last executing test programs: 2m3.795508161s ago: executing program 3 (id=871): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) r0 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, r1, 0x4, 0x1, r0, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xf) 2m3.496756663s ago: executing program 3 (id=872): mmap$auto(0x0, 0xea9, 0x2000000000000df, 0xeb1, 0xffffffffffffffff, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) r0 = socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x55) syz_genetlink_get_family_id$auto_nl80211(0x0, r0) 2m3.301244336s ago: executing program 3 (id=873): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) open(0x0, 0x22240, 0x155) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lsm_list_modules$auto(0x0, 0x0, 0x0) io_uring_register$auto(0x2, 0xd, 0x0, 0x20) 2m3.009050589s ago: executing program 3 (id=875): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 2m2.451048837s ago: executing program 3 (id=877): mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = socket(0x1, 0x5, 0x0) bind$auto(r0, 0x0, 0x6b) listen$auto(0x3, 0x81) select$auto(0x1ff, 0x0, &(0x7f0000000100)={[0xf, 0x200, 0x800000000000008, 0x5, 0x9, 0x7, 0x3, 0x2, 0x40009, 0x20000005e582972, 0x4000000000000000, 0x14, 0x5, 0x8, 0x8, 0x80000000003]}, 0x0, 0x0) 1m59.78069732s ago: executing program 3 (id=884): r0 = socket(0x2, 0x2, 0x88) open(&(0x7f0000000000)='./file0\x00', 0x40440, 0x40) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000000)='./file0\x00', 0xe63e, 0x20) socket(0x23, 0x80805, 0x0) memfd_secret$auto(0x0) socket(0x2b, 0x1, 0x1) setsockopt$auto(r0, 0x0, 0x20, 0x0, 0x8) 1m58.948947498s ago: executing program 32 (id=884): r0 = socket(0x2, 0x2, 0x88) open(&(0x7f0000000000)='./file0\x00', 0x40440, 0x40) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000000)='./file0\x00', 0xe63e, 0x20) socket(0x23, 0x80805, 0x0) memfd_secret$auto(0x0) socket(0x2b, 0x1, 0x1) setsockopt$auto(r0, 0x0, 0x20, 0x0, 0x8) 43.343164513s ago: executing program 0 (id=1260): mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) exit$auto(0x6) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) kexec_load$auto(0x100, 0x8001, 0x0, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mincore$auto(0x1000, 0x4000000, 0x0) clock_nanosleep$auto(0x2, 0x8, 0x0, 0x0) 42.188398724s ago: executing program 0 (id=1263): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 41.443943043s ago: executing program 0 (id=1268): r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x101001, 0x0) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) write$auto_mousedev_fops_mousedev(r1, 0x0, 0x0) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) setresuid$auto(0x0, 0x8, 0x8000) ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0x40043d0d, 0x0) mq_open$auto(&(0x7f0000000280)='\\\x00', 0x7e, 0x9, 0x0) 41.044089094s ago: executing program 0 (id=1270): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), r0) r4 = getpgid(0x0) kcmp$auto(r4, 0x0, 0x1, 0xffffffffffffffff, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_QOS_MAP(r2, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000240)={&(0x7f0000000540)={0x334, r3, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [@NL80211_ATTR_MLO_TTLM_DLINK={0x46, 0x148, "dc266fcebd92e437b03d6f7bf9019872a79c693a679ed22accb537c0e7b86a6641f38fba40c4623d6f5d31e08fa592572d8f8631d0b241452f8273acea88c518c6d7"}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x586}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x9b, 0xac, "d5fb21b57f2aaef65f36010e3597d5a0d707fcc310c0f13f1ebf22f33ea9b602785d17a91c243cad82c39a98c0b2c14d849b4d627d5b63d863515931d690f629ad36f02ec82d5b866f3516187c3c764608ab53564ab8391b5b6ef78588cd1757d4795d34a59aa5569eb281557d56c9bee8d12c5c78e163ae057bf565ac20223d3123715a0c847638ac41ab7833bd8ce06fef549ad461d6"}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x2}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x210, 0x6e, 0x0, 0x1, [@nested={0xd7, 0x13, 0x0, 0x1, [@typed={0x95, 0x6a, 0x0, 0x0, @binary="5deb91a41e6e41b4118a646cfc85714697ca913425a81ef2b388903dad33947f75809a8efb2ead2c3a5003926c6f76433d8595d7554d2015c362942fd227508776722311dc89b35db43c0360707b2cf015800112a98c6f7f6bd3645e731175067ae9d344d5c9b187fd06d46b525ab65420f98732e6511f38bf80029e5d7fa2f0fd317f445ccaadf116261564602e9588a1"}, @nested={0x4, 0x6b}, @nested={0x4, 0x2b}, @generic="c25faa73bf97721b2e7fe95143b1df4243d7a1b6348b90f3b218e0a0770aa4e1b489e623f5ff856b54ee388a6b8dadd4eb04a8", @generic]}, @typed={0x8, 0xb7, 0x0, 0x0, @str='nbd\x00'}, @typed={0xcc, 0xa4, 0x0, 0x0, @binary="c56a84c256ad4fd8ba75e95ecd35c9f5fd4dfa5d22328c676e5d677c8e2f0307160f3f6ba1bbeca9a75895ddc01903ef724fc8412a202abef021bac32e533a125720982de63da629fd62bf8d1268239b8c7d71beb4760e90075161a6202c360b16923d61a8d6e86e009e2762d84ca45b8da7206a0d3914260eafefb5fd1e3b50bd1b74b40becc6b90f4ef7df03c3b13ff8508fcca478438aa5a837df4b49fad47316276354ddce07bcba026dcd052555ad803bad6e77e3a82b0985affd52b6e1dff409d6ae74ca04"}, @typed={0x8, 0x76, 0x0, 0x0, @pid}, @generic="e7fed39ede5a371933e7fd1b87624b55242ce4d8eab04a041132fca87ae98fd6f3816f22b7375da30264a7fac13ac1b2f59c9532f047221377b5a8dd820d71d88349fcb2f489f09ba9b5b50d2ab37fe61d64ed2877e38d6d"]}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x4}, @NL80211_ATTR_USE_MFP={0x8, 0x42, 0x7}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x1}]}, 0x334}, 0x1, 0x0, 0x0, 0x48080}, 0x20000010) syz_genetlink_get_family_id$auto_nlbl_mgmt(0x0, r0) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x44, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x1020}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x2}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x200}]}, 0x44}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) 40.574242236s ago: executing program 0 (id=1273): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 39.792956894s ago: executing program 0 (id=1279): mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000) r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r0, 0x0, 0x5) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) 24.452894137s ago: executing program 33 (id=1279): mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000) r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r0, 0x0, 0x5) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) 5.470595024s ago: executing program 1 (id=1404): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f0000000440), 0x24100, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) ftruncate$auto(0xffffffffffffffff, 0xffffffffffffffff) 4.374395729s ago: executing program 4 (id=1407): socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) lsm_list_modules$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x201, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 4.306633928s ago: executing program 5 (id=1408): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0) ioctl$auto(0x3, 0x2, 0xffffffffffffffff) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0x5}, 0x5, 0x80000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) 3.957781607s ago: executing program 1 (id=1410): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x0, 0x12, 0x0, 0x28) read$auto(0x3, 0x0, 0x80) connect$auto(0x3, &(0x7f00000000c0), 0x55) sendmmsg$auto(0x3, 0x0, 0x7, 0x0) 3.939688025s ago: executing program 5 (id=1411): ioperm$auto(0x7, 0x6, 0xffffffff) socket(0x2, 0x1, 0x106) bind$auto(0x3, 0x0, 0x6a) syz_clone3(&(0x7f00000001c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fcntl$auto(r0, 0x400, 0x1) truncate$auto(&(0x7f0000000080)='./file0\x00', 0x7f) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) 3.618726163s ago: executing program 1 (id=1412): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/io\x00', 0x101080, 0x0) socket(0x2, 0x80002, 0x73) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa801, 0x0) io_uring_setup$auto(0x101, 0x0) semctl$auto(0x8, 0x804, 0x13, 0x3) ioctl$auto(0x3, 0x8038550a, 0x1) 3.395473062s ago: executing program 1 (id=1413): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x2, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) io_uring_setup$auto(0x1, 0x0) ioctl$auto_EVIOCGREP(0xffffffffffffffff, 0x80084503, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 3.395369966s ago: executing program 4 (id=1414): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x11, 0x80003, 0x300) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(r1, 0x107, 0x14, 0x0, 0x4) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x7, 0x8}) sendmmsg$auto(r0, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={0x0, 0x49}, 0x1, 0x0, 0x5, 0x3}, 0x5}, 0x2, 0x100) 3.207525229s ago: executing program 4 (id=1416): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/stat/rt_cache\x00', 0x60200, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x11, 0x3, 0x8) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x20, 0xf1, 0xb0, @raw=0x68e8}}) write$auto(0x3, 0x0, 0x205c8) 2.941871091s ago: executing program 1 (id=1417): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) madvise$auto(0x0, 0xf663, 0x15) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x0) unshare$auto(0x40000080) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101302, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) 2.828560056s ago: executing program 5 (id=1419): mmap$auto(0x1f88, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = pidfd_open$auto(0x0, 0x5) openat2$auto(r0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)={0xf4, 0x8, 0x1ff}, 0xff) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlockall$auto(0x7) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) 2.272610394s ago: executing program 4 (id=1421): mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1942, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ad00, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x2, 0x8000) statmount$auto(&(0x7f0000000000)={0x7e, @raw, 0x80000028, 0xd97, 0x2}, 0x0, 0x7ffffffff000, 0x0) 2.16327042s ago: executing program 2 (id=1422): r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) close_range$auto(0x2, 0x8000, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0xc) socket(0x10, 0x2, 0x9) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000180)='ns/ipc\x00') r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 1.904680941s ago: executing program 5 (id=1423): socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) lsm_list_modules$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x201, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 1.825053119s ago: executing program 2 (id=1424): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) socket(0x1e, 0x805, 0x0) sysfs$auto(0x2, 0x5, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x1, &(0x7f00000001c0)='+\x00', &(0x7f0000000280), 0x0) 1.49050513s ago: executing program 2 (id=1425): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/workqueue/nvme-reset-wq/cpumask\x00', 0x8802, 0x0) r0 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r0, 0x0, 0x1) write$auto(0x3, 0x0, 0xfdef) 1.085747159s ago: executing program 2 (id=1426): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x41, 0x1, 0x0, 0x0, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) msgsnd$auto(0x0, 0x0, 0x8, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) pipe$auto(0x0) r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0) ioctl$auto_I2C_SMBUS(r0, 0x720, 0x0) 997.502657ms ago: executing program 5 (id=1427): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/controlC2\x00', 0x180, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x3, 0x2f) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x0, 0x0) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) socket(0x10, 0x2, 0x0) r0 = io_uring_setup$auto(0x3ff, 0x0) ioctl$auto(0x3, 0xc10c5541, r0) 943.001394ms ago: executing program 1 (id=1428): r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{0x0, 0xf2cf, 0x1ff, 0x1}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x4}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) write$auto(r0, 0x0, 0x45c) 597.80364ms ago: executing program 5 (id=1429): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r0, 0x0, 0x400018) socketpair$auto(0x3, 0x7, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r1) 558.197565ms ago: executing program 4 (id=1430): close_range$auto(0x2, 0x8000, 0x0) socket(0x1, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4008ae8a, 0x0) 316.981735ms ago: executing program 2 (id=1431): r0 = socket(0x2b, 0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0xf, 0x3, 0x2) mmap$auto(0x0, 0x20009, 0x4000000000e2, 0xeb1, 0x401, 0x8000) r1 = socket(0x2, 0x801, 0x106) getsockopt$auto(r1, 0x11c, 0x4, 0x0, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) shutdown$auto(0x200000003, 0x2) 156.724558ms ago: executing program 4 (id=1432): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x801, 0x1000a, 0x400, 0x1000049, 0xffffffffffffffff, 0x20000000000804, 0x3}, 0x6f3) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 0s ago: executing program 2 (id=1433): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r1, 0x0, 0x1) write$auto_proc_clear_refs_operations_internal(r0, 0x0, 0xffffff4b) get_robust_list$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) kernel console output (not intermixed with test programs): 160.840736][ T6800] do_filp_open+0x20b/0x470 [ 160.840769][ T6800] ? __pfx_do_filp_open+0x10/0x10 [ 160.840823][ T6800] ? alloc_fd+0x471/0x7d0 [ 160.840862][ T6800] do_sys_openat2+0x11b/0x1d0 [ 160.840885][ T6800] ? __pfx_do_sys_openat2+0x10/0x10 [ 160.840920][ T6800] __x64_sys_openat+0x174/0x210 [ 160.840944][ T6800] ? __pfx___x64_sys_openat+0x10/0x10 [ 160.840971][ T6800] ? rcu_is_watching+0x12/0xc0 [ 160.841007][ T6800] do_syscall_64+0xcd/0x260 [ 160.841043][ T6800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.841066][ T6800] RIP: 0033:0x7f5fbd78d169 [ 160.841083][ T6800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 160.841111][ T6800] RSP: 002b:00007f5fbe67f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 160.841132][ T6800] RAX: ffffffffffffffda RBX: 00007f5fbd9a5fa0 RCX: 00007f5fbd78d169 [ 160.841147][ T6800] RDX: 0000000000000100 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 160.841161][ T6800] RBP: 00007f5fbd80e990 R08: 0000000000000000 R09: 0000000000000000 [ 160.841175][ T6800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 160.841188][ T6800] R13: 0000000000000000 R14: 00007f5fbd9a5fa0 R15: 00007fffcc3ade28 [ 160.841216][ T6800] [ 161.358389][ T6802] CPU: 1 UID: 0 PID: 6802 Comm: syz.0.352 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 161.358423][ T6802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 161.358437][ T6802] Call Trace: [ 161.358445][ T6802] [ 161.358453][ T6802] dump_stack_lvl+0x16c/0x1f0 [ 161.358493][ T6802] should_fail_ex+0x512/0x640 [ 161.358523][ T6802] should_fail_alloc_page+0xe7/0x130 [ 161.358547][ T6802] prepare_alloc_pages+0x3c2/0x610 [ 161.358575][ T6802] ? rcu_is_watching+0x12/0xc0 [ 161.358606][ T6802] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 161.358644][ T6802] ? is_bpf_text_address+0x94/0x1a0 [ 161.358666][ T6802] ? kernel_text_address+0x8d/0x100 [ 161.358693][ T6802] ? __kernel_text_address+0xd/0x40 [ 161.358718][ T6802] ? unwind_get_return_address+0x59/0xa0 [ 161.358748][ T6802] ? arch_stack_walk+0xa6/0x100 [ 161.358781][ T6802] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 161.358827][ T6802] ? stack_depot_save_flags+0x28/0xa50 [ 161.358853][ T6802] ? stack_trace_save+0x8e/0xc0 [ 161.358883][ T6802] ? __pfx_stack_trace_save+0x10/0x10 [ 161.358915][ T6802] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 161.358941][ T6802] ? policy_nodemask+0xea/0x4e0 [ 161.358980][ T6802] alloc_pages_mpol+0x1fb/0x550 [ 161.359002][ T6802] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 161.359031][ T6802] alloc_pages_noprof+0x131/0x390 [ 161.359053][ T6802] kimage_alloc_pages+0x75/0x300 [ 161.359080][ T6802] kimage_alloc_control_pages+0x15d/0x910 [ 161.359112][ T6802] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 161.359155][ T6802] do_kexec_load+0x480/0x8d0 [ 161.359183][ T6802] ? __pfx_do_kexec_load+0x10/0x10 [ 161.359212][ T6802] ? _copy_from_user+0x59/0xd0 [ 161.359243][ T6802] __x64_sys_kexec_load+0x1bf/0x230 [ 161.359273][ T6802] do_syscall_64+0xcd/0x260 [ 161.359309][ T6802] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.359331][ T6802] RIP: 0033:0x7f1cc1b8d169 [ 161.359349][ T6802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.359370][ T6802] RSP: 002b:00007f1cc2a46038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 161.359395][ T6802] RAX: ffffffffffffffda RBX: 00007f1cc1da5fa0 RCX: 00007f1cc1b8d169 [ 161.359410][ T6802] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000005 [ 161.359423][ T6802] RBP: 00007f1cc1c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 161.359436][ T6802] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 161.359449][ T6802] R13: 0000000000000000 R14: 00007f1cc1da5fa0 R15: 00007ffff693ddc8 [ 161.359477][ T6802] [ 161.903958][ T6802] kexec: Could not allocate control_code_buffer [ 162.007245][ T6808] netlink: 322 bytes