kB, failcnt 0 [ 469.382729][ T6215] Memory cgroup stats for /syz2: [ 469.383205][ T6215] cache 0 [ 469.404081][ T6215] rss 0 [ 469.415997][ T6215] rss_huge 0 [ 469.419191][ T6215] shmem 0 [ 469.422112][ T6215] mapped_file 0 [ 469.464743][ T6215] dirty 0 [ 469.467680][ T6215] writeback 0 [ 469.495350][ T6215] workingset_refault_anon 1738 [ 469.500113][ T6215] workingset_refault_file 14715 [ 469.540877][ T6215] swap 204800 [ 469.549604][ T6215] swapcached 208449536 [ 469.569348][ T6215] pgpgin 204429 [ 469.572804][ T6215] pgpgout 211075 [ 469.598950][ T6215] pgfault 269633 [ 469.602492][ T6215] pgmajfault 1062 [ 469.643563][ T6215] inactive_anon 0 [ 469.658532][ T6215] active_anon 0 [ 469.661985][ T6215] inactive_file 0 [ 469.681086][ T6215] active_file 0 [ 469.702957][ T6215] unevictable 0 [ 469.706419][ T6215] hierarchical_memory_limit 3145728 [ 469.738996][ T6215] hierarchical_memsw_limit 9223372036854771712 [ 469.775434][ T6215] total_cache 0 [ 469.778908][ T6215] total_rss 0 [ 469.782171][ T6215] total_rss_huge 0 [ 469.820749][ T6215] total_shmem 0 [ 469.837014][ T6215] total_mapped_file 0 [ 469.840995][ T6215] total_dirty 0 [ 469.878757][ T6215] total_writeback 0 [ 469.896569][ T6215] total_workingset_refault_anon 1738 [ 469.928040][ T6215] total_workingset_refault_file 14715 [ 469.946175][ T6215] total_swap 204800 [ 469.950082][ T6215] total_swapcached 208449536 [ 469.991638][ T6215] total_pgpgin 204429 [ 469.995636][ T6215] total_pgpgout 211075 [ 470.023685][ T6215] total_pgfault 269633 [ 470.050299][ T6215] total_pgmajfault 1062 [ 470.072308][ T6215] total_inactive_anon 0 [ 470.085330][ T6215] total_active_anon 0 [ 470.089304][ T6215] total_inactive_file 0 [ 470.125726][ T6215] total_active_file 0 [ 470.129730][ T6215] total_unevictable 0 [ 470.156905][ T6215] anon_cost 5 [ 470.160201][ T6215] file_cost 0 [ 470.179051][ T6215] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.9246,pid=24695,uid=0 [ 470.293110][ T6215] Memory cgroup out of memory: Killed process 24695 (syz.2.9246) total-vm:104404kB, anon-rss:1232kB, file-rss:22552kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 470.814481][T24780] openvswitch: netlink: Missing valid actions attribute. [ 470.994071][T24785] vhci_hcd vhci_hcd.0: invalid port number 16 [ 471.458158][T22064] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 471.458184][T22064] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 471.472929][T22064] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 471.472945][T22064] Bluetooth: hci1: Unknown advertising packet type: 0x5c [ 471.482714][T22064] Bluetooth: hci1: Unknown advertising packet type: 0x5f [ 471.491732][T22064] Bluetooth: hci1: Malformed LE Event: 0x0d [ 471.596253][T24817] netlink: 'syz.1.9302': attribute type 1 has an invalid length. [ 471.727093][T24821] netlink: zone id is out of range [ 472.126517][T24833] netlink: 'syz.3.9310': attribute type 1 has an invalid length. [ 472.523842][T22428] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 472.629472][T22428] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 472.680037][T22428] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 472.973013][T22428] bridge_slave_1: left allmulticast mode [ 473.031204][T22428] bridge_slave_1: left promiscuous mode [ 473.070836][T22428] bridge0: port 2(bridge_slave_1) entered disabled state [ 473.176148][T22428] bridge_slave_0: left allmulticast mode [ 473.226105][T22428] bridge_slave_0: left promiscuous mode [ 473.231827][T22428] bridge0: port 1(bridge_slave_0) entered disabled state [ 473.617495][T21959] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 473.638321][T21959] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 473.648359][T21959] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 473.657056][T21959] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 473.666114][T21959] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 474.017270][T22428] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 474.071168][T22428] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 474.115191][T22428] bond0 (unregistering): Released all slaves [ 474.301186][T22428] : left promiscuous mode [ 475.102088][T22428] hsr_slave_0: left promiscuous mode [ 475.148169][T22428] hsr_slave_1: left promiscuous mode [ 475.170260][T22428] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 475.207480][T22428] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 475.253468][T22428] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 475.284904][T22428] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 475.371211][T22428] veth1_macvtap: left promiscuous mode [ 475.398539][T22428] veth0_macvtap: left promiscuous mode [ 475.430711][T22428] veth1_vlan: left promiscuous mode [ 475.450859][T22428] veth0_vlan: left promiscuous mode [ 475.692658][T21959] Bluetooth: hci4: command tx timeout [ 476.191530][T22428] team0 (unregistering): Port device team_slave_1 removed [ 476.217423][T22428] team0 (unregistering): Port device team_slave_0 removed [ 476.497844][T24867] chnl_net:caif_netlink_parms(): no params data found [ 476.903995][T24867] bridge0: port 1(bridge_slave_0) entered blocking state [ 476.954242][T24867] bridge0: port 1(bridge_slave_0) entered disabled state [ 477.006123][T24867] bridge_slave_0: entered allmulticast mode [ 477.032724][T24867] bridge_slave_0: entered promiscuous mode [ 477.073348][T24867] bridge0: port 2(bridge_slave_1) entered blocking state [ 477.110415][T24867] bridge0: port 2(bridge_slave_1) entered disabled state [ 477.142971][T24867] bridge_slave_1: entered allmulticast mode [ 477.176455][T24867] bridge_slave_1: entered promiscuous mode [ 477.319242][T24867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 477.377985][T24867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 477.521397][T24867] team0: Port device team_slave_0 added [ 477.556252][T24867] team0: Port device team_slave_1 added [ 477.661682][T24867] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 477.705484][T24867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 477.769321][T21959] Bluetooth: hci4: command tx timeout [ 477.880579][T24867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 477.941312][T24867] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 477.984189][T24867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 478.107697][T24867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 478.291864][T24867] hsr_slave_0: entered promiscuous mode [ 478.298082][T24867] hsr_slave_1: entered promiscuous mode [ 478.349184][T24867] debugfs: 'hsr0' already exists in 'hsr' [ 478.387906][T24867] Cannot create hsr debugfs directory [ 479.293161][T25077] blktrace: Concurrent blktraces are not allowed on sda1 [ 479.563205][T25086] netlink: 'syz.2.9401': attribute type 11 has an invalid length. [ 479.831915][T21959] Bluetooth: hci4: command tx timeout [ 480.064563][T24867] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 480.151371][T24867] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 480.228874][T24867] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 480.278275][T24867] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 480.653834][T24867] 8021q: adding VLAN 0 to HW filter on device bond0 [ 480.756114][T24867] 8021q: adding VLAN 0 to HW filter on device team0 [ 480.817500][T22648] bridge0: port 1(bridge_slave_0) entered blocking state [ 480.824599][T22648] bridge0: port 1(bridge_slave_0) entered forwarding state [ 480.907425][T22053] bridge0: port 2(bridge_slave_1) entered blocking state [ 480.914562][T22053] bridge0: port 2(bridge_slave_1) entered forwarding state [ 480.992935][T24867] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 481.098807][T24867] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 481.690088][T24867] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 481.900341][T21959] Bluetooth: hci4: command tx timeout [ 481.911344][T24867] veth0_vlan: entered promiscuous mode [ 481.966272][T24867] veth1_vlan: entered promiscuous mode [ 482.089449][T24867] veth0_macvtap: entered promiscuous mode [ 482.140791][T24867] veth1_macvtap: entered promiscuous mode [ 482.195161][T24867] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 482.273505][T24867] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 482.356101][T22053] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 482.442294][T22053] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 482.495832][T22053] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 482.609848][T22053] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 482.837927][T22053] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 482.884526][T22053] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 482.995549][T21958] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 483.058350][T21958] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 483.200578][T24867] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 483.429434][T25244] FAULT_INJECTION: forcing a failure. [ 483.429434][T25244] name failslab, interval 1, probability 0, space 0, times 0 [ 483.495512][T25244] CPU: 0 UID: 0 PID: 25244 Comm: syz.0.9316 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 483.495556][T25244] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 483.495563][T25244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 483.495572][T25244] Call Trace: [ 483.495577][T25244] [ 483.495584][T25244] dump_stack_lvl+0x100/0x190 [ 483.495609][T25244] should_fail_ex.cold+0x5/0xa [ 483.495627][T25244] should_failslab+0xc2/0x120 [ 483.495651][T25244] __kmalloc_cache_noprof+0x7a/0x6f0 [ 483.495668][T25244] ? call_usermodehelper_setup+0xaf/0x360 [ 483.495692][T25244] ? __pfx_free_modprobe_argv+0x10/0x10 [ 483.495712][T25244] call_usermodehelper_setup+0xaf/0x360 [ 483.495736][T25244] __request_module+0x3c7/0x6c0 [ 483.495755][T25244] ? __pfx___request_module+0x10/0x10 [ 483.495790][T25244] ? find_held_lock+0x2b/0x80 [ 483.495813][T25244] ? inet_create+0xa72/0x1060 [ 483.495838][T25244] inet_create+0xd45/0x1060 [ 483.495858][T25244] ? inet_create+0x94/0x1060 [ 483.495882][T25244] __sock_create+0x339/0x860 [ 483.495905][T25244] __sys_socket+0x14d/0x260 [ 483.495926][T25244] ? __pfx___sys_socket+0x10/0x10 [ 483.495951][T25244] __x64_sys_socket+0x72/0xb0 [ 483.495970][T25244] ? lockdep_hardirqs_on+0x78/0x100 [ 483.495987][T25244] do_syscall_64+0x106/0xf80 [ 483.496003][T25244] ? clear_bhb_loop+0x40/0x90 [ 483.496022][T25244] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.496038][T25244] RIP: 0033:0x7f6c1579c629 [ 483.496051][T25244] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 483.496066][T25244] RSP: 002b:00007f6c1664b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 483.496081][T25244] RAX: ffffffffffffffda RBX: 00007f6c15a15fa0 RCX: 00007f6c1579c629 [ 483.496091][T25244] RDX: 0000000000000106 RSI: 0000000000000002 RDI: 0000000000000002 [ 483.496099][T25244] RBP: 00007f6c15832b39 R08: 0000000000000000 R09: 0000000000000000 [ 483.496108][T25244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 483.496117][T25244] R13: 00007f6c15a16038 R14: 00007f6c15a15fa0 R15: 00007ffcfe193818 [ 483.496136][T25244] [ 484.576353][T25289] nbd: must specify a size in bytes for the device [ 487.285332][T25393] netlink: Unknown conntrack attr (type=257, max=9) [ 487.675716][ T30] audit: type=1800 audit(4294967321.436:40): pid=25411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.9520" name="SYSV00000014" dev="hugetlbfs" ino=0 res=0 errno=0 [ 488.501616][T25450] ksmbd: Unknown IPC event: 14, ignore. [ 488.602955][T25453] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd12 [ 489.893178][T25514] FAULT_INJECTION: forcing a failure. [ 489.893178][T25514] name failslab, interval 1, probability 0, space 0, times 0 [ 489.940438][T25514] CPU: 0 UID: 0 PID: 25514 Comm: syz.0.9569 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 489.940470][T25514] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 489.940478][T25514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 489.940487][T25514] Call Trace: [ 489.940493][T25514] [ 489.940499][T25514] dump_stack_lvl+0x100/0x190 [ 489.940526][T25514] should_fail_ex.cold+0x5/0xa [ 489.940544][T25514] ? udpv6_init_sock+0x24e/0x450 [ 489.940569][T25514] should_failslab+0xc2/0x120 [ 489.940594][T25514] __kmalloc_noprof+0xe0/0x850 [ 489.940613][T25514] ? lockdep_init_map_type+0x5c/0x250 [ 489.940634][T25514] udpv6_init_sock+0x24e/0x450 [ 489.940656][T25514] ? __pfx_udpv6_init_sock+0x10/0x10 [ 489.940679][T25514] inet6_create+0xb21/0x12b0 [ 489.940697][T25514] ? inet6_create+0x7f/0x12b0 [ 489.940715][T25514] __sock_create+0x339/0x860 [ 489.940739][T25514] __sys_socket+0x14d/0x260 [ 489.940760][T25514] ? __pfx___sys_socket+0x10/0x10 [ 489.940785][T25514] __x64_sys_socket+0x72/0xb0 [ 489.940805][T25514] ? lockdep_hardirqs_on+0x78/0x100 [ 489.940822][T25514] do_syscall_64+0x106/0xf80 [ 489.940838][T25514] ? clear_bhb_loop+0x40/0x90 [ 489.940855][T25514] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 489.940870][T25514] RIP: 0033:0x7f6c1579c629 [ 489.940884][T25514] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 489.940898][T25514] RSP: 002b:00007f6c1664b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 489.940913][T25514] RAX: ffffffffffffffda RBX: 00007f6c15a15fa0 RCX: 00007f6c1579c629 [ 489.940923][T25514] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000a [ 489.940931][T25514] RBP: 00007f6c15832b39 R08: 0000000000000000 R09: 0000000000000000 [ 489.940940][T25514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 489.940948][T25514] R13: 00007f6c15a16038 R14: 00007f6c15a15fa0 R15: 00007ffcfe193818 [ 489.940967][T25514] [ 490.252133][T25521] phram: not enough arguments [ 490.591702][T25536] Format for linking two devices is "netnsfd_a:ifidx_a netnsfd_b:ifidx_b" (int uint int uint). [ 490.676504][T25540] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 490.947884][T25553] sd 0:0:1:0: PR command failed: 1026 [ 490.978137][T25553] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 491.002196][T25553] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 491.465406][T25576] netlink: 'syz.3.9598': attribute type 1 has an invalid length. [ 491.845006][T25594] netlink: 338 bytes leftover after parsing attributes in process `syz.1.9606'. [ 491.887282][T25597] netlink: 338 bytes leftover after parsing attributes in process `syz.1.9606'. [ 492.120468][T25607] netlink: 'syz.0.9613': attribute type 2 has an invalid length. [ 492.438861][T25619] rtc_cmos 00:00: Alarms can be up to one day in the future [ 493.263042][ T6253] rtc_cmos 00:00: Alarms can be up to one day in the future [ 493.289090][ T6253] rtc_cmos 00:00: Alarms can be up to one day in the future [ 493.332875][ T6253] rtc_cmos 00:00: Alarms can be up to one day in the future [ 493.371510][ T6253] rtc_cmos 00:00: Alarms can be up to one day in the future [ 493.412406][ T6253] rtc rtc0: __rtc_set_alarm: err=-22 [ 493.498085][T25656] netlink: 'syz.1.9634': attribute type 1 has an invalid length. [ 493.829811][T25677] netlink: 2 bytes leftover after parsing attributes in process `syz.0.9644'. [ 493.947452][T25680] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 494.344003][T25699] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9655'. [ 494.421177][T25701] netlink: 'syz.3.9656': attribute type 11 has an invalid length. [ 494.644496][ T30] audit: type=1800 audit(4294967328.452:41): pid=25710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.9660" name="dbroot" dev="configfs" ino=73040 res=0 errno=0 [ 495.379865][T25746] block nbd2: not configured, cannot reconfigure [ 495.782315][T25768] nbd: illegal input index -1073741824 [ 495.955219][T25776] netlink: 'syz.1.9693': attribute type 1 has an invalid length. [ 496.112324][T25783] nfsd: Unknown parameter '*' [ 497.636630][T25864] netlink: 'syz.3.9732': attribute type 1 has an invalid length. [ 498.405768][T25901] netlink: 'syz.0.9749': attribute type 11 has an invalid length. [ 498.986152][T25928] bond0: option arp_validate: invalid value (842) [ 499.271342][T25941] netlink: 'syz.1.9768': attribute type 2 has an invalid length. [ 499.570641][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 499.576950][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 500.651679][T26005] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 501.508894][T21959] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 501.989111][T26069] sctp: [Deprecated]: syz.2.9828 (pid 26069) Use of int in max_burst socket option deprecated. [ 501.989111][T26069] Use struct sctp_assoc_value instead [ 502.216142][T26080] __vm_enough_memory: pid: 26080, comm: syz.3.9833, bytes: 4398046511104 not enough memory for the allocation [ 502.239065][T26081] [U] ^@ [ 502.825011][T26111] netlink: 'syz.2.9846': attribute type 1 has an invalid length. [ 502.840708][T26113] input: 9%vJ,6/rk [ 502.840708][T26113] ltx b6>94Y#z as /devices/virtual/input/input40 [ 503.168997][T26128] nfs: Unknown parameter 'nl802154' [ 503.659599][T26155] openvswitch: netlink: IP tunnel dst address not specified [ 503.668537][T26157] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 504.133594][T26182] netlink: 'syz.0.9883': attribute type 11 has an invalid length. [ 504.161968][T26182] netlink: 'syz.0.9883': attribute type 11 has an invalid length. [ 504.203793][T26182] netlink: 'syz.0.9883': attribute type 11 has an invalid length. [ 504.228842][T26182] netlink: 'syz.0.9883': attribute type 11 has an invalid length. [ 504.701481][T26212] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 505.021478][T26217] program syz.3.9898 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 505.806500][T26259] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9918'. [ 507.059379][T26327] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 507.164177][T26331] netlink: 'syz.3.9955': attribute type 1 has an invalid length. [ 507.206171][T26331] netlink: 33 bytes leftover after parsing attributes in process `syz.3.9955'. [ 507.262199][T26338] program syz.1.9954 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 507.516619][T26346] ima: policy update failed [ 507.524464][ T30] audit: type=1802 audit(4294967341.389:42): pid=26346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.9961" res=0 errno=0 [ 508.783696][T26409] netlink: 346 bytes leftover after parsing attributes in process `syz.1.9990'. [ 510.640755][T26470] random: crng reseeded on system resumption [ 510.661623][T26477] binder: 26474:26477 ioctl c0306201 200000000000 returned -14 [ 511.360986][T26508] program syz.3.10034 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 511.406755][T21959] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 511.406779][T21959] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 511.425146][T21959] Bluetooth: hci2: Dropping invalid advertising data [ 511.432558][T21959] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 511.432577][T21959] Bluetooth: hci2: Dropping invalid advertising data [ 511.446704][T21959] Bluetooth: hci2: Malformed LE Event: 0x02 [ 511.910530][T26525] FAULT_INJECTION: forcing a failure. [ 511.910530][T26525] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 511.982126][T26525] CPU: 0 UID: 0 PID: 26525 Comm: syz.0.10041 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 511.982157][T26525] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 511.982164][T26525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 511.982172][T26525] Call Trace: [ 511.982178][T26525] [ 511.982184][T26525] dump_stack_lvl+0x100/0x190 [ 511.982209][T26525] should_fail_ex.cold+0x5/0xa [ 511.982227][T26525] core_sys_select+0x5d1/0xbb0 [ 511.982253][T26525] ? __pfx_core_sys_select+0x10/0x10 [ 511.982294][T26525] ? ktime_get_ts64+0x2d2/0x3f0 [ 511.982310][T26525] ? read_tsc+0x9/0x20 [ 511.982325][T26525] ? ktime_get_ts64+0x256/0x3f0 [ 511.982341][T26525] kern_select+0x20c/0x270 [ 511.982364][T26525] ? __pfx_kern_select+0x10/0x10 [ 511.982391][T26525] __x64_sys_select+0xbd/0x160 [ 511.982410][T26525] ? do_syscall_64+0x95/0xf80 [ 511.982427][T26525] ? lockdep_hardirqs_on+0x78/0x100 [ 511.982443][T26525] do_syscall_64+0x106/0xf80 [ 511.982458][T26525] ? clear_bhb_loop+0x40/0x90 [ 511.982476][T26525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 511.982491][T26525] RIP: 0033:0x7f6c1579c629 [ 511.982504][T26525] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 511.982519][T26525] RSP: 002b:00007f6c1664b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 511.982533][T26525] RAX: ffffffffffffffda RBX: 00007f6c15a15fa0 RCX: 00007f6c1579c629 [ 511.982543][T26525] RDX: 0000200000000180 RSI: 0000000000000000 RDI: 0000000000000003 [ 511.982551][T26525] RBP: 00007f6c15832b39 R08: 00002000000000c0 R09: 0000000000000000 [ 511.982560][T26525] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000000 [ 511.982569][T26525] R13: 00007f6c15a16038 R14: 00007f6c15a15fa0 R15: 00007ffcfe193818 [ 511.982588][T26525] [ 512.550542][T26530] delete_channel: no stack [ 512.594543][T26533] sd 0:0:1:0: PR command failed: 1026 [ 512.606525][T26533] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 512.644976][T26533] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 513.431259][T26559] sg_write: process 4787 (syz.2.10057) changed security contexts after opening file descriptor, this is not allowed. [ 513.519789][T26563] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10059'. [ 513.631769][T26565] openvswitch: netlink: Duplicate key (type 15). [ 514.362718][T26598] netlink: ct family unspecified [ 514.603171][T26606] FAULT_INJECTION: forcing a failure. [ 514.603171][T26606] name failslab, interval 1, probability 0, space 0, times 0 [ 514.655548][T26606] CPU: 0 UID: 0 PID: 26606 Comm: syz.2.10078 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 514.655580][T26606] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 514.655587][T26606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 514.655597][T26606] Call Trace: [ 514.655602][T26606] [ 514.655608][T26606] dump_stack_lvl+0x100/0x190 [ 514.655634][T26606] should_fail_ex.cold+0x5/0xa [ 514.655652][T26606] should_failslab+0xc2/0x120 [ 514.655676][T26606] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 514.655696][T26606] ? alloc_empty_file+0x55/0x1c0 [ 514.655717][T26606] alloc_empty_file+0x55/0x1c0 [ 514.655734][T26606] alloc_file_pseudo+0x13a/0x230 [ 514.655751][T26606] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 514.655767][T26606] ? security_inode_init_security_anon+0x7b/0x230 [ 514.655802][T26606] __anon_inode_getfile+0xe8/0x280 [ 514.655821][T26606] new_userfaultfd+0x255/0x400 [ 514.655843][T26606] __x64_sys_userfaultfd+0x4b/0xb0 [ 514.655865][T26606] do_syscall_64+0x106/0xf80 [ 514.655881][T26606] ? clear_bhb_loop+0x40/0x90 [ 514.655898][T26606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 514.655913][T26606] RIP: 0033:0x7f6b9899c629 [ 514.655926][T26606] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 514.655940][T26606] RSP: 002b:00007f6b998ca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 514.655955][T26606] RAX: ffffffffffffffda RBX: 00007f6b98c15fa0 RCX: 00007f6b9899c629 [ 514.655965][T26606] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 514.655973][T26606] RBP: 00007f6b98a32b39 R08: 0000000000000000 R09: 0000000000000000 [ 514.655981][T26606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 514.656021][T26606] R13: 00007f6b98c16038 R14: 00007f6b98c15fa0 R15: 00007fffe13d8118 [ 514.656042][T26606] [ 515.988676][T26654] netlink: zone id is out of range [ 516.012286][T26654] netlink: zone id is out of range [ 516.330467][T26670] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 517.189503][T21959] Bluetooth: hci4: unexpected event 0x3e length: 508 > 260 [ 517.189527][T21959] Bluetooth: hci4: unexpected subevent 0x02 length: 507 > 260 [ 517.204421][T21959] Bluetooth: hci4: Dropping invalid advertising data [ 517.211607][T21959] Bluetooth: hci4: unknown advertising packet type: 0xe9 [ 517.211626][T21959] Bluetooth: hci4: Dropping invalid advertising data [ 517.229150][T21959] Bluetooth: hci4: Malformed LE Event: 0x02 [ 518.107388][T26720] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 518.131594][T26720] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 518.208861][T26720] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 518.231203][T26720] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 518.269172][T26743] delete_channel: no stack [ 518.287156][T26720] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 518.322065][T26720] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 518.412578][T26720] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 518.739850][T26763] netlink: del zone limit has 8 unknown bytes [ 518.799651][T26766] perf: Dynamic interrupt throttling disabled, can hang your system! [ 519.544175][T21959] Bluetooth: hci1: command 0x0406 tx timeout [ 519.792528][T26815] sd 0:0:1:0: PR command failed: 1026 [ 519.814176][T26815] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 519.840727][T26815] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 520.260706][T21959] Bluetooth: hci3: command 0x2016 tx timeout [ 520.341699][T21959] Bluetooth: hci4: command 0x0c1a tx timeout [ 521.279198][T26890] FAULT_INJECTION: forcing a failure. [ 521.279198][T26890] name failslab, interval 1, probability 0, space 0, times 0 [ 521.325769][T26890] CPU: 0 UID: 0 PID: 26890 Comm: syz.0.10214 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 521.325799][T26890] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 521.325806][T26890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 521.325815][T26890] Call Trace: [ 521.325820][T26890] [ 521.325826][T26890] dump_stack_lvl+0x100/0x190 [ 521.325852][T26890] should_fail_ex.cold+0x5/0xa [ 521.325869][T26890] should_failslab+0xc2/0x120 [ 521.325893][T26890] __kmalloc_cache_noprof+0x7a/0x6f0 [ 521.325911][T26890] ? alloc_fdtable+0xbd/0x2d0 [ 521.325931][T26890] ? find_held_lock+0x2b/0x80 [ 521.325952][T26890] ? dup_fd+0x924/0xd10 [ 521.325975][T26890] alloc_fdtable+0xbd/0x2d0 [ 521.325996][T26890] dup_fd+0x995/0xd10 [ 