last executing test programs: 2.695386225s ago: executing program 3 (id=1643): set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7f, 0x9) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) sysfs$auto(0x2, 0x4d, 0x0) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto_EROFS_MOUNT_DAX_NEVER(r1, 0x4, &(0x7f0000000100)='\x00', &(0x7f0000000140), 0xffffff9c) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff000}}) 2.636384712s ago: executing program 2 (id=1644): timer_create$auto_CLOCK_TAI(0xb, 0x0, &(0x7f0000000fc0)=0xa) mmap$auto(0x0, 0x4020005, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x101b03, 0x0) ioctl$auto_EVIOCGMASK(r0, 0x80104592, &(0x7f0000000000)={0x11, 0x800004, 0x8}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) io_uring_setup$auto(0x59, 0x0) ioctl$auto(r0, 0x8, r0) close_range$auto(0x2, 0x8, 0x0) 2.397481618s ago: executing program 3 (id=1647): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) read$auto(0x4, 0x0, 0xfdef) 2.215705652s ago: executing program 1 (id=1648): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1d, 0x2, 0x6) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1\x00', 0x0}) bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a) 2.11133707s ago: executing program 1 (id=1649): close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x7, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x18, 0x2, 0x0) r0 = socket(0x2, 0x5, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) getsockopt$auto(r0, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x1000c0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 2.082332448s ago: executing program 3 (id=1650): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) timerfd_create$auto(0x9, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x80040, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x251, 0x3, 0xd}]}) 1.718504637s ago: executing program 3 (id=1652): landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x0, 0x10000) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) epoll_ctl$auto(0xffffffffffffffff, 0x1, r1, 0x0) waitid$auto_P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f0000000100)={@siginfo_0_0={0x5, 0x5, 0x40, @_sigfault={&(0x7f00000000c0)="16096518bdc80f2a269391e1f6bc87dc04f6d7f0aafb47073b0055a628d53c994d0783ef840b9c8a", @_trapno=0xf}}}, 0x0, &(0x7f0000000180)={{0x2, 0x3}, {0x50d, 0x3}, 0x8000000000000000, 0x10, 0x7ff, 0x5, 0x8, 0x8, 0x6, 0x886, 0xfffffffffffff578, 0x4, 0x80000001, 0x6e, 0x3, 0x6}) close_range$auto(r0, 0xffffffffffffffff, 0x8) setfsuid$auto(0xee00) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b3b", 0xfdef) 1.263804236s ago: executing program 2 (id=1653): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x11, 0x3, 0x9) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='./file0/file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x40, 0x100) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70) renameat2$auto(r0, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x2) 1.20014852s ago: executing program 0 (id=1654): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x401, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) 1.194635433s ago: executing program 3 (id=1655): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0x5, 0x0) pipe$auto(0x0) io_uring_setup$auto(0x1, 0x0) sysfs$auto(0x2, 0x1f, 0x2) r0 = epoll_create$auto(0x1) epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0) write$auto(0x1, 0x0, 0x80000000) close_range$auto(0x2, 0x8, 0x0) 1.126485772s ago: executing program 1 (id=1656): r0 = socket(0xa, 0x2, 0x0) mmap$auto(0xd, 0x4000000000001001, 0x10ce, 0x400000eb5, r0, 0x800000000000000d) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r1, 0x5425, 0x0) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5408, 0x0) 1.067138382s ago: executing program 2 (id=1657): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6) adjtimex$auto(0x0) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, 0x0) close_range$auto(0x2, 0x8, 0x0) 971.759358ms ago: executing program 0 (id=1658): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80002, 0x73) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4068aea3, &(0x7f0000000040)={0xaf}) 838.68328ms ago: executing program 0 (id=1659): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/use_zero_page\x00', 0x28442, 0x0) socket(0xa, 0x801, 0x84) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x129400, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x9) pidfd_open$auto(0x1, 0x0) poll$auto(0x0, 0x5, 0x108) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) 811.330928ms ago: executing program 2 (id=1660): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00{', @ANYRES16=0x0, @ANYBLOB="000326bd7000fedbdf2502000000080027000e0000000a0010"], 0x28}, 0x1, 0x0, 0x0, 0x4c894}, 0x24008000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\a\x00'], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 666.827877ms ago: executing program 0 (id=1661): close_range$auto(0x2, 0x8, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/input/event0\x00', 0x0, 0x0) socket(0xa, 0x5, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4140aecd, 0x0) 636.071006ms ago: executing program 1 (id=1662): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x1e, 0x1, 0x0) socket(0x28, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x1) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x7, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x2000000000000) 562.409607ms ago: executing program 2 (id=1663): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd8/power/runtime_status\x00', 0x0, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000001940), 0x101000, 0x0) r0 = socket(0xa, 0x80803, 0x6) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) socket(0x15, 0x5, 0x0) bind$auto(r0, &(0x7f0000000040)=@generic={0xa, "2c551d000000fe8000"}, 0x66) 548.20649ms ago: executing program 3 (id=1664): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004) mbind$auto(0x1ffe, 0x100000004, 0x100000000, 0x0, 0xa, 0x2) r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r0, 0x0, 0x39b8) 458.9977ms ago: executing program 1 (id=1665): openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x6ab82, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181942, 0x0) keyctl$auto(0x11, 0xfffffffd, 0x0, 0x0, 0x1000000000008) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) io_uring_setup$auto(0x1, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 416.881058ms ago: executing program 0 (id=1666): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000400)={{0xc, 0x23, 0xa6, 0x83}, "66ac010005000000000068d190eb0d4a4cada7272464294b9183349eef4c1f028fdcc8ecc66fdd02316f064ebd893007abb4c0bbc3b822f66eaf240963110d61771552c03de65800", 0x2}) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) io_uring_setup$auto(0x6, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0x8, 0x0) 181.926544ms ago: executing program 2 (id=1667): close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x84) r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) write$auto_ftrace_enable_fops_trace_events(r0, &(0x7f0000000280)="bcca44", 0x3) 21.89216ms ago: executing program 0 (id=1668): openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0p\x00', 0x80180, 0x0) r0 = open(&(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x80400, 0xb5d1af1605322ddc) r1 = open_by_handle_at$auto(r0, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6) sendfile$auto(r1, r0, 0x0, 0x2) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r2, 0x4b32, 0x1) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) sendfile$auto(r3, r1, 0x0, 0xa) ioctl$auto_SNDRV_PCM_IOCTL_WRITEN_FRAMES(r0, 0x40184152, 0x0) 0s ago: executing program 1 (id=1669): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80002, 0x73) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x8400ae8e, 0x0) kernel console output (not intermixed with test programs): 002b:00007faf335a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 230.095668][ T8501] RAX: ffffffffffffffda RBX: 00007faf32a15fa0 RCX: 00007faf3279ce59 [ 230.095687][ T8501] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000005 [ 230.095705][ T8501] RBP: 00007faf32832d6f R08: 0000000000000000 R09: 0000000000000000 [ 230.095723][ T8501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 230.095740][ T8501] R13: 00007faf32a16038 R14: 00007faf32a15fa0 R15: 00007ffdd9083958 [ 230.095781][ T8501] [ 234.096558][ T8551] futex_wake_op: syz.0.954 tries to shift op by -2048; fix this program [ 234.498255][ T8564] sctp: [Deprecated]: syz.0.956 (pid 8564) Use of struct sctp_assoc_value in delayed_ack socket option. [ 234.498255][ T8564] Use struct sctp_sack_info instead [ 235.429702][ T8576] netlink: 4 bytes leftover after parsing attributes in process `syz.2.960'. [ 235.514976][ T8576] FAULT_INJECTION: forcing a failure. [ 235.514976][ T8576] name failslab, interval 1, probability 0, space 0, times 0 [ 235.561597][ T8576] CPU: 1 UID: 0 PID: 8576 Comm: syz.2.960 Tainted: G L syzkaller #0 PREEMPT(full) [ 235.561644][ T8576] Tainted: [L]=SOFTLOCKUP [ 235.561654][ T8576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 235.561672][ T8576] Call Trace: [ 235.561681][ T8576] [ 235.561692][ T8576] dump_stack_lvl+0x100/0x190 [ 235.561728][ T8576] should_fail_ex.cold+0x5/0xa [ 235.561766][ T8576] should_failslab+0xc2/0x120 [ 235.561800][ T8576] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 235.561846][ T8576] ? __kernfs_new_node+0xd2/0x9f0 [ 235.561886][ T8576] __kernfs_new_node+0xd2/0x9f0 [ 235.561923][ T8576] ? __pfx___kernfs_new_node+0x10/0x10 [ 235.561963][ T8576] ? find_held_lock+0x2b/0x80 [ 235.561996][ T8576] ? kernfs_root+0xee/0x2a0 [ 235.562025][ T8576] ? kernfs_root+0xee/0x2a0 [ 235.562064][ T8576] kernfs_new_node+0x11b/0x1a0 [ 235.562106][ T8576] __kernfs_create_file+0x53/0x350 [ 235.562150][ T8576] sysfs_add_file_mode_ns+0x207/0x3c0 [ 235.562189][ T8576] internal_create_group+0x593/0xfb0 [ 235.562234][ T8576] ? __pfx_internal_create_group+0x10/0x10 [ 235.562282][ T8576] ? kernfs_create_link+0x1bd/0x240 [ 235.562331][ T8576] internal_create_groups+0x9d/0x150 [ 235.562369][ T8576] device_add+0x71a/0x1950 [ 235.562485][ T8576] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 235.562526][ T8576] ? __pfx_device_add+0x10/0x10 [ 235.562558][ T8576] ? lockdep_init_map_type+0x5c/0x250 [ 235.562604][ T8576] ? __init_waitqueue_head+0xca/0x150 [ 235.562646][ T8576] netdev_register_kobject+0x1a9/0x3d0 [ 235.562688][ T8576] register_netdevice+0x151c/0x24b0 [ 235.562729][ T8576] ? __pfx_register_netdevice+0x10/0x10 [ 235.562772][ T8576] internal_dev_create+0x2d3/0x520 [ 235.562817][ T8576] ovs_vport_add+0x147/0x4d0 [ 235.562859][ T8576] new_vport+0x16/0x1d0 [ 235.562888][ T8576] ovs_dp_cmd_new+0x65d/0xdf0 [ 235.562928][ T8576] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 235.562959][ T8576] ? __nla_parse+0x40/0x60 [ 235.563036][ T8576] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0 [ 235.563081][ T8576] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 235.563129][ T8576] genl_family_rcv_msg_doit+0x214/0x300 [ 235.563172][ T8576] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 235.563213][ T8576] ? genl_get_cmd+0x3e7/0x760 [ 235.563271][ T8576] ? bpf_lsm_capable+0x9/0x10 [ 235.563304][ T8576] ? security_capable+0x80/0x260 [ 235.563375][ T8576] ? ns_capable+0xd2/0xf0 [ 235.563413][ T8576] genl_rcv_msg+0x560/0x800 [ 235.563462][ T8576] ? __pfx_genl_rcv_msg+0x10/0x10 [ 235.563505][ T8576] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 235.563551][ T8576] netlink_rcv_skb+0x159/0x420 [ 235.563590][ T8576] ? __pfx_genl_rcv_msg+0x10/0x10 [ 235.563634][ T8576] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 235.563689][ T8576] ? netlink_deliver_tap+0x1ae/0xcc0 [ 235.563732][ T8576] genl_rcv+0x28/0x40 [ 235.563769][ T8576] netlink_unicast+0x585/0x850 [ 235.563812][ T8576] ? __pfx_netlink_unicast+0x10/0x10 [ 235.563860][ T8576] netlink_sendmsg+0x8b0/0xda0 [ 235.563904][ T8576] ? __pfx_netlink_sendmsg+0x10/0x10 [ 235.563941][ T8576] ? __import_iovec+0x1d2/0x640 [ 235.564041][ T8576] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 235.564108][ T8576] ____sys_sendmsg+0x9e1/0xb70 [ 235.564144][ T8576] ? __pfx_netlink_sendmsg+0x10/0x10 [ 235.564186][ T8576] ? __pfx_____sys_sendmsg+0x10/0x10 [ 235.564220][ T8576] ? preempt_schedule_thunk+0x16/0x30 [ 235.564277][ T8576] ? try_to_wake_up+0x5f6/0x1900 [ 235.564322][ T8576] ___sys_sendmsg+0x190/0x1e0 [ 235.564363][ T8576] ? __pfx____sys_sendmsg+0x10/0x10 [ 235.564403][ T8576] ? futex_private_hash_put+0x107/0x1c0 [ 235.564494][ T8576] __sys_sendmsg+0x170/0x220 [ 235.564525][ T8576] ? __pfx___sys_sendmsg+0x10/0x10 [ 235.564555][ T8576] ? __x64_sys_futex+0x34f/0x4d0 [ 235.564600][ T8576] ? rcu_is_watching+0x12/0xc0 [ 235.564638][ T8576] do_syscall_64+0x115/0x840 [ 235.564676][ T8576] ? clear_bhb_loop+0x40/0x90 [ 235.564712][ T8576] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.564741][ T8576] RIP: 0033:0x7f036d99ce59 [ 235.564765][ T8576] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 235.564792][ T8576] RSP: 002b:00007f036e90b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 235.564820][ T8576] RAX: ffffffffffffffda RBX: 00007f036dc15fa0 RCX: 00007f036d99ce59 [ 235.564840][ T8576] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000005 [ 235.564858][ T8576] RBP: 00007f036da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 235.564875][ T8576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.564892][ T8576] R13: 00007f036dc16038 R14: 00007f036dc15fa0 R15: 00007fffc839d0d8 [ 235.564933][ T8576] [ 236.614711][ T8588] netlink: 342 bytes leftover after parsing attributes in process `syz.3.964'. [ 237.516614][ T8601] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 237.562900][ T8601] binder: 8600:8601 ioctl 40046205 0 returned -22 [ 238.652891][ T8633] netlink: 4 bytes leftover after parsing attributes in process `syz.1.975'. [ 238.762612][ T8633] FAULT_INJECTION: forcing a failure. [ 238.762612][ T8633] name failslab, interval 1, probability 0, space 0, times 0 [ 238.805682][ T8633] CPU: 1 UID: 0 PID: 8633 Comm: syz.1.975 Tainted: G L syzkaller #0 PREEMPT(full) [ 238.805729][ T8633] Tainted: [L]=SOFTLOCKUP [ 238.805740][ T8633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 238.805758][ T8633] Call Trace: [ 238.805767][ T8633] [ 238.805778][ T8633] dump_stack_lvl+0x100/0x190 [ 238.805815][ T8633] should_fail_ex.cold+0x5/0xa [ 238.805854][ T8633] should_failslab+0xc2/0x120 [ 238.805889][ T8633] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 238.805935][ T8633] ? __kernfs_new_node+0xd2/0x9f0 [ 238.805984][ T8633] __kernfs_new_node+0xd2/0x9f0 [ 238.806022][ T8633] ? __pfx___kernfs_new_node+0x10/0x10 [ 238.806065][ T8633] ? find_held_lock+0x2b/0x80 [ 238.806098][ T8633] ? kernfs_root+0xee/0x2a0 [ 238.806127][ T8633] ? kernfs_root+0xee/0x2a0 [ 238.806165][ T8633] kernfs_new_node+0x11b/0x1a0 [ 238.806205][ T8633] __kernfs_create_file+0x53/0x350 [ 238.806250][ T8633] sysfs_add_file_mode_ns+0x207/0x3c0 [ 238.806288][ T8633] internal_create_group+0x593/0xfb0 [ 238.806329][ T8633] ? __pfx_internal_create_group+0x10/0x10 [ 238.806367][ T8633] ? kernfs_create_link+0x1bd/0x240 [ 238.806413][ T8633] internal_create_groups+0x9d/0x150 [ 238.806447][ T8633] device_add+0x71a/0x1950 [ 238.806477][ T8633] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 238.806514][ T8633] ? __pfx_device_add+0x10/0x10 [ 238.806542][ T8633] ? lockdep_init_map_type+0x5c/0x250 [ 238.806586][ T8633] ? __init_waitqueue_head+0xca/0x150 [ 238.806622][ T8633] netdev_register_kobject+0x1a9/0x3d0 [ 238.806661][ T8633] register_netdevice+0x151c/0x24b0 [ 238.806697][ T8633] ? __pfx_register_netdevice+0x10/0x10 [ 238.806737][ T8633] internal_dev_create+0x2d3/0x520 [ 238.806778][ T8633] ovs_vport_add+0x147/0x4d0 [ 238.806814][ T8633] new_vport+0x16/0x1d0 [ 238.806841][ T8633] ovs_dp_cmd_new+0x65d/0xdf0 [ 238.806879][ T8633] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 238.806908][ T8633] ? __nla_parse+0x40/0x60 [ 238.806941][ T8633] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0 [ 238.806989][ T8633] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 238.807037][ T8633] genl_family_rcv_msg_doit+0x214/0x300 [ 238.807080][ T8633] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 238.807118][ T8633] ? genl_get_cmd+0x3e7/0x760 [ 238.807161][ T8633] ? bpf_lsm_capable+0x9/0x10 [ 238.807191][ T8633] ? security_capable+0x80/0x260 [ 238.807218][ T8633] ? ns_capable+0xd2/0xf0 [ 238.807250][ T8633] genl_rcv_msg+0x560/0x800 [ 238.807293][ T8633] ? __pfx_genl_rcv_msg+0x10/0x10 [ 238.807332][ T8633] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 238.807374][ T8633] netlink_rcv_skb+0x159/0x420 [ 238.807408][ T8633] ? __pfx_genl_rcv_msg+0x10/0x10 [ 238.807447][ T8633] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 238.807495][ T8633] ? rcu_is_watching+0x12/0xc0 [ 238.807531][ T8633] genl_rcv+0x28/0x40 [ 238.807564][ T8633] netlink_unicast+0x585/0x850 [ 238.807602][ T8633] ? __pfx_netlink_unicast+0x10/0x10 [ 238.807646][ T8633] netlink_sendmsg+0x8b0/0xda0 [ 238.807685][ T8633] ? __pfx_netlink_sendmsg+0x10/0x10 [ 238.807717][ T8633] ? __import_iovec+0x1d2/0x640 [ 238.807756][ T8633] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 238.807789][ T8633] ____sys_sendmsg+0x9e1/0xb70 [ 238.807820][ T8633] ? __pfx_netlink_sendmsg+0x10/0x10 [ 238.807856][ T8633] ? __pfx_____sys_sendmsg+0x10/0x10 [ 238.807897][ T8633] ? __pfx_futex_wake_mark+0x10/0x10 [ 238.807935][ T8633] ___sys_sendmsg+0x190/0x1e0 [ 238.807978][ T8633] ? __pfx____sys_sendmsg+0x10/0x10 [ 238.808057][ T8633] __sys_sendmsg+0x170/0x220 [ 238.808086][ T8633] ? __pfx___sys_sendmsg+0x10/0x10 [ 238.808112][ T8633] ? __x64_sys_futex+0x34f/0x4d0 [ 238.808152][ T8633] ? rcu_is_watching+0x12/0xc0 [ 238.808185][ T8633] do_syscall_64+0x115/0x840 [ 238.808219][ T8633] ? clear_bhb_loop+0x40/0x90 [ 238.808250][ T8633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.808277][ T8633] RIP: 0033:0x7fe0fc39ce59 [ 238.808299][ T8633] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 238.808324][ T8633] RSP: 002b:00007fe0fd218028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 238.808348][ T8633] RAX: ffffffffffffffda RBX: 00007fe0fc615fa0 RCX: 00007fe0fc39ce59 [ 238.808366][ T8633] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000005 [ 238.808382][ T8633] RBP: 00007fe0fc432d6f R08: 0000000000000000 R09: 0000000000000000 [ 238.808398][ T8633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.808413][ T8633] R13: 00007fe0fc616038 R14: 00007fe0fc615fa0 R15: 00007ffe473bc0a8 [ 238.808448][ T8633] [ 239.798611][ T8645] FAULT_INJECTION: forcing a failure. [ 239.798611][ T8645] name failslab, interval 1, probability 0, space 0, times 0 [ 239.877717][ T8645] CPU: 0 UID: 0 PID: 8645 Comm: syz.0.980 Tainted: G L syzkaller #0 PREEMPT(full) [ 239.877744][ T8645] Tainted: [L]=SOFTLOCKUP [ 239.877749][ T8645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 239.877758][ T8645] Call Trace: [ 239.877764][ T8645] [ 239.877770][ T8645] dump_stack_lvl+0x100/0x190 [ 239.877790][ T8645] should_fail_ex.cold+0x5/0xa [ 239.877810][ T8645] should_failslab+0xc2/0x120 [ 239.877843][ T8645] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 239.877868][ T8645] ? __d_alloc+0x34/0xa40 [ 239.877891][ T8645] __d_alloc+0x34/0xa40 [ 239.877914][ T8645] d_alloc+0x4a/0x1e0 [ 239.877934][ T8645] lookup_one_qstr_excl+0x171/0x250 [ 239.877957][ T8645] start_dirop+0x59/0xb0 [ 239.877975][ T8645] simple_start_creating+0xf9/0x110 [ 239.877992][ T8645] ? __pfx_simple_start_creating+0x10/0x10 [ 239.878010][ T8645] ? mntput+0x70/0xa0 [ 239.878026][ T8645] ? simple_pin_fs+0xa3/0x190 [ 239.878042][ T8645] debugfs_start_creating.part.0+0x82/0x170 [ 239.878131][ T8645] __debugfs_create_file+0xb3/0x4f0 [ 239.878150][ T8645] debugfs_create_file_full+0x41/0x60 [ 239.878169][ T8645] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 239.878186][ T8645] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 239.878199][ T8645] ? ida_alloc_range+0x70d/0x830 [ 239.878235][ T8645] ? lockdep_init_map_type+0x5c/0x250 [ 239.878262][ T8645] preinit_net.part.0+0x252/0x920 [ 239.878280][ T8645] copy_net_ns+0x339/0x7c0 [ 239.878299][ T8645] create_new_namespaces+0x3ea/0xac0 [ 239.878322][ T8645] unshare_nsproxy_namespaces+0xf2/0x220 [ 239.878342][ T8645] ksys_unshare+0x438/0xab0 [ 239.878371][ T8645] ? __pfx_ksys_unshare+0x10/0x10 [ 239.878390][ T8645] ? xfd_validate_state+0x129/0x190 [ 239.878405][ T8645] ? ksys_write+0x1ac/0x250 [ 239.878428][ T8645] __x64_sys_unshare+0x31/0x40 [ 239.878448][ T8645] do_syscall_64+0x115/0x840 [ 239.878468][ T8645] ? clear_bhb_loop+0x40/0x90 [ 239.878486][ T8645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.878501][ T8645] RIP: 0033:0x7faf3279ce59 [ 239.878515][ T8645] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 239.878529][ T8645] RSP: 002b:00007faf335a6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 239.878544][ T8645] RAX: ffffffffffffffda RBX: 00007faf32a15fa0 RCX: 00007faf3279ce59 [ 239.878554][ T8645] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 239.878563][ T8645] RBP: 00007faf32832d6f R08: 0000000000000000 R09: 0000000000000000 [ 239.878572][ T8645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 239.878581][ T8645] R13: 00007faf32a16038 R14: 00007faf32a15fa0 R15: 00007ffdd9083958 [ 239.878602][ T8645] [ 241.768799][ T8688] netlink: 4 bytes leftover after parsing attributes in process `syz.3.989'. [ 241.802598][ T8688] FAULT_INJECTION: forcing a failure. [ 241.802598][ T8688] name failslab, interval 1, probability 0, space 0, times 0 [ 241.830452][ T8688] CPU: 1 UID: 0 PID: 8688 Comm: syz.3.989 Tainted: G L syzkaller #0 PREEMPT(full) [ 241.830497][ T8688] Tainted: [L]=SOFTLOCKUP [ 241.830507][ T8688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 241.830525][ T8688] Call Trace: [ 241.830534][ T8688] [ 241.830545][ T8688] dump_stack_lvl+0x100/0x190 [ 241.830579][ T8688] should_fail_ex.cold+0x5/0xa [ 241.830619][ T8688] should_failslab+0xc2/0x120 [ 241.830683][ T8688] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 241.830728][ T8688] ? __kernfs_new_node+0xd2/0x9f0 [ 241.830768][ T8688] __kernfs_new_node+0xd2/0x9f0 [ 241.830806][ T8688] ? __pfx___kernfs_new_node+0x10/0x10 [ 241.830847][ T8688] ? find_held_lock+0x2b/0x80 [ 241.830882][ T8688] ? kernfs_root+0xee/0x2a0 [ 241.830912][ T8688] ? kernfs_root+0xee/0x2a0 [ 241.830952][ T8688] kernfs_new_node+0x11b/0x1a0 [ 241.830995][ T8688] __kernfs_create_file+0x53/0x350 [ 241.831043][ T8688] sysfs_add_file_mode_ns+0x207/0x3c0 [ 241.831083][ T8688] internal_create_group+0x593/0xfb0 [ 241.831126][ T8688] ? __pfx_internal_create_group+0x10/0x10 [ 241.831166][ T8688] ? kernfs_create_link+0x1bd/0x240 [ 241.831215][ T8688] internal_create_groups+0x9d/0x150 [ 241.831253][ T8688] device_add+0x71a/0x1950 [ 241.831286][ T8688] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 241.831327][ T8688] ? __pfx_device_add+0x10/0x10 [ 241.831358][ T8688] ? lockdep_init_map_type+0x5c/0x250 [ 241.831405][ T8688] ? __init_waitqueue_head+0xca/0x150 [ 241.831448][ T8688] netdev_register_kobject+0x1a9/0x3d0 [ 241.831494][ T8688] register_netdevice+0x151c/0x24b0 [ 241.831536][ T8688] ? __pfx_register_netdevice+0x10/0x10 [ 241.831581][ T8688] internal_dev_create+0x2d3/0x520 [ 241.831627][ T8688] ovs_vport_add+0x147/0x4d0 [ 241.831675][ T8688] new_vport+0x16/0x1d0 [ 241.831707][ T8688] ovs_dp_cmd_new+0x65d/0xdf0 [ 241.831751][ T8688] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 241.831786][ T8688] ? __nla_parse+0x40/0x60 [ 241.831825][ T8688] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0 [ 241.831870][ T8688] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 241.831923][ T8688] genl_family_rcv_msg_doit+0x214/0x300 [ 241.831970][ T8688] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 241.832013][ T8688] ? genl_get_cmd+0x3e7/0x760 [ 241.832062][ T8688] ? bpf_lsm_capable+0x9/0x10 [ 241.832093][ T8688] ? security_capable+0x80/0x260 [ 241.832122][ T8688] ? ns_capable+0xd2/0xf0 [ 241.832157][ T8688] genl_rcv_msg+0x560/0x800 [ 241.832201][ T8688] ? __pfx_genl_rcv_msg+0x10/0x10 [ 241.832243][ T8688] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 241.832292][ T8688] netlink_rcv_skb+0x159/0x420 [ 241.832331][ T8688] ? __pfx_genl_rcv_msg+0x10/0x10 [ 241.832375][ T8688] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 241.832430][ T8688] ? netlink_deliver_tap+0x1ae/0xcc0 [ 241.832472][ T8688] genl_rcv+0x28/0x40 [ 241.832509][ T8688] netlink_unicast+0x585/0x850 [ 241.832553][ T8688] ? __pfx_netlink_unicast+0x10/0x10 [ 241.832602][ T8688] netlink_sendmsg+0x8b0/0xda0 [ 241.832646][ T8688] ? __pfx_netlink_sendmsg+0x10/0x10 [ 241.832690][ T8688] ? __import_iovec+0x1d2/0x640 [ 241.832736][ T8688] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 241.832774][ T8688] ____sys_sendmsg+0x9e1/0xb70 [ 241.832810][ T8688] ? __pfx_netlink_sendmsg+0x10/0x10 [ 241.832851][ T8688] ? __pfx_____sys_sendmsg+0x10/0x10 [ 241.832886][ T8688] ? preempt_schedule_thunk+0x16/0x30 [ 241.832936][ T8688] ? try_to_wake_up+0x5f6/0x1900 [ 241.832980][ T8688] ___sys_sendmsg+0x190/0x1e0 [ 241.833022][ T8688] ? __pfx____sys_sendmsg+0x10/0x10 [ 241.833061][ T8688] ? futex_private_hash_put+0x107/0x1c0 [ 241.833149][ T8688] __sys_sendmsg+0x170/0x220 [ 241.833179][ T8688] ? __pfx___sys_sendmsg+0x10/0x10 [ 241.833207][ T8688] ? __x64_sys_futex+0x34f/0x4d0 [ 241.833253][ T8688] ? rcu_is_watching+0x12/0xc0 [ 241.833291][ T8688] do_syscall_64+0x115/0x840 [ 241.833330][ T8688] ? clear_bhb_loop+0x40/0x90 [ 241.833365][ T8688] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.833395][ T8688] RIP: 0033:0x7f725599ce59 [ 241.833419][ T8688] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 241.833446][ T8688] RSP: 002b:00007f7256830028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 241.833474][ T8688] RAX: ffffffffffffffda RBX: 00007f7255c15fa0 RCX: 00007f725599ce59 [ 241.833493][ T8688] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000005 [ 241.833511][ T8688] RBP: 00007f7255a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 241.833529][ T8688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 241.833546][ T8688] R13: 00007f7255c16038 R14: 00007f7255c15fa0 R15: 00007fff733016d8 [ 241.833585][ T8688] [ 244.368431][ T8726] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1002'. [ 244.398446][ T8726] FAULT_INJECTION: forcing a failure. [ 244.398446][ T8726] name failslab, interval 1, probability 0, space 0, times 0 [ 244.427326][ T8726] CPU: 0 UID: 0 PID: 8726 Comm: syz.3.1002 Tainted: G L syzkaller #0 PREEMPT(full) [ 244.427378][ T8726] Tainted: [L]=SOFTLOCKUP [ 244.427389][ T8726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 244.427411][ T8726] Call Trace: [ 244.427420][ T8726] [ 244.427432][ T8726] dump_stack_lvl+0x100/0x190 [ 244.427467][ T8726] should_fail_ex.cold+0x5/0xa [ 244.427505][ T8726] should_failslab+0xc2/0x120 [ 244.427541][ T8726] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 244.427586][ T8726] ? __kernfs_new_node+0xd2/0x9f0 [ 244.427629][ T8726] __kernfs_new_node+0xd2/0x9f0 [ 244.427663][ T8726] ? __lock_acquire+0x4a5/0x2630 [ 244.427707][ T8726] ? __pfx___kernfs_new_node+0x10/0x10 [ 244.427749][ T8726] ? find_held_lock+0x2b/0x80 [ 244.427783][ T8726] ? kernfs_root+0xee/0x2a0 [ 244.427812][ T8726] ? kernfs_root+0xee/0x2a0 [ 244.427851][ T8726] kernfs_new_node+0x11b/0x1a0 [ 244.427893][ T8726] __kernfs_create_file+0x53/0x350 [ 244.427941][ T8726] sysfs_add_file_mode_ns+0x207/0x3c0 [ 244.427979][ T8726] internal_create_group+0x593/0xfb0 [ 244.428023][ T8726] ? __pfx_internal_create_group+0x10/0x10 [ 244.428062][ T8726] ? kernfs_create_link+0x1bd/0x240 [ 244.428111][ T8726] internal_create_groups+0x9d/0x150 [ 244.428149][ T8726] device_add+0xf5b/0x1950 [ 244.428185][ T8726] ? __pfx_device_add+0x10/0x10 [ 244.428217][ T8726] ? lockdep_init_map_type+0x5c/0x250 [ 244.428264][ T8726] ? __init_waitqueue_head+0xca/0x150 [ 244.428306][ T8726] netdev_register_kobject+0x1a9/0x3d0 [ 244.428350][ T8726] register_netdevice+0x151c/0x24b0 [ 244.428397][ T8726] ? __pfx_register_netdevice+0x10/0x10 [ 244.428442][ T8726] internal_dev_create+0x2d3/0x520 [ 244.428488][ T8726] ovs_vport_add+0x147/0x4d0 [ 244.428530][ T8726] new_vport+0x16/0x1d0 [ 244.428561][ T8726] ovs_dp_cmd_new+0x65d/0xdf0 [ 244.428603][ T8726] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 244.428637][ T8726] ? __nla_parse+0x40/0x60 [ 244.428674][ T8726] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0 [ 244.428719][ T8726] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 244.428771][ T8726] genl_family_rcv_msg_doit+0x214/0x300 [ 244.428826][ T8726] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 244.428869][ T8726] ? genl_get_cmd+0x3e7/0x760 [ 244.428919][ T8726] ? bpf_lsm_capable+0x9/0x10 [ 244.428950][ T8726] ? security_capable+0x80/0x260 [ 244.428980][ T8726] ? ns_capable+0xd2/0xf0 [ 244.429015][ T8726] genl_rcv_msg+0x560/0x800 [ 244.429060][ T8726] ? __pfx_genl_rcv_msg+0x10/0x10 [ 244.429104][ T8726] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 244.429150][ T8726] netlink_rcv_skb+0x159/0x420 [ 244.429188][ T8726] ? __pfx_genl_rcv_msg+0x10/0x10 [ 244.429232][ T8726] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 244.429291][ T8726] ? netlink_deliver_tap+0x1ae/0xcc0 [ 244.429333][ T8726] genl_rcv+0x28/0x40 [ 244.429371][ T8726] netlink_unicast+0x585/0x850 [ 244.429423][ T8726] ? __pfx_netlink_unicast+0x10/0x10 [ 244.429473][ T8726] netlink_sendmsg+0x8b0/0xda0 [ 244.429519][ T8726] ? __pfx_netlink_sendmsg+0x10/0x10 [ 244.429554][ T8726] ? __import_iovec+0x1d2/0x640 [ 244.429598][ T8726] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 244.429635][ T8726] ____sys_sendmsg+0x9e1/0xb70 [ 244.429670][ T8726] ? __pfx_netlink_sendmsg+0x10/0x10 [ 244.429712][ T8726] ? __pfx_____sys_sendmsg+0x10/0x10 [ 244.429747][ T8726] ? preempt_schedule_thunk+0x16/0x30 [ 244.429797][ T8726] ? try_to_wake_up+0x5f6/0x1900 [ 244.429840][ T8726] ___sys_sendmsg+0x190/0x1e0 [ 244.429882][ T8726] ? __pfx____sys_sendmsg+0x10/0x10 [ 244.429922][ T8726] ? futex_private_hash_put+0x107/0x1c0 [ 244.430012][ T8726] __sys_sendmsg+0x170/0x220 [ 244.430043][ T8726] ? __pfx___sys_sendmsg+0x10/0x10 [ 244.430072][ T8726] ? __x64_sys_futex+0x34f/0x4d0 [ 244.430116][ T8726] ? rcu_is_watching+0x12/0xc0 [ 244.430154][ T8726] do_syscall_64+0x115/0x840 [ 244.430192][ T8726] ? clear_bhb_loop+0x40/0x90 [ 244.430228][ T8726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.430257][ T8726] RIP: 0033:0x7f725599ce59 [ 244.430280][ T8726] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 244.430307][ T8726] RSP: 002b:00007f7256830028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 244.430335][ T8726] RAX: ffffffffffffffda RBX: 00007f7255c15fa0 RCX: 00007f725599ce59 [ 244.430353][ T8726] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000005 [ 244.430370][ T8726] RBP: 00007f7255a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 244.430395][ T8726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 244.430412][ T8726] R13: 00007f7255c16038 R14: 00007f7255c15fa0 R15: 00007fff733016d8 [ 244.430453][ T8726] [ 245.211565][ T8733] netlink: 'syz.3.1005': attribute type 1 has an invalid length. [ 245.252433][ T8733] netlink: 'syz.3.1005': attribute type 6 has an invalid length. [ 245.448961][ T8740] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1016'. [ 245.569846][ T8740] FAULT_INJECTION: forcing a failure. [ 245.569846][ T8740] name failslab, interval 1, probability 0, space 0, times 0 [ 245.602846][ T8740] CPU: 1 UID: 0 PID: 8740 Comm: syz.1.1016 Tainted: G L syzkaller #0 PREEMPT(full) [ 245.602892][ T8740] Tainted: [L]=SOFTLOCKUP [ 245.602903][ T8740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 245.602920][ T8740] Call Trace: [ 245.602929][ T8740] [ 245.602939][ T8740] dump_stack_lvl+0x100/0x190 [ 245.602977][ T8740] should_fail_ex.cold+0x5/0xa [ 245.603015][ T8740] should_failslab+0xc2/0x120 [ 245.603049][ T8740] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 245.603093][ T8740] ? __kernfs_new_node+0xd2/0x9f0 [ 245.603132][ T8740] __kernfs_new_node+0xd2/0x9f0 [ 245.603168][ T8740] ? __pfx___kernfs_new_node+0x10/0x10 [ 245.603210][ T8740] ? find_held_lock+0x2b/0x80 [ 245.603242][ T8740] ? kernfs_root+0xee/0x2a0 [ 245.603277][ T8740] ? kernfs_root+0xee/0x2a0 [ 245.603315][ T8740] kernfs_new_node+0x11b/0x1a0 [ 245.603356][ T8740] __kernfs_create_file+0x53/0x350 [ 245.603401][ T8740] sysfs_add_file_mode_ns+0x207/0x3c0 [ 245.603437][ T8740] internal_create_group+0x593/0xfb0 [ 245.603477][ T8740] ? __pfx_internal_create_group+0x10/0x10 [ 245.603513][ T8740] ? kernfs_create_link+0x1bd/0x240 [ 245.603558][ T8740] internal_create_groups+0x9d/0x150 [ 245.603591][ T8740] device_add+0x71a/0x1950 [ 245.603621][ T8740] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 245.603657][ T8740] ? __pfx_device_add+0x10/0x10 [ 245.603687][ T8740] ? lockdep_init_map_type+0x5c/0x250 [ 245.603729][ T8740] ? __init_waitqueue_head+0xca/0x150 [ 245.603766][ T8740] netdev_register_kobject+0x1a9/0x3d0 [ 245.603806][ T8740] register_netdevice+0x151c/0x24b0 [ 245.603845][ T8740] ? __pfx_register_netdevice+0x10/0x10 [ 245.603885][ T8740] internal_dev_create+0x2d3/0x520 [ 245.603927][ T8740] ovs_vport_add+0x147/0x4d0 [ 245.603963][ T8740] new_vport+0x16/0x1d0 [ 245.603991][ T8740] ovs_dp_cmd_new+0x65d/0xdf0 [ 245.604031][ T8740] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 245.604062][ T8740] ? __nla_parse+0x40/0x60 [ 245.604096][ T8740] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0 [ 245.604137][ T8740] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 245.604185][ T8740] genl_family_rcv_msg_doit+0x214/0x300 [ 245.604229][ T8740] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 245.604274][ T8740] ? genl_get_cmd+0x3e7/0x760 [ 245.604318][ T8740] ? bpf_lsm_capable+0x9/0x10 [ 245.604346][ T8740] ? security_capable+0x80/0x260 [ 245.604375][ T8740] ? ns_capable+0xd2/0xf0 [ 245.604408][ T8740] genl_rcv_msg+0x560/0x800 [ 245.604450][ T8740] ? __pfx_genl_rcv_msg+0x10/0x10 [ 245.604489][ T8740] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 245.604532][ T8740] netlink_rcv_skb+0x159/0x420 [ 245.604566][ T8740] ? __pfx_genl_rcv_msg+0x10/0x10 [ 245.604607][ T8740] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 245.604656][ T8740] ? netlink_deliver_tap+0x1ae/0xcc0 [ 245.604694][ T8740] genl_rcv+0x28/0x40 [ 245.604728][ T8740] netlink_unicast+0x585/0x850 [ 245.604767][ T8740] ? __pfx_netlink_unicast+0x10/0x10 [ 245.604812][ T8740] netlink_sendmsg+0x8b0/0xda0 [ 245.604853][ T8740] ? __pfx_netlink_sendmsg+0x10/0x10 [ 245.604885][ T8740] ? __import_iovec+0x1d2/0x640 [ 245.604926][ T8740] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 