leftover after parsing attributes in process `syz.0.354'. [ 163.347255][ T6827] netlink: 334 bytes leftover after parsing attributes in process `syz.3.360'. [ 163.944923][ T6837] futex_wake_op: syz.2.364 tries to shift op by 64; fix this program [ 165.963022][ T6871] sock: sock_timestamping_bind_phc: sock not bind to device [ 165.998102][ T6872] netlink: 342 bytes leftover after parsing attributes in process `syz.1.378'. [ 166.437317][ T6882] FAULT_INJECTION: forcing a failure. [ 166.437317][ T6882] name failslab, interval 1, probability 0, space 0, times 0 [ 166.538868][ T6882] CPU: 1 UID: 0 PID: 6882 Comm: syz.3.383 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 166.538901][ T6882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 166.538915][ T6882] Call Trace: [ 166.538923][ T6882] [ 166.538931][ T6882] dump_stack_lvl+0x16c/0x1f0 [ 166.538970][ T6882] should_fail_ex+0x512/0x640 [ 166.538996][ T6882] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 166.539035][ T6882] should_failslab+0xc2/0x120 [ 166.539056][ T6882] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 166.539093][ T6882] ? mas_alloc_nodes+0x18b/0x8b0 [ 166.539131][ T6882] mas_alloc_nodes+0x18b/0x8b0 [ 166.539166][ T6882] mas_node_count_gfp+0x105/0x130 [ 166.539198][ T6882] mas_preallocate+0x53e/0xcd0 [ 166.539225][ T6882] ? __pfx_mas_preallocate+0x10/0x10 [ 166.539256][ T6882] ? anon_vma_name+0x75/0x100 [ 166.539284][ T6882] __split_vma+0x33b/0x1030 [ 166.539321][ T6882] ? __pfx___split_vma+0x10/0x10 [ 166.539367][ T6882] vma_modify+0x24d/0x410 [ 166.539402][ T6882] vma_modify_flags+0x212/0x2d0 [ 166.539436][ T6882] ? __pfx_vma_modify_flags+0x10/0x10 [ 166.539468][ T6882] ? mtree_range_walk+0x718/0xc00 [ 166.539510][ T6882] ? mas_walk+0x6a6/0x910 [ 166.539541][ T6882] mlock_fixup+0x27c/0xe50 [ 166.539580][ T6882] apply_vma_lock_flags+0x261/0x390 [ 166.539617][ T6882] ? __pfx_apply_vma_lock_flags+0x10/0x10 [ 166.539652][ T6882] ? __pfx___might_resched+0x10/0x10 [ 166.539699][ T6882] ? __pfx_down_write_killable+0x10/0x10 [ 166.539723][ T6882] ? do_futex+0x122/0x350 [ 166.539758][ T6882] do_mlock+0x2ac/0x810 [ 166.539791][ T6882] ? __pfx___might_resched+0x10/0x10 [ 166.539825][ T6882] ? __pfx_do_mlock+0x10/0x10 [ 166.539857][ T6882] ? __x64_sys_futex+0x1e0/0x4c0 [ 166.539888][ T6882] ? __x64_sys_futex+0x1e9/0x4c0 [ 166.539929][ T6882] ? xfd_validate_state+0x5d/0x180 [ 166.539956][ T6882] ? rcu_is_watching+0x12/0xc0 [ 166.539989][ T6882] __x64_sys_mlock+0x59/0x80 [ 166.540024][ T6882] do_syscall_64+0xcd/0x260 [ 166.540059][ T6882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.540082][ T6882] RIP: 0033:0x7f5fbd78d169 [ 166.540099][ T6882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.540121][ T6882] RSP: 002b:00007f5fbe67f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000095 [ 166.540142][ T6882] RAX: ffffffffffffffda RBX: 00007f5fbd9a5fa0 RCX: 00007f5fbd78d169 [ 166.540157][ T6882] RDX: 0000000000000000 RSI: 0000000000007fff RDI: 0000000000007c88 [ 166.540170][ T6882] RBP: 00007f5fbd80e990 R08: 0000000000000000 R09: 0000000000000000 [ 166.540184][ T6882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.540197][ T6882] R13: 0000000000000000 R14: 00007f5fbd9a5fa0 R15: 00007fffcc3ade28 [ 166.540226][ T6882] [ 167.190565][ T6892] netlink: 28 bytes leftover after parsing attributes in process `syz.1.388'. [ 167.206875][ T6890] i2c i2c-0: Invalid 7-bit I2C address 0x00 [ 169.571330][ T6934] netlink: 342 bytes leftover after parsing attributes in process `syz.2.405'. [ 169.962525][ T6945] netlink: 4 bytes leftover after parsing attributes in process `syz.1.407'. [ 170.098476][ T6950] netlink: 25 bytes leftover after parsing attributes in process `syz.1.407'. [ 171.032414][ T6971] netlink: 330 bytes leftover after parsing attributes in process `syz.2.415'. [ 171.475658][ T6981] netlink: 'syz.0.419': attribute type 29 has an invalid length. [ 171.530956][ T6981] netlink: 334 bytes leftover after parsing attributes in process `syz.0.419'. [ 171.957500][ T6993] netlink: 334 bytes leftover after parsing attributes in process `syz.1.424'. [ 172.356132][ T7006] netlink: 'syz.2.425': attribute type 33 has an invalid length. [ 172.369192][ T7005] FAULT_INJECTION: forcing a failure. [ 172.369192][ T7005] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 172.445773][ T7006] netlink: 322 bytes leftover after parsing attributes in process `syz.2.425'. [ 172.475635][ T7005] CPU: 1 UID: 0 PID: 7005 Comm: syz.1.427 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 172.475670][ T7005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 172.475684][ T7005] Call Trace: [ 172.475691][ T7005] [ 172.475699][ T7005] dump_stack_lvl+0x16c/0x1f0 [ 172.475737][ T7005] should_fail_ex+0x512/0x640 [ 172.475769][ T7005] should_fail_alloc_page+0xe7/0x130 [ 172.475794][ T7005] prepare_alloc_pages+0x3c2/0x610 [ 172.475827][ T7005] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 172.475867][ T7005] ? __lock_acquire+0x5ca/0x1ba0 [ 172.475909][ T7005] ? cgroup_rstat_updated+0x2a/0xb20 [ 172.475945][ T7005] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 172.475983][ T7005] ? weighted_interleave_nid+0x3e9/0x5a0 [ 172.476029][ T7005] ? __pfx_weighted_interleave_nid+0x10/0x10 [ 172.476070][ T7005] ? __lock_acquire+0x5ca/0x1ba0 [ 172.476110][ T7005] ? policy_nodemask+0xea/0x4e0 [ 172.476152][ T7005] alloc_pages_mpol+0x1fb/0x550 [ 172.476175][ T7005] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 172.476196][ T7005] ? __lock_acquire+0x5ca/0x1ba0 [ 172.476237][ T7005] folio_alloc_mpol_noprof+0x36/0x2f0 [ 172.476265][ T7005] vma_alloc_folio_noprof+0xed/0x1e0 [ 172.476290][ T7005] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 172.476327][ T7005] do_pte_missing+0x223d/0x3fb0 [ 172.476369][ T7005] __handle_mm_fault+0x103d/0x2a40 [ 172.476416][ T7005] ? __pfx___handle_mm_fault+0x10/0x10 [ 172.476447][ T7005] ? __pte_offset_map_lock+0x155/0x2f0 [ 172.476473][ T7005] ? find_held_lock+0x2b/0x80 [ 172.476500][ T7005] ? find_held_lock+0x2b/0x80 [ 172.476548][ T7005] handle_mm_fault+0x3fe/0xad0 [ 172.476585][ T7005] __get_user_pages+0x771/0x36f0 [ 172.476622][ T7005] ? __pfx_mt_find+0x10/0x10 [ 172.476658][ T7005] ? __pfx___get_user_pages+0x10/0x10 [ 172.476697][ T7005] populate_vma_page_range+0x278/0x3a0 [ 172.476730][ T7005] ? __pfx_populate_vma_page_range+0x10/0x10 [ 172.476760][ T7005] ? __pfx_find_vma_intersection+0x10/0x10 [ 172.476788][ T7005] ? do_mmap+0x69c/0x11b0 [ 172.476818][ T7005] __mm_populate+0x1d8/0x380 [ 172.476850][ T7005] ? __pfx___mm_populate+0x10/0x10 [ 172.476882][ T7005] ? up_write+0x1b2/0x520 [ 172.476908][ T7005] vm_mmap_pgoff+0x362/0x450 [ 172.476938][ T7005] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 172.476971][ T7005] ? __x64_sys_futex+0x1e0/0x4c0 [ 172.477002][ T7005] ? __x64_sys_futex+0x1e9/0x4c0 [ 172.477038][ T7005] ksys_mmap_pgoff+0x7d/0x5c0 [ 172.477064][ T7005] ? rcu_is_watching+0x12/0xc0 [ 172.477094][ T7005] __x64_sys_mmap+0x125/0x190 [ 172.477124][ T7005] do_syscall_64+0xcd/0x260 [ 172.477162][ T7005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.477185][ T7005] RIP: 0033:0x7f1b3278d169 [ 172.477204][ T7005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.477225][ T7005] RSP: 002b:00007f1b33569038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 172.477246][ T7005] RAX: ffffffffffffffda RBX: 00007f1b329a5fa0 RCX: 00007f1b3278d169 [ 172.477261][ T7005] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 172.477274][ T7005] RBP: 00007f1b3280e990 R08: 0000000000000002 R09: 0000000000008000 [ 172.477288][ T7005] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 172.477302][ T7005] R13: 0000000000000000 R14: 00007f1b329a5fa0 R15: 00007ffe14642d68 [ 172.477330][ T7005] [ 173.367172][ T7023] random: crng reseeded on system resumption [ 173.415036][ T7023] FAULT_INJECTION: forcing a failure. [ 173.415036][ T7023] name failslab, interval 1, probability 0, space 0, times 0 [ 173.456462][ T7023] CPU: 1 UID: 0 PID: 7023 Comm: syz.0.433 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 173.456496][ T7023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 173.456510][ T7023] Call Trace: [ 173.456517][ T7023] [ 173.456525][ T7023] dump_stack_lvl+0x16c/0x1f0 [ 173.456564][ T7023] should_fail_ex+0x512/0x640 [ 173.456590][ T7023] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 173.456624][ T7023] should_failslab+0xc2/0x120 [ 173.456646][ T7023] __kmalloc_cache_noprof+0x6a/0x3e0 [ 173.456678][ T7023] ? create_basic_memory_bitmaps+0xef/0x680 [ 173.456715][ T7023] create_basic_memory_bitmaps+0xef/0x680 [ 173.456753][ T7023] snapshot_open+0x235/0x2b0 [ 173.456786][ T7023] ? __pfx_snapshot_open+0x10/0x10 [ 173.456820][ T7023] misc_open+0x35a/0x420 [ 173.456850][ T7023] ? __pfx_misc_open+0x10/0x10 [ 173.456878][ T7023] chrdev_open+0x231/0x6a0 [ 173.456914][ T7023] ? __pfx_apparmor_file_open+0x10/0x10 [ 173.456943][ T7023] ? __pfx_chrdev_open+0x10/0x10 [ 173.456981][ T7023] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 173.457020][ T7023] do_dentry_open+0x741/0x1c10 [ 173.457053][ T7023] ? __pfx_chrdev_open+0x10/0x10 [ 173.457102][ T7023] vfs_open+0x82/0x3f0 [ 173.457130][ T7023] path_openat+0x1e5e/0x2d40 [ 173.457175][ T7023] ? __pfx_path_openat+0x10/0x10 [ 173.457216][ T7023] do_filp_open+0x20b/0x470 [ 173.457251][ T7023] ? __pfx_do_filp_open+0x10/0x10 [ 173.457306][ T7023] ? alloc_fd+0x471/0x7d0 [ 173.457346][ T7023] do_sys_openat2+0x11b/0x1d0 [ 173.457370][ T7023] ? __pfx_do_sys_openat2+0x10/0x10 [ 173.457405][ T7023] __x64_sys_openat+0x174/0x210 [ 173.457430][ T7023] ? __pfx___x64_sys_openat+0x10/0x10 [ 173.457457][ T7023] ? rcu_is_watching+0x12/0xc0 [ 173.457493][ T7023] do_syscall_64+0xcd/0x260 [ 173.457529][ T7023] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.457552][ T7023] RIP: 0033:0x7f1cc1b8d169 [ 173.457570][ T7023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.457591][ T7023] RSP: 002b:00007f1cc2a46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 173.457612][ T7023] RAX: ffffffffffffffda RBX: 00007f1cc1da5fa0 RCX: 00007f1cc1b8d169 [ 173.457627][ T7023] RDX: 0000000000184b01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 173.457641][ T7023] RBP: 00007f1cc1c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 173.457655][ T7023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.457668][ T7023] R13: 0000000000000000 R14: 00007f1cc1da5fa0 R15: 00007ffff693ddc8 [ 173.457697][ T7023] [ 176.140812][ T7068] netlink: 'syz.0.451': attribute type 4 has an invalid length. [ 176.421266][ T7075] FAULT_INJECTION: forcing a failure. [ 176.421266][ T7075] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 176.476665][ T7075] CPU: 1 UID: 0 PID: 7075 Comm: syz.0.454 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 176.476698][ T7075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 176.476712][ T7075] Call Trace: [ 176.476719][ T7075] [ 176.476728][ T7075] dump_stack_lvl+0x16c/0x1f0 [ 176.476767][ T7075] should_fail_ex+0x512/0x640 [ 176.476798][ T7075] should_fail_alloc_page+0xe7/0x130 [ 176.476829][ T7075] prepare_alloc_pages+0x3c2/0x610 [ 176.476858][ T7075] ? rcu_is_watching+0x12/0xc0 [ 176.476891][ T7075] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 176.476943][ T7075] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 176.476979][ T7075] ? do_raw_spin_lock+0x12c/0x2b0 [ 176.477006][ T7075] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 176.477030][ T7075] ? cgroup_rstat_updated+0x2a/0xb20 [ 176.477058][ T7075] ? find_held_lock+0x2b/0x80 [ 176.477096][ T7075] ? __lock_acquire+0xaa4/0x1ba0 [ 176.477132][ T7075] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 176.477158][ T7075] ? policy_nodemask+0xea/0x4e0 [ 176.477198][ T7075] alloc_pages_mpol+0x1fb/0x550 [ 176.477221][ T7075] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 176.477250][ T7075] folio_alloc_mpol_noprof+0x36/0x2f0 [ 176.477278][ T7075] shmem_alloc_folio+0x135/0x160 [ 176.477311][ T7075] shmem_alloc_and_add_folio+0x499/0xc20 [ 176.477354][ T7075] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 176.477393][ T7075] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 176.477436][ T7075] shmem_get_folio_gfp+0x687/0x1530 [ 176.477482][ T7075] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 176.477522][ T7075] ? filemap_map_pages+0xf6c/0x1680 [ 176.477548][ T7075] shmem_fault+0x1fe/0xa30 [ 176.477585][ T7075] ? __pfx_shmem_fault+0x10/0x10 [ 176.477627][ T7075] ? __pfx_filemap_map_pages+0x10/0x10 [ 176.477658][ T7075] __do_fault+0x10a/0x490 [ 176.477681][ T7075] do_pte_missing+0x1031/0x3fb0 [ 176.477716][ T7075] ? __handle_mm_fault+0x1010/0x2a40 [ 176.477752][ T7075] __handle_mm_fault+0x103d/0x2a40 [ 176.477792][ T7075] ? __pfx___handle_mm_fault+0x10/0x10 [ 176.477829][ T7075] ? __pte_offset_map_lock+0x155/0x2f0 [ 176.477855][ T7075] ? find_held_lock+0x2b/0x80 [ 176.477882][ T7075] ? find_held_lock+0x2b/0x80 [ 176.477930][ T7075] handle_mm_fault+0x3fe/0xad0 [ 176.477967][ T7075] __get_user_pages+0x771/0x36f0 [ 176.478005][ T7075] ? process_vm_rw_core.constprop.0+0x1d8/0x9a0 [ 176.478027][ T7075] ? look_up_lock_class+0x59/0x150 [ 176.478058][ T7075] ? __pfx___get_user_pages+0x10/0x10 [ 176.478087][ T7075] ? process_vm_rw+0x2ff/0x360 [ 176.478105][ T7075] ? __x64_sys_process_vm_readv+0xe2/0x1c0 [ 176.478133][ T7075] ? do_syscall_64+0xcd/0x260 [ 176.478175][ T7075] __gup_longterm_locked+0x20d/0x1850 [ 176.478214][ T7075] ? __pfx___gup_longterm_locked+0x10/0x10 [ 176.478258][ T7075] pin_user_pages_remote+0xed/0x140 [ 176.478290][ T7075] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 176.478318][ T7075] ? mm_access+0x22d/0x2e0 [ 176.478360][ T7075] process_vm_rw_core.constprop.0+0x41b/0x9a0 [ 176.478387][ T7075] ? futex_wait_queue+0x14c/0x220 [ 176.478407][ T7075] ? futex_unqueue+0xba/0x140 [ 176.478442][ T7075] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 176.478465][ T7075] ? __pfx___futex_wait+0x10/0x10 [ 176.478486][ T7075] ? import_ubuf+0x1b6/0x220 [ 176.478534][ T7075] ? iovec_from_user+0xbb/0x140 [ 176.478566][ T7075] process_vm_rw+0x2ff/0x360 [ 176.478589][ T7075] ? __pfx_process_vm_rw+0x10/0x10 [ 176.478617][ T7075] ? do_writev+0x218/0x330 [ 176.478672][ T7075] ? xfd_validate_state+0x5d/0x180 [ 176.478705][ T7075] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 176.478728][ T7075] ? do_syscall_64+0x91/0x260 [ 176.478760][ T7075] ? lockdep_hardirqs_on+0x7c/0x110 [ 176.478791][ T7075] do_syscall_64+0xcd/0x260 [ 176.478836][ T7075] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.478861][ T7075] RIP: 0033:0x7f1cc1b8d169 [ 176.478879][ T7075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 176.478901][ T7075] RSP: 002b:00007f1cc2a46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 176.478923][ T7075] RAX: ffffffffffffffda RBX: 00007f1cc1da5fa0 RCX: 00007f1cc1b8d169 [ 176.478938][ T7075] RDX: 0000000800000001 RSI: 0000200000000000 RDI: 0000000000000129 [ 176.478952][ T7075] RBP: 00007f1cc1c0e990 R08: 0000000000000006 R09: 0000000000000000 [ 176.478965][ T7075] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000000 [ 176.478979][ T7075] R13: 0000000000000000 R14: 00007f1cc1da5fa0 R15: 00007ffff693ddc8 [ 176.479008][ T7075] [ 178.367699][ T7086] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 179.069028][ T7096] netlink: 25 bytes leftover after parsing attributes in process `syz.3.464'. [ 179.463200][ T7106] netlink: 306 bytes leftover after parsing attributes in process `syz.0.467'. [ 183.357877][ T7150] netlink: 'syz.3.482': attribute type 1 has an invalid length. [ 183.365570][ T7150] netlink: 230 bytes leftover after parsing attributes in process `syz.3.482'. [ 184.677547][ T7168] [U] [ 184.681018][ T7168] [U] use_profile 0 [ 184.684856][ T7168] [U] file mkdir/chmod /dev/ 0755 [ 184.690211][ T7168] [U] file chown/chgrp /dev/ 0 [ 184.695006][ T7168] [U] file mkchar /dev/console 0600 5 1 [ 184.791308][ T7167] [U] f [ 186.356859][ T7203] netlink: 'syz.0.502': attribute type 29 has an invalid length. [ 186.364641][ T7203] netlink: 334 bytes leftover after parsing attributes in process `syz.0.502'. [ 186.777443][ T7209] netlink: 'syz.0.505': attribute type 27 has an invalid length. [ 186.829838][ T7209] netlink: 334 bytes leftover after parsing attributes in process `syz.0.505'. [ 187.879629][ T7227] netlink: 342 bytes leftover after parsing attributes in process `syz.2.513'. [ 188.217606][ T7230] netlink: 4 bytes leftover after parsing attributes in process `syz.2.514'. [ 188.805935][ T7241] netlink: 4 bytes leftover after parsing attributes in process `syz.2.519'. [ 188.858301][ T7241] netlink: 25 bytes leftover after parsing attributes in process `syz.2.519'. [ 190.114098][ T7262] netlink: 12 bytes leftover after parsing attributes in process `syz.2.527'. [ 190.157109][ T7262] netlink: 12 bytes leftover after parsing attributes in process `syz.2.527'. [ 190.970827][ T7275] netlink: 4 bytes leftover after parsing attributes in process `syz.0.531'. [ 191.317972][ T7283] netlink: 342 bytes leftover after parsing attributes in process `syz.3.535'. [ 192.296694][ T7302] netlink: 20 bytes leftover after parsing attributes in process `syz.0.543'. [ 192.688619][ T7306] netlink: 4 bytes leftover after parsing attributes in process `syz.2.545'. [ 193.434265][ T7320] netlink: 12 bytes leftover after parsing attributes in process `syz.0.550'. [ 193.471084][ T7320] netlink: 12 bytes leftover after parsing attributes in process `syz.0.550'. [ 194.853685][ T7345] netlink: 'syz.1.560': attribute type 4 has an invalid length. [ 194.890007][ T7345] netlink: 110 bytes leftover after parsing attributes in process `syz.1.560'. [ 196.209489][ T7371] netlink: 330 bytes leftover after parsing attributes in process `syz.2.572'. [ 196.356632][ T7376] netlink: 330 bytes leftover after parsing attributes in process `syz.3.574'. [ 196.635747][ T7380] netlink: 4 bytes leftover after parsing attributes in process `syz.0.575'. [ 196.687575][ T7380] netlink: 25 bytes leftover after parsing attributes in process `syz.0.575'. [ 198.029112][ T7407] netlink: 330 bytes leftover after parsing attributes in process `syz.0.585'. [ 198.645727][ T7415] netlink: 342 bytes leftover after parsing attributes in process `syz.2.588'. [ 199.059932][ T5851] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 199.500807][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.507436][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.257710][ T7442] process 'syz.2.599' launched './file0' with NULL argv: empty string added [ 200.606224][ T7451] netlink: 330 bytes leftover after parsing attributes in process `syz.2.604'. [ 200.862995][ T7454] netlink: 146 bytes leftover after parsing attributes in process `syz.3.605'. [ 201.309434][ T7461] netlink: 330 bytes leftover after parsing attributes in process `syz.3.606'. [ 202.911369][ T7486] netlink: 330 bytes leftover after parsing attributes in process `syz.0.617'. [ 203.375240][ T7497] Invalid ELF header magic: != ELF [ 203.750791][ T7492] netlink: 110 bytes leftover after parsing attributes in process `syz.1.620'. [ 204.388981][ T7489] kexec: Could not allocate control_code_buffer [ 204.567536][ T7515] netlink: 4 bytes leftover after parsing attributes in process `syz.1.628'. [ 204.688567][ T7519] netlink: 354 bytes leftover after parsing attributes in process `syz.1.628'. [ 204.720881][ T7520] netlink: 330 bytes leftover after parsing attributes in process `syz.3.631'. [ 205.427809][ T7535] netlink: 330 bytes leftover after parsing attributes in process `syz.3.638'. [ 205.701834][ T7538] netlink: 326 bytes leftover after parsing attributes in process `syz.3.639'. [ 206.715608][ T7552] netlink: 342 bytes leftover after parsing attributes in process `syz.3.644'. [ 206.922159][ T7551] Invalid ELF header magic: != ELF [ 208.201398][ T7582] netlink: 338 bytes leftover after parsing attributes in process `syz.1.652'. [ 208.388403][ T7586] netlink: 334 bytes leftover after parsing attributes in process `syz.2.655'. [ 208.767339][ T7593] netlink: 342 bytes leftover after parsing attributes in process `syz.3.657'. [ 208.866469][ T7593] IPv6: Can't replace route, no match found [ 209.066012][ T7597] netlink: 330 bytes leftover after parsing attributes in process `syz.1.658'. [ 209.336103][ T7604] netlink: 'syz.3.661': attribute type 5 has an invalid length. [ 209.380079][ T7604] netlink: 314 bytes leftover after parsing attributes in process `syz.3.661'. [ 209.814643][ T7618] netlink: 146 bytes leftover after parsing attributes in process `syz.3.666'. [ 210.394622][ T7633] netlink: 138 bytes leftover after parsing attributes in process `syz.3.669'. [ 210.868288][ T7641] netlink: 4 bytes leftover after parsing attributes in process `syz.1.672'. [ 210.913197][ T7641] netlink: 354 bytes leftover after parsing attributes in process `syz.1.672'. [ 211.223643][ T7649] netlink: 330 bytes leftover after parsing attributes in process `syz.1.675'. [ 211.838437][ T7661] netlink: 28 bytes leftover after parsing attributes in process `syz.3.680'. [ 212.529430][ T7673] netlink: 244 bytes leftover after parsing attributes in process `syz.3.684'. [ 214.899578][ T7719] netlink: 28 bytes leftover after parsing attributes in process `syz.3.694'. [ 214.988140][ T7719] ipvlan1: entered allmulticast mode [ 215.044158][ T7721] netlink: 28 bytes leftover after parsing attributes in process `syz.3.694'. [ 215.101395][ T7719] veth0_vlan: entered allmulticast mode [ 215.905376][ T7733] netlink: 'syz.2.696': attribute type 21 has an invalid length. [ 216.069188][ T7733] netlink: 326 bytes leftover after parsing attributes in process `syz.2.696'. [ 219.494558][ T7770] hub 8-0:1.0: USB hub found [ 219.560711][ T7770] hub 8-0:1.0: 1 port detected [ 219.762168][ T7778] netlink: 330 bytes leftover after parsing attributes in process `syz.1.712'. [ 220.124189][ T7778] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 220.410703][ T7784] netlink: 290 bytes leftover after parsing attributes in process `syz.1.715'. [ 220.778129][ T7788] FAULT_INJECTION: forcing a failure. [ 220.778129][ T7788] name failslab, interval 1, probability 0, space 0, times 0 [ 220.846080][ T7788] CPU: 1 UID: 0 PID: 7788 Comm: syz.1.718 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 220.846113][ T7788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 220.846127][ T7788] Call Trace: [ 220.846135][ T7788] [ 220.846148][ T7788] dump_stack_lvl+0x16c/0x1f0 [ 220.846196][ T7788] should_fail_ex+0x512/0x640 [ 220.846222][ T7788] ? __kvmalloc_node_noprof+0x122/0x600 [ 220.846259][ T7788] should_failslab+0xc2/0x120 [ 220.846281][ T7788] __kvmalloc_node_noprof+0x135/0x600 [ 220.846314][ T7788] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 220.846348][ T7788] ? v4l2_ctrl_new+0x97d/0x2180 [ 220.846376][ T7788] ? v4l2_ctrl_new+0x97d/0x2180 [ 220.846396][ T7788] v4l2_ctrl_new+0x97d/0x2180 [ 220.846430][ T7788] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 220.846457][ T7788] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 220.846480][ T7788] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 220.846508][ T7788] v4l2_ctrl_new_custom+0x413/0xaa0 [ 220.846549][ T7788] ? __pfx_v4l2_ctrl_new_custom+0x10/0x10 [ 220.846578][ T7788] ? trace_kmalloc+0x2b/0xd0 [ 220.846609][ T7788] ? media_request_object_init+0x100/0x180 [ 220.846647][ T7788] vicodec_open+0xc4f/0xf90 [ 220.846686][ T7788] v4l2_open+0x222/0x490 [ 220.846720][ T7788] ? __pfx_v4l2_open+0x10/0x10 [ 220.846753][ T7788] chrdev_open+0x231/0x6a0 [ 220.846787][ T7788] ? __pfx_apparmor_file_open+0x10/0x10 [ 220.846816][ T7788] ? __pfx_chrdev_open+0x10/0x10 [ 220.846853][ T7788] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 220.846891][ T7788] do_dentry_open+0x741/0x1c10 [ 220.846924][ T7788] ? __pfx_chrdev_open+0x10/0x10 [ 220.846965][ T7788] vfs_open+0x82/0x3f0 [ 220.846991][ T7788] path_openat+0x1e5e/0x2d40 [ 220.847035][ T7788] ? __pfx_path_openat+0x10/0x10 [ 220.847077][ T7788] do_filp_open+0x20b/0x470 [ 220.847110][ T7788] ? __pfx_do_filp_open+0x10/0x10 [ 220.847173][ T7788] ? alloc_fd+0x471/0x7d0 [ 220.847214][ T7788] do_sys_openat2+0x11b/0x1d0 [ 220.847238][ T7788] ? __pfx_do_sys_openat2+0x10/0x10 [ 220.847274][ T7788] __x64_sys_openat+0x174/0x210 [ 220.847299][ T7788] ? __pfx___x64_sys_openat+0x10/0x10 [ 220.847326][ T7788] ? rcu_is_watching+0x12/0xc0 [ 220.847362][ T7788] do_syscall_64+0xcd/0x260 [ 220.847398][ T7788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.847422][ T7788] RIP: 0033:0x7f1b3278d169 [ 220.847440][ T7788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 220.847462][ T7788] RSP: 002b:00007f1b33569038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 220.847483][ T7788] RAX: ffffffffffffffda RBX: 00007f1b329a5fa0 RCX: 00007f1b3278d169 [ 220.847498][ T7788] RDX: 00000000001ab442 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 220.847512][ T7788] RBP: 00007f1b3280e990 R08: 0000000000000000 R09: 0000000000000000 [ 220.847526][ T7788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 220.847539][ T7788] R13: 0000000000000000 R14: 00007f1b329a5fa0 R15: 00007ffe14642d68 [ 220.847568][ T7788] [ 224.017391][ T7834] netlink: 330 bytes leftover after parsing attributes in process `syz.1.731'. [ 225.147421][ T7852] netlink: 342 bytes leftover after parsing attributes in process `syz.2.736'. [ 225.300080][ T7849] netlink: 'syz.1.735': attribute type 1 has an invalid length. [ 226.159976][ T7876] netlink: 330 bytes leftover after parsing attributes in process `syz.2.740'. [ 227.407475][ T7898] netlink: 'syz.2.749': attribute type 19 has an invalid length. [ 227.448431][ T7898] netlink: 114 bytes leftover after parsing attributes in process `syz.2.749'. [ 228.766292][ T7920] netlink: 30 bytes leftover after parsing attributes in process `syz.2.759'. [ 229.080393][ T7927] vhci_hcd: not connected 4 [ 229.391392][ T7936] netlink: 28 bytes leftover after parsing attributes in process `syz.1.766'. [ 229.453420][ T7937] netlink: 330 bytes leftover after parsing attributes in process `syz.0.764'. [ 230.027105][ T7945] netlink: 4 bytes leftover after parsing attributes in process `syz.3.769'. [ 230.153613][ T7942] netlink: 330 bytes leftover after parsing attributes in process `syz.1.768'. [ 230.407121][ T7953] netlink: 330 bytes leftover after parsing attributes in process `syz.2.773'. [ 230.669263][ T7955] netlink: 326 bytes leftover after parsing attributes in process `syz.1.774'. [ 231.043815][ T7962] netlink: 266 bytes leftover after parsing attributes in process `syz.3.777'. [ 231.104118][ T7962] IPv6: NLM_F_CREATE should be specified when creating new route [ 231.593086][ T7974] netlink: 342 bytes leftover after parsing attributes in process `syz.2.783'. [ 232.033247][ T7969] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 234.211642][ T8008] netlink: 326 bytes leftover after parsing attributes in process `syz.3.795'. [ 234.295118][ T8008] bridge0: port 2(bridge_slave_1) entered disabled state [ 234.304112][ T8008] bridge0: port 1(bridge_slave_0) entered disabled state [ 234.497966][ T8014] netlink: 326 bytes leftover after parsing attributes in process `syz.2.797'. [ 237.696959][ T8066] netlink: 330 bytes leftover after parsing attributes in process `syz.3.816'. [ 239.352761][ T8076] netlink: 146 bytes leftover after parsing attributes in process `syz.2.820'. [ 240.815296][ T8090] netlink: 334 bytes leftover after parsing attributes in process `syz.0.825'. [ 240.892821][ T8092] netlink: 'syz.1.826': attribute type 16 has an invalid length. [ 240.900601][ T8092] netlink: 50 bytes leftover after parsing attributes in process `syz.1.826'. [ 241.010234][ T8094] netlink: 330 bytes leftover after parsing attributes in process `syz.3.827'. [ 241.064433][ T8094] S: renamed from vlan1 [ 241.221123][ T8096] netlink: 146 bytes leftover after parsing attributes in process `syz.2.828'. [ 241.416404][ T8100] netlink: 186 bytes leftover after parsing attributes in process `syz.3.831'. [ 241.553602][ T8103] netlink: 330 bytes leftover after parsing attributes in process `syz.1.832'. [ 242.200450][ T8115] netlink: 330 bytes leftover after parsing attributes in process `syz.1.838'. [ 242.792977][ T8124] syz.1.841 (8124): /proc/8124/oom_adj is deprecated, please use /proc/8124/oom_score_adj instead. [ 242.886828][ T8128] netlink: 'syz.3.842': attribute type 5 has an invalid length. [ 242.940617][ T8128] netlink: 314 bytes leftover after parsing attributes in process `syz.3.842'. [ 243.237968][ T8133] netlink: 'syz.3.844': attribute type 19 has an invalid length. [ 243.278176][ T8133] netlink: 334 bytes leftover after parsing attributes in process `syz.3.844'. [ 243.642985][ T8137] netlink: 330 bytes leftover after parsing attributes in process `syz.2.846'. [ 243.677528][ T8139] netlink: 346 bytes leftover after parsing attributes in process `syz.3.847'. [ 244.759250][ T8150] netlink: 'syz.3.852': attribute type 19 has an invalid length. [ 244.785944][ T8150] netlink: 114 bytes leftover after parsing attributes in process `syz.3.852'. [ 245.369542][ T2990] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 245.517390][ T8154] netlink: 'syz.1.854': attribute type 7 has an invalid length. [ 245.819422][ T2990] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.217104][ T2990] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.734362][ T2990] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.933776][ T8172] netlink: 146 bytes leftover after parsing attributes in process `syz.1.862'. [ 246.977062][ T5152] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 246.993899][ T5152] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 247.002781][ T5152] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 247.010911][ T5152] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 247.018920][ T5152] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 247.937810][ T2990] bridge_slave_1: left allmulticast mode [ 247.943704][ T2990] bridge_slave_1: left promiscuous mode [ 248.008849][ T2990] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.102751][ T2990] bridge_slave_0: left allmulticast mode [ 248.130343][ T2990] bridge_slave_0: left promiscuous mode [ 248.165667][ T2990] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.399522][ T8192] netlink: 330 bytes leftover after parsing attributes in process `syz.3.866'. [ 249.116077][ T5152] Bluetooth: hci2: command tx timeout [ 249.970951][ T2990] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 250.029513][ T2990] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 250.058668][ T2990] bond0 (unregistering): Released all slaves [ 250.924262][ T8215] netlink: 342 bytes leftover after parsing attributes in process `syz.2.870'. [ 250.995413][ T8173] chnl_net:caif_netlink_parms(): no params data found [ 251.063673][ T8215] netlink: 214 bytes leftover after parsing attributes in process `syz.2.870'. [ 251.079228][ T8215] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 251.086495][ T8215] IPv6: NLM_F_CREATE should be set when creating new route [ 251.093954][ T8215] IPv6: NLM_F_CREATE should be set when creating new route [ 251.101234][ T8215] IPv6: NLM_F_CREATE should be set when creating new route [ 251.197133][ T5152] Bluetooth: hci2: command tx timeout [ 251.491971][ T8221] netlink: 334 bytes leftover after parsing attributes in process `syz.2.882'. [ 251.761199][ T2990] hsr_slave_0: left promiscuous mode [ 251.806378][ T2990] hsr_slave_1: left promiscuous mode [ 251.831120][ T2990] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 251.839549][ T8226] netlink: 222 bytes leftover after parsing attributes in process `syz.2.874'. [ 251.868189][ T2990] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 251.896217][ T2990] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 251.936319][ T2990] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 251.996566][ T2990] veth0_macvtap: left promiscuous mode [ 252.033066][ T2990] veth1_vlan: left promiscuous mode [ 252.051521][ T2990] veth0_vlan: left promiscuous mode [ 253.278372][ T5152] Bluetooth: hci2: command tx timeout [ 253.389093][ T2990] team0 (unregistering): Port device team_slave_1 removed [ 253.482389][ T2990] team0 (unregistering): Port device team_slave_0 removed [ 254.526904][ T8226] bridge0: port 2(bridge_slave_1) entered disabled state [ 254.807827][ T8243] netlink: 330 bytes leftover after parsing attributes in process `syz.2.883'. [ 255.114701][ T8173] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.172080][ T8173] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.230807][ T8173] bridge_slave_0: entered allmulticast mode [ 255.238174][ T8173] bridge_slave_0: entered promiscuous mode [ 255.345000][ T8173] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.368662][ T5152] Bluetooth: hci2: command tx timeout [ 255.409844][ T8173] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.417067][ T8173] bridge_slave_1: entered allmulticast mode [ 255.479255][ T8173] bridge_slave_1: entered promiscuous mode [ 255.703886][ T8173] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 255.776723][ T8173] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 256.149986][ T8260] FAULT_INJECTION: forcing a failure. [ 256.149986][ T8260] name failslab, interval 1, probability 0, space 0, times 0 [ 256.203939][ T8173] team0: Port device team_slave_0 added [ 256.284234][ T8173] team0: Port device team_slave_1 added [ 256.328755][ T8260] CPU: 1 UID: 0 PID: 8260 Comm: syz.1.886 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 256.328787][ T8260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 256.328811][ T8260] Call Trace: [ 256.328819][ T8260] [ 256.328827][ T8260] dump_stack_lvl+0x16c/0x1f0 [ 256.328867][ T8260] should_fail_ex+0x512/0x640 [ 256.328894][ T8260] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 256.328928][ T8260] should_failslab+0xc2/0x120 [ 256.328950][ T8260] __kmalloc_cache_noprof+0x6a/0x3e0 [ 256.328979][ T8260] ? lockdep_init_map_type+0x5c/0x280 [ 256.329002][ T8260] ? snd_seq_oss_timer_new+0x43/0x230 [ 256.329045][ T8260] snd_seq_oss_timer_new+0x43/0x230 [ 256.329083][ T8260] snd_seq_oss_open+0x5ce/0xa20 [ 256.329124][ T8260] odev_open+0x6f/0x90 [ 256.329155][ T8260] ? __pfx_odev_open+0x10/0x10 [ 256.329187][ T8260] soundcore_open+0x409/0x580 [ 256.329222][ T8260] ? __pfx_soundcore_open+0x10/0x10 [ 256.329253][ T8260] chrdev_open+0x231/0x6a0 [ 