521.326019][T26890] ? apparmor_task_alloc+0x2c1/0x3b0 [ 521.326040][T26890] copy_process+0x2631/0x7a10 [ 521.326056][T26890] ? preempt_schedule_thunk+0x16/0x30 [ 521.326081][T26890] ? __pfx_copy_process+0x10/0x10 [ 521.326097][T26890] ? find_held_lock+0x2b/0x80 [ 521.326121][T26890] ? futex_private_hash_put+0x107/0x1c0 [ 521.326141][T26890] kernel_clone+0xfc/0x9a0 [ 521.326158][T26890] ? __pfx_kernel_clone+0x10/0x10 [ 521.326184][T26890] __do_sys_clone+0xd9/0x120 [ 521.326200][T26890] ? __pfx___do_sys_clone+0x10/0x10 [ 521.326231][T26890] do_syscall_64+0x106/0xf80 [ 521.326247][T26890] ? clear_bhb_loop+0x40/0x90 [ 521.326264][T26890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 521.326279][T26890] RIP: 0033:0x7f6c1579c629 [ 521.326292][T26890] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 521.326306][T26890] RSP: 002b:00007f6c1664afd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 521.326320][T26890] RAX: ffffffffffffffda RBX: 00007f6c15a15fa0 RCX: 00007f6c1579c629 [ 521.326330][T26890] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 521.326338][T26890] RBP: 00007f6c15832b39 R08: 0000000000000000 R09: 0000000000000000 [ 521.326347][T26890] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 521.326355][T26890] R13: 00007f6c15a16038 R14: 00007f6c15a15fa0 R15: 00007ffcfe193818 [ 521.326374][T26890] [ 521.574075][T26858] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 521.580092][T26858] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 521.586120][T26858] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 521.592206][T26858] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 522.083574][T26912] netlink: 'syz.1.10216': attribute type 3 has an invalid length. [ 522.894432][T26950] netlink: 'syz.3.10241': attribute type 1 has an invalid length. [ 523.009175][T26955] netlink: 'syz.3.10243': attribute type 1 has an invalid length. [ 523.083548][T26927] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 523.106878][T26927] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 523.133119][T26927] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 523.141567][T26961] FAULT_INJECTION: forcing a failure. [ 523.141567][T26961] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 523.161775][T26927] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 523.197393][T26961] CPU: 0 UID: 0 PID: 26961 Comm: syz.1.10247 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 523.197422][T26961] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 523.197429][T26961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 523.197439][T26961] Call Trace: [ 523.197444][T26961] [ 523.197451][T26961] dump_stack_lvl+0x100/0x190 [ 523.197476][T26961] should_fail_ex.cold+0x5/0xa [ 523.197493][T26961] core_sys_select+0x9b9/0xbb0 [ 523.197520][T26961] ? __pfx_core_sys_select+0x10/0x10 [ 523.197567][T26961] ? ktime_get_ts64+0x2d2/0x3f0 [ 523.197584][T26961] ? read_tsc+0x9/0x20 [ 523.197600][T26961] ? ktime_get_ts64+0x256/0x3f0 [ 523.197618][T26961] kern_select+0x20c/0x270 [ 523.197641][T26961] ? __pfx_kern_select+0x10/0x10 [ 523.197668][T26961] __x64_sys_select+0xbd/0x160 [ 523.197690][T26961] ? do_syscall_64+0x95/0xf80 [ 523.197706][T26961] ? lockdep_hardirqs_on+0x78/0x100 [ 523.197722][T26961] do_syscall_64+0x106/0xf80 [ 523.197737][T26961] ? clear_bhb_loop+0x40/0x90 [ 523.197754][T26961] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 523.197770][T26961] RIP: 0033:0x7f8dfe59c629 [ 523.197782][T26961] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 523.197797][T26961] RSP: 002b:00007f8dff373028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 523.197812][T26961] RAX: ffffffffffffffda RBX: 00007f8dfe815fa0 RCX: 00007f8dfe59c629 [ 523.197822][T26961] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 523.197831][T26961] RBP: 00007f8dfe632b39 R08: 00002000000001c0 R09: 0000000000000000 [ 523.197840][T26961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 523.197848][T26961] R13: 00007f8dfe816038 R14: 00007f8dfe815fa0 R15: 00007fffa610a268 [ 523.197867][T26961] [ 523.729333][T26976] FAULT_INJECTION: forcing a failure. [ 523.729333][T26976] name failslab, interval 1, probability 0, space 0, times 0 [ 523.778479][T26976] CPU: 0 UID: 0 PID: 26976 Comm: syz.0.10253 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 523.778509][T26976] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 523.778516][T26976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 523.778526][T26976] Call Trace: [ 523.778531][T26976] [ 523.778537][T26976] dump_stack_lvl+0x100/0x190 [ 523.778563][T26976] should_fail_ex.cold+0x5/0xa [ 523.778580][T26976] should_failslab+0xc2/0x120 [ 523.778603][T26976] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 523.778624][T26976] ? security_file_alloc+0x34/0x2c0 [ 523.778646][T26976] ? trace_kmem_cache_alloc+0xf3/0x120 [ 523.778663][T26976] security_file_alloc+0x34/0x2c0 [ 523.778686][T26976] init_file+0x95/0x480 [ 523.778702][T26976] alloc_empty_file+0x73/0x1c0 [ 523.778718][T26976] alloc_file_pseudo+0x13a/0x230 [ 523.778735][T26976] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 523.778751][T26976] ? security_inode_init_security_anon+0x7b/0x230 [ 523.778776][T26976] __do_sys_memfd_secret+0x11d/0x3d0 [ 523.778799][T26976] do_syscall_64+0x106/0xf80 [ 523.778815][T26976] ? clear_bhb_loop+0x40/0x90 [ 523.778832][T26976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 523.778855][T26976] RIP: 0033:0x7f6c1579c629 [ 523.778869][T26976] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 523.778883][T26976] RSP: 002b:00007f6c1664b028 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 523.778898][T26976] RAX: ffffffffffffffda RBX: 00007f6c15a15fa0 RCX: 00007f6c1579c629 [ 523.778909][T26976] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 523.778917][T26976] RBP: 00007f6c15832b39 R08: 0000000000000000 R09: 0000000000000000 [ 523.778926][T26976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 523.778935][T26976] R13: 00007f6c15a16038 R14: 00007f6c15a15fa0 R15: 00007ffcfe193818 [ 523.778953][T26976] [ 524.503427][ T30] audit: type=1326 audit(4294967358.438:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26986 comm="syz.1.10259" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8dfe59c629 code=0x0 [ 524.547967][T22064] Bluetooth: hci2: command 0x2016 tx timeout [ 524.937872][T27006] netlink: set zone limit has 8 unknown bytes [ 525.117042][T22064] Bluetooth: hci1: command 0x0406 tx timeout [ 525.194658][T22064] Bluetooth: hci4: command 0x0c1a tx timeout [ 525.200732][T21959] Bluetooth: hci3: command 0x2016 tx timeout [ 525.585285][T27027] openvswitch: netlink: VXLAN extension message has 1 unknown bytes. [ 525.891185][T27041] netlink: zone id is out of range [ 525.909737][T27041] netlink: zone id is out of range [ 525.929464][T27041] netlink: zone id is out of range [ 525.946123][T27041] netlink: zone id is out of range [ 525.961560][T27041] netlink: zone id is out of range [ 525.979354][T27041] netlink: zone id is out of range [ 526.003756][T27041] netlink: zone id is out of range [ 526.019031][T27041] netlink: zone id is out of range [ 527.263525][T22064] Bluetooth: hci4: command 0x0c1a tx timeout [ 528.034931][T27121] &#$@\]\-: entered promiscuous mode [ 532.087616][T27282] netlink: 12 bytes leftover after parsing attributes in process `syz.3.10396'. [ 532.923285][T27322] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 532.941661][T27324] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 533.432862][T27348] CIFS mount error: No usable UNC path provided in device string! [ 533.432862][T27348] [ 533.432879][T27348] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 534.251511][T27385] net_ratelimit: 50 callbacks suppressed [ 534.251526][T27385] openvswitch: netlink: Geneve option length err (len 256, max 255). [ 534.527150][T27397] netlink: 'syz.0.10453': attribute type 1 has an invalid length. [ 534.804763][T27409] openvswitch: netlink: Duplicate or invalid key (type 0). [ 536.964353][T22064] Bluetooth: hci3: unexpected subevent 0x18 length: 123 > 19 [ 536.971774][T22064] Bluetooth: hci3: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 537.126518][T27505] netlink: 206 bytes leftover after parsing attributes in process `syz.3.10505'. [ 537.427442][T27514] openvswitch: netlink: IP tunnel dst address not specified [ 537.590454][T27521] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 541.510915][T27677] netlink: 'syz.0.10589': attribute type 1 has an invalid length. [ 542.731333][T27726] netlink: 'syz.0.10612': attribute type 1 has an invalid length. [ 543.500824][T27752] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 543.650985][T27756] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek [ 551.858025][T28067] dump_stack_lvl+0x100/0x190 [ 551.858051][T28067] should_fail_ex.cold+0x5/0xa [ 551.858069][T28067] _copy_to_user+0x32/0xd0 [ 551.858092][T28067] put_timespec64+0xb5/0x130 [ 551.858108][T28067] ? __pfx_put_timespec64+0x10/0x10 [ 551.858122][T28067] ? lockdep_hardirqs_on+0x78/0x100 [ 551.858139][T28067] ? read_tsc+0x9/0x20 [ 551.858153][T28067] ? ktime_get_ts64+0x256/0x3f0 [ 551.858168][T28067] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 551.858192][T28067] poll_select_finish+0x54b/0x670 [ 551.858214][T28067] ? __pfx_poll_select_finish+0x10/0x10 [ 551.858233][T28067] ? timespec64_add_safe+0x192/0x220 [ 551.858249][T28067] ? __pfx_timespec64_add_safe+0x10/0x10 [ 551.858264][T28067] ? set_user_sigmask+0x1e1/0x270 [ 551.858285][T28067] ? __pfx_set_user_sigmask+0x10/0x10 [ 551.858307][T28067] ? read_tsc+0x9/0x20 [ 551.858321][T28067] ? ktime_get_ts64+0x256/0x3f0 [ 551.858338][T28067] __x64_sys_ppoll+0x2c7/0x350 [ 551.858362][T28067] ? __pfx___x64_sys_ppoll+0x10/0x10 [ 551.858390][T28067] do_syscall_64+0x106/0xf80 [ 551.858405][T28067] ? clear_bhb_loop+0x40/0x90 [ 551.858422][T28067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 551.858437][T28067] RIP: 0033:0x7f330f39c629 [ 551.858451][T28067] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 551.858464][T28067] RSP: 002b:00007f331022b028 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 551.858479][T28067] RAX: ffffffffffffffda RBX: 00007f330f615fa0 RCX: 00007f330f39c629 [ 551.858488][T28067] RDX: 0000200000003640 RSI: 00000000000000d6 RDI: 0000200000003600 [ 551.858497][T28067] RBP: 00007f330f432b39 R08: 0000000000000008 R09: 0000000000000000 [ 551.858506][T28067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 551.858514][T28067] R13: 00007f330f616038 R14: 00007f330f615fa0 R15: 00007ffda4b5b8b8 [ 551.858541][T28067] [ 552.653370][T28083] netlink: NAT attribute type 6 has unexpected length (4 != 2) [ 554.156952][T28135] FAULT_INJECTION: forcing a failure. [ 554.156952][T28135] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 554.218899][T28135] CPU: 0 UID: 0 PID: 28135 Comm: syz.3.10810 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 554.218930][T28135] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 554.218937][T28135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 554.218946][T28135] Call Trace: [ 554.218951][T28135] [ 554.218958][T28135] dump_stack_lvl+0x100/0x190 [ 554.218984][T28135] should_fail_ex.cold+0x5/0xa [ 554.219002][T28135] core_sys_select+0x938/0xbb0 [ 554.219029][T28135] ? __pfx_core_sys_select+0x10/0x10 [ 554.219070][T28135] ? ktime_get_ts64+0x2d2/0x3f0 [ 554.219087][T28135] ? read_tsc+0x9/0x20 [ 554.219102][T28135] ? ktime_get_ts64+0x256/0x3f0 [ 554.219118][T28135] kern_select+0x20c/0x270 [ 554.219140][T28135] ? __pfx_kern_select+0x10/0x10 [ 554.219167][T28135] __x64_sys_select+0xbd/0x160 [ 554.219187][T28135] ? do_syscall_64+0x95/0xf80 [ 554.219203][T28135] ? lockdep_hardirqs_on+0x78/0x100 [ 554.219219][T28135] do_syscall_64+0x106/0xf80 [ 554.219234][T28135] ? clear_bhb_loop+0x40/0x90 [ 554.219251][T28135] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 554.219266][T28135] RIP: 0033:0x7f330f39c629 [ 554.219280][T28135] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 554.219303][T28135] RSP: 002b:00007f331022b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 554.219318][T28135] RAX: ffffffffffffffda RBX: 00007f330f615fa0 RCX: 00007f330f39c629 [ 554.219329][T28135] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 554.219338][T28135] RBP: 00007f330f432b39 R08: 00002000000001c0 R09: 0000000000000000 [ 554.219347][T28135] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000 [ 554.219357][T28135] R13: 00007f330f616038 R14: 00007f330f615fa0 R15: 00007ffda4b5b8b8 [ 554.219376][T28135] [ 554.645439][T28152] binder: 28150:28152 ioctl c0046209 9 returned -22 [ 554.699046][T28157] openvswitch: netlink: IP tunnel dst address not specified [ 555.189122][T28177] netlink: 'syz.1.10827': attribute type 1 has an invalid length. [ 557.130825][T28258] MTRR 1 not used [ 557.696930][T28270] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10871'. [ 559.202281][T28332] netlink: 'syz.3.10901': attribute type 3 has an invalid length. [ 559.694323][T28355] netlink: get zone limit has 8 unknown bytes [ 560.049254][T28371] openvswitch: netlink: Flow actions attr not present in new flow. [ 560.699886][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 560.706190][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 561.578159][T28419] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 562.521050][T28459] tipc: Started in network mode [ 562.525916][T28459] tipc: Node identity ffffffff, cluster identity 4711 [ 562.573604][T28459] tipc: Node number set to 4294967295 [ 565.178603][T28542] netlink: 28 bytes leftover after parsing attributes in process `syz.0.11001'. [ 565.240871][T28542] netlink: 29 bytes leftover after parsing attributes in process `syz.0.11001'. [ 566.454018][T28572] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 566.657205][T28576] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 567.167577][T28592] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44 [ 567.465975][T28602] dlm: non-version read from control device 255 [ 568.221452][T28628] FAULT_INJECTION: forcing a failure. [ 568.221452][T28628] name failslab, interval 1, probability 0, space 0, times 0 [ 568.279269][T28628] CPU: 0 UID: 0 PID: 28628 Comm: syz.3.11044 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 568.279299][T28628] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 568.279306][T28628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 568.279316][T28628] Call Trace: [ 568.279322][T28628] [ 568.279328][T28628] dump_stack_lvl+0x100/0x190 [ 568.279354][T28628] should_fail_ex.cold+0x5/0xa [ 568.279372][T28628] should_failslab+0xc2/0x120 [ 568.279395][T28628] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 568.279416][T28628] ? __d_alloc+0x34/0xa80 [ 568.279435][T28628] __d_alloc+0x34/0xa80 [ 568.279448][T28628] ? new_inode+0x15a/0x1c0 [ 568.279466][T28628] d_alloc_pseudo+0x1c/0xc0 [ 568.279484][T28628] alloc_file_pseudo+0xcf/0x230 [ 568.279502][T28628] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 568.279520][T28628] ? hugetlbfs_get_inode+0x36e/0x750 [ 568.279545][T28628] hugetlb_file_setup+0x2a8/0x5b0 [ 568.279561][T28628] ksys_mmap_pgoff+0x232/0x650 [ 568.279583][T28628] ? __UNIQUE_ID_modinfo_710+0x63e1a92f/0xffffffffffeca22f [ 568.279604][T28628] ? __x64_sys_futex+0x358/0x4d0 [ 568.279623][T28628] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 568.279647][T28628] ? xfd_validate_state+0x129/0x190 [ 568.279670][T28628] __x64_sys_mmap+0x125/0x190 [ 568.279691][T28628] ? __UNIQUE_ID_modinfo_710+0x63e1a92f/0xffffffffffeca22f [ 568.279713][T28628] do_syscall_64+0x106/0xf80 [ 568.279728][T28628] ? clear_bhb_loop+0x40/0x90 [ 568.279746][T28628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.279761][T28628] RIP: 0033:0x7f330f39c629 [ 568.279775][T28628] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 568.279789][T28628] RSP: 002b:00007f331022b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 568.279812][T28628] RAX: ffffffffffffffda RBX: 00007f330f615fa0 RCX: 00007f330f39c629 [ 568.279822][T28628] RDX: 0000000000000002 RSI: 0000000000000005 RDI: ffffffffff600700 [ 568.279832][T28628] RBP: 00007f330f432b39 R08: 0000000000000401 R09: 0000300000000000 [ 568.279842][T28628] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 568.279852][T28628] R13: 00007f330f616038 R14: 00007f330f615fa0 R15: 00007ffda4b5b8b8 [ 568.279868][T28628] ? __UNIQUE_ID_modinfo_710+0x63e1a92f/0xffffffffffeca22f [ 568.279891][T28628] [ 568.770247][T28629] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 570.192983][T28688] netlink: 'syz.2.11072': attribute type 1 has an invalid length. [ 571.075020][T28736] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 571.686319][T28759] bond0: invalid ARP target specified [ 573.006991][T28813] FAULT_INJECTION: forcing a failure. [ 573.006991][T28813] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 573.058722][T28813] CPU: 0 UID: 0 PID: 28813 Comm: syz.0.11132 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 573.058753][T28813] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 573.058760][T28813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 573.058770][T28813] Call Trace: [ 573.058775][T28813] [ 573.058781][T28813] dump_stack_lvl+0x100/0x190 [ 573.058807][T28813] should_fail_ex.cold+0x5/0xa [ 573.058821][T28813] ? prepare_alloc_pages+0x16d/0x5f0 [ 573.058839][T28813] should_fail_alloc_page+0xeb/0x140 [ 573.058863][T28813] prepare_alloc_pages+0x1f0/0x5f0 [ 573.058881][T28813] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 573.058902][T28813] ? __pfx_css_rstat_updated+0x10/0x10 [ 573.058919][T28813] ? lock_acquire+0x1cf/0x380 [ 573.058940][T28813] ? rcu_is_watching+0x12/0xc0 [ 573.058960][T28813] ? mod_memcg_lruvec_state+0x1a6/0x630 [ 573.058981][T28813] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 573.059000][T28813] ? rcu_read_unlock+0x17/0x60 [ 573.059021][T28813] ? folio_remove_rmap_pmd+0x69c/0xed0 [ 573.059042][T28813] ? split_huge_pmd_locked+0x3ba/0x3cf0 [ 573.059060][T28813] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 573.059084][T28813] ? policy_nodemask+0xed/0x4f0 [ 573.059108][T28813] alloc_pages_mpol+0x1fb/0x550 [ 573.059131][T28813] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 573.059153][T28813] ? __split_huge_pmd+0x203/0x350 [ 573.059169][T28813] ? __split_huge_pmd+0x203/0x350 [ 573.059190][T28813] alloc_pages_noprof+0x131/0x390 [ 573.059214][T28813] pte_alloc_one+0x1e/0x3e0 [ 573.059230][T28813] __pte_alloc+0x6d/0x3f0 [ 573.059252][T28813] ? __pfx___pte_alloc+0x10/0x10 [ 573.059274][T28813] ? _raw_spin_unlock+0x28/0x50 [ 573.059287][T28813] ? __pmd_alloc+0x6aa/0x9c0 [ 573.059304][T28813] move_page_tables+0x257e/0x4500 [ 573.059334][T28813] ? __pfx_copy_vma+0x10/0x10 [ 573.059360][T28813] ? __pfx_move_page_tables+0x10/0x10 [ 573.059391][T28813] ? finish_task_switch.isra.0+0x200/0xb80 [ 573.059409][T28813] copy_vma_and_data+0x25c/0x7c0 [ 573.059431][T28813] ? __pfx_copy_vma_and_data+0x10/0x10 [ 573.059458][T28813] ? __vma_start_write+0x17f/0x280 [ 573.059475][T28813] ? __pfx___vma_start_write+0x10/0x10 [ 573.059497][T28813] move_vma+0x51b/0x1890 [ 573.059519][T28813] ? __pfx_move_vma+0x10/0x10 [ 573.059539][T28813] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 573.059555][T28813] ? cap_mmap_addr+0x4b/0x120 [ 573.059573][T28813] ? bpf_lsm_mmap_addr+0x9/0x30 [ 573.059592][T28813] ? security_mmap_addr+0x71/0x1e0 [ 573.059616][T28813] ? __get_unmapped_area+0x255/0x3e0 [ 573.059633][T28813] ? vrm_set_new_addr+0x204/0x290 [ 573.059653][T28813] mremap_to+0x1b7/0x450 [ 573.059673][T28813] do_mremap+0xb76/0x2130 [ 573.059700][T28813] ? __pfx_do_mremap+0x10/0x10 [ 573.059722][T28813] ? ksys_write+0x190/0x250 [ 573.059748][T28813] __do_sys_mremap+0x126/0x170 [ 573.059767][T28813] ? __pfx___do_sys_mremap+0x10/0x10 [ 573.059791][T28813] ? __x64_sys_futex+0x34f/0x4d0 [ 573.059820][T28813] do_syscall_64+0x106/0xf80 [ 573.059836][T28813] ? clear_bhb_loop+0x40/0x90 [ 573.059854][T28813] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.059869][T28813] RIP: 0033:0x7f6c1579c629 [ 573.059883][T28813] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 573.059897][T28813] RSP: 002b:00007f6c1664b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 573.059912][T28813] RAX: ffffffffffffffda RBX: 00007f6c15a15fa0 RCX: 00007f6c1579c629 [ 573.059922][T28813] RDX: 0000000000000013 RSI: 0000000000000004 RDI: 0000200000000000 [ 573.059931][T28813] RBP: 00007f6c15832b39 R08: 0000000100000000 R09: 0000000000000000 [ 573.059940][T28813] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 573.059949][T28813] R13: 00007f6c15a16038 R14: 00007f6c15a15fa0 R15: 00007ffcfe193818 [ 573.059969][T28813] [ 575.546305][T28892] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 575.604915][T28896] FAULT_INJECTION: forcing a failure. [ 575.604915][T28896] name failslab, interval 1, probability 0, space 0, times 0 [ 575.665637][T28896] CPU: 0 UID: 0 PID: 28896 Comm: syz.0.11171 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 575.665668][T28896] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 575.665675][T28896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 575.665684][T28896] Call Trace: [ 575.665690][T28896] [ 575.665695][T28896] dump_stack_lvl+0x100/0x190 [ 575.665722][T28896] should_fail_ex.cold+0x5/0xa [ 575.665740][T28896] should_failslab+0xc2/0x120 [ 575.665771][T28896] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 575.665798][T28896] ? kstrdup_const+0x63/0x80 [ 575.665823][T28896] kstrdup+0x51/0xe0 [ 575.665846][T28896] kstrdup_const+0x63/0x80 [ 575.665867][T28896] alloc_vfsmnt+0xe5/0x6a0 [ 575.665884][T28896] ? __pfx___might_resched+0x10/0x10 [ 575.665905][T28896] clone_mnt+0x4b/0x930 [ 575.665926][T28896] copy_tree+0xfc/0xbf0 [ 575.665943][T28896] ? __pfx_down_write+0x10/0x10 [ 575.665967][T28896] copy_mnt_ns+0x2bd/0xc30 [ 575.665983][T28896] ? create_new_namespaces+0x30/0xac0 [ 575.666005][T28896] ? rcu_is_watching+0x12/0xc0 [ 575.666029][T28896] create_new_namespaces+0xd3/0xac0 [ 575.666045][T28896] ? bpf_lsm_capable+0x9/0x10 [ 575.666058][T28896] ? security_capable+0x80/0x260 [ 575.666079][T28896] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 575.666096][T28896] ksys_unshare+0x455/0xab0 [ 575.666115][T28896] ? __pfx_ksys_unshare+0x10/0x10 [ 575.666140][T28896] __x64_sys_unshare+0x31/0x40 [ 575.666158][T28896] do_syscall_64+0x106/0xf80 [ 575.666173][T28896] ? clear_bhb_loop+0x40/0x90 [ 575.666191][T28896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.666206][T28896] RIP: 0033:0x7f6c1579c629 [ 575.666220][T28896] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 575.666234][T28896] RSP: 002b:00007f6c1664b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 575.666248][T28896] RAX: ffffffffffffffda RBX: 00007f6c15a15fa0 RCX: 00007f6c1579c629 [ 575.666258][T28896] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 575.666266][T28896] RBP: 00007f6c15832b39 R08: 0000000000000000 R09: 0000000000000000 [ 575.666274][T28896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 575.666283][T28896] R13: 00007f6c15a16038 R14: 00007f6c15a15fa0 R15: 00007ffcfe193818 [ 575.666302][T28896] [ 576.565609][T28935] FAULT_INJECTION: forcing a failure. [ 576.565609][T28935] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 576.633265][T28935] CPU: 0 UID: 0 PID: 28935 Comm: syz.2.11192 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 576.633297][T28935] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 576.633304][T28935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 576.633313][T28935] Call Trace: [ 576.633319][T28935] [ 576.633325][T28935] dump_stack_lvl+0x100/0x190 [ 576.633352][T28935] should_fail_ex.cold+0x5/0xa [ 576.633367][T28935] ? prepare_alloc_pages+0x16d/0x5f0 [ 576.633384][T28935] should_fail_alloc_page+0xeb/0x140 [ 576.633408][T28935] prepare_alloc_pages+0x1f0/0x5f0 [ 576.633428][T28935] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 576.633449][T28935] ? __pfx_css_rstat_updated+0x10/0x10 [ 576.633466][T28935] ? lock_acquire+0x1cf/0x380 [ 576.633487][T28935] ? rcu_is_watching+0x12/0xc0 [ 576.633507][T28935] ? mod_memcg_lruvec_state+0x1a6/0x630 [ 576.633527][T28935] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 576.633547][T28935] ? rcu_read_unlock+0x17/0x60 [ 576.633568][T28935] ? folio_remove_rmap_pmd+0x69c/0xed0 [ 576.633589][T28935] ? split_huge_pmd_locked+0x3ba/0x3cf0 [ 576.633606][T28935] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 576.633630][T28935] ? policy_nodemask+0xed/0x4f0 [ 576.633654][T28935] alloc_pages_mpol+0x1fb/0x550 [ 576.633678][T28935] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 576.633699][T28935] ? __split_huge_pmd+0x203/0x350 [ 576.633716][T28935] ? __split_huge_pmd+0x203/0x350 [ 576.633737][T28935] alloc_pages_noprof+0x131/0x390 [ 576.633760][T28935] pte_alloc_one+0x1e/0x3e0 [ 576.633776][T28935] __pte_alloc+0x6d/0x3f0 [ 576.633799][T28935] ? __pfx___pte_alloc+0x10/0x10 [ 576.633821][T28935] ? _raw_spin_unlock+0x28/0x50 [ 576.633835][T28935] ? __pmd_alloc+0x6aa/0x9c0 [ 576.633851][T28935] move_page_tables+0x257e/0x4500 [ 576.633871][T28935] ? __pfx_copy_vma+0x10/0x10 [ 576.633897][T28935] ? __pfx_move_page_tables+0x10/0x10 [ 576.633936][T28935] ? finish_task_switch.isra.0+0x200/0xb80 [ 576.633955][T28935] copy_vma_and_data+0x25c/0x7c0 [ 576.633978][T28935] ? __pfx_copy_vma_and_data+0x10/0x10 [ 576.634006][T28935] ? __vma_start_write+0x17f/0x280 [ 576.634024][T28935] ? __pfx___vma_start_write+0x10/0x10 [ 576.634047][T28935] move_vma+0x51b/0x1890 [ 576.634069][T28935] ? __pfx_move_vma+0x10/0x10 [ 576.634090][T28935] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 576.634105][T28935] ? cap_mmap_addr+0x4b/0x120 [ 576.634123][T28935] ? bpf_lsm_mmap_addr+0x9/0x30 [ 576.634143][T28935] ? security_mmap_addr+0x71/0x1e0 [ 576.634166][T28935] ? __get_unmapped_area+0x255/0x3e0 [ 576.634183][T28935] ? vrm_set_new_addr+0x204/0x290 [ 576.634204][T28935] mremap_to+0x1b7/0x450 [ 576.634223][T28935] do_mremap+0xb76/0x2130 [ 576.634250][T28935] ? __pfx_do_mremap+0x10/0x10 [ 576.634273][T28935] ? ksys_write+0x190/0x250 [ 576.634298][T28935] __do_sys_mremap+0x126/0x170 [ 576.634318][T28935] ? __pfx___do_sys_mremap+0x10/0x10 [ 576.634342][T28935] ? __x64_sys_futex+0x34f/0x4d0 [ 576.634371][T28935] do_syscall_64+0x106/0xf80 [ 576.634386][T28935] ? clear_bhb_loop+0x40/0x90 [ 576.634404][T28935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.634419][T28935] RIP: 0033:0x7f6b9899c629 [ 576.634433][T28935] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 576.634447][T28935] RSP: 002b:00007f6b998ca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 576.634462][T28935] RAX: ffffffffffffffda RBX: 00007f6b98c15fa0 RCX: 00007f6b9899c629 [ 576.634472][T28935] RDX: 0000000000000013 RSI: 0000000000000004 RDI: 0000200000000000 [ 576.634481][T28935] RBP: 00007f6b98a32b39 R08: 0000000100000000 R09: 0000000000000000 [ 576.634490][T28935] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 576.634499][T28935] R13: 00007f6b98c16038 R14: 00007f6b98c15fa0 R15: 00007fffe13d8118 [ 576.634519][T28935] [ 577.425385][T28964] vivid-001: ================= START STATUS ================= [ 577.449179][T28964] vivid-001: Radio HW Seek Mode: Bounded [ 577.459501][T28964] vivid-001: Radio Programmable HW Seek: false [ 577.472409][T28964] vivid-001: RDS Rx I/O Mode: Block I/O [ 577.477975][T28964] vivid-001: Generate RBDS Instead of RDS: false [ 577.498127][T28964] vivid-001: RDS Reception: true [ 577.508873][T28964] vivid-001: RDS Program Type: 0 inactive [ 577.522905][T28964] vivid-001: RDS PS Name: inactive [ 577.539512][T28964] vivid-001: RDS Radio Text: inactive [ 577.548514][T28964] vivid-001: RDS Traffic Announcement: false inactive [ 577.562187][T28964] vivid-001: RDS Traffic Program: false inactive [ 577.569295][T28964] vivid-001: RDS Music: false inactive [ 577.589122][T28964] vivid-001: ================== END STATUS ================== [ 577.945970][T22064] Bluetooth: hci3: ACL packet too small [ 578.905059][T29036] nbd: must specify a device to reconfigure [ 579.013646][T29041] openvswitch: netlink: Message has 4 unknown bytes. [ 579.880216][T29080] netlink: 'syz.2.11253': attribute type 1 has an invalid length. [ 579.889119][T29081] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 580.537512][T29111] netlink: 'syz.3.11266': attribute type 11 has an invalid length. [ 580.586353][T29111] netlink: 'syz.3.11266': attribute type 11 has an invalid length. [ 580.636080][T29111] netlink: 'syz.3.11266': attribute type 11 has an invalid length. [ 580.754031][T29122] openvswitch: netlink: IP tunnel TTL not specified. [ 581.349990][T29150] openvswitch: netlink: IP tunnel dst address not specified [ 583.320158][T29243] NFSD: Failed to start, no listeners configured. [ 583.659492][T29256] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535 [ 583.830852][T29267] random: crng reseeded on system resumption [ 584.689070][ T30] audit: type=1326 audit(4294967418.962:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29305 comm="syz.2.11349" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6b9899c629 code=0x0 [ 584.852387][T29312] No such timeout policy "" [ 584.890345][T29312] netlink: Failed to associated timeout policy '' [ 587.994968][T29459] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 589.930185][T29536] openvswitch: netlink: Key type 29 is not supported [ 590.138989][T29548] netlink: 'syz.3.11466': attribute type 4 has an invalid length. [ 590.181859][T29548] netlink: 'syz.3.11466': attribute type 1 has an invalid length. [ 591.005142][T29573] netlink: 16 bytes leftover after parsing attributes in process `syz.3.11477'. [ 591.391066][T29586] netlink: ct_mark mask cannot be 0 [ 592.173544][T29626] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 592.595600][T29644] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 592.615513][T29640] netlink: set zone limit has 8 unknown bytes [ 592.799714][T29649] loop6: detected capacity change from 0 to 4194304 [ 593.241442][T29673] netlink: 'syz.3.11525': attribute type 2 has an invalid length. [ 594.444643][T29722] FAULT_INJECTION: forcing a failure. [ 594.444643][T29722] name failslab, interval 1, probability 0, space 0, times 0 [ 594.507039][T29722] CPU: 0 UID: 0 PID: 29722 Comm: syz.3.11547 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 594.507077][T29722] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 594.507083][T29722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 594.507093][T29722] Call Trace: [ 594.507098][T29722] [ 594.507105][T29722] dump_stack_lvl+0x100/0x190 [ 594.507132][T29722] should_fail_ex.cold+0x5/0xa [ 594.507150][T29722] should_failslab+0xc2/0x120 [ 594.507173][T29722] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 594.507193][T29722] ? alloc_uid+0x13d/0x4c0 [ 594.507208][T29722] ? rcu_is_watching+0x12/0xc0 [ 594.507231][T29722] alloc_uid+0x13d/0x4c0 [ 594.507247][T29722] ? __pfx_alloc_uid+0x10/0x10 [ 594.507264][T29722] ? bpf_lsm_capable+0x9/0x10 [ 594.507277][T29722] ? security_capable+0x80/0x260 [ 594.507297][T29722] __sys_setreuid+0x788/0xb00 [ 594.507322][T29722] do_syscall_64+0x106/0xf80 [ 594.507339][T29722] ? clear_bhb_loop+0x40/0x90 [ 594.507357][T29722] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 594.507371][T29722] RIP: 0033:0x7f330f39c629 [ 594.507385][T29722] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 594.507399][T29722] RSP: 002b:00007f331022b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 594.507414][T29722] RAX: ffffffffffffffda RBX: 00007f330f615fa0 RCX: 00007f330f39c629 [ 594.507424][T29722] RDX: 0000000000000000 RSI: 7fffffffffffffff RDI: 0000000080000000 [ 594.507433][T29722] RBP: 00007f330f432b39 R08: 0000000000000000 R09: 0000000000000000 [ 594.507441][T29722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 594.507449][T29722] R13: 00007f330f616038 R14: 00007f330f615fa0 R15: 00007ffda4b5b8b8 [ 594.507469][T29722] [ 594.859166][T29734] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11553'. [ 596.537244][T29782] FAULT_INJECTION: forcing a failure. [ 596.537244][T29782] name fail_futex, interval 1, probability 0, space 0, times 0 [ 596.584791][T29784] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11576'. [ 596.601123][T29782] CPU: 0 UID: 0 PID: 29782 Comm: syz.1.11575 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 596.601152][T29782] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 596.601159][T29782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 596.601169][T29782] Call Trace: [ 596.601174][T29782] [ 596.601180][T29782] dump_stack_lvl+0x100/0x190 [ 596.601207][T29782] should_fail_ex.cold+0x5/0xa [ 596.601225][T29782] get_futex_key+0x1d2/0x1620 [ 596.601251][T29782] ? __pfx_get_futex_key+0x10/0x10 [ 596.601270][T29782] ? __pfx____sys_sendmsg+0x10/0x10 [ 596.601295][T29782] futex_wake+0xea/0x530 [ 596.601318][T29782] ? __pfx_futex_wake+0x10/0x10 [ 596.601346][T29782] do_futex+0x32b/0x350 [ 596.601364][T29782] ? __pfx_do_futex+0x10/0x10 [ 596.601381][T29782] ? fput+0x79/0x100 [ 596.601396][T29782] ? __sys_sendmsg+0x18f/0x220 [ 596.601413][T29782] __x64_sys_futex+0x34f/0x4d0 [ 596.601436][T29782] ? __pfx___x64_sys_futex+0x10/0x10 [ 596.601461][T29782] do_syscall_64+0x106/0xf80 [ 596.601477][T29782] ? clear_bhb_loop+0x40/0x90 [ 596.601495][T29782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 596.601510][T29782] RIP: 0033:0x7f8dfe59c629 [ 596.601523][T29782] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 596.601537][T29782] RSP: 002b:00007f8dff3730e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 596.601552][T29782] RAX: ffffffffffffffda RBX: 00007f8dfe815fa8 RCX: 00007f8dfe59c629 [ 596.601561][T29782] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8dfe815fac [ 596.601570][T29782] RBP: 00007f8dfe815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 596.601579][T29782] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000000 [ 596.601587][T29782] R13: 00007f8dfe816038 R14: 00007fffa610a180 R15: 00007fffa610a268 [ 596.601606][T29782] [ 596.867321][T29786] FAULT_INJECTION: forcing a failure. [ 596.867321][T29786] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 596.880878][T29786] CPU: 0 UID: 0 PID: 29786 Comm: syz.1.11578 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 596.880907][T29786] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 596.880914][T29786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 596.880924][T29786] Call Trace: [ 596.880930][T29786] [ 596.880936][T29786] dump_stack_lvl+0x100/0x190 [ 596.880962][T29786] should_fail_ex.cold+0x5/0xa [ 596.880976][T29786] ? prepare_alloc_pages+0x16d/0x5f0 [ 596.880993][T29786] should_fail_alloc_page+0xeb/0x140 [ 596.881019][T29786] prepare_alloc_pages+0x1f0/0x5f0 [ 596.881034][T29786] ? rcu_is_watching+0x12/0xc0 [ 596.881057][T29786] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 596.881077][T29786] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 596.881098][T29786] ? __pfx_css_rstat_updated+0x10/0x10 [ 596.881120][T29786] ? find_held_lock+0x2b/0x80 [ 596.881141][T29786] ? rcu_read_unlock+0x17/0x60 [ 596.881155][T29786] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 596.881174][T29786] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 596.881193][T29786] ? page_counter_charge+0x1d2/0x240 [ 596.881211][T29786] ? rcu_is_watching+0x12/0xc0 [ 596.881231][T29786] ? trace_mm_page_alloc+0x17a/0x1d0 [ 596.881252][T29786] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 596.881276][T29786] ? policy_nodemask+0xed/0x4f0 [ 596.881300][T29786] alloc_pages_mpol+0x1fb/0x550 [ 596.881323][T29786] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 596.881346][T29786] ? do_raw_spin_lock+0x128/0x260 [ 596.881365][T29786] ? find_held_lock+0x2b/0x80 [ 596.881389][T29786] ? __pud_alloc+0x575/0x760 [ 596.881406][T29786] alloc_pages_noprof+0x131/0x390 [ 596.881429][T29786] __pmd_alloc+0x3b/0x9c0 [ 596.881443][T29786] ? __pud_alloc+0x57a/0x760 [ 596.881459][T29786] walk_to_pmd+0x3a3/0x4c0 [ 596.881475][T29786] get_locked_pte+0x25/0xc0 [ 596.881491][T29786] map_ldt_struct+0x3c1/0xa70 [ 596.881520][T29786] ? __pfx_map_ldt_struct+0x10/0x10 [ 596.881542][T29786] ? alloc_pages_noprof+0x233/0x390 [ 596.881568][T29786] write_ldt+0x6d3/0xd40 [ 596.881593][T29786] ? __pfx_write_ldt+0x10/0x10 [ 596.881617][T29786] ? xfd_validate_state+0x129/0x190 [ 596.881641][T29786] __x64_sys_modify_ldt+0xb1/0x170 [ 596.881656][T29786] do_syscall_64+0x106/0xf80 [ 596.881672][T29786] ? clear_bhb_loop+0x40/0x90 [ 596.881690][T29786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 596.881705][T29786] RIP: 0033:0x7f8dfe59c629 [ 596.881719][T29786] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 596.881750][T29786] RSP: 002b:00007f8dff373028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 596.881766][T29786] RAX: ffffffffffffffda RBX: 00007f8dfe815fa0 RCX: 00007f8dfe59c629 [ 596.881777][T29786] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000001 [ 596.881786][T29786] RBP: 00007f8dfe632b39 R08: 0000000000000000 R09: 0000000000000000 [ 596.881796][T29786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 596.881806][T29786] R13: 00007f8dfe816038 R14: 00007f8dfe815fa0 R15: 00007fffa610a268 [ 596.881826][T29786] [ 597.201265][T29788] vivid-001: ================= START STATUS ================= [ 597.208915][T29788] vivid-001: Radio HW Seek Mode: Bounded [ 597.214572][T29788] vivid-001: Radio Programmable HW Seek: false [ 597.220793][T29788] vivid-001: RDS Rx I/O Mode: Block I/O [ 597.226325][T29788] vivid-001: Generate RBDS Instead of RDS: false [ 597.232652][T29788] vivid-001: RDS Reception: true [ 597.237936][T29788] vivid-001: RDS Program Type: 0 inactive [ 597.243681][T29788] vivid-001: RDS PS Name: inactive [ 597.248874][T29788] vivid-001: RDS Radio Text: inactive [ 597.254347][T29788] vivid-001: RDS Traffic Announcement: false inactive [ 597.261124][T29788] vivid-001: RDS Traffic Program: false inactive [ 597.267443][T29788] vivid-001: RDS Music: false inactive [ 597.272913][T29788] vivid-001: ================== END STATUS ================== [ 598.977094][T29844] FAULT_INJECTION: forcing a failure. [ 598.977094][T29844] name failslab, interval 1, probability 0, space 0, times 0 [ 599.025422][T29844] CPU: 0 UID: 0 PID: 29844 Comm: syz.3.11604 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 599.025455][T29844] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 599.025462][T29844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 599.025471][T29844] Call Trace: [ 599.025477][T29844] [ 599.025483][T29844] dump_stack_lvl+0x100/0x190 [ 599.025508][T29844] should_fail_ex.cold+0x5/0xa [ 599.025534][T29844] should_failslab+0xc2/0x120 [ 599.025559][T29844] __kvmalloc_node_noprof+0xfa/0xa00 [ 599.025580][T29844] ? vmemdup_user+0x2a/0xe0 [ 599.025606][T29844] vmemdup_user+0x2a/0xe0 [ 599.025627][T29844] path_setxattrat+0x29e/0x3b0 [ 599.025650][T29844] ? __pfx_path_setxattrat+0x10/0x10 [ 599.025675][T29844] ? __pfx_poll_select_finish+0x10/0x10 [ 599.025712][T29844] ? xfd_validate_state+0x129/0x190 [ 599.025735][T29844] __x64_sys_fsetxattr+0xc5/0x140 [ 599.025749][T29844] ? do_syscall_64+0x95/0xf80 [ 