last executing test programs: 8.391945078s ago: executing program 2 (id=576): clock_nanosleep$auto(0x2, 0x6, &(0x7f0000000840)={0x0, 0xc025}, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x40bc2, 0x1c0) write$auto(r0, &(0x7f0000000100)='\xea\x85\x92\x06(#\xc4\xb6(\x9e\xfcKG\xc2\xd4\xc0\v\x02\x9f%C\x00\x01\x00@!\xa9\xce\x10Y\xd0\xeb\xed\x7f\xc8\xdc(\xd3\xe9\xf3\xddT\x18\x16#\xfdQ5\xaeA\xc3\xeay\x7f\xa2TR|js\xfd\n\xa3\x98\xc8\x91\xdd\x9e\x99}s\xe0x\a\x00\x00\x00\x00\x00\x00\x00.\xa8\xc5\xdbKx\x14l\xe6\x868\xb3\xd2\x00\xea\xf9\xd1z\x8f\xd9\x877J\"\xab\xf9\xdf\xbf\xa1\xa1ms\xaf\xd9&R\x03\x00\xc0u \xc3\xc2\xd61\x97V\xcah\r\x97M\xdb\xf9\x06\x95Z\xdfK\xbeY#/\xf5g\n\x10#\x10@Ft\x9c\xd9\xd3s\x94\x8aV\xeb\xee`e9(\xe0\x88\x06\xa6-;ZM\x9b\xe1-', 0x9) sendfile$auto(r0, r0, &(0x7f0000000000)=0x1, 0xb5d) 7.864637934s ago: executing program 2 (id=579): r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 7.555801022s ago: executing program 2 (id=581): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = fcntl$auto(0x3, 0x401, 0x3) ioctl$auto_FIDEDUPERANGE(r0, 0xc0189436, 0x3) 7.059926816s ago: executing program 0 (id=583): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r0, 0x13, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r2}, @NL80211_ATTR_WIPHY_NAME={0xc, 0x2, '\x00\x00\x00\x00\x00\x00\x00\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004080}, 0x0) 6.755035186s ago: executing program 0 (id=585): close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, 0x4, 0x8201, 0x8, 0x0, 0xc, 0xe3, 0x4e, 0x3}, 0x6f4) r0 = bpf$auto(0x16, 0xffffffffffffffff, 0x0) bpf$auto_BPF_MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)=@bpf_attr_11={0x9, 0x5, 0x5, 0x0, 0x9, 0x7, 0x6, r0}, 0x3) 6.673872869s ago: executing program 2 (id=588): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x200000000000404, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) name_to_handle_at$auto(0x1010, &(0x7f00000001c0)='/\x00', &(0x7f0000000000)={0xc, 0x75c0237c, "6d962c000400003344980946"}, 0x0, 0x200) 6.41245934s ago: executing program 0 (id=590): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mq_timedreceive$auto(0xffffffffffffffff, 0x0, 0x5, 0x0, 0xffffffffffffffff) migrate_pages$auto(0x0, 0x3, 0x0, &(0x7f0000000140)=0x2) 6.363175902s ago: executing program 2 (id=591): io_uring_setup$auto(0xb, &(0x7f0000000100)={0x3, 0x7, 0x9, 0x1, 0x2, 0x82, 0xffffffffffffffff, [0xfffffff7, 0xaa6, 0x3], {0x3, 0x1, 0x1, 0xd6d, 0x6, 0x1, 0x10, 0x10, 0x9}, {0x7, 0xcc9, 0x9, 0xa, 0x81, 0x9, 0x63, 0x43, 0x4}}) connect$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x3, 0x2}, 0x52) r0 = socket(0x2, 0x802, 0x1) setsockopt$auto_SO_WIFI_STATUS(r0, 0x0, 0x30, &(0x7f0000000080)='\xef', 0x8000) 6.111709057s ago: executing program 2 (id=593): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sysfs$auto(0x2, 0x23, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r0, 0x0, 0x4) 5.518511475s ago: executing program 3 (id=596): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000200)={0x1c, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_IFINDEX={0x8, 0x8, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44000}, 0x14) 5.304053237s ago: executing program 3 (id=598): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = socket(0xa, 0x1, 0x84) getsockopt$auto(r0, 0x0, 0x34, 0x0, 0x0) 5.126140615s ago: executing program 3 (id=599): open(&(0x7f0000000100)='.\x00', 0x591083, 0x408) mmap$auto(0x0, 0xfb, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) unlinkat$auto(0xffffffffffffffff, 0x0, 0x200) 4.902269653s ago: executing program 3 (id=601): r0 = socket(0x11, 0xa, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00'}) r1 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r1, 0x29, 0x1b, &(0x7f0000000040)='!\x00', 0x1ff) 4.242868826s ago: executing program 1 (id=604): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x5) memfd_create$auto(0x0, 0x40) bpf$auto_BPF_BTF_LOAD(0x12, &(0x7f00000000c0)=@raw_tracepoint={0xba2, r0, 0x0, 0x3}, 0x4) 4.10003852s ago: executing program 1 (id=605): io_uring_setup$auto(0x59, &(0x7f0000000340)={0x7fffffff, 0xd, 0x2, 0x4, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) io_uring_enter$auto(0x3, 0x5, 0xfffffffb, 0x3, 0x0, 0x2) 3.934427918s ago: executing program 1 (id=606): socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) io_uring_setup$auto(0x52, 0x0) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@xdp={0x2c, 0xdd86, 0x0, 0x2f}, 0x22) 3.779996743s ago: executing program 1 (id=607): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getgroups$auto(0xeda, 0x0) r0 = socket(0x2, 0x5, 0x0) getsockopt$auto(r0, 0x84, 0xf, 0x0, &(0x7f0000000080)=0x9b) 3.628015335s ago: executing program 1 (id=608): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) ioctl$auto(r0, 0x4008af24, r0) 992.160278ms ago: executing program 0 (id=609): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x1, 0x0, 0x0) 945.584684ms ago: executing program 3 (id=610): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0) write$auto(r0, &(0x7f0000000340)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x0e\xfa{\x15\x1d\x11\x85o\xf1g\xb7\xb3\xdd\\\xfdG\xa9\x16R\xa4\xe9\xd1\xf4S\x94\xe1\x9c\x88\x1b\xe6.\x11\xa3\xe1\xddi\xb66\xaa\xa3\xc7iB\xc84\x11\xac\xfd\x1a*\xd4a\xfe\x05\x96\x0ec\x12\xea\xd5K\xea\xda\xa3\xfa\xc3\xedr\x17\xa5\x1c\x88{v\xb8\bj\x84\xd8g\x05r\xe7n\x7f^\x9d\xc7V\x92\xb9Z.Uc*K', 0x81) mq_timedreceive$auto(0xffffffffffffffff, 0x0, 0x4, 0x0, &(0x7f00000000c0)={0xfffffffffffffffd, 0x2}) timerfd_settime$auto(0xffffffffffffffff, 0x8, &(0x7f0000000000)={{0x80000000, 0x6}, {0x7fffffff, 0x60fa}}, 0x0) 811.152626ms ago: executing program 1 (id=611): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) fsconfig$auto_HIDEPID_INVISIBLE(r0, 0x1, 0x0, 0x0, 0x2) socket(0x2000000000000021, 0x2, 0x10000000000002) 208.680372ms ago: executing program 0 (id=612): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000240)='/\']\xfd', 0x9) readv$auto(r0, &(0x7f00000001c0)={0x0, 0x78ef}, 0x100000003) 137.010186ms ago: executing program 0 (id=613): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) lseek$auto(r0, 0x0, 0x2) readv$auto(r0, &(0x7f0000000a80)={0x0, 0x5b54}, 0x1) 0s ago: executing program 3 (id=614): socket(0x2, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0x3, 0x0, 0x3, 0xb00) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.187' (ED25519) to the list of known hosts. [ 80.957650][ T5822] cgroup: Unknown subsys name 'net' [ 81.150074][ T5822] cgroup: Unknown subsys name 'cpuset' [ 81.158643][ T5822] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 82.656046][ T5822] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 84.630912][ T5157] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.641074][ T5157] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 84.648679][ T5157] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.681689][ T5845] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.683114][ T5848] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.690189][ T5845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.697601][ T5848] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.704745][ T5845] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.718283][ T5845] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.726103][ T5845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.735122][ T5848] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.735390][ T5845] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.750630][ T5845] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.756808][ T5848] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.760767][ T5845] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.771801][ T5848] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.781662][ T5157] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.796331][ T5157] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.811981][ T5157] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.819727][ T5157] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.297611][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 85.359486][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 85.509436][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 85.528420][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 85.574965][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.582678][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.590149][ T5834] bridge_slave_0: entered allmulticast mode [ 85.597814][ T5834] bridge_slave_0: entered promiscuous mode [ 85.617883][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.625433][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.633017][ T5834] bridge_slave_1: entered allmulticast mode [ 85.640172][ T5834] bridge_slave_1: entered promiscuous mode [ 85.709753][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.717024][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.724180][ T5833] bridge_slave_0: entered allmulticast mode [ 85.731403][ T5833] bridge_slave_0: entered promiscuous mode [ 85.759000][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.766920][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.774432][ T5833] bridge_slave_1: entered allmulticast mode [ 85.781759][ T5833] bridge_slave_1: entered promiscuous mode [ 85.796055][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.827695][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.883371][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.924230][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.933587][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.940825][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.948335][ T5837] bridge_slave_0: entered allmulticast mode [ 85.955271][ T5837] bridge_slave_0: entered promiscuous mode [ 85.964862][ T5834] team0: Port device team_slave_0 added [ 85.971304][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.978607][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.985771][ T5835] bridge_slave_0: entered allmulticast mode [ 85.993193][ T5835] bridge_slave_0: entered promiscuous mode [ 86.024695][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.031947][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.039403][ T5837] bridge_slave_1: entered allmulticast mode [ 86.046401][ T5837] bridge_slave_1: entered promiscuous mode [ 86.054606][ T5834] team0: Port device team_slave_1 added [ 86.060536][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.067731][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.074919][ T5835] bridge_slave_1: entered allmulticast mode [ 86.082086][ T5835] bridge_slave_1: entered promiscuous mode [ 86.090586][ T5833] team0: Port device team_slave_0 added [ 86.125425][ T5833] team0: Port device team_slave_1 added [ 86.172152][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.182449][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.189935][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.215954][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.230282][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.252316][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.268237][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.275187][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.301162][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.313900][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.323718][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.330793][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.357447][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.395474][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.402599][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.428782][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.457189][ T5837] team0: Port device team_slave_0 added [ 86.482600][ T5837] team0: Port device team_slave_1 added [ 86.490074][ T5835] team0: Port device team_slave_0 added [ 86.518197][ T5835] team0: Port device team_slave_1 added [ 86.568263][ T5834] hsr_slave_0: entered promiscuous mode [ 86.574668][ T5834] hsr_slave_1: entered promiscuous mode [ 86.592230][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.599272][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.625369][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.654327][ T5833] hsr_slave_0: entered promiscuous mode [ 86.660793][ T5833] hsr_slave_1: entered promiscuous mode [ 86.667296][ T5833] debugfs: 'hsr0' already exists in 'hsr' [ 86.673097][ T5833] Cannot create hsr debugfs directory [ 86.679406][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.686994][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.713130][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.725788][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.732892][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.758918][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.790266][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.797306][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.823400][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.837786][ T52] Bluetooth: hci1: command tx timeout [ 86.843550][ T5838] Bluetooth: hci0: command tx timeout [ 86.849644][ T5157] Bluetooth: hci2: command tx timeout [ 86.916671][ T5838] Bluetooth: hci3: command tx timeout [ 87.041261][ T5837] hsr_slave_0: entered promiscuous mode [ 87.050406][ T5837] hsr_slave_1: entered promiscuous mode [ 87.057054][ T5837] debugfs: 'hsr0' already exists in 'hsr' [ 87.062799][ T5837] Cannot create hsr debugfs directory [ 87.094578][ T5835] hsr_slave_0: entered promiscuous mode [ 87.101371][ T5835] hsr_slave_1: entered promiscuous mode [ 87.108345][ T5835] debugfs: 'hsr0' already exists in 'hsr' [ 87.114172][ T5835] Cannot create hsr debugfs directory [ 87.528758][ T5834] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 87.542292][ T5834] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 87.553414][ T5834] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 87.572120][ T5834] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 87.640959][ T5837] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.652570][ T5837] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.668626][ T5837] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.680833][ T5837] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.779836][ T5833] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.793044][ T5833] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.803239][ T5833] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.816316][ T5833] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.905480][ T5835] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.916211][ T5835] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.927103][ T5835] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.942251][ T5835] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 88.037225][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.108859][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.119171][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.141948][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.162606][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.169903][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.198131][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.209410][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.216585][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.239688][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.246813][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.267577][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.279358][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.286586][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.320418][ T4427] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.327587][ T4427] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.359310][ T4427] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.366407][ T4427] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.377983][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.434427][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.468608][ T4427] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.475757][ T4427] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.503024][ T3459] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.510207][ T3459] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.535654][ T5833] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 88.547728][ T5833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.661774][ T5835] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.918421][ T5838] Bluetooth: hci0: command tx timeout [ 88.923873][ T5838] Bluetooth: hci1: command tx timeout [ 88.931435][ T5157] Bluetooth: hci2: command tx timeout [ 88.984549][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.996905][ T5157] Bluetooth: hci3: command tx timeout [ 89.075063][ T5834] veth0_vlan: entered promiscuous mode [ 89.096033][ T5834] veth1_vlan: entered promiscuous mode [ 89.123377][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.173140][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.210129][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.224567][ T5834] veth0_macvtap: entered promiscuous mode [ 89.252944][ T5834] veth1_macvtap: entered promiscuous mode [ 89.309411][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.322806][ T5837] veth0_vlan: entered promiscuous mode [ 89.333590][ T5833] veth0_vlan: entered promiscuous mode [ 89.345713][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.367705][ T3459] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.377477][ T3459] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.394314][ T5837] veth1_vlan: entered promiscuous mode [ 89.404417][ T3459] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.413293][ T3459] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.430430][ T5833] veth1_vlan: entered promiscuous mode [ 89.467752][ T5835] veth0_vlan: entered promiscuous mode [ 89.500469][ T5835] veth1_vlan: entered promiscuous mode [ 89.539251][ T5837] veth0_macvtap: entered promiscuous mode [ 89.581091][ T5837] veth1_macvtap: entered promiscuous mode [ 89.593869][ T3459] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.607235][ T3459] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.624224][ T5833] veth0_macvtap: entered promiscuous mode [ 89.655183][ T5833] veth1_macvtap: entered promiscuous mode [ 89.677010][ T5835] veth0_macvtap: entered promiscuous mode [ 89.699373][ T141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.707564][ T141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.710028][ T5835] veth1_macvtap: entered promiscuous mode [ 89.745410][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.772148][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.790923][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.809627][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.811793][ T5834] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 89.823335][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.850514][ T3459] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.861466][ T3459] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.873006][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.883647][ T3459] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.895399][ T3459] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.913535][ T154] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.947048][ T141] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.982291][ T141] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.992762][ T141] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.010588][ T5928] Zero length message leads to an empty skb [ 90.017119][ T141] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.025875][ T141] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.042383][ T141] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.055797][ T141] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.272375][ T141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.290550][ T141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.314285][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.332756][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.370762][ T3459] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.378927][ T3459] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.414365][ T3459] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.432159][ T3459] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.464769][ T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.503245][ T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.628212][ T3459] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.636091][ T3459] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.997670][ T52] Bluetooth: hci0: command tx timeout [ 91.003856][ T5838] Bluetooth: hci1: command tx timeout [ 91.009472][ T5157] Bluetooth: hci2: command tx timeout [ 91.077136][ T5838] Bluetooth: hci3: command tx timeout [ 91.115457][ T5952] mmap: syz.1.11 (5952) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 91.128577][ T5953] lo: entered allmulticast mode [ 91.142088][ T5950] lo: left allmulticast mode [ 91.785710][ T5979] netlink: 12 bytes leftover after parsing attributes in process `syz.2.22'. [ 91.840394][ T5981] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 91.968245][ T983] cfg80211: failed to load regulatory.db [ 92.459606][ T6006] netlink: 342 bytes leftover after parsing attributes in process `syz.1.36'. [ 92.716572][ T30] audit: type=1800 audit(1764969960.852:2): pid=6016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.41" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 93.076906][ T5157] Bluetooth: hci2: command tx timeout [ 93.082515][ T52] Bluetooth: hci0: command tx timeout [ 93.088728][ T5838] Bluetooth: hci1: command tx timeout [ 93.157162][ T5157] Bluetooth: hci3: command tx timeout [ 93.256213][ T6036] capability: warning: `syz.1.49' uses 32-bit capabilities (legacy support in use) [ 93.478826][ T6047] FAULT_INJECTION: forcing a failure. [ 93.478826][ T6047] name fail_futex, interval 1, probability 0, space 0, times 1 [ 93.519963][ T6047] CPU: 0 UID: 0 PID: 6047 Comm: syz.1.54 Not tainted syzkaller #0 PREEMPT(full) [ 93.520000][ T6047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 93.520020][ T6047] Call Trace: [ 93.520029][ T6047] [ 93.520039][ T6047] dump_stack_lvl+0x16c/0x1f0 [ 93.520076][ T6047] should_fail_ex+0x512/0x640 [ 93.520104][ T6047] ? kasan_save_track+0x14/0x30 [ 93.520134][ T6047] get_futex_key+0x1d0/0x15f0 [ 93.520168][ T6047] ? __pfx_get_futex_key+0x10/0x10 [ 93.520223][ T6047] futex_wait_setup+0x9d/0x570 [ 93.520258][ T6047] __futex_wait+0x193/0x2f0 [ 93.520284][ T6047] ? __pfx___futex_wait+0x10/0x10 [ 93.520313][ T6047] ? __pfx_futex_wake_mark+0x10/0x10 [ 93.520357][ T6047] ? futex_hash+0x2c5/0x380 [ 93.520392][ T6047] ? futex_private_hash_put+0x160/0x1b0 [ 93.520426][ T6047] futex_wait+0xe8/0x380 [ 93.520450][ T6047] ? __pfx_futex_wait+0x10/0x10 [ 93.520484][ T6047] ? do_vfs_ioctl+0x128/0x14f0 [ 93.520525][ T6047] do_futex+0x229/0x350 [ 93.520558][ T6047] ? __pfx_do_futex+0x10/0x10 [ 93.520594][ T6047] ? find_held_lock+0x2b/0x80 [ 93.520634][ T6047] __x64_sys_futex+0x1e0/0x4c0 [ 93.520672][ T6047] ? __fget_files+0x20e/0x3c0 [ 93.520698][ T6047] ? __pfx___x64_sys_futex+0x10/0x10 [ 93.520735][ T6047] ? fput+0x70/0xf0 [ 93.520770][ T6047] do_syscall_64+0xcd/0xf80 [ 93.520800][ T6047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.520827][ T6047] RIP: 0033:0x7f98d8d8f7c9 [ 93.520855][ T6047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 93.520879][ T6047] RSP: 002b:00007f98d9bbd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 93.520904][ T6047] RAX: ffffffffffffffda RBX: 00007f98d8fe5fa8 RCX: 00007f98d8d8f7c9 [ 93.520922][ T6047] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f98d8fe5fa8 [ 93.520936][ T6047] RBP: 00007f98d8fe5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 93.520952][ T6047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 93.520966][ T6047] R13: 00007f98d8fe6038 R14: 00007fff1eca4ba0 R15: 00007fff1eca4c88 [ 93.521002][ T6047] [ 93.521643][ T6047] ptrace attach of "./syz-executor exec"[5834] was attempted by "./syz-executor exec"[6047] [ 96.035121][ T6142] bridge0: port 3(team0) entered blocking state [ 96.096716][ T6142] bridge0: port 3(team0) entered disabled state [ 96.128370][ T6142] team0: entered allmulticast mode [ 96.133618][ T6142] team_slave_0: entered allmulticast mode [ 96.141615][ T6142] team_slave_1: entered allmulticast mode [ 96.163618][ T6142] team0: entered promiscuous mode [ 96.186063][ T6142] team_slave_0: entered promiscuous mode [ 96.195039][ T6142] team_slave_1: entered promiscuous mode [ 96.205684][ T6142] bridge0: port 3(team0) entered blocking state [ 96.212269][ T6142] bridge0: port 3(team0) entered forwarding state [ 97.135685][ T6186] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.119'. [ 97.481839][ T6207] FAULT_INJECTION: forcing a failure. [ 97.481839][ T6207] name failslab, interval 1, probability 0, space 0, times 1 [ 97.495819][ T6207] CPU: 1 UID: 0 PID: 6207 Comm: syz.1.127 Not tainted syzkaller #0 PREEMPT(full) [ 97.495854][ T6207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 97.495869][ T6207] Call Trace: [ 97.495877][ T6207] [ 97.495887][ T6207] dump_stack_lvl+0x16c/0x1f0 [ 97.495921][ T6207] should_fail_ex+0x512/0x640 [ 97.495949][ T6207] ? kmem_cache_alloc_lru_noprof+0x66/0x760 [ 97.495993][ T6207] should_failslab+0xc2/0x120 [ 97.496023][ T6207] kmem_cache_alloc_lru_noprof+0x79/0x760 [ 97.496059][ T6207] ? __d_lookup+0x25c/0x4a0 [ 97.496093][ T6207] ? __d_alloc+0x35/0xa80 [ 97.496126][ T6207] ? __d_alloc+0x35/0xa80 [ 97.496152][ T6207] __d_alloc+0x35/0xa80 [ 97.496184][ T6207] d_alloc+0x4a/0x1e0 [ 97.496216][ T6207] lookup_one_qstr_excl+0x175/0x250 [ 97.496251][ T6207] ? mnt_want_write+0x161/0x450 [ 97.496277][ T6207] filename_create+0x1cf/0x400 [ 97.496303][ T6207] ? __pfx_filename_create+0x10/0x10 [ 97.496333][ T6207] ? find_held_lock+0x2b/0x80 [ 97.496370][ T6207] ? __might_fault+0xe3/0x190 [ 97.496413][ T6207] do_mknodat+0x19c/0x6f0 [ 97.496441][ T6207] ? __pfx_do_mknodat+0x10/0x10 [ 97.496468][ T6207] ? getname_flags.part.0+0x1c5/0x550 [ 97.496509][ T6207] __x64_sys_mknod+0x87/0xb0 [ 97.496540][ T6207] do_syscall_64+0xcd/0xf80 [ 97.496569][ T6207] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.496595][ T6207] RIP: 0033:0x7f98d8d8f7c9 [ 97.496615][ T6207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.496647][ T6207] RSP: 002b:00007f98d9bbd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 97.496672][ T6207] RAX: ffffffffffffffda RBX: 00007f98d8fe5fa0 RCX: 00007f98d8d8f7c9 [ 97.496689][ T6207] RDX: 0000000000000103 RSI: 0000000000000007 RDI: 00002000000003c0 [ 97.496704][ T6207] RBP: 00007f98d8e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 97.496719][ T6207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 97.496734][ T6207] R13: 00007f98d8fe6038 R14: 00007f98d8fe5fa0 R15: 00007fff1eca4c88 [ 97.496771][ T6207] [ 99.442423][ T5157] Bluetooth: hci3: unexpected event 0x04 length: 12 > 10 [ 99.442459][ T5157] Bluetooth: unknown link type 255 [ 99.456583][ T5157] Bluetooth: hci3: connection err: -111 [ 99.806201][ T6290] netlink: 4 bytes leftover after parsing attributes in process `syz.2.164'. [ 99.820913][ T6290] netlink: 4 bytes leftover after parsing attributes in process `syz.2.164'. [ 100.147326][ T6310] FAULT_INJECTION: forcing a failure. [ 100.147326][ T6310] name failslab, interval 1, probability 0, space 0, times 0 [ 100.162397][ T6310] CPU: 1 UID: 0 PID: 6310 Comm: syz.3.172 Not tainted syzkaller #0 PREEMPT(full) [ 100.162430][ T6310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 100.162446][ T6310] Call Trace: [ 100.162454][ T6310] [ 100.162464][ T6310] dump_stack_lvl+0x16c/0x1f0 [ 100.162504][ T6310] should_fail_ex+0x512/0x640 [ 100.162533][ T6310] ? __kmalloc_cache_noprof+0x5f/0x800 [ 100.162569][ T6310] should_failslab+0xc2/0x120 [ 100.162597][ T6310] __kmalloc_cache_noprof+0x72/0x800 [ 100.162631][ T6310] ? percpu_ref_init+0xec/0x410 [ 100.162667][ T6310] ? percpu_ref_init+0xec/0x410 [ 100.162691][ T6308] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 100.162699][ T6310] ? __pfx_free_ioctx_users+0x10/0x10 [ 100.162730][ T6310] percpu_ref_init+0xec/0x410 [ 100.162765][ T6310] ? __init_waitqueue_head+0xca/0x150 [ 100.162804][ T6310] ioctx_alloc+0x2e8/0x2110 [ 100.162843][ T6310] ? find_held_lock+0x2b/0x80 [ 100.162876][ T6310] ? __pfx_ioctx_alloc+0x10/0x10 [ 100.162904][ T6310] ? __might_fault+0x13b/0x190 [ 100.162950][ T6310] __x64_sys_io_setup+0xc9/0x210 [ 100.162984][ T6310] do_syscall_64+0xcd/0xf80 [ 100.163011][ T6310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.163036][ T6310] RIP: 0033:0x7fa23ab8f7c9 [ 100.163057][ T6310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.163079][ T6310] RSP: 002b:00007fa23ba76038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 100.163102][ T6310] RAX: ffffffffffffffda RBX: 00007fa23ade5fa0 RCX: 00007fa23ab8f7c9 [ 100.163119][ T6310] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 000000000000000e [ 100.163135][ T6310] RBP: 00007fa23ac13f91 R08: 0000000000000000 R09: 0000000000000000 [ 100.163151][ T6310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 100.163165][ T6310] R13: 00007fa23ade6038 R14: 00007fa23ade5fa0 R15: 00007ffe3efcb5a8 [ 100.163201][ T6310] [ 100.213938][ T6311] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 100.501285][ T6319] sctp: [Deprecated]: syz.0.177 (pid 6319) Use of int in maxseg socket option. [ 100.501285][ T6319] Use struct sctp_assoc_value instead [ 100.603755][ T6324] process 'syz.3.179' launched ':,' with NULL argv: empty string added [ 100.799581][ T6330] FAULT_INJECTION: forcing a failure. [ 100.799581][ T6330] name failslab, interval 1, probability 0, space 0, times 0 [ 100.812465][ T6330] CPU: 0 UID: 0 PID: 6330 Comm: syz.3.182 Not tainted syzkaller #0 PREEMPT(full) [ 100.812502][ T6330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 100.812518][ T6330] Call Trace: [ 100.812526][ T6330] [ 100.812537][ T6330] dump_stack_lvl+0x16c/0x1f0 [ 100.812571][ T6330] should_fail_ex+0x512/0x640 [ 100.812600][ T6330] ? kmem_cache_alloc_noprof+0x62/0x760 [ 100.812642][ T6330] should_failslab+0xc2/0x120 [ 100.812671][ T6330] kmem_cache_alloc_noprof+0x75/0x760 [ 100.812711][ T6330] ? prepare_creds+0x2c/0x740 [ 100.812753][ T6330] ? prepare_creds+0x2c/0x740 [ 100.812783][ T6330] prepare_creds+0x2c/0x740 [ 100.812818][ T6330] join_session_keyring+0x17/0x340 [ 100.812849][ T6330] lookup_user_key+0x576/0x1300 [ 100.812882][ T6330] ? __pfx_lookup_user_key+0x10/0x10 [ 100.812913][ T6330] ? __pfx_do_futex+0x10/0x10 [ 100.812950][ T6330] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 100.812997][ T6330] keyctl_keyring_move+0xb4/0x150 [ 100.813024][ T6330] __do_sys_keyctl+0x171/0x590 [ 100.813053][ T6330] do_syscall_64+0xcd/0xf80 [ 100.813082][ T6330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.813107][ T6330] RIP: 0033:0x7fa23ab8f7c9 [ 100.813129][ T6330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.813153][ T6330] RSP: 002b:00007fa23ba76038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 100.813177][ T6330] RAX: ffffffffffffffda RBX: 00007fa23ade5fa0 RCX: 00007fa23ab8f7c9 [ 100.813194][ T6330] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 000000000000001e [ 100.813210][ T6330] RBP: 00007fa23ac13f91 R08: 0000000000000001 R09: 0000000000000000 [ 100.813225][ T6330] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 100.813241][ T6330] R13: 00007fa23ade6038 R14: 00007fa23ade5fa0 R15: 00007ffe3efcb5a8 [ 100.813278][ T6330] [ 102.490589][ T6383] netlink: 334 bytes leftover after parsing attributes in process `syz.0.207'. [ 103.438115][ T6415] FAULT_INJECTION: forcing a failure. [ 103.438115][ T6415] name fail_futex, interval 1, probability 0, space 0, times 0 [ 103.489085][ T6415] CPU: 1 UID: 0 PID: 6415 Comm: syz.1.221 Not tainted syzkaller #0 PREEMPT(full) [ 103.489121][ T6415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 103.489136][ T6415] Call Trace: [ 103.489144][ T6415] [ 103.489154][ T6415] dump_stack_lvl+0x16c/0x1f0 [ 103.489188][ T6415] should_fail_ex+0x512/0x640 [ 103.489231][ T6415] get_futex_key+0x1d0/0x15f0 [ 103.489268][ T6415] ? __pfx_get_futex_key+0x10/0x10 [ 103.489298][ T6415] ? futex_wake_op+0x84e/0xe40 [ 103.489345][ T6415] futex_wake+0xea/0x530 [ 103.489385][ T6415] ? __pfx_futex_wake_op+0x10/0x10 [ 103.489427][ T6415] ? __pfx_futex_wake+0x10/0x10 [ 103.489481][ T6415] do_futex+0x1e3/0x350 [ 103.489515][ T6415] ? __pfx_do_futex+0x10/0x10 [ 103.489543][ T6415] ? iput+0x35/0x40 [ 103.489576][ T6415] ? __sock_release+0x20b/0x270 [ 103.489616][ T6415] __x64_sys_futex+0x1e0/0x4c0 [ 103.489651][ T6415] ? __sys_socket+0xad/0x2d0 [ 103.489671][ T6415] ? fput+0x70/0xf0 [ 103.489698][ T6415] ? __pfx___x64_sys_futex+0x10/0x10 [ 103.489730][ T6415] ? xfd_validate_state+0x61/0x180 [ 103.489754][ T6415] ? __pfx_ksys_write+0x10/0x10 [ 103.489790][ T6415] do_syscall_64+0xcd/0xf80 [ 103.489818][ T6415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.489844][ T6415] RIP: 0033:0x7f98d8d8f7c9 [ 103.489866][ T6415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.489890][ T6415] RSP: 002b:00007f98d9bbd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 103.489915][ T6415] RAX: ffffffffffffffda RBX: 00007f98d8fe5fa8 RCX: 00007f98d8d8f7c9 [ 103.489933][ T6415] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f98d8fe5fac [ 103.489949][ T6415] RBP: 00007f98d8fe5fa0 R08: 00007f98d9bbe000 R09: 0000000000000000 [ 103.489964][ T6415] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 103.489978][ T6415] R13: 00007f98d8fe6038 R14: 00007fff1eca4ba0 R15: 00007fff1eca4c88 [ 103.490012][ T6415] [ 104.482343][ T30] audit: type=1800 audit(1764969972.622:3): pid=6445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.235" name="dbroot" dev="configfs" ino=9656 res=0 errno=0 [ 105.310247][ T6478] FAULT_INJECTION: forcing a failure. [ 105.310247][ T6478] name failslab, interval 1, probability 0, space 0, times 0 [ 105.355841][ T6478] CPU: 1 UID: 0 PID: 6478 Comm: syz.1.249 Not tainted syzkaller #0 PREEMPT(full) [ 105.355877][ T6478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 105.355891][ T6478] Call Trace: [ 105.355900][ T6478] [ 105.355909][ T6478] dump_stack_lvl+0x16c/0x1f0 [ 105.355940][ T6478] should_fail_ex+0x512/0x640 [ 105.355975][ T6478] ? __kmalloc_node_noprof+0xcd/0x920 [ 105.356004][ T6478] should_failslab+0xc2/0x120 [ 105.356041][ T6478] __kmalloc_node_noprof+0xe0/0x920 [ 105.356065][ T6478] ? alloc_slab_obj_exts+0x43/0xf0 [ 105.356096][ T6478] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 105.356129][ T6478] ? alloc_slab_obj_exts+0x43/0xf0 [ 105.356159][ T6478] alloc_slab_obj_exts+0x43/0xf0 [ 105.356191][ T6478] new_slab+0x353/0x430 [ 105.356225][ T6478] ___slab_alloc+0xe18/0x1c90 [ 105.356258][ T6478] ? sk_prot_alloc+0x60/0x2a0 [ 105.356299][ T6478] ? sk_prot_alloc+0x60/0x2a0 [ 105.356332][ T6478] ? __slab_alloc.constprop.0+0x63/0x110 [ 105.356363][ T6478] __slab_alloc.constprop.0+0x63/0x110 [ 105.356400][ T6478] kmem_cache_alloc_noprof+0x43f/0x760 [ 105.356433][ T6478] ? sk_prot_alloc+0x60/0x2a0 [ 105.356472][ T6478] ? sk_prot_alloc+0x60/0x2a0 [ 105.356503][ T6478] sk_prot_alloc+0x60/0x2a0 [ 105.356541][ T6478] sk_alloc+0x36/0xc20 [ 105.356571][ T6478] kcm_create+0xfc/0x690 [ 105.356608][ T6478] __sock_create+0x339/0x8a0 [ 105.356638][ T6478] __sys_socket+0x153/0x2d0 [ 105.356659][ T6478] ? fput+0x70/0xf0 [ 105.356689][ T6478] ? __pfx___sys_socket+0x10/0x10 [ 105.356712][ T6478] ? xfd_validate_state+0x61/0x180 [ 105.356735][ T6478] ? __pfx_ksys_write+0x10/0x10 [ 105.356768][ T6478] __x64_sys_socket+0x72/0xb0 [ 105.356790][ T6478] ? lockdep_hardirqs_on+0x7c/0x110 [ 105.356816][ T6478] do_syscall_64+0xcd/0xf80 [ 105.356844][ T6478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.356868][ T6478] RIP: 0033:0x7f98d8d8f7c9 [ 105.356888][ T6478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.356911][ T6478] RSP: 002b:00007f98d9bbd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 105.356935][ T6478] RAX: ffffffffffffffda RBX: 00007f98d8fe5fa0 RCX: 00007f98d8d8f7c9 [ 105.356952][ T6478] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000029 [ 105.356967][ T6478] RBP: 00007f98d8e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 105.356982][ T6478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 105.356997][ T6478] R13: 00007f98d8fe6038 R14: 00007f98d8fe5fa0 R15: 00007fff1eca4c88 [ 105.357032][ T6478] [ 105.675803][ T5157] Bluetooth: hci3: Malformed HCI Event [ 105.695797][ T6479] zswap: compressor not available syzkaller syzkaller login: [ 107.881684][ T6554] netlink: 342 bytes leftover after parsing attributes in process `syz.1.281'. [ 108.155941][ T6565] syz.3.288 uses obsolete (PF_INET,SOCK_PACKET) [ 108.450415][ T6581] FAULT_INJECTION: forcing a failure. [ 108.450415][ T6581] name failslab, interval 1, probability 0, space 0, times 0 [ 108.466974][ T6581] CPU: 1 UID: 0 PID: 6581 Comm: syz.3.295 Not tainted syzkaller #0 PREEMPT(full) [ 108.467009][ T6581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 108.467025][ T6581] Call Trace: [ 108.467034][ T6581] [ 108.467044][ T6581] dump_stack_lvl+0x16c/0x1f0 [ 108.467078][ T6581] should_fail_ex+0x512/0x640 [ 108.467106][ T6581] ? __kmalloc_noprof+0xca/0x8f0 [ 108.467145][ T6581] should_failslab+0xc2/0x120 [ 108.467176][ T6581] __kmalloc_noprof+0xdd/0x8f0 [ 108.467209][ T6581] ? __pfx___might_resched+0x10/0x10 [ 108.467232][ T6581] ? load_msg+0x118/0x4a0 [ 108.467271][ T6581] ? load_msg+0x118/0x4a0 [ 108.467301][ T6581] load_msg+0x118/0x4a0 [ 108.467346][ T6581] do_msgrcv+0x202/0x16c0 [ 108.467380][ T6581] ? do_futex+0x122/0x350 [ 108.467414][ T6581] ? __pfx_do_msg_fill+0x10/0x10 [ 108.467458][ T6581] ? __pfx_do_msgrcv+0x10/0x10 [ 108.467491][ T6581] ? __x64_sys_futex+0x1e0/0x4c0 [ 108.467532][ T6581] ? xfd_validate_state+0x61/0x180 [ 108.467557][ T6581] ? __pfx_ksys_write+0x10/0x10 [ 108.467593][ T6581] ? do_syscall_64+0xcd/0xf80 [ 108.467619][ T6581] do_syscall_64+0xcd/0xf80 [ 108.467645][ T6581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.467669][ T6581] RIP: 0033:0x7fa23ab8f7c9 [ 108.467689][ T6581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.467713][ T6581] RSP: 002b:00007fa23ba76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000046 [ 108.467737][ T6581] RAX: ffffffffffffffda RBX: 00007fa23ade5fa0 RCX: 00007fa23ab8f7c9 [ 108.467761][ T6581] RDX: 0000002400000000 RSI: 0000000000000000 RDI: 00000000000000ff [ 108.467776][ T6581] RBP: 00007fa23ac13f91 R08: 000000006bc2cc7d R09: 0000000000000000 [ 108.467792][ T6581] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 108.467807][ T6581] R13: 00007fa23ade6038 R14: 00007fa23ade5fa0 R15: 00007ffe3efcb5a8 [ 108.467842][ T6581] [ 109.175103][ T6594] Process accounting resumed [ 109.513269][ T6625] bridge0: port 3(veth0_to_bridge) entered blocking state [ 109.546877][ T6625] bridge0: port 3(veth0_to_bridge) entered disabled state [ 109.554208][ T6625] veth0_to_bridge: entered allmulticast mode [ 109.597606][ T6625] veth0_to_bridge: entered promiscuous mode [ 109.617103][ T6625] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 109.647609][ T6625] bridge0: port 3(veth0_to_bridge) entered blocking state [ 109.654899][ T6625] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 110.009964][ T6645] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 110.823630][ T6680] FAULT_INJECTION: forcing a failure. [ 110.823630][ T6680] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 110.862869][ T6680] CPU: 0 UID: 0 PID: 6680 Comm: syz.2.340 Not tainted syzkaller #0 PREEMPT(full) [ 110.862903][ T6680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 110.862917][ T6680] Call Trace: [ 110.862925][ T6680] [ 110.862936][ T6680] dump_stack_lvl+0x16c/0x1f0 [ 110.862968][ T6680] should_fail_ex+0x512/0x640 [ 110.863002][ T6680] set_fd_set.part.0+0x36/0xc0 [ 110.863029][ T6680] core_sys_select+0x930/0xae0 [ 110.863064][ T6680] ? __pfx_core_sys_select+0x10/0x10 [ 110.863098][ T6680] ? futex_wait+0x120/0x380 [ 110.863149][ T6680] ? __pfx_do_futex+0x10/0x10 [ 110.863191][ T6680] kern_select+0x15d/0x1e0 [ 110.863215][ T6680] ? __pfx_kern_select+0x10/0x10 [ 110.863241][ T6680] ? xfd_validate_state+0x61/0x180 [ 110.863264][ T6680] ? __pfx_ksys_write+0x10/0x10 [ 110.863287][ T6680] ? security_setselfattr+0x25a/0x320 [ 110.863327][ T6680] __x64_sys_select+0xbd/0x160 [ 110.863349][ T6680] ? do_syscall_64+0x91/0xf80 [ 110.863370][ T6680] ? lockdep_hardirqs_on+0x7c/0x110 [ 110.863393][ T6680] do_syscall_64+0xcd/0xf80 [ 110.863417][ T6680] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.863437][ T6680] RIP: 0033:0x7f54df98f7c9 [ 110.863454][ T6680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.863474][ T6680] RSP: 002b:00007f54e08ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 110.863494][ T6680] RAX: ffffffffffffffda RBX: 00007f54dfbe5fa0 RCX: 00007f54df98f7c9 [ 110.863508][ T6680] RDX: 00002000000005c0 RSI: 0000000000000000 RDI: 0000000000000005 [ 110.863521][ T6680] RBP: 00007f54dfa13f91 R08: 0000000000000000 R09: 0000000000000000 [ 110.863535][ T6680] R10: 00002000000006c0 R11: 0000000000000246 R12: 0000000000000000 [ 110.863549][ T6680] R13: 00007f54dfbe6038 R14: 00007f54dfbe5fa0 R15: 00007ffd236dfee8 [ 110.863583][ T6680] [ 112.295747][ T6721] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 114.664032][ T6827] ovs_?: entered promiscuous mode [ 114.983287][ T6841] netlink: 8 bytes leftover after parsing attributes in process `syz.1.413'. [ 115.037006][ T6843] FAULT_INJECTION: forcing a failure. [ 115.037006][ T6843] name failslab, interval 1, probability 0, space 0, times 0 [ 115.124828][ T6843] CPU: 1 UID: 0 PID: 6843 Comm: syz.0.412 Not tainted syzkaller #0 PREEMPT(full) [ 115.124864][ T6843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 115.124880][ T6843] Call Trace: [ 115.124889][ T6843] [ 115.124899][ T6843] dump_stack_lvl+0x16c/0x1f0 [ 115.124933][ T6843] should_fail_ex+0x512/0x640 [ 115.124962][ T6843] ? __kmalloc_cache_noprof+0x5f/0x800 [ 115.125002][ T6843] should_failslab+0xc2/0x120 [ 115.125032][ T6843] __kmalloc_cache_noprof+0x72/0x800 [ 115.125064][ T6843] ? __pfx_inc_ucount+0x10/0x10 [ 115.125093][ T6843] ? alloc_mnt_ns+0xd1/0x320 [ 115.125136][ T6843] ? alloc_mnt_ns+0xd1/0x320 [ 115.125171][ T6843] alloc_mnt_ns+0xd1/0x320 [ 115.125211][ T6843] copy_mnt_ns+0xb1/0xa60 [ 115.125242][ T6843] ? create_new_namespaces+0x30/0xab0 [ 115.125287][ T6843] create_new_namespaces+0xd3/0xab0 [ 115.125322][ T6843] ? bpf_lsm_capable+0x9/0x10 [ 115.125356][ T6843] ? security_capable+0x7e/0x260 [ 115.125402][ T6843] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 115.125445][ T6843] ksys_unshare+0x45b/0xa40 [ 115.125473][ T6843] ? __pfx_ksys_unshare+0x10/0x10 [ 115.125501][ T6843] ? xfd_validate_state+0x61/0x180 [ 115.125537][ T6843] __x64_sys_unshare+0x31/0x40 [ 115.125563][ T6843] do_syscall_64+0xcd/0xf80 [ 115.125591][ T6843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.125616][ T6843] RIP: 0033:0x7f2a5c18f7c9 [ 115.125636][ T6843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.125660][ T6843] RSP: 002b:00007f2a5a3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 115.125684][ T6843] RAX: ffffffffffffffda RBX: 00007f2a5c3e5fa0 RCX: 00007f2a5c18f7c9 [ 115.125702][ T6843] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 115.125718][ T6843] RBP: 00007f2a5c213f91 R08: 0000000000000000 R09: 0000000000000000 [ 115.125733][ T6843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 115.125748][ T6843] R13: 00007f2a5c3e6038 R14: 00007f2a5c3e5fa0 R15: 00007ffda0b98f68 [ 115.125785][ T6843] [ 115.690807][ T6860] netlink: 29 bytes leftover after parsing attributes in process `syz.3.422'. [ 115.722438][ T6855] db_root: cannot open: [ 115.986007][ T6868] netlink: 'syz.2.426': attribute type 2 has an invalid length. [ 117.184146][ T6907] ovs_: entered promiscuous mode [ 117.441724][ T5157] Bluetooth: hci3: unknown advertising packet type: 0xea [ 117.689153][ T6925] netlink: 8 bytes leftover after parsing attributes in process `syz.2.451'. [ 117.847976][ T6933] Device name cannot be null; rc = [-22] [ 118.010244][ T6937] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 118.202765][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 118.215332][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 118.228300][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 118.241728][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 118.254290][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 118.267006][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 118.279605][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 118.292194][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 118.304758][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 118.317230][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 123.206525][ C0] net_ratelimit: 10308 callbacks suppressed [ 123.206550][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 123.224970][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 123.238462][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 123.256761][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 123.269350][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 123.281988][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 123.295743][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 123.308392][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 123.320915][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 123.333655][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 123.426799][ T7020] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input5 [ 123.758109][ T7024] netlink: 16 bytes leftover after parsing attributes in process `syz.2.490'. [ 