256.329289][ T8260] ? __pfx_apparmor_file_open+0x10/0x10 [ 256.329327][ T8260] ? __pfx_chrdev_open+0x10/0x10 [ 256.329365][ T8260] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 256.329404][ T8260] do_dentry_open+0x741/0x1c10 [ 256.329438][ T8260] ? __pfx_chrdev_open+0x10/0x10 [ 256.329482][ T8260] vfs_open+0x82/0x3f0 [ 256.329509][ T8260] path_openat+0x1e5e/0x2d40 [ 256.329554][ T8260] ? __pfx_path_openat+0x10/0x10 [ 256.329595][ T8260] do_filp_open+0x20b/0x470 [ 256.329630][ T8260] ? __pfx_do_filp_open+0x10/0x10 [ 256.329685][ T8260] ? alloc_fd+0x471/0x7d0 [ 256.329725][ T8260] do_sys_openat2+0x11b/0x1d0 [ 256.329749][ T8260] ? __pfx_do_sys_openat2+0x10/0x10 [ 256.329775][ T8260] ? __pfx___might_resched+0x10/0x10 [ 256.329815][ T8260] __x64_sys_openat+0x174/0x210 [ 256.329840][ T8260] ? __pfx___x64_sys_openat+0x10/0x10 [ 256.329867][ T8260] ? rcu_is_watching+0x12/0xc0 [ 256.329903][ T8260] do_syscall_64+0xcd/0x260 [ 256.329939][ T8260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.329962][ T8260] RIP: 0033:0x7f1b3278d169 [ 256.329981][ T8260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 256.330003][ T8260] RSP: 002b:00007f1b33569038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 256.330024][ T8260] RAX: ffffffffffffffda RBX: 00007f1b329a5fa0 RCX: 00007f1b3278d169 [ 256.330039][ T8260] RDX: 0000000000000080 RSI: 0000200000000500 RDI: ffffffffffffff9c [ 256.330053][ T8260] RBP: 00007f1b3280e990 R08: 0000000000000000 R09: 0000000000000000 [ 256.330066][ T8260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 256.330079][ T8260] R13: 0000000000000000 R14: 00007f1b329a5fa0 R15: 00007ffe14642d68 [ 256.330107][ T8260] [ 256.847621][ T5851] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 256.856661][ T5851] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 256.871306][ T5851] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 256.885228][ T5851] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 256.894414][ T5851] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 257.045651][ T8173] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 257.058571][ T8173] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.127421][ T8173] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 257.174986][ T8173] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 257.205323][ T8173] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.307187][ T8173] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 257.583306][ T8173] hsr_slave_0: entered promiscuous mode [ 257.607949][ T8173] hsr_slave_1: entered promiscuous mode [ 257.662002][ T8173] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 257.669689][ T8173] Cannot create hsr debugfs directory [ 257.901094][ T8279] netlink: 326 bytes leftover after parsing attributes in process `syz.2.890'. [ 258.422994][ T8260] ALSA: seq_oss: can't alloc timer [ 258.962001][ T5851] Bluetooth: hci1: command tx timeout [ 258.996962][ T8265] chnl_net:caif_netlink_parms(): no params data found [ 259.349624][ T8304] netlink: 318 bytes leftover after parsing attributes in process `syz.2.894'. [ 259.612885][ T8309] netlink: 342 bytes leftover after parsing attributes in process `syz.2.896'. [ 259.950919][ T8265] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.978245][ T8265] bridge0: port 1(bridge_slave_0) entered disabled state [ 260.010752][ T8265] bridge_slave_0: entered allmulticast mode [ 260.030616][ T8265] bridge_slave_0: entered promiscuous mode [ 260.073110][ T8265] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.108767][ T8265] bridge0: port 2(bridge_slave_1) entered disabled state [ 260.127747][ T8265] bridge_slave_1: entered allmulticast mode [ 260.157811][ T8265] bridge_slave_1: entered promiscuous mode [ 260.261732][ T8317] mkiss: ax0: crc mode is auto. [ 260.387677][ T8265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 260.427683][ T8265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 260.577675][ T8265] team0: Port device team_slave_0 added [ 260.599803][ T8265] team0: Port device team_slave_1 added [ 260.729326][ T8320] netlink: 326 bytes leftover after parsing attributes in process `syz.1.899'. [ 260.767436][ T8173] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 260.809588][ T8265] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 260.849208][ T8265] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 260.950752][ T8265] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 260.972520][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.978861][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.006416][ T8265] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 261.037319][ T8265] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 261.082011][ T5851] Bluetooth: hci1: command tx timeout [ 261.141169][ T8265] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 261.169800][ T8173] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 261.198636][ T8322] netlink: 334 bytes leftover after parsing attributes in process `syz.2.900'. [ 261.241831][ T8173] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 261.438901][ T8173] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 261.646473][ T8265] hsr_slave_0: entered promiscuous mode [ 261.697387][ T8265] hsr_slave_1: entered promiscuous mode [ 261.733844][ T8265] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 261.768908][ T8333] netlink: 330 bytes leftover after parsing attributes in process `syz.2.903'. [ 261.787725][ T8265] Cannot create hsr debugfs directory [ 261.861483][ T8333] : renamed from  (while UP) [ 261.920076][ T8333] netlink: 330 bytes leftover after parsing attributes in process `syz.2.903'. [ 262.653854][ T8348] FAULT_INJECTION: forcing a failure. [ 262.653854][ T8348] name failslab, interval 1, probability 0, space 0, times 0 [ 262.754470][ T8348] CPU: 1 UID: 0 PID: 8348 Comm: syz.2.905 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 262.754504][ T8348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 262.754517][ T8348] Call Trace: [ 262.754525][ T8348] [ 262.754534][ T8348] dump_stack_lvl+0x16c/0x1f0 [ 262.754571][ T8348] should_fail_ex+0x512/0x640 [ 262.754597][ T8348] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 262.754632][ T8348] should_failslab+0xc2/0x120 [ 262.754653][ T8348] __kmalloc_cache_noprof+0x6a/0x3e0 [ 262.754685][ T8348] ? snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 262.754733][ T8348] ? kasan_save_track+0x14/0x30 [ 262.754770][ T8348] snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 262.754812][ T8348] ? rcu_is_watching+0x12/0xc0 [ 262.754845][ T8348] ? __mutex_lock+0x1ca/0xb90 [ 262.754877][ T8348] ? lockdep_hardirqs_on+0x7c/0x110 [ 262.754912][ T8348] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 262.754954][ T8348] ? __pfx___mutex_lock+0x10/0x10 [ 262.754986][ T8348] ? tomoyo_path_number_perm+0x295/0x580 [ 262.755021][ T8348] ? __lock_acquire+0xaa4/0x1ba0 [ 262.755067][ T8348] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 262.755095][ T8348] snd_pcm_oss_get_formats+0x7e/0x340 [ 262.755115][ T8348] ? find_held_lock+0x2b/0x80 [ 262.755144][ T8348] ? __pfx_snd_pcm_oss_get_formats+0x10/0x10 [ 262.755165][ T8348] ? __might_fault+0x13b/0x190 [ 262.755208][ T8348] snd_pcm_oss_ioctl+0x2efb/0x37a0 [ 262.755230][ T8348] ? find_held_lock+0x2b/0x80 [ 262.755258][ T8348] ? hook_file_ioctl_common+0x145/0x410 [ 262.755284][ T8348] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 262.755309][ T8348] ? __fget_files+0x20e/0x3c0 [ 262.755347][ T8348] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 262.755372][ T8348] __x64_sys_ioctl+0x190/0x200 [ 262.755402][ T8348] do_syscall_64+0xcd/0x260 [ 262.755438][ T8348] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 262.755461][ T8348] RIP: 0033:0x7f794858d169 [ 262.755478][ T8348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 262.755500][ T8348] RSP: 002b:00007f7949463038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 262.755521][ T8348] RAX: ffffffffffffffda RBX: 00007f79487a5fa0 RCX: 00007f794858d169 [ 262.755536][ T8348] RDX: 0000000000000000 RSI: 00000000c0045005 RDI: 0000000000000007 [ 262.755549][ T8348] RBP: 00007f794860e990 R08: 0000000000000000 R09: 0000000000000000 [ 262.755563][ T8348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 262.755576][ T8348] R13: 0000000000000000 R14: 00007f79487a5fa0 R15: 00007ffd8b386398 [ 262.755604][ T8348] [ 263.190402][ T5851] Bluetooth: hci1: command tx timeout [ 263.627555][ T8173] 8021q: adding VLAN 0 to HW filter on device bond0 [ 263.910237][ T8173] 8021q: adding VLAN 0 to HW filter on device team0 [ 263.988209][ T994] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.995617][ T994] bridge0: port 1(bridge_slave_0) entered forwarding state [ 264.189538][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 264.196764][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 264.330296][ T8265] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 264.401367][ T8265] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 264.473324][ T8265] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 264.533815][ T8265] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 264.957510][ T8265] 8021q: adding VLAN 0 to HW filter on device bond0 [ 265.064440][ T8265] 8021q: adding VLAN 0 to HW filter on device team0 [ 265.137174][ T1095] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.144425][ T1095] bridge0: port 1(bridge_slave_0) entered forwarding state [ 265.208658][ T5851] Bluetooth: hci1: command tx timeout [ 265.295395][ T1095] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.302589][ T1095] bridge0: port 2(bridge_slave_1) entered forwarding state [ 265.590694][ T8173] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 265.929810][ T8173] veth0_vlan: entered promiscuous mode [ 265.980085][ T8173] veth1_vlan: entered promiscuous mode [ 266.220835][ T8173] veth0_macvtap: entered promiscuous mode [ 266.298209][ T8173] veth1_macvtap: entered promiscuous mode [ 266.408800][ T8173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.494842][ T8173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.588202][ T8173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.649722][ T8173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.702491][ T8173] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 266.800246][ T8173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.879935][ T8173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.917211][ T8173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.998666][ T8173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.038837][ T8173] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 267.084548][ T8173] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.123498][ T8173] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 267.230576][ T8173] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.292458][ T8173] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.320698][ T8173] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.331902][ T30] audit: type=1804 audit(1744417887.512:3): pid=8423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.916" name="/newroot/sys/kernel/tracing/error_log" dev="tracefs" ino=1235 res=1 errno=0 [ 267.388931][ T8173] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.531001][ T8265] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 267.956307][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 267.964216][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 268.270725][ T994] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 268.366342][ T994] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 268.899459][ T8265] veth0_vlan: entered promiscuous mode [ 268.981333][ T8265] veth1_vlan: entered promiscuous mode [ 269.183046][ T8265] veth0_macvtap: entered promiscuous mode [ 269.258401][ T8265] veth1_macvtap: entered promiscuous mode [ 269.417030][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.505279][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.547402][ T8460] netlink: 350 bytes leftover after parsing attributes in process `syz.1.922'. [ 269.581093][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.624961][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.657746][ T8464] netlink: 146 bytes leftover after parsing attributes in process `syz.0.924'. [ 269.672371][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.715830][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.792772][ T8265] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 269.894004][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.971498][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.013391][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 270.055542][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.096259][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 270.142502][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.211047][ T8265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 270.272003][ T8265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.335676][ T8265] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 270.445352][ T8265] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.487570][ T8265] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.527831][ T8265] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.585869][ T8265] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.904181][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 270.959325][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.078781][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.115181][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.748348][ T8490] netlink: 306 bytes leftover after parsing attributes in process `syz.2.935'. [ 275.131768][ T8558] FAULT_INJECTION: forcing a failure. [ 275.131768][ T8558] name failslab, interval 1, probability 0, space 0, times 0 [ 275.214807][ T8558] CPU: 1 UID: 0 PID: 8558 Comm: syz.0.959 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 275.214842][ T8558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 275.214856][ T8558] Call Trace: [ 275.214863][ T8558] [ 275.214872][ T8558] dump_stack_lvl+0x16c/0x1f0 [ 275.214910][ T8558] should_fail_ex+0x512/0x640 [ 275.214937][ T8558] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 275.214977][ T8558] should_failslab+0xc2/0x120 [ 275.214999][ T8558] __kmalloc_cache_noprof+0x6a/0x3e0 [ 275.215029][ T8558] ? mark_held_locks+0x49/0x80 [ 275.215072][ T8558] ? ovs_ct_limit_cmd_set+0x30a/0xa90 [ 275.215101][ T8558] ovs_ct_limit_cmd_set+0x30a/0xa90 [ 275.215132][ T8558] ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10 [ 275.215159][ T8558] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 275.215185][ T8558] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 275.215215][ T8558] genl_family_rcv_msg_doit+0x206/0x2f0 [ 275.215240][ T8558] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 275.215262][ T8558] ? trace_cap_capable+0x18d/0x200 [ 275.215291][ T8558] ? bpf_lsm_capable+0x9/0x10 [ 275.215323][ T8558] ? security_capable+0x7e/0x260 [ 275.215361][ T8558] ? ns_capable+0xd7/0x110 [ 275.215391][ T8558] genl_rcv_msg+0x55c/0x800 [ 275.215416][ T8558] ? __pfx_genl_rcv_msg+0x10/0x10 [ 275.215437][ T8558] ? __pfx___dev_queue_xmit+0x10/0x10 [ 275.215462][ T8558] ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10 [ 275.215490][ T8558] ? __lock_acquire+0xaa4/0x1ba0 [ 275.215532][ T8558] netlink_rcv_skb+0x16a/0x440 [ 275.215566][ T8558] ? __pfx_genl_rcv_msg+0x10/0x10 [ 275.215589][ T8558] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 275.215637][ T8558] ? __pfx_down_read+0x10/0x10 [ 275.215658][ T8558] ? netlink_deliver_tap+0x1ae/0xd30 [ 275.215694][ T8558] genl_rcv+0x28/0x40 [ 275.215727][ T8558] netlink_unicast+0x53a/0x7f0 [ 275.215765][ T8558] ? __pfx_netlink_unicast+0x10/0x10 [ 275.215796][ T8558] ? __build_skb_around+0x278/0x3b0 [ 275.215822][ T8558] ? __build_skb+0x6e/0x90 [ 275.215852][ T8558] ? is_vmalloc_addr+0x30/0x40 [ 275.215889][ T8558] netlink_sendmsg+0x8d1/0xdd0 [ 275.215928][ T8558] ? __pfx_netlink_sendmsg+0x10/0x10 [ 275.215978][ T8558] ____sys_sendmsg+0xa95/0xc70 [ 275.216001][ T8558] ? copy_msghdr_from_user+0x10a/0x160 [ 275.216031][ T8558] ? __pfx_____sys_sendmsg+0x10/0x10 [ 275.216058][ T8558] ? try_to_wake_up+0xa2f/0x1680 [ 275.216092][ T8558] ___sys_sendmsg+0x134/0x1d0 [ 275.216125][ T8558] ? __pfx____sys_sendmsg+0x10/0x10 [ 275.216190][ T8558] __sys_sendmsg+0x16d/0x220 [ 275.216220][ T8558] ? __pfx___sys_sendmsg+0x10/0x10 [ 275.216249][ T8558] ? __x64_sys_futex+0x1e0/0x4c0 [ 275.216289][ T8558] ? rcu_is_watching+0x12/0xc0 [ 275.216325][ T8558] do_syscall_64+0xcd/0x260 [ 275.216361][ T8558] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.216384][ T8558] RIP: 0033:0x7f650318d169 [ 275.216403][ T8558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.216425][ T8558] RSP: 002b:00007f6504049038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 275.216446][ T8558] RAX: ffffffffffffffda RBX: 00007f65033a5fa0 RCX: 00007f650318d169 [ 275.216461][ T8558] RDX: 0000000000000004 RSI: 0000200000000100 RDI: 0000000000000005 [ 275.216475][ T8558] RBP: 00007f650320e990 