599.025765][T29844] ? lockdep_hardirqs_on+0x78/0x100 [ 599.025780][T29844] do_syscall_64+0x106/0xf80 [ 599.025796][T29844] ? clear_bhb_loop+0x40/0x90 [ 599.025814][T29844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 599.025829][T29844] RIP: 0033:0x7f330f39c629 [ 599.025842][T29844] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 599.025856][T29844] RSP: 002b:00007f331022b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000be [ 599.025871][T29844] RAX: ffffffffffffffda RBX: 00007f330f615fa0 RCX: 00007f330f39c629 [ 599.025881][T29844] RDX: 0000000000000000 RSI: 0000200000002ac0 RDI: ffffffffffffffff [ 599.025890][T29844] RBP: 00007f330f432b39 R08: 0000000000000000 R09: 0000000000000000 [ 599.025898][T29844] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 599.025907][T29844] R13: 00007f330f616038 R14: 00007f330f615fa0 R15: 00007ffda4b5b8b8 [ 599.025925][T29844] [ 599.982228][T29867] FAULT_INJECTION: forcing a failure. [ 599.982228][T29867] name fail_futex, interval 1, probability 0, space 0, times 0 [ 600.048257][T29867] CPU: 0 UID: 0 PID: 29867 Comm: syz.0.11615 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 600.048288][T29867] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 600.048295][T29867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 600.048304][T29867] Call Trace: [ 600.048309][T29867] [ 600.048316][T29867] dump_stack_lvl+0x100/0x190 [ 600.048342][T29867] should_fail_ex.cold+0x5/0xa [ 600.048361][T29867] get_futex_key+0x1d2/0x1620 [ 600.048380][T29867] ? __pfx_get_futex_key+0x10/0x10 [ 600.048398][T29867] ? __pfx____sys_sendmsg+0x10/0x10 [ 600.048431][T29867] futex_wake+0xea/0x530 [ 600.048455][T29867] ? __pfx_futex_wake+0x10/0x10 [ 600.048484][T29867] do_futex+0x32b/0x350 [ 600.048503][T29867] ? __pfx_do_futex+0x10/0x10 [ 600.048520][T29867] ? fput+0x79/0x100 [ 600.048536][T29867] ? __sys_sendmsg+0x18f/0x220 [ 600.048553][T29867] __x64_sys_futex+0x34f/0x4d0 [ 600.048573][T29867] ? __pfx___x64_sys_futex+0x10/0x10 [ 600.048597][T29867] do_syscall_64+0x106/0xf80 [ 600.048613][T29867] ? clear_bhb_loop+0x40/0x90 [ 600.048631][T29867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 600.048645][T29867] RIP: 0033:0x7f6c1579c629 [ 600.048658][T29867] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 600.048673][T29867] RSP: 002b:00007f6c1664b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 600.048688][T29867] RAX: ffffffffffffffda RBX: 00007f6c15a15fa8 RCX: 00007f6c1579c629 [ 600.048698][T29867] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6c15a15fac [ 600.048707][T29867] RBP: 00007f6c15a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 600.048716][T29867] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000000 [ 600.048724][T29867] R13: 00007f6c15a16038 R14: 00007ffcfe193730 R15: 00007ffcfe193818 [ 600.048743][T29867] [ 602.108838][T29918] zswap: compressor not available [ 602.490270][T29939] FAULT_INJECTION: forcing a failure. [ 602.490270][T29939] name failslab, interval 1, probability 0, space 0, times 0 [ 602.543587][T29939] CPU: 0 UID: 0 PID: 29939 Comm: syz.0.11645 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 602.543617][T29939] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 602.543624][T29939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 602.543633][T29939] Call Trace: [ 602.543639][T29939] [ 602.543645][T29939] dump_stack_lvl+0x100/0x190 [ 602.543669][T29939] should_fail_ex.cold+0x5/0xa [ 602.543688][T29939] should_failslab+0xc2/0x120 [ 602.543711][T29939] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 602.543732][T29939] ? mas_alloc_nodes+0x280/0x390 [ 602.543750][T29939] mas_alloc_nodes+0x280/0x390 [ 602.543767][T29939] mas_preallocate+0x39c/0xf10 [ 602.543788][T29939] ? __pfx_mas_preallocate+0x10/0x10 [ 602.543809][T29939] ? vm_area_alloc+0x1f/0x160 [ 602.543829][T29939] ? lockdep_init_map_type+0x5c/0x250 [ 602.543849][T29939] __mmap_region+0x12b5/0x29e0 [ 602.543872][T29939] ? __pfx___mmap_region+0x10/0x10 [ 602.543892][T29939] ? __lock_acquire+0x4a5/0x2630 [ 602.543910][T29939] ? set_next_entity+0x11b/0x9c0 [ 602.543934][T29939] ? __lock_acquire+0x4a5/0x2630 [ 602.543950][T29939] ? find_held_lock+0x2b/0x80 [ 602.543980][T29939] ? find_held_lock+0x2b/0x80 [ 602.544001][T29939] ? finish_task_switch.isra.0+0x200/0xb80 [ 602.544015][T29939] ? finish_task_switch.isra.0+0x200/0xb80 [ 602.544037][T29939] ? trace_sched_exit_tp+0x13a/0x180 [ 602.544053][T29939] ? __schedule+0x1000/0x60e0 [ 602.544092][T29939] ? rcu_is_watching+0x12/0xc0 [ 602.544112][T29939] ? cap_capable+0x107/0x460 [ 602.544134][T29939] mmap_region+0x180/0x3e0 [ 602.544166][T29939] do_mmap+0xc63/0x12f0 [ 602.544185][T29939] ? __pfx_do_mmap+0x10/0x10 [ 602.544200][T29939] ? __pfx_down_write_killable+0x10/0x10 [ 602.544222][T29939] vm_mmap_pgoff+0x29e/0x470 [ 602.544240][T29939] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 602.544256][T29939] ? do_futex+0x192/0x350 [ 602.544274][T29939] ? __pfx_do_futex+0x10/0x10 [ 602.544295][T29939] ksys_mmap_pgoff+0xe1/0x650 [ 602.544317][T29939] ? __x64_sys_futex+0x34f/0x4d0 [ 602.544334][T29939] ? __x64_sys_futex+0x358/0x4d0 [ 602.544352][T29939] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 602.544374][T29939] ? xfd_validate_state+0x129/0x190 [ 602.544398][T29939] __x64_sys_mmap+0x125/0x190 [ 602.544420][T29939] do_syscall_64+0x106/0xf80 [ 602.544436][T29939] ? clear_bhb_loop+0x40/0x90 [ 602.544454][T29939] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 602.544468][T29939] RIP: 0033:0x7f6c1579c629 [ 602.544482][T29939] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 602.544496][T29939] RSP: 002b:00007f6c1664b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 602.544510][T29939] RAX: ffffffffffffffda RBX: 00007f6c15a15fa0 RCX: 00007f6c1579c629 [ 602.544520][T29939] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 602.544528][T29939] RBP: 00007f6c15832b39 R08: fffffffffffffffa R09: 0000000000008000 [ 602.544538][T29939] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 602.544547][T29939] R13: 00007f6c15a16038 R14: 00007f6c15a15fa0 R15: 00007ffcfe193818 [ 602.544567][T29939] [ 603.268735][T29950] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11651'. [ 604.595940][T30000] FAULT_INJECTION: forcing a failure. [ 604.595940][T30000] name failslab, interval 1, probability 0, space 0, times 0 [ 604.646991][T30002] bridge0: port 3(veth0_to_bridge) entered blocking state [ 604.656646][T30000] CPU: 0 UID: 0 PID: 30000 Comm: syz.3.11674 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 604.656676][T30000] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 604.656682][T30000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 604.656691][T30000] Call Trace: [ 604.656696][T30000] [ 604.656702][T30000] dump_stack_lvl+0x100/0x190 [ 604.656728][T30000] should_fail_ex.cold+0x5/0xa [ 604.656745][T30000] should_failslab+0xc2/0x120 [ 604.656768][T30000] __kmalloc_cache_noprof+0x7a/0x6f0 [ 604.656787][T30000] ? __do_sys_memfd_create+0x170/0x3d0 [ 604.656810][T30000] __do_sys_memfd_create+0x170/0x3d0 [ 604.656829][T30000] do_syscall_64+0x106/0xf80 [ 604.656845][T30000] ? clear_bhb_loop+0x40/0x90 [ 604.656863][T30000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.656877][T30000] RIP: 0033:0x7f330f39c629 [ 604.656891][T30000] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 604.656906][T30000] RSP: 002b:00007f331022b028 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 604.656927][T30000] RAX: ffffffffffffffda RBX: 00007f330f615fa0 RCX: 00007f330f39c629 [ 604.656938][T30000] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 604.656947][T30000] RBP: 00007f330f432b39 R08: 0000000000000000 R09: 0000000000000000 [ 604.656956][T30000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 604.656965][T30000] R13: 00007f330f616038 R14: 00007f330f615fa0 R15: 00007ffda4b5b8b8 [ 604.656984][T30000] [ 604.857994][T30002] bridge0: port 3(veth0_to_bridge) entered disabled state [ 604.865301][T30002] veth0_to_bridge: entered allmulticast mode [ 604.872401][T30002] veth0_to_bridge: entered promiscuous mode [ 604.878792][T30002] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 604.891850][T30002] bridge0: port 3(veth0_to_bridge) entered blocking state [ 604.899207][T30002] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 605.038598][T30012] netlink: 350 bytes leftover after parsing attributes in process `syz.3.11681'. [ 605.177186][T30018] FAULT_INJECTION: forcing a failure. [ 605.177186][T30018] name failslab, interval 1, probability 0, space 0, times 0 [ 605.218247][T30018] CPU: 0 UID: 0 PID: 30018 Comm: syz.3.11684 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 605.218278][T30018] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 605.218285][T30018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 605.218294][T30018] Call Trace: [ 605.218299][T30018] [ 605.218305][T30018] dump_stack_lvl+0x100/0x190 [ 605.218332][T30018] should_fail_ex.cold+0x5/0xa [ 605.218348][T30018] ? sk_prot_alloc+0x10b/0x2a0 [ 605.218367][T30018] should_failslab+0xc2/0x120 [ 605.218397][T30018] __kmalloc_noprof+0xe0/0x850 [ 605.218422][T30018] sk_prot_alloc+0x10b/0x2a0 [ 605.218442][T30018] sk_alloc+0x36/0xe80 [ 605.218457][T30018] mctp_pf_create+0xe8/0x360 [ 605.218475][T30018] __sock_create+0x339/0x860 [ 605.218499][T30018] __sys_socket+0x14d/0x260 [ 605.218520][T30018] ? __pfx___sys_socket+0x10/0x10 [ 605.218545][T30018] __x64_sys_socket+0x72/0xb0 [ 605.218565][T30018] ? lockdep_hardirqs_on+0x78/0x100 [ 605.218581][T30018] do_syscall_64+0x106/0xf80 [ 605.218596][T30018] ? clear_bhb_loop+0x40/0x90 [ 605.218614][T30018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.218629][T30018] RIP: 0033:0x7f330f39c629 [ 605.218642][T30018] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 605.218656][T30018] RSP: 002b:00007f331022b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 605.218670][T30018] RAX: ffffffffffffffda RBX: 00007f330f615fa0 RCX: 00007f330f39c629 [ 605.218680][T30018] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000002d [ 605.218689][T30018] RBP: 00007f330f432b39 R08: 0000000000000000 R09: 0000000000000000 [ 605.218697][T30018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 605.218706][T30018] R13: 00007f330f616038 R14: 00007f330f615fa0 R15: 00007ffda4b5b8b8 [ 605.218724][T30018] [ 605.855437][T30027] hugetlbfs: syz.0.11687 (30027): Using mlock ulimits for SHM_HUGETLB is obsolete [ 606.584698][T30052] syz.3.11699 (30052) used obsolete PPPIOCDETACH ioctl [ 606.969421][T30061] busy [ 607.542391][T30093] FAULT_INJECTION: forcing a failure. [ 607.542391][T30093] name failslab, interval 1, probability 0, space 0, times 0 [ 607.597175][T30093] CPU: 0 UID: 0 PID: 30093 Comm: syz.0.11719 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 607.597207][T30093] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 607.597214][T30093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 607.597224][T30093] Call Trace: [ 607.597229][T30093] [ 607.597235][T30093] dump_stack_lvl+0x100/0x190 [ 607.597261][T30093] should_fail_ex.cold+0x5/0xa [ 607.597277][T30093] ? sk_prot_alloc+0x10b/0x2a0 [ 607.597295][T30093] should_failslab+0xc2/0x120 [ 607.597318][T30093] __kmalloc_noprof+0xe0/0x850 [ 607.597339][T30093] ? lockdep_init_map_type+0x5c/0x250 [ 607.597361][T30093] sk_prot_alloc+0x10b/0x2a0 [ 607.597380][T30093] sk_alloc+0x36/0xe80 [ 607.597395][T30093] pppol2tp_create+0x32/0x250 [ 607.597415][T30093] pppox_create+0x15c/0x2c0 [ 607.597438][T30093] __sock_create+0x339/0x860 [ 607.597462][T30093] __sys_socket+0x14d/0x260 [ 607.597482][T30093] ? __pfx___sys_socket+0x10/0x10 [ 607.597508][T30093] __x64_sys_socket+0x72/0xb0 [ 607.597527][T30093] ? lockdep_hardirqs_on+0x78/0x100 [ 607.597544][T30093] do_syscall_64+0x106/0xf80 [ 607.597559][T30093] ? clear_bhb_loop+0x40/0x90 [ 607.597577][T30093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 607.597591][T30093] RIP: 0033:0x7f6c1579c629 [ 607.597604][T30093] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 607.597619][T30093] RSP: 002b:00007f6c1664b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 607.597633][T30093] RAX: ffffffffffffffda RBX: 00007f6c15a15fa0 RCX: 00007f6c1579c629 [ 607.597643][T30093] RDX: 0000000000000001 RSI: 0000000000000005 RDI: 0000000000000018 [ 607.597651][T30093] RBP: 00007f6c15832b39 R08: 0000000000000000 R09: 0000000000000000 [ 607.597660][T30093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 607.597668][T30093] R13: 00007f6c15a16038 R14: 00007f6c15a15fa0 R15: 00007ffcfe193818 [ 607.597695][T30093] [ 608.164129][T30103] netlink: 16 bytes leftover after parsing attributes in process `syz.0.11724'. [ 608.218773][T30105] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input45 [ 608.551504][T30117] bridge0: port 3(veth0_to_bridge) entered blocking state [ 608.579061][T30117] bridge0: port 3(veth0_to_bridge) entered disabled state [ 608.616575][T30117] veth0_to_bridge: entered allmulticast mode [ 608.658623][T30117] veth0_to_bridge: entered promiscuous mode [ 608.680240][T30117] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 