123.809520][ T7025] FAULT_INJECTION: forcing a failure. [ 123.809520][ T7025] name failslab, interval 1, probability 0, space 0, times 0 [ 124.056649][ T7025] CPU: 1 UID: 0 PID: 7025 Comm: syz.0.489 Not tainted syzkaller #0 PREEMPT(full) [ 124.056687][ T7025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 124.056706][ T7025] Call Trace: [ 124.056715][ T7025] [ 124.056725][ T7025] dump_stack_lvl+0x16c/0x1f0 [ 124.056766][ T7025] should_fail_ex+0x512/0x640 [ 124.056795][ T7025] ? __kmalloc_noprof+0xca/0x8f0 [ 124.056832][ T7025] should_failslab+0xc2/0x120 [ 124.056870][ T7025] __kmalloc_noprof+0xdd/0x8f0 [ 124.056904][ T7025] ? lsm_blob_alloc+0x68/0x90 [ 124.056946][ T7025] ? lsm_blob_alloc+0x68/0x90 [ 124.056984][ T7025] lsm_blob_alloc+0x68/0x90 [ 124.057019][ T7025] security_prepare_creds+0x2f/0x270 [ 124.057056][ T7025] prepare_creds+0x501/0x740 [ 124.057093][ T7025] __sys_setfsgid+0xe3/0x380 [ 124.057131][ T7025] ? rcu_is_watching+0x12/0xc0 [ 124.057160][ T7025] do_syscall_64+0xcd/0xf80 [ 124.057189][ T7025] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.057214][ T7025] RIP: 0033:0x7f2a5c18f7c9 [ 124.057239][ T7025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.057264][ T7025] RSP: 002b:00007f2a5a3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000007b [ 124.057287][ T7025] RAX: ffffffffffffffda RBX: 00007f2a5c3e5fa0 RCX: 00007f2a5c18f7c9 [ 124.057303][ T7025] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee00 [ 124.057318][ T7025] RBP: 00007f2a5c213f91 R08: 0000000000000000 R09: 0000000000000000 [ 124.057332][ T7025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.057346][ T7025] R13: 00007f2a5c3e6038 R14: 00007f2a5c3e5fa0 R15: 00007ffda0b98f68 [ 124.057383][ T7025] [ 127.946711][ T7070] ======================================================= [ 127.946711][ T7070] WARNING: The mand mount option has been deprecated and [ 127.946711][ T7070] and is ignored by this kernel. Remove the mand [ 127.946711][ T7070] option from the mount to silence this warning. [ 127.946711][ T7070] ======================================================= [ 128.216795][ C0] net_ratelimit: 6845 callbacks suppressed [ 128.216822][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 128.235186][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 128.247790][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 128.261404][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 128.274500][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 128.287014][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 128.299574][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 128.313255][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 128.325875][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 128.338372][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 130.630005][ T7110] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 132.467803][ T7134] FAULT_INJECTION: forcing a failure. [ 132.467803][ T7134] name failslab, interval 1, probability 0, space 0, times 0 [ 132.480744][ T7134] CPU: 1 UID: 0 PID: 7134 Comm: syz.2.538 Not tainted syzkaller #0 PREEMPT(full) [ 132.480779][ T7134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 132.480795][ T7134] Call Trace: [ 132.480804][ T7134] [ 132.480815][ T7134] dump_stack_lvl+0x16c/0x1f0 [ 132.480849][ T7134] should_fail_ex+0x512/0x640 [ 132.480886][ T7134] should_failslab+0xc2/0x120 [ 132.480916][ T7134] __kmalloc_cache_noprof+0x72/0x800 [ 132.480952][ T7134] ? report_access+0x100/0x550 [ 132.480991][ T7134] ? report_access+0x100/0x550 [ 132.481023][ T7134] report_access+0x100/0x550 [ 132.481063][ T7134] yama_ptrace_access_check+0x589/0xd10 [ 132.481105][ T7134] security_ptrace_access_check+0xb2/0x210 [ 132.481145][ T7134] __ptrace_may_access+0x498/0x940 [ 132.481183][ T7134] ptrace_attach+0x24f/0x6c0 [ 132.481212][ T7134] __x64_sys_ptrace+0x25c/0x2a0 [ 132.481241][ T7134] do_syscall_64+0xcd/0xf80 [ 132.481270][ T7134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.481296][ T7134] RIP: 0033:0x7f54df98f7c9 [ 132.481318][ T7134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.481341][ T7134] RSP: 002b:00007f54e08ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 132.481366][ T7134] RAX: ffffffffffffffda RBX: 00007f54dfbe5fa0 RCX: 00007f54df98f7c9 [ 132.481383][ T7134] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000004206 [ 132.481397][ T7134] RBP: 00007f54dfa13f91 R08: 0000000000000000 R09: 0000000000000000 [ 132.481412][ T7134] R10: 0000000000200005 R11: 0000000000000246 R12: 0000000000000000 [ 132.481427][ T7134] R13: 00007f54dfbe6038 R14: 00007f54dfbe5fa0 R15: 00007ffd236dfee8 [ 132.481466][ T7134] [ 132.756360][ T7137] Invalid ELF header len 5 [ 133.226628][ C0] net_ratelimit: 7038 callbacks suppressed [ 133.226651][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 133.244986][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 133.257517][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 133.271087][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 133.283665][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 133.296176][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 133.308757][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 133.322420][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 133.335072][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 133.347549][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 134.117354][ T7163] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 135.118858][ T5157] Bluetooth: hci0: unexpected event 0x04 length: 12 > 10 [ 135.118896][ T5157] Bluetooth: unknown link type 255 [ 135.131569][ T5157] Bluetooth: hci0: connection err: -111 [ 137.446095][ T7219] netlink: 32 bytes leftover after parsing attributes in process `syz.2.574'. [ 137.937304][ T7222] zswap: compressor not available [ 138.051251][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.068465][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.237151][ C0] net_ratelimit: 7235 callbacks suppressed [ 138.237175][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 138.244149][ T7235] random: crng reseeded on system resumption [ 138.255532][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 138.273782][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 138.286369][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 138.299981][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 138.312510][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 138.325021][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 138.337616][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 138.351204][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 138.363788][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 139.290045][ T7242] Process accounting paused [ 143.247144][ C0] net_ratelimit: 7346 callbacks suppressed [ 143.247169][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 143.265475][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 143.277805][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 143.290366][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 143.303356][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 143.315780][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 143.328058][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 143.340493][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 143.353414][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 143.365844][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:16:50:f1:01:f6:36, vlan:0) [ 145.209619][ T7311] FAULT_INJECTION: forcing a failure. [ 145.209619][ T7311] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 