245.604960][ T8740] ____sys_sendmsg+0x9e1/0xb70 [ 245.604992][ T8740] ? __pfx_netlink_sendmsg+0x10/0x10 [ 245.605029][ T8740] ? __pfx_____sys_sendmsg+0x10/0x10 [ 245.605071][ T8740] ? __pfx_futex_wake_mark+0x10/0x10 [ 245.605110][ T8740] ___sys_sendmsg+0x190/0x1e0 [ 245.605148][ T8740] ? __pfx____sys_sendmsg+0x10/0x10 [ 245.605227][ T8740] __sys_sendmsg+0x170/0x220 [ 245.605255][ T8740] ? __pfx___sys_sendmsg+0x10/0x10 [ 245.605288][ T8740] ? __x64_sys_futex+0x34f/0x4d0 [ 245.605332][ T8740] ? rcu_is_watching+0x12/0xc0 [ 245.605368][ T8740] do_syscall_64+0x115/0x840 [ 245.605403][ T8740] ? clear_bhb_loop+0x40/0x90 [ 245.605437][ T8740] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.605463][ T8740] RIP: 0033:0x7fe0fc39ce59 [ 245.605492][ T8740] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 245.605519][ T8740] RSP: 002b:00007fe0fd218028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 245.605545][ T8740] RAX: ffffffffffffffda RBX: 00007fe0fc615fa0 RCX: 00007fe0fc39ce59 [ 245.605563][ T8740] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000005 [ 245.605580][ T8740] RBP: 00007fe0fc432d6f R08: 0000000000000000 R09: 0000000000000000 [ 245.605596][ T8740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 245.605610][ T8740] R13: 00007fe0fc616038 R14: 00007fe0fc615fa0 R15: 00007ffe473bc0a8 [ 245.605647][ T8740] [ 247.192141][ T8766] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1015'. [ 248.705284][ T8807] sctp: [Deprecated]: syz.2.1028 (pid 8807) Use of struct sctp_assoc_value in delayed_ack socket option. [ 248.705284][ T8807] Use struct sctp_sack_info instead [ 249.052149][ T8816] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1030'. [ 250.427144][ T8850] netlink: 'syz.0.1043': attribute type 5 has an invalid length. [ 250.454886][ T8850] netlink: 314 bytes leftover after parsing attributes in process `syz.0.1043'. [ 250.786839][ T8856] block2mtd: error: cannot open device  [ 251.033694][ T8861] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 251.092579][ T8864] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 251.544154][ T8881] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1054'. [ 252.240955][ T8896] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1058'. [ 253.066430][ T8912] [U] 0 [ 253.083633][ T8911] [U] QUI [ 253.377334][ T8930] FAULT_INJECTION: forcing a failure. [ 253.377334][ T8930] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 253.415391][ T8930] CPU: 1 UID: 0 PID: 8930 Comm: syz.3.1071 Tainted: G L syzkaller #0 PREEMPT(full) [ 253.415440][ T8930] Tainted: [L]=SOFTLOCKUP [ 253.415451][ T8930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 253.415469][ T8930] Call Trace: [ 253.415478][ T8930] [ 253.415489][ T8930] dump_stack_lvl+0x100/0x190 [ 253.415524][ T8930] should_fail_ex.cold+0x5/0xa [ 253.415557][ T8930] ? prepare_alloc_pages+0x16d/0x5f0 [ 253.415601][ T8930] should_fail_alloc_page+0xeb/0x140 [ 253.415637][ T8930] prepare_alloc_pages+0x1f0/0x5f0 [ 253.415677][ T8930] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 253.415720][ T8930] ? buffer_subbuf_size_write+0x182/0x280 [ 253.415757][ T8930] ? ksys_write+0x12a/0x250 [ 253.415786][ T8930] ? do_syscall_64+0x115/0x840 [ 253.415824][ T8930] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.415872][ T8930] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 253.415943][ T8930] ? rcu_is_watching+0x12/0xc0 [ 253.415975][ T8930] ? trace_kmalloc+0xe3/0x110 [ 253.416017][ T8930] ? __kasan_kmalloc+0xaa/0xb0 [ 253.416054][ T8930] __alloc_pages_noprof+0xb/0x110 [ 253.416100][ T8930] alloc_cpu_data+0x60/0x130 [ 253.416129][ T8930] __rb_allocate_pages+0xbd5/0x10a0 [ 253.416175][ T8930] ring_buffer_subbuf_order_set+0x3ef/0x18b0 [ 253.416219][ T8930] ? tracing_stop_tr+0xdf/0x200 [ 253.416259][ T8930] ? __pfx_ring_buffer_subbuf_order_set+0x10/0x10 [ 253.416292][ T8930] ? __pfx___might_resched+0x10/0x10 [ 253.416323][ T8930] ? lock_acquire+0x1b1/0x370 [ 253.416372][ T8930] buffer_subbuf_size_write+0x182/0x280 [ 253.416412][ T8930] ? __pfx_buffer_subbuf_size_write+0x10/0x10 [ 253.416464][ T8930] vfs_write+0x2aa/0x1070 [ 253.416516][ T8930] ? __pfx_buffer_subbuf_size_write+0x10/0x10 [ 253.416560][ T8930] ? __pfx_vfs_write+0x10/0x10 [ 253.416594][ T8930] ? __fget_files+0x215/0x3d0 [ 253.416635][ T8930] ? __fget_files+0x21f/0x3d0 [ 253.416681][ T8930] ksys_write+0x12a/0x250 [ 253.416713][ T8930] ? __pfx_ksys_write+0x10/0x10 [ 253.416751][ T8930] ? rcu_is_watching+0x12/0xc0 [ 253.416788][ T8930] do_syscall_64+0x115/0x840 [ 253.416824][ T8930] ? clear_bhb_loop+0x40/0x90 [ 253.416859][ T8930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.416889][ T8930] RIP: 0033:0x7f725599ce59 [ 253.416913][ T8930] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 253.416942][ T8930] RSP: 002b:00007f7256830028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 253.416970][ T8930] RAX: ffffffffffffffda RBX: 00007f7255c15fa0 RCX: 00007f725599ce59 [ 253.416994][ T8930] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000005 [ 253.417009][ T8930] RBP: 00007f7255a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 253.417026][ T8930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 253.417041][ T8930] R13: 00007f7255c16038 R14: 00007f7255c15fa0 R15: 00007fff733016d8 [ 253.417082][ T8930] [ 253.844195][ T8938] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1074'. [ 253.852320][ T8935] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1073'. [ 253.875118][ T8935] IPv6: Can't replace route, no match found [ 255.638543][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.645874][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.089392][ T8969] FAULT_INJECTION: forcing a failure. [ 256.089392][ T8969] name failslab, interval 1, probability 0, space 0, times 0 [ 256.125361][ T8969] CPU: 0 UID: 0 PID: 8969 Comm: syz.0.1082 Tainted: G L syzkaller #0 PREEMPT(full) [ 256.125408][ T8969] Tainted: [L]=SOFTLOCKUP [ 256.125419][ T8969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 256.125436][ T8969] Call Trace: [ 256.125445][ T8969] [ 256.125456][ T8969] dump_stack_lvl+0x100/0x190 [ 256.125492][ T8969] should_fail_ex.cold+0x5/0xa [ 256.125530][ T8969] should_failslab+0xc2/0x120 [ 256.125562][ T8969] __kmalloc_cache_noprof+0x7a/0x6f0 [ 256.125606][ T8969] ? snd_pcm_oss_change_params_locked+0x211/0x39f0 [ 256.125658][ T8969] snd_pcm_oss_change_params_locked+0x211/0x39f0 [ 256.125702][ T8969] ? trace_contention_end+0x125/0x170 [ 256.125736][ T8969] ? snd_pcm_oss_make_ready+0xcb/0x1b0 [ 256.125783][ T8969] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 256.125825][ T8969] ? __pfx___mutex_lock+0x10/0x10 [ 256.125882][ T8969] ? __fsnotify_parent+0x2b4/0xca0 [ 256.125932][ T8969] snd_pcm_oss_make_ready+0xeb/0x1b0 [ 256.125977][ T8969] snd_pcm_oss_sync+0x1de/0x840 [ 256.126024][ T8969] snd_pcm_oss_release+0x238/0x300 [ 256.126065][ T8969] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 256.126113][ T8969] __fput+0x3ff/0xb50 [ 256.126163][ T8969] task_work_run+0x150/0x240 [ 256.126193][ T8969] ? __pfx_task_work_run+0x10/0x10 [ 256.126225][ T8969] ? rcu_is_watching+0x12/0xc0 [ 256.126271][ T8969] exit_to_user_mode_loop+0x157/0x670 [ 256.126317][ T8969] ? rcu_is_watching+0x12/0xc0 [ 256.126354][ T8969] do_syscall_64+0x652/0x840 [ 256.126393][ T8969] ? clear_bhb_loop+0x40/0x90 [ 256.126429][ T8969] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.126460][ T8969] RIP: 0033:0x7faf3279ce59 [ 256.126483][ T8969] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 256.126511][ T8969] RSP: 002b:00007faf335a6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 256.126538][ T8969] RAX: 0000000000000000 RBX: 00007faf32a15fa0 RCX: 00007faf3279ce59 [ 256.126557][ T8969] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 256.126575][ T8969] RBP: 00007faf32832d6f R08: 0000000000000000 R09: 0000000000000000 [ 256.126592][ T8969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 256.126609][ T8969] R13: 00007faf32a16038 R14: 00007faf32a15fa0 R15: 00007ffdd9083958 [ 256.126649][ T8969] [ 256.701019][ T8976] netlink: 'syz.2.1084': attribute type 27 has an invalid length. [ 256.733129][ T8976] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1084'. [ 257.434842][ T8988] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1089'. [ 257.455891][ T8988] IPv6: NLM_F_CREATE should be specified when creating new route [ 257.468782][ T8988] IPv6: Can't replace route, no match found [ 257.489668][ T8991] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1089'. [ 257.513473][ T8991] IPv6: Can't replace route, no match found [ 261.032435][ T9049] FAULT_INJECTION: forcing a failure. [ 261.032435][ T9049] name failslab, interval 1, probability 0, space 0, times 0 [ 261.105674][ T9049] CPU: 1 UID: 0 PID: 9049 Comm: syz.0.1107 Tainted: G L syzkaller #0 PREEMPT(full) [ 261.105713][ T9049] Tainted: [L]=SOFTLOCKUP [ 261.105721][ T9049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 261.105735][ T9049] Call Trace: [ 261.105742][ T9049] [ 261.105751][ T9049] dump_stack_lvl+0x100/0x190 [ 261.105781][ T9049] should_fail_ex.cold+0x5/0xa [ 261.105831][ T9049] should_failslab+0xc2/0x120 [ 261.105859][ T9049] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 261.105898][ T9049] ? __mpol_dup+0x74/0x390 [ 261.105934][ T9049] __mpol_dup+0x74/0x390 [ 261.105965][ T9049] ? __pfx___mpol_dup+0x10/0x10 [ 261.106002][ T9049] mbind_range+0x2ad/0x550 [ 261.106037][ T9049] do_mbind+0x7dc/0xfd0 [ 261.106075][ T9049] ? __pfx_do_mbind+0x10/0x10 [ 261.106106][ T9049] ? ksys_write+0x190/0x250 [ 261.106150][ T9049] ? __pfx_get_nodes+0x10/0x10 [ 261.106190][ T9049] kernel_mbind+0x1b7/0x200 [ 261.106230][ T9049] ? __pfx_kernel_mbind+0x10/0x10 [ 261.106268][ T9049] ? rcu_is_watching+0x12/0xc0 [ 261.106299][ T9049] do_syscall_64+0x115/0x840 [ 261.106337][ T9049] ? clear_bhb_loop+0x40/0x90 [ 261.106370][ T9049] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.106397][ T9049] RIP: 0033:0x7faf3279ce59 [ 261.106420][ T9049] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 261.106447][ T9049] RSP: 002b:00007faf309f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 261.106473][ T9049] RAX: ffffffffffffffda RBX: 00007faf32a16180 RCX: 00007faf3279ce59 [ 261.106489][ T9049] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 261.106506][ T9049] RBP: 00007faf32832d6f R08: 0000000000000006 R09: 0000000000000002 [ 261.106523][ T9049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 261.106538][ T9049] R13: 00007faf32a16218 R14: 00007faf32a16180 R15: 00007ffdd9083958 [ 261.106574][ T9049] [ 261.501849][ T9056] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1109'. [ 261.544055][ T9056] IPv6: NLM_F_CREATE should be specified when creating new route [ 261.565840][ T9056] IPv6: Can't replace route, no match found [ 261.928487][ T9061] [U] 0 [ 261.935168][ T9060] [U] QUI [ 263.215480][ T9092] [U] 0="/ [ 263.230884][ T9092] [U] [ 263.244317][ T9092] [U] EeQ@ [ 263.265792][ T9092] [U]  [ 266.952584][ T9166] FAULT_INJECTION: forcing a failure. [ 266.952584][ T9166] name failslab, interval 1, probability 0, space 0, times 0 [ 267.017256][ T9166] CPU: 0 UID: 0 PID: 9166 Comm: syz.1.1140 Tainted: G L syzkaller #0 PREEMPT(full) [ 267.017306][ T9166] Tainted: [L]=SOFTLOCKUP [ 267.017317][ T9166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 267.017334][ T9166] Call Trace: [ 267.017344][ T9166] [ 267.017354][ T9166] dump_stack_lvl+0x100/0x190 [ 267.017392][ T9166] should_fail_ex.cold+0x5/0xa [ 267.017431][ T9166] should_failslab+0xc2/0x120 [ 267.017466][ T9166] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 267.017511][ T9166] ? anon_vma_clone+0x2ba/0xcd0 [ 267.017557][ T9166] anon_vma_clone+0x2ba/0xcd0 [ 267.017608][ T9166] __split_vma+0x51f/0xda0 [ 267.017662][ T9166] ? __pfx___split_vma+0x10/0x10 [ 267.017729][ T9166] vma_modify+0x12ad/0x25c0 [ 267.017789][ T9166] ? __pfx_vma_modify+0x10/0x10 [ 267.017858][ T9166] vma_modify_policy+0x238/0x300 [ 267.017908][ T9166] ? __pfx_vma_modify_policy+0x10/0x10 [ 267.017953][ T9166] ? find_held_lock+0x2b/0x80 [ 267.018019][ T9166] mbind_range+0x175/0x550 [ 267.018064][ T9166] do_mbind+0x7dc/0xfd0 [ 267.018114][ T9166] ? __pfx_do_mbind+0x10/0x10 [ 267.018153][ T9166] ? ksys_write+0x190/0x250 [ 267.018203][ T9166] ? __pfx_get_nodes+0x10/0x10 [ 267.018245][ T9166] kernel_mbind+0x1b7/0x200 [ 267.018288][ T9166] ? __pfx_kernel_mbind+0x10/0x10 [ 267.018332][ T9166] ? rcu_is_watching+0x12/0xc0 [ 267.018370][ T9166] do_syscall_64+0x115/0x840 [ 267.018409][ T9166] ? clear_bhb_loop+0x40/0x90 [ 267.018445][ T9166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.018475][ T9166] RIP: 0033:0x7fe0fc39ce59 [ 267.018500][ T9166] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 267.018528][ T9166] RSP: 002b:00007fe0fd1d6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 267.018556][ T9166] RAX: ffffffffffffffda RBX: 00007fe0fc616180 RCX: 00007fe0fc39ce59 [ 267.018576][ T9166] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 267.018594][ T9166] RBP: 00007fe0fc432d6f R08: 0000000000000006 R09: 0000000000000002 [ 267.018611][ T9166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 267.018628][ T9166] R13: 00007fe0fc616218 R14: 00007fe0fc616180 R15: 00007ffe473bc0a8 [ 267.018677][ T9166] [ 268.711768][ T9187] [U] 0 [ 268.715197][ T9186] [U] QUI [ 271.188374][ T9235] [U] 0="/ [ 271.202179][ T9235] [U] [ 271.215741][ T9235] [U] EeQ@ [ 271.237793][ T9235] [U]  [ 272.609564][ T5658] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 273.377898][ T9272] FAULT_INJECTION: forcing a failure. [ 273.377898][ T9272] name failslab, interval 1, probability 0, space 0, times 0 [ 273.478638][ T9272] CPU: 0 UID: 0 PID: 9272 Comm: syz.3.1173 Tainted: G L syzkaller #0 PREEMPT(full) [ 273.478684][ T9272] Tainted: [L]=SOFTLOCKUP [ 273.478693][ T9272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 273.478709][ T9272] Call Trace: [ 273.478718][ T9272] [ 273.478729][ T9272] dump_stack_lvl+0x100/0x190 [ 273.478764][ T9272] should_fail_ex.cold+0x5/0xa [ 273.478801][ T9272] should_failslab+0xc2/0x120 [ 273.478836][ T9272] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 273.478881][ T9272] ? anon_vma_clone+0x2ba/0xcd0 [ 273.478927][ T9272] anon_vma_clone+0x2ba/0xcd0 [ 273.478976][ T9272] __split_vma+0x51f/0xda0 [ 273.479033][ T9272] ? __pfx___split_vma+0x10/0x10 [ 273.479098][ T9272] vma_modify+0x12ad/0x25c0 [ 273.479156][ T9272] ? __pfx_vma_modify+0x10/0x10 [ 273.479223][ T9272] vma_modify_policy+0x238/0x300 [ 273.479270][ T9272] ? __pfx_vma_modify_policy+0x10/0x10 [ 273.479314][ T9272] ? find_held_lock+0x2b/0x80 [ 273.479381][ T9272] mbind_range+0x175/0x550 [ 273.479425][ T9272] do_mbind+0x7dc/0xfd0 [ 273.479474][ T9272] ? __pfx_do_mbind+0x10/0x10 [ 273.479513][ T9272] ? ksys_write+0x190/0x250 [ 273.479563][ T9272] ? __pfx_get_nodes+0x10/0x10 [ 273.479603][ T9272] kernel_mbind+0x1b7/0x200 [ 273.479646][ T9272] ? __pfx_kernel_mbind+0x10/0x10 [ 273.479688][ T9272] ? rcu_is_watching+0x12/0xc0 [ 273.479726][ T9272] do_syscall_64+0x115/0x840 [ 273.479766][ T9272] ? clear_bhb_loop+0x40/0x90 [ 273.479801][ T9272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.479830][ T9272] RIP: 0033:0x7f725599ce59 [ 273.479853][ T9272] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 273.479881][ T9272] RSP: 002b:00007f72567ee028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 273.479909][ T9272] RAX: ffffffffffffffda RBX: 00007f7255c16180 RCX: 00007f725599ce59 [ 273.479928][ T9272] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 273.479945][ T9272] RBP: 00007f7255a32d6f R08: 0000000000000006 R09: 0000000000000002 [ 273.479962][ T9272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.479978][ T9272] R13: 00007f7255c16218 R14: 00007f7255c16180 R15: 00007fff733016d8 [ 273.480024][ T9272] [ 273.992173][ T9279] FAULT_INJECTION: forcing a failure. [ 273.992173][ T9279] name failslab, interval 1, probability 0, space 0, times 0 [ 274.048810][ T9279] CPU: 1 UID: 0 PID: 9279 Comm: syz.2.1177 Tainted: G L syzkaller #0 PREEMPT(full) [ 274.048857][ T9279] Tainted: [L]=SOFTLOCKUP [ 274.048867][ T9279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 274.048884][ T9279] Call Trace: [ 274.048893][ T9279] [ 274.048904][ T9279] dump_stack_lvl+0x100/0x190 [ 274.048940][ T9279] should_fail_ex.cold+0x5/0xa [ 274.048978][ T9279] should_failslab+0xc2/0x120 [ 274.049015][ T9279] __kmalloc_cache_noprof+0x7a/0x6f0 [ 274.049056][ T9279] ? tipc_conn_alloc+0x48/0x590 [ 274.049093][ T9279] ? net_generic+0xea/0x2a0 [ 274.049125][ T9279] ? net_generic+0xea/0x2a0 [ 274.049164][ T9279] tipc_conn_alloc+0x48/0x590 [ 274.049203][ T9279] tipc_topsrv_kern_subscr+0x11c/0x3c0 [ 274.049244][ T9279] ? __pfx_tipc_topsrv_kern_subscr+0x10/0x10 [ 274.049287][ T9279] ? net_generic+0xea/0x2a0 [ 274.049332][ T9279] tipc_group_create+0x4ab/0x660 [ 274.049377][ T9279] tipc_setsockopt+0x611/0xe30 [ 274.049409][ T9279] ? __pfx_tipc_setsockopt+0x10/0x10 [ 274.049453][ T9279] ? __pfx_tipc_setsockopt+0x10/0x10 [ 274.049491][ T9279] do_sock_setsockopt+0xf3/0x1d0 [ 274.049533][ T9279] __sys_setsockopt+0x119/0x190 [ 274.049569][ T9279] __x64_sys_setsockopt+0xbd/0x160 [ 274.049596][ T9279] ? do_syscall_64+0x90/0x840 [ 274.049636][ T9279] ? lockdep_hardirqs_on+0x78/0x100 [ 274.049675][ T9279] do_syscall_64+0x115/0x840 [ 274.049713][ T9279] ? clear_bhb_loop+0x40/0x90 [ 274.049748][ T9279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.049777][ T9279] RIP: 0033:0x7f036d99ce59 [ 274.049801][ T9279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 274.049827][ T9279] RSP: 002b:00007f036e90b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 274.049854][ T9279] RAX: ffffffffffffffda RBX: 00007f036dc15fa0 RCX: 00007f036d99ce59 [ 274.049873][ T9279] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000003 [ 274.049889][ T9279] RBP: 00007f036da32d6f R08: 0000000000000014 R09: 0000000000000000 [ 274.049907][ T9279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 274.049923][ T9279] R13: 00007f036dc16038 R14: 00007f036dc15fa0 R15: 00007fffc839d0d8 [ 274.049960][ T9279] [ 274.846642][ T9284] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 274.906761][ T9289] [U] 0="/ [ 274.938892][ T9289] [U] [ 274.951965][ T9289] [U] EeQ@ [ 274.966630][ T9289] [U]  [ 275.713250][ T9308] [U] 0="/ [ 275.728027][ T9308] [U] [ 275.739677][ T9308] [U] EeQ@ [ 275.763556][ T9308] [U]  [ 277.796932][ T5658] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 278.488252][ T9362] [U] 0="/ [ 278.511190][ T9362] [U] [ 278.514044][ T9362] [U] EeQ@ [ 278.529226][ T9362] [U]  [ 281.189869][ T5658] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 284.711295][ T5658] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 284.718855][ T5658] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 287.598819][ T9518] FAULT_INJECTION: forcing a failure. [ 287.598819][ T9518] name failslab, interval 1, probability 0, space 0, times 0 [ 287.626792][ T9518] CPU: 0 UID: 0 PID: 9518 Comm: syz.0.1249 Tainted: G L syzkaller #0 PREEMPT(full) [ 287.626836][ T9518] Tainted: [L]=SOFTLOCKUP [ 287.626847][ T9518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 287.626864][ T9518] Call Trace: [ 287.626873][ T9518] [ 287.626883][ T9518] dump_stack_lvl+0x100/0x190 [ 287.626919][ T9518] should_fail_ex.cold+0x5/0xa [ 287.626957][ T9518] should_failslab+0xc2/0x120 [ 287.626990][ T9518] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 287.627033][ T9518] ? anon_vma_clone+0x2ba/0xcd0 [ 287.627076][ T9518] anon_vma_clone+0x2ba/0xcd0 [ 287.627130][ T9518] __split_vma+0x51f/0xda0 [ 287.627177][ T9518] ? __pfx___split_vma+0x10/0x10 [ 287.627242][ T9518] vma_modify+0x12ad/0x25c0 [ 287.627300][ T9518] ? __pfx_vma_modify+0x10/0x10 [ 287.627366][ T9518] vma_modify_policy+0x238/0x300 [ 287.627411][ T9518] ? __pfx_vma_modify_policy+0x10/0x10 [ 287.627453][ T9518] ? find_held_lock+0x2b/0x80 [ 287.627514][ T9518] mbind_range+0x175/0x550 [ 287.627558][ T9518] do_mbind+0x7dc/0xfd0 [ 287.627605][ T9518] ? __pfx_do_mbind+0x10/0x10 [ 287.627642][ T9518] ? ksys_write+0x190/0x250 [ 287.627689][ T9518] ? __pfx_get_nodes+0x10/0x10 [ 287.627728][ T9518] kernel_mbind+0x1b7/0x200 [ 287.627769][ T9518] ? __pfx_kernel_mbind+0x10/0x10 [ 287.627809][ T9518] ? rcu_is_watching+0x12/0xc0 [ 287.627845][ T9518] do_syscall_64+0x115/0x840 [ 287.627885][ T9518] ? clear_bhb_loop+0x40/0x90 [ 287.627920][ T9518] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.627949][ T9518] RIP: 0033:0x7faf3279ce59 [ 287.627973][ T9518] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 287.628000][ T9518] RSP: 002b:00007faf309f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 287.628026][ T9518] RAX: ffffffffffffffda RBX: 00007faf32a16180 RCX: 00007faf3279ce59 [ 287.628044][ T9518] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 287.628060][ T9518] RBP: 00007faf32832d6f R08: 0000000000000006 R09: 0000000000000002 [ 287.628077][ T9518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.628093][ T9518] R13: 00007faf32a16218 R14: 00007faf32a16180 R15: 00007ffdd9083958 [ 287.628138][ T9518] [ 288.781432][ T5658] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 288.789140][ T5658] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 294.197068][ T9620] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1267'. [ 297.624893][ T9666] [U] 0="/ [ 297.638680][ T9666] [U] [ 297.648171][ T9666] [U] EeQ@ [ 297.669898][ T9666] [U]  [ 299.052994][ T9686] netlink: 'syz.3.1291': attribute type 1 has an invalid length. [ 299.071128][ T9686] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1291'. [ 299.114395][ T9691] sctp: [Deprecated]: syz.0.1289 (pid 9691) Use of struct sctp_assoc_value in delayed_ack socket option. [ 299.114395][ T9691] Use struct sctp_sack_info instead [ 299.993530][ T9702] netlink: 'syz.2.1293': attribute type 33 has an invalid length. [ 301.688348][ T9745] netlink: 146 bytes leftover after parsing attributes in process `syz.2.1303'. [ 305.905982][ T9817] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1322'. [ 307.141662][ T5658] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 307.149210][ T5658] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 308.309930][ T9865] FAULT_INJECTION: forcing a failure. [ 308.309930][ T9865] name failslab, interval 1, probability 0, space 0, times 0 [ 308.364835][ T9865] CPU: 0 UID: 0 PID: 9865 Comm: syz.0.1338 Tainted: G L syzkaller #0 PREEMPT(full) [ 308.364884][ T9865] Tainted: [L]=SOFTLOCKUP [ 308.364895][ T9865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 308.364918][ T9865] Call Trace: [ 308.364929][ T9865] [ 308.364941][ T9865] dump_stack_lvl+0x100/0x190 [ 308.364980][ T9865] should_fail_ex.cold+0x5/0xa [ 308.365021][ T9865] should_failslab+0xc2/0x120 [ 308.365060][ T9865] __kmalloc_cache_noprof+0x7a/0x6f0 [ 308.365116][ T9865] ? ocfs2_control_open+0x45/0x1d0 [ 308.365271][ T9865] ocfs2_control_open+0x45/0x1d0 [ 308.365319][ T9865] ? __pfx_ocfs2_control_open+0x10/0x10 [ 308.365374][ T9865] misc_open+0x26d/0x450 [ 308.365445][ T9865] ? __pfx_misc_open+0x10/0x10 [ 308.365477][ T9865] chrdev_open+0x234/0x6a0 [ 308.365516][ T9865] ? __pfx_apparmor_file_open+0x10/0x10 [ 308.365552][ T9865] ? __pfx_chrdev_open+0x10/0x10 [ 308.365593][ T9865] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 308.365650][ T9865] do_dentry_open+0x6ab/0x14d0 [ 308.365694][ T9865] ? __pfx_chrdev_open+0x10/0x10 [ 308.365739][ T9865] vfs_open+0x82/0x3f0 [ 308.365791][ T9865] path_openat+0x208c/0x31a0 [ 308.365845][ T9865] ? __pfx_path_openat+0x10/0x10 [ 308.365899][ T9865] do_file_open+0x20e/0x430 [ 308.365944][ T9865] ? __pfx_do_file_open+0x10/0x10 [ 308.366013][ T9865] ? alloc_fd+0x476/0x790 [ 308.366055][ T9865] ? do_getname+0x191/0x390 [ 308.366114][ T9865] do_sys_openat2+0x10d/0x1e0 [ 308.366156][ T9865] ? __pfx_do_sys_openat2+0x10/0x10 [ 308.366199][ T9865] ? do_raw_spin_lock+0x128/0x260 [ 308.366237][ T9865] __x64_sys_openat+0x12d/0x210 [ 308.366288][ T9865] ? __pfx___x64_sys_openat+0x10/0x10 [ 308.366338][ T9865] ? rcu_is_watching+0x12/0xc0 [ 308.366372][ T9865] do_syscall_64+0x115/0x840 [ 308.366411][ T9865] ? clear_bhb_loop+0x40/0x90 [ 308.366447][ T9865] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.366478][ T9865] RIP: 0033:0x7faf3279ce59 [ 308.366503][ T9865] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 308.366529][ T9865] RSP: 002b:00007faf33585028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 308.366564][ T9865] RAX: ffffffffffffffda RBX: 00007faf32a16090 RCX: 00007faf3279ce59 [ 308.366583][ T9865] RDX: 000000000004c280 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 308.366601][ T9865] RBP: 00007faf32832d6f R08: 0000000000000000 R09: 0000000000000000 [ 308.366618][ T9865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 308.366635][ T9865] R13: 00007faf32a16128 R14: 00007faf32a16090 R15: 00007ffdd9083958 [ 308.366670][ T9865] [ 310.492915][ T9904] netlink: 322 bytes leftover after parsing attributes in process `syz.2.1346'. [ 310.669756][ T9910] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1348'. [ 312.031306][ T9941] netlink: 98 bytes leftover after parsing attributes in process `syz.3.1361'. [ 312.498539][ T9949] netlink: 322 bytes leftover after parsing attributes in process `syz.0.1362'. [ 312.574168][ T9951] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1364'. [ 312.699579][ T9953] FAULT_INJECTION: forcing a failure. [ 312.699579][ T9953] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 312.714732][ T9953] CPU: 0 UID: 0 PID: 9953 Comm: syz.0.1365 Tainted: G L syzkaller #0 PREEMPT(full) [ 312.714777][ T9953] Tainted: [L]=SOFTLOCKUP [ 312.714787][ T9953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 312.714804][ T9953] Call Trace: [ 312.714813][ T9953] [ 312.714824][ T9953] dump_stack_lvl+0x100/0x190 [ 312.714862][ T9953] should_fail_ex.cold+0x5/0xa [ 312.714901][ T9953] copy_folio_from_iter_atomic+0x5c8/0x2000 [ 312.714960][ T9953] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 312.715002][ T9953] ? shmem_write_begin+0x1ba/0x420 [ 312.715034][ T9953] ? __pfx_shmem_write_begin+0x10/0x10 [ 312.715068][ T9953] ? balance_dirty_pages_ratelimited_flags+0x91/0x1170 [ 312.715113][ T9953] generic_perform_write+0x4cb/0xa40 [ 312.715167][ T9953] ? __pfx_generic_perform_write+0x10/0x10 [ 312.715215][ T9953] ? file_update_time_flags+0x373/0x500 [ 312.715263][ T9953] shmem_file_write_iter+0x10e/0x140 [ 312.715301][ T9953] vfs_write+0x6ac/0x1070 [ 312.715342][ T9953] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 312.715382][ T9953] ? __pfx_vfs_write+0x10/0x10 [ 312.715441][ T9953] ksys_write+0x12a/0x250 [ 312.715474][ T9953] ? __pfx_ksys_write+0x10/0x10 [ 312.715511][ T9953] ? rcu_is_watching+0x12/0xc0 [ 312.715550][ T9953] do_syscall_64+0x115/0x840 [ 312.715588][ T9953] ? clear_bhb_loop+0x40/0x90 [ 312.715622][ T9953] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 312.715653][ T9953] RIP: 0033:0x7faf3279ce59 [ 312.715677][ T9953] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 312.715704][ T9953] RSP: 002b:00007faf335a6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 312.715731][ T9953] RAX: ffffffffffffffda RBX: 00007faf32a15fa0 RCX: 00007faf3279ce59 [ 312.715752][ T9953] RDX: 000040100000a3d5 RSI: 0000000000000000 RDI: 0000000000000005 [ 312.715769][ T9953] RBP: 00007faf32832d6f R08: 0000000000000000 R09: 0000000000000000 [ 312.715786][ T9953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 312.715803][ T9953] R13: 00007faf32a16038 R14: 00007faf32a15fa0 R15: 00007ffdd9083958 [ 312.715842][ T9953] [ 313.937528][ T9970] FAULT_INJECTION: forcing a failure. [ 313.937528][ T9970] name failslab, interval 1, probability 0, space 0, times 0 [ 314.016922][ T9970] CPU: 0 UID: 0 PID: 9970 Comm: syz.2.1369 Tainted: G L syzkaller #0 PREEMPT(full) [ 314.016965][ T9970] Tainted: [L]=SOFTLOCKUP [ 314.016976][ T9970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 314.016992][ T9970] Call Trace: [ 314.017001][ T9970] [ 314.017012][ T9970] dump_stack_lvl+0x100/0x190 [ 314.017048][ T9970] should_fail_ex.cold+0x5/0xa [ 314.017085][ T9970] should_failslab+0xc2/0x120 [ 314.017120][ T9970] __kmalloc_cache_noprof+0x7a/0x6f0 [ 314.017162][ T9970] ? alloc_ucounts+0x13d/0x5c0 [ 314.017210][ T9970] alloc_ucounts+0x13d/0x5c0 [ 314.017251][ T9970] ? __pfx_alloc_ucounts+0x10/0x10 [ 314.017304][ T9970] set_cred_ucounts+0xcd/0x200 [ 314.017338][ T9970] __sys_setreuid+0x4a0/0xb00 [ 314.017377][ T9970] do_syscall_64+0x115/0x840 [ 314.017416][ T9970] ? clear_bhb_loop+0x40/0x90 [ 314.017451][ T9970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.017481][ T9970] RIP: 0033:0x7f036d99ce59 [ 314.017504][ T9970] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 314.017532][ T9970] RSP: 002b:00007f036e90b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 314.017568][ T9970] RAX: ffffffffffffffda RBX: 00007f036dc15fa0 RCX: 00007f036d99ce59 [ 314.017588][ T9970] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee01 [ 314.017605][ T9970] RBP: 00007f036da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 314.017622][ T9970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 314.017640][ T9970] R13: 00007f036dc16038 R14: 00007f036dc15fa0 R15: 00007fffc839d0d8 [ 314.017678][ T9970] [ 314.245668][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 315.540055][ T9998] netlink: 98 bytes leftover after parsing attributes in process `syz.1.1378'. [ 315.717785][T10006] FAULT_INJECTION: forcing a failure. [ 315.717785][T10006] name failslab, interval 1, probability 0, space 0, times 0 [ 315.791468][T10006] CPU: 0 UID: 0 PID: 10006 Comm: syz.1.1382 Tainted: G L syzkaller #0 PREEMPT(full) [ 315.791514][T10006] Tainted: [L]=SOFTLOCKUP [ 315.791523][T10006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 315.791539][T10006] Call Trace: [ 315.791548][T10006] [ 315.791558][T10006] dump_stack_lvl+0x100/0x190 [ 315.791594][T10006] should_fail_ex.cold+0x5/0xa [ 315.791630][T10006] should_failslab+0xc2/0x120 [ 315.791665][T10006] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 315.791712][T10006] ? alloc_uid+0x13d/0x4c0 [ 315.791748][T10006] ? rcu_is_watching+0x12/0xc0 [ 315.791786][T10006] alloc_uid+0x13d/0x4c0 [ 315.791823][T10006] ? __pfx_alloc_uid+0x10/0x10 [ 315.791862][T10006] ? bpf_lsm_capable+0x9/0x10 [ 315.791899][T10006] ? security_capable+0x80/0x260 [ 315.791933][T10006] __sys_setreuid+0x63c/0xb00 [ 315.791972][T10006] do_syscall_64+0x115/0x840 [ 315.792011][T10006] ? clear_bhb_loop+0x40/0x90 [ 315.792045][T10006] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.792076][T10006] RIP: 0033:0x7fe0fc39ce59 [ 315.792098][T10006] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 315.792126][T10006] RSP: 002b:00007fe0fd218028 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 315.792153][T10006] RAX: ffffffffffffffda RBX: 00007fe0fc615fa0 RCX: 00007fe0fc39ce59 [ 315.792172][T10006] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee01 [ 315.792189][T10006] RBP: 00007fe0fc432d6f R08: 0000000000000000 R09: 0000000000000000 [ 315.792206][T10006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 315.792222][T10006] R13: 00007fe0fc616038 R14: 00007fe0fc615fa0 R15: 00007ffe473bc0a8 [ 315.792260][T10006] [ 316.147209][T10013] FAULT_INJECTION: forcing a failure. [ 316.147209][T10013] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 316.160455][T10013] CPU: 0 UID: 0 PID: 10013 Comm: syz.1.1386 Tainted: G L syzkaller #0 PREEMPT(full) [ 316.160496][T10013] Tainted: [L]=SOFTLOCKUP [ 316.160506][T10013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 316.160517][T10013] Call Trace: [ 316.160523][T10013] [ 316.160529][T10013] dump_stack_lvl+0x100/0x190 [ 316.160549][T10013] should_fail_ex.cold+0x5/0xa [ 316.160569][T10013] copy_folio_from_iter_atomic+0x5c8/0x2000 [ 316.160601][T10013] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 316.160622][T10013] ? shmem_write_begin+0x1ba/0x420 [ 316.160638][T10013] ? __pfx_shmem_write_begin+0x10/0x10 [ 316.160655][T10013] ? balance_dirty_pages_ratelimited_flags+0x91/0x1170 [ 316.160677][T10013] generic_perform_write+0x4cb/0xa40 [ 316.160705][T10013] ? __pfx_generic_perform_write+0x10/0x10 [ 316.160725][T10013] ? __mark_inode_dirty+0x55c/0x1720 [ 316.160742][T10013] ? mnt_put_write_access_file+0x4e/0x100 [ 316.160760][T10013] ? file_update_time_flags+0x373/0x500 [ 316.160783][T10013] shmem_file_write_iter+0x10e/0x140 [ 316.160802][T10013] vfs_write+0x6ac/0x1070 [ 316.160819][T10013] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 316.160847][T10013] ? __pfx_vfs_write+0x10/0x10 [ 316.160876][T10013] ksys_write+0x12a/0x250 [ 316.160892][T10013] ? __pfx_ksys_write+0x10/0x10 [ 316.160910][T10013] ? rcu_is_watching+0x12/0xc0 [ 316.160931][T10013] do_syscall_64+0x115/0x840 [ 316.160950][T10013] ? clear_bhb_loop+0x40/0x90 [ 316.160968][T10013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.160984][T10013] RIP: 0033:0x7fe0fc39ce59 [ 316.160997][T10013] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 316.161011][T10013] RSP: 002b:00007fe0fd218028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 316.161025][T10013] RAX: ffffffffffffffda RBX: 00007fe0fc615fa0 RCX: 00007fe0fc39ce59 [ 316.161035][T10013] RDX: 000040100000a3d5 RSI: 0000000000000000 RDI: 0000000000000005 [ 316.161044][T10013] RBP: 00007fe0fc432d6f R08: 0000000000000000 R09: 0000000000000000 [ 316.161053][T10013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 316.161062][T10013] R13: 00007fe0fc616038 R14: 00007fe0fc615fa0 R15: 00007ffe473bc0a8 [ 316.161081][T10013] [ 317.085434][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.091844][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.523977][T10046] FAULT_INJECTION: forcing a failure. [ 318.523977][T10046] name failslab, interval 1, probability 0, space 0, times 0 [ 318.562319][T10046] CPU: 1 UID: 0 PID: 10046 Comm: syz.1.1396 Tainted: G L syzkaller #0 PREEMPT(full) [ 318.562364][T10046] Tainted: [L]=SOFTLOCKUP [ 318.562374][T10046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 318.562391][T10046] Call Trace: [ 318.562400][T10046] [ 318.562410][T10046] dump_stack_lvl+0x100/0x190 [ 318.562444][T10046] should_fail_ex.cold+0x5/0xa [ 318.562480][T10046] should_failslab+0xc2/0x120 [ 318.562515][T10046] __kmalloc_cache_noprof+0x7a/0x6f0 [ 318.562555][T10046] ? ocfs2_control_open+0x45/0x1d0 [ 318.562665][T10046] ocfs2_control_open+0x45/0x1d0 [ 318.562710][T10046] ? __pfx_ocfs2_control_open+0x10/0x10 [ 318.562753][T10046] misc_open+0x26d/0x450 [ 318.562783][T10046] ? __pfx_misc_open+0x10/0x10 [ 318.562811][T10046] chrdev_open+0x234/0x6a0 [ 318.562854][T10046] ? __pfx_apparmor_file_open+0x10/0x10 [ 318.562887][T10046] ? __pfx_chrdev_open+0x10/0x10 [ 318.562925][T10046] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 318.562973][T10046] do_dentry_open+0x6ab/0x14d0 [ 318.563007][T10046] ? __pfx_chrdev_open+0x10/0x10 [ 318.563049][T10046] vfs_open+0x82/0x3f0 [ 318.563114][T10046] path_openat+0x208c/0x31a0 [ 318.563165][T10046] ? __pfx_path_openat+0x10/0x10 [ 318.563217][T10046] do_file_open+0x20e/0x430 [ 318.563257][T10046] ? __pfx_do_file_open+0x10/0x10 [ 318.563330][T10046] ? alloc_fd+0x476/0x790 [ 318.563370][T10046] ? do_getname+0x191/0x390 [ 318.563416][T10046] do_sys_openat2+0x10d/0x1e0 [ 318.563461][T10046] ? __pfx_do_sys_openat2+0x10/0x10 [ 318.563506][T10046] ? do_raw_spin_lock+0x128/0x260 [ 318.563548][T10046] __x64_sys_openat+0x12d/0x210 [ 318.563590][T10046] ? __pfx___x64_sys_openat+0x10/0x10 [ 318.563641][T10046] ? rcu_is_watching+0x12/0xc0 [ 318.563679][T10046] do_syscall_64+0x115/0x840 [ 318.563718][T10046] ? clear_bhb_loop+0x40/0x90 [ 318.563754][T10046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.563783][T10046] RIP: 0033:0x7fe0fc39ce59 [ 318.563808][T10046] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 318.563835][T10046] RSP: 002b:00007fe0fd1f7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 318.563862][T10046] RAX: ffffffffffffffda RBX: 00007fe0fc616090 RCX: 00007fe0fc39ce59 [ 318.563882][T10046] RDX: 000000000004c280 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 318.563901][T10046] RBP: 00007fe0fc432d6f R08: 0000000000000000 R09: 0000000000000000 [ 318.563919][T10046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 318.563936][T10046] R13: 00007fe0fc616128 R14: 00007fe0fc616090 R15: 00007ffe473bc0a8 [ 318.563974][T10046] [ 319.056503][T10049] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1397'. [ 319.457306][T10061] FAULT_INJECTION: forcing a failure. [ 319.457306][T10061] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 319.496219][T10061] CPU: 1 UID: 0 PID: 10061 Comm: syz.2.1402 Tainted: G L syzkaller #0 PREEMPT(full) [ 319.496266][T10061] Tainted: [L]=SOFTLOCKUP [ 319.496276][T10061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 319.496294][T10061] Call Trace: [ 319.496303][T10061] [ 319.496314][T10061] dump_stack_lvl+0x100/0x190 [ 319.496349][T10061] should_fail_ex.cold+0x5/0xa [ 319.496379][T10061] ? prepare_alloc_pages+0x16d/0x5f0 [ 319.496419][T10061] should_fail_alloc_page+0xeb/0x140 [ 319.496455][T10061] prepare_alloc_pages+0x1f0/0x5f0 [ 319.496497][T10061] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 319.496546][T10061] ? bpf_ksym_find+0x124/0x1c0 [ 319.496575][T10061] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 319.496608][T10061] ? is_bpf_text_address+0x94/0x1a0 [ 319.496644][T10061] ? kernel_text_address+0x8d/0x100 [ 319.496675][T10061] ? __kernel_text_address+0xd/0x30 [ 319.496704][T10061] ? unwind_get_return_address+0x59/0xa0 [ 319.496745][T10061] ? arch_stack_walk+0xa6/0xf0 [ 319.496785][T10061] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 319.496841][T10061] ? __lock_acquire+0x4a5/0x2630 [ 319.496895][T10061] ? stack_depot_save_flags+0x27/0x9d0 [ 319.496950][T10061] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 319.496998][T10061] ? policy_nodemask+0xed/0x4f0 [ 319.497045][T10061] alloc_pages_mpol+0x1fb/0x540 [ 319.497082][T10061] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 319.497128][T10061] folio_alloc_mpol_noprof+0x36/0x260 [ 319.497169][T10061] shmem_alloc_folio+0x135/0x160 [ 319.497212][T10061] shmem_alloc_and_add_folio+0x371/0xd40 [ 319.497267][T10061] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 319.497317][T10061] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 319.497354][T10061] shmem_get_folio_gfp+0x6ab/0x1900 [ 319.497387][T10061] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 319.497415][T10061] ? filemap_map_pages+0x9c1/0x2140 [ 319.497457][T10061] shmem_fault+0x1f9/0xa20 [ 319.497480][T10061] ? __pfx_shmem_fault+0x10/0x10 [ 319.497512][T10061] ? __pfx_filemap_map_pages+0x10/0x10 [ 319.497562][T10061] ? find_held_lock+0x2b/0x80 [ 319.497601][T10061] __do_fault+0x10b/0x440 [ 319.497635][T10061] do_fault+0xa99/0x1750 [ 319.497679][T10061] __handle_mm_fault+0x187d/0x2a00 [ 319.497731][T10061] ? mt_find+0x45e/0x8e0 [ 319.497780][T10061] ? __pfx___handle_mm_fault+0x10/0x10 [ 319.497826][T10061] ? __pfx_mt_find+0x10/0x10 [ 319.497893][T10061] ? find_vma+0xbf/0x140 [ 319.497924][T10061] ? __pfx_find_vma+0x10/0x10 [ 319.497957][T10061] handle_mm_fault+0x37b/0xa30 [ 319.498002][T10061] do_user_addr_fault+0x74c/0x12f0 [ 319.498052][T10061] ? trace_page_fault_kernel+0x7a/0x200 [ 319.498086][T10061] exc_page_fault+0x6f/0xd0 [ 319.498117][T10061] asm_exc_page_fault+0x26/0x30 [ 319.498144][T10061] RIP: 0010:fault_in_readable+0xde/0x190 [ 319.498177][T10061] Code: d8 b0 b1 ff 4c 89 f0 48 85 c0 0f 85 bf 00 00 00 e8 a7 b6 b1 ff 0f 01 cb 0f ae e8 4c 89 fb 4d 85 ff 75 31 eb 48 e8 92 b6 b1 ff <44> 8a 33 e8 8a b6 b1 ff 48 81 c3 00 10 00 00 31 ff 48 81 e3 00 f0 [ 319.498205][T10061] RSP: 0018:ffffc900056f7b00 EFLAGS: 00050283 [ 319.498228][T10061] RAX: 000000000000a21c RBX: 0000000000013000 RCX: ffffc90004222000 [ 319.498246][T10061] RDX: 0000000000080000 RSI: ffffffff825645ae RDI: ffff888029c71f00 [ 319.498265][T10061] RBP: 0000000000014000 R08: 0000000000000006 R09: 0000000000014000 [ 319.498282][T10061] R10: 0000000000013000 R11: 0000000000000000 R12: 0000000000001000 [ 319.498298][T10061] R13: 1ffff92000adef61 R14: 0000000000000000 R15: 0000000000013000 [ 319.498325][T10061] ? fault_in_readable+0xde/0x190 [ 319.498359][T10061] ? __pfx_fault_in_readable+0x10/0x10 [ 319.498396][T10061] fault_in_iov_iter_readable+0x101/0x2c0 [ 319.498442][T10061] generic_perform_write+0x863/0xa40 [ 319.498497][T10061] ? __pfx_generic_perform_write+0x10/0x10 [ 319.498548][T10061] ? file_update_time_flags+0x373/0x500 [ 319.498599][T10061] shmem_file_write_iter+0x10e/0x140 [ 319.498639][T10061] vfs_write+0x6ac/0x1070 [ 319.498675][T10061] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 319.498718][T10061] ? __pfx_vfs_write+0x10/0x10 [ 319.498777][T10061] ksys_write+0x12a/0x250 [ 319.498809][T10061] ? __pfx_ksys_write+0x10/0x10 [ 319.498844][T10061] ? rcu_is_watching+0x12/0xc0 [ 319.498872][T10061] do_syscall_64+0x115/0x840 [ 319.498908][T10061] ? clear_bhb_loop+0x40/0x90 [ 319.498938][T10061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.498962][T10061] RIP: 0033:0x7f036d99ce59 [ 319.498982][T10061] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 319.499004][T10061] RSP: 002b:00007f036e90b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 319.499033][T10061] RAX: ffffffffffffffda RBX: 00007f036dc15fa0 RCX: 00007f036d99ce59 [ 319.499050][T10061] RDX: 000040100000a3d5 RSI: 0000000000000000 RDI: 0000000000000005 [ 319.499064][T10061] RBP: 00007f036da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 319.499079][T10061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.499094][T10061] R13: 00007f036dc16038 R14: 00007f036dc15fa0 R15: 00007fffc839d0d8 [ 319.499127][T10061] [ 320.774274][ T30] audit: type=1800 audit(1780428582.980:4): pid=10075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1405" name="file0" dev="tmpfs" ino=1815 res=0 errno=0 [ 322.553887][T10094] FAULT_INJECTION: forcing a failure. [ 322.553887][T10094] name failslab, interval 1, probability 0, space 0, times 0 [ 322.574480][T10094] CPU: 0 UID: 0 PID: 10094 Comm: syz.3.1409 Tainted: G L syzkaller #0 PREEMPT(full) [ 322.574525][T10094] Tainted: [L]=SOFTLOCKUP [ 322.574535][T10094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 322.574553][T10094] Call Trace: [ 322.574562][T10094] [ 322.574572][T10094] dump_stack_lvl+0x100/0x190 [ 322.574607][T10094] should_fail_ex.cold+0x5/0xa [ 322.574645][T10094] should_failslab+0xc2/0x120 [ 322.574681][T10094] __kmalloc_cache_noprof+0x7a/0x6f0 [ 322.574722][T10094] ? ocfs2_control_open+0x45/0x1d0 [ 322.574775][T10094] ocfs2_control_open+0x45/0x1d0 [ 322.574819][T10094] ? __pfx_ocfs2_control_open+0x10/0x10 [ 322.574863][T10094] misc_open+0x26d/0x450 [ 322.574893][T10094] ? __pfx_misc_open+0x10/0x10 [ 322.574921][T10094] chrdev_open+0x234/0x6a0 [ 322.574957][T10094] ? __pfx_apparmor_file_open+0x10/0x10 [ 322.574988][T10094] ? __pfx_chrdev_open+0x10/0x10 [ 322.575027][T10094] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 322.575074][T10094] do_dentry_open+0x6ab/0x14d0 [ 322.575109][T10094] ? __pfx_chrdev_open+0x10/0x10 [ 322.575152][T10094] vfs_open+0x82/0x3f0 [ 322.575198][T10094] path_openat+0x208c/0x31a0 [ 322.575255][T10094] ? __pfx_path_openat+0x10/0x10 [ 322.575306][T10094] do_file_open+0x20e/0x430 [ 322.575345][T10094] ? __pfx_do_file_open+0x10/0x10 [ 322.575408][T10094] ? alloc_fd+0x476/0x790 [ 322.575446][T10094] ? do_getname+0x191/0x390 [ 322.575492][T10094] do_sys_openat2+0x10d/0x1e0 [ 322.575533][T10094] ? __pfx_do_sys_openat2+0x10/0x10 [ 322.575581][T10094] ? do_raw_spin_lock+0x128/0x260 [ 322.575624][T10094] __x64_sys_openat+0x12d/0x210 [ 322.575670][T10094] ? __pfx___x64_sys_openat+0x10/0x10 [ 322.575722][T10094] ? rcu_is_watching+0x12/0xc0 [ 322.575761][T10094] do_syscall_64+0x115/0x840 [ 322.575801][T10094] ? clear_bhb_loop+0x40/0x90 [ 322.575838][T10094] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.575868][T10094] RIP: 0033:0x7f725599ce59 [ 322.575893][T10094] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 322.575922][T10094] RSP: 002b:00007f725680f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 322.575951][T10094] RAX: ffffffffffffffda RBX: 00007f7255c16090 RCX: 00007f725599ce59 [ 322.575971][T10094] RDX: 000000000004c280 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 322.575990][T10094] RBP: 00007f7255a32d6f R08: 0000000000000000 R09: 0000000000000000 [ 322.576008][T10094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 322.576025][T10094] R13: 00007f7255c16128 R14: 00007f7255c16090 R15: 00007fff733016d8 [ 322.576065][T10094] [ 325.859058][T10142] FAULT_INJECTION: forcing a failure. [ 325.859058][T10142] name failslab, interval 1, probability 0, space 0, times 0 [ 325.886755][T10142] CPU: 1 UID: 0 PID: 10142 Comm: syz.0.1423 Tainted: G L syzkaller #0 PREEMPT(full) [ 325.886801][T10142] Tainted: [L]=SOFTLOCKUP [ 325.886811][T10142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 325.886829][T10142] Call Trace: [ 325.886837][T10142] [ 325.886847][T10142] dump_stack_lvl+0x100/0x190 [ 325.886883][T10142] should_fail_ex.cold+0x5/0xa [ 325.886921][T10142] should_failslab+0xc2/0x120 [ 325.886956][T10142] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 325.887013][T10142] ? __alloc_skb+0x140/0x710 [ 325.887045][T10142] __alloc_skb+0x140/0x710 [ 325.887068][T10142] ? __alloc_skb+0x5b7/0x710 [ 325.887091][T10142] ? __pfx___alloc_skb+0x10/0x10 [ 325.887127][T10142] inet6_ifmcaddr_notify+0xd6/0x1d0 [ 325.887169][T10142] ? __pfx_inet6_ifmcaddr_notify+0x10/0x10 [ 325.887225][T10142] __ipv6_dev_mc_dec+0x297/0x340 [ 325.887262][T10142] ipv6_mc_destroy_dev+0x2cd/0x690 [ 325.887296][T10142] ? __local_bh_enable_ip+0x9e/0x120 [ 325.887337][T10142] addrconf_ifdown.isra.0+0x148a/0x1b70 [ 325.887390][T10142] ? __pfx_addrconf_ifdown.isra.0+0x10/0x10 [ 325.887445][T10142] addrconf_notify+0x4a3/0x1ba0 [ 325.887491][T10142] ? __pfx_tls_dev_event+0x10/0x10 [ 325.887527][T10142] ? __pfx_addrconf_notify+0x10/0x10 [ 325.887573][T10142] ? ip6mr_device_event+0x1c4/0x230 [ 325.887622][T10142] notifier_call_chain+0x99/0x400 [ 325.887671][T10142] call_netdevice_notifiers_info+0xbe/0x110 [ 325.887711][T10142] unregister_netdevice_many_notify+0x118f/0x24f0 [ 325.887758][T10142] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 325.887794][T10142] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 325.887849][T10142] unregister_netdevice_queue+0x30b/0x3c0 [ 325.887884][T10142] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 325.887920][T10142] ? __pfx_locks_remove_file+0x10/0x10 [ 325.887975][T10142] ppp_release+0x125/0x150 [ 325.888118][T10142] ? __pfx_ppp_release+0x10/0x10 [ 325.888160][T10142] __fput+0x3ff/0xb50 [ 325.888209][T10142] task_work_run+0x150/0x240 [ 325.888239][T10142] ? __pfx_task_work_run+0x10/0x10 [ 325.888270][T10142] ? rcu_is_watching+0x12/0xc0 [ 325.888308][T10142] exit_to_user_mode_loop+0x157/0x670 [ 325.888352][T10142] ? rcu_is_watching+0x12/0xc0 [ 325.888388][T10142] do_syscall_64+0x652/0x840 [ 325.888424][T10142] ? clear_bhb_loop+0x40/0x90 [ 325.888458][T10142] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.888488][T10142] RIP: 0033:0x7faf3279ce59 [ 325.888511][T10142] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 325.888539][T10142] RSP: 002b:00007faf335a6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 325.888565][T10142] RAX: 0000000000000000 RBX: 00007faf32a15fa0 RCX: 00007faf3279ce59 [ 325.888583][T10142] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 325.888599][T10142] RBP: 00007faf32832d6f R08: 0000000000000000 R09: 0000000000000000 [ 325.888614][T10142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 325.888630][T10142] R13: 00007faf32a16038 R14: 00007faf32a15fa0 R15: 00007ffdd9083958 [ 325.888667][T10142] [ 326.696081][T10157] random: crng reseeded on system resumption [ 327.972707][T10183] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1434'. [ 328.729881][T10191] FAULT_INJECTION: forcing a failure. [ 328.729881][T10191] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 328.765153][T10191] CPU: 0 UID: 0 PID: 10191 Comm: syz.2.1438 Tainted: G L syzkaller #0 PREEMPT(full) [ 328.765199][T10191] Tainted: [L]=SOFTLOCKUP [ 328.765210][T10191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 328.765227][T10191] Call Trace: [ 328.765236][T10191] [ 328.765247][T10191] dump_stack_lvl+0x100/0x190 [ 328.765283][T10191] should_fail_ex.cold+0x5/0xa [ 328.765315][T10191] ? prepare_alloc_pages+0x16d/0x5f0 [ 328.765361][T10191] should_fail_alloc_page+0xeb/0x140 [ 328.765400][T10191] prepare_alloc_pages+0x1f0/0x5f0 [ 328.765444][T10191] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 328.765494][T10191] ? bpf_ksym_find+0x124/0x1c0 [ 328.765525][T10191] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 328.765569][T10191] ? is_bpf_text_address+0x94/0x1a0 [ 328.765604][T10191] ? kernel_text_address+0x8d/0x100 [ 328.765631][T10191] ? __kernel_text_address+0xd/0x30 [ 328.765656][T10191] ? unwind_get_return_address+0x59/0xa0 [ 328.765693][T10191] ? arch_stack_walk+0xa6/0xf0 [ 328.765727][T10191] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 328.765782][T10191] ? __lock_acquire+0x4a5/0x2630 [ 328.765832][T10191] ? stack_depot_save_flags+0x27/0x9d0 [ 328.765885][T10191] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 328.765928][T10191] ? policy_nodemask+0xed/0x4f0 [ 328.765965][T10191] alloc_pages_mpol+0x1fb/0x540 [ 328.765999][T10191] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 328.766044][T10191] folio_alloc_mpol_noprof+0x36/0x260 [ 328.766085][T10191] shmem_alloc_folio+0x135/0x160 [ 328.766136][T10191] shmem_alloc_and_add_folio+0x371/0xd40 [ 328.766194][T10191] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 328.766244][T10191] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 328.766283][T10191] shmem_get_folio_gfp+0x6ab/0x1900 [ 328.766321][T10191] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 328.766350][T10191] ? filemap_map_pages+0x9c1/0x2140 [ 328.766401][T10191] shmem_fault+0x1f9/0xa20 [ 328.766430][T10191] ? __pfx_shmem_fault+0x10/0x10 [ 328.766463][T10191] ? __pfx_filemap_map_pages+0x10/0x10 [ 328.766513][T10191] ? find_held_lock+0x2b/0x80 [ 328.766551][T10191] __do_fault+0x10b/0x440 [ 328.766583][T10191] do_fault+0xa99/0x1750 [ 328.766625][T10191] __handle_mm_fault+0x187d/0x2a00 [ 328.766674][T10191] ? mt_find+0x45e/0x8e0 [ 328.766717][T10191] ? __pfx___handle_mm_fault+0x10/0x10 [ 328.766756][T10191] ? __pfx_mt_find+0x10/0x10 [ 328.766817][T10191] ? find_vma+0xbf/0x140 [ 328.766847][T10191] ? __pfx_find_vma+0x10/0x10 [ 328.766882][T10191] handle_mm_fault+0x37b/0xa30 [ 328.766931][T10191] do_user_addr_fault+0x74c/0x12f0 [ 328.766969][T10191] ? trace_page_fault_kernel+0x7a/0x200 [ 328.767005][T10191] exc_page_fault+0x6f/0xd0 [ 328.767045][T10191] asm_exc_page_fault+0x26/0x30 [ 328.767073][T10191] RIP: 0010:fault_in_readable+0xde/0x190 [ 328.767112][T10191] Code: d8 b0 b1 ff 4c 89 f0 48 85 c0 0f 85 bf 00 00 00 e8 a7 b6 b1 ff 0f 01 cb 0f ae e8 4c 89 fb 4d 85 ff 75 31 eb 48 e8 92 b6 b1 ff <44> 8a 33 e8 8a b6 b1 ff 48 81 c3 00 10 00 00 31 ff 48 81 e3 00 f0 [ 328.767141][T10191] RSP: 0018:ffffc9000335fb00 EFLAGS: 00050287 [ 328.767164][T10191] RAX: 000000000000aea6 RBX: 0000000000013000 RCX: ffffc90004222000 [ 328.767183][T10191] RDX: 0000000000080000 RSI: ffffffff825645ae RDI: ffff888030a4dd00 [ 328.767201][T10191] RBP: 0000000000014000 R08: 0000000000000006 R09: 0000000000014000 [ 328.767215][T10191] R10: 0000000000013000 R11: 0000000000000000 R12: 0000000000001000 [ 328.767232][T10191] R13: 1ffff9200066bf61 R14: 0000000000000000 R15: 0000000000013000 [ 328.767260][T10191] ? fault_in_readable+0xde/0x190 [ 328.767298][T10191] ? __pfx_fault_in_readable+0x10/0x10 [ 328.767335][T10191] fault_in_iov_iter_readable+0x101/0x2c0 [ 328.767377][T10191] generic_perform_write+0x863/0xa40 [ 328.767428][T10191] ? __pfx_generic_perform_write+0x10/0x10 [ 328.767465][T10191] ? __mark_inode_dirty+0x55c/0x1720 [ 328.767492][T10191] ? mnt_put_write_access_file+0x4e/0x100 [ 328.767526][T10191] ? file_update_time_flags+0x373/0x500 [ 328.767571][T10191] shmem_file_write_iter+0x10e/0x140 [ 328.767607][T10191] vfs_write+0x6ac/0x1070 [ 328.767640][T10191] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 328.767679][T10191] ? __pfx_vfs_write+0x10/0x10 [ 328.767736][T10191] ksys_write+0x12a/0x250 [ 328.767767][T10191] ? __pfx_ksys_write+0x10/0x10 [ 328.767797][T10191] ? rcu_is_watching+0x12/0xc0 [ 328.767827][T10191] do_syscall_64+0x115/0x840 [ 328.767856][T10191] ? clear_bhb_loop+0x40/0x90 [ 328.767888][T10191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.767917][T10191] RIP: 0033:0x7f036d99ce59 [ 328.767939][T10191] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 328.767966][T10191] RSP: 002b:00007f036e90b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 328.767994][T10191] RAX: ffffffffffffffda RBX: 00007f036dc15fa0 RCX: 00007f036d99ce59 [ 328.768013][T10191] RDX: 000040100000a3d5 RSI: 0000000000000000 RDI: 0000000000000005 [ 328.768030][T10191] RBP: 00007f036da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 328.768045][T10191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 328.768061][T10191] R13: 00007f036dc16038 R14: 00007f036dc15fa0 R15: 00007fffc839d0d8 [ 328.768098][T10191] [ 329.744350][T10210] random: crng reseeded on system resumption [ 331.387758][T10243] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1452'. [ 331.918056][T10252] random: crng reseeded on system resumption [ 332.511273][T10268] random: crng reseeded on system resumption [ 333.708537][T10292] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1464'. [ 334.610553][T10305] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1469'. [ 336.173231][T10342] netlink: 18 bytes leftover after parsing attributes in process `syz.2.1480'. [ 337.007298][T10355] netlink: 'syz.1.1483': attribute type 33 has an invalid length. [ 337.028665][T10355] netlink: 322 bytes leftover after parsing attributes in process `syz.1.1483'. [ 339.020043][T10394] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1493'. [ 339.552255][T10401] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1496'. [ 339.833591][T10403] netlink: 'syz.0.1495': attribute type 33 has an invalid length. [ 339.858941][T10403] netlink: 322 bytes leftover after parsing attributes in process `syz.0.1495'. [ 340.300503][T10413] random: crng reseeded on system resumption [ 340.837464][ T30] audit: type=1800 audit(1780428603.050:5): pid=10424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1499" name="file0" dev="tmpfs" ino=2033 res=0 errno=0 [ 340.979356][T10431] random: crng reseeded on system resumption [ 341.707751][T10440] netlink: 208 bytes leftover after parsing attributes in process `syz.0.1515'. [ 341.759986][T10440] FAULT_INJECTION: forcing a failure. [ 341.759986][T10440] name failslab, interval 1, probability 0, space 0, times 0 [ 341.796794][T10440] CPU: 0 UID: 0 PID: 10440 Comm: syz.0.1515 Tainted: G L syzkaller #0 PREEMPT(full) [ 341.796839][T10440] Tainted: [L]=SOFTLOCKUP [ 341.796849][T10440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 341.796866][T10440] Call Trace: [ 341.796874][T10440] [ 341.796886][T10440] dump_stack_lvl+0x100/0x190 [ 341.796922][T10440] should_fail_ex.cold+0x5/0xa [ 341.796960][T10440] should_failslab+0xc2/0x120 [ 341.796995][T10440] __kmalloc_cache_node_noprof+0x7d/0x770 [ 341.797029][T10440] ? __alloc_workqueue+0xf57/0x1980 [ 341.797065][T10440] ? lockdep_init_map_type+0x5c/0x250 [ 341.797119][T10440] __alloc_workqueue+0xf57/0x1980 [ 341.797171][T10440] alloc_workqueue_noprof+0xc7/0x130 [ 341.797212][T10440] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 341.797256][T10440] ? trace_kmalloc+0xe3/0x110 [ 341.797287][T10440] ? __kasan_kmalloc+0xaa/0xb0 [ 341.797328][T10440] ieee80211_register_hw+0x2148/0x4570 [ 341.797378][T10440] ? mark_held_locks+0x1/0x70 [ 341.797432][T10440] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 341.797479][T10440] ? __pfx___debug_object_init+0x10/0x10 [ 341.797624][T10440] ? find_held_lock+0x2b/0x80 [ 341.797663][T10440] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 341.797703][T10440] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 341.797811][T10440] ? __hrtimer_setup+0x208/0x330 [ 341.797845][T10440] mac80211_hwsim_new_radio+0x2a01/0x5aa0 [ 341.797931][T10440] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 341.797981][T10440] hwsim_new_radio_nl+0xc5f/0x1370 [ 341.798018][T10440] ? rcu_is_watching+0x12/0xc0 [ 341.798054][T10440] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 341.798101][T10440] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0 [ 341.798146][T10440] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 341.798200][T10440] genl_family_rcv_msg_doit+0x214/0x300 [ 341.798247][T10440] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 341.798289][T10440] ? genl_get_cmd+0x3e7/0x760 [ 341.798337][T10440] ? bpf_lsm_capable+0x9/0x10 [ 341.798368][T10440] ? security_capable+0x80/0x260 [ 341.798397][T10440] ? ns_capable+0xd2/0xf0 [ 341.798432][T10440] genl_rcv_msg+0x560/0x800 [ 341.798478][T10440] ? __pfx_genl_rcv_msg+0x10/0x10 [ 341.798521][T10440] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 341.798570][T10440] netlink_rcv_skb+0x159/0x420 [ 341.798606][T10440] ? __pfx_genl_rcv_msg+0x10/0x10 [ 341.798650][T10440] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 341.798698][T10440] ? netlink_deliver_tap+0x1ae/0xcc0 [ 341.798738][T10440] genl_rcv+0x28/0x40 [ 341.798783][T10440] netlink_unicast+0x585/0x850 [ 341.798827][T10440] ? __pfx_netlink_unicast+0x10/0x10 [ 341.798876][T10440] netlink_sendmsg+0x8b0/0xda0 [ 341.798919][T10440] ? __pfx_netlink_sendmsg+0x10/0x10 [ 341.798954][T10440] ? __import_iovec+0x1d2/0x640 [ 341.798997][T10440] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 341.799035][T10440] ____sys_sendmsg+0x9e1/0xb70 [ 341.799069][T10440] ? __pfx_netlink_sendmsg+0x10/0x10 [ 341.799110][T10440] ? __pfx_____sys_sendmsg+0x10/0x10 [ 341.799154][T10440] ? __pfx_futex_wake_mark+0x10/0x10 [ 341.799197][T10440] ___sys_sendmsg+0x190/0x1e0 [ 341.799238][T10440] ? __pfx____sys_sendmsg+0x10/0x10 [ 341.799317][T10440] __sys_sendmsg+0x170/0x220 [ 341.799349][T10440] ? __pfx___sys_sendmsg+0x10/0x10 [ 341.799379][T10440] ? __x64_sys_futex+0x34f/0x4d0 [ 341.799422][T10440] ? rcu_is_watching+0x12/0xc0 [ 341.799460][T10440] do_syscall_64+0x115/0x840 [ 341.799500][T10440] ? clear_bhb_loop+0x40/0x90 [ 341.799537][T10440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.799567][T10440] RIP: 0033:0x7faf3279ce59 [ 341.799591][T10440] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 341.799619][T10440] RSP: 002b:00007faf335a6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 341.799646][T10440] RAX: ffffffffffffffda RBX: 00007faf32a15fa0 RCX: 00007faf3279ce59 [ 341.799666][T10440] RDX: 0000000004048000 RSI: 0000200000004240 RDI: 0000000000000006 [ 341.799683][T10440] RBP: 00007faf32832d6f R08: 0000000000000000 R09: 0000000000000000 [ 341.799701][T10440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 341.799718][T10440] R13: 00007faf32a16038 R14: 00007faf32a15fa0 R15: 00007ffdd9083958 [ 341.799757][T10440] [ 345.565035][ T5658] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 345.576329][ T5658] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:0' [ 345.586420][ T5658] CPU: 1 UID: 0 PID: 5658 Comm: kworker/u9:7 Tainted: G L syzkaller #0 PREEMPT(full) [ 345.586463][ T5658] Tainted: [L]=SOFTLOCKUP [ 345.586473][ T5658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 345.586502][ T5658] Workqueue: hci3 hci_rx_work [ 345.586540][ T5658] Call Trace: [ 345.586550][ T5658] [ 345.586560][ T5658] dump_stack_lvl+0x100/0x190 [ 345.586593][ T5658] sysfs_warn_dup.cold+0x1c/0x28 [ 345.586635][ T5658] sysfs_create_dir_ns+0x24b/0x2b0 [ 345.586666][ T5658] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 345.586696][ T5658] ? find_held_lock+0x2b/0x80 [ 345.586731][ T5658] ? kobject_add_internal+0x25f/0x930 [ 345.586759][ T5658] ? kobject_add_internal+0x25f/0x930 [ 345.586791][ T5658] ? do_raw_spin_unlock+0x145/0x1e0 [ 345.586824][ T5658] kobject_add_internal+0x2c8/0x930 [ 345.586857][ T5658] kobject_add+0x16a/0x1e0 [ 345.586885][ T5658] ? __pfx_kobject_add+0x10/0x10 [ 345.586910][ T5658] ? class_to_subsys+0x10f/0x150 [ 345.587027][ T5658] ? kobject_put+0xb9/0x640 [ 345.587066][ T5658] ? _raw_spin_unlock+0x28/0x50 [ 345.587112][ T5658] device_add+0x294/0x1950 [ 345.587145][ T5658] ? __pfx_dev_set_name+0x10/0x10 [ 345.587214][ T5658] ? __pfx_device_add+0x10/0x10 [ 345.587247][ T5658] ? mgmt_send_event_skb+0x2fb/0x460 [ 345.587297][ T5658] hci_conn_add_sysfs+0x1a3/0x260 [ 345.587341][ T5658] le_conn_complete_evt+0x11eb/0x1f60 [ 345.587412][ T5658] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 345.587448][ T5658] ? __pfx_bt_warn+0x10/0x10 [ 345.587503][ T5658] hci_le_conn_complete_evt+0x23c/0x3a0 [ 345.587542][ T5658] ? skb_pull_data+0x15f/0x1e0 [ 345.587585][ T5658] hci_le_meta_evt+0x34a/0x5f0 [ 345.587624][ T5658] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 345.587668][ T5658] hci_event_packet+0x51c/0xcd0 [ 345.587706][ T5658] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 345.587746][ T5658] ? __pfx_hci_event_packet+0x10/0x10 [ 345.587788][ T5658] ? kcov_remote_start+0x374/0x660 [ 345.587828][ T5658] ? lockdep_hardirqs_on+0x78/0x100 [ 345.587877][ T5658] hci_rx_work+0x451/0xfc0 [ 345.587919][ T5658] process_one_work+0xa0e/0x1980 [ 345.587965][ T5658] ? __pfx_process_one_work+0x10/0x10 [ 345.588006][ T5658] ? __pfx_hci_rx_work+0x10/0x10 [ 345.588046][ T5658] worker_thread+0x5ef/0xe50 [ 345.588086][ T5658] ? __pfx_worker_thread+0x10/0x10 [ 345.588123][ T5658] ? kthread+0x13a/0x450 [ 345.588165][ T5658] ? __pfx_worker_thread+0x10/0x10 [ 345.588191][ T5658] kthread+0x370/0x450 [ 345.588233][ T5658] ? __pfx_kthread+0x10/0x10 [ 345.588280][ T5658] ret_from_fork+0x72b/0xd50 [ 345.588313][ T5658] ? __pfx_ret_from_fork+0x10/0x10 [ 345.588346][ T5658] ? __switch_to+0x800/0x1100 [ 345.588384][ T5658] ? __switch_to_asm+0x39/0x70 [ 345.588426][ T5658] ? __pfx_kthread+0x10/0x10 [ 345.588472][ T5658] ret_from_fork_asm+0x1a/0x30 [ 345.588531][ T5658] [ 345.588942][ T5658] kobject: kobject_add_internal failed for hci3:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 345.881058][ T5658] Bluetooth: hci3: failed to register connection device [ 347.160968][ T30] audit: type=1800 audit(1780428609.370:6): pid=10516 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1535" name="file0" dev="tmpfs" ino=1953 res=0 errno=0 [ 347.955714][ T5649] Bluetooth: hci3: command 0x0406 tx timeout [ 348.127820][T10523] can: request_module (can-proto-4) failed. [ 349.125368][T10545] blktrace: Concurrent blktraces are not allowed on sg0 [ 350.049535][ T5658] Bluetooth: hci3: command 0x0406 tx timeout [ 350.095495][T10558] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1539'. [ 351.087379][ T30] audit: type=1800 audit(1780428613.300:7): pid=10569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1540" name="file0" dev="tmpfs" ino=2026 res=0 errno=0 [ 352.654954][T10596] random: crng reseeded on system resumption [ 354.316814][ T30] audit: type=1800 audit(1780428616.510:8): pid=10622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1555" name="file0" dev="tmpfs" ino=1990 res=0 errno=0 [ 354.888122][ T5658] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 354.895990][ T5658] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0' [ 354.908897][ T5658] CPU: 0 UID: 0 PID: 5658 Comm: kworker/u9:7 Tainted: G L syzkaller #0 PREEMPT(full) [ 354.908944][ T5658] Tainted: [L]=SOFTLOCKUP [ 354.908955][ T5658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 354.908975][ T5658] Workqueue: hci1 hci_rx_work [ 354.909026][ T5658] Call Trace: [ 354.909036][ T5658] [ 354.909048][ T5658] dump_stack_lvl+0x100/0x190 [ 354.909081][ T5658] sysfs_warn_dup.cold+0x1c/0x28 [ 354.909129][ T5658] sysfs_create_dir_ns+0x24b/0x2b0 [ 354.909163][ T5658] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 354.909197][ T5658] ? find_held_lock+0x2b/0x80 [ 354.909233][ T5658] ? kobject_add_internal+0x25f/0x930 [ 354.909262][ T5658] ? kobject_add_internal+0x25f/0x930 [ 354.909294][ T5658] ? do_raw_spin_unlock+0x145/0x1e0 [ 354.909330][ T5658] kobject_add_internal+0x2c8/0x930 [ 354.909364][ T5658] kobject_add+0x16a/0x1e0 [ 354.909393][ T5658] ? __pfx_kobject_add+0x10/0x10 [ 354.909419][ T5658] ? class_to_subsys+0x10f/0x150 [ 354.909459][ T5658] ? kobject_put+0xb9/0x640 [ 354.909499][ T5658] ? _raw_spin_unlock+0x28/0x50 [ 354.909544][ T5658] device_add+0x294/0x1950 [ 354.909576][ T5658] ? __pfx_dev_set_name+0x10/0x10 [ 354.909611][ T5658] ? __pfx_device_add+0x10/0x10 [ 354.909641][ T5658] ? mgmt_send_event_skb+0x2fb/0x460 [ 354.909688][ T5658] hci_conn_add_sysfs+0x1a3/0x260 [ 354.909731][ T5658] le_conn_complete_evt+0x11eb/0x1f60 [ 354.909779][ T5658] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 354.909814][ T5658] ? __pfx_bt_warn+0x10/0x10 [ 354.909866][ T5658] hci_le_conn_complete_evt+0x23c/0x3a0 [ 354.909906][ T5658] ? skb_pull_data+0x15f/0x1e0 [ 354.909948][ T5658] hci_le_meta_evt+0x34a/0x5f0 [ 354.909998][ T5658] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 354.910042][ T5658] hci_event_packet+0x51c/0xcd0 [ 354.910080][ T5658] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 354.910123][ T5658] ? __pfx_hci_event_packet+0x10/0x10 [ 354.910165][ T5658] ? kcov_remote_start+0x374/0x660 [ 354.910204][ T5658] ? lockdep_hardirqs_on+0x78/0x100 [ 354.910253][ T5658] hci_rx_work+0x451/0xfc0 [ 354.910297][ T5658] process_one_work+0xa0e/0x1980 [ 354.910343][ T5658] ? __pfx_process_one_work+0x10/0x10 [ 354.910383][ T5658] ? __pfx_hci_rx_work+0x10/0x10 [ 354.910423][ T5658] worker_thread+0x5ef/0xe50 [ 354.910461][ T5658] ? __pfx_worker_thread+0x10/0x10 [ 354.910489][ T5658] ? kthread+0x13a/0x450 [ 354.910529][ T5658] ? __pfx_worker_thread+0x10/0x10 [ 354.910555][ T5658] kthread+0x370/0x450 [ 354.910595][ T5658] ? __pfx_kthread+0x10/0x10 [ 354.910640][ T5658] ret_from_fork+0x72b/0xd50 [ 354.910672][ T5658] ? __pfx_ret_from_fork+0x10/0x10 [ 354.910704][ T5658] ? __switch_to+0x800/0x1100 [ 354.910739][ T5658] ? __switch_to_asm+0x39/0x70 [ 354.910774][ T5658] ? __pfx_kthread+0x10/0x10 [ 354.910818][ T5658] ret_from_fork_asm+0x1a/0x30 [ 354.910874][ T5658] [ 354.910928][ T5658] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 355.203853][ T5658] Bluetooth: hci1: failed to register connection device [ 355.637055][T10632] blktrace: Concurrent blktraces are not allowed on sg0 [ 357.142560][T10644] random: crng reseeded on system resumption [ 357.237011][ T5649] Bluetooth: hci1: command 0x0406 tx timeout [ 358.961289][T10671] futex_wake_op: syz.1.1565 tries to shift op by -2048; fix this program [ 359.019997][T10684] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1569'. [ 359.022259][T10671] futex_wake_op: syz.1.1565 tries to shift op by -2048; fix this program [ 359.316285][ T5658] Bluetooth: hci1: command 0x0406 tx timeout [ 359.429514][T10690] netlink: 208 bytes leftover after parsing attributes in process `syz.2.1571'. [ 359.469894][T10690] FAULT_INJECTION: forcing a failure. [ 359.469894][T10690] name failslab, interval 1, probability 0, space 0, times 0 [ 359.509467][T10690] CPU: 0 UID: 0 PID: 10690 Comm: syz.2.1571 Tainted: G L syzkaller #0 PREEMPT(full) [ 359.509513][T10690] Tainted: [L]=SOFTLOCKUP [ 359.509522][T10690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 359.509539][T10690] Call Trace: [ 359.509548][T10690] [ 359.509560][T10690] dump_stack_lvl+0x100/0x190 [ 359.509596][T10690] should_fail_ex.cold+0x5/0xa [ 359.509633][T10690] should_failslab+0xc2/0x120 [ 359.509668][T10690] __kmalloc_cache_noprof+0x7a/0x6f0 [ 359.509709][T10690] ? __alloc_workqueue+0x1a0/0x1980 [ 359.509757][T10690] __alloc_workqueue+0x1a0/0x1980 [ 359.509809][T10690] alloc_workqueue_noprof+0xc7/0x130 [ 359.509849][T10690] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 359.509892][T10690] ? trace_kmalloc+0xe3/0x110 [ 359.509924][T10690] ? __kasan_kmalloc+0xaa/0xb0 [ 359.509965][T10690] ieee80211_register_hw+0x2148/0x4570 [ 359.510015][T10690] ? mark_held_locks+0x1/0x70 [ 359.510068][T10690] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 359.510111][T10690] ? __pfx___debug_object_init+0x10/0x10 [ 359.510155][T10690] ? find_held_lock+0x2b/0x80 [ 359.510199][T10690] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 359.510242][T10690] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 359.510287][T10690] ? __hrtimer_setup+0x208/0x330 [ 359.510321][T10690] mac80211_hwsim_new_radio+0x2a01/0x5aa0 [ 359.510382][T10690] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 359.510431][T10690] hwsim_new_radio_nl+0xc5f/0x1370 [ 359.510466][T10690] ? rcu_is_watching+0x12/0xc0 [ 359.510501][T10690] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 359.510548][T10690] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0 [ 359.510593][T10690] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 359.510644][T10690] genl_family_rcv_msg_doit+0x214/0x300 [ 359.510690][T10690] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 359.510732][T10690] ? genl_get_cmd+0x3e7/0x760 [ 359.510782][T10690] ? bpf_lsm_capable+0x9/0x10 [ 359.510811][T10690] ? security_capable+0x80/0x260 [ 359.510845][T10690] ? ns_capable+0xd2/0xf0 [ 359.510881][T10690] genl_rcv_msg+0x560/0x800 [ 359.510927][T10690] ? __pfx_genl_rcv_msg+0x10/0x10 [ 359.510970][T10690] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 359.511018][T10690] netlink_rcv_skb+0x159/0x420 [ 359.511056][T10690] ? __pfx_genl_rcv_msg+0x10/0x10 [ 359.511099][T10690] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 