last executing test programs:
8.086882476s ago: executing program 1 (id=11412):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
capset$auto(0x0, 0x0)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
fsopen$auto(&(0x7f00000001c0)='nfsd\x00', 0x1)
6.665959525s ago: executing program 1 (id=11421):
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
r0 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/0/msr\x00', 0x181f82, 0x0)
readv$auto(r0, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
mmap$auto(0x0, 0xbb0a, 0x2000000df, 0x20000000eb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
6.409636288s ago: executing program 2 (id=11424):
close_range$auto(0x2, 0x8, 0x0)
r0 = socketcall$auto(0x3, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r0)
r2 = socketcall$auto(0x6, 0x0)
ioctl$auto(0x3, 0xae41, r2)
5.899763544s ago: executing program 2 (id=11426):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
pipe$auto(0x0)
pipe$auto(0x0)
write$auto(0x3, 0x0, 0xfdf3)
tee$auto(0x2000000000000, 0x3, 0x402, 0xd)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
5.525150029s ago: executing program 2 (id=11427):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf250200"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x40044)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00', @ANYRES16=0x0, @ANYBLOB="000326"], 0x28}, 0x1, 0x0, 0x0, 0x4c894}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='\"'], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
5.228146611s ago: executing program 2 (id=11428):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x161782, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x3, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
preadv2$auto(0x3, 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x2e)
5.191185664s ago: executing program 1 (id=11429):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1, 0x402, 0x8000000000000000, 0x0)
r0 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x6, 0x1, 0x9, 0x7, 0x3b, 0x3fe, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb2, 0x9, 0x3, 0xfffc, 0x80, 0x7, 0x40000, 0x7, 0x2000, 0x200, 0x0, 0x81, 0x0, 0x7, 0x0, 0x0, 0x0, [0x1000000001, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7]}, 0x202, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x5}, 0x7, 0x0)
3.402064731s ago: executing program 0 (id=11442):
close_range$auto(0x2, 0x8, 0x0)
r0 = socketcall$auto(0x3, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r0)
r2 = socketcall$auto(0x6, 0x0)
ioctl$auto(0x3, 0xae41, r2)
3.008205858s ago: executing program 1 (id=11435):
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0xa, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, 0xa, 0x0)
open(0x0, 0xa240, 0x15e)
open(0x0, 0x161342, 0x100)
2.771812662s ago: executing program 0 (id=11437):
mmap$auto(0x0, 0x6, 0x10000000000df, 0xeb2, 0x401, 0x8000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2$auto(0x0, 0x80)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
keyctl$auto_KEY_SPEC_THREAD_KEYRING(0x3, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff)
2.517343137s ago: executing program 3 (id=11438):
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.5/usb6/6-0:1.0/usb6-port1/power/pm_qos_no_power_off\x00', 0x41102, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram12/queue/io_poll_delay\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfdef)
2.501682562s ago: executing program 0 (id=11439):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x0, 0x0)
r0 = socket(0x1e, 0x1, 0x0)
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vbi0\x00', 0x80382, 0x0)
ioctl$auto(r2, 0xc0045627, r0)
2.250896616s ago: executing program 3 (id=11440):
mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x8a403, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0)
prctl$auto_PR_GET_TSC(0x19, 0xa, 0x2, 0x0, 0xe)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6)
close_range$auto(0x2, 0x8, 0x0)
2.117410173s ago: executing program 1 (id=11441):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @host}, 0x55)
listen$auto(0x3, 0x81)
accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff)
2.016384169s ago: executing program 0 (id=11443):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r0, 0x0, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
1.990371178s ago: executing program 2 (id=11444):
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x3, @broadcast}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
setsockopt$auto(0x3, 0x8000000000000006, 0x1e, 0x0, 0x7ffffc)
1.946412504s ago: executing program 3 (id=11445):
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000)
sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
bind$auto(0x3, &(0x7f0000000080), 0x6b)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4048000}, 0x4000000)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, 0x0, 0x10a, 0x0, 0x0, 0x3ff}, 0xed7138c}, 0x200, 0x0)
1.17267579s ago: executing program 3 (id=11446):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0)
close_range$auto(0x2, r0, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x7, 0x0, [{0x40000000, 0x2, 0x6}]})
1.17198354s ago: executing program 0 (id=11454):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r0, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, 0x0, 0x3, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
933.376394ms ago: executing program 1 (id=11447):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x2, 0x3)
unshare$auto(0x8000000)
semget$auto(0x0, 0x2e4a, 0x8000)
semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x9, 0x36ec}, 0x1f4, 0x0)
unshare$auto(0x8000400)
933.257396ms ago: executing program 2 (id=11448):
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
getrandom$auto(0x0, 0x6000000, 0x3)
setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b)
875.924218ms ago: executing program 3 (id=11449):
mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/oom_adj\x00', 0x980, 0x0)
read$auto(r0, 0x0, 0x4)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
unshare$auto(0x6c000000)
256.239174ms ago: executing program 0 (id=11450):
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r0, 0x2275, 0xdd)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
openat$auto_dmaengine_summary_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
0s ago: executing program 3 (id=11451):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
write$auto(0x3, 0x0, 0x1)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(0x3, 0x541b, 0x38)
kernel console output (not intermixed with test programs):
951.768708][T27057] bond_slave_1: left promiscuous mode
[ 951.785406][T27057] bridge0: port 4(bond0) entered disabled state
[ 951.823264][T27057] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 951.857294][T27057] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 951.891916][T27057] bond0 (unregistering): Released all slaves
[ 952.231851][T27066] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 952.238332][T27066] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 952.813310][T27075] netlink: zone id is out of range
[ 952.835238][T27075] netlink: zone id is out of range
[ 952.847923][T27075] netlink: zone id is out of range
[ 952.896790][T27077] netlink: zone id is out of range
[ 952.924629][T27075] netlink: zone id is out of range
[ 952.956252][T27077] netlink: zone id is out of range
[ 953.492024][T27092] random: crng reseeded on system resumption
[ 953.859489][T27102] netlink: 342 bytes leftover after parsing attributes in process `syz.1.9460'.
[ 954.416784][T27101] netlink: 74 bytes leftover after parsing attributes in process `syz.3.9458'.
[ 956.969946][T27156] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9480'.
[ 958.377623][T27180] netlink: 330 bytes leftover after parsing attributes in process `syz.0.9489'.
[ 958.601505][T27184] netlink: 342 bytes leftover after parsing attributes in process `syz.0.9490'.
[ 958.700522][T27176] Loading of unsigned module is rejected
[ 960.331623][T27199] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9495'.
[ 960.553569][T27199] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 960.576797][T27202] netlink: 342 bytes leftover after parsing attributes in process `syz.3.9496'.
[ 960.675035][T27199] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 960.874666][T27199] bond0 (unregistering): Released all slaves
[ 961.620422][T27213] netlink: 338 bytes leftover after parsing attributes in process `syz.3.9500'.
[ 961.878935][T27218] random: crng reseeded on system resumption
[ 962.767355][T27236] netlink: 222 bytes leftover after parsing attributes in process `syz.0.9509'.
[ 964.457450][T27265] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9517'.
[ 968.839947][T27346] netlink: 3 bytes leftover after parsing attributes in process `syz.2.9549'.
[ 969.283725][T27357] netlink: 330 bytes leftover after parsing attributes in process `syz.3.9552'.
[ 970.643396][T27385] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9559'.
[ 970.709876][T27387] netlink: 342 bytes leftover after parsing attributes in process `syz.0.9560'.
[ 971.074056][T27394] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9562'.
[ 971.397219][T27400] ima: policy update failed
[ 971.437059][ T30] audit: type=1802 audit(4294967765.557:33): pid=27400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.9564" res=0 errno=0
[ 972.305172][T27423] netlink: 342 bytes leftover after parsing attributes in process `syz.2.9569'.
[ 974.473065][T27477] ubi: mtd0 is already attached to ubi31
[ 974.691257][T27483] netlink: 330 bytes leftover after parsing attributes in process `syz.2.9591'.
[ 976.156858][T27521] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9603'.
[ 976.267006][T27521] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 976.340075][T27521] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 976.443975][T27521] bond0 (unregistering): Released all slaves
[ 976.672283][T27534] netlink: 350 bytes leftover after parsing attributes in process `syz.3.9607'.
[ 978.414871][T27576] netlink: 206 bytes leftover after parsing attributes in process `syz.0.9618'.
[ 978.879427][T27583] zswap: compressor not available
[ 980.518152][T27619] netlink: 342 bytes leftover after parsing attributes in process `syz.2.9641'.
[ 980.559006][T27619] netlink: 342 bytes leftover after parsing attributes in process `syz.2.9641'.
[ 981.269358][T27636] netlink: 326 bytes leftover after parsing attributes in process `syz.0.9638'.
[ 983.074595][T27669] netlink: 330 bytes leftover after parsing attributes in process `syz.3.9647'.
[ 984.807699][T27702] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9659'.
[ 986.512762][T27743] netlink: 326 bytes leftover after parsing attributes in process `syz.3.9672'.
[ 987.744355][T27773] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9684'.
[ 987.801669][T27773] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9684'.
[ 988.048074][T27782] futex_wake_op: syz.3.9687 tries to shift op by -2048; fix this program
[ 988.048227][T27782] futex_wake_op: syz.3.9687 tries to shift op by -2048; fix this program
[ 988.082736][T27781] random: crng reseeded on system resumption
[ 988.086184][T27781] FAULT_INJECTION: forcing a failure.
[ 988.086184][T27781] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 988.086244][T27781] CPU: 0 UID: 0 PID: 27781 Comm: syz.2.9688 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 988.086285][T27781] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 988.086297][T27781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 988.086312][T27781] Call Trace:
[ 988.086319][T27781]
[ 988.086328][T27781] dump_stack_lvl+0x100/0x190
[ 988.086373][T27781] should_fail_ex.cold+0x5/0xa
[ 988.086398][T27781] ? prepare_alloc_pages+0x16d/0x5f0
[ 988.086431][T27781] should_fail_alloc_page+0xeb/0x140
[ 988.086459][T27781] prepare_alloc_pages+0x1f0/0x5f0
[ 988.086492][T27781] __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 988.086534][T27781] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[ 988.086583][T27781] ? stack_trace_save+0x8e/0xc0
[ 988.086610][T27781] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 988.086649][T27781] ? stack_depot_save_flags+0x27/0x9d0
[ 988.086683][T27781] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 988.086726][T27781] ? kasan_save_stack+0x3f/0x50
[ 988.086763][T27781] ? kasan_save_stack+0x30/0x50
[ 988.086800][T27781] ? kasan_save_track+0x14/0x30
[ 988.086857][T27781] ? do_sys_openat2+0x10d/0x1e0
[ 988.086887][T27781] ? __x64_sys_openat+0x12d/0x210
[ 988.086918][T27781] ? do_syscall_64+0x106/0xf80
[ 988.086953][T27781] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 988.086980][T27781] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 988.087029][T27781] ? policy_nodemask+0xed/0x4f0
[ 988.087056][T27781] alloc_pages_mpol+0x1fb/0x550
[ 988.087083][T27781] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 988.087109][T27781] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 988.087139][T27781] alloc_pages_noprof+0x131/0x390
[ 988.087166][T27781] get_zeroed_page_noprof+0x18/0xb0
[ 988.087192][T27781] get_image_page+0x18/0x1a0
[ 988.087232][T27781] alloc_rtree_node+0x3c/0xb0
[ 988.087272][T27781] memory_bm_create+0x65e/0xba0
[ 988.087323][T27781] create_basic_memory_bitmaps+0x10b/0x350
[ 988.087353][T27781] snapshot_open+0x230/0x2a0
[ 988.087380][T27781] ? __pfx_snapshot_open+0x10/0x10
[ 988.087408][T27781] misc_open+0x26d/0x450
[ 988.087513][T27781] ? __pfx_misc_open+0x10/0x10
[ 988.087540][T27781] chrdev_open+0x234/0x6a0
[ 988.087563][T27781] ? __pfx_apparmor_file_open+0x10/0x10
[ 988.087605][T27781] ? __pfx_chrdev_open+0x10/0x10
[ 988.087631][T27781] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 988.087664][T27781] do_dentry_open+0x6d8/0x1660
[ 988.087686][T27781] ? __pfx_chrdev_open+0x10/0x10
[ 988.087718][T27781] vfs_open+0x82/0x3f0
[ 988.087757][T27781] path_openat+0x208c/0x31a0
[ 988.087791][T27781] ? __pfx_path_openat+0x10/0x10
[ 988.087827][T27781] do_file_open+0x20e/0x430
[ 988.087853][T27781] ? __pfx_do_file_open+0x10/0x10
[ 988.087899][T27781] ? alloc_fd+0x476/0x790
[ 988.087925][T27781] ? do_getname+0x191/0x390
[ 988.087958][T27781] do_sys_openat2+0x10d/0x1e0
[ 988.087990][T27781] ? __pfx_do_sys_openat2+0x10/0x10
[ 988.088029][T27781] ? __fget_files+0x21f/0x3d0
[ 988.088057][T27781] __x64_sys_openat+0x12d/0x210
[ 988.088090][T27781] ? __pfx___x64_sys_openat+0x10/0x10
[ 988.088133][T27781] do_syscall_64+0x106/0xf80
[ 988.088167][T27781] ? clear_bhb_loop+0x40/0x90
[ 988.088196][T27781] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 988.088227][T27781] RIP: 0033:0x7fc19e19c799
[ 988.088247][T27781] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 988.088272][T27781] RSP: 002b:00007fc19f0aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 988.088314][T27781] RAX: ffffffffffffffda RBX: 00007fc19e415fa0 RCX: 00007fc19e19c799
[ 988.088331][T27781] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 988.088347][T27781] RBP: 00007fc19e232c99 R08: 0000000000000000 R09: 0000000000000000
[ 988.088362][T27781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 988.088377][T27781] R13: 00007fc19e416038 R14: 00007fc19e415fa0 R15: 00007fff90023328
[ 988.088409][T27781]
[ 988.532256][T27793] netlink: 342 bytes leftover after parsing attributes in process `syz.2.9691'.
[ 991.748209][T27841] Loading of unsigned module is rejected
[ 992.442418][T27868] futex_wake_op: syz.2.9721 tries to shift op by -2048; fix this program
[ 992.491270][T27868] futex_wake_op: syz.2.9721 tries to shift op by -2048; fix this program
[ 992.524765][T27868] 0x000000000001-0x000000020000 : ""
[ 992.585909][T27868] ftl_cs: FTL header corrupt!
[ 993.154733][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 993.162104][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 995.452649][T27929] netlink: 330 bytes leftover after parsing attributes in process `syz.2.9743'.
[ 995.756162][T27935] netlink: 25 bytes leftover after parsing attributes in process `syz.1.9746'.
[ 996.105646][T27943] futex_wake_op: syz.2.9750 tries to shift op by -2048; fix this program
[ 996.144494][T27943] futex_wake_op: syz.2.9750 tries to shift op by -2048; fix this program
[ 996.193070][T27939] Process accounting resumed
[ 996.212656][T27945] 0x000000000001-0x000000020000 : ""
[ 996.244223][T27945] ftl_cs: FTL header corrupt!
[ 997.803509][T27982] netlink: 210 bytes leftover after parsing attributes in process `syz.1.9765'.
[ 997.891233][T27982] veth0_macvtap: left promiscuous mode
[ 997.921416][T27982] macvtap0: entered promiscuous mode
[ 997.940712][T27982] macvtap0: entered allmulticast mode
[ 998.167690][T27993] phram: not enough arguments
[ 998.275472][T27997] netlink: 342 bytes leftover after parsing attributes in process `syz.3.9770'.
[ 998.806056][T28009] netlink: 'syz.0.9777': attribute type 4 has an invalid length.
[ 998.840823][T28009] netlink: 314 bytes leftover after parsing attributes in process `syz.0.9777'.
[ 1000.373746][T28041] FAULT_INJECTION: forcing a failure.
[ 1000.373746][T28041] name failslab, interval 1, probability 0, space 0, times 0
[ 1000.442637][T28041] CPU: 0 UID: 0 PID: 28041 Comm: syz.1.9790 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1000.442682][T28041] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1000.442694][T28041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1000.442709][T28041] Call Trace:
[ 1000.442717][T28041]
[ 1000.442726][T28041] dump_stack_lvl+0x100/0x190
[ 1000.442769][T28041] should_fail_ex.cold+0x5/0xa
[ 1000.442798][T28041] ? drm_atomic_state_init+0x190/0x490
[ 1000.442829][T28041] should_failslab+0xc2/0x120
[ 1000.442855][T28041] __kmalloc_noprof+0xe0/0x850
[ 1000.442901][T28041] drm_atomic_state_init+0x190/0x490
[ 1000.442930][T28041] ? kasan_save_track+0x14/0x30
[ 1000.442980][T28041] drm_atomic_state_alloc+0xd3/0x120
[ 1000.443011][T28041] drm_client_modeset_commit_atomic+0xcc/0x7e0
[ 1000.443049][T28041] ? trace_contention_end+0x140/0x180
[ 1000.443086][T28041] ? __mutex_lock+0x26a/0x1b90
[ 1000.443127][T28041] ? __mutex_lock+0x26a/0x1b90
[ 1000.443163][T28041] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[ 1000.443201][T28041] ? drm_master_internal_acquire+0x21/0x80
[ 1000.443262][T28041] drm_client_modeset_commit_locked+0x14d/0x580
[ 1000.443303][T28041] drm_client_modeset_commit+0x4f/0x80
[ 1000.443339][T28041] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160
[ 1000.443380][T28041] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0
[ 1000.443418][T28041] drm_fbdev_client_restore+0x1b/0x30
[ 1000.443445][T28041] ? __pfx_drm_fbdev_client_restore+0x10/0x10
[ 1000.443472][T28041] drm_client_dev_restore+0x205/0x2a0
[ 1000.443513][T28041] drm_release+0x2c6/0x360
[ 1000.443545][T28041] ? __pfx_drm_release+0x10/0x10
[ 1000.443576][T28041] __fput+0x3ff/0xb40
[ 1000.443612][T28041] task_work_run+0x150/0x240
[ 1000.443651][T28041] ? __pfx_task_work_run+0x10/0x10
[ 1000.443696][T28041] exit_to_user_mode_loop+0x100/0x4a0
[ 1000.443732][T28041] do_syscall_64+0x668/0xf80
[ 1000.443766][T28041] ? clear_bhb_loop+0x40/0x90
[ 1000.443796][T28041] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1000.443821][T28041] RIP: 0033:0x7f7cfbb9c799
[ 1000.443841][T28041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1000.443865][T28041] RSP: 002b:00007f7cfc971028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1000.443888][T28041] RAX: 0000000000000000 RBX: 00007f7cfbe15fa0 RCX: 00007f7cfbb9c799
[ 1000.443903][T28041] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1000.443918][T28041] RBP: 00007f7cfbc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1000.443933][T28041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1000.443948][T28041] R13: 00007f7cfbe16038 R14: 00007f7cfbe15fa0 R15: 00007ffd4c48fd48
[ 1000.443987][T28041]
[ 1001.673458][T28052] netlink: 'syz.1.9795': attribute type 19 has an invalid length.