145.273284][ T7311] CPU: 1 UID: 0 PID: 7311 Comm: syz.3.610 Not tainted syzkaller #0 PREEMPT(full) [ 145.273321][ T7311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 145.273336][ T7311] Call Trace: [ 145.273345][ T7311] [ 145.273355][ T7311] dump_stack_lvl+0x16c/0x1f0 [ 145.273389][ T7311] should_fail_ex+0x512/0x640 [ 145.273424][ T7311] _copy_from_user+0x2e/0xd0 [ 145.273455][ T7311] get_itimerspec64+0x15b/0x2d0 [ 145.273491][ T7311] ? __pfx_get_itimerspec64+0x10/0x10 [ 145.273525][ T7311] ? _copy_from_user+0x59/0xd0 [ 145.273558][ T7311] __x64_sys_timerfd_settime+0x15f/0x280 [ 145.273598][ T7311] ? __pfx___x64_sys_timerfd_settime+0x10/0x10 [ 145.273657][ T7311] do_syscall_64+0xcd/0xf80 [ 145.273686][ T7311] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.273712][ T7311] RIP: 0033:0x7fa23ab8f7c9 [ 145.273733][ T7311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.273757][ T7311] RSP: 002b:00007fa23ba76038 EFLAGS: 00000246 ORIG_RAX: 000000000000011e [ 145.273781][ T7311] RAX: ffffffffffffffda RBX: 00007fa23ade5fa0 RCX: 00007fa23ab8f7c9 [ 145.273798][ T7311] RDX: 0000200000000000 RSI: 0000000000000008 RDI: ffffffffffffffff [ 145.273814][ T7311] RBP: 00007fa23ac13f91 R08: 0000000000000000 R09: 0000000000000000 [ 145.273829][ T7311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 145.273843][ T7311] R13: 00007fa23ade6038 R14: 00007fa23ade5fa0 R15: 00007ffe3efcb5a8 [ 145.273879][ T7311] [ 145.500034][ T7315] FAULT_INJECTION: forcing a failure. [ 145.500034][ T7315] name failslab, interval 1, probability 0, space 0, times 0 [ 145.513032][ T7315] CPU: 1 UID: 0 PID: 7315 Comm: syz.1.611 Not tainted syzkaller #0 PREEMPT(full) [ 145.513067][ T7315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 145.513082][ T7315] Call Trace: [ 145.513091][ T7315] [ 145.513102][ T7315] dump_stack_lvl+0x16c/0x1f0 [ 145.513134][ T7315] should_fail_ex+0x512/0x640 [ 145.513163][ T7315] ? kmem_cache_alloc_lru_noprof+0x66/0x760 [ 145.513205][ T7315] should_failslab+0xc2/0x120 [ 145.513236][ T7315] kmem_cache_alloc_lru_noprof+0x79/0x760 [ 145.513272][ T7315] ? __mod_timer+0x8f2/0xd30 [ 145.513304][ T7315] ? __d_alloc+0x35/0xa80 [ 145.513340][ T7315] ? __d_alloc+0x35/0xa80 [ 145.513367][ T7315] __d_alloc+0x35/0xa80 [ 145.513401][ T7315] d_alloc_pseudo+0x1c/0xc0 [ 145.513437][ T7315] alloc_file_pseudo+0xcf/0x230 [ 145.513474][ T7315] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 145.513508][ T7315] ? alloc_fd+0x471/0x7d0 [ 145.513541][ T7315] sock_alloc_file+0x50/0x210 [ 145.513577][ T7315] __sys_socket+0x1c6/0x2d0 [ 145.513599][ T7315] ? fput+0x70/0xf0 [ 145.513630][ T7315] ? __pfx___sys_socket+0x10/0x10 [ 145.513655][ T7315] ? xfd_validate_state+0x61/0x180 [ 145.513689][ T7315] __x64_sys_socket+0x72/0xb0 [ 145.513710][ T7315] ? lockdep_hardirqs_on+0x7c/0x110 [ 145.513737][ T7315] do_syscall_64+0xcd/0xf80 [ 145.513765][ T7315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.513791][ T7315] RIP: 0033:0x7f98d8d8f7c9 [ 145.513812][ T7315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.513836][ T7315] RSP: 002b:00007f98d9bbd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 145.513861][ T7315] RAX: ffffffffffffffda RBX: 00007f98d8fe5fa0 RCX: 00007f98d8d8f7c9 [ 145.513878][ T7315] RDX: 0010000000000002 RSI: 0000000000000002 RDI: 2000000000000021 [ 145.513894][ T7315] RBP: 00007f98d8e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 145.513910][ T7315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 145.513925][ T7315] R13: 00007f98d8fe6038 R14: 00007f98d8fe5fa0 R15: 00007fff1eca4c88 [ 145.513972][ T7315] [ 145.514084][ T7315] VFS_BUG_ON_INODE(inode_state_read_once(inode) & I_CLEAR) encountered for inode ffff88805c981d80 [ 145.514084][ T7315] fs sockfs mode 140777 opflags 0x8 flags 0x0 state 0x300 count 0 [ 145.967704][ T7315] ------------[ cut here ]------------ [ 145.973273][ T7315] kernel BUG at fs/inode.c:1971! [ 146.011687][ T7315] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI [ 146.017981][ T7315] CPU: 1 UID: 0 PID: 7315 Comm: syz.1.611 Not tainted syzkaller #0 PREEMPT(full) [ 146.027197][ T7315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 146.037270][ T7315] RIP: 0010:iput.part.0+0xb3b/0x1190 [ 146.042675][ T7315] Code: 4b 68 ff ff 90 0f 0b e8 83 d4 7c ff 90 0f 0b 90 e9 d3 f8 ff ff e8 75 d4 7c ff 48 c7 c6 20 7d a0 8b 48 89 df e8 26 68 ff ff 90 <0f> 0b e8 5e d4 7c ff 48 c7 c6 80 7d a0 8b 48 89 df e8 0f 68 ff ff [ 146.062305][ T7315] RSP: 0018:ffffc90003667dc8 EFLAGS: 00010296 [ 146.068388][ T7315] RAX: 000000000000009f RBX: ffff88805c981d80 RCX: ffffc9000ca12000 [ 146.076374][ T7315] RDX: 0000000000000000 RSI: ffffffff819bf739 RDI: 0000000000000005 [ 146.084355][ T7315] RBP: 0000000000000200 R08: 0000000000000005 R09: 0000000000000000 [ 146.092337][ T7315] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000000 [ 146.100320][ T7315] R13: ffffffff90878854 R14: ffff88805c981e50 R15: dffffc0000000000 [ 146.108307][ T7315] FS: 00007f98d9bbd6c0(0000) GS:ffff888124a65000(0000) knlGS:0000000000000000 [ 146.117268][ T7315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.123964][ T7315] CR2: 000055556bf6d5c8 CR3: 0000000029e72000 CR4: 00000000003526f0 [ 146.131964][ T7315] Call Trace: [ 146.135252][ T7315] [ 146.138193][ T7315] iput+0x35/0x40 [ 146.141853][ T7315] __sock_release+0x20b/0x270 [ 146.146551][ T7315] __sys_socket+0x23a/0x2d0 [ 146.151063][ T7315] ? fput+0x70/0xf0 [ 146.154888][ T7315] ? __pfx___sys_socket+0x10/0x10 [ 146.159946][ T7315] ? xfd_validate_state+0x61/0x180 [ 146.165072][ T7315] __x64_sys_socket+0x72/0xb0 [ 146.169758][ T7315] ? lockdep_hardirqs_on+0x7c/0x110 [ 146.174964][ T7315] do_syscall_64+0xcd/0xf80 [ 146.179491][ T7315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.185397][ T7315] RIP: 0033:0x7f98d8d8f7c9 [ 146.189822][ T7315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.209617][ T7315] RSP: 002b:00007f98d9bbd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 146.218048][ T7315] RAX: ffffffffffffffda RBX: 00007f98d8fe5fa0 RCX: 00007f98d8d8f7c9 [ 146.226038][ T7315] RDX: 0010000000000002 RSI: 0000000000000002 RDI: 2000000000000021 [ 146.234021][ T7315] RBP: 00007f98d8e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 146.242010][ T7315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.250001][ T7315] R13: 00007f98d8fe6038 R14: 00007f98d8fe5fa0 R15: 00007fff1eca4c88 [ 146.257993][ T7315] [ 146.261015][ T7315] Modules linked in: [ 146.265920][ T7315] ---[ end trace 0000000000000000 ]--- [ 146.590399][ T7315] RIP: 0010:iput.part.0+0xb3b/0x1190 [ 146.601333][ T7315] Code: 4b 68 ff ff 90 0f 0b e8 83 d4 7c ff 90 0f 0b 90 e9 d3 f8 ff ff e8 75 d4 7c ff 48 c7 c6 20 7d a0 8b 48 89 df e8 26 68 ff ff 90 <0f> 0b e8 5e d4 7c ff 48 c7 c6 80 7d a0 8b 48 89 df e8 0f 68 ff ff [ 146.665380][ T7315] RSP: 0018:ffffc90003667dc8 EFLAGS: 00010296 [ 146.684216][ T7315] RAX: 000000000000009f RBX: ffff88805c981d80 RCX: ffffc9000ca12000 [ 146.693835][ T7315] RDX: 0000000000000000 RSI: ffffffff819bf739 RDI: 0000000000000005 [ 146.702288][ T7315] RBP: 0000000000000200 R08: 0000000000000005 R09: 0000000000000000 [ 146.710583][ T7315] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000000 [ 146.719009][ T7315] R13: ffffffff90878854 R14: ffff88805c981e50 R15: dffffc0000000000 [ 146.727447][ T7315] FS: 00007f98d9bbd6c0(0000) GS:ffff888124a65000(0000) knlGS:0000000000000000 [ 146.736813][ T7315] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.743514][ T7315] CR2: 00007f2a5c3b6ad8 CR3: 0000000029e72000 CR4: 00000000003526f0 [ 146.754800][ T7315] Kernel panic - not syncing: Fatal exception [ 146.761235][ T7315] Kernel Offset: disabled [ 146.765547][ T7315] Rebooting in 86400 seconds..