608.735435][T30117] bridge0: port 3(veth0_to_bridge) entered blocking state [ 608.742657][T30117] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 608.884873][T30128] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11736'. [ 608.965058][T30134] netlink: 21 bytes leftover after parsing attributes in process `syz.0.11738'. [ 610.266522][T30189] netlink: 186 bytes leftover after parsing attributes in process `syz.2.11765'. [ 610.386251][T30195] FAULT_INJECTION: forcing a failure. [ 610.386251][T30195] name failslab, interval 1, probability 0, space 0, times 0 [ 610.409419][T30195] CPU: 0 UID: 0 PID: 30195 Comm: syz.3.11768 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 610.409448][T30195] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 610.409456][T30195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 610.409465][T30195] Call Trace: [ 610.409471][T30195] [ 610.409477][T30195] dump_stack_lvl+0x100/0x190 [ 610.409503][T30195] should_fail_ex.cold+0x5/0xa [ 610.409520][T30195] ? lsm_blob_alloc+0x68/0x90 [ 610.409535][T30195] should_failslab+0xc2/0x120 [ 610.409559][T30195] __kmalloc_noprof+0xe0/0x850 [ 610.409579][T30195] ? trace_kmem_cache_alloc+0xf3/0x120 [ 610.409597][T30195] lsm_blob_alloc+0x68/0x90 [ 610.409612][T30195] security_prepare_creds+0x2d/0x290 [ 610.409628][T30195] prepare_creds+0x5d6/0x950 [ 610.409651][T30195] __sys_setfsuid+0xda/0x380 [ 610.409667][T30195] do_syscall_64+0x106/0xf80 [ 610.409684][T30195] ? clear_bhb_loop+0x40/0x90 [ 610.409702][T30195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 610.409718][T30195] RIP: 0033:0x7f330f39c629 [ 610.409731][T30195] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 610.409745][T30195] RSP: 002b:00007f331022b028 EFLAGS: 00000246 ORIG_RAX: 000000000000007a [ 610.409760][T30195] RAX: ffffffffffffffda RBX: 00007f330f615fa0 RCX: 00007f330f39c629 [ 610.409769][T30195] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee00 [ 610.409778][T30195] RBP: 00007f330f432b39 R08: 0000000000000000 R09: 0000000000000000 [ 610.409787][T30195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 610.409795][T30195] R13: 00007f330f616038 R14: 00007f330f615fa0 R15: 00007ffda4b5b8b8 [ 610.409814][T30195] [ 610.693864][T30197] bridge0: port 3(veth0_to_bridge) entered blocking state [ 610.701068][T30197] bridge0: port 3(veth0_to_bridge) entered disabled state [ 610.708287][T30197] veth0_to_bridge: entered allmulticast mode [ 610.715302][T30197] veth0_to_bridge: entered promiscuous mode [ 610.721324][T30197] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 610.733806][T30197] bridge0: port 3(veth0_to_bridge) entered blocking state [ 610.740969][T30197] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 611.336409][T30220] netlink: 'syz.1.11780': attribute type 1 has an invalid length. [ 611.628083][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 611.640298][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 611.652691][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 611.664841][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 611.676996][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 611.689275][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 611.701498][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 611.713710][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 611.725984][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 611.738188][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.609071][ C0] net_ratelimit: 21311 callbacks suppressed [ 616.609088][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.627238][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.639770][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.651974][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.664163][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.676341][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.688593][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.700770][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.712943][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 616.725242][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.592974][ C0] net_ratelimit: 22351 callbacks suppressed [ 621.592991][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.611067][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.623276][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.635424][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.647588][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.659742][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.671930][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.684117][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.696297][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 621.708439][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.577047][ C0] net_ratelimit: 22517 callbacks suppressed [ 626.577063][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.595191][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.607356][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.619593][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.631765][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.643945][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.656119][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.668287][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.680445][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 626.692612][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 631.561124][ C0] net_ratelimit: 22770 callbacks suppressed [ 631.561141][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 631.579278][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 631.591547][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 631.603711][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 631.615939][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 631.628191][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 631.640385][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 631.652578][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 631.664748][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 631.677106][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 636.545193][ C0] net_ratelimit: 22865 callbacks suppressed [ 636.545210][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 636.563295][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 636.575465][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 636.587582][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 636.599736][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 636.611896][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 636.624043][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 636.636189][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 636.648443][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 636.660633][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 641.529480][ C0] net_ratelimit: 22617 callbacks suppressed [ 641.529496][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.547608][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.559726][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 641.571886][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.584082][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.596223][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 641.608364][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.620541][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 641.632681][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 641.644864][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.513474][ C0] net_ratelimit: 22555 callbacks suppressed [ 646.513497][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 646.531574][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.543750][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.555882][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 646.568041][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.580208][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.592331][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 646.604486][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.616665][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 646.628813][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 651.497503][ C0] net_ratelimit: 22582 callbacks suppressed [ 651.497519][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.515544][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 651.527692][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.539850][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.552020][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 651.564175][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.576367][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.588472][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 651.600611][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 651.612787][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.481612][ C0] net_ratelimit: 22602 callbacks suppressed [ 656.481628][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 656.499685][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.511843][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.523960][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 656.536112][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.548286][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.560393][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 656.572535][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.584737][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 656.596876][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 661.465660][ C0] net_ratelimit: 22544 callbacks suppressed [ 661.465678][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 661.483748][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.495923][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.508032][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 661.520178][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.532338][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.544471][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 661.556615][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.568768][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 661.580866][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 666.449660][ C0] net_ratelimit: 22567 callbacks suppressed [ 666.449676][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.467716][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 666.479854][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.492024][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.504154][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 666.516310][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.528471][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.540574][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 666.552710][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 666.564872][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 669.894504][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 671.433942][ C0] net_ratelimit: 22476 callbacks suppressed [ 671.433959][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 671.452019][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.464204][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.476322][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 671.488487][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.500743][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.512868][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 671.525016][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.537179][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 671.549374][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 676.417981][ C0] net_ratelimit: 22512 callbacks suppressed [ 676.417998][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.436071][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.448287][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.460502][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.472638][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 676.484839][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.497032][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.509263][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.521457][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 676.533627][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 681.401911][ C0] net_ratelimit: 22567 callbacks suppressed [ 681.401928][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.420011][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.432130][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 681.444273][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.456437][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.468636][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.480888][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.493019][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 