[ 1001.693609][T28052] netlink: 334 bytes leftover after parsing attributes in process `syz.1.9795'.
[ 1001.812884][T28058] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9797'.
[ 1002.396014][T28058] netlink: 16 bytes leftover after parsing attributes in process `syz.0.9797'.
[ 1002.572491][T28070] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[ 1002.620465][T28070] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[ 1006.378698][T28130] futex_wake_op: syz.0.9825 tries to shift op by -2048; fix this program
[ 1006.431920][T28131] 0x000400000001-0x0004064af2cc : ""
[ 1006.471719][T28131] mtd: partition "" is out of reach -- disabled
[ 1006.538303][T28131] ftl_cs: FTL header not found.
[ 1008.045754][T28156] netlink: 'syz.3.9833': attribute type 1 has an invalid length.
[ 1008.095471][T28156] netlink: 322 bytes leftover after parsing attributes in process `syz.3.9833'.
[ 1008.148718][T28160] netlink: 'syz.3.9833': attribute type 1 has an invalid length.
[ 1008.181811][T28160] netlink: 322 bytes leftover after parsing attributes in process `syz.3.9833'.
[ 1008.998937][T28169] netlink: 342 bytes leftover after parsing attributes in process `syz.3.9837'.
[ 1009.888968][T28183] netlink: 186 bytes leftover after parsing attributes in process `syz.2.9841'.
[ 1010.047097][T28179] netlink: 186 bytes leftover after parsing attributes in process `syz.2.9841'.
[ 1011.364607][T28208] netlink: 28 bytes leftover after parsing attributes in process `syz.2.9853'.
[ 1013.204137][T28241] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9863'.
[ 1013.775407][T28248] futex_wake_op: syz.3.9865 tries to shift op by -2048; fix this program
[ 1015.247132][T16268] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1015.298153][T28278] netlink: 334 bytes leftover after parsing attributes in process `syz.3.9882'.
[ 1015.551856][T28281] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9875'.
[ 1015.717845][T28287] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1015.727854][T28287] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1015.736169][T28287] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1015.744303][T28287] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1015.752316][T28287] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1016.407803][T16268] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1016.937449][T16268] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1017.364529][T16268] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1017.780893][T28287] Bluetooth: hci0: command tx timeout
[ 1018.008169][T28286] chnl_net:caif_netlink_parms(): no params data found
[ 1018.149569][T16268] netdevsim netdevsim100 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1018.652587][T28286] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1018.699411][T28286] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1018.750602][T28286] bridge_slave_0: entered allmulticast mode
[ 1018.781068][T28286] bridge_slave_0: entered promiscuous mode
[ 1018.893246][T28286] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1018.936094][T28286] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1018.991116][T28286] bridge_slave_1: entered allmulticast mode
[ 1019.044236][T28286] bridge_slave_1: entered promiscuous mode
[ 1019.227702][T16268] dummy0: left allmulticast mode
[ 1019.243940][T16268] dummy0: left promiscuous mode
[ 1019.287371][T16268] bridge0: port 4(dummy0) entered disabled state
[ 1019.335604][T16268] veth0_to_bridge: left allmulticast mode
[ 1019.381262][T16268] veth0_to_bridge: left promiscuous mode
[ 1019.387104][T16268] bridge0: port 3(veth0_to_bridge) entered disabled state
[ 1019.691197][T16268] bridge_slave_1: left allmulticast mode
[ 1019.710470][T16268] bridge_slave_1: left promiscuous mode
[ 1019.716218][T16268] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1019.860424][T28287] Bluetooth: hci0: command tx timeout
[ 1019.872656][T16268] bridge_slave_0: left allmulticast mode
[ 1019.878340][T16268] bridge_slave_0: left promiscuous mode
[ 1019.922390][T16268] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1020.377378][T16268] tunl0 (unregistering): left allmulticast mode
[ 1020.435226][T28354] netlink: 28 bytes leftover after parsing attributes in process `syz.0.9891'.
[ 1020.458608][T28286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1020.574801][T28286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1021.697761][T28286] team0: Port device team_slave_0 added
[ 1021.762812][ T5835] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1021.773038][ T5835] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1021.782559][ T5835] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1021.790383][ T5835] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1021.802307][T28286] team0: Port device team_slave_1 added
[ 1021.812261][ T5835] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1021.944544][ T5835] Bluetooth: hci0: command tx timeout
[ 1022.235620][T28286] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1022.262531][T28286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1022.351451][T28286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1022.383197][T28286] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1022.400715][T28286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1022.456340][T28286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1022.818602][T16268] hsr_slave_0: left promiscuous mode
[ 1022.844408][T16268] hsr_slave_1: left promiscuous mode
[ 1022.859738][T16268] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1022.891186][T16268] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1022.985496][T16268] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1023.010310][T16268] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1023.108851][T16268] veth1_vlan: left promiscuous mode
[ 1023.133763][T16268] veth0_vlan: left promiscuous mode
[ 1023.886089][ T5835] Bluetooth: hci1: command tx timeout
[ 1023.920892][T16268] team0 (unregistering): Port device team_slave_1 removed
[ 1024.002383][T16268] team0 (unregistering): Port device team_slave_0 removed
[ 1024.020509][ T5835] Bluetooth: hci0: command tx timeout
[ 1024.261533][T28286] hsr_slave_0: entered promiscuous mode
[ 1024.289205][T28286] hsr_slave_1: entered promiscuous mode
[ 1025.166518][T28373] chnl_net:caif_netlink_parms(): no params data found
[ 1025.489147][T16268] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1025.940464][ T5835] Bluetooth: hci1: command tx timeout
[ 1026.188896][T16268] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1026.329314][T28436] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9907'.
[ 1026.483664][T16268] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1026.712296][T16268] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1026.879187][T28373] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1026.900429][T28373] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1026.907705][T28373] bridge_slave_0: entered allmulticast mode
[ 1026.949956][T28373] bridge_slave_0: entered promiscuous mode
[ 1026.973758][T28373] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1026.994357][T28373] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1027.030522][T28373] bridge_slave_1: entered allmulticast mode
[ 1027.054328][T28373] bridge_slave_1: entered promiscuous mode
[ 1027.178047][T28373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1027.242961][T28373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1027.432910][T28373] team0: Port device team_slave_0 added
[ 1027.472963][T28373] team0: Port device team_slave_1 added
[ 1027.729134][T28373] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1027.769068][T28373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1027.890369][T28373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1028.021492][ T5835] Bluetooth: hci1: command tx timeout
[ 1028.082152][T28373] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1028.110649][T28373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1028.227861][T28373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1028.537465][T28373] hsr_slave_0: entered promiscuous mode
[ 1028.562903][T28373] hsr_slave_1: entered promiscuous mode
[ 1028.606083][T28373] debugfs: 'hsr0' already exists in 'hsr'
[ 1028.631229][T28373] Cannot create hsr debugfs directory
[ 1028.654500][T16268] vlan0: left allmulticast mode
[ 1028.659388][T16268] veth0_vlan: left allmulticast mode
[ 1028.695257][T16268] vlan0: left promiscuous mode
[ 1028.730041][T16268] bridge0: port 3(vlan0) entered disabled state
[ 1028.809875][T16268] bridge_slave_1: left allmulticast mode
[ 1028.840316][T16268] bridge_slave_1: left promiscuous mode
[ 1028.851548][T16268] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1028.907260][T16268] bridge_slave_0: left allmulticast mode
[ 1028.930351][T16268] bridge_slave_0: left promiscuous mode
[ 1028.947699][T16268] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1029.402852][T28286] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1029.552181][T28286] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1029.744189][T28286] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1029.797738][T28286] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1030.103141][ T5835] Bluetooth: hci1: command tx timeout
[ 1030.401403][T16268] hsr_slave_0: left promiscuous mode
[ 1030.417335][T16268] hsr_slave_1: left promiscuous mode
[ 1030.436103][T16268] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1030.466943][T16268] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1030.494189][T16268] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1030.517734][T16268] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1030.553462][T16268] veth1_vlan: left promiscuous mode
[ 1030.573970][T16268] veth0_vlan: left promiscuous mode
[ 1031.087526][T16268] team0 (unregistering): Port device team_slave_1 removed
[ 1031.129768][T16268] team0 (unregistering): Port device team_slave_0 removed
[ 1031.683330][T28522] netlink: 330 bytes leftover after parsing attributes in process `syz.3.9926'.
[ 1031.717971][T28524] nbd: must specify at least one socket
[ 1031.807184][T28286] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1031.957866][T28286] 8021q: adding VLAN 0 to HW filter on device team0
[ 1032.080671][T16275] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1032.087839][T16275] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1032.252743][T16837] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1032.259912][T16837] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1032.756853][T28373] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1032.852259][T28373] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1032.940295][T28373] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1033.000062][T28373] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1033.326084][T28286] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1033.569982][T28373] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1033.636803][T28286] veth0_vlan: entered promiscuous mode
[ 1033.699494][T28373] 8021q: adding VLAN 0 to HW filter on device team0
[ 1033.740545][T28286] veth1_vlan: entered promiscuous mode
[ 1033.849395][T28286] veth0_macvtap: entered promiscuous mode
[ 1033.884661][ T58] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1033.891883][ T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1033.958177][T28286] veth1_macvtap: entered promiscuous mode
[ 1034.000954][T16837] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1034.008106][T16837] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1034.110951][T28286] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1034.174383][T28286] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1034.268840][ T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1034.297071][ T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1034.409336][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1034.508140][T28373] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1034.583392][T28373] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1034.651913][ T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1034.877823][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1034.927842][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1035.057437][T16268] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1035.110481][T16268] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1035.539171][T28373] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1036.142962][T28373] veth0_vlan: entered promiscuous mode
[ 1036.220844][T28373] veth1_vlan: entered promiscuous mode
[ 1036.358707][T28373] veth0_macvtap: entered promiscuous mode
[ 1036.415142][T28373] veth1_macvtap: entered promiscuous mode
[ 1036.532759][T28373] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1036.606160][T28373] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1036.695204][ T36] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1036.744209][ T36] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1036.814663][ T36] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1036.861874][ T36] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1037.288014][T16268] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1037.329198][T16268] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1037.362425][T28645] netlink: 326 bytes leftover after parsing attributes in process `syz.2.9952'.
[ 1037.631907][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1037.668995][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1038.043884][T28660] netlink: 334 bytes leftover after parsing attributes in process `syz.1.9893'.
[ 1040.050776][T28700] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l0
[ 1045.691003][T28763] netlink: 20 bytes leftover after parsing attributes in process `syz.2.9988'.
[ 1045.871725][T28767] vivid-007: ================= START STATUS =================
[ 1046.043287][T28767] vivid-007: Generate PTS: true
[ 1046.048646][T28767] vivid-007: Generate SCR: true
[ 1046.153167][T28767] tpg source WxH: 320x240 (Y'CbCr)
[ 1046.190391][T28767] tpg field: 1
[ 1046.255845][T28767] tpg crop: (0,0)/320x240
[ 1046.319493][T28767] tpg compose: (0,0)/320x240
[ 1046.387595][T28767] tpg colorspace: 8
[ 1046.455708][T28767] tpg transfer function: 0/0
[ 1046.545842][T28767] tpg Y'CbCr encoding: 0/0
[ 1046.571488][T28767] tpg quantization: 0/0
[ 1046.639171][T28767] tpg RGB range: 0/2
[ 1046.724304][T28767] vivid-007: ================== END STATUS ==================
[ 1050.093641][T28830] netlink: 342 bytes leftover after parsing attributes in process `syz.1.10012'.
[ 1050.505684][T28824] zswap: compressor not available
[ 1051.098192][T28842] vivid-007: ================= START STATUS =================
[ 1051.151602][T28842] vivid-007: Generate PTS: true
[ 1051.191583][T28842] vivid-007: Generate SCR: true
[ 1051.226551][T28842] tpg source WxH: 320x240 (Y'CbCr)
[ 1051.270042][T28842] tpg field: 1
[ 1051.305229][T28842] tpg crop: (0,0)/320x240
[ 1051.336277][T28842] tpg compose: (0,0)/320x240
[ 1051.414681][T28842] tpg colorspace: 8
[ 1051.482245][T28842] tpg transfer function: 0/0
[ 1051.519262][T28842] tpg Y'CbCr encoding: 0/0
[ 1051.544741][T28842] tpg quantization: 0/0
[ 1051.610423][T28842] tpg RGB range: 0/2
[ 1051.634375][T28842] vivid-007: ================== END STATUS ==================
[ 1053.669003][T28890] netlink: 218 bytes leftover after parsing attributes in process `syz.3.10027'.
[ 1054.587225][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.593669][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 1056.920425][T28930] netlink: 342 bytes leftover after parsing attributes in process `syz.3.10044'.
[ 1059.213962][T28957] RDS: rds_bind could not find a transport for ::ffff:172.30.1.3, load rds_tcp or rds_rdma?
[ 1061.412618][T28976] zswap: compressor not available
[ 1064.416439][T29023] netlink: 342 bytes leftover after parsing attributes in process `syz.3.10079'.
[ 1065.983930][T29051] RDS: rds_bind could not find a transport for ::ffff:172.30.1.2, load rds_tcp or rds_rdma?
[ 1067.516003][T29066] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10092'.
[ 1069.480159][T29082] netlink: 330 bytes leftover after parsing attributes in process `syz.1.10098'.
[ 1070.263570][T29090] nvme_fcloop: unknown parameter or missing value '7=";�&L=j�"Yq'R"'
[ 1072.475186][T29117] NFSD: Failed to start, no listeners configured.
[ 1078.945582][T29202] netlink: 350 bytes leftover after parsing attributes in process `syz.1.10142'.
[ 1080.106410][T29212] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1080.148502][T29212] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1080.197176][T29212] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1080.211259][ T5835] block nbd1: Receive control failed (result -32)
[ 1080.255639][T29212] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1080.293265][T29212] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1080.353922][T29212] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1080.427248][T29212] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1080.453499][T29212] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1080.499317][T29212] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1080.989775][T29236] netlink: 'syz.0.10152': attribute type 1 has an invalid length.
[ 1081.121771][T29237] FAULT_INJECTION: forcing a failure.
[ 1081.121771][T29237] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1081.263277][T29237] CPU: 0 UID: 0 PID: 29237 Comm: syz.1.10153 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1081.263323][T29237] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1081.263334][T29237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1081.263350][T29237] Call Trace:
[ 1081.263358][T29237]
[ 1081.263368][T29237] dump_stack_lvl+0x100/0x190
[ 1081.263412][T29237] should_fail_ex.cold+0x5/0xa
[ 1081.263437][T29237] ? prepare_alloc_pages+0x16d/0x5f0
[ 1081.263470][T29237] should_fail_alloc_page+0xeb/0x140
[ 1081.263498][T29237] prepare_alloc_pages+0x1f0/0x5f0
[ 1081.263527][T29237] ? find_held_lock+0x2b/0x80
[ 1081.263555][T29237] __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1081.263597][T29237] ? __kfree_rcu_sheaf+0x19a/0x720
[ 1081.263620][T29237] ? mas_ascend+0x53d/0xb30
[ 1081.263659][T29237] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1081.263704][T29237] ? mas_next_node+0x7f8/0xf30
[ 1081.263737][T29237] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1081.263790][T29237] ? mt_validate_nulls+0x1b3/0x9c0
[ 1081.263833][T29237] ? __pfx_mt_validate_nulls+0x10/0x10
[ 1081.263877][T29237] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1081.263921][T29237] ? policy_nodemask+0xed/0x4f0
[ 1081.263949][T29237] alloc_pages_mpol+0x1fb/0x550
[ 1081.263978][T29237] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1081.264004][T29237] ? __lock_acquire+0x4a5/0x2630
[ 1081.264040][T29237] folio_alloc_mpol_noprof+0x36/0x340
[ 1081.264073][T29237] alloc_migration_target_by_mpol+0x2c1/0x650
[ 1081.264109][T29237] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[ 1081.264143][T29237] ? __pfx___might_resched+0x10/0x10
[ 1081.264180][T29237] ? is_bpf_text_address+0x8a/0x1a0
[ 1081.264224][T29237] migrate_pages_batch+0x4f2/0x4530
[ 1081.264254][T29237] ? core_kernel_text+0x60/0xb0
[ 1081.264290][T29237] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[ 1081.264324][T29237] ? arch_stack_walk+0xa6/0xf0
[ 1081.264356][T29237] ? __pfx_migrate_pages_batch+0x10/0x10
[ 1081.264389][T29237] ? __pfx_stack_trace_save+0x10/0x10
[ 1081.264414][T29237] ? stack_depot_save_flags+0x27/0x9d0
[ 1081.264447][T29237] ? __split_vma+0x392/0xd90
[ 1081.264484][T29237] ? kasan_save_stack+0x3f/0x50
[ 1081.264521][T29237] ? kasan_save_stack+0x30/0x50
[ 1081.264558][T29237] ? kasan_save_track+0x14/0x30
[ 1081.264596][T29237] ? __kasan_slab_alloc+0x89/0x90
[ 1081.264618][T29237] ? kmem_cache_alloc_noprof+0x241/0x6e0
[ 1081.264655][T29237] ? __mpol_dup+0x74/0x370
[ 1081.264682][T29237] ? mbind_range+0x2ad/0x550
[ 1081.264714][T29237] migrate_pages_sync+0x12c/0x880
[ 1081.264745][T29237] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[ 1081.264792][T29237] ? __pfx_migrate_pages_sync+0x10/0x10
[ 1081.264826][T29237] ? __lock_acquire+0x4a5/0x2630
[ 1081.264864][T29237] migrate_pages+0x1aae/0x28a0
[ 1081.264899][T29237] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10
[ 1081.264939][T29237] ? __pfx_migrate_pages+0x10/0x10
[ 1081.264973][T29237] ? find_held_lock+0x2b/0x80
[ 1081.264996][T29237] ? do_mbind+0x557/0xfd0
[ 1081.265031][T29237] ? up_write+0x290/0x4f0
[ 1081.265068][T29237] do_mbind+0x5a6/0xfd0
[ 1081.265107][T29237] ? __pfx_do_mbind+0x10/0x10
[ 1081.265137][T29237] ? ksys_write+0x190/0x250
[ 1081.265159][T29237] ? ksys_write+0x190/0x250
[ 1081.265193][T29237] ? __pfx_get_nodes+0x10/0x10
[ 1081.265240][T29237] kernel_mbind+0x1b7/0x200
[ 1081.265273][T29237] ? __pfx_kernel_mbind+0x10/0x10
[ 1081.265312][T29237] do_syscall_64+0x106/0xf80
[ 1081.265348][T29237] ? clear_bhb_loop+0x40/0x90
[ 1081.265378][T29237] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1081.265404][T29237] RIP: 0033:0x7f353039c799
[ 1081.265425][T29237] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1081.265449][T29237] RSP: 002b:00007f3531217028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[ 1081.265473][T29237] RAX: ffffffffffffffda RBX: 00007f3530616090 RCX: 00007f353039c799
[ 1081.265489][T29237] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000
[ 1081.265508][T29237] RBP: 00007f3530432c99 R08: 0000002000000006 R09: 0000000000000002
[ 1081.265523][T29237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1081.265539][T29237] R13: 00007f3530616128 R14: 00007f3530616090 R15: 00007fffe3ec3d98
[ 1081.265569][T29237]
[ 1082.540609][ T5835] Bluetooth: hci3: command 0x0406 tx timeout
[ 1082.546663][ T5835] Bluetooth: hci2: command 0x0406 tx timeout
[ 1082.556009][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1082.562367][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1084.580398][T28287] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1084.586515][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1084.592834][ T5835] Bluetooth: hci2: command 0x0406 tx timeout
[ 1085.292856][T29272] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10164'.