R08: 0000000000000000 R09: 0000000000000000 [ 275.216488][ T8558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 275.216501][ T8558] R13: 0000000000000000 R14: 00007f65033a5fa0 R15: 00007ffda1ac9e48 [ 275.216530][ T8558] [ 277.583873][ T8579] netlink: 4 bytes leftover after parsing attributes in process `syz.0.970'. [ 277.621229][ T8581] netlink: 28 bytes leftover after parsing attributes in process `syz.1.960'. [ 277.672003][ T8581] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 278.392000][ T8594] netlink: 330 bytes leftover after parsing attributes in process `syz.0.976'. [ 278.792521][ T8597] FAULT_INJECTION: forcing a failure. [ 278.792521][ T8597] name failslab, interval 1, probability 0, space 0, times 0 [ 278.877809][ T8597] CPU: 1 UID: 0 PID: 8597 Comm: syz.1.978 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 278.877842][ T8597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 278.877856][ T8597] Call Trace: [ 278.877863][ T8597] [ 278.877872][ T8597] dump_stack_lvl+0x16c/0x1f0 [ 278.877910][ T8597] should_fail_ex+0x512/0x640 [ 278.877936][ T8597] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 278.877970][ T8597] should_failslab+0xc2/0x120 [ 278.877992][ T8597] __kmalloc_cache_noprof+0x6a/0x3e0 [ 278.878023][ T8597] ? snd_ctl_get_preferred_subdevice+0x16c/0x1f0 [ 278.878051][ T8597] ? snd_pcm_attach_substream+0x441/0xd60 [ 278.878083][ T8597] snd_pcm_attach_substream+0x441/0xd60 [ 278.878117][ T8597] snd_pcm_open_substream+0x8d/0x17f0 [ 278.878146][ T8597] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 278.878182][ T8597] snd_pcm_oss_open+0x735/0x1400 [ 278.878231][ T8597] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 278.878269][ T8597] ? __lock_acquire+0xaa4/0x1ba0 [ 278.878308][ T8597] ? __pfx_default_wake_function+0x10/0x10 [ 278.878340][ T8597] ? __lock_acquire+0xaa4/0x1ba0 [ 278.878394][ T8597] ? do_raw_spin_lock+0x12c/0x2b0 [ 278.878423][ T8597] ? soundcore_open+0x35a/0x580 [ 278.878456][ T8597] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 278.878496][ T8597] soundcore_open+0x409/0x580 [ 278.878529][ T8597] ? __pfx_soundcore_open+0x10/0x10 [ 278.878561][ T8597] chrdev_open+0x231/0x6a0 [ 278.878596][ T8597] ? __pfx_apparmor_file_open+0x10/0x10 [ 278.878656][ T8597] ? __pfx_chrdev_open+0x10/0x10 [ 278.878695][ T8597] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 278.878734][ T8597] do_dentry_open+0x741/0x1c10 [ 278.878768][ T8597] ? __pfx_chrdev_open+0x10/0x10 [ 278.878809][ T8597] vfs_open+0x82/0x3f0 [ 278.878836][ T8597] path_openat+0x1e5e/0x2d40 [ 278.878880][ T8597] ? __pfx_path_openat+0x10/0x10 [ 278.878922][ T8597] do_filp_open+0x20b/0x470 [ 278.878956][ T8597] ? __pfx_do_filp_open+0x10/0x10 [ 278.879011][ T8597] ? alloc_fd+0x471/0x7d0 [ 278.879051][ T8597] do_sys_openat2+0x11b/0x1d0 [ 278.879075][ T8597] ? __pfx_do_sys_openat2+0x10/0x10 [ 278.879111][ T8597] __x64_sys_openat+0x174/0x210 [ 278.879136][ T8597] ? __pfx___x64_sys_openat+0x10/0x10 [ 278.879162][ T8597] ? rcu_is_watching+0x12/0xc0 [ 278.879199][ T8597] do_syscall_64+0xcd/0x260 [ 278.879236][ T8597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.879259][ T8597] RIP: 0033:0x7f1b3278d169 [ 278.879277][ T8597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.879299][ T8597] RSP: 002b:00007f1b33569038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 278.879321][ T8597] RAX: ffffffffffffffda RBX: 00007f1b329a5fa0 RCX: 00007f1b3278d169 [ 278.879335][ T8597] RDX: 0000000000040000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 278.879350][ T8597] RBP: 00007f1b3280e990 R08: 0000000000000000 R09: 0000000000000000 [ 278.879364][ T8597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 278.879443][ T8597] R13: 0000000000000000 R14: 00007f1b329a5fa0 R15: 00007ffe14642d68 [ 278.879472][ T8597] [ 279.934776][ T8609] netlink: 326 bytes leftover after parsing attributes in process `syz.0.982'. [ 281.138103][ T8632] FAULT_INJECTION: forcing a failure. [ 281.138103][ T8632] name failslab, interval 1, probability 0, space 0, times 0 [ 281.186977][ T8632] CPU: 1 UID: 0 PID: 8632 Comm: syz.1.992 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 281.187011][ T8632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 281.187025][ T8632] Call Trace: [ 281.187032][ T8632] [ 281.187041][ T8632] dump_stack_lvl+0x16c/0x1f0 [ 281.187080][ T8632] should_fail_ex+0x512/0x640 [ 281.187106][ T8632] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 281.187144][ T8632] should_failslab+0xc2/0x120 [ 281.187166][ T8632] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 281.187208][ T8632] ? alloc_empty_file+0x55/0x1e0 [ 281.187237][ T8632] alloc_empty_file+0x55/0x1e0 [ 281.187262][ T8632] path_openat+0xe0/0x2d40 [ 281.187295][ T8632] ? __x64_sys_openat+0x174/0x210 [ 281.187319][ T8632] ? do_syscall_64+0xcd/0x260 [ 281.187351][ T8632] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.187385][ T8632] ? __pfx_path_openat+0x10/0x10 [ 281.187426][ T8632] do_filp_open+0x20b/0x470 [ 281.187459][ T8632] ? __pfx_do_filp_open+0x10/0x10 [ 281.187513][ T8632] ? alloc_fd+0x471/0x7d0 [ 281.187553][ T8632] do_sys_openat2+0x11b/0x1d0 [ 281.187577][ T8632] ? __pfx_do_sys_openat2+0x10/0x10 [ 281.187612][ T8632] __x64_sys_openat+0x174/0x210 [ 281.187637][ T8632] ? __pfx___x64_sys_openat+0x10/0x10 [ 281.187664][ T8632] ? rcu_is_watching+0x12/0xc0 [ 281.187700][ T8632] do_syscall_64+0xcd/0x260 [ 281.187736][ T8632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.187759][ T8632] RIP: 0033:0x7f1b3278bad0 [ 281.187776][ T8632] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 281.187798][ T8632] RSP: 002b:00007f1b33568f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 281.187819][ T8632] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f1b3278bad0 [ 281.187833][ T8632] RDX: 0000000000000002 RSI: 00007f1b33568fa0 RDI: 00000000ffffff9c [ 281.187847][ T8632] RBP: 00007f1b33568fa0 R08: 0000000000000000 R09: 00007f1b33568cd5 [ 281.187861][ T8632] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 281.187874][ T8632] R13: 0000000000000000 R14: 00007f1b329a5fa0 R15: 00007ffe14642d68 [ 281.187901][ T8632] [ 281.561898][ T8635] FAULT_INJECTION: forcing a failure. [ 281.561898][ T8635] name failslab, interval 1, probability 0, space 0, times 0 [ 281.575448][ T8635] CPU: 1 UID: 0 PID: 8635 Comm: syz.0.994 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 281.575479][ T8635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 281.575493][ T8635] Call Trace: [ 281.575500][ T8635] [ 281.575508][ T8635] dump_stack_lvl+0x16c/0x1f0 [ 281.575545][ T8635] should_fail_ex+0x512/0x640 [ 281.575571][ T8635] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 281.575613][ T8635] should_failslab+0xc2/0x120 [ 281.575634][ T8635] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 281.575673][ T8635] ? __kthread_create_on_node+0x186/0x3f0 [ 281.575716][ T8635] kvasprintf+0xbc/0x160 [ 281.575745][ T8635] ? __pfx_kvasprintf+0x10/0x10 [ 281.575785][ T8635] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 281.575808][ T8635] __kthread_create_on_node+0x186/0x3f0 [ 281.575843][ T8635] ? __pfx___mutex_trylock_common+0x10/0x10 [ 281.575867][ T8635] ? __pfx___kthread_create_on_node+0x10/0x10 [ 281.575919][ T8635] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 281.575943][ T8635] kthread_create_on_node+0xc7/0x100 [ 281.575979][ T8635] ? __pfx_kthread_create_on_node+0x10/0x10 [ 281.576030][ T8635] ? mark_held_locks+0x49/0x80 [ 281.576066][ T8635] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 281.576097][ T8635] ? lockdep_hardirqs_on+0x7c/0x110 [ 281.576135][ T8635] dvb_frontend_open+0xf47/0x1730 [ 281.576165][ T8635] ? __pfx_dvb_frontend_open+0x10/0x10 [ 281.576188][ T8635] dvb_device_open+0x26d/0x3b0 [ 281.576212][ T8635] ? __pfx_dvb_device_open+0x10/0x10 [ 281.576240][ T8635] chrdev_open+0x231/0x6a0 [ 281.576275][ T8635] ? __pfx_apparmor_file_open+0x10/0x10 [ 281.576304][ T8635] ? __pfx_chrdev_open+0x10/0x10 [ 281.576343][ T8635] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 281.576382][ T8635] do_dentry_open+0x741/0x1c10 [ 281.576415][ T8635] ? __pfx_chrdev_open+0x10/0x10 [ 281.576457][ T8635] vfs_open+0x82/0x3f0 [ 281.576484][ T8635] path_openat+0x1e5e/0x2d40 [ 281.576528][ T8635] ? __pfx_path_openat+0x10/0x10 [ 281.576571][ T8635] do_filp_open+0x20b/0x470 [ 281.576605][ T8635] ? __pfx_do_filp_open+0x10/0x10 [ 281.576660][ T8635] ? alloc_fd+0x471/0x7d0 [ 281.576702][ T8635] do_sys_openat2+0x11b/0x1d0 [ 281.576725][ T8635] ? __pfx_do_sys_openat2+0x10/0x10 [ 281.576761][ T8635] __x64_sys_openat+0x174/0x210 [ 281.576786][ T8635] ? __pfx___x64_sys_openat+0x10/0x10 [ 281.576816][ T8635] ? rcu_is_watching+0x12/0xc0 [ 281.576852][ T8635] do_syscall_64+0xcd/0x260 [ 281.576888][ T8635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.576911][ T8635] RIP: 0033:0x7f650318d169 [ 281.576929][ T8635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 281.576951][ T8635] RSP: 002b:00007f6504049038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 281.576972][ T8635] RAX: ffffffffffffffda RBX: 00007f65033a5fa0 RCX: 00007f650318d169 [ 281.576987][ T8635] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 281.577001][ T8635] RBP: 00007f650320e990 R08: 0000000000000000 R09: 0000000000000000 [ 281.577015][ T8635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 281.577029][ T8635] R13: 0000000000000000 R14: 00007f65033a5fa0 R15: 00007ffda1ac9e48 [ 281.577059][ T8635] [ 281.577089][ T8635] i2c i2c-0: dvb_frontend_start: failed to start kthread (-12) [ 282.269788][ T8639] netlink: 326 bytes leftover after parsing attributes in process `syz.2.995'. [ 282.569309][ T8644] random: crng reseeded on system resumption [ 282.637168][ T8644] FAULT_INJECTION: forcing a failure. [ 282.637168][ T8644] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 282.705174][ T8644] CPU: 1 UID: 0 PID: 8644 Comm: syz.2.997 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 282.705208][ T8644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 282.705222][ T8644] Call Trace: [ 282.705230][ T8644] [ 282.705238][ T8644] dump_stack_lvl+0x16c/0x1f0 [ 282.705276][ T8644] should_fail_ex+0x512/0x640 [ 282.705307][ T8644] should_fail_alloc_page+0xe7/0x130 [ 282.705331][ T8644] prepare_alloc_pages+0x3c2/0x610 [ 282.705360][ T8644] ? rcu_is_watching+0x12/0xc0 [ 282.705393][ T8644] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 282.705438][ T8644] ? stack_trace_save+0x8e/0xc0 [ 282.705468][ T8644] ? __pfx_stack_trace_save+0x10/0x10 [ 282.705499][ T8644] ? stack_depot_save_flags+0x28/0xa50 [ 282.705528][ T8644] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 282.705567][ T8644] ? kasan_save_stack+0x42/0x60 [ 282.705598][ T8644] ? kasan_save_stack+0x33/0x60 [ 282.705629][ T8644] ? kasan_save_track+0x14/0x30 [ 282.705666][ T8644] ? vfs_open+0x82/0x3f0 [ 282.705686][ T8644] ? path_openat+0x1e5e/0x2d40 [ 282.705717][ T8644] ? do_filp_open+0x20b/0x470 [ 282.705748][ T8644] ? do_sys_openat2+0x11b/0x1d0 [ 282.705770][ T8644] ? __x64_sys_openat+0x174/0x210 [ 282.705793][ T8644] ? do_syscall_64+0xcd/0x260 [ 282.705825][ T8644] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.705851][ T8644] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 282.705874][ T8644] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 282.705900][ T8644] ? policy_nodemask+0xea/0x4e0 [ 282.705940][ T8644] alloc_pages_mpol+0x1fb/0x550 [ 282.705962][ T8644] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 282.705992][ T8644] alloc_pages_noprof+0x131/0x390 [ 282.706015][ T8644] get_zeroed_page_noprof+0x14/0x50 [ 282.706040][ T8644] get_image_page+0x18/0x190 [ 282.706069][ T8644] alloc_rtree_node+0x3c/0xb0 [ 282.706098][ T8644] memory_bm_create+0x515/0x810 [ 282.706178][ T8644] create_basic_memory_bitmaps+0xc1/0x680 [ 282.706219][ T8644] snapshot_open+0x235/0x2b0 [ 282.706253][ T8644] ? __pfx_snapshot_open+0x10/0x10 [ 282.706287][ T8644] misc_open+0x35a/0x420 [ 282.706318][ T8644] ? __pfx_misc_open+0x10/0x10 [ 282.706346][ T8644] chrdev_open+0x231/0x6a0 [ 282.706381][ T8644] ? __pfx_apparmor_file_open+0x10/0x10 [ 282.706411][ T8644] ? __pfx_chrdev_open+0x10/0x10 [ 282.706449][ T8644] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 282.706487][ T8644] do_dentry_open+0x741/0x1c10 [ 282.706520][ T8644] ? __pfx_chrdev_open+0x10/0x10 [ 282.706562][ T8644] vfs_open+0x82/0x3f0 [ 282.706588][ T8644] path_openat+0x1e5e/0x2d40 [ 282.706633][ T8644] ? __pfx_path_openat+0x10/0x10 [ 282.706675][ T8644] do_filp_open+0x20b/0x470 [ 282.706709][ T8644] ? __pfx_do_filp_open+0x10/0x10 [ 282.706765][ T8644] ? alloc_fd+0x471/0x7d0 [ 282.706805][ T8644] do_sys_openat2+0x11b/0x1d0 [ 282.706829][ T8644] ? __pfx_do_sys_openat2+0x10/0x10 [ 282.706865][ T8644] __x64_sys_openat+0x174/0x210 [ 282.706890][ T8644] ? __pfx___x64_sys_openat+0x10/0x10 [ 282.706916][ T8644] ? rcu_is_watching+0x12/0xc0 [ 282.706953][ T8644] do_syscall_64+0xcd/0x260 [ 282.706989][ T8644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.707012][ T8644] RIP: 0033:0x7f794858d169 [ 282.707031][ T8644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.707053][ T8644] RSP: 002b:00007f7949463038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 282.707074][ T8644] RAX: ffffffffffffffda RBX: 00007f79487a5fa0 RCX: 00007f794858d169 [ 282.707089][ T8644] RDX: 0000000000184b01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 282.707104][ T8644] RBP: 00007f794860e990 R08: 0000000000000000 R09: 0000000000000000 [ 282.707123][ T8644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 282.707136][ T8644] R13: 0000000000000000 R14: 00007f79487a5fa0 R15: 00007ffd8b386398 [ 282.707165][ T8644] [ 283.584709][ T8656] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1003'. [ 283.606509][ T8656] netlink: 504 bytes leftover after parsing attributes in process `syz.0.1003'. [ 283.794583][ T8658] netlink: 146 bytes leftover after parsing attributes in process `syz.2.1004'. [ 283.875064][ T8660] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 284.108660][ T8668] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1008'. [ 284.392609][ T8673] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1010'. [ 284.662153][ T8646] sp0: Synchronizing with TNC [ 284.748723][ T8679] FAULT_INJECTION: forcing a failure. [ 284.748723][ T8679] name failslab, interval 1, probability 0, space 0, times 0 [ 284.820139][ T8679] CPU: 1 UID: 0 PID: 8679 Comm: syz.1.1012 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 284.820172][ T8679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 284.820186][ T8679] Call Trace: [ 284.820193][ T8679] [ 284.820201][ T8679] dump_stack_lvl+0x16c/0x1f0 [ 284.820240][ T8679] should_fail_ex+0x512/0x640 [ 284.820265][ T8679] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 284.820299][ T8679] should_failslab+0xc2/0x120 [ 284.820320][ T8679] __kmalloc_cache_noprof+0x6a/0x3e0 [ 284.820350][ T8679] ? tomoyo_path_number_perm+0x18d/0x580 [ 284.820377][ T8679] ? loop_add+0xbd/0xb70 [ 284.820404][ T8679] loop_add+0xbd/0xb70 [ 284.820426][ T8679] ? do_vfs_ioctl+0x512/0x1990 [ 284.820453][ T8679] ? __pfx_loop_add+0x10/0x10 [ 284.820474][ T8679] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 284.820520][ T8679] ? find_held_lock+0x2b/0x80 [ 284.820553][ T8679] loop_control_ioctl+0x13c/0x630 [ 284.820578][ T8679] ? __pfx_loop_control_ioctl+0x10/0x10 [ 284.820607][ T8679] ? __pfx_loop_control_ioctl+0x10/0x10 [ 284.820634][ T8679] __x64_sys_ioctl+0x190/0x200 [ 284.820663][ T8679] do_syscall_64+0xcd/0x260 [ 284.820699][ T8679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.820722][ T8679] RIP: 0033:0x7f1b3278d169 [ 284.820741][ T8679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 284.820763][ T8679] RSP: 002b:00007f1b33569038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 284.820784][ T8679] RAX: ffffffffffffffda RBX: 00007f1b329a5fa0 RCX: 00007f1b3278d169 [ 284.820799][ T8679] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000005 [ 284.820813][ T8679] RBP: 00007f1b3280e990 R08: 0000000000000000 R09: 0000000000000000 [ 284.820826][ T8679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 284.820840][ T8679] R13: 0000000000000000 R14: 00007f1b329a5fa0 R15: 00007ffe14642d68 [ 284.820868][ T8679] [ 285.715379][ T8697] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1019'. [ 285.777514][ T8700] netlink: 'syz.4.1020': attribute type 4 has an invalid length. [ 285.817410][ T8700] netlink: 314 bytes leftover after parsing attributes in process `syz.4.1020'. [ 286.051510][ T8704] netlink: 222 bytes leftover after parsing attributes in process `syz.2.1022'. [ 286.112963][ T8704] netlink: 222 bytes leftover after parsing attributes in process `syz.2.1022'. [ 286.446957][ T8708] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1024'. [ 286.896751][ T8716] netlink: 'syz.2.1028': attribute type 27 has an invalid length. [ 287.640715][ T8737] FAULT_INJECTION: forcing a failure. [ 287.640715][ T8737] name failslab, interval 1, probability 0, space 0, times 0 [ 287.658184][ T8737] CPU: 1 UID: 0 PID: 8737 Comm: syz.1.1035 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 287.658217][ T8737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 