681.505141][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 681.517312][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.386182][ C0] net_ratelimit: 22793 callbacks suppressed [ 686.386199][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.404277][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.416512][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.428697][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.440812][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 686.452954][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.465192][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.477462][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.489703][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 686.501842][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 691.370082][ C0] net_ratelimit: 22694 callbacks suppressed [ 691.370099][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 691.388180][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.400360][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.412601][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.424797][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.437023][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 691.449176][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.461352][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.473614][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 691.485797][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.354270][ C0] net_ratelimit: 22203 callbacks suppressed [ 696.354287][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.372416][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.384693][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 696.396840][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.409026][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.421258][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.433480][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.445599][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 696.457750][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 696.469921][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.338409][ C0] net_ratelimit: 22477 callbacks suppressed [ 701.338424][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.356503][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.368620][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 701.380770][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:57:0a:a4:f7:af, vlan:0) [ 701.392948][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.405187][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.417468][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.429646][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 701.441775][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 701.454372][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:57:0a:a4:f7:af, vlan:0) [ 706.322514][ C0] net_ratelimit: 22717 callbacks suppressed [ 706.322531][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.340633][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.352811][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.364931][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 706.377078][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:57:0a:a4:f7:af, vlan:0) [ 706.389251][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.401531][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.413769][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.425966][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 706.438081][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 711.306542][ C0] net_ratelimit: 22803 callbacks suppressed [ 711.306560][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.324650][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.336773][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 711.348934][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:57:0a:a4:f7:af, vlan:0) [ 711.361098][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.373295][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.385543][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.397746][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 711.409883][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 711.422070][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:57:0a:a4:f7:af, vlan:0) [ 716.290513][ C0] net_ratelimit: 22641 callbacks suppressed [ 716.290533][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.308584][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 716.320731][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:57:0a:a4:f7:af, vlan:0) [ 716.332893][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.345062][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.357291][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.369457][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.381559][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 716.393689][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:57:0a:a4:f7:af, vlan:0) [ 716.405850][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 716.619896][ C0] ------------[ cut here ]------------ [ 716.626641][ C0] 1 [ 716.626651][ C0] WARNING: kernel/rcu/tree_stall.h:1049 at rcu_check_gp_start_stall.part.0+0x1c4/0x4b0, CPU#0: kworker/R-bat_e/3407 [ 716.641196][ C0] Modules linked in: [ 716.645954][ C0] CPU: 0 UID: 0 PID: 3407 Comm: kworker/R-bat_e Tainted: G U I L syzkaller #0 PREEMPT(full) [ 716.657228][ C0] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 716.664589][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 716.674625][ C0] Workqueue: bat_events batadv_tt_purge [ 716.680170][ C0] RIP: 0010:rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 716.687088][ C0] Code: 88 61 01 00 00 be 04 00 00 00 48 c7 c7 80 93 1c 9b e8 70 69 86 00 b8 01 00 00 00 87 05 85 93 2f 19 85 c0 0f 85 3d 01 00 00 90 <0f> 0b 90 48 c7 c3 e4 ba d9 90 48 81 fd c0 46 7f 8e 74 5a 48 b8 00 [ 716.706676][ C0] RSP: 0018:ffffc90000007e10 EFLAGS: 00010046 [ 716.712724][ C0] RAX: 0000000000000000 RBX: 0000000000002904 RCX: ffffffff81ecfff0 [ 716.720674][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff9b1c9380 [ 716.728634][ C0] RBP: ffffffff8e7f46c0 R08: 0000000000000001 R09: fffffbfff3639270 [ 716.736584][ C0] R10: 0000000000000003 R11: 0000000000000000 R12: 1ffffffff1c82250 [ 716.744535][ C0] R13: 0000000000000246 R14: ffffffff8e40c108 R15: 0000000000000020 [ 716.752487][ C0] FS: 0000000000000000(0000) GS:ffff888124351000(0000) knlGS:0000000000000000 [ 716.761484][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 716.768049][ C0] CR2: 00007ff6f0dba407 CR3: 000000007ad86000 CR4: 00000000003526f0 [ 716.776001][ C0] Call Trace: [ 716.779269][ C0] [ 716.782105][ C0] rcu_core+0x2cb/0x10d0 [ 716.786341][ C0] ? __pfx_rcu_core+0x10/0x10 [ 716.791007][ C0] ? run_timer_base+0x121/0x190 [ 716.795842][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 716.801023][ C0] handle_softirqs+0x1eb/0x9e0 [ 716.805772][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 716.811038][ C0] ? batadv_tt_local_purge+0x21c/0x3d0 [ 716.816485][ C0] do_softirq+0xac/0xe0 [ 716.820625][ C0] [ 716.823540][ C0] [ 716.826450][ C0] __local_bh_enable_ip+0xf8/0x120 [ 716.831628][ C0] batadv_tt_local_purge+0x21c/0x3d0 [ 716.836901][ C0] ? look_up_lock_class+0x55/0x120 [ 716.842004][ C0] ? __pfx_batadv_tt_local_purge+0x10/0x10 [ 716.847799][ C0] batadv_tt_purge+0x8b/0xbd0 [ 716.852462][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 716.858250][ C0] ? debug_object_deactivate+0x2e4/0x3b0 [ 716.863869][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 716.869143][ C0] ? rcu_is_watching+0x12/0xc0 [ 716.873900][ C0] process_one_work+0x9d7/0x1920 [ 716.878831][ C0] ? __pfx_process_one_work+0x10/0x10 [ 716.884194][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 716.889467][ C0] rescuer_thread+0x902/0x1490 [ 716.894318][ C0] ? rescuer_thread+0x23d/0x1490 [ 716.899240][ C0] ? rescuer_thread+0x118/0x1490 [ 716.904194][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 716.909377][ C0] ? __kthread_parkme+0x18c/0x230 [ 716.914385][ C0] ? kthread+0x13a/0x450 [ 716.918612][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 716.923794][ C0] kthread+0x370/0x450 [ 716.927847][ C0] ? __pfx_kthread+0x10/0x10 [ 716.932430][ C0] ret_from_fork+0x754/0xd80 [ 716.937007][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 716.942105][ C0] ? __switch_to+0x7b4/0x1120 [ 716.946763][ C0] ? __pfx_kthread+0x10/0x10 [ 716.951338][ C0] ret_from_fork_asm+0x1a/0x30 [ 716.956100][ C0] [ 716.959181][ C0] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 716.966461][ C0] CPU: 0 UID: 0 PID: 3407 Comm: kworker/R-bat_e Tainted: G U I L syzkaller #0 PREEMPT(full) [ 716.977739][ C0] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 716.985085][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 716.995125][ C0] Workqueue: bat_events batadv_tt_purge [ 717.000676][ C0] Call Trace: [ 717.003949][ C0] [ 717.006794][ C0] dump_stack_lvl+0x100/0x190 [ 717.011473][ C0] vpanic+0x552/0x970 [ 717.015448][ C0] ? __pfx_vpanic+0x10/0x10 [ 717.019940][ C0] panic+0xd1/0xe0 [ 717.023642][ C0] ? __pfx_panic+0x10/0x10 [ 717.028058][ C0] ? check_panic_on_warn+0x1f/0x90 [ 717.033212][ C0] check_panic_on_warn.cold+0x19/0x34 [ 717.038583][ C0] ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 717.044899][ C0] __warn.cold+0x191/0x348 [ 717.049315][ C0] __report_bug+0x296/0x3d0 [ 717.053810][ C0] ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 717.060135][ C0] ? __pfx___report_bug+0x10/0x10 [ 717.065148][ C0] ? find_held_lock+0x2b/0x80 [ 717.069812][ C0] ? process_backlog+0x3a5/0x1580 [ 717.074823][ C0] ? process_backlog+0x3a5/0x1580 [ 717.079850][ C0] ? __lock_acquire+0x4a5/0x2630 [ 717.084782][ C0] ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 717.091095][ C0] report_bug+0xb2/0x220 [ 717.095323][ C0] ? rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 717.101633][ C0] handle_bug+0x166/0x2a0 [ 717.105954][ C0] exc_invalid_op+0x17/0x50 [ 717.110464][ C0] asm_exc_invalid_op+0x1a/0x20 [ 717.115303][ C0] RIP: 0010:rcu_check_gp_start_stall.part.0+0x1c4/0x4b0 [ 717.122225][ C0] Code: 88 61 01 00 00 be 04 00 00 00 48 c7 c7 80 93 1c 9b e8 70 69 86 00 b8 01 00 00 00 87 05 85 93 2f 19 85 c0 0f 85 3d 01 00 00 90 <0f> 0b 90 48 c7 c3 e4 ba d9 90 48 81 fd c0 46 7f 8e 74 5a 48 b8 00 [ 717.141827][ C0] RSP: 0018:ffffc90000007e10 EFLAGS: 00010046 [ 717.147882][ C0] RAX: 0000000000000000 RBX: 0000000000002904 RCX: ffffffff81ecfff0 [ 717.155837][ C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff9b1c9380 [ 717.163793][ C0] RBP: ffffffff8e7f46c0 R08: 0000000000000001 R09: fffffbfff3639270 [ 717.171745][ C0] R10: 0000000000000003 R11: 0000000000000000 R12: 1ffffffff1c82250 [ 717.179698][ C0] R13: 0000000000000246 R14: ffffffff8e40c108 R15: 0000000000000020 [ 717.187653][ C0] ? rcu_check_gp_start_stall.part.0+0x1b0/0x4b0 [ 717.193974][ C0] rcu_core+0x2cb/0x10d0 [ 717.198207][ C0] ? __pfx_rcu_core+0x10/0x10 [ 717.202869][ C0] ? run_timer_base+0x121/0x190 [ 717.207702][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 717.212883][ C0] handle_softirqs+0x1eb/0x9e0 [ 717.217631][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 717.222895][ C0] ? batadv_tt_local_purge+0x21c/0x3d0 [ 717.228360][ C0] do_softirq+0xac/0xe0 [ 717.232498][ C0] [ 717.235409][ C0] [ 717.238328][ C0] __local_bh_enable_ip+0xf8/0x120 [ 717.243430][ C0] batadv_tt_local_purge+0x21c/0x3d0 [ 717.248707][ C0] ? look_up_lock_class+0x55/0x120 [ 717.253807][ C0] ? __pfx_batadv_tt_local_purge+0x10/0x10 [ 717.259607][ C0] batadv_tt_purge+0x8b/0xbd0 [ 717.264280][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 717.270069][ C0] ? debug_object_deactivate+0x2e4/0x3b0 [ 717.275690][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 717.280966][ C0] ? rcu_is_watching+0x12/0xc0 [ 717.285720][ C0] process_one_work+0x9d7/0x1920 [ 717.290651][ C0] ? __pfx_process_one_work+0x10/0x10 [ 717.296014][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 717.301293][ C0] rescuer_thread+0x902/0x1490 [ 717.306053][ C0] ? rescuer_thread+0x23d/0x1490 [ 717.310978][ C0] ? rescuer_thread+0x118/0x1490 [ 717.315899][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 717.321081][ C0] ? __kthread_parkme+0x18c/0x230 [ 717.326087][ C0] ? kthread+0x13a/0x450 [ 717.330313][ C0] ? __pfx_rescuer_thread+0x10/0x10 [ 717.335495][ C0] kthread+0x370/0x450 [ 717.339549][ C0] ? __pfx_kthread+0x10/0x10 [ 717.344122][ C0] ret_from_fork+0x754/0xd80 [ 717.348700][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 717.353800][ C0] ? __switch_to+0x7b4/0x1120 [ 717.358465][ C0] ? __pfx_kthread+0x10/0x10 [ 717.363047][ C0] ret_from_fork_asm+0x1a/0x30 [ 717.367803][ C0] [ 717.370867][ C0] Kernel Offset: disabled [ 717.375175][ C0] Rebooting in 86400 seconds..