[ 1086.275936][T29284] netlink: 'syz.1.10170': attribute type 64 has an invalid length.
[ 1086.304391][T29285] netlink: 346 bytes leftover after parsing attributes in process `syz.3.10171'.
[ 1086.350444][T29284] netlink: 74 bytes leftover after parsing attributes in process `syz.1.10170'.
[ 1086.660321][T29266] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1086.666464][T20611] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1087.157238][T29297] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10176'.
[ 1087.228138][T29297] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10176'.
[ 1089.162617][T29323] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1089.201162][T29323] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1089.250722][T29323] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1089.288383][T29323] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1090.820541][T29266] Bluetooth: hci3: command 0x0406 tx timeout
[ 1091.111913][T29354] netlink: 'syz.3.10191': attribute type 1 has an invalid length.
[ 1091.220956][T29266] Bluetooth: hci2: command 0x0406 tx timeout
[ 1091.300330][T29266] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1091.306396][T20611] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1093.629848][T29391] random: crng reseeded on system resumption
[ 1093.947726][T29400] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10208'.
[ 1100.873584][T29481] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10235'.
[ 1102.651638][T29505] netlink: 330 bytes leftover after parsing attributes in process `syz.0.10244'.
[ 1102.764527][T29507] Unable to find swap-space signature
[ 1104.086436][T29514] zswap: compressor not available
[ 1105.574168][T29534] FAULT_INJECTION: forcing a failure.
[ 1105.574168][T29534] name failslab, interval 1, probability 0, space 0, times 0
[ 1105.680988][T29534] CPU: 0 UID: 0 PID: 29534 Comm: syz.2.10253 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1105.681045][T29534] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1105.681061][T29534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1105.681080][T29534] Call Trace:
[ 1105.681088][T29534]
[ 1105.681097][T29534] dump_stack_lvl+0x100/0x190
[ 1105.681141][T29534] should_fail_ex.cold+0x5/0xa
[ 1105.681170][T29534] should_failslab+0xc2/0x120
[ 1105.681196][T29534] __kmalloc_cache_noprof+0x7a/0x6f0
[ 1105.681230][T29534] ? apply_wqattrs_prepare+0x136/0xbb0
[ 1105.681261][T29534] apply_wqattrs_prepare+0x136/0xbb0
[ 1105.681286][T29534] ? __alloc_workqueue+0x901/0x1880
[ 1105.681324][T29534] apply_workqueue_attrs_locked+0x64/0xe0
[ 1105.681351][T29534] __alloc_workqueue+0xe25/0x1880
[ 1105.681386][T29534] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1105.681423][T29534] alloc_workqueue_noprof+0xd2/0x200
[ 1105.681453][T29534] ? __pfx_alloc_workqueue_noprof+0x10/0x10
[ 1105.681491][T29534] ? __pfx___debug_object_init+0x10/0x10
[ 1105.681541][T29534] nci_register_device+0x21e/0xb80
[ 1105.681637][T29534] ? __pfx_nci_register_device+0x10/0x10
[ 1105.681668][T29534] ? lockdep_init_map_type+0x5c/0x250
[ 1105.681713][T29534] virtual_ncidev_open+0x141/0x220
[ 1105.681780][T29534] ? __pfx_virtual_ncidev_open+0x10/0x10
[ 1105.681814][T29534] misc_open+0x26d/0x450
[ 1105.681844][T29534] ? __pfx_misc_open+0x10/0x10
[ 1105.681870][T29534] chrdev_open+0x234/0x6a0
[ 1105.681895][T29534] ? __pfx_apparmor_file_open+0x10/0x10
[ 1105.681937][T29534] ? __pfx_chrdev_open+0x10/0x10
[ 1105.681965][T29534] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1105.681999][T29534] do_dentry_open+0x6d8/0x1660
[ 1105.682023][T29534] ? __pfx_chrdev_open+0x10/0x10
[ 1105.682056][T29534] vfs_open+0x82/0x3f0
[ 1105.682091][T29534] path_openat+0x208c/0x31a0
[ 1105.682126][T29534] ? __pfx_path_openat+0x10/0x10
[ 1105.682163][T29534] do_file_open+0x20e/0x430
[ 1105.682190][T29534] ? __pfx_do_file_open+0x10/0x10
[ 1105.682237][T29534] ? alloc_fd+0x476/0x790
[ 1105.682264][T29534] ? do_getname+0x191/0x390
[ 1105.682297][T29534] do_sys_openat2+0x10d/0x1e0
[ 1105.682331][T29534] ? __pfx_do_sys_openat2+0x10/0x10
[ 1105.682366][T29534] ? __fget_files+0x21f/0x3d0
[ 1105.682395][T29534] __x64_sys_openat+0x12d/0x210
[ 1105.682429][T29534] ? __pfx___x64_sys_openat+0x10/0x10
[ 1105.682474][T29534] do_syscall_64+0x106/0xf80
[ 1105.682509][T29534] ? clear_bhb_loop+0x40/0x90
[ 1105.682540][T29534] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1105.682566][T29534] RIP: 0033:0x7f750db9c799
[ 1105.682587][T29534] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1105.682611][T29534] RSP: 002b:00007f750ea4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1105.682635][T29534] RAX: ffffffffffffffda RBX: 00007f750de15fa0 RCX: 00007f750db9c799
[ 1105.682651][T29534] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1105.682667][T29534] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1105.682682][T29534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1105.682702][T29534] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1105.682734][T29534]
[ 1106.247901][T29543] netlink: 'syz.3.10259': attribute type 15 has an invalid length.
[ 1106.255933][T29543] netlink: 186 bytes leftover after parsing attributes in process `syz.3.10259'.
[ 1108.118953][ C0] sd 0:0:1:0: [sda] tag#1791 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[ 1108.129521][ C0] sd 0:0:1:0: [sda] tag#1791 CDB: Read(6) 08 00 00 00 10 00 00 00 00 00 00 00
[ 1108.296557][T29580] net_ratelimit: 4 callbacks suppressed
[ 1108.296577][T29580] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[ 1108.408272][T29580] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[ 1109.427243][T29595] FAULT_INJECTION: forcing a failure.
[ 1109.427243][T29595] name failslab, interval 1, probability 0, space 0, times 0
[ 1109.528120][T29595] CPU: 0 UID: 0 PID: 29595 Comm: syz.2.10276 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1109.528166][T29595] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1109.528178][T29595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1109.528193][T29595] Call Trace:
[ 1109.528201][T29595]
[ 1109.528212][T29595] dump_stack_lvl+0x100/0x190
[ 1109.528254][T29595] should_fail_ex.cold+0x5/0xa
[ 1109.528283][T29595] should_failslab+0xc2/0x120
[ 1109.528309][T29595] kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1109.528347][T29595] ? __kernfs_new_node+0xd2/0x960
[ 1109.528389][T29595] __kernfs_new_node+0xd2/0x960
[ 1109.528428][T29595] ? __pfx___kernfs_new_node+0x10/0x10
[ 1109.528471][T29595] ? find_held_lock+0x2b/0x80
[ 1109.528494][T29595] ? kernfs_root+0xee/0x2a0
[ 1109.528528][T29595] ? kernfs_root+0xee/0x2a0
[ 1109.528569][T29595] kernfs_new_node+0x11b/0x1a0
[ 1109.528614][T29595] __kernfs_create_file+0x53/0x350
[ 1109.528646][T29595] sysfs_add_file_mode_ns+0x207/0x3c0
[ 1109.528687][T29595] sysfs_merge_group+0x194/0x340
[ 1109.528725][T29595] ? __pfx_sysfs_merge_group+0x10/0x10
[ 1109.528766][T29595] ? __pfx_dev_add_physical_location+0x10/0x10
[ 1109.528886][T29595] ? bus_to_subsys+0x114/0x150
[ 1109.528924][T29595] dpm_sysfs_add+0x237/0x280
[ 1109.528969][T29595] device_add+0x9ef/0x1950
[ 1109.529001][T29595] ? __pfx_device_add+0x10/0x10
[ 1109.529029][T29595] ? lockdep_init_map_type+0x5c/0x250
[ 1109.529063][T29595] ? __init_waitqueue_head+0xca/0x150
[ 1109.529131][T29595] rfkill_register+0x1ad/0xb30
[ 1109.529164][T29595] nfc_register_device+0x11f/0x3e0
[ 1109.529226][T29595] nci_register_device+0x7f1/0xb80
[ 1109.529256][T29595] ? __pfx_nci_register_device+0x10/0x10
[ 1109.529288][T29595] ? lockdep_init_map_type+0x5c/0x250
[ 1109.529327][T29595] virtual_ncidev_open+0x141/0x220
[ 1109.529366][T29595] ? __pfx_virtual_ncidev_open+0x10/0x10
[ 1109.529399][T29595] misc_open+0x26d/0x450
[ 1109.529427][T29595] ? __pfx_misc_open+0x10/0x10
[ 1109.529453][T29595] chrdev_open+0x234/0x6a0
[ 1109.529478][T29595] ? __pfx_apparmor_file_open+0x10/0x10
[ 1109.529520][T29595] ? __pfx_chrdev_open+0x10/0x10
[ 1109.529547][T29595] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1109.529581][T29595] do_dentry_open+0x6d8/0x1660
[ 1109.529606][T29595] ? __pfx_chrdev_open+0x10/0x10
[ 1109.529638][T29595] vfs_open+0x82/0x3f0
[ 1109.529675][T29595] path_openat+0x208c/0x31a0
[ 1109.529711][T29595] ? __pfx_path_openat+0x10/0x10
[ 1109.529748][T29595] do_file_open+0x20e/0x430
[ 1109.529776][T29595] ? __pfx_do_file_open+0x10/0x10
[ 1109.529825][T29595] ? alloc_fd+0x476/0x790
[ 1109.529858][T29595] ? do_getname+0x191/0x390
[ 1109.529893][T29595] do_sys_openat2+0x10d/0x1e0
[ 1109.529926][T29595] ? __pfx_do_sys_openat2+0x10/0x10
[ 1109.529962][T29595] ? __fget_files+0x21f/0x3d0
[ 1109.529991][T29595] __x64_sys_openat+0x12d/0x210
[ 1109.530026][T29595] ? __pfx___x64_sys_openat+0x10/0x10
[ 1109.530072][T29595] do_syscall_64+0x106/0xf80
[ 1109.530107][T29595] ? clear_bhb_loop+0x40/0x90
[ 1109.530138][T29595] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1109.530164][T29595] RIP: 0033:0x7f750db9c799
[ 1109.530185][T29595] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1109.530210][T29595] RSP: 002b:00007f750ea4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1109.530234][T29595] RAX: ffffffffffffffda RBX: 00007f750de15fa0 RCX: 00007f750db9c799
[ 1109.530250][T29595] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1109.530266][T29595] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1109.530282][T29595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1109.530297][T29595] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1109.530329][T29595]
[ 1111.954800][T29618] netlink: 350 bytes leftover after parsing attributes in process `syz.1.10285'.
[ 1112.437007][T29627] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1112.875606][T29624] FAULT_INJECTION: forcing a failure.
[ 1112.875606][T29624] name failslab, interval 1, probability 0, space 0, times 0
[ 1112.961516][T29624] CPU: 0 UID: 0 PID: 29624 Comm: syz.1.10288 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1112.961563][T29624] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1112.961574][T29624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1112.961590][T29624] Call Trace:
[ 1112.961598][T29624]
[ 1112.961609][T29624] dump_stack_lvl+0x100/0x190
[ 1112.961653][T29624] should_fail_ex.cold+0x5/0xa
[ 1112.961681][T29624] should_failslab+0xc2/0x120
[ 1112.961708][T29624] kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1112.961746][T29624] ? __anon_vma_prepare+0xae/0x5e0
[ 1112.961786][T29624] __anon_vma_prepare+0xae/0x5e0
[ 1112.961819][T29624] ? __filemap_get_folio_mpol+0x3ba/0xe70
[ 1112.961865][T29624] __vmf_anon_prepare+0x11f/0x250
[ 1112.961895][T29624] hugetlb_no_page+0xe28/0x1970
[ 1112.961936][T29624] hugetlb_fault+0x5df/0x1450
[ 1112.961980][T29624] ? __pfx_hugetlb_fault+0x10/0x10
[ 1112.962023][T29624] ? find_vma+0xbf/0x140
[ 1112.962045][T29624] ? __pfx_find_vma+0x10/0x10
[ 1112.962072][T29624] handle_mm_fault+0x5f1/0xa20
[ 1112.962112][T29624] do_user_addr_fault+0x74c/0x12f0
[ 1112.962163][T29624] exc_page_fault+0x6f/0xd0
[ 1112.962200][T29624] asm_exc_page_fault+0x26/0x30
[ 1112.962225][T29624] RIP: 0010:strncpy_from_user+0xfd/0x2d0
[ 1112.962254][T29624] Code: 00 4d 89 64 1d 00 48 83 ed 08 bf 07 00 00 00 48 83 c3 08 48 89 ee e8 72 c9 df fc 48 83 fd 07 0f 86 bb 00 00 00 e8 83 ce df fc <4d> 8b 24 1e e8 7a ce df fc 4c 89 e2 31 ff 4d 8d 7c 1d 00 48 b8 ff
[ 1112.962278][T29624] RSP: 0018:ffffc9000338fe88 EFLAGS: 00050283
[ 1112.962298][T29624] RAX: 0000000000000025 RBX: 0000000000000000 RCX: ffffc90005a22000
[ 1112.962314][T29624] RDX: 0000000000080000 RSI: ffffffff852849dd RDI: ffff888033bbdb80
[ 1112.962330][T29624] RBP: 00000000000000fa R08: 0000000000000007 R09: 0000000000000007
[ 1112.962346][T29624] R10: 00000000000000fa R11: 0000000000000000 R12: ffff88806333a200
[ 1112.962361][T29624] R13: ffff88806333a206 R14: 0000000000000000 R15: 00000000000000fa
[ 1112.962385][T29624] ? strncpy_from_user+0xfd/0x2d0
[ 1112.962415][T29624] ? strncpy_from_user+0xfd/0x2d0
[ 1112.962444][T29624] __do_sys_memfd_create+0x1a7/0x3d0
[ 1112.962483][T29624] do_syscall_64+0x106/0xf80
[ 1112.962518][T29624] ? clear_bhb_loop+0x40/0x90
[ 1112.962548][T29624] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1112.962574][T29624] RIP: 0033:0x7f353039c799
[ 1112.962593][T29624] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1112.962617][T29624] RSP: 002b:00007f3531238028 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 1112.962639][T29624] RAX: ffffffffffffffda RBX: 00007f3530615fa0 RCX: 00007f353039c799
[ 1112.962656][T29624] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1112.962670][T29624] RBP: 00007f3530432c99 R08: 0000000000000000 R09: 0000000000000000
[ 1112.962685][T29624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1112.962700][T29624] R13: 00007f3530616038 R14: 00007f3530615fa0 R15: 00007fffe3ec3d98
[ 1112.962731][T29624]
[ 1113.918742][T29634] netlink: 20 bytes leftover after parsing attributes in process `syz.2.10291'.
[ 1115.476509][T29648] netlink: 326 bytes leftover after parsing attributes in process `syz.3.10296'.
[ 1116.010785][T29658] netlink: 334 bytes leftover after parsing attributes in process `syz.3.10300'.
[ 1116.027006][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.034946][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 1118.521226][T29689] FAULT_INJECTION: forcing a failure.
