last executing test programs: 1m47.911035776s ago: executing program 2 (id=841): socket(0x10, 0x2, 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a000000", @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1m47.566418345s ago: executing program 2 (id=845): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mbind$auto(0x2000, 0x100000004, 0x400100000000, 0x0, 0x6, 0x2) mprotect$auto(0x8000, 0x4, 0x5) 1m46.56992828s ago: executing program 2 (id=853): socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x5, 0x0) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x6, 0x40000000029, 0x6, 0xfffffffffffffffe, 0x0) 1m46.389773813s ago: executing program 2 (id=855): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0x0, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80000020281, 0x8, 0x2, 0xfffffffffffffff8}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1m46.11733668s ago: executing program 2 (id=858): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) tkill$auto(0x1, 0x7) 1m43.806372703s ago: executing program 2 (id=874): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) 1m43.009212839s ago: executing program 32 (id=874): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) 3.831741166s ago: executing program 1 (id=1760): mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket(0x2, 0x2, 0x1) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r0, 0x10000}, 0x10) io_uring_setup$auto(0x1, 0x0) bpf$auto(0x4, 0x0, 0x13) 3.486223535s ago: executing program 1 (id=1766): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev0\x00', 0x0, 0x0) ioctl$auto(0x3, 0xc008561c, 0x38) 3.285224944s ago: executing program 1 (id=1769): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x2, 0x80002, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x6e23, @remote}, 0x6b) 2.994621632s ago: executing program 1 (id=1773): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) mmap$auto(0x0, 0x10000, 0xde, 0x11, r0, 0x28000) madvise$auto(0x0, 0x2000040080000004, 0xe) mmap$auto(0x0, 0x7, 0xe2, 0x100eb1, 0x405, 0x8000) fcntl$auto_F_SETLK(r0, 0x6, 0x0) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) 2.871622754s ago: executing program 0 (id=1776): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) seccomp$auto(0x3, 0x8, 0x0) 2.732374005s ago: executing program 4 (id=1777): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioperm$auto(0x7, 0x6, 0x2) rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8) rt_sigaction$auto(0x4, &(0x7f0000000300)={&(0x7f0000000240)=0x0, 0x0, 0x0, {0x1}}, 0x0, 0x8) r0 = gettid() rt_sigqueueinfo$auto(r0, 0x1, 0x0) 2.646616592s ago: executing program 1 (id=1778): ioctl$auto_XFS_IOC_EXCHANGE_RANGE(0xffffffffffffffff, 0x40285881, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x3ff, 0x99, 0x7, 0xf}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000f9dbdf250f00000008000300", @ANYRES32=r3, @ANYBLOB='\b\x004'], 0x24}, 0x1, 0x0, 0x0, 0x44010}, 0x0) 2.532066415s ago: executing program 1 (id=1780): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) io_pgetevents$auto(0x7fff, 0xd47, 0x3, 0x0, 0x0, 0x0) 1.969543655s ago: executing program 4 (id=1789): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) statmount$auto(0x0, 0x0, 0x800, 0x7) 1.831986402s ago: executing program 3 (id=1782): mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x406, 0x0) poll$auto(&(0x7f0000000d40)={0x3, 0x3, 0xa}, 0x5, 0x3fc) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x7ffffffe, 0xa, 0x0, 0x46) 1.442939251s ago: executing program 3 (id=1783): open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) socket(0x200000000000011, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x6) sendfile$auto(0x6, 0x3, 0x0, 0xc01) 1.410885404s ago: executing program 0 (id=1784): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x2, 0x88) recvfrom$auto(0x3, 0x0, 0x5106, 0x2, 0x0, 0xfffffffffffffffd) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.240208462s ago: executing program 4 (id=1785): open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x84) socket(0x2, 0x3, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2a, 0x2, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x5) sendfile$auto(0x6, 0x3, 0x0, 0xc01) 1.225814173s ago: executing program 0 (id=1786): syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) setsockopt$auto(0xffffffffffffffff, 0x6, 0x6, 0x0, 0xe6) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) sysfs$auto(0x2, 0x4b, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) 1.078517741s ago: executing program 3 (id=1787): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) madvise$auto(0x0, 0x2003f0, 0x15) 1.014486402s ago: executing program 4 (id=1788): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x3, 0x6) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r0 = socket(0x15, 0x5, 0x0) setsockopt$auto(r0, 0x114, 0x8, 0x0, 0x4) 998.149913ms ago: executing program 0 (id=1790): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0225020000000800030080"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x20040004) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x5, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x5}, 0x3}, 0x40000204, 0x0) 891.86136ms ago: executing program 4 (id=1791): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) mmap$auto(0x0, 0x9, 0x9cad, 0x8012, 0x3, 0x8000) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) 784.941453ms ago: executing program 0 (id=1792): mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000) unshare$auto(0x40000080) r0 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x82842, 0x85) read$auto(r0, 0x0, 0x1) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/rpc/use-gss-proxy\x00', 0x48041, 0x0) write$auto(r1, 0x0, 0x6) 659.098354ms ago: executing program 4 (id=1793): r0 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x2100, 0x0) unshare$auto(0x40000080) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mount$auto(0x0, &(0x7f0000000300)='./file0\x00', 0x0, 0x313826de, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) readv$auto(r0, &(0x7f0000000700)={0x0, 0x9}, 0x1) 558.44881ms ago: executing program 3 (id=1794): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/ipc\x00') setns(r0, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb5, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0x10) semget$auto(0x0, 0x13c, 0x1ff) semtimedop$auto(0x0, &(0x7f00000001c0)={0x7, 0x82, 0x1}, 0x5, 0x0) unshare$auto(0x8000000) 374.126588ms ago: executing program 3 (id=1795): lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1000000000045, 0x100000001, 0xfffdffff, 0x0, 0x0, 0x0, 0x1000000006, 0x6, 0x7, 0x401, 0x7ffffffb, 0x5, 0xffffffff80000000, 0x1, 0x61, 0x103}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000940)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_TP_METER(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3b3d2abd7000fddbdf250304000008000300", @ANYRES32=r3], 0x28}}, 0x80) 308.61µs ago: executing program 0 (id=1796): mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x3880, 0x70) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x802, 0x1) setsockopt$auto_SO_WIFI_STATUS(r0, 0x0, 0x29, &(0x7f0000000080)='\xef', 0x8000) 0s ago: executing program 3 (id=1797): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100cda4429629bd7100f9db5f250200000000000000", @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x3, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x8, 0x4008) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.24' (ED25519) to the list of known hosts. syzkaller login: [ 87.922924][ T5828] cgroup: Unknown subsys name 'net' [ 88.100026][ T5828] cgroup: Unknown subsys name 'cpuset' [ 88.109979][ T5828] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 89.912264][ T5828] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 92.156659][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 92.174557][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 92.176072][ T5851] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 92.182635][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 92.189953][ T5851] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 92.204365][ T5851] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 92.212782][ T5851] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 92.212825][ T5848] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 92.220549][ T5851] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 92.229618][ T5848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 92.235493][ T5851] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 92.242701][ T5848] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 92.248602][ T5851] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 92.264157][ T5851] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 92.274112][ T5851] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 92.282028][ T5851] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 92.290318][ T5851] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 92.297862][ T5847] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 92.310478][ T5851] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 92.318378][ T5848] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 92.997463][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 93.068866][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 93.119114][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 93.192795][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 93.373520][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.381249][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.389268][ T5840] bridge_slave_0: entered allmulticast mode [ 93.397273][ T5840] bridge_slave_0: entered promiscuous mode [ 93.422482][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.429814][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.437709][ T5837] bridge_slave_0: entered allmulticast mode [ 93.444995][ T5837] bridge_slave_0: entered promiscuous mode [ 93.466300][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.473429][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.481279][ T5840] bridge_slave_1: entered allmulticast mode [ 93.488758][ T5840] bridge_slave_1: entered promiscuous mode [ 93.518437][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.525587][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.532901][ T5837] bridge_slave_1: entered allmulticast mode [ 93.541486][ T5837] bridge_slave_1: entered promiscuous mode [ 93.548692][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.556317][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.563458][ T5838] bridge_slave_0: entered allmulticast mode [ 93.570988][ T5838] bridge_slave_0: entered promiscuous mode [ 93.611351][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.618787][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.626028][ T5838] bridge_slave_1: entered allmulticast mode [ 93.633337][ T5838] bridge_slave_1: entered promiscuous mode [ 93.643633][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.656542][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.752380][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.764387][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.778507][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.800998][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.808545][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.816450][ T5839] bridge_slave_0: entered allmulticast mode [ 93.823791][ T5839] bridge_slave_0: entered promiscuous mode [ 93.834421][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.873544][ T5840] team0: Port device team_slave_0 added [ 93.881297][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.888702][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.897400][ T5839] bridge_slave_1: entered allmulticast mode [ 93.904633][ T5839] bridge_slave_1: entered promiscuous mode [ 93.931968][ T5837] team0: Port device team_slave_0 added [ 93.954225][ T5840] team0: Port device team_slave_1 added [ 93.973594][ T5837] team0: Port device team_slave_1 added [ 93.993925][ T5838] team0: Port device team_slave_0 added [ 94.043972][ T5838] team0: Port device team_slave_1 added [ 94.067432][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.081336][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.091537][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.099674][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.125733][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.139299][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.146369][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.173208][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.200132][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.207266][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.233726][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.282887][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.290138][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.316955][ T5152] Bluetooth: hci2: command tx timeout [ 94.320350][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.322746][ T5848] Bluetooth: hci3: command tx timeout [ 94.352736][ T5839] team0: Port device team_slave_0 added [ 94.359614][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.367170][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.393309][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.404180][ T5848] Bluetooth: hci0: command tx timeout [ 94.406975][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.416030][ T5848] Bluetooth: hci1: command tx timeout [ 94.416684][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.448046][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.470066][ T5839] team0: Port device team_slave_1 added [ 94.532863][ T5837] hsr_slave_0: entered promiscuous mode [ 94.540086][ T5837] hsr_slave_1: entered promiscuous mode [ 94.575581][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.582822][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.609063][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.656997][ T5840] hsr_slave_0: entered promiscuous mode [ 94.663396][ T5840] hsr_slave_1: entered promiscuous mode [ 94.670368][ T5840] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 94.678310][ T5840] Cannot create hsr debugfs directory [ 94.684608][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.692260][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.718350][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.808258][ T5838] hsr_slave_0: entered promiscuous mode [ 94.814680][ T5838] hsr_slave_1: entered promiscuous mode [ 94.821534][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 94.829233][ T5838] Cannot create hsr debugfs directory [ 94.921460][ T5839] hsr_slave_0: entered promiscuous mode [ 94.928536][ T5839] hsr_slave_1: entered promiscuous mode [ 94.934621][ T5839] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 94.942620][ T5839] Cannot create hsr debugfs directory [ 95.346283][ T5837] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 95.362375][ T5837] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 95.374995][ T5837] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 95.398292][ T5837] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 95.451447][ T5839] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 95.479011][ T5839] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 95.502168][ T5839] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 95.522171][ T5839] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 95.583355][ T5838] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 95.607603][ T5838] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 95.619586][ T5838] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 95.644188][ T5838] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 95.738043][ T5840] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 95.766603][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 95.777658][ T5840] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 95.805621][ T5840] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 95.825356][ T5840] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 95.877827][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.918670][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.926020][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.958721][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.965946][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.038778][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.094496][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.138033][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.173968][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.181163][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.214323][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.238374][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.245562][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.288051][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 96.307346][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.314524][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.344357][ T1327] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.351609][ T1327] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.387046][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 96.397543][ T5848] Bluetooth: hci3: command tx timeout [ 96.401211][ T5152] Bluetooth: hci2: command tx timeout [ 96.431711][ T1327] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.438922][ T1327] bridge0: port 1(bridge_slave_0) entered forwarding state [ 96.471263][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.478506][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 96.487699][ T5152] Bluetooth: hci0: command tx timeout [ 96.489185][ T5848] Bluetooth: hci1: command tx timeout [ 96.571191][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.773439][ T5837] veth0_vlan: entered promiscuous mode [ 96.815074][ T5837] veth1_vlan: entered promiscuous mode [ 96.933185][ T5837] veth0_macvtap: entered promiscuous mode [ 96.965473][ T47] cfg80211: failed to load regulatory.db [ 96.968448][ T5837] veth1_macvtap: entered promiscuous mode [ 97.021925][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.081110][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.120641][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.139929][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.175223][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 97.184660][ T5837] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.194423][ T5837] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.204713][ T5837] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.213565][ T5837] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.293088][ T5838] veth0_vlan: entered promiscuous mode [ 97.353676][ T5838] veth1_vlan: entered promiscuous mode [ 97.374353][ T5839] veth0_vlan: entered promiscuous mode [ 97.425546][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.441311][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.449555][ T5839] veth1_vlan: entered promiscuous mode [ 97.501151][ T1327] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.512225][ T1327] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.544479][ T5840] veth0_vlan: entered promiscuous mode [ 97.563101][ T5839] veth0_macvtap: entered promiscuous mode [ 97.585513][ T5838] veth0_macvtap: entered promiscuous mode [ 97.594497][ T5840] veth1_vlan: entered promiscuous mode [ 97.615619][ T5839] veth1_macvtap: entered promiscuous mode [ 97.650493][ T5838] veth1_macvtap: entered promiscuous mode [ 97.693082][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.705038][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 97.710780][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.733341][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.746439][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.757847][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.768066][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 97.778859][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.790115][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.811309][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.825114][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.845201][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.884999][ T5838] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.894940][ T5838] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.909251][ T5838] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.918907][ T5838] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.940224][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.955169][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.968286][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 97.981317][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 97.994837][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.004973][ T5840] veth0_macvtap: entered promiscuous mode [ 98.028432][ T5839] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.037328][ T5839] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.052875][ T5839] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.062709][ T5839] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.087138][ T5840] veth1_macvtap: entered promiscuous mode [ 98.183580][ T30] audit: type=1804 audit(1744514382.876:2): pid=5912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.5" name="/newroot/1/file0" dev="tmpfs" ino=23 res=1 errno=0 [ 98.209022][ T30] audit: type=1800 audit(1744514382.876:3): pid=5912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.5" name="file0" dev="tmpfs" ino=23 res=0 errno=0 [ 98.234447][ T30] audit: type=1800 audit(1744514382.886:4): pid=5912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.5" name="file0" dev="tmpfs" ino=23 res=0 errno=0 [ 98.299449][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.335967][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.348284][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.359575][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.369786][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 98.380330][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.416415][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.476475][ T5152] Bluetooth: hci3: command tx timeout [ 98.482009][ T5848] Bluetooth: hci2: command tx timeout [ 98.498767][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.519668][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.530102][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.542165][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.552959][ T5840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 98.563737][ T5152] Bluetooth: hci0: command tx timeout [ 98.569269][ T5848] Bluetooth: hci1: command tx timeout [ 98.575273][ T5840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 98.587260][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.638125][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.661591][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.678973][ T1319] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.694829][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.709654][ T1319] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.721854][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.734353][ T5840] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.744913][ T5840] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.768631][ T5840] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.785962][ T5840] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.890645][ T1319] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.929313][ T1319] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.033238][ T1319] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.080284][ T1319] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.217633][ T1319] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.236343][ T1319] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.712139][ T5939] netlink: 28 bytes leftover after parsing attributes in process `syz.3.13'. [ 99.723516][ T5939] Zero length message leads to an empty skb [ 99.923799][ T5944] netlink: 'syz.3.15': attribute type 9 has an invalid length. [ 99.956058][ T5944] netlink: 330 bytes leftover after parsing attributes in process `syz.3.15'. [ 100.423906][ T5957] tipc: Trying to set illegal importance in message [ 100.556808][ T5848] Bluetooth: hci2: command tx timeout [ 100.562561][ T5152] Bluetooth: hci3: command tx timeout [ 100.642075][ T5152] Bluetooth: hci1: command tx timeout [ 100.647908][ T5152] Bluetooth: hci0: command tx timeout [ 101.015986][ T5979] qrtr: Invalid version 0 [ 101.472427][ T5992] netlink: 194 bytes leftover after parsing attributes in process `syz.0.36'. [ 102.162071][ T6018] tipc: Started in network mode [ 102.174040][ T6018] tipc: Node identity ee00, cluster identity 4711 [ 102.192998][ T6018] tipc: Node number set to 60928 [ 102.456793][ T5152] Bluetooth: hci2: unexpected event 0x01 length: 4 > 1 [ 103.159913][ T6050] capability: warning: `syz.3.63' uses 32-bit capabilities (legacy support in use) [ 104.346313][ T6093] netlink: 28 bytes leftover after parsing attributes in process `syz.3.83'. [ 104.385962][ T6093] ipvlan0: entered allmulticast mode [ 104.391710][ T6093] veth0_vlan: entered allmulticast mode [ 105.008441][ T6118] sctp: [Deprecated]: syz.1.92 (pid 6118) Use of int in max_burst socket option deprecated. [ 105.008441][ T6118] Use struct sctp_assoc_value instead [ 105.282185][ T6126] netlink: 334 bytes leftover after parsing attributes in process `syz.1.97'. [ 105.391511][ T6130] netlink: 'syz.1.99': attribute type 1 has an invalid length. [ 106.007762][ T6148] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 108.522630][ T6225] syz.1.136 uses obsolete (PF_INET,SOCK_PACKET) [ 111.958273][ T5152] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 111.958319][ T5152] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 111.976004][ T5152] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 111.976054][ T5152] Bluetooth: hci3: Unknown advertising packet type: 0x74 [ 111.983278][ T5152] Bluetooth: hci3: adv larger than maximum supported [ 111.990803][ T5152] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 111.999830][ T5152] Bluetooth: hci3: adv larger than maximum supported [ 112.007203][ T5152] Bluetooth: hci3: adv larger than maximum supported [ 112.013920][ T5152] Bluetooth: hci3: Malformed LE Event: 0x0d [ 113.046921][ T6358] netlink: 4 bytes leftover after parsing attributes in process `syz.2.191'. [ 113.080288][ T6358] netlink: 4 bytes leftover after parsing attributes in process `syz.2.191'. [ 113.117654][ T5152] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 113.117697][ T5152] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 113.132656][ T5152] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 113.132697][ T5152] Bluetooth: hci1: Unknown advertising packet type: 0x74 [ 113.139977][ T5152] Bluetooth: hci1: adv larger than maximum supported [ 113.147147][ T5152] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 113.153868][ T5152] Bluetooth: hci1: Malformed LE Event: 0x0d [ 113.662138][ T6372] netlink: 350 bytes leftover after parsing attributes in process `syz.1.195'. [ 113.993004][ T6385] netlink: 28 bytes leftover after parsing attributes in process `syz.1.202'. [ 114.082685][ T6385] team0: Port device team_slave_0 removed [ 114.189879][ T6389] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 114.957021][ T6413] netlink: 350 bytes leftover after parsing attributes in process `syz.1.216'. [ 116.051817][ T5152] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 116.051858][ T5152] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 116.069610][ T5152] Bluetooth: hci2: Malformed LE Event: 0x0d [ 116.241569][ T5152] Bluetooth: hci3: unexpected event 0x06 length: 11 > 3 [ 117.515548][ T6508] process 'syz.3.255' launched ':,' with NULL argv: empty string added [ 117.537628][ T6508] ERROR: Out of memory at tomoyo_memory_ok. [ 117.544442][ T6508] ERROR: Domain ' /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /usr/sbin/sshd /usr/sbin/sshd /bin/sh /root/syz-executor /root/syz-executor /newroot/50/:,' not defined. [ 118.292214][ T6529] netlink: 20 bytes leftover after parsing attributes in process `syz.0.263'. [ 119.173508][ T6560] netlink: 28 bytes leftover after parsing attributes in process `syz.0.277'. [ 119.192555][ T6560] ipvlan1: entered allmulticast mode [ 119.198579][ T6560] veth0_vlan: entered allmulticast mode [ 119.394053][ T6569] CIFS: VFS: Unsupported security flags: 0x10 [ 121.235600][ T6618] sg_write: data in/out 32732/16086 bytes for SCSI command 0x0-- guessing data in; [ 121.235600][ T6618] program syz.1.300 not setting count and/or reply_len properly [ 121.944241][ T6656] netlink: 8 bytes leftover after parsing attributes in process `syz.1.313'. [ 122.177273][ T6664] Device name cannot be null; rc = [-22] [ 123.495836][ T6699] nbd0: detected capacity change from 0 to 68719476736 [ 123.531469][ T5856] block nbd0: Send control failed (result -22) [ 123.552352][ T5856] block nbd0: Request send failed, requeueing [ 123.579014][ T5152] block nbd0: Receive control failed (result -32) [ 123.596790][ T25] block nbd0: Dead connection, failed to find a fallback [ 123.604074][ T25] block nbd0: shutting down sockets [ 123.609669][ T25] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 123.619133][ T25] Buffer I/O error on dev nbd0, logical block 0, async page read [ 123.634043][ T5856] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 123.700640][ T5856] Buffer I/O error on dev nbd0, logical block 0, async page read [ 123.756320][ T5856] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 123.765435][ T5856] Buffer I/O error on dev nbd0, logical block 0, async page read [ 123.811649][ T5856] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 123.831658][ T5856] Buffer I/O error on dev nbd0, logical block 0, async page read [ 123.883183][ T5856] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 123.906612][ T5856] Buffer I/O error on dev nbd0, logical block 0, async page read [ 123.928809][ T5856] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 123.955244][ T5856] Buffer I/O error on dev nbd0, logical block 0, async page read [ 123.974109][ T5856] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 124.015987][ T5856] Buffer I/O error on dev nbd0, logical block 0, async page read [ 124.028025][ T5856] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 124.047669][ T5856] Buffer I/O error on dev nbd0, logical block 0, async page read [ 124.067445][ T5856] ldm_validate_partition_table(): Disk read failed. [ 124.084323][ T5856] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 124.109873][ T5856] Buffer I/O error on dev nbd0, logical block 0, async page read [ 124.124862][ T5856] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 124.176625][ T5856] Buffer I/O error on dev nbd0, logical block 0, async page read [ 124.184903][ T5856] Dev nbd0: unable to read RDB block 0 [ 124.219794][ T5856] nbd0: unable to read partition table [ 124.245400][ T5856] ldm_validate_partition_table(): Disk read failed. [ 124.268790][ T5856] Dev nbd0: unable to read RDB block 0 [ 124.274998][ T5856] nbd0: unable to read partition table [ 124.543009][ T6724] bridge0: port 3(vlan1) entered blocking state [ 124.561280][ T6724] bridge0: port 3(vlan1) entered disabled state [ 124.586935][ T6724] vlan1: entered allmulticast mode [ 124.592149][ T6724] veth0_vlan: entered allmulticast mode [ 124.614212][ T6724] vlan1: entered promiscuous mode [ 124.614468][ T6725] program syz.0.335 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 124.620607][ T6724] bridge0: port 3(vlan1) entered blocking state [ 124.635203][ T6724] bridge0: port 3(vlan1) entered forwarding state [ 125.807564][ T6761] zram0: detected capacity change from 0 to 8 [ 127.954181][ T6805] netlink: 342 bytes leftover after parsing attributes in process `syz.3.369'. [ 129.477377][ T30] audit: type=1804 audit(1744514414.177:5): pid=6825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.375" name=2F6E6577726F6F742F38302F08 dev="tmpfs" ino=431 res=1 errno=0 [ 129.904785][ T6842] netlink: 93 bytes leftover after parsing attributes in process `syz.0.381'. [ 130.703332][ T6864] netlink: 342 bytes leftover after parsing attributes in process `syz.1.392'. [ 131.314404][ T6880] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 131.551825][ T6888] program syz.1.400 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 132.700216][ T6915] netlink: 28 bytes leftover after parsing attributes in process `syz.2.410'. [ 132.944244][ T6915] team0: Port device team_slave_0 removed [ 134.097483][ T6940] MTRR 1 not used [ 134.310706][ T6956] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 134.318857][ T6956] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 137.272604][ T6985] kexec: Could not allocate control_code_buffer [ 137.548314][ T7019] netlink: 8 bytes leftover after parsing attributes in process `syz.1.451'. [ 137.921825][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.934168][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.183168][ T7040] mmap: syz.2.460 (7040) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 141.356975][ T7144] netlink: 28 bytes leftover after parsing attributes in process `syz.0.500'. [ 141.382305][ T7144] team_slave_0: entered allmulticast mode [ 141.419583][ T7150] openvswitch: netlink: IP tunnel TTL not specified. [ 141.428713][ T7150] syz.3.503 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 141.765428][ T7159] lo: entered promiscuous mode [ 141.790773][ T7158] lo: left promiscuous mode [ 141.807729][ T7153] Invalid ELF header magic: != ELF [ 143.771354][ T7212] netlink: 342 bytes leftover after parsing attributes in process `syz.1.527'. [ 146.189371][ T7271] netlink: 346 bytes leftover after parsing attributes in process `syz.2.550'. [ 151.507099][ T7399] netlink: 'syz.2.603': attribute type 1 has an invalid length. [ 152.748995][ T7434] netlink: 354 bytes leftover after parsing attributes in process `syz.1.618'. [ 153.658778][ T7452] netlink: 186 bytes leftover after parsing attributes in process `syz.1.626'. [ 155.019975][ T5152] Bluetooth: hci0: unexpected event 0x04 length: 459 > 10 [ 155.020308][ T5152] Bluetooth: hci0: connection err: -111 [ 156.635881][ T7475] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 156.642533][ T5152] Bluetooth: hci0: command 0x0c1a tx timeout [ 156.649498][ T7475] Bluetooth: hci0: Opcode 0x0406 failed: -110 [ 157.035534][ T7519] ======================================================= [ 157.035534][ T7519] WARNING: The mand mount option has been deprecated and [ 157.035534][ T7519] and is ignored by this kernel. Remove the mand [ 157.035534][ T7519] option from the mount to silence this warning. [ 157.035534][ T7519] ======================================================= [ 157.433238][ T7527] netlink: 342 bytes leftover after parsing attributes in process `syz.2.656'. [ 157.505881][ T7475] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 157.566426][ T7475] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 157.581991][ T7475] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 157.661155][ T7475] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 157.693100][ T7475] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 157.715955][ T7475] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 157.791398][ T7475] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 157.817597][ T7475] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 157.836015][ T7475] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 157.873858][ T7475] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 158.716003][ T5152] Bluetooth: hci0: command 0x0c1a tx timeout [ 159.598664][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 159.756136][ T5152] Bluetooth: hci3: command 0x0c1a tx timeout [ 159.835843][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 160.809089][ T5152] Bluetooth: hci0: command 0x0c1a tx timeout [ 161.679170][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 161.849679][ T5152] Bluetooth: hci3: command 0x0c1a tx timeout [ 161.915781][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 162.988471][ T7662] netlink: 206 bytes leftover after parsing attributes in process `syz.2.712'. [ 163.756072][ T5152] Bluetooth: hci1: command 0x0c1a tx timeout [ 163.915838][ T5152] Bluetooth: hci3: command 0x0c1a tx timeout [ 163.995815][ T5152] Bluetooth: hci2: command 0x0c1a tx timeout [ 168.467760][ T7764] Invalid ELF header magic: != ELF [ 169.341457][ T7794] Console: switching to colour VGA+ 80x25 [ 170.953924][ T7856] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 171.088537][ T7851] Invalid ELF header magic: != ELF [ 173.218795][ T7916] netlink: 28 bytes leftover after parsing attributes in process `syz.2.808'. [ 173.546405][ T26] ERROR: Out of memory at tomoyo_memory_ok. [ 174.241874][ T7951] FAULT_INJECTION: forcing a failure. [ 174.241874][ T7951] name failslab, interval 1, probability 0, space 0, times 1 [ 174.275303][ T7951] CPU: 0 UID: 0 PID: 7951 Comm: syz.3.818 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 174.275345][ T7951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 174.275363][ T7951] Call Trace: [ 174.275373][ T7951] [ 174.275389][ T7951] dump_stack_lvl+0x16c/0x1f0 [ 174.275440][ T7951] should_fail_ex+0x512/0x640 [ 174.275473][ T7951] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 174.275517][ T7951] should_failslab+0xc2/0x120 [ 174.275545][ T7951] __kmalloc_cache_noprof+0x6a/0x3e0 [ 174.275586][ T7951] ? nat_init_net+0x56/0x270 [ 174.275629][ T7951] ? __pfx_nat_init_net+0x10/0x10 [ 174.275676][ T7951] nat_init_net+0x56/0x270 [ 174.275716][ T7951] ops_init+0x1df/0x5f0 [ 174.275762][ T7951] setup_net+0x21e/0x850 [ 174.275807][ T7951] ? __pfx_setup_net+0x10/0x10 [ 174.275845][ T7951] ? lockdep_init_map_type+0x5c/0x280 [ 174.275874][ T7951] ? __pfx_down_read_killable+0x10/0x10 [ 174.275907][ T7951] ? debug_mutex_init+0x37/0x70 [ 174.275948][ T7951] copy_net_ns+0x2a6/0x5f0 [ 174.275996][ T7951] create_new_namespaces+0x3ea/0xad0 [ 174.276047][ T7951] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 174.276094][ T7951] ksys_unshare+0x45b/0xa40 [ 174.276139][ T7951] ? __pfx_ksys_unshare+0x10/0x10 [ 174.276182][ T7951] ? xfd_validate_state+0x5d/0x180 [ 174.276217][ T7951] ? rcu_is_watching+0x12/0xc0 [ 174.276261][ T7951] __x64_sys_unshare+0x31/0x40 [ 174.276314][ T7951] do_syscall_64+0xcd/0x260 [ 174.276362][ T7951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.276391][ T7951] RIP: 0033:0x7f96bd18d169 [ 174.276414][ T7951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.276442][ T7951] RSP: 002b:00007f96be092038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 174.276468][ T7951] RAX: ffffffffffffffda RBX: 00007f96bd3a5fa0 RCX: 00007f96bd18d169 [ 174.276487][ T7951] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 174.276505][ T7951] RBP: 00007f96bd20e990 R08: 0000000000000000 R09: 0000000000000000 [ 174.276521][ T7951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 174.276538][ T7951] R13: 0000000000000000 R14: 00007f96bd3a5fa0 R15: 00007ffd9e75a498 [ 174.276575][ T7951] [ 177.160956][ T8025] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^' [ 178.059973][ T8046] netlink: 4 bytes leftover after parsing attributes in process `syz.3.842'. [ 178.125584][ T8048] netlink: 342 bytes leftover after parsing attributes in process `syz.2.841'. [ 178.279212][ T8052] netlink: 28 bytes leftover after parsing attributes in process `syz.0.843'. [ 178.288298][ T8052] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 178.393403][ T8052] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 180.412420][ T8096] netlink: 334 bytes leftover after parsing attributes in process `syz.0.861'. [ 181.059338][ T1327] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.269127][ T1327] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.282663][ T8089] kexec: Could not allocate control_code_buffer [ 181.469879][ T1327] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 181.687277][ T1327] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 182.073841][ T1327] vlan1: left allmulticast mode [ 182.090376][ T1327] veth0_vlan: left allmulticast mode [ 182.103380][ T1327] vlan1: left promiscuous mode [ 182.122583][ T1327] bridge0: port 3(vlan1) entered disabled state [ 182.180724][ T1327] bridge_slave_1: left allmulticast mode [ 182.208373][ T1327] bridge_slave_1: left promiscuous mode [ 182.234463][ T1327] bridge0: port 2(bridge_slave_1) entered disabled state [ 182.337027][ T1327] bridge_slave_0: left allmulticast mode [ 182.363007][ T1327] bridge_slave_0: left promiscuous mode [ 182.393569][ T1327] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.585255][ T1327] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 183.628685][ T1327] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 183.652882][ T1327] bond0 (unregistering): Released all slaves [ 183.689658][ T8135] netlink: 342 bytes leftover after parsing attributes in process `syz.0.875'. [ 183.742018][ T5848] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 183.759514][ T5848] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 183.772242][ T5848] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 183.782027][ T5848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 183.789969][ T5848] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 183.833677][ T1327] tipc: Left network mode [ 184.006248][ T8161] netlink: 342 bytes leftover after parsing attributes in process `syz.0.881'. [ 184.682144][ T1327] hsr_slave_0: left promiscuous mode [ 184.723351][ T1327] hsr_slave_1: left promiscuous mode [ 184.730378][ T1327] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 184.765802][ T1327] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 184.794560][ T1327] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 184.805402][ T1327] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 184.856897][ T1327] veth1_vlan: left promiscuous mode [ 184.863549][ T1327] veth0_vlan: left promiscuous mode [ 185.845799][ T5152] Bluetooth: hci3: command tx timeout [ 186.001590][ T1327] team0 (unregistering): Port