359.511153][T10690] ? netlink_deliver_tap+0x1ae/0xcc0 [ 359.511201][T10690] genl_rcv+0x28/0x40 [ 359.511239][T10690] netlink_unicast+0x585/0x850 [ 359.511284][T10690] ? __pfx_netlink_unicast+0x10/0x10 [ 359.511333][T10690] netlink_sendmsg+0x8b0/0xda0 [ 359.511377][T10690] ? __pfx_netlink_sendmsg+0x10/0x10 [ 359.511413][T10690] ? __import_iovec+0x1d2/0x640 [ 359.511457][T10690] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 359.511494][T10690] ____sys_sendmsg+0x9e1/0xb70 [ 359.511530][T10690] ? __pfx_netlink_sendmsg+0x10/0x10 [ 359.511571][T10690] ? __pfx_____sys_sendmsg+0x10/0x10 [ 359.511616][T10690] ? __pfx_futex_wake_mark+0x10/0x10 [ 359.511658][T10690] ___sys_sendmsg+0x190/0x1e0 [ 359.511699][T10690] ? __pfx____sys_sendmsg+0x10/0x10 [ 359.511785][T10690] __sys_sendmsg+0x170/0x220 [ 359.511816][T10690] ? __pfx___sys_sendmsg+0x10/0x10 [ 359.511846][T10690] ? __x64_sys_futex+0x34f/0x4d0 [ 359.511890][T10690] ? rcu_is_watching+0x12/0xc0 [ 359.511928][T10690] do_syscall_64+0x115/0x840 [ 359.511967][T10690] ? clear_bhb_loop+0x40/0x90 [ 359.512001][T10690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.512031][T10690] RIP: 0033:0x7f036d99ce59 [ 359.512055][T10690] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 359.512082][T10690] RSP: 002b:00007f036e90b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 359.512110][T10690] RAX: ffffffffffffffda RBX: 00007f036dc15fa0 RCX: 00007f036d99ce59 [ 359.512129][T10690] RDX: 0000000004048000 RSI: 0000200000004240 RDI: 0000000000000006 [ 359.512146][T10690] RBP: 00007f036da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 359.512170][T10690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 359.512186][T10690] R13: 00007f036dc16038 R14: 00007f036dc15fa0 R15: 00007fffc839d0d8 [ 359.512226][T10690] [ 360.908310][T10714] FAULT_INJECTION: forcing a failure. [ 360.908310][T10714] name fail_futex, interval 1, probability 0, space 0, times 0 [ 360.962910][T10714] CPU: 0 UID: 0 PID: 10714 Comm: syz.3.1580 Tainted: G L syzkaller #0 PREEMPT(full) [ 360.962956][T10714] Tainted: [L]=SOFTLOCKUP [ 360.962966][T10714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 360.962984][T10714] Call Trace: [ 360.962993][T10714] [ 360.963005][T10714] dump_stack_lvl+0x100/0x190 [ 360.963040][T10714] should_fail_ex.cold+0x5/0xa [ 360.963077][T10714] get_futex_key+0x295/0x1510 [ 360.963127][T10714] ? __pfx_get_futex_key+0x10/0x10 [ 360.963176][T10714] ? kasan_save_track+0x14/0x30 [ 360.963204][T10714] ? __kasan_kmalloc+0xaa/0xb0 [ 360.963237][T10714] futex_lock_pi+0x1d2/0x7a0 [ 360.963273][T10714] ? __pfx_futex_lock_pi+0x10/0x10 [ 360.963322][T10714] ? __pfx_try_to_wake_up+0x10/0x10 [ 360.963368][T10714] ? futex_private_hash_put+0x107/0x1c0 [ 360.963415][T10714] ? __pfx_futex_wake_mark+0x10/0x10 [ 360.963454][T10714] ? __might_fault+0x111/0x140 [ 360.963496][T10714] ? do_vfs_ioctl+0x226/0x13e0 [ 360.963527][T10714] do_futex+0x18a/0x350 [ 360.963555][T10714] ? __pfx_do_futex+0x10/0x10 [ 360.963586][T10714] ? find_held_lock+0x2b/0x80 [ 360.963625][T10714] __x64_sys_futex+0x34f/0x4d0 [ 360.963661][T10714] ? __pfx___x64_sys_futex+0x10/0x10 [ 360.963693][T10714] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 360.963737][T10714] ? syscall_user_dispatch+0x76/0x130 [ 360.963773][T10714] do_syscall_64+0x115/0x840 [ 360.963812][T10714] ? clear_bhb_loop+0x40/0x90 [ 360.963847][T10714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.963875][T10714] RIP: 0033:0x7f725599ce59 [ 360.963898][T10714] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 360.963938][T10714] RSP: 002b:00007f725680f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 360.963967][T10714] RAX: ffffffffffffffda RBX: 00007f7255c16090 RCX: 00007f725599ce59 [ 360.963987][T10714] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 360.964003][T10714] RBP: 00007f7255a32d6f R08: 0000000000000000 R09: 000000008000fff5 [ 360.964020][T10714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 360.964036][T10714] R13: 00007f7255c16128 R14: 00007f7255c16090 R15: 00007fff733016d8 [ 360.964071][T10714] [ 362.241685][T10734] netlink: 208 bytes leftover after parsing attributes in process `syz.1.1584'. [ 362.731307][T10739] netlink: 208 bytes leftover after parsing attributes in process `syz.2.1595'. [ 362.743833][T10739] FAULT_INJECTION: forcing a failure. [ 362.743833][T10739] name failslab, interval 1, probability 0, space 0, times 0 [ 362.760390][T10739] CPU: 1 UID: 0 PID: 10739 Comm: syz.2.1595 Tainted: G L syzkaller #0 PREEMPT(full) [ 362.760436][T10739] Tainted: [L]=SOFTLOCKUP [ 362.760446][T10739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 362.760464][T10739] Call Trace: [ 362.760473][T10739] [ 362.760484][T10739] dump_stack_lvl+0x100/0x190 [ 362.760521][T10739] should_fail_ex.cold+0x5/0xa [ 362.760559][T10739] should_failslab+0xc2/0x120 [ 362.760595][T10739] __kmalloc_cache_node_noprof+0x7d/0x770 [ 362.760627][T10739] ? __alloc_workqueue+0xf57/0x1980 [ 362.760664][T10739] ? lockdep_init_map_type+0x5c/0x250 [ 362.760715][T10739] __alloc_workqueue+0xf57/0x1980 [ 362.760768][T10739] alloc_workqueue_noprof+0xc7/0x130 [ 362.760808][T10739] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 362.760851][T10739] ? trace_kmalloc+0xe3/0x110 [ 362.760884][T10739] ? __kasan_kmalloc+0xaa/0xb0 [ 362.760924][T10739] ieee80211_register_hw+0x2148/0x4570 [ 362.760975][T10739] ? mark_held_locks+0x1/0x70 [ 362.761033][T10739] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 362.761078][T10739] ? __pfx___debug_object_init+0x10/0x10 [ 362.761123][T10739] ? find_held_lock+0x2b/0x80 [ 362.761159][T10739] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 362.761200][T10739] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 362.761254][T10739] ? __hrtimer_setup+0x208/0x330 [ 362.761289][T10739] mac80211_hwsim_new_radio+0x2a01/0x5aa0 [ 362.761351][T10739] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 362.761400][T10739] hwsim_new_radio_nl+0xc5f/0x1370 [ 362.761436][T10739] ? rcu_is_watching+0x12/0xc0 [ 362.761470][T10739] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 362.761515][T10739] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0 [ 362.761558][T10739] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 362.761611][T10739] genl_family_rcv_msg_doit+0x214/0x300 [ 362.761657][T10739] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 362.761699][T10739] ? genl_get_cmd+0x3e7/0x760 [ 362.761746][T10739] ? bpf_lsm_capable+0x9/0x10 [ 362.761779][T10739] ? security_capable+0x80/0x260 [ 362.761809][T10739] ? ns_capable+0xd2/0xf0 [ 362.761846][T10739] genl_rcv_msg+0x560/0x800 [ 362.761892][T10739] ? __pfx_genl_rcv_msg+0x10/0x10 [ 362.761934][T10739] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 362.761985][T10739] netlink_rcv_skb+0x159/0x420 [ 362.762022][T10739] ? __pfx_genl_rcv_msg+0x10/0x10 [ 362.762065][T10739] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 362.762119][T10739] ? netlink_deliver_tap+0x1ae/0xcc0 [ 362.762161][T10739] genl_rcv+0x28/0x40 [ 362.762198][T10739] netlink_unicast+0x585/0x850 [ 362.762249][T10739] ? __pfx_netlink_unicast+0x10/0x10 [ 362.762299][T10739] netlink_sendmsg+0x8b0/0xda0 [ 362.762344][T10739] ? __pfx_netlink_sendmsg+0x10/0x10 [ 362.762379][T10739] ? __import_iovec+0x1d2/0x640 [ 362.762423][T10739] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 362.762459][T10739] ____sys_sendmsg+0x9e1/0xb70 [ 362.762495][T10739] ? __pfx_netlink_sendmsg+0x10/0x10 [ 362.762536][T10739] ? __pfx_____sys_sendmsg+0x10/0x10 [ 362.762581][T10739] ? __pfx_futex_wake_mark+0x10/0x10 [ 362.762617][T10739] ___sys_sendmsg+0x190/0x1e0 [ 362.762652][T10739] ? __pfx____sys_sendmsg+0x10/0x10 [ 362.762734][T10739] __sys_sendmsg+0x170/0x220 [ 362.762765][T10739] ? __pfx___sys_sendmsg+0x10/0x10 [ 362.762793][T10739] ? __x64_sys_futex+0x34f/0x4d0 [ 362.762837][T10739] ? rcu_is_watching+0x12/0xc0 [ 362.762874][T10739] do_syscall_64+0x115/0x840 [ 362.762913][T10739] ? clear_bhb_loop+0x40/0x90 [ 362.762949][T10739] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.762978][T10739] RIP: 0033:0x7f036d99ce59 [ 362.763001][T10739] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 362.763028][T10739] RSP: 002b:00007f036e90b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 362.763055][T10739] RAX: ffffffffffffffda RBX: 00007f036dc15fa0 RCX: 00007f036d99ce59 [ 362.763074][T10739] RDX: 0000000004048000 RSI: 0000200000004240 RDI: 0000000000000006 [ 362.763092][T10739] RBP: 00007f036da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 362.763109][T10739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 362.763125][T10739] R13: 00007f036dc16038 R14: 00007f036dc15fa0 R15: 00007fffc839d0d8 [ 362.763162][T10739] [ 365.025915][T10760] FAULT_INJECTION: forcing a failure. [ 365.025915][T10760] name fail_futex, interval 1, probability 0, space 0, times 0 [ 365.097249][T10760] CPU: 0 UID: 0 PID: 10760 Comm: syz.2.1599 Tainted: G L syzkaller #0 PREEMPT(full) [ 365.097298][T10760] Tainted: [L]=SOFTLOCKUP [ 365.097309][T10760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 365.097327][T10760] Call Trace: [ 365.097336][T10760] [ 365.097347][T10760] dump_stack_lvl+0x100/0x190 [ 365.097385][T10760] should_fail_ex.cold+0x5/0xa [ 365.097423][T10760] get_futex_key+0x1d2/0x1510 [ 365.097474][T10760] ? __pfx_get_futex_key+0x10/0x10 [ 365.097532][T10760] futex_wake+0xea/0x530 [ 365.097567][T10760] ? rcu_is_watching+0x12/0xc0 [ 365.097600][T10760] ? __pfx_futex_wake+0x10/0x10 [ 365.097640][T10760] ? putname+0xb1/0x110 [ 365.097676][T10760] ? kmem_cache_free+0x127/0x6c0 [ 365.097726][T10760] do_futex+0x32b/0x350 [ 365.097756][T10760] ? __pfx_do_futex+0x10/0x10 [ 365.097783][T10760] ? __pfx_do_sys_openat2+0x10/0x10 [ 365.097829][T10760] ? do_raw_spin_lock+0x128/0x260 [ 365.097868][T10760] __x64_sys_futex+0x34f/0x4d0 [ 365.097900][T10760] ? __x64_sys_openat+0x12d/0x210 [ 365.097946][T10760] ? __pfx___x64_sys_futex+0x10/0x10 [ 365.097983][T10760] ? rcu_is_watching+0x12/0xc0 [ 365.098027][T10760] do_syscall_64+0x115/0x840 [ 365.098067][T10760] ? clear_bhb_loop+0x40/0x90 [ 365.098102][T10760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 365.098132][T10760] RIP: 0033:0x7f036d99ce59 [ 365.098155][T10760] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 365.098183][T10760] RSP: 002b:00007f036e8ea0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 365.098208][T10760] RAX: ffffffffffffffda RBX: 00007f036dc16098 RCX: 00007f036d99ce59 [ 365.098226][T10760] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f036dc1609c [ 365.098244][T10760] RBP: 00007f036dc16090 R08: 0000000000000001 R09: 0000000000000000 [ 365.098260][T10760] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 365.098276][T10760] R13: 00007f036dc16128 R14: 00007fffc839cff0 R15: 00007fffc839d0d8 [ 365.098312][T10760] [ 366.402353][T10780] FAULT_INJECTION: forcing a failure. [ 366.402353][T10780] name failslab, interval 1, probability 0, space 0, times 0 [ 366.448896][T10780] CPU: 1 UID: 0 PID: 10780 Comm: syz.0.1593 Tainted: G L syzkaller #0 PREEMPT(full) [ 366.448943][T10780] Tainted: [L]=SOFTLOCKUP [ 366.448954][T10780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 366.448971][T10780] Call Trace: [ 366.448980][T10780] [ 366.448991][T10780] dump_stack_lvl+0x100/0x190 [ 366.449026][T10780] should_fail_ex.cold+0x5/0xa [ 366.449065][T10780] should_failslab+0xc2/0x120 [ 366.449100][T10780] __kmalloc_cache_noprof+0x7a/0x6f0 [ 366.449140][T10780] ? refill_pi_state_cache+0x91/0x260 [ 366.449183][T10780] refill_pi_state_cache+0x91/0x260 [ 366.449218][T10780] futex_lock_pi+0x16d/0x7a0 [ 366.449257][T10780] ? __pfx_futex_lock_pi+0x10/0x10 [ 366.449330][T10780] ? __pfx_futex_wake_mark+0x10/0x10 [ 366.449373][T10780] ? __might_fault+0x111/0x140 [ 366.449418][T10780] ? do_vfs_ioctl+0x226/0x13e0 [ 366.449451][T10780] do_futex+0x18a/0x350 [ 366.449481][T10780] ? __pfx_do_futex+0x10/0x10 [ 366.449513][T10780] ? find_held_lock+0x2b/0x80 [ 366.449553][T10780] __x64_sys_futex+0x34f/0x4d0 [ 366.449588][T10780] ? __pfx___x64_sys_futex+0x10/0x10 [ 366.449620][T10780] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 366.449664][T10780] ? syscall_user_dispatch+0x76/0x130 [ 366.449700][T10780] do_syscall_64+0x115/0x840 [ 366.449738][T10780] ? clear_bhb_loop+0x40/0x90 [ 366.449772][T10780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.449801][T10780] RIP: 0033:0x7faf3279ce59 [ 366.449825][T10780] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 366.449859][T10780] RSP: 002b:00007faf33585028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 366.449890][T10780] RAX: ffffffffffffffda RBX: 00007faf32a16090 RCX: 00007faf3279ce59 [ 366.449909][T10780] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 366.449926][T10780] RBP: 00007faf32832d6f R08: 0000000000000000 R09: 000000008000fff5 [ 366.449944][T10780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 366.449961][T10780] R13: 00007faf32a16128 R14: 00007faf32a16090 R15: 00007ffdd9083958 [ 366.450000][T10780] [ 367.162769][ T5658] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 367.197452][ T5658] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0' [ 367.209716][ T5658] CPU: 1 UID: 0 PID: 5658 Comm: kworker/u9:7 Tainted: G L syzkaller #0 PREEMPT(full) [ 367.209759][ T5658] Tainted: [L]=SOFTLOCKUP [ 367.209769][ T5658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 367.209787][ T5658] Workqueue: hci0 hci_rx_work [ 367.209823][ T5658] Call Trace: [ 367.209832][ T5658] [ 367.209842][ T5658] dump_stack_lvl+0x100/0x190 [ 367.209873][ T5658] sysfs_warn_dup.cold+0x1c/0x28 [ 367.209915][ T5658] sysfs_create_dir_ns+0x24b/0x2b0 [ 367.209946][ T5658] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 367.209976][ T5658] ? find_held_lock+0x2b/0x80 [ 367.210009][ T5658] ? kobject_add_internal+0x25f/0x930 [ 367.210037][ T5658] ? kobject_add_internal+0x25f/0x930 [ 367.210068][ T5658] ? do_raw_spin_unlock+0x145/0x1e0 [ 367.210102][ T5658] kobject_add_internal+0x2c8/0x930 [ 367.210137][ T5658] kobject_add+0x16a/0x1e0 [ 367.210165][ T5658] ? __pfx_kobject_add+0x10/0x10 [ 367.210190][ T5658] ? class_to_subsys+0x10f/0x150 [ 367.210230][ T5658] ? kobject_put+0xb9/0x640 [ 367.210270][ T5658] ? _raw_spin_unlock+0x28/0x50 [ 367.210326][ T5658] device_add+0x294/0x1950 [ 367.210358][ T5658] ? __pfx_dev_set_name+0x10/0x10 [ 367.210396][ T5658] ? __pfx_device_add+0x10/0x10 [ 367.210427][ T5658] ? mgmt_send_event_skb+0x2fb/0x460 [ 367.210475][ T5658] hci_conn_add_sysfs+0x1a3/0x260 [ 367.210518][ T5658] le_conn_complete_evt+0x11eb/0x1f60 [ 367.210566][ T5658] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 367.210600][ T5658] ? __pfx_bt_warn+0x10/0x10 [ 367.210652][ T5658] hci_le_conn_complete_evt+0x23c/0x3a0 [ 367.210692][ T5658] ? skb_pull_data+0x15f/0x1e0 [ 367.210733][ T5658] hci_le_meta_evt+0x34a/0x5f0 [ 367.210772][ T5658] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 367.210815][ T5658] hci_event_packet+0x51c/0xcd0 [ 367.210851][ T5658] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 367.210891][ T5658] ? __pfx_hci_event_packet+0x10/0x10 [ 367.210932][ T5658] ? kcov_remote_start+0x374/0x660 [ 367.210970][ T5658] ? lockdep_hardirqs_on+0x78/0x100 [ 367.211019][ T5658] hci_rx_work+0x451/0xfc0 [ 367.211062][ T5658] process_one_work+0xa0e/0x1980 [ 367.211107][ T5658] ? __pfx_process_one_work+0x10/0x10 [ 367.211147][ T5658] ? __pfx_hci_rx_work+0x10/0x10 [ 367.211186][ T5658] worker_thread+0x5ef/0xe50 [ 367.211224][ T5658] ? __pfx_worker_thread+0x10/0x10 [ 367.211254][ T5658] ? kthread+0x13a/0x450 [ 367.211300][ T5658] ? __pfx_worker_thread+0x10/0x10 [ 367.211326][ T5658] kthread+0x370/0x450 [ 367.211368][ T5658] ? __pfx_kthread+0x10/0x10 [ 367.211413][ T5658] ret_from_fork+0x72b/0xd50 [ 367.211446][ T5658] ? __pfx_ret_from_fork+0x10/0x10 [ 367.211478][ T5658] ? __switch_to+0x800/0x1100 [ 367.211511][ T5658] ? __switch_to_asm+0x39/0x70 [ 367.211546][ T5658] ? __pfx_kthread+0x10/0x10 [ 367.211591][ T5658] ret_from_fork_asm+0x1a/0x30 [ 367.211647][ T5658] [ 367.211676][ T5658] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 367.507620][ T5658] Bluetooth: hci0: failed to register connection device [ 369.536625][T10809] futex_wake_op: syz.0.1597 tries to shift op by -2048; fix this program [ 369.561800][ T5658] Bluetooth: hci0: command 0x0406 tx timeout [ 369.569386][T10809] futex_wake_op: syz.0.1597 tries to shift op by -2048; fix this program [ 370.922807][T10836] FAULT_INJECTION: forcing a failure. [ 370.922807][T10836] name failslab, interval 1, probability 0, space 0, times 0 [ 370.964601][T10836] CPU: 1 UID: 0 PID: 10836 Comm: syz.0.1617 Tainted: G L syzkaller #0 PREEMPT(full) [ 370.964646][T10836] Tainted: [L]=SOFTLOCKUP [ 370.964657][T10836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 370.964674][T10836] Call Trace: [ 370.964683][T10836] [ 370.964693][T10836] dump_stack_lvl+0x100/0x190 [ 370.964730][T10836] should_fail_ex.cold+0x5/0xa [ 370.964768][T10836] should_failslab+0xc2/0x120 [ 370.964803][T10836] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 370.964848][T10836] ? __alloc_skb+0x140/0x710 [ 370.964879][T10836] __alloc_skb+0x140/0x710 [ 370.964921][T10836] ? __alloc_skb+0x5b7/0x710 [ 370.964947][T10836] ? __pfx___alloc_skb+0x10/0x10 [ 370.964975][T10836] ? ip6_dst_lookup_tail.constprop.0+0x7bc/0x2110 [ 370.965030][T10836] __ip6_append_data+0x34f1/0x4bf0 [ 370.965082][T10836] ? __pfx_raw6_getfrag+0x10/0x10 [ 370.965122][T10836] ? __pfx___ip6_append_data+0x10/0x10 [ 370.965159][T10836] ? __pfx_ip6_mtu+0x10/0x10 [ 370.965194][T10836] ? ip6_setup_cork+0x5be/0x14c0 [ 370.965242][T10836] ip6_append_data+0x10b/0x410 [ 370.965288][T10836] ? __pfx_raw6_getfrag+0x10/0x10 [ 370.965330][T10836] rawv6_sendmsg+0x169c/0x4420 [ 370.965374][T10836] ? aa_profile_af_perm+0x320/0x3a0 [ 370.965550][T10836] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 370.965590][T10836] ? register_lock_class+0x270/0x560 [ 370.965646][T10836] ? rcu_is_watching+0x12/0xc0 [ 370.965710][T10836] ? __import_iovec+0x1d2/0x640 [ 370.965756][T10836] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 370.965795][T10836] ? inet_sendmsg+0x11c/0x140 [ 370.965838][T10836] inet_sendmsg+0x11c/0x140 [ 370.965883][T10836] ____sys_sendmsg+0x98d/0xb70 [ 370.965917][T10836] ? __pfx_inet_sendmsg+0x10/0x10 [ 370.965964][T10836] ? __pfx_____sys_sendmsg+0x10/0x10 [ 370.966006][T10836] ? rcu_is_watching+0x12/0xc0 [ 370.966038][T10836] ? ___sys_sendmsg+0x19d/0x1e0 [ 370.966073][T10836] ? kfree+0x1dd/0x6c0 [ 370.966118][T10836] ___sys_sendmsg+0x190/0x1e0 [ 370.966160][T10836] ? __pfx____sys_sendmsg+0x10/0x10 [ 370.966234][T10836] ? __pfx___might_resched+0x10/0x10 [ 370.966273][T10836] __sys_sendmmsg+0x205/0x430 [ 370.966308][T10836] ? __pfx___sys_sendmmsg+0x10/0x10 [ 370.966350][T10836] ? __pfx_do_futex+0x10/0x10 [ 370.966397][T10836] ? xfd_validate_state+0x129/0x190 [ 370.966433][T10836] ? ksys_write+0x1ac/0x250 [ 370.966474][T10836] __x64_sys_sendmmsg+0x9c/0x100 [ 370.966505][T10836] ? lockdep_hardirqs_on+0x78/0x100 [ 370.966545][T10836] do_syscall_64+0x115/0x840 [ 370.966584][T10836] ? clear_bhb_loop+0x40/0x90 [ 370.966620][T10836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.966650][T10836] RIP: 0033:0x7faf3279ce59 [ 370.966673][T10836] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 370.966700][T10836] RSP: 002b:00007faf33585028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 370.966725][T10836] RAX: ffffffffffffffda RBX: 00007faf32a16090 RCX: 00007faf3279ce59 [ 370.966745][T10836] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000003 [ 370.966761][T10836] RBP: 00007faf32832d6f R08: 0000000000000000 R09: 0000000000000000 [ 370.966778][T10836] R10: 0000000000001f00 R11: 0000000000000246 R12: 0000000000000000 [ 370.966795][T10836] R13: 00007faf32a16128 R14: 00007faf32a16090 R15: 00007ffdd9083958 [ 370.966833][T10836] [ 371.635964][ T5658] Bluetooth: hci0: command 0x0406 tx timeout [ 373.290554][T10871] futex_wake_op: syz.0.1615 tries to shift op by -2048; fix this program [ 373.381206][T10871] futex_wake_op: syz.0.1615 tries to shift op by -2048; fix this program [ 374.295485][T10879] netlink: 146 bytes leftover after parsing attributes in process `syz.2.1631'. [ 375.591052][T10889] futex_wake_op: syz.2.1625 tries to shift op by -2048; fix this program [ 375.602833][T10890] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1624'. [ 375.613086][T10889] futex_wake_op: syz.2.1625 tries to shift op by -2048; fix this program [ 375.985182][ T5658] Bluetooth: hci1: unexpected event 0x07 length: 435 > 255 [ 376.191059][T10909] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1635'. [ 376.243455][T10909] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1635'. [ 377.139436][T10906] netlink: 206 bytes leftover after parsing attributes in process `syz.3.1634'. [ 377.775809][T10932] FAULT_INJECTION: forcing a failure. [ 377.775809][T10932] name failslab, interval 1, probability 0, space 0, times 0 [ 377.815993][T10932] CPU: 0 UID: 0 PID: 10932 Comm: syz.2.1642 Tainted: G L syzkaller #0 PREEMPT(full) [ 377.816038][T10932] Tainted: [L]=SOFTLOCKUP [ 377.816048][T10932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 377.816065][T10932] Call Trace: [ 377.816073][T10932] [ 377.816084][T10932] dump_stack_lvl+0x100/0x190 [ 377.816121][T10932] should_fail_ex.cold+0x5/0xa [ 377.816157][T10932] ? sd_pr_read_keys+0xc6/0x300 [ 377.816277][T10932] should_failslab+0xc2/0x120 [ 377.816312][T10932] __kmalloc_noprof+0xe0/0x850 [ 377.816347][T10932] sd_pr_read_keys+0xc6/0x300 [ 377.816392][T10932] blkdev_common_ioctl+0x1bc8/0x2b80 [ 377.816498][T10932] ? __pfx_blkdev_common_ioctl+0x10/0x10 [ 377.816554][T10932] ? do_vfs_ioctl+0x226/0x13e0 [ 377.816584][T10932] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 377.816623][T10932] ? find_held_lock+0x2b/0x80 [ 377.816659][T10932] ? __fget_files+0x215/0x3d0 [ 377.816696][T10932] blkdev_ioctl+0x43b/0x6f0 [ 377.816741][T10932] ? __pfx_blkdev_ioctl+0x10/0x10 [ 377.816790][T10932] ? __pfx_blkdev_ioctl+0x10/0x10 [ 377.816834][T10932] __x64_sys_ioctl+0x18e/0x210 [ 377.816865][T10932] do_syscall_64+0x115/0x840 [ 377.816904][T10932] ? clear_bhb_loop+0x40/0x90 [ 377.816939][T10932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 377.816968][T10932] RIP: 0033:0x7f036d99ce59 [ 377.816992][T10932] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 377.817020][T10932] RSP: 002b:00007f036e90b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 377.817047][T10932] RAX: ffffffffffffffda RBX: 00007f036dc15fa0 RCX: 00007f036d99ce59 [ 377.817066][T10932] RDX: 0000000000000000 RSI: 00000000c01070ce RDI: 0000000000000005 [ 377.817083][T10932] RBP: 00007f036da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 377.817100][T10932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 377.817117][T10932] R13: 00007f036dc16038 R14: 00007f036dc15fa0 R15: 00007fffc839d0d8 [ 377.817156][T10932] [ 378.326048][ T5658] Bluetooth: hci1: hcon ffff888026550000 sent 1 < count 256 [ 378.518973][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.528604][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.069935][T10980] netlink: 'syz.2.1660': attribute type 16 has an invalid length. [ 380.095178][T10980] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1660'. [ 380.401207][T10988] random: crng reseeded on system resumption [ 380.472389][T10994] input: f as /devices/virtual/input/input5 [ 381.012453][T11003] ================================================================== [ 381.012477][T11003] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60 [ 381.012605][T11003] Read of size 26 at addr ffff8880339c07ea by task syz.0.1668/11003 [ 381.012630][T11003] [ 381.012646][T11003] CPU: 1 UID: 0 PID: 11003 Comm: syz.0.1668 Tainted: G L syzkaller #0 PREEMPT(full) [ 381.012690][T11003] Tainted: [L]=SOFTLOCKUP [ 381.012701][T11003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 381.012718][T11003] Call Trace: [ 381.012728][T11003] [ 381.012738][T11003] dump_stack_lvl+0x100/0x190 [ 381.012767][T11003] print_report+0x13d/0x4b0 [ 381.012808][T11003] ? __virt_addr_valid+0x239/0x430 [ 381.012851][T11003] ? fbcon_prepare_logo+0x94e/0xc60 [ 381.012894][T11003] kasan_report+0xdf/0x1d0 [ 381.012928][T11003] ? fbcon_prepare_logo+0x94e/0xc60 [ 381.012976][T11003] kasan_check_range+0x10f/0x1e0 [ 381.013015][T11003] __asan_memcpy+0x23/0x60 [ 381.013055][T11003] fbcon_prepare_logo+0x94e/0xc60 [ 381.013105][T11003] fbcon_init+0x1065/0x1830 [ 381.013152][T11003] visual_init+0x320/0x620 [ 381.013218][T11003] do_bind_con_driver.isra.0+0x636/0x9c0 [ 381.013259][T11003] store_bind+0x609/0x730 [ 381.013296][T11003] ? __pfx_store_bind+0x10/0x10 [ 381.013327][T11003] dev_attr_store+0x58/0x80 [ 381.013356][T11003] ? __pfx_dev_attr_store+0x10/0x10 [ 381.013385][T11003] sysfs_kf_write+0xf2/0x150 [ 381.013430][T11003] kernfs_fop_write_iter+0x3e0/0x5f0 [ 381.013469][T11003] ? __pfx_sysfs_kf_write+0x10/0x10 [ 381.013515][T11003] iter_file_splice_write+0x830/0x10a0 [ 381.013567][T11003] ? __pfx_iter_file_splice_write+0x10/0x10 [ 381.013607][T11003] ? __pfx_copy_splice_read+0x10/0x10 [ 381.013653][T11003] ? __pfx_iter_file_splice_write+0x10/0x10 [ 381.013691][T11003] direct_splice_actor+0x192/0x6c0 [ 381.013727][T11003] splice_direct_to_actor+0x345/0xa30 [ 381.013764][T11003] ? __pfx_direct_splice_actor+0x10/0x10 [ 381.013802][T11003] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 381.013843][T11003] do_splice_direct+0x174/0x240 [ 381.013878][T11003] ? __pfx_do_splice_direct+0x10/0x10 [ 381.013914][T11003] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 381.013951][T11003] ? rw_verify_area+0xce/0x6d0 [ 381.013979][T11003] do_sendfile+0xadc/0xe20 [ 381.014012][T11003] ? __pfx_do_sendfile+0x10/0x10 [ 381.014042][T11003] ? sched_clock+0x38/0x60 [ 381.014083][T11003] ? sched_clock_cpu+0x6c/0x570 [ 381.014126][T11003] __x64_sys_sendfile64+0x1d8/0x220 [ 381.014163][T11003] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 381.014201][T11003] ? trace_irq_enable.constprop.0+0x31/0x160 [ 381.014245][T11003] ? rcu_is_watching+0x12/0xc0 [ 381.014280][T11003] do_syscall_64+0x115/0x840 [ 381.014317][T11003] ? clear_bhb_loop+0x40/0x90 [ 381.014350][T11003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.014379][T11003] RIP: 0033:0x7faf3279ce59 [ 381.014401][T11003] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 381.014429][T11003] RSP: 002b:00007faf335a6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 381.014457][T11003] RAX: ffffffffffffffda RBX: 00007faf32a15fa0 RCX: 00007faf3279ce59 [ 381.014477][T11003] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000007 [ 381.014494][T11003] RBP: 00007faf32832d6f R08: 0000000000000000 R09: 0000000000000000 [ 381.014512][T11003] R10: 000000000000000a R11: 0000000000000246 R12: 0000000000000000 [ 381.014536][T11003] R13: 00007faf32a16038 R14: 00007faf32a15fa0 R15: 00007ffdd9083958 [ 381.014564][T11003] [ 381.014574][T11003] [ 381.014581][T11003] Allocated by task 10276: [ 381.014601][T11003] kasan_save_stack+0x30/0x50 [ 381.014629][T11003] kasan_save_track+0x14/0x30 [ 381.014655][T11003] __kasan_kmalloc+0xaa/0xb0 [ 381.014680][T11003] __kmalloc_noprof+0x301/0x850 [ 381.014704][T11003] memcg_list_lru_alloc+0x4ec/0x740 [ 381.014730][T11003] __memcg_slab_post_alloc_hook+0x27e/0xff0 [ 381.014766][T11003] kmem_cache_alloc_lru_noprof+0x592/0x6e0 [ 381.014809][T11003] ext4_alloc_inode+0x26/0x650 [ 381.014834][T11003] alloc_inode+0x68/0x250 [ 381.014872][T11003] iget_locked+0x1d9/0x6d0 [ 381.014911][T11003] __ext4_iget+0x3da/0x46d0 [ 381.014936][T11003] ext4_lookup+0x37c/0x730 [ 381.014964][T11003] __lookup_slow+0x251/0x460 [ 381.015003][T11003] lookup_slow+0x50/0x70 [ 381.015039][T11003] link_path_walk+0x1377/0x1cc0 [ 381.015065][T11003] path_openat+0x1be/0x31a0 [ 381.015096][T11003] do_file_open_root+0x2f6/0x5a0 [ 381.015128][T11003] file_open_root+0x19b/0x3b0 [ 381.015158][T11003] kernel_read_file_from_path_initns+0x189/0x260 [ 381.015186][T11003] _request_firmware+0x733/0x13c0 [ 381.015288][T11003] request_firmware+0x35/0x50 [ 381.015324][T11003] reg_reload_regdb+0x85/0x460 [ 381.015360][T11003] genl_family_rcv_msg_doit+0x214/0x300 [ 381.015401][T11003] genl_rcv_msg+0x560/0x800 [ 381.015438][T11003] netlink_rcv_skb+0x159/0x420 [ 381.015471][T11003] genl_rcv+0x28/0x40 [ 381.015504][T11003] netlink_unicast+0x585/0x850 [ 381.015543][T11003] netlink_sendmsg+0x8b0/0xda0 [ 381.015576][T11003] ____sys_sendmsg+0x9e1/0xb70 [ 381.015609][T11003] ___sys_sendmsg+0x190/0x1e0 [ 381.015642][T11003] __sys_sendmsg+0x170/0x220 [ 381.015667][T11003] do_syscall_64+0x115/0x840 [ 381.015702][T11003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.015730][T11003] [ 381.015736][T11003] The buggy address belongs to the object at ffff8880339c0700 [ 381.015736][T11003] which belongs to the cache kmalloc-192 of size 192 [ 381.015760][T11003] The buggy address is located 42 bytes to the right of [ 381.015760][T11003] allocated 192-byte region [ffff8880339c0700, ffff8880339c07c0) [ 381.015789][T11003] [ 381.015795][T11003] The buggy address belongs to the physical page: [ 381.015812][T11003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x339c0 [ 381.015840][T11003] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 381.015870][T11003] page_type: f5(slab) [ 381.015894][T11003] raw: 00fff00000000000 ffff88813fe303c0 dead000000000100 dead000000000122 [ 381.015924][T11003] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 381.015940][T11003] page dumped because: kasan: bad access detected [ 381.015957][T11003] page_owner tracks the page as allocated [ 381.015967][T11003] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 18955962341, free_ts 0 [ 381.016013][T11003] post_alloc_hook+0xfd/0x120 [ 381.016052][T11003] get_page_from_freelist+0x11a6/0x3410 [ 381.016093][T11003] __alloc_frozen_pages_noprof+0x27c/0x2bc0 [ 381.016144][T11003] new_slab+0xa6/0x6c0 [ 381.016179][T11003] refill_objects+0x277/0x420 [ 381.016218][T11003] __pcs_replace_empty_main+0x375/0x650 [ 381.016260][T11003] __kmalloc_cache_noprof+0x493/0x6f0 [ 381.016297][T11003] call_usermodehelper_setup+0xaf/0x360 [ 381.016325][T11003] kobject_uevent_env+0x17c1/0x18b0 [ 381.016352][T11003] param_sysfs_builtin_init+0x37b/0x3f0 [ 381.016392][T11003] do_one_initcall+0x121/0x750 [ 381.016424][T11003] kernel_init_freeable+0x6ea/0x7b0 [ 381.016449][T11003] kernel_init+0x1f/0x1e0 [ 381.016473][T11003] ret_from_fork+0x72b/0xd50 [ 381.016499][T11003] ret_from_fork_asm+0x1a/0x30 [ 381.016538][T11003] page_owner free stack trace missing [ 381.016547][T11003] [ 381.016553][T11003] Memory state around the buggy address: [ 381.016566][T11003] ffff8880339c0680: 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc fc [ 381.016587][T11003] ffff8880339c0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 381.016608][T11003] >ffff8880339c0780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 381.016624][T11003] ^ [ 381.016641][T11003] ffff8880339c0800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 381.016660][T11003] ffff8880339c0880: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 381.016680][T11003] ================================================================== [ 381.027142][T11003] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 381.027172][T11003] CPU: 1 UID: 0 PID: 11003 Comm: syz.0.1668 Tainted: G L syzkaller #0 PREEMPT(full) [ 381.027216][T11003] Tainted: [L]=SOFTLOCKUP [ 381.027226][T11003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 [ 381.027244][T11003] Call Trace: [ 381.027253][T11003] [ 381.027264][T11003] dump_stack_lvl+0x100/0x190 [ 381.027297][T11003] vpanic+0x552/0x970 [ 381.027325][T11003] ? __pfx_vpanic+0x10/0x10 [ 381.027353][T11003] ? mark_held_locks+0x40/0x70 [ 381.027400][T11003] ? fbcon_prepare_logo+0x94e/0xc60 [ 381.027443][T11003] panic+0xd1/0xe0 [ 381.027469][T11003] ? __pfx_panic+0x10/0x10 [ 381.027497][T11003] ? fbcon_prepare_logo+0x94e/0xc60 [ 381.027548][T11003] ? preempt_schedule_common+0x42/0xc0 [ 381.027592][T11003] check_panic_on_warn.cold+0x19/0x34 [ 381.027622][T11003] end_report.part.0+0x3a/0x90 [ 381.027664][T11003] kasan_report.cold+0xe/0x18 [ 381.027706][T11003] ? fbcon_prepare_logo+0x94e/0xc60 [ 381.027753][T11003] kasan_check_range+0x10f/0x1e0 [ 381.027792][T11003] __asan_memcpy+0x23/0x60 [ 381.027835][T11003] fbcon_prepare_logo+0x94e/0xc60 [ 381.027888][T11003] fbcon_init+0x1065/0x1830 [ 381.027933][T11003] visual_init+0x320/0x620 [ 381.027962][T11003] do_bind_con_driver.isra.0+0x636/0x9c0 [ 381.028003][T11003] store_bind+0x609/0x730 [ 381.028037][T11003] ? __pfx_store_bind+0x10/0x10 [ 381.028068][T11003] dev_attr_store+0x58/0x80 [ 381.028096][T11003] ? __pfx_dev_attr_store+0x10/0x10 [ 381.028125][T11003] sysfs_kf_write+0xf2/0x150 [ 381.028173][T11003] kernfs_fop_write_iter+0x3e0/0x5f0 [ 381.028212][T11003] ? __pfx_sysfs_kf_write+0x10/0x10 [ 381.028259][T11003] iter_file_splice_write+0x830/0x10a0 [ 381.028305][T11003] ? __pfx_iter_file_splice_write+0x10/0x10 [ 381.028346][T11003] ? __pfx_copy_splice_read+0x10/0x10 [ 381.028390][T11003] ? __pfx_iter_file_splice_write+0x10/0x10 [ 381.028429][T11003] direct_splice_actor+0x192/0x6c0 [ 381.028465][T11003] splice_direct_to_actor+0x345/0xa30 [ 381.028502][T11003] ? __pfx_direct_splice_actor+0x10/0x10 [ 381.028548][T11003] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 381.028589][T11003] do_splice_direct+0x174/0x240 [ 381.028623][T11003] ? __pfx_do_splice_direct+0x10/0x10 [ 381.028658][T11003] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 381.028694][T11003] ? rw_verify_area+0xce/0x6d0 [ 381.028722][T11003] do_sendfile+0xadc/0xe20 [ 381.028754][T11003] ? __pfx_do_sendfile+0x10/0x10 [ 381.028785][T11003] ? sched_clock+0x38/0x60 [ 381.028825][T11003] ? sched_clock_cpu+0x6c/0x570 [ 381.028868][T11003] __x64_sys_sendfile64+0x1d8/0x220 [ 381.028906][T11003] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 381.028944][T11003] ? trace_irq_enable.constprop.0+0x31/0x160 [ 381.028988][T11003] ? rcu_is_watching+0x12/0xc0 [ 381.029022][T11003] do_syscall_64+0x115/0x840 [ 381.029060][T11003] ? clear_bhb_loop+0x40/0x90 [ 381.029092][T11003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.029122][T11003] RIP: 0033:0x7faf3279ce59 [ 381.029144][T11003] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 381.029172][T11003] RSP: 002b:00007faf335a6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 381.029201][T11003] RAX: ffffffffffffffda RBX: 00007faf32a15fa0 RCX: 00007faf3279ce59 [ 381.029221][T11003] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000007 [ 381.029239][T11003] RBP: 00007faf32832d6f R08: 0000000000000000 R09: 0000000000000000 [ 381.029257][T11003] R10: 000000000000000a R11: 0000000000000246 R12: 0000000000000000 [ 381.029275][T11003] R13: 00007faf32a16038 R14: 00007faf32a15fa0 R15: 00007ffdd9083958 [ 381.029303][T11003] [ 381.029579][T11003] Kernel Offset: disabled