[ 1118.521226][T29689] name failslab, interval 1, probability 0, space 0, times 0
[ 1118.645092][T29689] CPU: 0 UID: 0 PID: 29689 Comm: syz.2.10310 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1118.645139][T29689] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1118.645151][T29689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1118.645167][T29689] Call Trace:
[ 1118.645175][T29689]
[ 1118.645184][T29689] dump_stack_lvl+0x100/0x190
[ 1118.645227][T29689] should_fail_ex.cold+0x5/0xa
[ 1118.645255][T29689] should_failslab+0xc2/0x120
[ 1118.645281][T29689] __kmalloc_node_track_caller_noprof+0xe3/0x850
[ 1118.645324][T29689] ? snd_pcm_hw_rule_add+0x3b3/0x510
[ 1118.645414][T29689] ? kfree+0x2ec/0x6b0
[ 1118.645450][T29689] krealloc_node_align_noprof+0xfb/0x3e0
[ 1118.645491][T29689] ? __split_page_owner+0x1f9/0x350
[ 1118.645519][T29689] snd_pcm_hw_rule_add+0x3b3/0x510
[ 1118.645553][T29689] ? __pfx_snd_pcm_hw_rule_muldivk+0x10/0x10
[ 1118.645617][T29689] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[ 1118.645641][T29689] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[ 1118.645669][T29689] ? mutex_init_lockep+0x110/0x150
[ 1118.645706][T29689] ? snd_pcm_attach_substream+0x29b/0xd60
[ 1118.645748][T29689] snd_pcm_open_substream+0x942/0x1850
[ 1118.645787][T29689] ? __pfx_snd_pcm_open_substream+0x10/0x10
[ 1118.645831][T29689] snd_pcm_oss_open+0x735/0x1390
[ 1118.645870][T29689] ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1118.645899][T29689] ? __lock_acquire+0x4a5/0x2630
[ 1118.645931][T29689] ? __pfx_default_wake_function+0x10/0x10
[ 1118.645959][T29689] ? __lock_acquire+0x4a5/0x2630
[ 1118.645997][T29689] ? do_raw_spin_lock+0x128/0x260
[ 1118.646036][T29689] ? soundcore_open+0x231/0x5a0
[ 1118.646063][T29689] ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1118.646092][T29689] soundcore_open+0x2e3/0x5a0
[ 1118.646118][T29689] ? __pfx_soundcore_open+0x10/0x10
[ 1118.646142][T29689] chrdev_open+0x234/0x6a0
[ 1118.646166][T29689] ? __pfx_apparmor_file_open+0x10/0x10
[ 1118.646209][T29689] ? __pfx_chrdev_open+0x10/0x10
[ 1118.646236][T29689] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1118.646269][T29689] do_dentry_open+0x6d8/0x1660
[ 1118.646293][T29689] ? __pfx_chrdev_open+0x10/0x10
[ 1118.646325][T29689] vfs_open+0x82/0x3f0
[ 1118.646360][T29689] path_openat+0x208c/0x31a0
[ 1118.646395][T29689] ? __pfx_path_openat+0x10/0x10
[ 1118.646432][T29689] do_file_open+0x20e/0x430
[ 1118.646460][T29689] ? __pfx_do_file_open+0x10/0x10
[ 1118.646506][T29689] ? alloc_fd+0x476/0x790
[ 1118.646540][T29689] ? do_getname+0x191/0x390
[ 1118.646575][T29689] do_sys_openat2+0x10d/0x1e0
[ 1118.646608][T29689] ? __pfx_do_sys_openat2+0x10/0x10
[ 1118.646644][T29689] ? __fget_files+0x21f/0x3d0
[ 1118.646673][T29689] __x64_sys_openat+0x12d/0x210
[ 1118.646708][T29689] ? __pfx___x64_sys_openat+0x10/0x10
[ 1118.646753][T29689] do_syscall_64+0x106/0xf80
[ 1118.646789][T29689] ? clear_bhb_loop+0x40/0x90
[ 1118.646819][T29689] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1118.646845][T29689] RIP: 0033:0x7f750db9c799
[ 1118.646867][T29689] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1118.646892][T29689] RSP: 002b:00007f750ea4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1118.646917][T29689] RAX: ffffffffffffffda RBX: 00007f750de15fa0 RCX: 00007f750db9c799
[ 1118.646933][T29689] RDX: 0000000000020342 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 1118.646950][T29689] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1118.646965][T29689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1118.646980][T29689] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1118.647012][T29689]
[ 1120.923811][T29715] netlink: 354 bytes leftover after parsing attributes in process `syz.1.10321'.
[ 1123.822502][T29754] sg_write: data in/out 4060/39 bytes for SCSI command 0x0-- guessing data in;
[ 1123.822502][T29754] program syz.0.10335 not setting count and/or reply_len properly
[ 1124.916957][T29767] netlink: 74 bytes leftover after parsing attributes in process `syz.2.10341'.
[ 1126.313895][T29790] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1126.346455][T29790] block nbd2: shutting down sockets
[ 1128.663978][T29821] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10362'.
[ 1130.828367][T29849] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10374'.
[ 1131.010606][T29849] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1131.103730][T29849] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1131.247339][T29849] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1131.340403][T29849] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1133.814187][T29897] netlink: 206 bytes leftover after parsing attributes in process `syz.3.10387'.
[ 1136.143573][T29929] FAULT_INJECTION: forcing a failure.
[ 1136.143573][T29929] name failslab, interval 1, probability 0, space 0, times 0
[ 1136.227297][T29929] CPU: 0 UID: 0 PID: 29929 Comm: syz.2.10396 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1136.227343][T29929] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1136.227355][T29929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1136.227371][T29929] Call Trace:
[ 1136.227378][T29929]
[ 1136.227388][T29929] dump_stack_lvl+0x100/0x190
[ 1136.227431][T29929] should_fail_ex.cold+0x5/0xa
[ 1136.227459][T29929] ? __vb2_queue_alloc+0x23e/0x1160
[ 1136.227486][T29929] should_failslab+0xc2/0x120
[ 1136.227512][T29929] __kmalloc_noprof+0xe0/0x850
[ 1136.227549][T29929] ? bitmap_find_next_zero_area_off+0xb4/0xd0
[ 1136.227664][T29929] __vb2_queue_alloc+0x23e/0x1160
[ 1136.227706][T29929] vb2_core_reqbufs+0x899/0xf30
[ 1136.227738][T29929] ? __pfx_vb2_core_reqbufs+0x10/0x10
[ 1136.227781][T29929] __vb2_init_fileio+0x32d/0x1000
[ 1136.227808][T29929] ? lockdep_hardirqs_on+0x78/0x100
[ 1136.227846][T29929] ? __pollwait+0x276/0x470
[ 1136.227888][T29929] vb2_core_poll+0x611/0x740
[ 1136.227916][T29929] vb2_poll+0x4b/0xe0
[ 1136.227956][T29929] vb2_fop_poll+0x10e/0x350
[ 1136.227981][T29929] ? __pfx_vb2_fop_poll+0x10/0x10
[ 1136.228022][T29929] v4l2_poll+0x15f/0x220
[ 1136.228061][T29929] ? __pfx_v4l2_poll+0x10/0x10
[ 1136.228098][T29929] do_sys_poll+0x6e5/0xeb0
[ 1136.228148][T29929] ? __pfx_do_sys_poll+0x10/0x10
[ 1136.228212][T29929] ? __futex_wait+0x256/0x300
[ 1136.228253][T29929] ? __pfx___pollwait+0x10/0x10
[ 1136.228294][T29929] ? __pfx_pollwake+0x10/0x10
[ 1136.228376][T29929] ? ktime_get_ts64+0x2d2/0x3f0
[ 1136.228403][T29929] ? read_tsc+0x9/0x20
[ 1136.228431][T29929] ? ktime_get_ts64+0x256/0x3f0
[ 1136.228460][T29929] ? poll_select_set_timeout+0xcc/0x160
[ 1136.228518][T29929] ? __x64_sys_futex+0x358/0x4d0
[ 1136.228554][T29929] __x64_sys_poll+0x1b3/0x420
[ 1136.228585][T29929] ? __pfx___x64_sys_poll+0x10/0x10
[ 1136.228618][T29929] do_syscall_64+0x106/0xf80
[ 1136.228653][T29929] ? clear_bhb_loop+0x40/0x90
[ 1136.228684][T29929] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1136.228710][T29929] RIP: 0033:0x7f750db9c799
[ 1136.228730][T29929] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1136.228764][T29929] RSP: 002b:00007f750ea4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[ 1136.228788][T29929] RAX: ffffffffffffffda RBX: 00007f750de15fa0 RCX: 00007f750db9c799
[ 1136.228813][T29929] RDX: 0000000000000008 RSI: 0000000000000003 RDI: 0000200000000480
[ 1136.228828][T29929] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1136.228843][T29929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1136.228858][T29929] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1136.228896][T29929]
[ 1142.232271][T29991] netlink: 342 bytes leftover after parsing attributes in process `syz.3.10418'.
[ 1142.544290][ T30] audit: type=1326 audit(4294967936.677:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29992 comm="syz.2.10419" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f750db9c799 code=0x0
[ 1142.615659][T29996] FAULT_INJECTION: forcing a failure.
[ 1142.615659][T29996] name failslab, interval 1, probability 0, space 0, times 0
[ 1142.693361][T29996] CPU: 0 UID: 0 PID: 29996 Comm: syz.1.10420 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1142.693412][T29996] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1142.693425][T29996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1142.693440][T29996] Call Trace:
[ 1142.693448][T29996]
[ 1142.693458][T29996] dump_stack_lvl+0x100/0x190
[ 1142.693500][T29996] should_fail_ex.cold+0x5/0xa
[ 1142.693527][T29996] ? lsm_blob_alloc+0x68/0x90
[ 1142.693562][T29996] should_failslab+0xc2/0x120
[ 1142.693588][T29996] __kmalloc_noprof+0xe0/0x850
[ 1142.693625][T29996] ? trace_kmem_cache_alloc+0xf3/0x120
[ 1142.693657][T29996] lsm_blob_alloc+0x68/0x90
[ 1142.693691][T29996] security_prepare_creds+0x2d/0x290
[ 1142.693726][T29996] prepare_creds+0x5d6/0x950
[ 1142.693766][T29996] __do_sys_capset+0x270/0x460
[ 1142.693790][T29996] ? __pfx___do_sys_capset+0x10/0x10
[ 1142.693816][T29996] ? __x64_sys_futex+0x358/0x4d0
[ 1142.693850][T29996] ? __pfx_ksys_mmap_pgoff+0x10/0x10
[ 1142.693880][T29996] ? xfd_validate_state+0x129/0x190
[ 1142.693927][T29996] do_syscall_64+0x106/0xf80
[ 1142.693962][T29996] ? clear_bhb_loop+0x40/0x90
[ 1142.693992][T29996] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1142.694018][T29996] RIP: 0033:0x7f353039c799
[ 1142.694038][T29996] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1142.694063][T29996] RSP: 002b:00007f3531238028 EFLAGS: 00000246 ORIG_RAX: 000000000000007e
[ 1142.694086][T29996] RAX: ffffffffffffffda RBX: 00007f3530615fa0 RCX: 00007f353039c799
[ 1142.694102][T29996] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000200
[ 1142.694117][T29996] RBP: 00007f3530432c99 R08: 0000000000000000 R09: 0000000000000000
[ 1142.694131][T29996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1142.694146][T29996] R13: 00007f3530616038 R14: 00007f3530615fa0 R15: 00007fffe3ec3d98
[ 1142.694177][T29996]
[ 1143.392050][T30008] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10425'.
[ 1143.466087][T30011] netlink: 354 bytes leftover after parsing attributes in process `syz.3.10425'.
[ 1145.489971][T30039] netlink: 342 bytes leftover after parsing attributes in process `syz.1.10436'.
[ 1146.584001][T30046] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10438'.
[ 1147.062802][T30048] HfR: entered promiscuous mode
[ 1147.122525][T30048] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10439'.
[ 1147.177830][T30048] HfR: left promiscuous mode
[ 1147.978492][T30061] netlink: 338 bytes leftover after parsing attributes in process `syz.1.10445'.
[ 1151.507372][ T30] audit: type=1804 audit(4294967945.637:35): pid=30111 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.10463" name="/newroot/133/file0" dev="tmpfs" ino=696 res=1 errno=0
[ 1151.662436][ T30] audit: type=1804 audit(4294967945.737:36): pid=30112 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.10463" name="/newroot/133/file0" dev="tmpfs" ino=696 res=1 errno=0
[ 1155.656595][T30178] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10489'.
[ 1156.398575][T30189] netlink: 'syz.3.10493': attribute type 27 has an invalid length.
[ 1156.441484][T30189] netlink: 334 bytes leftover after parsing attributes in process `syz.3.10493'.
[ 1158.783588][T30216] FAULT_INJECTION: forcing a failure.
[ 1158.783588][T30216] name failslab, interval 1, probability 0, space 0, times 0
[ 1158.884821][T30216] CPU: 0 UID: 0 PID: 30216 Comm: syz.2.10501 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1158.884867][T30216] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1158.884879][T30216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1158.884894][T30216] Call Trace:
[ 1158.884902][T30216]
[ 1158.884911][T30216] dump_stack_lvl+0x100/0x190
[ 1158.884961][T30216] should_fail_ex.cold+0x5/0xa
[ 1158.884990][T30216] should_failslab+0xc2/0x120
[ 1158.885016][T30216] kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1158.885054][T30216] ? security_file_alloc+0x34/0x2c0
[ 1158.885085][T30216] ? trace_kmem_cache_alloc+0xf3/0x120
[ 1158.885116][T30216] security_file_alloc+0x34/0x2c0
[ 1158.885147][T30216] init_file+0x95/0x480
[ 1158.885177][T30216] alloc_empty_file+0x73/0x1c0
[ 1158.885209][T30216] alloc_file_pseudo+0x13a/0x230
[ 1158.885242][T30216] ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1158.885274][T30216] ? tipc_sk_finish_conn+0x600/0x7a0
[ 1158.885403][T30216] sock_alloc_file+0x50/0x210
[ 1158.885468][T30216] __sys_socketpair+0x321/0x5b0
[ 1158.885500][T30216] ? __pfx___sys_socketpair+0x10/0x10
[ 1158.885527][T30216] ? __pfx_ksys_mmap_pgoff+0x10/0x10
[ 1158.885554][T30216] ? xfd_validate_state+0x129/0x190
[ 1158.885598][T30216] __x64_sys_socketpair+0x96/0x100
[ 1158.885626][T30216] ? lockdep_hardirqs_on+0x78/0x100
[ 1158.885662][T30216] do_syscall_64+0x106/0xf80
[ 1158.885696][T30216] ? clear_bhb_loop+0x40/0x90
[ 1158.885727][T30216] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1158.885752][T30216] RIP: 0033:0x7f750db9c799
[ 1158.885772][T30216] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1158.885796][T30216] RSP: 002b:00007f750ea4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[ 1158.885820][T30216] RAX: ffffffffffffffda RBX: 00007f750de15fa0 RCX: 00007f750db9c799
[ 1158.885837][T30216] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
[ 1158.885852][T30216] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1158.885867][T30216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1158.885882][T30216] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1158.885913][T30216]
[ 1163.753030][T30298] UHID_CREATE from different security context by process 402 (syz.2.10533), this is not allowed.
[ 1164.509926][T30314] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10540'.
[ 1165.384691][T30319] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1165.425871][T30319] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1165.452950][T30319] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1165.487026][T30319] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1167.231121][T29266] Bluetooth: hci3: command 0x0406 tx timeout
[ 1167.472012][T29266] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1167.478129][T29266] Bluetooth: hci2: command 0x0406 tx timeout
[ 1167.540276][T29266] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1168.699619][T30376] netlink: 342 bytes leftover after parsing attributes in process `syz.3.10562'.
[ 1168.837311][T30367] phram: parameter too long
[ 1171.989266][T30425] netlink: 350 bytes leftover after parsing attributes in process `syz.3.10580'.
[ 1172.337130][T30430] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10581'.
[ 1172.430420][T30430] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1172.438466][T30430] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1172.446218][T30430] IPv6: NLM_F_CREATE should be set when creating new route
[ 1172.453506][T30430] IPv6: NLM_F_CREATE should be set when creating new route
[ 1172.662702][T30434] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10581'.
[ 1172.722875][T30434] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1173.141195][T30440] netlink: 130 bytes leftover after parsing attributes in process `syz.0.10586'.
[ 1173.461934][T30444] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10589'.
[ 1173.524973][T30444] netlink: 'syz.0.10589': attribute type 7 has an invalid length.
[ 1174.685688][T30467] netlink: 16 bytes leftover after parsing attributes in process `syz.0.10597'.
[ 1175.048775][T30473] netlink: 342 bytes leftover after parsing attributes in process `syz.0.10599'.
[ 1175.628853][T30484] netlink: 334 bytes leftover after parsing attributes in process `syz.3.10601'.
[ 1177.493312][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.500360][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 1181.013758][T30533] FAULT_INJECTION: forcing a failure.
[ 1181.013758][T30533] name failslab, interval 1, probability 0, space 0, times 0
[ 1181.119243][T30533] CPU: 0 UID: 0 PID: 30533 Comm: syz.2.10619 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1181.119289][T30533] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1181.119301][T30533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1181.119319][T30533] Call Trace:
[ 1181.119326][T30533]
[ 1181.119335][T30533] dump_stack_lvl+0x100/0x190
[ 1181.119377][T30533] should_fail_ex.cold+0x5/0xa
[ 1181.119406][T30533] should_failslab+0xc2/0x120
[ 1181.119432][T30533] kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1181.119469][T30533] ? alloc_empty_file+0x55/0x1c0
[ 1181.119506][T30533] alloc_empty_file+0x55/0x1c0
[ 1181.119537][T30533] alloc_file_pseudo+0x13a/0x230
[ 1181.119570][T30533] ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1181.119601][T30533] ? inode_init_always_gfp+0xd0e/0x1040
[ 1181.119633][T30533] sock_alloc_file+0x50/0x210
[ 1181.119674][T30533] do_accept+0x242/0x530
[ 1181.119702][T30533] ? 0xffffffff81000000
[ 1181.119720][T30533] ? do_raw_spin_lock+0x128/0x260
[ 1181.119758][T30533] ? __pfx_do_accept+0x10/0x10
[ 1181.119805][T30533] ? 0xffffffff81000000
[ 1181.119821][T30533] __sys_accept4+0x108/0x200
[ 1181.119852][T30533] ? __pfx___sys_accept4+0x10/0x10
[ 1181.119890][T30533] __x64_sys_accept+0x74/0xb0
[ 1181.119919][T30533] ? lockdep_hardirqs_on+0x78/0x100
[ 1181.119955][T30533] do_syscall_64+0x106/0xf80
[ 1181.119996][T30533] ? clear_bhb_loop+0x40/0x90
[ 1181.120026][T30533] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1181.120052][T30533] RIP: 0033:0x7f750db9c799
[ 1181.120071][T30533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1181.120095][T30533] RSP: 002b:00007f750ea4c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[ 1181.120122][T30533] RAX: ffffffffffffffda RBX: 00007f750de15fa0 RCX: 00007f750db9c799
[ 1181.120138][T30533] RDX: ffffffff81000000 RSI: ffffffffffffffff RDI: 0000000000000003
[ 1181.120154][T30533] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1181.120169][T30533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1181.120184][T30533] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1181.120207][T30533] ? 0xffffffff81000000
[ 1181.120230][T30533]
[ 1182.371748][T30547] netlink: 330 bytes leftover after parsing attributes in process `syz.3.10627'.