287.658231][ T8737] Call Trace: [ 287.658238][ T8737] [ 287.658247][ T8737] dump_stack_lvl+0x16c/0x1f0 [ 287.658286][ T8737] should_fail_ex+0x512/0x640 [ 287.658312][ T8737] ? __kmalloc_noprof+0xbf/0x510 [ 287.658349][ T8737] ? net_alloc_generic+0x1e/0x70 [ 287.658380][ T8737] should_failslab+0xc2/0x120 [ 287.658401][ T8737] __kmalloc_noprof+0xd2/0x510 [ 287.658434][ T8737] ? inc_ucount+0x240/0x2f0 [ 287.658474][ T8737] net_alloc_generic+0x1e/0x70 [ 287.658506][ T8737] copy_net_ns+0xc6/0x5f0 [ 287.658538][ T8737] ? copy_cgroup_ns+0xa4/0x6f0 [ 287.658571][ T8737] create_new_namespaces+0x3ea/0xad0 [ 287.658610][ T8737] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 287.658646][ T8737] ksys_unshare+0x45b/0xa40 [ 287.658695][ T8737] ? __pfx_ksys_unshare+0x10/0x10 [ 287.658728][ T8737] ? xfd_validate_state+0x5d/0x180 [ 287.658762][ T8737] ? rcu_is_watching+0x12/0xc0 [ 287.658797][ T8737] __x64_sys_unshare+0x31/0x40 [ 287.658831][ T8737] do_syscall_64+0xcd/0x260 [ 287.658867][ T8737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.658890][ T8737] RIP: 0033:0x7f1b3278d169 [ 287.658908][ T8737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 287.658930][ T8737] RSP: 002b:00007f1b33569038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 287.658951][ T8737] RAX: ffffffffffffffda RBX: 00007f1b329a5fa0 RCX: 00007f1b3278d169 [ 287.658967][ T8737] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 287.658982][ T8737] RBP: 00007f1b3280e990 R08: 0000000000000000 R09: 0000000000000000 [ 287.658996][ T8737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.659010][ T8737] R13: 0000000000000000 R14: 00007f1b329a5fa0 R15: 00007ffe14642d68 [ 287.659042][ T8737] [ 288.518332][ T8748] bridge0: port 1(bridge_slave_0) entered disabled state [ 288.834502][ T8752] Invalid ELF header magic: != ELF [ 289.628256][ T8767] __nla_validate_parse: 2 callbacks suppressed [ 289.628276][ T8767] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1047'. [ 290.357685][ T8780] [U]  [ 290.360549][ T8780] [U] supported_krb5_enctypes [ 290.395796][ T8780] [U] [ 290.398530][ T8780] [U] [ 290.436848][ T8780] [U] [ 290.439640][ T8780] [U] [ 290.442353][ T8780] [U] [ 290.472992][ T8780] [U] [ 290.475748][ T8780] [U] [ 290.478480][ T8780] [U] [ 290.481222][ T8780] [U] [ 290.540402][ T8780] [U] [ 290.543250][ T8780] [U] [ 290.545985][ T8780] [U] [ 290.548713][ T8780] [U] [ 290.624042][ T8780] [U] [ 290.626802][ T8780] [U] [ 290.629520][ T8780] [U] [ 290.632227][ T8780] [U] [ 290.690225][ T8780] [U] [ 290.692963][ T8780] [U] [ 290.695678][ T8780] [U] [ 290.698386][ T8780] [U] [ 290.764630][ T8780] [U] [ 290.767382][ T8780] [U] [ 290.770090][ T8780] [U] [ 290.772801][ T8780] [U] [ 290.851278][ T8780] [U] [ 290.854049][ T8780] [U] [ 290.856774][ T8780] [U] [ 290.859489][ T8780] [U] [ 290.914517][ T8780] [U] [ 290.917284][ T8780] [U] [ 290.920012][ T8780] [U] [ 290.922721][ T8780] [U] [ 290.976027][ T8780] [U] [ 290.978820][ T8780] [U] [ 290.981538][ T8780] [U] [ 290.984250][ T8780] [U] [ 291.037232][ T8780] [U] [ 291.039984][ T8780] [U] [ 291.042691][ T8780] [U] [ 291.045401][ T8780] [U] [ 291.101520][ T8780] [U] [ 291.104288][ T8780] [U] [ 291.107024][ T8780] [U] [ 291.109754][ T8780] [U] [ 291.225936][ T8780] [U] [ 291.228697][ T8780] [U] [ 291.231411][ T8780] [U] [ 291.234123][ T8780] [U] [ 291.367163][ T8780] [U] [ 291.463726][ T8794] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1057'. [ 291.656617][ T8799] syz.1.1058 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 291.783982][ T8802] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1060'. [ 292.726797][ T8816] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1065'. [ 293.592988][ T8832] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1070'. [ 294.864925][ T8848] HfR: entered promiscuous mode [ 295.420337][ T8861] netlink: 146 bytes leftover after parsing attributes in process `syz.0.1082'. [ 295.832858][ T8868] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1086'. [ 295.901381][ T8868] : renamed from hsr_slave_0 (while UP) [ 296.102618][ T8873] nbd: socks must be embedded in a SOCK_ITEM attr [ 296.169628][ T8875] netlink: 110 bytes leftover after parsing attributes in process `syz.2.1087'. [ 296.192561][ T8873] block nbd0: shutting down sockets [ 296.558857][ T8882] netlink: 'syz.1.1090': attribute type 27 has an invalid length. [ 296.660728][ T8882] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1090'. [ 296.949254][ T8886] FAULT_INJECTION: forcing a failure. [ 296.949254][ T8886] name failslab, interval 1, probability 0, space 0, times 0 [ 296.999132][ T8886] CPU: 1 UID: 0 PID: 8886 Comm: syz.0.1093 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 296.999167][ T8886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 296.999181][ T8886] Call Trace: [ 296.999188][ T8886] [ 296.999197][ T8886] dump_stack_lvl+0x16c/0x1f0 [ 296.999235][ T8886] should_fail_ex+0x512/0x640 [ 296.999266][ T8886] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 296.999305][ T8886] should_failslab+0xc2/0x120 [ 296.999328][ T8886] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 296.999365][ T8886] ? __alloc_skb+0x2b2/0x380 [ 296.999397][ T8886] __alloc_skb+0x2b2/0x380 [ 296.999425][ T8886] ? __pfx___alloc_skb+0x10/0x10 [ 296.999454][ T8886] ? genl_rcv_msg+0x4bb/0x800 [ 296.999484][ T8886] netlink_ack+0x15d/0xb80 [ 296.999519][ T8886] ? __lock_acquire+0xaa4/0x1ba0 [ 296.999562][ T8886] netlink_rcv_skb+0x347/0x440 [ 296.999597][ T8886] ? __pfx_genl_rcv_msg+0x10/0x10 [ 296.999621][ T8886] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 296.999667][ T8886] ? rcu_preempt_deferred_qs_irqrestore+0x4f5/0xbc0 [ 296.999707][ T8886] ? __pfx_down_read+0x10/0x10 [ 296.999737][ T8886] genl_rcv+0x28/0x40 [ 296.999774][ T8886] netlink_unicast+0x53a/0x7f0 [ 296.999811][ T8886] ? __pfx_netlink_unicast+0x10/0x10 [ 296.999854][ T8886] netlink_sendmsg+0x8d1/0xdd0 [ 296.999892][ T8886] ? __pfx_netlink_sendmsg+0x10/0x10 [ 296.999937][ T8886] __sys_sendto+0x495/0x510 [ 296.999965][ T8886] ? __pfx___sys_sendto+0x10/0x10 [ 297.000009][ T8886] ? count_memcg_events_mm.constprop.0+0x138/0x340 [ 297.000051][ T8886] ? xfd_validate_state+0x5d/0x180 [ 297.000079][ T8886] __x64_sys_sendto+0xe0/0x1c0 [ 297.000106][ T8886] ? do_syscall_64+0x91/0x260 [ 297.000138][ T8886] ? lockdep_hardirqs_on+0x7c/0x110 [ 297.000170][ T8886] do_syscall_64+0xcd/0x260 [ 297.000205][ T8886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.000229][ T8886] RIP: 0033:0x7f650318effc [ 297.000247][ T8886] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 297.000269][ T8886] RSP: 002b:00007f6504047ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 297.000290][ T8886] RAX: ffffffffffffffda RBX: 00007f6504047fc0 RCX: 00007f650318effc [ 297.000306][ T8886] RDX: 000000000000001c RSI: 00007f6504048010 RDI: 0000000000000004 [ 297.000320][ T8886] RBP: 0000000000000000 R08: 00007f6504047f14 R09: 000000000000000c [ 297.000334][ T8886] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004 [ 297.000347][ T8886] R13: 00007f6504047f68 R14: 00007f6504048010 R15: 0000000000000000 [ 297.000377][ T8886] [ 298.506287][ T8907] netlink: 266 bytes leftover after parsing attributes in process `syz.0.1100'. [ 298.546135][ T8907] IPv6: NLM_F_CREATE should be specified when creating new route [ 298.883768][ T8910] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1101'. [ 298.914906][ T8912] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1102'. [ 298.962319][ T8910] netlink: 354 bytes leftover after parsing attributes in process `syz.4.1101'. [ 299.352837][ T8918] netlink: 146 bytes leftover after parsing attributes in process `syz.0.1105'. [ 299.777155][ T8924] FAULT_INJECTION: forcing a failure. [ 299.777155][ T8924] name failslab, interval 1, probability 0, space 0, times 0 [ 299.794038][ T8926] capability: warning: `syz.2.1108' uses 32-bit capabilities (legacy support in use) [ 299.864673][ T8926] netlink: 29 bytes leftover after parsing attributes in process `syz.2.1108'. [ 299.946789][ T8924] CPU: 1 UID: 0 PID: 8924 Comm: syz.1.1106 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 299.946823][ T8924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 299.946838][ T8924] Call Trace: [ 299.946845][ T8924] [ 299.946854][ T8924] dump_stack_lvl+0x16c/0x1f0 [ 299.946893][ T8924] should_fail_ex+0x512/0x640 [ 299.946922][ T8924] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 299.946957][ T8924] should_failslab+0xc2/0x120 [ 299.946978][ T8924] __kmalloc_cache_noprof+0x6a/0x3e0 [ 299.947007][ T8924] ? lockdep_hardirqs_on+0x7c/0x110 [ 299.947039][ T8924] ? alloc_fs_context+0x57/0x9c0 [ 299.947079][ T8924] alloc_fs_context+0x57/0x9c0 [ 299.947119][ T8924] __x64_sys_fsopen+0xeb/0x240 [ 299.947145][ T8924] do_syscall_64+0xcd/0x260 [ 299.947183][ T8924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.947208][ T8924] RIP: 0033:0x7f1b3278d169 [ 299.947227][ T8924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 299.947252][ T8924] RSP: 002b:00007f1b33569038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 299.947275][ T8924] RAX: ffffffffffffffda RBX: 00007f1b329a5fa0 RCX: 00007f1b3278d169 [ 299.947291][ T8924] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 299.947304][ T8924] RBP: 00007f1b3280e990 R08: 0000000000000000 R09: 0000000000000000 [ 299.947320][ T8924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 299.947333][ T8924] R13: 0000000000000000 R14: 00007f1b329a5fa0 R15: 00007ffe14642d68 [ 299.947362][ T8924] [ 302.670259][ T8972] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1127'. [ 303.014194][ T8975] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1130'. [ 303.067322][ T8975] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1130'. [ 303.352905][ T8980] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1131'. [ 303.721610][ T8991] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1136'. [ 304.618343][ T9004] mkiss: ax0: crc mode is auto. [ 305.203385][ T9016] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1144'. [ 306.576277][ T9041] netlink: 146 bytes leftover after parsing attributes in process `syz.2.1148'. [ 308.872065][ T9070] type: 4278190080 invalid [ 309.202182][ T9077] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1157'. [ 312.339230][ T9116] FAULT_INJECTION: forcing a failure. [ 312.339230][ T9116] name failslab, interval 1, probability 0, space 0, times 0 [ 312.411569][ T9116] CPU: 1 UID: 0 PID: 9116 Comm: syz.4.1171 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 312.411613][ T9116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 312.411626][ T9116] Call Trace: [ 312.411633][ T9116] [ 312.411641][ T9116] dump_stack_lvl+0x16c/0x1f0 [ 312.411680][ T9116] should_fail_ex+0x512/0x640 [ 312.411707][ T9116] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 312.411749][ T9116] should_failslab+0xc2/0x120 [ 312.411771][ T9116] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 312.411811][ T9116] ? vfs_parse_fs_string+0xc3/0x150 [ 312.411852][ T9116] kmemdup_nul+0x49/0xf0 [ 312.411875][ T9116] vfs_parse_fs_string+0xc3/0x150 [ 312.411919][ T9116] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 312.411955][ T9116] ? kasan_save_track+0x14/0x30 [ 312.411992][ T9116] ? tracefs_init_fs_context+0xc8/0x110 [ 312.412024][ T9116] ? __pfx_tracefs_init_fs_context+0x10/0x10 [ 312.412054][ T9116] ? alloc_fs_context+0x59b/0x9c0 [ 312.412094][ T9116] vfs_kern_mount.part.0+0x6d/0x170 [ 312.412125][ T9116] vfs_submount+0xb6/0xd0 [ 312.412154][ T9116] trace_automount+0x3b/0x90 [ 312.412185][ T9116] __traverse_mounts+0x192/0x790 [ 312.412214][ T9116] step_into+0x5aa/0x2270 [ 312.412250][ T9116] ? __pfx_step_into+0x10/0x10 [ 312.412278][ T9116] ? __d_lookup+0x266/0x4a0 [ 312.412309][ T9116] ? lookup_fast+0x156/0x610 [ 312.412342][ T9116] walk_component+0xfc/0x5b0 [ 312.412374][ T9116] link_path_walk.part.0.constprop.0+0x682/0xd60 [ 312.412418][ T9116] path_openat+0x227/0x2d40 [ 312.412449][ T9116] ? __x64_sys_openat+0x174/0x210 [ 312.412485][ T9116] ? __pfx_path_openat+0x10/0x10 [ 312.412526][ T9116] do_filp_open+0x20b/0x470 [ 312.412560][ T9116] ? __pfx_do_filp_open+0x10/0x10 [ 312.412615][ T9116] ? alloc_fd+0x471/0x7d0 [ 312.412658][ T9116] do_sys_openat2+0x11b/0x1d0 [ 312.412682][ T9116] ? __pfx_do_sys_openat2+0x10/0x10 [ 312.412717][ T9116] __x64_sys_openat+0x174/0x210 [ 312.412742][ T9116] ? __pfx___x64_sys_openat+0x10/0x10 [ 312.412768][ T9116] ? rcu_is_watching+0x12/0xc0 [ 312.412806][ T9116] do_syscall_64+0xcd/0x260 [ 312.412841][ T9116] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 312.412864][ T9116] RIP: 0033:0x7f10b358d169 [ 312.412883][ T9116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 312.412911][ T9116] RSP: 002b:00007f10b4316038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 312.412933][ T9116] RAX: ffffffffffffffda RBX: 00007f10b37a5fa0 RCX: 00007f10b358d169 [ 312.412948][ T9116] RDX: 0000000000022500 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 312.412963][ T9116] RBP: 00007f10b360e990 R08: 0000000000000000 R09: 0000000000000000 [ 312.412977][ T9116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 312.412991][ T9116] R13: 0000000000000000 R14: 00007f10b37a5fa0 R15: 00007ffd4ae82ca8 [ 312.413020][ T9116] [ 313.307918][ T9121] netlink: 'syz.2.1173': attribute type 4 has an invalid length. [ 313.318520][ T9120] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1172'. [ 313.381592][ T9121] netlink: 314 bytes leftover after parsing attributes in process `syz.2.1173'. [ 313.397741][ T9120] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1172'. [ 313.488373][ T9124] netlink: 210 bytes leftover after parsing attributes in process `syz.0.1172'. [ 315.225548][ T9146] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1183'. [ 315.656472][ T9150] FAULT_INJECTION: forcing a failure. [ 315.656472][ T9150] name failslab, interval 1, probability 0, space 0, times 0 [ 315.740465][ T9150] CPU: 1 UID: 0 PID: 9150 Comm: syz.1.1185 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 315.740501][ T9150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 315.740514][ T9150] Call Trace: [ 315.740522][ T9150] [ 315.740530][ T9150] dump_stack_lvl+0x16c/0x1f0 [ 315.740569][ T9150] should_fail_ex+0x512/0x640 [ 315.740595][ T9150] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 315.740635][ T9150] should_failslab+0xc2/0x120 [ 315.740657][ T9150] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 315.740694][ T9150] ? proc_alloc_inode+0x25/0x200 [ 315.740719][ T9150] ? __pfx_proc_alloc_inode+0x10/0x10 [ 315.740738][ T9150] proc_alloc_inode+0x25/0x200 [ 315.740758][ T9150] alloc_inode+0x61/0x240 [ 315.740784][ T9150] new_inode+0x22/0x1c0 [ 315.740812][ T9150] proc_pid_make_inode+0x22/0x160 [ 315.740850][ T9150] proc_pid_make_base_inode.constprop.0+0x25/0x180 [ 315.740894][ T9150] proc_task_instantiate+0x51/0x1e0 [ 315.740919][ T9150] proc_task_lookup+0x51c/0x620 [ 315.740942][ T9150] __lookup_slow+0x24e/0x460 [ 315.740970][ T9150] ? __pfx___lookup_slow+0x10/0x10 [ 315.741014][ T9150] ? lookup_fast+0x156/0x610 [ 315.741048][ T9150] walk_component+0x353/0x5b0 [ 315.741080][ T9150] link_path_walk.part.0.constprop.0+0x682/0xd60 [ 315.741124][ T9150] path_openat+0x227/0x2d40 [ 315.741156][ T9150] ? __x64_sys_openat+0x174/0x210 [ 315.741192][ T9150] ? __pfx_path_openat+0x10/0x10 [ 315.741234][ T9150] do_filp_open+0x20b/0x470 [ 315.741268][ T9150] ? __pfx_do_filp_open+0x10/0x10 [ 315.741313][ T9150] ? __pfx_kfree_link+0x10/0x10 [ 315.741355][ T9150] ? alloc_fd+0x471/0x7d0 [ 315.741401][ T9150] do_sys_openat2+0x11b/0x1d0 [ 315.741425][ T9150] ? __pfx_do_sys_openat2+0x10/0x10 [ 315.741461][ T9150] __x64_sys_openat+0x174/0x210 [ 315.741486][ T9150] ? __pfx___x64_sys_openat+0x10/0x10 [ 315.741514][ T9150] ? rcu_is_watching+0x12/0xc0 [ 315.741551][ T9150] do_syscall_64+0xcd/0x260 [ 315.741587][ T9150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.741611][ T9150] RIP: 0033:0x7f1b3278bad0 [ 315.741629][ T9150] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 315.741652][ T9150] RSP: 002b:00007f1b33568f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 315.741673][ T9150] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f1b3278bad0 [ 315.741688][ T9150] RDX: 0000000000000002 RSI: 00007f1b33568fa0 RDI: 00000000ffffff9c [ 315.741702][ T9150] RBP: 00007f1b33568fa0 R08: 0000000000000000 R09: 00007f1b33568cd5 [ 315.741716][ T9150] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 315.741730][ T9150] R13: 0000000000000000 R14: 00007f1b329a5fa0 R15: 00007ffe14642d68 [ 315.741758][ T9150] [ 316.922197][ T9164] FAULT_INJECTION: forcing a failure. [ 316.922197][ T9164] name failslab, interval 1, probability 0, space 0, times 0 [ 316.995365][ T9164] CPU: 1 UID: 0 PID: 9164 Comm: syz.1.1189 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 316.995400][ T9164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 316.995414][ T9164] Call Trace: [ 316.995421][ T9164] [ 316.995430][ T9164] dump_stack_lvl+0x16c/0x1f0 [ 316.995468][ T9164] should_fail_ex+0x512/0x640 [ 316.995495][ T9164] ? __kmalloc_noprof+0xbf/0x510 [ 316.995531][ T9164] ? lsm_blob_alloc+0x68/0x90 [ 316.995565][ T9164] should_failslab+0xc2/0x120 [ 316.995586][ T9164] __kmalloc_noprof+0xd2/0x510 [ 316.995627][ T9164] lsm_blob_alloc+0x68/0x90 [ 316.995663][ T9164] security_sk_alloc+0x30/0x270 [ 316.995689][ T9164] sk_prot_alloc+0x1c7/0x2a0 [ 316.995728][ T9164] sk_alloc+0x36/0xc20 [ 316.995756][ T9164] pppol2tp_create+0x32/0x250 [ 316.995787][ T9164] pppox_create+0x159/0x2c0 [ 316.995823][ T9164] __sock_create+0x335/0x8d0 [ 316.995851][ T9164] __sys_socket+0x14d/0x260 [ 316.995874][ T9164] ? __pfx___sys_socket+0x10/0x10 [ 316.995899][ T9164] ? rcu_is_watching+0x12/0xc0 [ 316.995933][ T9164] __x64_sys_socket+0x72/0xb0 [ 316.995955][ T9164] ? lockdep_hardirqs_on+0x7c/0x110 [ 316.995987][ T9164] do_syscall_64+0xcd/0x260 [ 316.996023][ T9164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.996047][ T9164] RIP: 0033:0x7f1b3278d169 [ 316.996064][ T9164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 316.996088][ T9164] RSP: 002b:00007f1b33569038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 316.996110][ T9164] RAX: ffffffffffffffda RBX: 00007f1b329a5fa0 RCX: 00007f1b3278d169 [ 316.996125][ T9164] RDX: 0000000000000001 RSI: 000000000000000a RDI: 0000000000000018 [ 316.996138][ T9164] RBP: 00007f1b3280e990 R08: 0000000000000000 R09: 0000000000000000 [ 316.996152][ T9164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 316.996166][ T9164] R13: 0000000000000000 R14: 00007f1b329a5fa0 R15: 00007ffe14642d68 [ 316.996194][ T9164] [ 320.852682][ T9220] netlink: 322 bytes leftover after parsing attributes in process `syz.4.1203'. [ 321.035969][ T9220] bridge0: port 2(bridge_slave_1) entered disabled state [ 321.043657][ T9220] bridge0: port 1(bridge_slave_0) entered disabled state [ 321.941998][ T9237] netlink: 130 bytes leftover after parsing attributes in process `syz.4.1209'. [ 322.439989][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.451783][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.212262][ T9252] netlink: 'syz.4.1213': attribute type 16 has an invalid length. [ 323.289072][ T9252] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1213'. [ 323.378138][ T9252] veth1_macvtap: left promiscuous mode [ 324.775481][ T9279] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1223'. [ 324.833391][ T9279] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1223'. [ 327.899898][ T9321] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 327.906746][ T9321] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 329.186937][ T9338] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1243'. [ 329.279907][ T9338] unsupported nlmsg_type 40 [ 329.388656][ T9344] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1247'. [ 330.364434][ T9357] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1249'. [ 330.514910][ T9362] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1253'. [ 330.831240][ T9366] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1255'. syzkaller syzkaller login: [ 335.853874][ T9440] FAULT_INJECTION: forcing a failure. [ 335.853874][ T9440] name failslab, interval 1, probability 0, space 0, times 0 [ 335.999485][ T9440] CPU: 1 UID: 0 PID: 9440 Comm: syz.1.1284 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 335.999519][ T9440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 335.999533][ T9440] Call Trace: [ 335.999541][ T9440] [ 335.999549][ T9440] dump_stack_lvl+0x16c/0x1f0 [ 335.999587][ T9440] should_fail_ex+0x512/0x640 [ 335.999614][ T9440] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 335.999653][ T9440] should_failslab+0xc2/0x120 [ 335.999675][ T9440] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 335.999719][ T9440] ? do_kmem_cache_create+0x1b3/0x730 [ 335.999762][ T9440] do_kmem_cache_create+0x1b3/0x730 [ 335.999798][ T9440] ? __kmem_cache_create_args+0x205/0x390 [ 335.999838][ T9440] __kmem_cache_create_args+0x225/0x390 [ 335.999876][ T9440] mon_text_open+0x313/0x4f0 [ 335.999905][ T9440] ? __pfx_mon_text_open+0x10/0x10 [ 335.999931][ T9440] ? __debugfs_file_get+0x1fe/0x840 [ 335.999955][ T9440] ? __pfx_mon_text_ctor+0x10/0x10 [ 335.999982][ T9440] ? __pfx_apparmor_file_open+0x10/0x10 [ 336.000009][ T9440] ? lockdown_is_locked_down+0x3f/0x130 [ 336.000041][ T9440] ? bpf_lsm_locked_down+0x9/0x10 [ 336.000078][ T9440] ? __pfx_mon_text_open+0x10/0x10 [ 336.000103][ T9440] full_proxy_open_regular+0x1b6/0x360 [ 336.000133][ T9440] do_dentry_open+0x741/0x1c10 [ 336.000167][ T9440] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 336.000199][ T9440] vfs_open+0x82/0x3f0 [ 336.000227][ T9440] path_openat+0x1e5e/0x2d40 [ 336.000272][ T9440] ? __pfx_path_openat+0x10/0x10 [ 336.000313][ T9440] do_filp_open+0x20b/0x470 [ 336.000347][ T9440] ? __pfx_do_filp_open+0x10/0x10 [ 336.000402][ T9440] ? alloc_fd+0x471/0x7d0 [ 336.000471][ T9440] do_sys_openat2+0x11b/0x1d0 [ 336.000496][ T9440] ? __pfx_do_sys_openat2+0x10/0x10 [ 336.000537][ T9440] __x64_sys_openat+0x174/0x210 [ 336.000562][ T9440] ? __pfx___x64_sys_openat+0x10/0x10 [ 336.000589][ T9440] ? rcu_is_watching+0x12/0xc0 [ 336.000629][ T9440] do_syscall_64+0xcd/0x260 [ 336.000666][ T9440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.000694][ T9440] RIP: 0033:0x7f1b3278d169 [ 336.000712][ T9440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.000735][ T9440] RSP: 002b:00007f1b33548038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 336.000758][ T9440] RAX: ffffffffffffffda RBX: 00007f1b329a6080 RCX: 00007f1b3278d169 [ 336.000772][ T9440] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 336.000787][ T9440] RBP: 00007f1b3280e990 R08: 0000000000000000 R09: 0000000000000000 [ 336.000801][ T9440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 336.000815][ T9440] R13: 0000000000000000 R14: 00007f1b329a6080 R15: 00007ffe14642d68 [ 336.000845][ T9440] [ 336.008936][ T9440] __kmem_cache_create_args(mon_text_ffff88805f892c00) failed with error -22 [ 337.755218][ T9440] CPU: 1 UID: 0 PID: 9440 Comm: syz.1.1284 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 337.755252][ T9440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 337.755266][ T9440] Call Trace: [ 337.755273][ T9440] [ 337.755281][ T9440] dump_stack_lvl+0x16c/0x1f0 [ 337.755320][ T9440] __kmem_cache_create_args+0x125/0x390 [ 337.755360][ T9440] mon_text_open+0x313/0x4f0 [ 337.755390][ T9440] ? __pfx_mon_text_open+0x10/0x10 [ 337.755416][ T9440] ? __debugfs_file_get+0x1fe/0x840 [ 337.755441][ T9440] ? __pfx_mon_text_ctor+0x10/0x10 [ 337.755468][ T9440] ? __pfx_apparmor_file_open+0x10/0x10 [ 337.755496][ T9440] ? lockdown_is_locked_down+0x3f/0x130 [ 337.755529][ T9440] ? bpf_lsm_locked_down+0x9/0x10 [ 337.755567][ T9440] ? __pfx_mon_text_open+0x10/0x10 [ 337.755593][ T9440] full_proxy_open_regular+0x1b6/0x360 [ 337.755622][ T9440] do_dentry_open+0x741/0x1c10 [ 337.755663][ T9440] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 337.755697][ T9440] vfs_open+0x82/0x3f0 [ 337.755724][ T9440] path_openat+0x1e5e/0x2d40 [ 337.755769][ T9440] ? __pfx_path_openat+0x10/0x10 [ 337.755811][ T9440] do_filp_open+0x20b/0x470 [ 337.755845][ T9440] ? __pfx_do_filp_open+0x10/0x10 [ 337.755901][ T9440] ? alloc_fd+0x471/0x7d0 [ 337.755943][ T9440] do_sys_openat2+0x11b/0x1d0 [ 337.755966][ T9440] ? __pfx_do_sys_openat2+0x10/0x10 [ 337.756002][ T9440] __x64_sys_openat+0x174/0x210 [ 337.756027][ T9440] ? __pfx___x64_sys_openat+0x10/0x10 [ 337.756054][ T9440] ? rcu_is_watching+0x12/0xc0 [ 337.756091][ T9440] do_syscall_64+0xcd/0x260 [ 337.756129][ T9440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 337.756152][ T9440] RIP: 0033:0x7f1b3278d169 [ 337.756170][ T9440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 337.756196][ T9440] RSP: 002b:00007f1b33548038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 337.756217][ T9440] RAX: ffffffffffffffda RBX: 00007f1b329a6080 RCX: 00007f1b3278d169 [ 337.756232][ T9440] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 337.756247][ T9440] RBP: 00007f1b3280e990 R08: 0000000000000000 R09: 0000000000000000 [ 337.756261][ T9440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 337.756274][ T9440] R13: 0000000000000000 R14: 00007f1b329a6080 R15: 00007ffe14642d68 [ 337.756303][ T9440] [ 340.053746][ T9470] ima: policy update failed [ 340.061158][ T30] audit: type=1802 audit(1744417960.195:4): pid=9470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1294" res=0 errno=0 [ 341.202291][ T9479] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1297'. [ 341.428396][ T9482] FAULT_INJECTION: forcing a failure. [ 341.428396][ T9482] name failslab, interval 1, probability 0, space 0, times 0 [ 341.583750][ T9482] CPU: 1 UID: 0 PID: 9482 Comm: syz.2.1299 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 341.583784][ T9482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 341.583798][ T9482] Call Trace: [ 341.583806][ T9482] [ 341.583815][ T9482] dump_stack_lvl+0x16c/0x1f0 [ 341.583854][ T9482] should_fail_ex+0x512/0x640 [ 341.583881][ T9482] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 341.583923][ T9482] should_failslab+0xc2/0x120 [ 341.583945][ T9482] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 341.583984][ T9482] ? kstrdup_const+0x63/0x80 [ 341.584011][ T9482] kstrdup+0x53/0x100 [ 341.584033][ T9482] kstrdup_const+0x63/0x80 [ 341.584055][ T9482] __kernfs_new_node+0x9b/0x8a0 [ 341.584092][ T9482] ? do_syscall_64+0xcd/0x260 [ 341.584125][ T9482] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.584150][ T9482] ? __pfx___kernfs_new_node+0x10/0x10 [ 341.584194][ T9482] ? find_held_lock+0x2b/0x80 [ 341.584224][ T9482] ? kernfs_root+0xee/0x2a0 [ 341.584266][ T9482] kernfs_new_node+0x13c/0x1e0 [ 341.584296][ T9482] kernfs_create_dir_ns+0x4c/0x1a0 [ 341.584333][ T9482] sysfs_create_dir_ns+0x13a/0x2b0 [ 341.584369][ T9482] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 341.584402][ T9482] ? find_held_lock+0x2b/0x80 [ 341.584435][ T9482] ? do_raw_spin_unlock+0x172/0x230 [ 341.584464][ T9482] kobject_add_internal+0x2c4/0x9b0 [ 341.584506][ T9482] kobject_init_and_add+0x11b/0x190 [ 341.584529][ T9482] ? __pfx_kobject_init_and_add+0x10/0x10 [ 341.584558][ T9482] ? up_write+0x1b2/0x520 [ 341.584589][ T9482] sysfs_slab_add+0x18e/0x1e0 [ 341.584622][ T9482] do_kmem_cache_create+0x530/0x730 [ 341.584658][ T9482] ? __kmem_cache_create_args+0x205/0x390 [ 341.584697][ T9482] __kmem_cache_create_args+0x225/0x390 [ 341.584735][ T9482] mon_text_open+0x313/0x4f0 [ 341.584764][ T9482] ? __pfx_mon_text_open+0x10/0x10 [ 341.584793][ T9482] ? __debugfs_file_get+0x1fe/0x840 [ 341.584819][ T9482] ? __pfx_mon_text_ctor+0x10/0x10 [ 341.584846][ T9482] ? __pfx_apparmor_file_open+0x10/0x10 [ 341.584874][ T9482] ? lockdown_is_locked_down+0x3f/0x130 [ 341.584906][ T9482] ? bpf_lsm_locked_down+0x9/0x10 [ 341.584943][ T9482] ? __pfx_mon_text_open+0x10/0x10 [ 341.584968][ T9482] full_proxy_open_regular+0x1b6/0x360 [ 341.584999][ T9482] do_dentry_open+0x741/0x1c10 [ 341.585032][ T9482] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 341.585065][ T9482] vfs_open+0x82/0x3f0 [ 341.585092][ T9482] path_openat+0x1e5e/0x2d40 [ 341.585138][ T9482] ? __pfx_path_openat+0x10/0x10 [ 341.585180][ T9482] do_filp_open+0x20b/0x470 [ 341.585214][ T9482] ? __pfx_do_filp_open+0x10/0x10 [ 341.585269][ T9482] ? alloc_fd+0x471/0x7d0 [ 341.585315][ T9482] do_sys_openat2+0x11b/0x1d0 [ 341.585339][ T9482] ? __pfx_do_sys_openat2+0x10/0x10 [ 341.585375][ T9482] __x64_sys_openat+0x174/0x210 [ 341.585400][ T9482] ? __pfx___x64_sys_openat+0x10/0x10 [ 341.585432][ T9482] ? rcu_is_watching+0x12/0xc0 [ 341.585473][ T9482] do_syscall_64+0xcd/0x260 [ 341.585512][ T9482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.585535][ T9482] RIP: 0033:0x7f794858d169 [ 341.585554][ T9482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 341.585577][ T9482] RSP: 002b:00007f7949442038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 341.585599][ T9482] RAX: ffffffffffffffda RBX: 00007f79487a6080 RCX: 00007f794858d169 [ 341.585614][ T9482] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 341.585629][ T9482] RBP: 00007f794860e990 R08: 0000000000000000 R09: 0000000000000000 [ 341.585643][ T9482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 341.585657][ T9482] R13: 0000000000000000 R14: 00007f79487a6080 R15: 00007ffd8b386398 [ 341.585689][ T9482] [ 342.372826][ T9482] kobject: kobject_add_internal failed for mon_text_ffff88807c3ce000 (error: -12 parent: slab) [ 342.433858][ T9484] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1300'. [ 342.482640][ T9482] SLUB: Unable to add cache mon_text_ffff88807c3ce000 to sysfs [ 343.475626][ T9493] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1303'. [ 343.532407][ T9495] mkiss: ax0: crc mode is auto. [ 343.569140][ T9493] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.576769][ T9493] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.643783][ T9508] serio: Serial port ptm0 [ 344.981401][ T9514] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1312'. [ 345.579284][ T9516] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1313'. [ 346.208393][ T9524] netlink: 'syz.4.1317': attribute type 4 has an invalid length. [ 346.301375][ T9524] netlink: 314 bytes leftover after parsing attributes in process `syz.4.1317'. [ 346.403192][ T9528] netlink: 'syz.4.1317': attribute type 4 has an invalid length. [ 346.514799][ T9528] netlink: 314 bytes leftover after parsing attributes in process `syz.4.1317'. [ 346.647928][ T5851] Bluetooth: hci3: unexpected event 0x03 length: 18 > 11 [ 347.639027][ T9543] mkiss: ax0: crc mode is auto. [ 347.980017][ T9539] sp0: Synchronizing with TNC [ 348.553011][ T9552] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1327'. [ 348.877485][ T9556] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1328'. [ 348.939162][ T9556] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1328'. [ 349.240444][ T9558] netlink: 130 bytes leftover after parsing attributes in process `syz.4.1329'. [ 350.742693][ T9581] netlink: 'syz.1.1337': attribute type 16 has an invalid length. [ 350.823452][ T9581] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1337'. [ 350.996871][ T9581] veth1_macvtap: left promiscuous mode [ 351.918087][ T5152] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 351.928109][ T5152] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 351.946681][ T5152] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 351.954824][ T5152] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 351.962906][ T5152] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 352.620727][ T9611] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1344'. [ 353.123775][ T9600] chnl_net:caif_netlink_parms(): no params data found [ 354.057870][ T5851] Bluetooth: hci2: command tx timeout [ 354.445765][ T9600] bridge0: port 1(bridge_slave_0) entered blocking state [ 354.482160][ T9600] bridge0: port 1(bridge_slave_0) entered disabled state [ 354.547264][ T9600] bridge_slave_0: entered allmulticast mode [ 354.618872][ T9600] bridge_slave_0: entered promiscuous mode [ 354.644226][ T9600] bridge0: port 2(bridge_slave_1) entered blocking state [ 354.714041][ T9600] bridge0: port 2(bridge_slave_1) entered disabled state [ 354.766784][ T9600] bridge_slave_1: entered allmulticast mode [ 354.810253][ T9600] bridge_slave_1: entered promiscuous mode [ 355.254687][ T9600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 355.330385][ T9600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 355.910375][ T9600] team0: Port device team_slave_0 added [ 355.918844][ T9600] team0: Port device team_slave_1 added [ 356.137303][ T5851] Bluetooth: hci2: command tx timeout [ 356.311621][ T9600] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 356.318609][ T9600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 356.570042][ T9600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 356.651638][ T9600] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 356.658631][ T9600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 356.867087][ T9600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 356.950085][ T9672] input: f as /devices/virtual/input/input8 [ 357.264938][ T9600] hsr_slave_0: entered promiscuous mode [ 357.308395][ T9600] hsr_slave_1: entered promiscuous mode [ 357.346050][ T9600] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 357.404271][ T9600] Cannot create hsr debugfs directory [ 357.895143][ T9683] mmap: syz.1.1359 (9683) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 357.974620][ T9681] FAULT_INJECTION: forcing a failure. [ 357.974620][ T9681] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 358.093030][ T9681] CPU: 1 UID: 0 PID: 9681 Comm: syz.2.1358 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 358.093065][ T9681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 358.093079][ T9681] Call Trace: [ 358.093087][ T9681] [ 358.093095][ T9681] dump_stack_lvl+0x16c/0x1f0 [ 358.093142][ T9681] should_fail_ex+0x512/0x640 [ 358.093172][ T9681] _copy_from_user+0x2e/0xd0 [ 358.093203][ T9681] snd_rawmidi_kernel_write1+0x50a/0x8a0 [ 358.093240][ T9681] snd_rawmidi_write+0x26e/0xc10 [ 358.093272][ T9681] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 