[ 1182.609329][T30549] input: j�J�Ǹ-9%vlQ J86� as /devices/virtual/input/input31
[ 1187.449594][T30632] FAULT_INJECTION: forcing a failure.
[ 1187.449594][T30632] name failslab, interval 1, probability 0, space 0, times 0
[ 1187.534811][T30632] CPU: 0 UID: 0 PID: 30632 Comm: syz.2.10657 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1187.534858][T30632] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1187.534870][T30632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1187.534885][T30632] Call Trace:
[ 1187.534893][T30632]
[ 1187.534902][T30632] dump_stack_lvl+0x100/0x190
[ 1187.534945][T30632] should_fail_ex.cold+0x5/0xa
[ 1187.534973][T30632] ? constrain_params_by_rules+0x175/0xcc0
[ 1187.535006][T30632] should_failslab+0xc2/0x120
[ 1187.535032][T30632] __kmalloc_noprof+0xe0/0x850
[ 1187.535077][T30632] constrain_params_by_rules+0x175/0xcc0
[ 1187.535110][T30632] ? arch_stack_walk+0xa6/0xf0
[ 1187.535144][T30632] ? __pfx_constrain_params_by_rules+0x10/0x10
[ 1187.535176][T30632] ? stack_trace_save+0x8e/0xc0
[ 1187.535205][T30632] ? kfree+0x1f6/0x6b0
[ 1187.535234][T30632] ? snd_pcm_hw_param_near.constprop.0+0x573/0x850
[ 1187.535272][T30632] ? snd_pcm_oss_make_ready_locked+0xb7/0x130
[ 1187.535300][T30632] ? snd_pcm_oss_read+0x3d4/0x730
[ 1187.535328][T30632] ? vfs_read+0x1e4/0xb30
[ 1187.535371][T30632] ? ksys_read+0x12a/0x250
[ 1187.535391][T30632] ? do_syscall_64+0x106/0xf80
[ 1187.535426][T30632] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1187.535451][T30632] ? snd_interval_refine+0x2d0/0x580
[ 1187.535493][T30632] snd_pcm_hw_refine+0x7e7/0xad0
[ 1187.535531][T30632] ? __pfx_snd_pcm_hw_refine+0x10/0x10
[ 1187.535583][T30632] snd_pcm_hw_param_last+0x2b2/0x660
[ 1187.535617][T30632] snd_pcm_hw_param_near.constprop.0+0x546/0x850
[ 1187.535651][T30632] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[ 1187.535682][T30632] ? calc_src_frames.isra.0+0x17c/0x1c0
[ 1187.535719][T30632] snd_pcm_oss_change_params_locked+0x193a/0x39f0
[ 1187.535762][T30632] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1187.535814][T30632] snd_pcm_oss_make_ready_locked+0xb7/0x130
[ 1187.535846][T30632] snd_pcm_oss_read+0x3d4/0x730
[ 1187.535879][T30632] ? __pfx_snd_pcm_oss_read+0x10/0x10
[ 1187.535911][T30632] vfs_read+0x1e4/0xb30
[ 1187.535954][T30632] ? __pfx_vfs_read+0x10/0x10
[ 1187.535991][T30632] ? find_held_lock+0x2b/0x80
[ 1187.536014][T30632] ? __fget_files+0x215/0x3d0
[ 1187.536036][T30632] ? __fget_files+0x215/0x3d0
[ 1187.536064][T30632] ? __fget_files+0x21f/0x3d0
[ 1187.536095][T30632] ksys_read+0x12a/0x250
[ 1187.536116][T30632] ? __pfx_ksys_read+0x10/0x10
[ 1187.536147][T30632] do_syscall_64+0x106/0xf80
[ 1187.536181][T30632] ? clear_bhb_loop+0x40/0x90
[ 1187.536211][T30632] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1187.536237][T30632] RIP: 0033:0x7f750db9c799
[ 1187.536258][T30632] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1187.536283][T30632] RSP: 002b:00007f750ea4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1187.536306][T30632] RAX: ffffffffffffffda RBX: 00007f750de15fa0 RCX: 00007f750db9c799
[ 1187.536322][T30632] RDX: 0000000000008080 RSI: 0000000000000000 RDI: 0000000000000003
[ 1187.536337][T30632] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1187.536352][T30632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1187.536381][T30632] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1187.536412][T30632]
[ 1188.433759][T30642] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10659'.
[ 1188.485963][T30642] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10659'.
[ 1189.692495][T30654] sg_write: data in/out 220/90 bytes for SCSI command 0x0-- guessing data in;
[ 1189.692495][T30654] program syz.0.10664 not setting count and/or reply_len properly
[ 1192.043384][T30690] netlink: 334 bytes leftover after parsing attributes in process `syz.3.10676'.
[ 1193.241519][T30696] netlink: 342 bytes leftover after parsing attributes in process `syz.3.10679'.
[ 1194.431553][T30712] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10686'.
[ 1194.527281][T30712] netlink: 25 bytes leftover after parsing attributes in process `syz.0.10686'.
[ 1194.774328][T30719] FAULT_INJECTION: forcing a failure.
[ 1194.774328][T30719] name failslab, interval 1, probability 0, space 0, times 0
[ 1194.870384][T30719] CPU: 0 UID: 0 PID: 30719 Comm: syz.2.10687 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1194.870431][T30719] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1194.870443][T30719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1194.870458][T30719] Call Trace:
[ 1194.870466][T30719]
[ 1194.870476][T30719] dump_stack_lvl+0x100/0x190
[ 1194.870520][T30719] should_fail_ex.cold+0x5/0xa
[ 1194.870548][T30719] should_failslab+0xc2/0x120
[ 1194.870575][T30719] __kmalloc_cache_noprof+0x7a/0x6f0
[ 1194.870608][T30719] ? mon_text_open+0x1d9/0x510
[ 1194.870706][T30719] ? lockdep_init_map_type+0x5c/0x250
[ 1194.870758][T30719] ? __pfx_mon_text_open+0x10/0x10
[ 1194.870780][T30719] mon_text_open+0x1d9/0x510
[ 1194.870803][T30719] ? __pfx_mon_text_open+0x10/0x10
[ 1194.870833][T30719] ? __debugfs_file_get+0x1fc/0x860
[ 1194.870919][T30719] ? __pfx___debugfs_file_get+0x10/0x10
[ 1194.870955][T30719] ? __pfx_apparmor_file_open+0x10/0x10
[ 1194.870996][T30719] ? lockdown_is_locked_down+0x3d/0x140
[ 1194.871055][T30719] ? bpf_lsm_locked_down+0x9/0x10
[ 1194.871087][T30719] ? __pfx_mon_text_open+0x10/0x10
[ 1194.871109][T30719] full_proxy_open_regular+0x1b6/0x370
[ 1194.871151][T30719] do_dentry_open+0x6d8/0x1660
[ 1194.871174][T30719] ? __pfx_full_proxy_open_regular+0x10/0x10
[ 1194.871220][T30719] vfs_open+0x82/0x3f0
[ 1194.871255][T30719] path_openat+0x208c/0x31a0
[ 1194.871291][T30719] ? __pfx_path_openat+0x10/0x10
[ 1194.871327][T30719] do_file_open+0x20e/0x430
[ 1194.871355][T30719] ? __pfx_do_file_open+0x10/0x10
[ 1194.871401][T30719] ? alloc_fd+0x476/0x790
[ 1194.871428][T30719] ? do_getname+0x191/0x390
[ 1194.871461][T30719] do_sys_openat2+0x10d/0x1e0
[ 1194.871494][T30719] ? __pfx_do_sys_openat2+0x10/0x10
[ 1194.871529][T30719] ? __fget_files+0x21f/0x3d0
[ 1194.871558][T30719] __x64_sys_openat+0x12d/0x210
[ 1194.871592][T30719] ? __pfx___x64_sys_openat+0x10/0x10
[ 1194.871637][T30719] do_syscall_64+0x106/0xf80
[ 1194.871673][T30719] ? clear_bhb_loop+0x40/0x90
[ 1194.871704][T30719] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1194.871751][T30719] RIP: 0033:0x7f750db9c799
[ 1194.871772][T30719] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1194.871797][T30719] RSP: 002b:00007f750ea4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1194.871821][T30719] RAX: ffffffffffffffda RBX: 00007f750de15fa0 RCX: 00007f750db9c799
[ 1194.871837][T30719] RDX: 0000000000080080 RSI: 0000200000000280 RDI: ffffffffffffff9c
[ 1194.871854][T30719] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1194.871870][T30719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1194.871884][T30719] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1194.871916][T30719]
[ 1195.894177][T30731] netlink: 'syz.3.10693': attribute type 29 has an invalid length.
[ 1195.926124][T30731] netlink: 334 bytes leftover after parsing attributes in process `syz.3.10693'.
[ 1196.161748][T30733] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[ 1197.021576][T30749] netlink: 342 bytes leftover after parsing attributes in process `syz.2.10699'.
[ 1197.446945][T30755] netlink: 334 bytes leftover after parsing attributes in process `syz.2.10701'.
[ 1198.378015][T30772] netlink: 25 bytes leftover after parsing attributes in process `syz.0.10709'.
[ 1199.854855][T30788] netlink: 326 bytes leftover after parsing attributes in process `syz.2.10716'.
[ 1206.720904][T30889] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1206.765651][T30891] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size
[ 1207.941608][T30916] netlink: 322 bytes leftover after parsing attributes in process `syz.3.10763'.
[ 1208.516926][T30922] mkiss: ax0: crc mode is auto.
[ 1208.607486][T30927] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10770'.
[ 1208.971851][T30932] FAULT_INJECTION: forcing a failure.
[ 1208.971851][T30932] name failslab, interval 1, probability 0, space 0, times 0
[ 1209.050541][T30932] CPU: 0 UID: 0 PID: 30932 Comm: syz.1.10771 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1209.050601][T30932] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1209.050618][T30932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1209.050633][T30932] Call Trace:
[ 1209.050641][T30932]
[ 1209.050650][T30932] dump_stack_lvl+0x100/0x190
[ 1209.050704][T30932] should_fail_ex.cold+0x5/0xa
[ 1209.050734][T30932] should_failslab+0xc2/0x120
[ 1209.050762][T30932] __kmalloc_cache_noprof+0x7a/0x6f0
[ 1209.050796][T30932] ? __kthread_create_on_node+0xce/0x3f0
[ 1209.050826][T30932] ? lockdep_init_map_type+0x5c/0x250
[ 1209.050864][T30932] ? __pfx_tomoyo_gc_thread+0x10/0x10
[ 1209.050893][T30932] __kthread_create_on_node+0xce/0x3f0
[ 1209.050925][T30932] ? __pfx___kthread_create_on_node+0x10/0x10
[ 1209.050969][T30932] ? __pfx_tomoyo_gc_thread+0x10/0x10
[ 1209.050998][T30932] kthread_create_on_node+0xc7/0x100
[ 1209.051027][T30932] ? __pfx_kthread_create_on_node+0x10/0x10
[ 1209.051059][T30932] ? lockdep_hardirqs_on+0x78/0x100
[ 1209.051097][T30932] ? find_held_lock+0x2b/0x80
[ 1209.051119][T30932] ? tomoyo_notify_gc+0xc6/0x480
[ 1209.051153][T30932] tomoyo_notify_gc+0x102/0x480
[ 1209.051179][T30932] ? ima_iint_find+0xe9/0x130
[ 1209.051244][T30932] ? __pfx_tomoyo_release+0x10/0x10
[ 1209.051278][T30932] tomoyo_release+0x31/0x40
[ 1209.051309][T30932] __fput+0x3ff/0xb40
[ 1209.051347][T30932] task_work_run+0x150/0x240
[ 1209.051389][T30932] ? __pfx_task_work_run+0x10/0x10
[ 1209.051433][T30932] exit_to_user_mode_loop+0x100/0x4a0
[ 1209.051470][T30932] do_syscall_64+0x668/0xf80
[ 1209.051504][T30932] ? clear_bhb_loop+0x40/0x90
[ 1209.051535][T30932] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1209.051561][T30932] RIP: 0033:0x7f353039c799
[ 1209.051581][T30932] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1209.051606][T30932] RSP: 002b:00007f3531238028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1209.051629][T30932] RAX: 0000000000000000 RBX: 00007f3530615fa0 RCX: 00007f353039c799
[ 1209.051645][T30932] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1209.051660][T30932] RBP: 00007f3530432c99 R08: 0000000000000000 R09: 0000000000000000
[ 1209.051681][T30932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1209.051696][T30932] R13: 00007f3530616038 R14: 00007f3530615fa0 R15: 00007fffe3ec3d98
[ 1209.051728][T30932]
[ 1211.733149][T30951] base or size exceeds the MTRR width
[ 1212.541122][T30965] netlink: 110 bytes leftover after parsing attributes in process `syz.1.10785'.
[ 1212.887928][T30974] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10789'.
[ 1212.974178][T30974] netlink: 13 bytes leftover after parsing attributes in process `syz.3.10789'.
[ 1213.040416][T30974] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10789'.
[ 1213.179119][T30977] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1215.112653][T31007] netlink: 334 bytes leftover after parsing attributes in process `syz.3.10801'.
[ 1215.706686][T31015] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10804'.
[ 1215.707397][T31015] netlink: 17 bytes leftover after parsing attributes in process `syz.3.10804'.
[ 1216.350750][T31023] netlink: 28 bytes leftover after parsing attributes in process `syz.1.10809'.
[ 1217.427426][T31039] netlink: 'syz.0.10812': attribute type 21 has an invalid length.
[ 1217.500492][T31039] netlink: 334 bytes leftover after parsing attributes in process `syz.0.10812'.
[ 1217.748310][T31045] netlink: 146 bytes leftover after parsing attributes in process `syz.3.10815'.
[ 1218.415800][T31049] netlink: 74 bytes leftover after parsing attributes in process `syz.0.10824'.
[ 1219.602471][T31080] FAULT_INJECTION: forcing a failure.
[ 1219.602471][T31080] name failslab, interval 1, probability 0, space 0, times 0
[ 1219.775067][T31080] CPU: 0 UID: 0 PID: 31080 Comm: syz.1.10827 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1219.775114][T31080] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1219.775126][T31080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1219.775141][T31080] Call Trace:
[ 1219.775149][T31080]
[ 1219.775158][T31080] dump_stack_lvl+0x100/0x190
[ 1219.775201][T31080] should_fail_ex.cold+0x5/0xa
[ 1219.775229][T31080] ? tracepoint_add_func+0x2c5/0xf30
[ 1219.775254][T31080] should_failslab+0xc2/0x120
[ 1219.775279][T31080] __kmalloc_noprof+0xe0/0x850
[ 1219.775322][T31080] ? __pfx_probe_sched_wakeup+0x10/0x10
[ 1219.775348][T31080] tracepoint_add_func+0x2c5/0xf30
[ 1219.775372][T31080] ? __pfx_probe_sched_wakeup+0x10/0x10
[ 1219.775397][T31080] ? rcu_is_watching+0x12/0xc0
[ 1219.775439][T31080] ? __pfx_probe_sched_wakeup+0x10/0x10
[ 1219.775464][T31080] tracepoint_probe_register+0xc4/0x110
[ 1219.775491][T31080] ? __pfx_tracepoint_probe_register+0x10/0x10
[ 1219.775517][T31080] ? __pfx_probe_sched_wakeup+0x10/0x10
[ 1219.775552][T31080] ? __lock_acquire+0x4a5/0x2630
[ 1219.775592][T31080] tracing_start_sched_switch+0xdc/0x170
[ 1219.775635][T31080] __ftrace_event_enable_disable+0x557/0x6f0
[ 1219.775666][T31080] __ftrace_set_clr_event_nolock+0x390/0xc30
[ 1219.775705][T31080] ftrace_set_clr_event+0x16e/0x330
[ 1219.775739][T31080] ? __pfx_ftrace_set_clr_event+0x10/0x10
[ 1219.775771][T31080] ? trace_get_user+0x3ae/0xa70
[ 1219.775805][T31080] ftrace_event_write+0x259/0x2c0
[ 1219.775838][T31080] ? __pfx_ftrace_event_write+0x10/0x10
[ 1219.775883][T31080] vfs_write+0x2aa/0x1070
[ 1219.775906][T31080] ? __pfx_ftrace_event_write+0x10/0x10
[ 1219.775942][T31080] ? __pfx_vfs_write+0x10/0x10
[ 1219.775981][T31080] ? __fget_files+0x215/0x3d0
[ 1219.776011][T31080] ? __fget_files+0x21f/0x3d0
[ 1219.776043][T31080] ksys_write+0x12a/0x250
[ 1219.776065][T31080] ? __pfx_ksys_write+0x10/0x10
[ 1219.776097][T31080] do_syscall_64+0x106/0xf80
[ 1219.776132][T31080] ? clear_bhb_loop+0x40/0x90
[ 1219.776163][T31080] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1219.776188][T31080] RIP: 0033:0x7f353039c799
[ 1219.776209][T31080] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1219.776233][T31080] RSP: 002b:00007f3531217028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1219.776256][T31080] RAX: ffffffffffffffda RBX: 00007f3530616090 RCX: 00007f353039c799
[ 1219.776273][T31080] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000005
[ 1219.776288][T31080] RBP: 00007f3530432c99 R08: 0000000000000000 R09: 0000000000000000
[ 1219.776303][T31080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1219.776317][T31080] R13: 00007f3530616128 R14: 00007f3530616090 R15: 00007fffe3ec3d98
[ 1219.776351][T31080]
[ 1219.776375][T31080] wakeup trace: Couldn't activate tracepoint probe to kernel_sched_wakeup_new
[ 1220.111465][T31083] netlink: 342 bytes leftover after parsing attributes in process `syz.3.10829'.
[ 1222.215239][T31105] netlink: 334 bytes leftover after parsing attributes in process `syz.1.10836'.
[ 1223.658646][T31133] FAULT_INJECTION: forcing a failure.
[ 1223.658646][T31133] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1223.852788][T31133] CPU: 0 UID: 0 PID: 31133 Comm: syz.2.10846 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1223.852835][T31133] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1223.852847][T31133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1223.852862][T31133] Call Trace:
[ 1223.852870][T31133]
[ 1223.852879][T31133] dump_stack_lvl+0x100/0x190
[ 1223.852922][T31133] should_fail_ex.cold+0x5/0xa
[ 1223.852946][T31133] ? prepare_alloc_pages+0x16d/0x5f0
[ 1223.852977][T31133] should_fail_alloc_page+0xeb/0x140
[ 1223.853005][T31133] prepare_alloc_pages+0x1f0/0x5f0
[ 1223.853038][T31133] __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1223.853084][T31133] ? __lock_acquire+0x4a5/0x2630
[ 1223.853125][T31133] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1223.853167][T31133] ? do_raw_spin_lock+0x128/0x260
[ 1223.853217][T31133] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1223.853255][T31133] ? find_held_lock+0x2b/0x80
[ 1223.853287][T31133] ? __lock_acquire+0x4a5/0x2630
[ 1223.853318][T31133] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1223.853363][T31133] ? policy_nodemask+0xed/0x4f0
[ 1223.853394][T31133] alloc_pages_mpol+0x1fb/0x550
[ 1223.853423][T31133] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1223.853449][T31133] ? __folio_batch_add_and_move+0x5e5/0xc60
[ 1223.853489][T31133] ? __folio_batch_add_and_move+0x5e5/0xc60
[ 1223.853535][T31133] folio_alloc_mpol_noprof+0x36/0x340
[ 1223.853568][T31133] shmem_alloc_folio+0x135/0x160
[ 1223.853601][T31133] shmem_alloc_and_add_folio+0x371/0xd40
[ 1223.853647][T31133] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1223.853688][T31133] ? shmem_allowable_huge_orders+0x2bd/0x400
[ 1223.853726][T31133] ? __lock_acquire+0x400/0x2630
[ 1223.853762][T31133] shmem_get_folio_gfp+0x6ab/0x1900
[ 1223.853807][T31133] ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1223.853847][T31133] ? __pfx___might_resched+0x10/0x10
[ 1223.853885][T31133] ? noop_dirty_folio+0xfd/0x160
[ 1223.853913][T31133] shmem_fallocate+0x6d7/0x1060
[ 1223.853965][T31133] ? __pfx_shmem_fallocate+0x10/0x10
[ 1223.854002][T31133] ? aa_file_perm+0x7f3/0x14d0
[ 1223.854044][T31133] ? __lock_acquire+0x4a5/0x2630
[ 1223.854098][T31133] ? __pfx_shmem_fallocate+0x10/0x10
[ 1223.854137][T31133] vfs_fallocate+0x576/0x10d0
[ 1223.854179][T31133] ? __pfx_vfs_fallocate+0x10/0x10
[ 1223.854217][T31133] __x64_sys_fallocate+0xd5/0x140
[ 1223.854246][T31133] do_syscall_64+0x106/0xf80
[ 1223.854282][T31133] ? clear_bhb_loop+0x40/0x90
[ 1223.854312][T31133] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1223.854339][T31133] RIP: 0033:0x7f750db9c799
[ 1223.854359][T31133] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1223.854384][T31133] RSP: 002b:00007f750ea4c028 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 1223.854409][T31133] RAX: ffffffffffffffda RBX: 00007f750de15fa0 RCX: 00007f750db9c799
[ 1223.854426][T31133] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005
[ 1223.854441][T31133] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1223.854456][T31133] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000000
[ 1223.854471][T31133] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1223.854503][T31133]
[ 1224.801559][T31142] sg_write: data in/out 1886744398/84 bytes for SCSI command 0x72-- guessing data in;
[ 1224.801559][T31142] program syz.0.10850 not setting count and/or reply_len properly
[ 1226.972067][T31173] tc_dump_action: action bad kind
[ 1228.295404][T31196] MTRR 2 not used
[ 1228.449958][T31199] netlink: 198 bytes leftover after parsing attributes in process `syz.0.10873'.
[ 1228.611725][T31202] netlink: 322 bytes leftover after parsing attributes in process `syz.2.10874'.
[ 1228.657122][T31203] FAULT_INJECTION: forcing a failure.
[ 1228.657122][T31203] name failslab, interval 1, probability 0, space 0, times 0
[ 1228.744188][T31203] CPU: 0 UID: 0 PID: 31203 Comm: syz.1.10875 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1228.744234][T31203] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1228.744247][T31203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1228.744262][T31203] Call Trace:
[ 1228.744270][T31203]
[ 1228.744280][T31203] dump_stack_lvl+0x100/0x190
[ 1228.744323][T31203] should_fail_ex.cold+0x5/0xa
[ 1228.744352][T31203] should_failslab+0xc2/0x120
[ 1228.744379][T31203] __kmalloc_cache_noprof+0x7a/0x6f0
[ 1228.744412][T31203] ? snd_pcm_oss_change_params_locked+0x1db/0x39f0
[ 1228.744452][T31203] snd_pcm_oss_change_params_locked+0x1db/0x39f0
[ 1228.744490][T31203] ? __mutex_lock+0x26a/0x1b90
[ 1228.744530][T31203] ? snd_pcm_oss_sync+0x243/0x840
[ 1228.744559][T31203] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1228.744593][T31203] ? __pfx___mutex_lock+0x10/0x10
[ 1228.744635][T31203] ? __fsnotify_parent+0x2b4/0xca0
[ 1228.744670][T31203] snd_pcm_oss_make_ready_locked+0xb7/0x130
[ 1228.744702][T31203] snd_pcm_oss_sync+0x265/0x840
[ 1228.744736][T31203] snd_pcm_oss_release+0x238/0x300
[ 1228.744765][T31203] ? __pfx_snd_pcm_oss_release+0x10/0x10
[ 1228.744795][T31203] __fput+0x3ff/0xb40
[ 1228.744830][T31203] task_work_run+0x150/0x240
[ 1228.744869][T31203] ? __pfx_task_work_run+0x10/0x10
[ 1228.744914][T31203] exit_to_user_mode_loop+0x100/0x4a0
[ 1228.744958][T31203] do_syscall_64+0x668/0xf80
[ 1228.744992][T31203] ? clear_bhb_loop+0x40/0x90
[ 1228.745023][T31203] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1228.745049][T31203] RIP: 0033:0x7f353039c799
[ 1228.745068][T31203] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1228.745093][T31203] RSP: 002b:00007f3531238028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1228.745117][T31203] RAX: 0000000000000000 RBX: 00007f3530615fa0 RCX: 00007f353039c799
[ 1228.745133][T31203] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1228.745148][T31203] RBP: 00007f3530432c99 R08: 0000000000000000 R09: 0000000000000000
[ 1228.745163][T31203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1228.745178][T31203] R13: 00007f3530616038 R14: 00007f3530615fa0 R15: 00007fffe3ec3d98
[ 1228.745213][T31203]
[ 1231.141799][T31248] netlink: 334 bytes leftover after parsing attributes in process `syz.1.10895'.
[ 1231.225793][T31248] netlink: 334 bytes leftover after parsing attributes in process `syz.1.10895'.
[ 1231.351957][T29266] Bluetooth: hci0: Malformed LE Event: 0x0b
[ 1231.657066][T31257] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10897'.
[ 1233.738828][T29266] Bluetooth: hci3: Malformed LE Event: 0x0b
[ 1234.248830][T31296] netlink: 'syz.1.10914': attribute type 1 has an invalid length.
[ 1234.297009][T31296] netlink: 318 bytes leftover after parsing attributes in process `syz.1.10914'.
[ 1235.314820][T31311] netlink: 146 bytes leftover after parsing attributes in process `syz.0.10921'.
[ 1235.331636][T31312] netlink: 198 bytes leftover after parsing attributes in process `syz.2.10922'.
[ 1235.616649][T31315] netlink: 'syz.1.10924': attribute type 14 has an invalid length.
[ 1235.682376][T31315] netlink: 330 bytes leftover after parsing attributes in process `syz.1.10924'.
[ 1235.722470][T31318] FAULT_INJECTION: forcing a failure.
[ 1235.722470][T31318] name failslab, interval 1, probability 0, space 0, times 0
[ 1235.803029][T31318] CPU: 0 UID: 0 PID: 31318 Comm: syz.2.10925 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1235.803075][T31318] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1235.803088][T31318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1235.803105][T31318] Call Trace:
[ 1235.803112][T31318]
[ 1235.803121][T31318] dump_stack_lvl+0x100/0x190
[ 1235.803164][T31318] should_fail_ex.cold+0x5/0xa
[ 1235.803193][T31318] should_failslab+0xc2/0x120
[ 1235.803226][T31318] kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1235.803268][T31318] ? __kernfs_new_node+0xd2/0x960
[ 1235.803317][T31318] __kernfs_new_node+0xd2/0x960
[ 1235.803357][T31318] ? __pfx___kernfs_new_node+0x10/0x10
[ 1235.803400][T31318] ? find_held_lock+0x2b/0x80
[ 1235.803424][T31318] ? kernfs_root+0xee/0x2a0
[ 1235.803458][T31318] ? kernfs_root+0xee/0x2a0
[ 1235.803500][T31318] kernfs_new_node+0x11b/0x1a0
[ 1235.803544][T31318] __kernfs_create_file+0x53/0x350
[ 1235.803576][T31318] sysfs_add_file_mode_ns+0x207/0x3c0
[ 1235.803617][T31318] sysfs_merge_group+0x194/0x340
[ 1235.803655][T31318] ? __pfx_sysfs_merge_group+0x10/0x10
[ 1235.803696][T31318] ? __pfx_dev_add_physical_location+0x10/0x10
[ 1235.803728][T31318] ? bus_to_subsys+0x114/0x150
[ 1235.803765][T31318] dpm_sysfs_add+0x237/0x280
[ 1235.803793][T31318] device_add+0x9ef/0x1950
[ 1235.803825][T31318] ? __pfx_device_add+0x10/0x10
[ 1235.803851][T31318] ? __pfx___might_resched+0x10/0x10
[ 1235.803888][T31318] ? lockdep_hardirqs_on+0x78/0x100
[ 1235.803935][T31318] __add_disk+0x518/0xe40
[ 1235.804078][T31318] add_disk_fwnode+0x118/0x5c0
[ 1235.804106][T31318] loop_add+0x90b/0xb60
[ 1235.804139][T31318] ? __pfx_loop_add+0x10/0x10
[ 1235.804191][T31318] ? find_held_lock+0x2b/0x80
[ 1235.804213][T31318] ? __fget_files+0x215/0x3d0
[ 1235.804240][T31318] loop_control_ioctl+0xae/0x620
[ 1235.804276][T31318] ? __pfx_loop_control_ioctl+0x10/0x10
[ 1235.804321][T31318] ? __pfx_loop_control_ioctl+0x10/0x10
[ 1235.804359][T31318] __x64_sys_ioctl+0x18e/0x210
[ 1235.804398][T31318] do_syscall_64+0x106/0xf80
[ 1235.804433][T31318] ? clear_bhb_loop+0x40/0x90
[ 1235.804463][T31318] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1235.804488][T31318] RIP: 0033:0x7f750db9c799
[ 1235.804509][T31318] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1235.804533][T31318] RSP: 002b:00007f750ea4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1235.804557][T31318] RAX: ffffffffffffffda RBX: 00007f750de15fa0 RCX: 00007f750db9c799
[ 1235.804574][T31318] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005
[ 1235.804590][T31318] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1235.804605][T31318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1235.804620][T31318] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1235.804652][T31318]
[ 1238.907846][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.914400][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.181489][T31351] FAULT_INJECTION: forcing a failure.
[ 1239.181489][T31351] name failslab, interval 1, probability 0, space 0, times 0
[ 1239.261763][T31351] CPU: 0 UID: 0 PID: 31351 Comm: syz.2.10932 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1239.261811][T31351] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1239.261822][T31351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1239.261837][T31351] Call Trace:
[ 1239.261845][T31351]
[ 1239.261855][T31351] dump_stack_lvl+0x100/0x190
[ 1239.261897][T31351] should_fail_ex.cold+0x5/0xa
[ 1239.261925][T31351] should_failslab+0xc2/0x120
[ 1239.261952][T31351] kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1239.261997][T31351] ? anon_vma_fork+0x19a/0x6b0
[ 1239.262037][T31351] anon_vma_fork+0x19a/0x6b0
[ 1239.262075][T31351] dup_mmap+0x141f/0x2180
[ 1239.262117][T31351] ? __pfx_dup_mmap+0x10/0x10
[ 1239.262145][T31351] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1239.262185][T31351] ? __lock_acquire+0x4a5/0x2630
[ 1239.262219][T31351] ? find_held_lock+0x2b/0x80
[ 1239.262241][T31351] ? __percpu_counter_init_many+0x2bc/0x3b0
[ 1239.262363][T31351] copy_process+0x7523/0x7a40
[ 1239.262392][T31351] ? futex_unqueue+0x133/0x2c0
[ 1239.262438][T31351] ? __pfx_copy_process+0x10/0x10
[ 1239.262475][T31351] ? _copy_from_user+0x59/0xd0
[ 1239.262507][T31351] kernel_clone+0xfc/0x9a0
[ 1239.262538][T31351] ? __pfx_kernel_clone+0x10/0x10
[ 1239.262574][T31351] ? __pfx_futex_wait+0x10/0x10
[ 1239.262620][T31351] __do_sys_clone3+0x214/0x290
[ 1239.262650][T31351] ? __pfx___do_sys_clone3+0x10/0x10
[ 1239.262721][T31351] do_syscall_64+0x106/0xf80
[ 1239.262756][T31351] ? clear_bhb_loop+0x40/0x90
[ 1239.262787][T31351] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1239.262813][T31351] RIP: 0033:0x7f750db9c799
[ 1239.262834][T31351] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1239.262858][T31351] RSP: 002b:00007f750ea4bef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 1239.262882][T31351] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f750db9c799
[ 1239.262898][T31351] RDX: 00007f750ea4bf10 RSI: 0000000000000058 RDI: 00007f750ea4bf10
[ 1239.262913][T31351] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000058
[ 1239.262929][T31351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1239.262943][T31351] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1239.262981][T31351]
[ 1248.034777][T31492] netlink: 28 bytes leftover after parsing attributes in process `syz.2.10987'.
[ 1248.123628][T31492] hsr_slave_0: left promiscuous mode
[ 1248.134680][T31492] hsr_slave_1: left promiscuous mode
[ 1248.902397][T31507] netlink: 342 bytes leftover after parsing attributes in process `syz.3.10994'.
[ 1251.081757][T31537] netlink: 'syz.2.11004': attribute type 64 has an invalid length.
[ 1251.089731][T31537] netlink: 74 bytes leftover after parsing attributes in process `syz.2.11004'.
[ 1251.921720][T31552] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1252.866689][T31560] ptrace attach of "./syz-executor exec"[28373] was attempted by ""[31560]
[ 1256.611150][T31618] netlink: 342 bytes leftover after parsing attributes in process `syz.1.11034'.
[ 1257.192638][T31628] netlink: 'syz.3.11038': attribute type 4 has an invalid length.
[ 1260.834532][T31686] FAULT_INJECTION: forcing a failure.
[ 1260.834532][T31686] name failslab, interval 1, probability 0, space 0, times 0
[ 1261.001562][T31686] CPU: 0 UID: 0 PID: 31686 Comm: syz.1.11057 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1261.001609][T31686] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1261.001620][T31686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1261.001636][T31686] Call Trace:
[ 1261.001643][T31686]
[ 1261.001653][T31686] dump_stack_lvl+0x100/0x190
[ 1261.001696][T31686] should_fail_ex.cold+0x5/0xa
[ 1261.001724][T31686] should_failslab+0xc2/0x120
[ 1261.001750][T31686] kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1261.001789][T31686] ? __d_alloc+0x34/0xa80
[ 1261.001815][T31686] ? __pfx_stack_trace_save+0x10/0x10
[ 1261.001845][T31686] __d_alloc+0x34/0xa80
[ 1261.001875][T31686] d_alloc_parallel+0x111/0x14e0
[ 1261.001928][T31686] ? find_held_lock+0x2b/0x80
[ 1261.001952][T31686] ? __d_lookup+0x25c/0x4a0
[ 1261.001987][T31686] ? __pfx_d_alloc_parallel+0x10/0x10
[ 1261.002028][T31686] ? __d_lookup+0x266/0x4a0
[ 1261.002070][T31686] lookup_open.isra.0+0x57c/0x11b0
[ 1261.002108][T31686] ? kernfs_iop_getattr+0xc0/0xf0
[ 1261.002146][T31686] ? __pfx_lookup_open.isra.0+0x10/0x10
[ 1261.002201][T31686] ? lookup_fast+0x2da/0x600
[ 1261.002241][T31686] path_openat+0xa98/0x31a0
[ 1261.002276][T31686] ? __pfx_path_openat+0x10/0x10
[ 1261.002312][T31686] do_file_open+0x20e/0x430
[ 1261.002340][T31686] ? __pfx_do_file_open+0x10/0x10
[ 1261.002387][T31686] ? alloc_fd+0x476/0x790
[ 1261.002414][T31686] ? do_getname+0x191/0x390
[ 1261.002447][T31686] do_sys_openat2+0x10d/0x1e0
[ 1261.002481][T31686] ? __pfx_do_sys_openat2+0x10/0x10
[ 1261.002525][T31686] __x64_sys_openat+0x12d/0x210
[ 1261.002559][T31686] ? __pfx___x64_sys_openat+0x10/0x10
[ 1261.002604][T31686] do_syscall_64+0x106/0xf80
[ 1261.002638][T31686] ? clear_bhb_loop+0x40/0x90
[ 1261.002668][T31686] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1261.002694][T31686] RIP: 0033:0x7f353039c799
[ 1261.002714][T31686] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1261.002739][T31686] RSP: 002b:00007f3531217028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1261.002762][T31686] RAX: ffffffffffffffda RBX: 00007f3530616090 RCX: 00007f353039c799
[ 1261.002779][T31686] RDX: 0000000000002400 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1261.002795][T31686] RBP: 00007f3530432c99 R08: 0000000000000000 R09: 0000000000000000
[ 1261.002810][T31686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1261.002825][T31686] R13: 00007f3530616128 R14: 00007f3530616090 R15: 00007fffe3ec3d98
[ 1261.002856][T31686]
[ 1261.284994][T31689] phram: not enough arguments
[ 1262.508529][T31706] FAULT_INJECTION: forcing a failure.