358.093299][ T9681] ? __pfx_default_wake_function+0x10/0x10 [ 358.093333][ T9681] ? bpf_lsm_file_permission+0x9/0x10 [ 358.093362][ T9681] ? security_file_permission+0x71/0x210 [ 358.093394][ T9681] ? rw_verify_area+0xcf/0x680 [ 358.093425][ T9681] vfs_write+0x25c/0x1180 [ 358.093455][ T9681] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 358.093486][ T9681] ? __pfx_vfs_write+0x10/0x10 [ 358.093515][ T9681] ? find_held_lock+0x2b/0x80 [ 358.093545][ T9681] ? __fget_files+0x204/0x3c0 [ 358.093582][ T9681] ? __fget_files+0x20e/0x3c0 [ 358.093623][ T9681] ksys_write+0x205/0x240 [ 358.093654][ T9681] ? __pfx_ksys_write+0x10/0x10 [ 358.093684][ T9681] ? rcu_is_watching+0x12/0xc0 [ 358.093720][ T9681] do_syscall_64+0xcd/0x260 [ 358.093757][ T9681] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.093781][ T9681] RIP: 0033:0x7f794858d169 [ 358.093798][ T9681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 358.093821][ T9681] RSP: 002b:00007f7949463038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 358.093842][ T9681] RAX: ffffffffffffffda RBX: 00007f79487a5fa0 RCX: 00007f794858d169 [ 358.093864][ T9681] RDX: 000000100000a3d9 RSI: 0000200000000400 RDI: 0000000000000005 [ 358.093879][ T9681] RBP: 00007f794860e990 R08: 0000000000000000 R09: 0000000000000000 [ 358.093893][ T9681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 358.093907][ T9681] R13: 0000000000000000 R14: 00007f79487a5fa0 R15: 00007ffd8b386398 [ 358.093937][ T9681] [ 358.700766][ T5851] Bluetooth: hci2: command tx timeout [ 359.319625][ T9687] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1360'. [ 359.433915][ T9689] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1360'. [ 359.847151][ T9600] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 360.067042][ T9600] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 360.160988][ T9600] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 360.231074][ T9600] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 360.759706][ T9708] FAULT_INJECTION: forcing a failure. [ 360.759706][ T9708] name failslab, interval 1, probability 0, space 0, times 0 [ 360.781591][ T5851] Bluetooth: hci2: command tx timeout [ 360.862767][ T9708] CPU: 1 UID: 0 PID: 9708 Comm: syz.4.1368 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 360.862801][ T9708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 360.862814][ T9708] Call Trace: [ 360.862822][ T9708] [ 360.862831][ T9708] dump_stack_lvl+0x16c/0x1f0 [ 360.862868][ T9708] should_fail_ex+0x512/0x640 [ 360.862893][ T9708] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 360.862930][ T9708] should_failslab+0xc2/0x120 [ 360.862951][ T9708] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 360.862986][ T9708] ? __kernfs_new_node+0xd2/0x8a0 [ 360.863025][ T9708] __kernfs_new_node+0xd2/0x8a0 [ 360.863063][ T9708] ? __pfx___kernfs_new_node+0x10/0x10 [ 360.863104][ T9708] ? find_held_lock+0x2b/0x80 [ 360.863134][ T9708] ? kernfs_root+0xee/0x2a0 [ 360.863174][ T9708] kernfs_new_node+0x13c/0x1e0 [ 360.863201][ T9708] __kernfs_create_file+0x53/0x350 [ 360.863233][ T9708] sysfs_add_file_mode_ns+0x207/0x3c0 [ 360.863273][ T9708] internal_create_group+0x578/0xf30 [ 360.863316][ T9708] ? __pfx_internal_create_group+0x10/0x10 [ 360.863357][ T9708] ? kernfs_create_link+0x1bd/0x240 [ 360.863391][ T9708] internal_create_groups+0x9d/0x150 [ 360.863429][ T9708] device_add+0x731/0x1a70 [ 360.863454][ T9708] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 360.863484][ T9708] ? __pfx_device_add+0x10/0x10 [ 360.863509][ T9708] ? sprintf+0xcc/0x100 [ 360.863539][ T9708] ? __pfx_sprintf+0x10/0x10 [ 360.863573][ T9708] add_disk_fwnode+0x468/0x13a0 [ 360.863605][ T9708] loop_add+0x909/0xb70 [ 360.863628][ T9708] ? do_vfs_ioctl+0x512/0x1990 [ 360.863654][ T9708] ? __pfx_loop_add+0x10/0x10 [ 360.863706][ T9708] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 360.863753][ T9708] ? find_held_lock+0x2b/0x80 [ 360.863785][ T9708] loop_control_ioctl+0x13c/0x630 [ 360.863811][ T9708] ? __pfx_loop_control_ioctl+0x10/0x10 [ 360.863841][ T9708] ? __pfx_loop_control_ioctl+0x10/0x10 [ 360.863868][ T9708] __x64_sys_ioctl+0x190/0x200 [ 360.863897][ T9708] do_syscall_64+0xcd/0x260 [ 360.863933][ T9708] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.863957][ T9708] RIP: 0033:0x7f10b358d169 [ 360.863974][ T9708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 360.863997][ T9708] RSP: 002b:00007f10b4316038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 360.864018][ T9708] RAX: ffffffffffffffda RBX: 00007f10b37a5fa0 RCX: 00007f10b358d169 [ 360.864034][ T9708] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 360.864048][ T9708] RBP: 00007f10b360e990 R08: 0000000000000000 R09: 0000000000000000 [ 360.864062][ T9708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 360.864076][ T9708] R13: 0000000000000000 R14: 00007f10b37a5fa0 R15: 00007ffd4ae82ca8 [ 360.864104][ T9708] [ 361.435304][ T9600] 8021q: adding VLAN 0 to HW filter on device bond0 [ 361.652643][ T9600] 8021q: adding VLAN 0 to HW filter on device team0 [ 361.709523][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 361.716818][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 362.009484][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 362.016685][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 362.039277][ T9717] netlink: 'syz.1.1371': attribute type 33 has an invalid length. [ 362.109268][ T9717] netlink: 322 bytes leftover after parsing attributes in process `syz.1.1371'. [ 362.245603][ T9719] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1372'. [ 363.336959][ T9600] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 364.758821][ T9600] veth0_vlan: entered promiscuous mode [ 364.865667][ T9600] veth1_vlan: entered promiscuous mode [ 365.080805][ T9600] veth0_macvtap: entered promiscuous mode [ 365.169325][ T9600] veth1_macvtap: entered promiscuous mode [ 365.309071][ T9600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.373500][ T9600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.457972][ T9600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.536146][ T9600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.593973][ T9600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.674158][ T9600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.703190][ T9786] ======================================================= [ 365.703190][ T9786] WARNING: The mand mount option has been deprecated and [ 365.703190][ T9786] and is ignored by this kernel. Remove the mand [ 365.703190][ T9786] option from the mount to silence this warning. [ 365.703190][ T9786] ======================================================= [ 365.784449][ T9600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 365.844090][ T9600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 365.915637][ T9600] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 366.006940][ T9600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 366.094460][ T9600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 366.164439][ T9600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 366.241103][ T9600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 366.314506][ T9600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 366.384610][ T9600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 366.464847][ T9600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 366.554775][ T9600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 366.608705][ T9600] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 366.677888][ T9600] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 366.743151][ T9600] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 366.881409][ T9803] netlink: 'syz.1.1390': attribute type 4 has an invalid length. [ 366.891463][ T9803] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1390'. [ 366.971500][ T9803] IPv6: NLM_F_CREATE should be specified when creating new route [ 367.139064][ T9600] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 367.215413][ T9600] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 367.215482][ T9600] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 367.215514][ T9600] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 367.753223][ T994] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 367.816455][ T994] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 367.909127][ T5851] Bluetooth: hci0: unexpected event 0x07 length: 440 > 255 [ 367.909761][ T9816] ima: policy update failed [ 367.990442][ T994] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 368.040038][ T30] audit: type=1802 audit(1744417988.151:5): pid=9816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1394" res=0 errno=0 [ 368.068791][ T994] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 368.366933][ T9825] netlink: 'syz.1.1397': attribute type 11 has an invalid length. [ 368.410413][ T9825] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1397'. [ 368.493877][ T9827] netlink: 'syz.1.1397': attribute type 11 has an invalid length. [ 368.627690][ T9827] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1397'. [ 369.389623][ T9844] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1402'. [ 369.456570][ T9844] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 369.574177][ T9844] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 370.115107][ T9852] netlink: 504 bytes leftover after parsing attributes in process `syz.5.1406'. [ 370.182081][ T9853] netlink: 504 bytes leftover after parsing attributes in process `syz.5.1406'. [ 370.464056][ T9855] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1415'. [ 370.528200][ T9855] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1415'. [ 370.892803][ T9864] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 370.930389][ T9864] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 371.985460][ T9885] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1418'. [ 373.944292][ T9916] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input9 [ 374.628205][ T9920] ------------[ cut here ]------------ [ 374.634210][ T9920] refcount_t: saturated; leaking memory. [ 374.720080][ T9920] WARNING: CPU: 1 PID: 9920 at lib/refcount.c:22 refcount_warn_saturate+0xd4/0x210 [ 374.730492][ T9920] Modules linked in: [ 374.734648][ T9920] CPU: 1 UID: 0 PID: 9920 Comm: syz.5.1429 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 374.748374][ T9920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 374.759294][ T9920] RIP: 0010:refcount_warn_saturate+0xd4/0x210 [ 374.765395][ T9920] Code: 7d a1 0b 31 ff 89 de e8 4a e5 ed fc 84 db 75 dc e8 61 ea ed fc c6 05 2f 7d a1 0b 01 90 48 c7 c7 40 fa f3 8b e8 ed 7b ad fc 90 <0f> 0b 90 90 eb bc e8 41 ea ed fc 0f b6 1d 10 7d a1 0b 31 ff 89 de [ 374.785751][ T9920] RSP: 0018:ffffc90002ee7908 EFLAGS: 00010282 [ 374.792028][ T9920] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc9000cd2b000 [ 374.800077][ T9920] RDX: 0000000000080000 RSI: ffffffff817ad005 RDI: 0000000000000001 [ 374.808150][ T9920] RBP: ffff88802a664210 R08: 0000000000000001 R09: 0000000000000000 [ 374.816268][ T9920] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888033636a80 [ 374.824319][ T9920] R13: ffffffff9afc7fa0 R14: ffff88802a2f28b0 R15: ffff88802a664210 [ 374.833247][ T9920] FS: 00007f9f6790e6c0(0000) GS:ffff888124ab9000(0000) knlGS:0000000000000000 [ 374.843115][ T9920] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 374.850676][ T9920] CR2: 0000001b32715ff8 CR3: 0000000039f06000 CR4: 00000000003526f0 [ 374.859361][ T9920] Call Trace: [ 374.862751][ T9920] [ 374.865715][ T9920] dvb_device_open+0x2ed/0x3b0 [ 374.870650][ T9920] ? __pfx_dvb_device_open+0x10/0x10 [ 374.875982][ T9920] chrdev_open+0x231/0x6a0 [ 374.880526][ T9920] ? __pfx_apparmor_file_open+0x10/0x10 [ 374.886206][ T9920] ? __pfx_chrdev_open+0x10/0x10 [ 374.891227][ T9920] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 374.898043][ T9920] do_dentry_open+0x741/0x1c10 [ 374.902902][ T9920] ? __pfx_chrdev_open+0x10/0x10 [ 374.907895][ T9920] vfs_open+0x82/0x3f0 [ 374.912039][ T9920] path_openat+0x1e5e/0x2d40 [ 374.916665][ T9920] ? __pfx_path_openat+0x10/0x10 [ 374.921676][ T9920] do_filp_open+0x20b/0x470 [ 374.926214][ T9920] ? __pfx_do_filp_open+0x10/0x10 [ 374.932212][ T9920] ? alloc_fd+0x471/0x7d0 [ 374.936580][ T9920] do_sys_openat2+0x11b/0x1d0 [ 374.943497][ T9920] ? __pfx_do_sys_openat2+0x10/0x10 [ 374.949581][ T9920] ? __pfx___might_resched+0x10/0x10 [ 374.955781][ T9920] __x64_sys_openat+0x174/0x210 [ 374.961516][ T9920] ? __pfx___x64_sys_openat+0x10/0x10 [ 374.966927][ T9920] ? rcu_is_watching+0x12/0xc0 [ 374.971760][ T9920] do_syscall_64+0xcd/0x260 [ 374.976387][ T9920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 374.982368][ T9920] RIP: 0033:0x7f9f66b8d169 [ 374.986799][ T9920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 375.006671][ T9920] RSP: 002b:00007f9f6790e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 375.015187][ T9920] RAX: ffffffffffffffda RBX: 00007f9f66da5fa0 RCX: 00007f9f66b8d169 [ 375.023339][ T9920] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 375.032228][ T9920] RBP: 00007f9f66c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 375.040942][ T9920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 375.048957][ T9920] R13: 0000000000000000 R14: 00007f9f66da5fa0 R15: 00007ffdfcf6c128 [ 375.057821][ T9920] [ 375.061569][ T9920] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 375.068863][ T9920] CPU: 1 UID: 0 PID: 9920 Comm: syz.5.1429 Not tainted 6.15.0-rc1-syzkaller-00288-ge618ee89561b #0 PREEMPT(full) [ 375.080868][ T9920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 375.090934][ T9920] Call Trace: [ 375.094239][ T9920] [ 375.097184][ T9920] dump_stack_lvl+0x3d/0x1f0 [ 375.101824][ T9920] panic+0x71c/0x800 [ 375.105736][ T9920] ? __pfx_panic+0x10/0x10 [ 375.110167][ T9920] ? show_trace_log_lvl+0x29b/0x3e0 [ 375.115401][ T9920] ? refcount_warn_saturate+0xd4/0x210 [ 375.120898][ T9920] check_panic_on_warn+0xab/0xb0 [ 375.125850][ T9920] __warn+0xf6/0x3c0 [ 375.129767][ T9920] ? refcount_warn_saturate+0xd4/0x210 [ 375.135248][ T9920] report_bug+0x3c3/0x580 [ 375.139600][ T9920] ? refcount_warn_saturate+0xd4/0x210 [ 375.145077][ T9920] handle_bug+0x184/0x210 [ 375.149503][ T9920] exc_invalid_op+0x17/0x50 [ 375.154103][ T9920] asm_exc_invalid_op+0x1a/0x20 [ 375.158969][ T9920] RIP: 0010:refcount_warn_saturate+0xd4/0x210 [ 375.165067][ T9920] Code: 7d a1 0b 31 ff 89 de e8 4a e5 ed fc 84 db 75 dc e8 61 ea ed fc c6 05 2f 7d a1 0b 01 90 48 c7 c7 40 fa f3 8b e8 ed 7b ad fc 90 <0f> 0b 90 90 eb bc e8 41 ea ed fc 0f b6 1d 10 7d a1 0b 31 ff 89 de [ 375.184688][ T9920] RSP: 0018:ffffc90002ee7908 EFLAGS: 00010282 [ 375.190773][ T9920] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc9000cd2b000 [ 375.198752][ T9920] RDX: 0000000000080000 RSI: ffffffff817ad005 RDI: 0000000000000001 [ 375.206730][ T9920] RBP: ffff88802a664210 R08: 0000000000000001 R09: 0000000000000000 [ 375.214713][ T9920] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888033636a80 [ 375.222711][ T9920] R13: ffffffff9afc7fa0 R14: ffff88802a2f28b0 R15: ffff88802a664210 [ 375.230703][ T9920] ? __warn_printk+0x1a5/0x350 [ 375.235481][ T9920] ? refcount_warn_saturate+0xd3/0x210 [ 375.240962][ T9920] dvb_device_open+0x2ed/0x3b0 [ 375.245739][ T9920] ? __pfx_dvb_device_open+0x10/0x10 [ 375.251039][ T9920] chrdev_open+0x231/0x6a0 [ 375.255480][ T9920] ? __pfx_apparmor_file_open+0x10/0x10 [ 375.261049][ T9920] ? __pfx_chrdev_open+0x10/0x10 [ 375.266014][ T9920] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 375.272817][ T9920] do_dentry_open+0x741/0x1c10 [ 375.277600][ T9920] ? __pfx_chrdev_open+0x10/0x10 [ 375.282569][ T9920] vfs_open+0x82/0x3f0 [ 375.286655][ T9920] path_openat+0x1e5e/0x2d40 [ 375.291312][ T9920] ? __pfx_path_openat+0x10/0x10 [ 375.296371][ T9920] do_filp_open+0x20b/0x470 [ 375.301002][ T9920] ? __pfx_do_filp_open+0x10/0x10 [ 375.306071][ T9920] ? alloc_fd+0x471/0x7d0 [ 375.310429][ T9920] do_sys_openat2+0x11b/0x1d0 [ 375.315155][ T9920] ? __pfx_do_sys_openat2+0x10/0x10 [ 375.320365][ T9920] ? __pfx___might_resched+0x10/0x10 [ 375.325675][ T9920] __x64_sys_openat+0x174/0x210 [ 375.330537][ T9920] ? __pfx___x64_sys_openat+0x10/0x10 [ 375.335923][ T9920] ? rcu_is_watching+0x12/0xc0 [ 375.340735][ T9920] do_syscall_64+0xcd/0x260 [ 375.345264][ T9920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 375.351185][ T9920] RIP: 0033:0x7f9f66b8d169 [ 375.355611][ T9920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 375.375231][ T9920] RSP: 002b:00007f9f6790e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 375.383658][ T9920] RAX: ffffffffffffffda RBX: 00007f9f66da5fa0 RCX: 00007f9f66b8d169 [ 375.391639][ T9920] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 375.399626][ T9920] RBP: 00007f9f66c0e990 R08: 0000000000000000 R09: 0000000000000000 [ 375.407612][ T9920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 375.415603][ T9920] R13: 0000000000000000 R14: 00007f9f66da5fa0 R15: 00007ffdfcf6c128 [ 375.423596][ T9920] [ 375.426690][ T9920] Kernel Offset: disabled [ 375.431029][ T9920] Rebooting in 86400 seconds..