[ 1262.508529][T31706] name failslab, interval 1, probability 0, space 0, times 0
[ 1262.603074][T31706] CPU: 0 UID: 0 PID: 31706 Comm: syz.1.11065 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1262.603121][T31706] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1262.603132][T31706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1262.603146][T31706] Call Trace:
[ 1262.603154][T31706]
[ 1262.603163][T31706] dump_stack_lvl+0x100/0x190
[ 1262.603206][T31706] should_fail_ex.cold+0x5/0xa
[ 1262.603239][T31706] should_failslab+0xc2/0x120
[ 1262.603265][T31706] __kvmalloc_node_noprof+0xfa/0xa00
[ 1262.603305][T31706] ? v4l2_ctrl_new+0x4a6/0x23a0
[ 1262.603429][T31706] ? register_lock_class+0x40/0x560
[ 1262.603469][T31706] v4l2_ctrl_new+0x4a6/0x23a0
[ 1262.603520][T31706] ? __pfx_v4l2_ctrl_new+0x10/0x10
[ 1262.603560][T31706] ? lock_acquire+0x1cf/0x380
[ 1262.603596][T31706] ? rcu_is_watching+0x12/0xc0
[ 1262.603638][T31706] v4l2_ctrl_new_std+0x1bb/0x290
[ 1262.603686][T31706] ? __pfx_v4l2_ctrl_new_std+0x10/0x10
[ 1262.603732][T31706] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1262.603774][T31706] ? __asan_memset+0x23/0x50
[ 1262.603809][T31706] ? __asan_memcpy+0x3c/0x60
[ 1262.603844][T31706] ? find_ref+0x209/0x420
[ 1262.603890][T31706] handler_new_ref+0x82f/0xc60
[ 1262.603938][T31706] v4l2_ctrl_new+0xe67/0x23a0
[ 1262.603988][T31706] ? __pfx_v4l2_ctrl_new+0x10/0x10
[ 1262.604041][T31706] v4l2_ctrl_new_std+0x1bb/0x290
[ 1262.604090][T31706] ? __pfx_v4l2_ctrl_new_std+0x10/0x10
[ 1262.604133][T31706] ? trace_kmalloc+0x101/0x130
[ 1262.604158][T31706] ? __kasan_kmalloc+0xaa/0xb0
[ 1262.604198][T31706] ? v4l2_ctrl_handler_init_class+0x201/0x350
[ 1262.604238][T31706] ? lockdep_init_map_type+0x30/0x250
[ 1262.604274][T31706] ? media_request_object_init+0x105/0x180
[ 1262.604333][T31706] vim2m_open+0x140/0x830
[ 1262.604403][T31706] v4l2_open+0x1d2/0x490
[ 1262.604442][T31706] ? __pfx_v4l2_open+0x10/0x10
[ 1262.604480][T31706] chrdev_open+0x234/0x6a0
[ 1262.604504][T31706] ? __pfx_apparmor_file_open+0x10/0x10
[ 1262.604547][T31706] ? __pfx_chrdev_open+0x10/0x10
[ 1262.604574][T31706] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1262.604607][T31706] do_dentry_open+0x6d8/0x1660
[ 1262.604631][T31706] ? __pfx_chrdev_open+0x10/0x10
[ 1262.604663][T31706] vfs_open+0x82/0x3f0
[ 1262.604698][T31706] path_openat+0x208c/0x31a0
[ 1262.604734][T31706] ? __pfx_path_openat+0x10/0x10
[ 1262.604770][T31706] do_file_open+0x20e/0x430
[ 1262.604798][T31706] ? __pfx_do_file_open+0x10/0x10
[ 1262.604844][T31706] ? alloc_fd+0x476/0x790
[ 1262.604877][T31706] ? do_getname+0x191/0x390
[ 1262.604910][T31706] do_sys_openat2+0x10d/0x1e0
[ 1262.604948][T31706] ? __pfx_do_sys_openat2+0x10/0x10
[ 1262.604991][T31706] __x64_sys_openat+0x12d/0x210
[ 1262.605026][T31706] ? __pfx___x64_sys_openat+0x10/0x10
[ 1262.605071][T31706] do_syscall_64+0x106/0xf80
[ 1262.605106][T31706] ? clear_bhb_loop+0x40/0x90
[ 1262.605136][T31706] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1262.605162][T31706] RIP: 0033:0x7f353039c799
[ 1262.605182][T31706] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1262.605207][T31706] RSP: 002b:00007f3531238028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1262.605230][T31706] RAX: ffffffffffffffda RBX: 00007f3530615fa0 RCX: 00007f353039c799
[ 1262.605247][T31706] RDX: 000000000002aa01 RSI: 0000200000000180 RDI: ffffffffffffff9c
[ 1262.605263][T31706] RBP: 00007f3530432c99 R08: 0000000000000000 R09: 0000000000000000
[ 1262.605278][T31706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1262.605293][T31706] R13: 00007f3530616038 R14: 00007f3530615fa0 R15: 00007fffe3ec3d98
[ 1262.605324][T31706]
[ 1263.627283][T31712] netlink: 342 bytes leftover after parsing attributes in process `syz.3.11069'.
[ 1264.365062][T31730] netlink: 330 bytes leftover after parsing attributes in process `syz.2.11073'.
[ 1265.609224][T31744] Console: switching to colour VGA+ 80x25
[ 1265.808762][T31744] Console: switching to colour frame buffer device 4x6
[ 1266.131224][T31752] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11091'.
[ 1266.265628][T31752] hsr_slave_0: left promiscuous mode
[ 1266.277182][T31752] hsr_slave_1: left promiscuous mode
[ 1267.786330][T31767] netlink: 342 bytes leftover after parsing attributes in process `syz.2.11085'.
[ 1272.861882][T31835] netlink: 330 bytes leftover after parsing attributes in process `syz.2.11110'.
[ 1272.930379][T31835] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1273.944085][T31844] netlink: 342 bytes leftover after parsing attributes in process `syz.0.11113'.
[ 1274.189799][T29266] block nbd2: Receive control failed (result -32)
[ 1274.331062][T31849] netlink: 342 bytes leftover after parsing attributes in process `syz.0.11115'.
[ 1276.288890][T31872] zswap: compressor not available
[ 1276.799791][T31890] netlink: 330 bytes leftover after parsing attributes in process `syz.3.11131'.
[ 1277.673625][T31904] FAULT_INJECTION: forcing a failure.
[ 1277.673625][T31904] name failslab, interval 1, probability 0, space 0, times 0
[ 1277.839178][T31904] CPU: 0 UID: 0 PID: 31904 Comm: syz.1.11135 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1277.839225][T31904] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1277.839237][T31904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1277.839252][T31904] Call Trace:
[ 1277.839260][T31904]
[ 1277.839270][T31904] dump_stack_lvl+0x100/0x190
[ 1277.839312][T31904] should_fail_ex.cold+0x5/0xa
[ 1277.839341][T31904] should_failslab+0xc2/0x120
[ 1277.839367][T31904] __kmalloc_cache_noprof+0x7a/0x6f0
[ 1277.839400][T31904] ? snd_virmidi_output_open+0xc4/0x670
[ 1277.839433][T31904] snd_virmidi_output_open+0xc4/0x670
[ 1277.839463][T31904] open_substream+0x480/0x9e0
[ 1277.839505][T31904] rawmidi_open_priv+0x595/0x6f0
[ 1277.839545][T31904] snd_rawmidi_open+0x4c9/0xba0
[ 1277.839584][T31904] ? __pfx_snd_rawmidi_open+0x10/0x10
[ 1277.839619][T31904] ? __pfx_default_wake_function+0x10/0x10
[ 1277.839647][T31904] ? soundcore_open+0x231/0x5a0
[ 1277.839670][T31904] ? soundcore_open+0x231/0x5a0
[ 1277.839695][T31904] ? __pfx_snd_rawmidi_open+0x10/0x10
[ 1277.839731][T31904] soundcore_open+0x2e3/0x5a0
[ 1277.839757][T31904] ? __pfx_soundcore_open+0x10/0x10
[ 1277.839781][T31904] chrdev_open+0x234/0x6a0
[ 1277.839808][T31904] ? __pfx_chrdev_open+0x10/0x10
[ 1277.839835][T31904] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1277.839868][T31904] do_dentry_open+0x6d8/0x1660
[ 1277.839892][T31904] ? __pfx_chrdev_open+0x10/0x10
[ 1277.839925][T31904] vfs_open+0x82/0x3f0
[ 1277.839960][T31904] path_openat+0x208c/0x31a0
[ 1277.839995][T31904] ? __pfx_path_openat+0x10/0x10
[ 1277.840031][T31904] do_file_open+0x20e/0x430
[ 1277.840063][T31904] ? __pfx_do_file_open+0x10/0x10
[ 1277.840110][T31904] ? alloc_fd+0x476/0x790
[ 1277.840137][T31904] ? do_getname+0x191/0x390
[ 1277.840170][T31904] do_sys_openat2+0x10d/0x1e0
[ 1277.840203][T31904] ? __pfx_do_sys_openat2+0x10/0x10
[ 1277.840238][T31904] ? __fget_files+0x21f/0x3d0
[ 1277.840267][T31904] __x64_sys_openat+0x12d/0x210
[ 1277.840301][T31904] ? __pfx___x64_sys_openat+0x10/0x10
[ 1277.840347][T31904] do_syscall_64+0x106/0xf80
[ 1277.840382][T31904] ? clear_bhb_loop+0x40/0x90
[ 1277.840412][T31904] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1277.840438][T31904] RIP: 0033:0x7f353039c799
[ 1277.840458][T31904] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1277.840483][T31904] RSP: 002b:00007f3531238028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1277.840512][T31904] RAX: ffffffffffffffda RBX: 00007f3530615fa0 RCX: 00007f353039c799
[ 1277.840529][T31904] RDX: 0000000000060c01 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1277.840544][T31904] RBP: 00007f3530432c99 R08: 0000000000000000 R09: 0000000000000000
[ 1277.840559][T31904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1277.840574][T31904] R13: 00007f3530616038 R14: 00007f3530615fa0 R15: 00007fffe3ec3d98
[ 1277.840605][T31904]
[ 1280.339376][T31942] netlink: 330 bytes leftover after parsing attributes in process `syz.0.11152'.
[ 1281.171786][T31954] netlink: 322 bytes leftover after parsing attributes in process `syz.2.11157'.
[ 1281.523377][T31951] netlink: 146 bytes leftover after parsing attributes in process `syz.3.11156'.
[ 1285.872333][T32019] netlink: 346 bytes leftover after parsing attributes in process `syz.0.11182'.
[ 1285.922664][T32025] netlink: 326 bytes leftover after parsing attributes in process `syz.3.11185'.
[ 1286.301921][T32029] netlink: 334 bytes leftover after parsing attributes in process `syz.0.11187'.
[ 1286.937778][T32043] netlink: 'syz.2.11192': attribute type 33 has an invalid length.
[ 1287.013428][T32043] netlink: 322 bytes leftover after parsing attributes in process `syz.2.11192'.
[ 1287.079097][T32043] netlink: 'syz.2.11192': attribute type 33 has an invalid length.
[ 1287.147228][T32043] netlink: 322 bytes leftover after parsing attributes in process `syz.2.11192'.
[ 1287.461466][T32048] netlink: 338 bytes leftover after parsing attributes in process `syz.3.11194'.
[ 1287.533904][T32048] bridge_slave_1: entered promiscuous mode
[ 1287.672459][T32053] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11197'.
[ 1290.228915][T32103] FAULT_INJECTION: forcing a failure.
[ 1290.228915][T32103] name failslab, interval 1, probability 0, space 0, times 0
[ 1290.334972][T32103] CPU: 0 UID: 0 PID: 32103 Comm: syz.2.11217 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1290.335019][T32103] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1290.335031][T32103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1290.335045][T32103] Call Trace:
[ 1290.335053][T32103]
[ 1290.335063][T32103] dump_stack_lvl+0x100/0x190
[ 1290.335105][T32103] should_fail_ex.cold+0x5/0xa
[ 1290.335134][T32103] should_failslab+0xc2/0x120
[ 1290.335160][T32103] __kmalloc_cache_noprof+0x7a/0x6f0
[ 1290.335193][T32103] ? drm_file_alloc+0x74/0xb40
[ 1290.335231][T32103] drm_file_alloc+0x74/0xb40
[ 1290.335265][T32103] drm_open_helper+0x1fc/0x540
[ 1290.335309][T32103] drm_open+0x1a0/0x3e0
[ 1290.335340][T32103] ? __pfx_drm_open+0x10/0x10
[ 1290.335371][T32103] drm_stub_open+0x20f/0x380
[ 1290.335469][T32103] ? __pfx_drm_stub_open+0x10/0x10
[ 1290.335501][T32103] chrdev_open+0x234/0x6a0
[ 1290.335526][T32103] ? __pfx_apparmor_file_open+0x10/0x10
[ 1290.335569][T32103] ? __pfx_chrdev_open+0x10/0x10
[ 1290.335596][T32103] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1290.335629][T32103] do_dentry_open+0x6d8/0x1660
[ 1290.335653][T32103] ? __pfx_chrdev_open+0x10/0x10
[ 1290.335685][T32103] vfs_open+0x82/0x3f0
[ 1290.335720][T32103] path_openat+0x208c/0x31a0
[ 1290.335755][T32103] ? __pfx_path_openat+0x10/0x10
[ 1290.335791][T32103] do_file_open+0x20e/0x430
[ 1290.335818][T32103] ? __pfx_do_file_open+0x10/0x10
[ 1290.335864][T32103] ? alloc_fd+0x476/0x790
[ 1290.335891][T32103] ? do_getname+0x191/0x390
[ 1290.335924][T32103] do_sys_openat2+0x10d/0x1e0
[ 1290.335956][T32103] ? __pfx_do_sys_openat2+0x10/0x10
[ 1290.335991][T32103] ? __fget_files+0x21f/0x3d0
[ 1290.336020][T32103] __x64_sys_openat+0x12d/0x210
[ 1290.336054][T32103] ? __pfx___x64_sys_openat+0x10/0x10
[ 1290.336099][T32103] do_syscall_64+0x106/0xf80
[ 1290.336134][T32103] ? clear_bhb_loop+0x40/0x90
[ 1290.336164][T32103] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1290.336190][T32103] RIP: 0033:0x7f750db9c799
[ 1290.336211][T32103] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1290.336235][T32103] RSP: 002b:00007f750ea4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1290.336259][T32103] RAX: ffffffffffffffda RBX: 00007f750de15fa0 RCX: 00007f750db9c799
[ 1290.336275][T32103] RDX: 0000000000129800 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1290.336291][T32103] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1290.336313][T32103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1290.336328][T32103] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1290.336359][T32103]
[ 1291.472148][T32117] netlink: 342 bytes leftover after parsing attributes in process `syz.3.11223'.
[ 1291.804654][T32093] kexec: Could not allocate control_code_buffer
[ 1295.327691][T32175] netlink: 342 bytes leftover after parsing attributes in process `syz.1.11244'.
[ 1295.802968][T32181] netlink: 342 bytes leftover after parsing attributes in process `syz.2.11247'.
[ 1295.838516][T32183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.11248'.
[ 1297.021465][T32200] FAULT_INJECTION: forcing a failure.
[ 1297.021465][T32200] name failslab, interval 1, probability 0, space 0, times 0
[ 1297.093002][T32200] CPU: 0 UID: 0 PID: 32200 Comm: syz.2.11255 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1297.093049][T32200] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1297.093060][T32200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1297.093075][T32200] Call Trace:
[ 1297.093083][T32200]
[ 1297.093092][T32200] dump_stack_lvl+0x100/0x190
[ 1297.093135][T32200] should_fail_ex.cold+0x5/0xa
[ 1297.093163][T32200] should_failslab+0xc2/0x120
[ 1297.093189][T32200] __kmalloc_cache_noprof+0x7a/0x6f0
[ 1297.093222][T32200] ? snd_seq_prioq_new+0x3f/0x110
[ 1297.093258][T32200] ? lockdep_init_map_type+0x5c/0x250
[ 1297.093296][T32200] snd_seq_prioq_new+0x3f/0x110
[ 1297.093331][T32200] snd_seq_queue_alloc+0x153/0x590
[ 1297.093367][T32200] snd_seq_ioctl_create_queue+0xa9/0x370
[ 1297.093409][T32200] call_seq_client_ctl+0xa3/0x130
[ 1297.093452][T32200] snd_seq_kernel_client_ctl+0x77/0xd0
[ 1297.093495][T32200] alloc_seq_queue+0xdb/0x180
[ 1297.093520][T32200] ? __pfx_alloc_seq_queue+0x10/0x10
[ 1297.093560][T32200] ? mark_held_locks+0x40/0x70
[ 1297.093591][T32200] ? _raw_spin_unlock_irq+0x23/0x50
[ 1297.093623][T32200] ? lockdep_hardirqs_on+0x78/0x100
[ 1297.093661][T32200] snd_seq_oss_open+0x2b2/0xa10
[ 1297.093701][T32200] odev_open+0x79/0xc0
[ 1297.093722][T32200] ? __pfx_odev_open+0x10/0x10
[ 1297.093744][T32200] soundcore_open+0x2e3/0x5a0
[ 1297.093771][T32200] ? __pfx_soundcore_open+0x10/0x10
[ 1297.093795][T32200] chrdev_open+0x234/0x6a0
[ 1297.093819][T32200] ? __pfx_apparmor_file_open+0x10/0x10
[ 1297.093862][T32200] ? __pfx_chrdev_open+0x10/0x10
[ 1297.093889][T32200] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1297.093921][T32200] do_dentry_open+0x6d8/0x1660
[ 1297.093946][T32200] ? __pfx_chrdev_open+0x10/0x10
[ 1297.093978][T32200] vfs_open+0x82/0x3f0
[ 1297.094012][T32200] path_openat+0x208c/0x31a0
[ 1297.094048][T32200] ? __pfx_path_openat+0x10/0x10
[ 1297.094084][T32200] do_file_open+0x20e/0x430
[ 1297.094111][T32200] ? __pfx_do_file_open+0x10/0x10
[ 1297.094158][T32200] ? alloc_fd+0x476/0x790
[ 1297.094185][T32200] ? do_getname+0x191/0x390
[ 1297.094219][T32200] do_sys_openat2+0x10d/0x1e0
[ 1297.094252][T32200] ? __pfx_do_sys_openat2+0x10/0x10
[ 1297.094286][T32200] ? find_held_lock+0x2b/0x80
[ 1297.094316][T32200] __x64_sys_openat+0x12d/0x210
[ 1297.094350][T32200] ? __pfx___x64_sys_openat+0x10/0x10
[ 1297.094395][T32200] do_syscall_64+0x106/0xf80
[ 1297.094429][T32200] ? clear_bhb_loop+0x40/0x90
[ 1297.094459][T32200] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1297.094485][T32200] RIP: 0033:0x7f750db9c799
[ 1297.094505][T32200] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1297.094529][T32200] RSP: 002b:00007f750ea4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1297.094553][T32200] RAX: ffffffffffffffda RBX: 00007f750de15fa0 RCX: 00007f750db9c799
[ 1297.094570][T32200] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1297.094585][T32200] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1297.094601][T32200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1297.094616][T32200] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1297.094648][T32200]
[ 1300.045634][T32230] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1300.053029][T32230] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1300.115323][T32230] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1300.157638][T32230] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1300.361952][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.388722][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 1301.540347][T29266] Bluetooth: hci3: command 0x0406 tx timeout
[ 1302.100685][T29266] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1302.106756][T29266] Bluetooth: hci2: command 0x0406 tx timeout
[ 1302.180631][T29266] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1303.472613][T32298] netlink: 86 bytes leftover after parsing attributes in process `syz.0.11285'.
[ 1304.441585][T32314] zswap: compressor not available
[ 1305.111703][T32323] netlink: 334 bytes leftover after parsing attributes in process `syz.1.11290'.
[ 1307.064395][T32351] netlink: 'syz.3.11301': attribute type 4 has an invalid length.
[ 1307.121641][T32351] netlink: 'syz.3.11301': attribute type 4 has an invalid length.
[ 1307.710211][T32360] netlink: 'syz.1.11305': attribute type 16 has an invalid length.
[ 1307.718183][T32360] netlink: 306 bytes leftover after parsing attributes in process `syz.1.11305'.
[ 1310.346480][T32414] netlink: 334 bytes leftover after parsing attributes in process `syz.1.11323'.
[ 1312.895729][T32449] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11335'.
[ 1313.027416][T32453] netlink: 'syz.0.11337': attribute type 4 has an invalid length.
[ 1313.086551][T32453] netlink: 314 bytes leftover after parsing attributes in process `syz.0.11337'.
[ 1314.234020][T32474] FAULT_INJECTION: forcing a failure.
[ 1314.234020][T32474] name failslab, interval 1, probability 0, space 0, times 0
[ 1314.307049][T32474] CPU: 0 UID: 0 PID: 32474 Comm: syz.2.11344 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1314.307096][T32474] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1314.307108][T32474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1314.307124][T32474] Call Trace:
[ 1314.307131][T32474]
[ 1314.307141][T32474] dump_stack_lvl+0x100/0x190
[ 1314.307183][T32474] should_fail_ex.cold+0x5/0xa
[ 1314.307222][T32474] should_failslab+0xc2/0x120
[ 1314.307248][T32474] __kmalloc_node_noprof+0xe6/0x850
[ 1314.307286][T32474] ? user_buffer_init+0x2a1/0x6d0
[ 1314.307330][T32474] user_buffer_init+0x2a1/0x6d0
[ 1314.307372][T32474] tracing_mark_open+0x1b7/0x240
[ 1314.307413][T32474] do_dentry_open+0x6d8/0x1660
[ 1314.307437][T32474] ? __pfx_tracing_mark_open+0x10/0x10
[ 1314.307484][T32474] vfs_open+0x82/0x3f0
[ 1314.307519][T32474] path_openat+0x208c/0x31a0
[ 1314.307553][T32474] ? __pfx_path_openat+0x10/0x10
[ 1314.307590][T32474] do_file_open+0x20e/0x430
[ 1314.307617][T32474] ? __pfx_do_file_open+0x10/0x10
[ 1314.307664][T32474] ? alloc_fd+0x476/0x790
[ 1314.307690][T32474] ? do_getname+0x191/0x390
[ 1314.307724][T32474] do_sys_openat2+0x10d/0x1e0
[ 1314.307757][T32474] ? __pfx_do_sys_openat2+0x10/0x10
[ 1314.307800][T32474] __x64_sys_openat+0x12d/0x210
[ 1314.307834][T32474] ? __pfx___x64_sys_openat+0x10/0x10
[ 1314.307879][T32474] do_syscall_64+0x106/0xf80
[ 1314.307915][T32474] ? clear_bhb_loop+0x40/0x90
[ 1314.307946][T32474] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1314.307971][T32474] RIP: 0033:0x7f750db9c799
[ 1314.307992][T32474] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1314.308016][T32474] RSP: 002b:00007f750ea4c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1314.308040][T32474] RAX: ffffffffffffffda RBX: 00007f750de15fa0 RCX: 00007f750db9c799
[ 1314.308056][T32474] RDX: 0000000000000043 RSI: 0000200000000280 RDI: ffffffffffffff9c
[ 1314.308072][T32474] RBP: 00007f750dc32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1314.308087][T32474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1314.308102][T32474] R13: 00007f750de16038 R14: 00007f750de15fa0 R15: 00007fff491a2618
[ 1314.308134][T32474]
[ 1318.117418][T32511] netlink: 346 bytes leftover after parsing attributes in process `syz.1.11357'.
[ 1321.757925][T32557] netlink: 28 bytes leftover after parsing attributes in process `syz.0.11374'.
[ 1321.863638][T32557] ipvlan0: entered promiscuous mode
[ 1321.886387][T32557] ipvlan0: entered allmulticast mode
[ 1321.922571][T32557] veth0_vlan: entered allmulticast mode
[ 1325.543506][T29266] Bluetooth: hci1: SCO packet for unknown connection handle 0
[ 1326.867829][T32628] netlink: 342 bytes leftover after parsing attributes in process `syz.1.11398'.
[ 1327.552515][T32640] netlink: 'syz.0.11404': attribute type 19 has an invalid length.
[ 1327.612639][T32640] netlink: 334 bytes leftover after parsing attributes in process `syz.0.11404'.
[ 1328.049810][T32651] netlink: 334 bytes leftover after parsing attributes in process `syz.0.11408'.
[ 1328.115909][T32651] netlink: 334 bytes leftover after parsing attributes in process `syz.0.11408'.
[ 1328.471734][T32658] netlink: 302 bytes leftover after parsing attributes in process `syz.0.11411'.
[ 1328.733748][T32661] netlink: 330 bytes leftover after parsing attributes in process `syz.2.11413'.
[ 1329.116922][T32672] netlink: 'syz.3.11417': attribute type 27 has an invalid length.
[ 1329.185616][T32672] netlink: 334 bytes leftover after parsing attributes in process `syz.3.11417'.
[ 1332.629354][T32721] netlink: 334 bytes leftover after parsing attributes in process `syz.3.11431'.
[ 1332.760848][T32713] netlink: 28 bytes leftover after parsing attributes in process `syz.1.11429'.
[ 1332.920299][T32713] ipvlan0: entered promiscuous mode
[ 1332.996734][T32713] ipvlan0: entered allmulticast mode
[ 1333.121045][T32713] veth0_vlan: entered allmulticast mode
[ 1333.391174][T32727] netlink: 334 bytes leftover after parsing attributes in process `syz.3.11434'.
[ 1333.472495][T32727] netlink: 334 bytes leftover after parsing attributes in process `syz.3.11434'.
[ 1337.218440][ T304] ------------[ cut here ]------------
[ 1337.224640][ T304] IS_ERR(old)
[ 1337.224655][ T304] WARNING: kernel/tracepoint.c:367 at tracepoint_probe_unregister+0x837/0xd10, CPU#0: syz.0.11450/304
[ 1337.239218][ T304] Modules linked in:
[ 1337.244508][ T304] CPU: 0 UID: 0 PID: 304 Comm: syz.0.11450 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1337.256167][ T304] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1337.263616][ T304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1337.273889][ T304] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10
[ 1337.281322][ T304] Code: cc e8 6d 2b fe ff 48 8d 73 f0 48 c7 c2 20 dc 09 82 48 c7 c7 40 31 87 8e e8 e6 79 e2 ff eb ba bb fe ff ff ff e8 4a 2b fe ff 90 <0f> 0b 90 eb ac e8 3f 2b fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00
[ 1337.301289][ T304] RSP: 0018:ffffc900044378a8 EFLAGS: 00010287
[ 1337.307407][ T304] RAX: 00000000000073a9 RBX: 00000000fffffffe RCX: ffffc90005621000
[ 1337.315448][ T304] RDX: 0000000000080000 RSI: ffffffff8209ed16 RDI: ffff888079500000
[ 1337.323550][ T304] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[ 1337.331961][ T304] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff821007e0
[ 1337.340183][ T304] R13: 0000000000000302 R14: 0000000000000002 R15: ffffffff8f786aa0
[ 1337.349249][ T304] FS: 00007fc339f9d6c0(0000) GS:ffff88812434a000(0000) knlGS:0000000000000000
[ 1337.358942][ T304] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1337.365606][ T304] CR2: 0000001b2d616ff8 CR3: 000000007bd1c000 CR4: 00000000003526f0
[ 1337.373670][ T304] Call Trace:
[ 1337.376971][ T304]
[ 1337.379924][ T304] tracing_stop_cmdline_record+0x66/0xa0
[ 1337.385866][ T304] __ftrace_event_enable_disable+0x5c4/0x6f0
[ 1337.392139][ T304] ftrace_event_set_open+0x224/0x380
[ 1337.397455][ T304] do_dentry_open+0x6d8/0x1660
[ 1337.402318][ T304] ? __pfx_ftrace_event_set_open+0x10/0x10
[ 1337.408182][ T304] vfs_open+0x82/0x3f0
[ 1337.412367][ T304] path_openat+0x208c/0x31a0
[ 1337.417008][ T304] ? __pfx_path_openat+0x10/0x10
[ 1337.422232][ T304] do_file_open+0x20e/0x430
[ 1337.427000][ T304] ? __pfx_do_file_open+0x10/0x10
[ 1337.432300][ T304] ? alloc_fd+0x476/0x790
[ 1337.436668][ T304] ? do_getname+0x191/0x390
[ 1337.441337][ T304] do_sys_openat2+0x10d/0x1e0
[ 1337.446056][ T304] ? __pfx_do_sys_openat2+0x10/0x10
[ 1337.452354][ T304] __x64_sys_openat+0x12d/0x210
[ 1337.457953][ T304] ? __pfx___x64_sys_openat+0x10/0x10
[ 1337.463592][ T304] do_syscall_64+0x106/0xf80
[ 1337.468223][ T304] ? clear_bhb_loop+0x40/0x90
[ 1337.473028][ T304] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1337.478949][ T304] RIP: 0033:0x7fc33919c799
[ 1337.483619][ T304] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1337.503443][ T304] RSP: 002b:00007fc339f9d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1337.511990][ T304] RAX: ffffffffffffffda RBX: 00007fc339415fa0 RCX: 00007fc33919c799
[ 1337.519988][ T304] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 1337.528082][ T304] RBP: 00007fc339232c99 R08: 0000000000000000 R09: 0000000000000000
[ 1337.536316][ T304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1337.544518][ T304] R13: 00007fc339416038 R14: 00007fc339415fa0 R15: 00007ffd9bbd2b68
[ 1337.553620][ T304]
[ 1337.557403][ T304] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1337.564711][ T304] CPU: 0 UID: 0 PID: 304 Comm: syz.0.11450 Tainted: G U I L syzkaller #0 PREEMPT(full)
[ 1337.575582][ T304] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1337.582981][ T304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1337.593141][ T304] Call Trace:
[ 1337.596436][ T304]
[ 1337.599377][ T304] dump_stack_lvl+0x100/0x190
[ 1337.604119][ T304] vpanic+0x552/0x970
[ 1337.608153][ T304] ? __pfx_vpanic+0x10/0x10
[ 1337.612710][ T304] panic+0xd1/0xe0
[ 1337.616457][ T304] ? __pfx_panic+0x10/0x10
[ 1337.620910][ T304] check_panic_on_warn.cold+0x19/0x34
[ 1337.626302][ T304] ? tracepoint_probe_unregister+0x837/0xd10
[ 1337.632297][ T304] __warn.cold+0x191/0x348
[ 1337.636731][ T304] __report_bug+0x296/0x3d0
[ 1337.641327][ T304] ? tracepoint_probe_unregister+0x837/0xd10
[ 1337.647329][ T304] ? __pfx___report_bug+0x10/0x10
[ 1337.652372][ T304] ? rcu_is_watching+0x12/0xc0
[ 1337.657166][ T304] ? trace_contention_end+0x140/0x180
[ 1337.662568][ T304] ? __mutex_lock+0x26a/0x1b90
[ 1337.667358][ T304] ? tracepoint_probe_unregister+0x31/0xd10
[ 1337.673277][ T304] ? tracepoint_probe_unregister+0x837/0xd10
[ 1337.679382][ T304] report_bug+0xb2/0x220
[ 1337.683655][ T304] ? tracepoint_probe_unregister+0x837/0xd10
[ 1337.690087][ T304] handle_bug+0x16a/0x2a0
[ 1337.694450][ T304] exc_invalid_op+0x17/0x50
[ 1337.698969][ T304] asm_exc_invalid_op+0x1a/0x20
[ 1337.703920][ T304] RIP: 0010:tracepoint_probe_unregister+0x837/0xd10
[ 1337.710529][ T304] Code: cc e8 6d 2b fe ff 48 8d 73 f0 48 c7 c2 20 dc 09 82 48 c7 c7 40 31 87 8e e8 e6 79 e2 ff eb ba bb fe ff ff ff e8 4a 2b fe ff 90 <0f> 0b 90 eb ac e8 3f 2b fe ff 49 89 dd 45 31 ff 49 be 00 00 00 00
[ 1337.730153][ T304] RSP: 0018:ffffc900044378a8 EFLAGS: 00010287
[ 1337.736262][ T304] RAX: 00000000000073a9 RBX: 00000000fffffffe RCX: ffffc90005621000
[ 1337.744252][ T304] RDX: 0000000000080000 RSI: ffffffff8209ed16 RDI: ffff888079500000
[ 1337.752239][ T304] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[ 1337.760224][ T304] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff821007e0
[ 1337.768209][ T304] R13: 0000000000000302 R14: 0000000000000002 R15: ffffffff8f786aa0
[ 1337.776228][ T304] ? __pfx_probe_sched_switch+0x10/0x10
[ 1337.781818][ T304] ? tracepoint_probe_unregister+0x836/0xd10
[ 1337.787819][ T304] ? tracepoint_probe_unregister+0x836/0xd10
[ 1337.793846][ T304] tracing_stop_cmdline_record+0x66/0xa0
[ 1337.799511][ T304] __ftrace_event_enable_disable+0x5c4/0x6f0
[ 1337.805508][ T304] ftrace_event_set_open+0x224/0x380
[ 1337.810816][ T304] do_dentry_open+0x6d8/0x1660
[ 1337.815622][ T304] ? __pfx_ftrace_event_set_open+0x10/0x10
[ 1337.821457][ T304] vfs_open+0x82/0x3f0
[ 1337.825554][ T304] path_openat+0x208c/0x31a0
[ 1337.830173][ T304] ? __pfx_path_openat+0x10/0x10
[ 1337.835140][ T304] do_file_open+0x20e/0x430
[ 1337.839666][ T304] ? __pfx_do_file_open+0x10/0x10
[ 1337.844750][ T304] ? alloc_fd+0x476/0x790
[ 1337.849096][ T304] ? do_getname+0x191/0x390
[ 1337.853628][ T304] do_sys_openat2+0x10d/0x1e0
[ 1337.858330][ T304] ? __pfx_do_sys_openat2+0x10/0x10
[ 1337.863565][ T304] __x64_sys_openat+0x12d/0x210
[ 1337.868436][ T304] ? __pfx___x64_sys_openat+0x10/0x10
[ 1337.873846][ T304] do_syscall_64+0x106/0xf80
[ 1337.878462][ T304] ? clear_bhb_loop+0x40/0x90
[ 1337.883158][ T304] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1337.889070][ T304] RIP: 0033:0x7fc33919c799
[ 1337.893516][ T304] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1337.913139][ T304] RSP: 002b:00007fc339f9d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1337.921569][ T304] RAX: ffffffffffffffda RBX: 00007fc339415fa0 RCX: 00007fc33919c799
[ 1337.929575][ T304] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 1337.937580][ T304] RBP: 00007fc339232c99 R08: 0000000000000000 R09: 0000000000000000
[ 1337.945562][ T304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1337.953542][ T304] R13: 00007fc339416038 R14: 00007fc339415fa0 R15: 00007ffd9bbd2b68
[ 1337.961542][ T304]
[ 1337.964645][ T304] Kernel Offset: disabled
[ 1337.968984][ T304] Rebooting in 86400 seconds..