device team_slave_1 removed [ 186.373231][ T8212] openvswitch: netlink: IP tunnel dst address not specified [ 186.382696][ T8212] openvswitch: netlink: IP tunnel dst address not specified [ 186.551999][ T8214] random: crng reseeded on system resumption [ 187.257386][ T8222] netlink: 342 bytes leftover after parsing attributes in process `syz.0.898'. [ 187.372380][ T8157] chnl_net:caif_netlink_parms(): no params data found [ 187.799869][ T8157] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.845904][ T8157] bridge0: port 1(bridge_slave_0) entered disabled state [ 187.854910][ T8157] bridge_slave_0: entered allmulticast mode [ 187.887677][ T8157] bridge_slave_0: entered promiscuous mode [ 187.915801][ T5152] Bluetooth: hci3: command tx timeout [ 187.921457][ T8157] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.935964][ T8157] bridge0: port 2(bridge_slave_1) entered disabled state [ 187.943292][ T8157] bridge_slave_1: entered allmulticast mode [ 187.953775][ T8157] bridge_slave_1: entered promiscuous mode [ 188.020776][ T8157] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 188.039592][ T8157] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 188.184577][ T8157] team0: Port device team_slave_0 added [ 188.217410][ T8157] team0: Port device team_slave_1 added [ 188.392217][ T8157] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 188.415717][ T8157] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.461079][ T8157] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 188.512416][ T8157] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 188.524368][ T8157] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.551373][ T8157] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 188.752885][ T8157] hsr_slave_0: entered promiscuous mode [ 188.771099][ T8157] hsr_slave_1: entered promiscuous mode [ 188.789242][ T8157] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 188.806038][ T8157] Cannot create hsr debugfs directory [ 189.773501][ T8157] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 189.829640][ T8157] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 189.859727][ T8157] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 189.878168][ T8283] netlink: 350 bytes leftover after parsing attributes in process `syz.3.909'. [ 189.891648][ T8157] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 190.000492][ T5152] Bluetooth: hci3: command tx timeout [ 190.139059][ T8289] netlink: 330 bytes leftover after parsing attributes in process `syz.1.910'. [ 190.304686][ T8157] 8021q: adding VLAN 0 to HW filter on device bond0 [ 190.409004][ T8157] 8021q: adding VLAN 0 to HW filter on device team0 [ 190.435864][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.443307][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 190.481696][ T8295] netlink: 28 bytes leftover after parsing attributes in process `syz.1.914'. [ 190.495465][ T189] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.502687][ T189] bridge0: port 2(bridge_slave_1) entered forwarding state [ 190.780363][ T8304] netlink: 28 bytes leftover after parsing attributes in process `syz.1.917'. [ 190.822237][ T8304] vxcan1: entered promiscuous mode [ 191.151326][ T8157] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 191.874775][ T8157] veth0_vlan: entered promiscuous mode [ 191.933898][ T8157] veth1_vlan: entered promiscuous mode [ 191.998860][ T30] audit: type=1800 audit(4294967314.030:6): pid=8351 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.927" name=03 dev="tmpfs" ino=1158 res=0 errno=0 [ 192.025420][ T8157] veth0_macvtap: entered promiscuous mode [ 192.076258][ T5152] Bluetooth: hci3: command tx timeout [ 192.096438][ T8157] veth1_macvtap: entered promiscuous mode [ 192.178858][ T8157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.210422][ T8157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.232187][ T8157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.268506][ T8157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.309419][ T8157] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 192.370525][ T8157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.401411][ T8157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.425296][ T8157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.460509][ T8157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.495008][ T8157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.526493][ T8157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.568376][ T8157] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 192.615588][ T8157] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.657513][ T8157] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.699507][ T8157] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.714438][ T8377] random: crng reseeded on system resumption [ 192.725840][ T8157] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.625217][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.625271][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 193.821889][ T8401] netlink: 'syz.1.942': attribute type 1 has an invalid length. [ 193.834728][ T189] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 193.834759][ T189] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 194.624811][ T8432] netlink: 342 bytes leftover after parsing attributes in process `syz.0.950'. [ 195.433546][ T8457] netlink: 'syz.1.958': attribute type 27 has an invalid length. [ 195.452398][ T8457] netlink: 334 bytes leftover after parsing attributes in process `syz.1.958'. [ 195.538121][ T8463] netlink: 206 bytes leftover after parsing attributes in process `syz.4.959'. [ 196.603921][ T30] audit: type=1800 audit(4294967318.640:7): pid=8492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.967" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 197.763895][ T8517] FAULT_INJECTION: forcing a failure. [ 197.763895][ T8517] name failslab, interval 1, probability 0, space 0, times 0 [ 197.813259][ T8517] CPU: 0 UID: 0 PID: 8517 Comm: syz.1.974 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 197.813304][ T8517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 197.813323][ T8517] Call Trace: [ 197.813333][ T8517] [ 197.813349][ T8517] dump_stack_lvl+0x16c/0x1f0 [ 197.813401][ T8517] should_fail_ex+0x512/0x640 [ 197.813436][ T8517] ? __kmalloc_noprof+0xbf/0x510 [ 197.813486][ T8517] ? ima_write_template_field_data+0x5d/0x1f0 [ 197.813525][ T8517] should_failslab+0xc2/0x120 [ 197.813553][ T8517] __kmalloc_noprof+0xd2/0x510 [ 197.813610][ T8517] ima_write_template_field_data+0x5d/0x1f0 [ 197.813656][ T8517] ima_eventdigest_init_common+0x154/0x430 [ 197.813699][ T8517] ? __pfx_ima_eventdigest_init_common+0x10/0x10 [ 197.813765][ T8517] ? rcu_is_watching+0x12/0xc0 [ 197.813804][ T8517] ? trace_kmalloc+0x2b/0xd0 [ 197.813834][ T8517] ? __kmalloc_noprof+0x242/0x510 [ 197.813879][ T8517] ? __print_lock_name+0xd1/0xe0 [ 197.813926][ T8517] ima_alloc_init_template+0x39d/0x720 [ 197.813967][ T8517] ima_store_measurement+0x1eb/0x5c0 [ 197.814002][ T8517] ? __pfx_ima_store_measurement+0x10/0x10 [ 197.814035][ T8517] ? vfs_getxattr_alloc+0xec/0x340 [ 197.814103][ T8517] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 197.814156][ T8517] process_measurement+0x1bd6/0x2360 [ 197.814220][ T8517] ? __pfx_process_measurement+0x10/0x10 [ 197.814265][ T8517] ? __lock_acquire+0x5ca/0x1ba0 [ 197.814322][ T8517] ? init_file+0x93/0x4c0 [ 197.814351][ T8517] ? alloc_empty_file+0x73/0x1e0 [ 197.814383][ T8517] ? hugetlb_file_setup+0x4cd/0x620 [ 197.814420][ T8517] ? ksys_mmap_pgoff+0x189/0x5c0 [ 197.814453][ T8517] ? __x64_sys_mmap+0x125/0x190 [ 197.814546][ T8517] ima_file_mmap+0x1b1/0x1d0 [ 197.814594][ T8517] ? __pfx_ima_file_mmap+0x10/0x10 [ 197.814653][ T8517] security_mmap_file+0x88c/0x990 [ 197.814697][ T8517] vm_mmap_pgoff+0xec/0x450 [ 197.814737][ T8517] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 197.814770][ T8517] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 197.814806][ T8517] ? hugetlbfs_get_inode+0x31f/0x730 [ 197.814856][ T8517] ksys_mmap_pgoff+0x1c8/0x5c0 [ 197.814893][ T8517] ? rcu_is_watching+0x12/0xc0 [ 197.814936][ T8517] __x64_sys_mmap+0x125/0x190 [ 197.814976][ T8517] do_syscall_64+0xcd/0x260 [ 197.815029][ T8517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.815060][ T8517] RIP: 0033:0x7ffb3798d169 [ 197.815093][ T8517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 197.815123][ T8517] RSP: 002b:00007ffb357f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 197.815153][ T8517] RAX: ffffffffffffffda RBX: 00007ffb37ba5fa0 RCX: 00007ffb3798d169 [ 197.815174][ T8517] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 197.815191][ T8517] RBP: 00007ffb37a0e990 R08: 0000000000000401 R09: 0000300000000000 [ 197.815209][ T8517] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 197.815227][ T8517] R13: 0000000000000000 R14: 00007ffb37ba5fa0 R15: 00007ffcb2e33f68 [ 197.815265][ T8517] [ 198.119666][ T30] audit: type=1804 audit(4294967320.160:8): pid=8517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.1.974" name="anon_hugepage" dev="hugetlbfs" ino=16489 res=0 errno=0 [ 198.276245][ T8525] netlink: 346 bytes leftover after parsing attributes in process `syz.3.977'. [ 199.236285][ T8554] netlink: 'syz.0.990': attribute type 19 has an invalid length. [ 199.255993][ T8554] netlink: 334 bytes leftover after parsing attributes in process `syz.0.990'. [ 199.366556][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.372943][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.464534][ T8567] netlink: 326 bytes leftover after parsing attributes in process `syz.3.995'. [ 200.374670][ T8588] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1003'. [ 201.229159][ T8605] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1009'. [ 202.329015][ T8636] lo: entered promiscuous mode [ 202.355541][ T8636] lo: left promiscuous mode [ 203.801817][ T8685] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1034'. [ 203.836132][ T8685] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 203.923582][ T8685] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 205.895549][ T8719] program syz.4.1047 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 205.950983][ T8687] kexec: Could not allocate control_code_buffer [ 206.261838][ T8728] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1053'. [ 206.710697][ T5152] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 206.710743][ T5152] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 206.726160][ T5152] bt_err_ratelimited: 8 callbacks suppressed [ 206.726178][ T5152] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 206.732205][ T5152] Bluetooth: hci2: adv larger than maximum supported [ 206.739586][ T5152] Bluetooth: hci2: Malformed LE Event: 0x0d [ 206.757487][ T8745] FAULT_INJECTION: forcing a failure. [ 206.757487][ T8745] name failslab, interval 1, probability 0, space 0, times 0 [ 206.830223][ T8745] CPU: 1 UID: 0 PID: 8745 Comm: syz.3.1060 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 206.830267][ T8745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 206.830285][ T8745] Call Trace: [ 206.830295][ T8745] [ 206.830307][ T8745] dump_stack_lvl+0x16c/0x1f0 [ 206.830360][ T8745] should_fail_ex+0x512/0x640 [ 206.830397][ T8745] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 206.830456][ T8745] should_failslab+0xc2/0x120 [ 206.830494][ T8745] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 206.830550][ T8745] ? dccp_feat_clone_sp_val+0x96/0x130 [ 206.830610][ T8745] kmemdup_noprof+0x29/0x60 [ 206.830643][ T8745] dccp_feat_clone_sp_val+0x96/0x130 [ 206.830695][ T8745] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 206.830732][ T8745] __feat_register_sp+0x331/0x5a0 [ 206.830770][ T8745] ? __pfx___feat_register_sp+0x10/0x10 [ 206.830799][ T8745] ? lockdep_hardirqs_on+0x7c/0x110 [ 206.830845][ T8745] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 206.830889][ T8745] ? __debug_object_init+0x2de/0x3d0 [ 206.830942][ T8745] dccp_feat_init+0x2ad/0x800 [ 206.830980][ T8745] ? __pfx_dccp_feat_init+0x10/0x10 [ 206.831014][ T8745] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 206.831070][ T8745] ? lockdep_init_map_type+0x5c/0x280 [ 206.831100][ T8745] ? do_init_timer+0xc9/0x110 [ 206.831138][ T8745] ? __pfx_dccp_keepalive_timer+0x10/0x10 [ 206.831178][ T8745] ? __pfx_dccp_delack_timer+0x10/0x10 [ 206.831226][ T8745] dccp_init_sock+0x327/0x420 [ 206.831261][ T8745] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 206.831296][ T8745] dccp_v4_init_sock+0x1f/0xa0 [ 206.831328][ T8745] ? __pfx_dccp_v4_init_sock+0x10/0x10 [ 206.831362][ T8745] inet_create+0x936/0x1090 [ 206.831391][ T8745] ? inet_create+0x93/0x1090 [ 206.831424][ T8745] __sock_create+0x335/0x8d0 [ 206.831458][ T8745] inet_ctl_sock_create+0x94/0x230 [ 206.831513][ T8745] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 206.831570][ T8745] ? __pfx_dccp_v4_init_net+0x10/0x10 [ 206.831624][ T8745] dccp_v4_init_net+0x63/0x90 [ 206.831660][ T8745] ops_init+0x1df/0x5f0 [ 206.831709][ T8745] setup_net+0x21e/0x850 [ 206.831758][ T8745] ? __pfx_setup_net+0x10/0x10 [ 206.831800][ T8745] ? lockdep_init_map_type+0x5c/0x280 [ 206.831830][ T8745] ? __pfx_down_read_killable+0x10/0x10 [ 206.831866][ T8745] ? debug_mutex_init+0x37/0x70 [ 206.831909][ T8745] copy_net_ns+0x2a6/0x5f0 [ 206.831961][ T8745] create_new_namespaces+0x3ea/0xad0 [ 206.832015][ T8745] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 206.832065][ T8745] ksys_unshare+0x45b/0xa40 [ 206.832124][ T8745] ? __pfx_ksys_unshare+0x10/0x10 [ 206.832167][ T8745] ? xfd_validate_state+0x5d/0x180 [ 206.832202][ T8745] ? rcu_is_watching+0x12/0xc0 [ 206.832247][ T8745] __x64_sys_unshare+0x31/0x40 [ 206.832292][ T8745] do_syscall_64+0xcd/0x260 [ 206.832340][ T8745] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.832370][ T8745] RIP: 0033:0x7f96bd18d169 [ 206.832393][ T8745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.832421][ T8745] RSP: 002b:00007f96be092038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 206.832448][ T8745] RAX: ffffffffffffffda RBX: 00007f96bd3a5fa0 RCX: 00007f96bd18d169 [ 206.832475][ T8745] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 206.832493][ T8745] RBP: 00007f96bd20e990 R08: 0000000000000000 R09: 0000000000000000 [ 206.832511][ T8745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 206.832529][ T8745] R13: 0000000000000000 R14: 00007f96bd3a5fa0 R15: 00007ffd9e75a498 [ 206.832567][ T8745] [ 208.422034][ T8786] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1070'. [ 209.307425][ T8817] lo: entered promiscuous mode [ 209.322675][ T8817] lo: left promiscuous mode [ 209.674219][ T8828] Process accounting resumed [ 210.099427][ T8856] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1092'. [ 210.127798][ T8856] netlink: 354 bytes leftover after parsing attributes in process `syz.4.1092'. [ 211.083782][ T8886] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1098'. [ 211.626285][ T8902] FAULT_INJECTION: forcing a failure. [ 211.626285][ T8902] name failslab, interval 1, probability 0, space 0, times 0 [ 211.663285][ T8902] CPU: 0 UID: 0 PID: 8902 Comm: syz.3.1102 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 211.663325][ T8902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 211.663343][ T8902] Call Trace: [ 211.663352][ T8902] [ 211.663363][ T8902] dump_stack_lvl+0x16c/0x1f0 [ 211.663413][ T8902] should_fail_ex+0x512/0x640 [ 211.663446][ T8902] ? __kmalloc_noprof+0xbf/0x510 [ 211.663494][ T8902] ? usb_hcd_submit_urb+0x5cf/0x1c60 [ 211.663530][ T8902] should_failslab+0xc2/0x120 [ 211.663558][ T8902] __kmalloc_noprof+0xd2/0x510 [ 211.663602][ T8902] ? mark_held_locks+0x49/0x80 [ 211.663655][ T8902] usb_hcd_submit_urb+0x5cf/0x1c60 [ 211.663704][ T8902] usb_submit_urb+0x87c/0x1730 [ 211.663753][ T8902] ? __init_swait_queue_head+0xca/0x150 [ 211.663793][ T8902] usb_start_wait_urb+0x104/0x4b0 [ 211.663841][ T8902] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 211.663899][ T8902] ? __asan_memset+0x23/0x50 [ 211.663944][ T8902] usb_control_msg+0x326/0x4a0 [ 211.663990][ T8902] ? __pfx_usb_control_msg+0x10/0x10 [ 211.664045][ T8902] hub_ext_port_status+0x14e/0x670 [ 211.664107][ T8902] hub_activate+0x6e5/0x1be0 [ 211.664163][ T8902] ? __pfx_hub_activate+0x10/0x10 [ 211.664205][ T8902] ? find_held_lock+0x2b/0x80 [ 211.664243][ T8902] ? proc_do_submiturb+0x19e0/0x3b20 [ 211.664289][ T8902] ? usbfs_notify_resume+0x25/0xf0 [ 211.664340][ T8902] hub_resume+0xa8/0x3f0 [ 211.664384][ T8902] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 211.664432][ T8902] ? __pfx_hub_resume+0x10/0x10 [ 211.664476][ T8902] ? __pfx_hcd_bus_resume+0x10/0x10 [ 211.664522][ T8902] usb_resume_interface.constprop.0.isra.0+0x2c2/0x3e0 [ 211.664562][ T8902] usb_resume_both+0x273/0x800 [ 211.664599][ T8902] ? __pfx_usb_resume_both+0x10/0x10 [ 211.664635][ T8902] ? __pfx_usb_runtime_resume+0x10/0x10 [ 211.664675][ T8902] ? __pfx_usb_runtime_resume+0x10/0x10 [ 211.664714][ T8902] __rpm_callback+0xc5/0x610 [ 211.664759][ T8902] ? __pfx_usb_runtime_resume+0x10/0x10 [ 211.664798][ T8902] rpm_callback+0x1b7/0x200 [ 211.664838][ T8902] ? __pfx_usb_runtime_resume+0x10/0x10 [ 211.664875][ T8902] rpm_resume+0xd0a/0x1310 [ 211.664914][ T8902] ? __pfx_perf_trace_lock+0x1/0x10 [ 211.664951][ T8902] ? __pfx_rpm_resume+0x10/0x10 [ 211.664990][ T8902] ? do_raw_spin_lock+0x12c/0x2b0 [ 211.665024][ T8902] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 211.665072][ T8902] __pm_runtime_resume+0xb6/0x170 [ 211.665126][ T8902] usb_autoresume_device+0x23/0xe0 [ 211.665164][ T8902] usbdev_open+0x228/0x8b0 [ 211.665196][ T8902] ? do_raw_spin_lock+0x12c/0x2b0 [ 211.665222][ T8902] ? __pfx_usbdev_open+0x10/0x10 [ 211.665272][ T8902] ? chrdev_open+0x58c/0x6a0 [ 211.665316][ T8902] ? __pfx_usbdev_open+0x10/0x10 [ 211.665348][ T8902] chrdev_open+0x231/0x6a0 [ 211.665389][ T8902] ? __pfx_chrdev_open+0x10/0x10 [ 211.665431][ T8902] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 211.665474][ T8902] do_dentry_open+0x741/0x1c10 [ 211.665511][ T8902] ? __pfx_chrdev_open+0x10/0x10 [ 211.665557][ T8902] vfs_open+0x82/0x3f0 [ 211.665586][ T8902] path_openat+0x1e5e/0x2d40 [ 211.665636][ T8902] ? __pfx_path_openat+0x10/0x10 [ 211.665688][ T8902] do_filp_open+0x20b/0x470 [ 211.665731][ T8902] ? __pfx_do_filp_open+0x10/0x10 [ 211.665792][ T8902] ? alloc_fd+0x471/0x7d0 [ 211.665843][ T8902] do_sys_openat2+0x11b/0x1d0 [ 211.665870][ T8902] ? __pfx_do_sys_openat2+0x10/0x10 [ 211.665910][ T8902] __x64_sys_openat+0x174/0x210 [ 211.665938][ T8902] ? __pfx___x64_sys_openat+0x10/0x10 [ 211.665968][ T8902] ? rcu_is_watching+0x12/0xc0 [ 211.666008][ T8902] do_syscall_64+0xcd/0x260 [ 211.666050][ T8902] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.666076][ T8902] RIP: 0033:0x7f96bd18d169 [ 211.666104][ T8902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 211.666131][ T8902] RSP: 002b:00007f96be092038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 211.666158][ T8902] RAX: ffffffffffffffda RBX: 00007f96bd3a5fa0 RCX: 00007f96bd18d169 [ 211.666175][ T8902] RDX: 000000000002ab01 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 211.666191][ T8902] RBP: 00007f96bd20e990 R08: 0000000000000000 R09: 0000000000000000 [ 211.666206][ T8902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 211.666221][ T8902] R13: 0000000000000000 R14: 00007f96bd3a5fa0 R15: 00007ffd9e75a498 [ 211.666253][ T8902] [ 212.195858][ T8902] hub 36-0:1.0: hub_ext_port_status failed (err = -12) [ 212.308878][ T8910] netlink: 'syz.4.1106': attribute type 1 has an invalid length. [ 212.376452][ T8910] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1106'. [ 212.385484][ T8910] netlink: 'syz.4.1106': attribute type 1 has an invalid length. [ 212.527165][ T8914] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1108'. [ 212.765171][ T8924] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1109'. [ 213.383850][ T8949] netlink: 74 bytes leftover after parsing attributes in process `syz.1.1114'. [ 214.055346][ T8966] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1119'. [ 214.328100][ T8972] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1130'. [ 215.061733][ T8998] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1127'. [ 217.918232][ T9078] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1152'. [ 219.012326][ T9110] XFS: Clearing xfsstats [ 219.202734][ T5152] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 220.088087][ T9128] FAULT_INJECTION: forcing a failure. [ 220.088087][ T9128] name failslab, interval 1, probability 0, space 0, times 0 [ 220.107582][ T9128] CPU: 0 UID: 0 PID: 9128 Comm: syz.3.1173 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 220.107626][ T9128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 220.107645][ T9128] Call Trace: [ 220.107656][ T9128] [ 220.107668][ T9128] dump_stack_lvl+0x16c/0x1f0 [ 220.107722][ T9128] should_fail_ex+0x512/0x640 [ 220.107760][ T9128] ? fs_reclaim_acquire+0xae/0x150 [ 220.107801][ T9128] ? tomoyo_open_control+0x51f/0xa30 [ 220.107849][ T9128] should_failslab+0xc2/0x120 [ 220.107878][ T9128] __kmalloc_noprof+0xd2/0x510 [ 220.107936][ T9128] tomoyo_open_control+0x51f/0xa30 [ 220.108001][ T9128] do_dentry_open+0x741/0x1c10 [ 220.108048][ T9128] ? __pfx_tomoyo_open+0x10/0x10 [ 220.108101][ T9128] vfs_open+0x82/0x3f0 [ 220.108138][ T9128] path_openat+0x1e5e/0x2d40 [ 220.108200][ T9128] ? __pfx_path_openat+0x10/0x10 [ 220.108257][ T9128] do_filp_open+0x20b/0x470 [ 220.108304][ T9128] ? __pfx_do_filp_open+0x10/0x10 [ 220.108379][ T9128] ? alloc_fd+0x471/0x7d0 [ 220.108453][ T9128] do_sys_openat2+0x11b/0x1d0 [ 220.108489][ T9128] ? __pfx_do_sys_openat2+0x10/0x10 [ 220.108540][ T9128] __x64_sys_openat+0x174/0x210 [ 220.108576][ T9128] ? __pfx___x64_sys_openat+0x10/0x10 [ 220.108615][ T9128] ? rcu_is_watching+0x12/0xc0 [ 220.108668][ T9128] do_syscall_64+0xcd/0x260 [ 220.108720][ T9128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.108754][ T9128] RIP: 0033:0x7f96bd18d169 [ 220.108781][ T9128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 220.108812][ T9128] RSP: 002b:00007f96be092038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 220.108842][ T9128] RAX: ffffffffffffffda RBX: 00007f96bd3a5fa0 RCX: 00007f96bd18d169 [ 220.108863][ T9128] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 220.108883][ T9128] RBP: 00007f96bd20e990 R08: 0000000000000000 R09: 0000000000000000 [ 220.108902][ T9128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 220.108920][ T9128] R13: 0000000000000000 R14: 00007f96bd3a5fa0 R15: 00007ffd9e75a498 [ 220.108961][ T9128] [ 222.303500][ T9172] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1194'. [ 222.506089][ T9180] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1196'. [ 222.791033][ T9191] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1200'. [ 222.989340][ T9200] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1203'. [ 223.420158][ T9211] netlink: 29 bytes leftover after parsing attributes in process `syz.3.1209'. [ 223.509415][ T9210] FAULT_INJECTION: forcing a failure. [ 223.509415][ T9210] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 223.579324][ T9210] CPU: 0 UID: 0 PID: 9210 Comm: syz.0.1207 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 223.579368][ T9210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 223.579385][ T9210] Call Trace: [ 223.579395][ T9210] [ 223.579405][ T9210] dump_stack_lvl+0x16c/0x1f0 [ 223.579457][ T9210] should_fail_ex+0x512/0x640 [ 223.579497][ T9210] should_fail_alloc_page+0xe7/0x130 [ 223.579528][ T9210] prepare_alloc_pages+0x3c2/0x610 [ 223.579566][ T9210] ? rcu_is_watching+0x12/0xc0 [ 223.579608][ T9210] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 223.579705][ T9210] ? lockdep_hardirqs_on+0x7c/0x110 [ 223.579750][ T9210] ? finish_task_switch.isra.0+0x221/0xc10 [ 223.579800][ T9210] ? rcu_is_watching+0x12/0xc0 [ 223.579838][ T9210] ? trace_sched_exit_tp+0xde/0x130 [ 223.579887][ T9210] ? __schedule+0x1186/0x5de0 [ 223.579930][ T9210] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 223.579977][ T9210] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 223.580050][ T9210] ? __lock_acquire+0xaa4/0x1ba0 [ 223.580098][ T9210] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 223.580134][ T9210] ? policy_nodemask+0xea/0x4e0 [ 223.580189][ T9210] alloc_pages_mpol+0x1fb/0x550 [ 223.580220][ T9210] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 223.580247][ T9210] ? __page_table_check_ptes_set+0x1ae/0x420 [ 223.580297][ T9210] ? find_held_lock+0x2b/0x80 [ 223.580345][ T9210] alloc_pages_noprof+0x131/0x390 [ 223.580375][ T9210] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 223.580418][ T9210] get_free_pages_noprof+0xc/0x40 [ 223.580449][ T9210] kasan_populate_vmalloc_pte+0x2d/0x160 [ 223.580495][ T9210] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 223.580540][ T9210] __apply_to_page_range+0x5f9/0xd30 [ 223.580582][ T9210] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 223.580633][ T9210] ? __pfx___apply_to_page_range+0x10/0x10 [ 223.580680][ T9210] ? alloc_vmap_area+0x872/0x2970 [ 223.580722][ T9210] alloc_vmap_area+0x919/0x2970 [ 223.580775][ T9210] ? __pfx_alloc_vmap_area+0x10/0x10 [ 223.580821][ T9210] __get_vm_area_node+0x1a7/0x300 [ 223.580868][ T9210] __vmalloc_node_range_noprof+0x277/0x1540 [ 223.580911][ T9210] ? bloom_map_alloc+0x302/0x4c0 [ 223.580960][ T9210] ? bloom_map_alloc+0x302/0x4c0 [ 223.580998][ T9210] ? aa_get_newest_label+0x375/0x680 [ 223.581033][ T9210] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 223.581076][ T9210] ? rcu_is_watching+0x12/0xc0 [ 223.581114][ T9210] ? trace_cap_capable+0x18d/0x200 [ 223.581148][ T9210] ? bloom_map_alloc+0x302/0x4c0 [ 223.581185][ T9210] __bpf_map_area_alloc+0xeb/0x190 [ 223.581224][ T9210] ? bloom_map_alloc+0x302/0x4c0 [ 223.581262][ T9210] bloom_map_alloc+0x302/0x4c0 [ 223.581300][ T9210] map_create+0x58f/0x1db0 [ 223.581346][ T9210] ? __pfx_map_create+0x10/0x10 [ 223.581375][ T9210] ? __might_fault+0xe3/0x190 [ 223.581421][ T9210] ? __might_fault+0xe3/0x190 [ 223.581466][ T9210] ? __might_fault+0x13b/0x190 [ 223.581539][ T9210] __sys_bpf+0x47cc/0x4d80 [ 223.581578][ T9210] ? __pfx___sys_bpf+0x10/0x10 [ 223.581608][ T9210] ? kmem_cache_free+0x2d4/0x4d0 [ 223.581651][ T9210] ? fd_install+0x225/0x750 [ 223.581697][ T9210] ? putname+0x154/0x1a0 [ 223.581733][ T9210] ? do_futex+0x122/0x350 [ 223.581776][ T9210] ? __pfx_do_futex+0x10/0x10 [ 223.581838][ T9210] ? xfd_validate_state+0x5d/0x180 [ 223.581873][ T9210] ? rcu_is_watching+0x12/0xc0 [ 223.581916][ T9210] __x64_sys_bpf+0x78/0xc0 [ 223.581952][ T9210] ? lockdep_hardirqs_on+0x7c/0x110 [ 223.581994][ T9210] do_syscall_64+0xcd/0x260 [ 223.582041][ T9210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.582072][ T9210] RIP: 0033:0x7fe67ef8d169 [ 223.582108][ T9210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.582135][ T9210] RSP: 002b:00007fe67fda3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 223.582161][ T9210] RAX: ffffffffffffffda RBX: 00007fe67f1a5fa0 RCX: 00007fe67ef8d169 [ 223.582179][ T9210] RDX: 00000000000006f4 RSI: 0000200000000100 RDI: 0000000000000000 [ 223.582195][ T9210] RBP: 00007fe67f00e990 R08: 0000000000000000 R09: 0000000000000000 [ 223.582212][ T9210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 223.582227][ T9210] R13: 0000000000000000 R14: 00007fe67f1a5fa0 R15: 00007ffeb6723ed8 [ 223.582261][ T9210] [ 224.217158][ T9222] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1213'. [ 226.125340][ T9265] FAULT_INJECTION: forcing a failure. [ 226.125340][ T9265] name failslab, interval 1, probability 0, space 0, times 0 [ 226.171498][ T9265] CPU: 0 UID: 0 PID: 9265 Comm: syz.4.1230 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 226.171542][ T9265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 226.171560][ T9265] Call Trace: [ 226.171571][ T9265] [ 226.171584][ T9265] dump_stack_lvl+0x16c/0x1f0 [ 226.171634][ T9265] should_fail_ex+0x512/0x640 [ 226.171670][ T9265] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 226.171714][ T9265] should_failslab+0xc2/0x120 [ 226.171740][ T9265] __kmalloc_cache_noprof+0x6a/0x3e0 [ 226.171784][ T9265] ? alloc_tty_struct+0x96/0x8c0 [ 226.171823][ T9265] alloc_tty_struct+0x96/0x8c0 [ 226.171855][ T9265] ? __pfx_alloc_tty_struct+0x10/0x10 [ 226.171899][ T9265] tty_init_dev.part.0+0x1e/0x500 [ 226.171935][ T9265] tty_open+0xa50/0xf90 [ 226.171973][ T9265] ? __pfx_tty_open+0x10/0x10 [ 226.172005][ T9265] ? chrdev_open+0x58c/0x6a0 [ 226.172059][ T9265] ? __pfx_tty_open+0x10/0x10 [ 226.172089][ T9265] chrdev_open+0x231/0x6a0 [ 226.172141][ T9265] ? __pfx_chrdev_open+0x10/0x10 [ 226.172195][ T9265] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 226.172249][ T9265] do_dentry_open+0x741/0x1c10 [ 226.172296][ T9265] ? __pfx_chrdev_open+0x10/0x10 [ 226.172366][ T9265] vfs_open+0x82/0x3f0 [ 226.172401][ T9265] path_openat+0x1e5e/0x2d40 [ 226.172488][ T9265] ? __pfx_path_openat+0x10/0x10 [ 226.172548][ T9265] do_filp_open+0x20b/0x470 [ 226.172598][ T9265] ? __pfx_do_filp_open+0x10/0x10 [ 226.172675][ T9265] ? alloc_fd+0x471/0x7d0 [ 226.172732][ T9265] do_sys_openat2+0x11b/0x1d0 [ 226.172764][ T9265] ? __pfx_do_sys_openat2+0x10/0x10 [ 226.172806][ T9265] __x64_sys_openat+0x174/0x210 [ 226.172835][ T9265] ? __pfx___x64_sys_openat+0x10/0x10 [ 226.172872][ T9265] ? rcu_is_watching+0x12/0xc0 [ 226.172918][ T9265] do_syscall_64+0xcd/0x260 [ 226.172973][ T9265] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.173003][ T9265] RIP: 0033:0x7f3d3a38d169 [ 226.173028][ T9265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.173057][ T9265] RSP: 002b:00007f3d3b1fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 226.173086][ T9265] RAX: ffffffffffffffda RBX: 00007f3d3a5a5fa0 RCX: 00007f3d3a38d169 [ 226.173105][ T9265] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 226.173123][ T9265] RBP: 00007f3d3a40e990 R08: 0000000000000000 R09: 0000000000000000 [ 226.173142][ T9265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.173160][ T9265] R13: 0000000000000000 R14: 00007f3d3a5a5fa0 R15: 00007ffc48a92e28 [ 226.173198][ T9265] [ 227.360551][ T9287] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1240'. [ 229.574366][ T9322] size and base must be multiples of 4 kiB [ 229.585999][ T9322] CPU: 0 UID: 0 PID: 9322 Comm: syz.4.1252 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 229.586038][ T9322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 229.586055][ T9322] Call Trace: [ 229.586064][ T9322] [ 229.586075][ T9322] dump_stack_lvl+0x16c/0x1f0 [ 229.586122][ T9322] mtrr_add+0xdf/0x110 [ 229.586151][ T9322] mtrr_ioctl+0x7ef/0xcf0 [ 229.586183][ T9322] ? __pfx_mtrr_ioctl+0x10/0x10 [ 229.586218][ T9322] ? find_held_lock+0x2b/0x80 [ 229.586264][ T9322] ? __fget_files+0x20e/0x3c0 [ 229.586306][ T9322] ? __pfx_mtrr_ioctl+0x10/0x10 [ 229.586346][ T9322] proc_reg_unlocked_ioctl+0x226/0x320 [ 229.586374][ T9322] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 229.586406][ T9322] __x64_sys_ioctl+0x190/0x200 [ 229.586444][ T9322] do_syscall_64+0xcd/0x260 [ 229.586490][ T9322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.586519][ T9322] RIP: 0033:0x7f3d3a38d169 [ 229.586541][ T9322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.586569][ T9322] RSP: 002b:00007f3d3b1fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 229.586596][ T9322] RAX: ffffffffffffffda RBX: 00007f3d3a5a5fa0 RCX: 00007f3d3a38d169 [ 229.586615][ T9322] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003 [ 229.586631][ T9322] RBP: 00007f3d3a40e990 R08: 0000000000000000 R09: 0000000000000000 [ 229.586649][ T9322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 229.586665][ T9322] R13: 0000000000000000 R14: 00007f3d3a5a5fa0 R15: 00007ffc48a92e28 [ 229.586701][ T9322] [ 230.522766][ T9333] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 235.195499][ T9362] FAULT_INJECTION: forcing a failure. [ 235.195499][ T9362] name failslab, interval 1, probability 0, space 0, times 0 [ 235.244136][ T9371] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1272'. [ 235.253480][ T9362] CPU: 0 UID: 0 PID: 9362 Comm: syz.4.1269 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 235.253519][ T9362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 235.253538][ T9362] Call Trace: [ 235.253548][ T9362] [ 235.253560][ T9362] dump_stack_lvl+0x16c/0x1f0 [ 235.253612][ T9362] should_fail_ex+0x512/0x640 [ 235.253647][ T9362] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 235.253698][ T9362] should_failslab+0xc2/0x120 [ 235.253726][ T9362] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 235.253778][ T9362] ? __pfx___might_resched+0x10/0x10 [ 235.253830][ T9362] ? __anon_vma_prepare+0x344/0x5e0 [ 235.253880][ T9362] __anon_vma_prepare+0x344/0x5e0 [ 235.253926][ T9362] ? __pfx___pte_alloc+0x10/0x10 [ 235.253965][ T9362] __vmf_anon_prepare+0x11c/0x240 [ 235.254003][ T9362] do_pte_missing+0x1194/0x3fb0 [ 235.254050][ T9362] ? _raw_spin_unlock+0x28/0x50 [ 235.254092][ T9362] ? __pmd_alloc+0x3c2/0x870 [ 235.254127][ T9362] __handle_mm_fault+0x103d/0x2a40 [ 235.254176][ T9362] ? __pfx___handle_mm_fault+0x10/0x10 [ 235.254252][ T9362] handle_mm_fault+0x3fe/0xad0 [ 235.254306][ T9362] __get_user_pages+0x771/0x36f0 [ 235.254356][ T9362] ? __pfx_mt_find+0x10/0x10 [ 235.254408][ T9362] ? __pfx___get_user_pages+0x10/0x10 [ 235.254466][ T9362] populate_vma_page_range+0x278/0x3a0 [ 235.254518][ T9362] ? __pfx_populate_vma_page_range+0x10/0x10 [ 235.254561][ T9362] ? __pfx_find_vma_intersection+0x10/0x10 [ 235.254602][ T9362] ? do_mmap+0x69c/0x11b0 [ 235.254645][ T9362] __mm_populate+0x1d8/0x380 [ 235.254690][ T9362] ? __pfx___mm_populate+0x10/0x10 [ 235.254737][ T9362] ? up_write+0x1b2/0x520 [ 235.254776][ T9362] vm_mmap_pgoff+0x362/0x450 [ 235.254826][ T9362] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 235.254874][ T9362] ? __x64_sys_futex+0x1e0/0x4c0 [ 235.254920][ T9362] ? __x64_sys_futex+0x1e9/0x4c0 [ 235.254973][ T9362] ksys_mmap_pgoff+0x7d/0x5c0 [ 235.255011][ T9362] ? rcu_is_watching+0x12/0xc0 [ 235.255055][ T9362] __x64_sys_mmap+0x125/0x190 [ 235.255098][ T9362] do_syscall_64+0xcd/0x260 [ 235.255151][ T9362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.255181][ T9362] RIP: 0033:0x7f3d3a38d169 [ 235.255205][ T9362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.255234][ T9362] RSP: 002b:00007f3d3b1fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 235.255262][ T9362] RAX: ffffffffffffffda RBX: 00007f3d3a5a5fa0 RCX: 00007f3d3a38d169 [ 235.255281][ T9362] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 235.255298][ T9362] RBP: 00007f3d3a40e990 R08: ffffffffffffffff R09: 0000000000008000 [ 235.255316][ T9362] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 235.255334][ T9362] R13: 0000000000000000 R14: 00007f3d3a5a5fa0 R15: 00007ffc48a92e28 [ 235.255373][ T9362] [ 236.926578][ T9403] delete_channel: no stack [ 237.037462][ T9406] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1286'. [ 237.981166][ T9423] sctp: [Deprecated]: syz.0.1289 (pid 9423) Use of struct sctp_assoc_value in delayed_ack socket option. [ 237.981166][ T9423] Use struct sctp_sack_info instead [ 238.189536][ T9434] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1295'. [ 238.217697][ T9434] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1295'. [ 238.585401][ T9442] FAULT_INJECTION: forcing a failure. [ 238.585401][ T9442] name failslab, interval 1, probability 0, space 0, times 0 [ 238.615793][ T9442] CPU: 0 UID: 0 PID: 9442 Comm: syz.1.1300 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 238.615838][ T9442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 238.615854][ T9442] Call Trace: [ 238.615864][ T9442] [ 238.615875][ T9442] dump_stack_lvl+0x16c/0x1f0 [ 238.615927][ T9442] should_fail_ex+0x512/0x640 [ 238.615962][ T9442] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 238.616010][ T9442] should_failslab+0xc2/0x120 [ 238.616038][ T9442] __kmalloc_cache_noprof+0x6a/0x3e0 [ 238.616082][ T9442] ? pty_common_install+0x10e/0xb30 [ 238.616132][ T9442] pty_common_install+0x10e/0xb30 [ 238.616181][ T9442] ? __pfx_pty_install+0x10/0x10 [ 238.616225][ T9442] tty_init_dev.part.0+0x99/0x500 [ 238.616261][ T9442] tty_open+0xa50/0xf90 [ 238.616300][ T9442] ? __pfx_tty_open+0x10/0x10 [ 238.616332][ T9442] ? chrdev_open+0x58c/0x6a0 [ 238.616385][ T9442] ? __pfx_tty_open+0x10/0x10 [ 238.616414][ T9442] chrdev_open+0x231/0x6a0 [ 238.616464][ T9442] ? __pfx_chrdev_open+0x10/0x10 [ 238.616517][ T9442] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 238.616578][ T9442] do_dentry_open+0x741/0x1c10 [ 238.616625][ T9442] ? __pfx_chrdev_open+0x10/0x10 [ 238.616683][ T9442] vfs_open+0x82/0x3f0 [ 238.616721][ T9442] path_openat+0x1e5e/0x2d40 [ 238.616784][ T9442] ? __pfx_path_openat+0x10/0x10 [ 238.616842][ T9442] do_filp_open+0x20b/0x470 [ 238.616890][ T9442] ? __pfx_do_filp_open+0x10/0x10 [ 238.616966][ T9442] ? alloc_fd+0x471/0x7d0 [ 238.617024][ T9442] do_sys_openat2+0x11b/0x1d0 [ 238.617057][ T9442] ? __pfx_do_sys_openat2+0x10/0x10 [ 238.617107][ T9442] __x64_sys_openat+0x174/0x210 [ 238.617143][ T9442] ? __pfx___x64_sys_openat+0x10/0x10 [ 238.617180][ T9442] ? rcu_is_watching+0x12/0xc0 [ 238.617231][ T9442] do_syscall_64+0xcd/0x260 [ 238.617284][ T9442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.617315][ T9442] RIP: 0033:0x7ffb3798d169 [ 238.617341][ T9442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.617371][ T9442] RSP: 002b:00007ffb357f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 238.617399][ T9442] RAX: ffffffffffffffda RBX: 00007ffb37ba5fa0 RCX: 00007ffb3798d169 [ 238.617419][ T9442] RDX: 0000000000040000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 238.617438][ T9442] RBP: 00007ffb37a0e990 R08: 0000000000000000 R09: 0000000000000000 [ 238.617456][ T9442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.617474][ T9442] R13: 0000000000000000 R14: 00007ffb37ba5fa0 R15: 00007ffcb2e33f68 [ 238.617514][ T9442] [ 239.730553][ T9457] Process accounting paused [ 241.961774][ T9506] netlink: 26 bytes leftover after parsing attributes in process `syz.3.1327'. [ 242.005912][ T9506] openvswitch: netlink: IP tunnel dst address not specified [ 242.234420][ T9511] netlink: 'syz.1.1331': attribute type 3 has an invalid length. [ 242.554477][ T9522] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1334'. [ 243.469607][ T9541] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1339'. [ 243.517439][ T9541] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1339'. [ 243.945878][ T9555] netlink: 'syz.1.1346': attribute type 2 has an invalid length. [ 243.976832][ T9555] netlink: 'syz.1.1346': attribute type 2 has an invalid length. [ 244.226293][ T9565] netlink: 'syz.0.1351': attribute type 4 has an invalid length. [ 244.439857][ T9572] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1354'. [ 245.019796][ T9595] netlink: 'syz.4.1363': attribute type 21 has an invalid length. [ 245.036204][ T9595] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1363'. [ 245.687341][ T9617] netlink: 130 bytes leftover after parsing attributes in process `syz.0.1372'. [ 245.780474][ T5152] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 245.780515][ T5152] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 245.795529][ T5152] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 245.795582][ T5152] Bluetooth: hci3: Unknown advertising packet type: 0x74 [ 245.803072][ T5152] Bluetooth: hci3: adv larger than maximum supported [ 245.810614][ T5152] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 245.820471][ T5152] Bluetooth: hci3: Unknown advertising packet type: 0x20 [ 245.828463][ T5152] Bluetooth: hci3: Malformed LE Event: 0x0d [ 246.324501][ T9632] FAULT_INJECTION: forcing a failure. [ 246.324501][ T9632] name failslab, interval 1, probability 0, space 0, times 0 [ 246.341962][ T9639] FAULT_INJECTION: forcing a failure. [ 246.341962][ T9639] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 246.382789][ T9632] CPU: 1 UID: 0 PID: 9632 Comm: syz.4.1378 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 246.382835][ T9632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 246.382865][ T9632] Call Trace: [ 246.382877][ T9632] [ 246.382889][ T9632] dump_stack_lvl+0x16c/0x1f0 [ 246.382942][ T9632] should_fail_ex+0x512/0x640 [ 246.382977][ T9632] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 246.383030][ T9632] should_failslab+0xc2/0x120 [ 246.383060][ T9632] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 246.383113][ T9632] ? __kernfs_new_node+0xd2/0x8a0 [ 246.383168][ T9632] __kernfs_new_node+0xd2/0x8a0 [ 246.383223][ T9632] ? __pfx___kernfs_new_node+0x10/0x10 [ 246.383284][ T9632] ? find_held_lock+0x2b/0x80 [ 246.383327][ T9632] ? kernfs_root+0xee/0x2a0 [ 246.383384][ T9632] kernfs_new_node+0x13c/0x1e0 [ 246.383425][ T9632] __kernfs_create_file+0x53/0x350 [ 246.383470][ T9632] sysfs_add_file_mode_ns+0x207/0x3c0 [ 246.383536][ T9632] sysfs_merge_group+0x1aa/0x340 [ 246.383568][ T9632] ? __pfx_sysfs_merge_group+0x10/0x10 [ 246.383604][ T9632] ? __pfx_dev_add_physical_location+0x10/0x10 [ 246.383656][ T9632] ? bus_to_subsys+0x12d/0x160 [ 246.383700][ T9632] dpm_sysfs_add+0x237/0x280 [ 246.383749][ T9632] device_add+0x9a6/0x1a70 [ 246.383801][ T9632] ? __pfx_device_add+0x10/0x10 [ 246.383833][ T9632] ? lockdep_init_map_type+0x5c/0x280 [ 246.383864][ T9632] ? __init_waitqueue_head+0xca/0x150 [ 246.383913][ T9632] rfkill_register+0x1ad/0xb40 [ 246.383953][ T9632] nfc_register_device+0x11f/0x3c0 [ 246.384006][ T9632] nci_register_device+0x7f1/0xb80 [ 246.384048][ T9632] ? __pfx_nci_register_device+0x10/0x10 [ 246.384095][ T9632] ? lockdep_init_map_type+0x5c/0x280 [ 246.384134][ T9632] virtual_ncidev_open+0x141/0x220 [ 246.384171][ T9632] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 246.384206][ T9632] misc_open+0x35a/0x420 [ 246.384247][ T9632] ? __pfx_misc_open+0x10/0x10 [ 246.384285][ T9632] chrdev_open+0x231/0x6a0 [ 246.384333][ T9632] ? __pfx_apparmor_file_open+0x10/0x10 [ 246.384373][ T9632] ? __pfx_chrdev_open+0x10/0x10 [ 246.384425][ T9632] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 246.384478][ T9632] do_dentry_open+0x741/0x1c10 [ 246.384530][ T9632] ? __pfx_chrdev_open+0x10/0x10 [ 246.384588][ T9632] vfs_open+0x82/0x3f0 [ 246.384626][ T9632] path_openat+0x1e5e/0x2d40 [ 246.384690][ T9632] ? __pfx_path_openat+0x10/0x10 [ 246.384747][ T9632] do_filp_open+0x20b/0x470 [ 246.384795][ T9632] ? __pfx_do_filp_open+0x10/0x10 [ 246.384873][ T9632] ? alloc_fd+0x471/0x7d0 [ 246.384930][ T9632] do_sys_openat2+0x11b/0x1d0 [ 246.384962][ T9632] ? __pfx_do_sys_openat2+0x10/0x10 [ 246.385012][ T9632] __x64_sys_openat+0x174/0x210 [ 246.385047][ T9632] ? __pfx___x64_sys_openat+0x10/0x10 [ 246.385083][ T9632] ? rcu_is_watching+0x12/0xc0 [ 246.385134][ T9632] do_syscall_64+0xcd/0x260 [ 246.385184][ T9632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.385216][ T9632] RIP: 0033:0x7f3d3a38d169 [ 246.385241][ T9632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.385271][ T9632] RSP: 002b:00007f3d3b1fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 246.385300][ T9632] RAX: ffffffffffffffda RBX: 00007f3d3a5a5fa0 RCX: 00007f3d3a38d169 [ 246.385320][ T9632] RDX: 0000000000005400 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 246.385339][ T9632] RBP: 00007f3d3a40e990 R08: 0000000000000000 R09: 0000000000000000 [ 246.385357][ T9632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 246.385374][ T9632] R13: 0000000000000000 R14: 00007f3d3a5a5fa0 R15: 00007ffc48a92e28 [ 246.385413][ T9632] [ 246.385959][ T9639] CPU: 0 UID: 0 PID: 9639 Comm: syz.3.1380 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 246.386003][ T9639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 246.386023][ T9639] Call Trace: [ 246.386033][ T9639] [ 246.386046][ T9639] dump_stack_lvl+0x16c/0x1f0 [ 246.386097][ T9639] should_fail_ex+0x512/0x640 [ 246.386141][ T9639] should_fail_alloc_page+0xe7/0x130 [ 246.386176][ T9639] prepare_alloc_pages+0x3c2/0x610 [ 246.386225][ T9639] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 246.386296][ T9639] ? mas_next_slot+0x12d3/0x21b0 [ 246.386348][ T9639] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 246.386398][ T9639] ? __up_read+0x1f8/0x750 [ 246.386448][ T9639] ? mas_find+0x2f6/0x530 [ 246.386499][ T9639] ? validate_mm+0x40a/0x570 [ 246.386549][ T9639] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 246.386587][ T9639] ? policy_nodemask+0xea/0x4e0 [ 246.386655][ T9639] alloc_pages_mpol+0x1fb/0x550 [ 246.386688][ T9639] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 246.386733][ T9639] alloc_pages_noprof+0x131/0x390 [ 246.386771][ T9639] __pmd_alloc+0x3f/0x870 [ 246.386815][ T9639] __handle_mm_fault+0x948/0x2a40 [ 246.386876][ T9639] ? __pfx___handle_mm_fault+0x10/0x10 [ 246.386965][ T9639] handle_mm_fault+0x3fe/0xad0 [ 246.387019][ T9639] __get_user_pages+0x771/0x36f0 [ 246.387072][ T9639] ? __pfx_mt_find+0x10/0x10 [ 246.387125][ T9639] ? __pfx___get_user_pages+0x10/0x10 [ 246.387183][ T9639] populate_vma_page_range+0x278/0x3a0 [ 246.387234][ T9639] ? __pfx_populate_vma_page_range+0x10/0x10 [ 246.387278][ T9639] ? __pfx_find_vma_intersection+0x10/0x10 [ 246.387320][ T9639] ? do_mmap+0x69c/0x11b0 [ 246.387363][ T9639] __mm_populate+0x1d8/0x380 [ 246.387409][ T9639] ? __pfx___mm_populate+0x10/0x10 [ 246.387457][ T9639] ? up_write+0x1b2/0x520 [ 246.387496][ T9639] vm_mmap_pgoff+0x362/0x450 [ 246.387539][ T9639] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 246.387586][ T9639] ? __x64_sys_futex+0x1e0/0x4c0 [ 246.387631][ T9639] ? __x64_sys_futex+0x1e9/0x4c0 [ 246.387684][ T9639] ksys_mmap_pgoff+0x7d/0x5c0 [ 246.387724][ T9639] ? rcu_is_watching+0x12/0xc0 [ 246.387775][ T9639] __x64_sys_mmap+0x125/0x190 [ 246.387819][ T9639] do_syscall_64+0xcd/0x260 [ 246.387872][ T9639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.387914][ T9639] RIP: 0033:0x7f96bd18d169 [ 246.387939][ T9639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.387972][ T9639] RSP: 002b:00007f96be092038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 246.388002][ T9639] RAX: ffffffffffffffda RBX: 00007f96bd3a5fa0 RCX: 00007f96bd18d169 [ 246.388024][ T9639] RDX: 00000000000000b3 RSI: 0000000000040008 RDI: 0000000000000000 [ 246.388042][ T9639] RBP: 00007f96bd20e990 R08: 0000000000000003 R09: 0000000000028000 [ 246.388061][ T9639] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 246.388079][ T9639] R13: 0000000000000000 R14: 00007f96bd3a5fa0 R15: 00007ffd9e75a498 [ 246.388119][ T9639] [ 247.654601][ T5152] Bluetooth: hci1: SCO packet for unknown connection handle 0 [ 247.791738][ T9656] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1386'. [ 248.127559][ T9669] netlink: 'syz.3.1391': attribute type 35 has an invalid length. [ 248.714842][ T9688] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1400'. [ 248.748988][ T9690] mtrr: base(0x400000000000000) is not aligned on a size(0x0000) boundary [ 249.170934][ T9700] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1406'. [ 249.768972][ T9712] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 249.868913][ T9723] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 250.034720][ T9728] FAULT_INJECTION: forcing a failure. [ 250.034720][ T9728] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 250.050277][ T9728] CPU: 1 UID: 0 PID: 9728 Comm: syz.0.1419 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 250.050319][ T9728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 250.050337][ T9728] Call Trace: [ 250.050347][ T9728] [ 250.050358][ T9728] dump_stack_lvl+0x16c/0x1f0 [ 250.050408][ T9728] should_fail_ex+0x512/0x640 [ 250.050463][ T9728] should_fail_alloc_page+0xe7/0x130 [ 250.050498][ T9728] prepare_alloc_pages+0x3c2/0x610 [ 250.050539][ T9728] ? rcu_is_watching+0x12/0xc0 [ 250.050584][ T9728] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 250.050645][ T9728] ? stack_trace_save+0x8e/0xc0 [ 250.050687][ T9728] ? __pfx_stack_trace_save+0x10/0x10 [ 250.050728][ T9728] ? stack_depot_save_flags+0x28/0xa50 [ 250.050763][ T9728] ? __lock_acquire+0xaa4/0x1ba0 [ 250.050815][ T9728] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 250.050868][ T9728] ? kasan_save_stack+0x42/0x60 [ 250.050912][ T9728] ? kasan_save_stack+0x33/0x60 [ 250.050955][ T9728] ? kasan_save_track+0x14/0x30 [ 250.050998][ T9728] ? __kasan_kmalloc+0xaa/0xb0 [ 250.051051][ T9728] ? mon_bin_open+0x1a8/0x4a0 [ 250.051092][ T9728] ? chrdev_open+0x231/0x6a0 [ 250.051142][ T9728] ? __x64_sys_openat+0x174/0x210 [ 250.051173][ T9728] ? do_syscall_64+0xcd/0x260 [ 250.051217][ T9728] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.051265][ T9728] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 250.051301][ T9728] ? policy_nodemask+0xea/0x4e0 [ 250.051356][ T9728] alloc_pages_mpol+0x1fb/0x550 [ 250.051387][ T9728] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 250.051429][ T9728] alloc_pages_noprof+0x131/0x390 [ 250.051473][ T9728] get_zeroed_page_noprof+0x14/0x50 [ 250.051509][ T9728] mon_alloc_buff+0xbc/0x180 [ 250.051548][ T9728] ? kasan_save_track+0x14/0x30 [ 250.051596][ T9728] mon_bin_open+0x207/0x4a0 [ 250.051637][ T9728] ? __pfx_mon_bin_open+0x10/0x10 [ 250.051677][ T9728] chrdev_open+0x231/0x6a0 [ 250.051727][ T9728] ? __pfx_chrdev_open+0x10/0x10 [ 250.051780][ T9728] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 250.051833][ T9728] do_dentry_open+0x741/0x1c10 [ 250.051879][ T9728] ? __pfx_chrdev_open+0x10/0x10 [ 250.051936][ T9728] vfs_open+0x82/0x3f0 [ 250.051973][ T9728] path_openat+0x1e5e/0x2d40 [ 250.052034][ T9728] ? __pfx_path_openat+0x10/0x10 [ 250.052093][ T9728] do_filp_open+0x20b/0x470 [ 250.052140][ T9728] ? __pfx_do_filp_open+0x10/0x10 [ 250.052215][ T9728] ? alloc_fd+0x471/0x7d0 [ 250.052271][ T9728] do_sys_openat2+0x11b/0x1d0 [ 250.052303][ T9728] ? __pfx_do_sys_openat2+0x10/0x10 [ 250.052351][ T9728] __x64_sys_openat+0x174/0x210 [ 250.052384][ T9728] ? __pfx___x64_sys_openat+0x10/0x10 [ 250.052420][ T9728] ? rcu_is_watching+0x12/0xc0 [ 250.052481][ T9728] do_syscall_64+0xcd/0x260 [ 250.052531][ T9728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.052563][ T9728] RIP: 0033:0x7fe67ef8d169 [ 250.052588][ T9728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 250.052617][ T9728] RSP: 002b:00007fe67fda3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 250.052646][ T9728] RAX: ffffffffffffffda RBX: 00007fe67f1a5fa0 RCX: 00007fe67ef8d169 [ 250.052666][ T9728] RDX: 0000000000080000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 250.052686][ T9728] RBP: 00007fe67f00e990 R08: 0000000000000000 R09: 0000000000000000 [ 250.052716][ T9728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 250.052732][ T9728] R13: 0000000000000000 R14: 00007fe67f1a5fa0 R15: 00007ffeb6723ed8 [ 250.052770][ T9728] [ 252.136707][ T9791] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1444'. [ 255.047014][ T9870] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1477'. [ 255.632470][ T9889] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1484'. [ 255.939556][ T9896] FAULT_INJECTION: forcing a failure. [ 255.939556][ T9896] name failslab, interval 1, probability 0, space 0, times 0 [ 255.978056][ T9896] CPU: 1 UID: 0 PID: 9896 Comm: syz.3.1486 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 255.978101][ T9896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 255.978120][ T9896] Call Trace: [ 255.978131][ T9896] [ 255.978143][ T9896] dump_stack_lvl+0x16c/0x1f0 [ 255.978197][ T9896] should_fail_ex+0x512/0x640 [ 255.978235][ T9896] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 255.978290][ T9896] should_failslab+0xc2/0x120 [ 255.978320][ T9896] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 255.978371][ T9896] ? __kernfs_new_node+0xd2/0x8a0 [ 255.978428][ T9896] __kernfs_new_node+0xd2/0x8a0 [ 255.978485][ T9896] ? __pfx___kernfs_new_node+0x10/0x10 [ 255.978547][ T9896] ? find_held_lock+0x2b/0x80 [ 255.978591][ T9896] ? kernfs_root+0xee/0x2a0 [ 255.978661][ T9896] kernfs_new_node+0x13c/0x1e0 [ 255.978703][ T9896] __kernfs_create_file+0x53/0x350 [ 255.978752][ T9896] sysfs_add_file_mode_ns+0x207/0x3c0 [ 255.978812][ T9896] sysfs_merge_group+0x1aa/0x340 [ 255.978845][ T9896] ? __pfx_sysfs_merge_group+0x10/0x10 [ 255.978882][ T9896] ? __pfx_dev_add_physical_location+0x10/0x10 [ 255.978935][ T9896] ? bus_to_subsys+0x12d/0x160 [ 255.978980][ T9896] dpm_sysfs_add+0x237/0x280 [ 255.979017][ T9896] device_add+0x9a6/0x1a70 [ 255.979055][ T9896] ? __pfx_device_add+0x10/0x10 [ 255.979088][ T9896] ? lockdep_init_map_type+0x5c/0x280 [ 255.979122][ T9896] ? __init_waitqueue_head+0xca/0x150 [ 255.979172][ T9896] rfkill_register+0x1ad/0xb40 [ 255.979213][ T9896] nfc_register_device+0x11f/0x3c0 [ 255.979267][ T9896] nci_register_device+0x7f1/0xb80 [ 255.979311][ T9896] ? __pfx_nci_register_device+0x10/0x10 [ 255.979359][ T9896] ? lockdep_init_map_type+0x5c/0x280 [ 255.979400][ T9896] virtual_ncidev_open+0x141/0x220 [ 255.979438][ T9896] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 255.979474][ T9896] misc_open+0x35a/0x420 [ 255.979517][ T9896] ? __pfx_misc_open+0x10/0x10 [ 255.979557][ T9896] chrdev_open+0x231/0x6a0 [ 255.979605][ T9896] ? __pfx_apparmor_file_open+0x10/0x10 [ 255.979655][ T9896] ? __pfx_chrdev_open+0x10/0x10 [ 255.979710][ T9896] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 255.979764][ T9896] do_dentry_open+0x741/0x1c10 [ 255.979819][ T9896] ? __pfx_chrdev_open+0x10/0x10 [ 255.979880][ T9896] vfs_open+0x82/0x3f0 [ 255.979918][ T9896] path_openat+0x1e5e/0x2d40 [ 255.979983][ T9896] ? __pfx_path_openat+0x10/0x10 [ 255.980043][ T9896] do_filp_open+0x20b/0x470 [ 255.980092][ T9896] ? __pfx_do_filp_open+0x10/0x10 [ 255.980173][ T9896] ? alloc_fd+0x471/0x7d0 [ 255.980233][ T9896] do_sys_openat2+0x11b/0x1d0 [ 255.980267][ T9896] ? __pfx_do_sys_openat2+0x10/0x10 [ 255.980320][ T9896] __x64_sys_openat+0x174/0x210 [ 255.980356][ T9896] ? __pfx___x64_sys_openat+0x10/0x10 [ 255.980395][ T9896] ? rcu_is_watching+0x12/0xc0 [ 255.980448][ T9896] do_syscall_64+0xcd/0x260 [ 255.980501][ T9896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.980533][ T9896] RIP: 0033:0x7f96bd18d169 [ 255.980560][ T9896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 255.980590][ T9896] RSP: 002b:00007f96be092038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 255.980628][ T9896] RAX: ffffffffffffffda RBX: 00007f96bd3a5fa0 RCX: 00007f96bd18d169 [ 255.980651][ T9896] RDX: 0000000000005400 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 255.980672][ T9896] RBP: 00007f96bd20e990 R08: 0000000000000000 R09: 0000000000000000 [ 255.980691][ T9896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 255.980710][ T9896] R13: 0000000000000000 R14: 00007f96bd3a5fa0 R15: 00007ffd9e75a498 [ 255.980753][ T9896] [ 257.180041][ T9925] netlink: 130 bytes leftover after parsing attributes in process `syz.1.1496'. [ 258.414292][ T9970] netlink: 35 bytes leftover after parsing attributes in process `syz.3.1513'. [ 258.480691][ T30] audit: type=1326 audit(4294967380.520:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9962 comm="syz.1.1511" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffb3798d169 code=0x0 [ 258.568279][ T9972] FAULT_INJECTION: forcing a failure. [ 258.568279][ T9972] name failslab, interval 1, probability 0, space 0, times 0 [ 258.582155][ T9972] CPU: 0 UID: 0 PID: 9972 Comm: syz.3.1515 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 258.582197][ T9972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 258.582214][ T9972] Call Trace: [ 258.582224][ T9972] [ 258.582235][ T9972] dump_stack_lvl+0x16c/0x1f0 [ 258.582284][ T9972] should_fail_ex+0x512/0x640 [ 258.582319][ T9972] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 258.582367][ T9972] ? __pfx_regulator_summary_open+0x10/0x10 [ 258.582400][ T9972] should_failslab+0xc2/0x120 [ 258.582440][ T9972] __kmalloc_cache_noprof+0x6a/0x3e0 [ 258.582480][ T9972] ? __pfx___debugfs_file_get+0x10/0x10 [ 258.582510][ T9972] ? single_open+0x4d/0x1f0 [ 258.582561][ T9972] ? __pfx_apparmor_file_open+0x10/0x10 [ 258.582613][ T9972] ? __pfx_regulator_summary_open+0x10/0x10 [ 258.582648][ T9972] ? __pfx_regulator_summary_show+0x10/0x10 [ 258.582687][ T9972] single_open+0x4d/0x1f0 [ 258.582725][ T9972] full_proxy_open_regular+0x1b6/0x360 [ 258.582766][ T9972] do_dentry_open+0x741/0x1c10 [ 258.582812][ T9972] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 258.582858][ T9972] vfs_open+0x82/0x3f0 [ 258.582895][ T9972] path_openat+0x1e5e/0x2d40 [ 258.582958][ T9972] ? __pfx_path_openat+0x10/0x10 [ 258.583015][ T9972] do_filp_open+0x20b/0x470 [ 258.583062][ T9972] ? __pfx_do_filp_open+0x10/0x10 [ 258.583137][ T9972] ? alloc_fd+0x471/0x7d0 [ 258.583192][ T9972] do_sys_openat2+0x11b/0x1d0 [ 258.583226][ T9972] ? __pfx_do_sys_openat2+0x10/0x10 [ 258.583275][ T9972] __x64_sys_openat+0x174/0x210 [ 258.583310][ T9972] ? __pfx___x64_sys_openat+0x10/0x10 [ 258.583348][ T9972] ? rcu_is_watching+0x12/0xc0 [ 258.583399][ T9972] do_syscall_64+0xcd/0x260 [ 258.583451][ T9972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.583482][ T9972] RIP: 0033:0x7f96bd18d169 [ 258.583506][ T9972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 258.583536][ T9972] RSP: 002b:00007f96be092038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 258.583565][ T9972] RAX: ffffffffffffffda RBX: 00007f96bd3a5fa0 RCX: 00007f96bd18d169 [ 258.583593][ T9972] RDX: 0000000000000a80 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 258.583613][ T9972] RBP: 00007f96bd20e990 R08: 0000000000000000 R09: 0000000000000000 [ 258.583632][ T9972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 258.583649][ T9972] R13: 0000000000000000 R14: 00007f96bd3a5fa0 R15: 00007ffd9e75a498 [ 258.583688][ T9972] [ 259.071993][ T9983] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1520'. [ 259.149975][ T9986] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1521'. [ 259.409128][ T9994] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 259.418374][ T9994] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 259.488398][ T9998] netlink: 'syz.3.1526': attribute type 16 has an invalid length. [ 259.505798][ T9998] netlink: 322 bytes leftover after parsing attributes in process `syz.3.1526'. [ 259.575166][T10000] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1527'. [ 259.601274][T10000] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1527'. [ 260.164326][T10022] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1535'. [ 260.201705][T10022] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1535'. [ 260.382234][T10032] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1540'. [ 260.624449][T10036] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1542'. [ 260.812925][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.819412][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 262.757496][T10111] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(4.262149.0), cmd(49) [ 263.423324][ T30] audit: type=1326 audit(4294967385.460:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10124 comm="syz.0.1581" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe67ef8d169 code=0x0 [ 263.732140][T10141] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1586'. [ 264.442098][T10154] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1591'. [ 264.456754][T10154] hsr0: entered allmulticast mode [ 264.461919][T10154] hsr_slave_0: entered allmulticast mode [ 264.484979][T10154] hsr_slave_1: entered allmulticast mode [ 265.150462][T10173] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1600'. [ 265.206510][T10173] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode [ 266.067244][T10201] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1609'. [ 267.365950][ T30] audit: type=1326 audit(4294967389.400:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10214 comm="syz.4.1614" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3d3a38d169 code=0x0 [ 268.151761][T10235] openvswitch: netlink: Unknown nsh attribute 0 [ 268.960762][T10252] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1630'. [ 269.311678][T10259] sctp: [Deprecated]: syz.1.1633 (pid 10259) Use of struct sctp_assoc_value in delayed_ack socket option. [ 269.311678][T10259] Use struct sctp_sack_info instead [ 270.122352][T10273] Process accounting resumed [ 270.492782][T10284] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1644'. [ 270.671311][T10286] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1645'. [ 272.891517][T10326] FAULT_INJECTION: forcing a failure. [ 272.891517][T10326] name failslab, interval 1, probability 0, space 0, times 0 [ 272.915753][T10326] CPU: 0 UID: 0 PID: 10326 Comm: syz.1.1663 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 272.915797][T10326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 272.915815][T10326] Call Trace: [ 272.915826][T10326] [ 272.915838][T10326] dump_stack_lvl+0x16c/0x1f0 [ 272.915893][T10326] should_fail_ex+0x512/0x640 [ 272.915930][T10326] ? __kmalloc_noprof+0xbf/0x510 [ 272.915982][T10326] ? __seq_open_private+0x22/0xd0 [ 272.916058][T10326] should_failslab+0xc2/0x120 [ 272.916089][T10326] __kmalloc_noprof+0xd2/0x510 [ 272.916136][T10326] ? __pfx_apparmor_file_open+0x10/0x10 [ 272.916185][T10326] __seq_open_private+0x22/0xd0 [ 272.916228][T10326] proc_timers_open+0x27/0x150 [ 272.916266][T10326] do_dentry_open+0x741/0x1c10 [ 272.916313][T10326] ? __pfx_proc_timers_open+0x10/0x10 [ 272.916358][T10326] vfs_open+0x82/0x3f0 [ 272.916396][T10326] path_openat+0x1e5e/0x2d40 [ 272.916459][T10326] ? __pfx_path_openat+0x10/0x10 [ 272.916517][T10326] do_filp_open+0x20b/0x470 [ 272.916567][T10326] ? __pfx_do_filp_open+0x10/0x10 [ 272.916641][T10326] ? __pfx_kfree_link+0x10/0x10 [ 272.916692][T10326] ? alloc_fd+0x471/0x7d0 [ 272.916750][T10326] do_sys_openat2+0x11b/0x1d0 [ 272.916784][T10326] ? __pfx_do_sys_openat2+0x10/0x10 [ 272.916833][T10326] __x64_sys_openat+0x174/0x210 [ 272.916868][T10326] ? __pfx___x64_sys_openat+0x10/0x10 [ 272.916906][T10326] ? rcu_is_watching+0x12/0xc0 [ 272.916956][T10326] do_syscall_64+0xcd/0x260 [ 272.917095][T10326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.917135][T10326] RIP: 0033:0x7ffb3798d169 [ 272.917160][T10326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 272.917192][T10326] RSP: 002b:00007ffb357f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 272.917222][T10326] RAX: ffffffffffffffda RBX: 00007ffb37ba5fa0 RCX: 00007ffb3798d169 [ 272.917242][T10326] RDX: 0000000000000040 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 272.917261][T10326] RBP: 00007ffb37a0e990 R08: 0000000000000000 R09: 0000000000000000 [ 272.917279][T10326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 272.917297][T10326] R13: 0000000000000000 R14: 00007ffb37ba5fa0 R15: 00007ffcb2e33f68 [ 272.917335][T10326] [ 273.150771][ C0] vkms_vblank_simulate: vblank timer overrun [ 273.572514][ T5152] Bluetooth: hci3: unexpected event 0x03 length: 725 > 11 [ 274.243837][T10351] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1673'. [ 274.869206][T10364] serial 00:05: in use; can't configure [ 274.957946][T10366] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1680'. [ 275.945352][T10396] nvme_fabrics: missing parameter 'transport=%s' [ 275.979814][T10396] nvme_fabrics: missing parameter 'nqn=%s' [ 276.880222][T10428] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1703'. [ 277.728136][T10452] netlink: 'syz.4.1714': attribute type 1 has an invalid length. [ 277.739637][T10452] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1714'. [ 278.007649][T10460] netlink: 130 bytes leftover after parsing attributes in process `syz.1.1717'. [ 278.630179][T10474] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1723'. [ 278.670146][T10476] FAULT_INJECTION: forcing a failure. [ 278.670146][T10476] name failslab, interval 1, probability 0, space 0, times 0 [ 278.694555][T10474] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1723'. [ 278.713124][T10476] CPU: 1 UID: 0 PID: 10476 Comm: syz.3.1724 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 278.713167][T10476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 278.713186][T10476] Call Trace: [ 278.713196][T10476] [ 278.713208][T10476] dump_stack_lvl+0x16c/0x1f0 [ 278.713261][T10476] should_fail_ex+0x512/0x640 [ 278.713297][T10476] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 278.713354][T10476] should_failslab+0xc2/0x120 [ 278.713383][T10476] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 278.713438][T10476] ? smc_sysctl_net_init+0x42/0x3d0 [ 278.713497][T10476] ? __pfx_smc_net_init+0x10/0x10 [ 278.713530][T10476] kmemdup_noprof+0x29/0x60 [ 278.713579][T10476] smc_sysctl_net_init+0x42/0x3d0 [ 278.713634][T10476] ? __pfx_smc_net_init+0x10/0x10 [ 278.713666][T10476] smc_net_init+0x16/0x50 [ 278.713696][T10476] ops_init+0x1df/0x5f0 [ 278.713747][T10476] setup_net+0x21e/0x850 [ 278.713797][T10476] ? __pfx_setup_net+0x10/0x10 [ 278.713839][T10476] ? lockdep_init_map_type+0x5c/0x280 [ 278.713882][T10476] ? __pfx_down_read_killable+0x10/0x10 [ 278.713921][T10476] ? debug_mutex_init+0x37/0x70 [ 278.713966][T10476] copy_net_ns+0x2a6/0x5f0 [ 278.714018][T10476] create_new_namespaces+0x3ea/0xad0 [ 278.714073][T10476] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 278.714122][T10476] ksys_unshare+0x45b/0xa40 [ 278.714172][T10476] ? __pfx_ksys_unshare+0x10/0x10 [ 278.714218][T10476] ? xfd_validate_state+0x5d/0x180 [ 278.714255][T10476] ? rcu_is_watching+0x12/0xc0 [ 278.714304][T10476] __x64_sys_unshare+0x31/0x40 [ 278.714352][T10476] do_syscall_64+0xcd/0x260 [ 278.714403][T10476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.714434][T10476] RIP: 0033:0x7f96bd18d169 [ 278.714481][T10476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.714530][T10476] RSP: 002b:00007f96be092038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 278.714560][T10476] RAX: ffffffffffffffda RBX: 00007f96bd3a5fa0 RCX: 00007f96bd18d169 [ 278.714580][T10476] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 278.714599][T10476] RBP: 00007f96bd20e990 R08: 0000000000000000 R09: 0000000000000000 [ 278.714618][T10476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 278.714635][T10476] R13: 0000000000000000 R14: 00007f96bd3a5fa0 R15: 00007ffd9e75a498 [ 278.714674][T10476] [ 280.526742][T10517] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 4294967282 out of range (51000000..2150000000) [ 281.272852][T10544] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1754'. [ 281.449391][T10550] sd 0:0:1:0: device reset [ 281.793959][T10561] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1759'. [ 282.534515][T10580] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 285.686717][T10651] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1795'. [ 285.894390][T10653] [ 285.896784][T10653] ====================================================== [ 285.903820][T10653] WARNING: possible circular locking dependency detected [ 285.910850][T10653] 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 Not tainted [ 285.917966][T10653] ------------------------------------------------------ [ 285.925017][T10653] syz.0.1796/10653 is trying to acquire lock: [ 285.931097][T10653] ffff88802a82aad8 (sk_lock-AF_INET){+.+.}-{0:0}, at: sockopt_lock_sock+0x54/0x70 [ 285.940366][T10653] [ 285.940366][T10653] but task is already holding lock: [ 285.947735][T10653] ffffffff9012e528 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xf6/0x3240 [ 285.956652][T10653] [ 285.956652][T10653] which lock already depends on the new lock. [ 285.956652][T10653] [ 285.967064][T10653] [ 285.967064][T10653] the existing dependency chain (in reverse order) is: [ 285.976080][T10653] [ 285.976080][T10653] -> #1 (rtnl_mutex){+.+.}-{4:4}: [ 285.983314][T10653] __mutex_lock+0x199/0xb90 [ 285.988370][T10653] smc_vlan_by_tcpsk+0x251/0x620 [ 285.993853][T10653] __smc_connect+0x44b/0x4880 [ 285.999068][T10653] smc_connect_work+0x54c/0xae0 [ 286.004450][T10653] process_one_work+0x9cc/0x1b70 [ 286.009926][T10653] worker_thread+0x6c8/0xf10 [ 286.015061][T10653] kthread+0x3c2/0x780 [ 286.019662][T10653] ret_from_fork+0x45/0x80 [ 286.024604][T10653] ret_from_fork_asm+0x1a/0x30 [ 286.029919][T10653] [ 286.029919][T10653] -> #0 (sk_lock-AF_INET){+.+.}-{0:0}: [ 286.037592][T10653] __lock_acquire+0x1173/0x1ba0 [ 286.042990][T10653] lock_acquire+0x179/0x350 [ 286.048043][T10653] lock_sock_nested+0x41/0xf0 [ 286.053266][T10653] sockopt_lock_sock+0x54/0x70 [ 286.058568][T10653] do_ip_setsockopt+0xfe/0x3240 [ 286.063952][T10653] ip_setsockopt+0x59/0xf0 [ 286.068897][T10653] do_sock_setsockopt+0x221/0x470 [ 286.074477][T10653] __sys_setsockopt+0x1a0/0x230 [ 286.079890][T10653] __x64_sys_setsockopt+0xbd/0x160 [ 286.085540][T10653] do_syscall_64+0xcd/0x260 [ 286.090591][T10653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.097020][T10653] [ 286.097020][T10653] other info that might help us debug this: [ 286.097020][T10653] [ 286.107253][T10653] Possible unsafe locking scenario: [ 286.107253][T10653] [ 286.114704][T10653] CPU0 CPU1 [ 286.120075][T10653] ---- ---- [ 286.125465][T10653] lock(rtnl_mutex); [ 286.129465][T10653] lock(sk_lock-AF_INET); [ 286.136416][T10653] lock(rtnl_mutex); [ 286.142932][T10653] lock(sk_lock-AF_INET); [ 286.147378][T10653] [ 286.147378][T10653] *** DEADLOCK *** [ 286.147378][T10653] [ 286.155523][T10653] 1 lock held by syz.0.1796/10653: [ 286.160641][T10653] #0: ffffffff9012e528 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0xf6/0x3240 [ 286.170006][T10653] [ 286.170006][T10653] stack backtrace: [ 286.175931][T10653] CPU: 1 UID: 0 PID: 10653 Comm: syz.0.1796 Not tainted 6.15.0-rc1-syzkaller-00325-g7cdabafc0012 #0 PREEMPT(full) [ 286.175964][T10653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 286.175978][T10653] Call Trace: [ 286.175986][T10653] [ 286.175996][T10653] dump_stack_lvl+0x116/0x1f0 [ 286.176040][T10653] print_circular_bug+0x275/0x350 [ 286.176082][T10653] check_noncircular+0x14c/0x170 [ 286.176125][T10653] __lock_acquire+0x1173/0x1ba0 [ 286.176167][T10653] ? do_ip_setsockopt+0xf6/0x3240 [ 286.176193][T10653] lock_acquire+0x179/0x350 [ 286.176214][T10653] ? sockopt_lock_sock+0x54/0x70 [ 286.176251][T10653] lock_sock_nested+0x41/0xf0 [ 286.176282][T10653] ? sockopt_lock_sock+0x54/0x70 [ 286.176314][T10653] sockopt_lock_sock+0x54/0x70 [ 286.176345][T10653] do_ip_setsockopt+0xfe/0x3240 [ 286.176371][T10653] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 286.176396][T10653] ? aa_sk_perm+0x2f4/0xb10 [ 286.176424][T10653] ? __lock_acquire+0x5ca/0x1ba0 [ 286.176463][T10653] ? __pfx_aa_sk_perm+0x10/0x10 [ 286.176490][T10653] ? percpu_counter_add_batch+0xb8/0x1f0 [ 286.176518][T10653] ip_setsockopt+0x59/0xf0 [ 286.176542][T10653] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 286.176582][T10653] do_sock_setsockopt+0x221/0x470 [ 286.176620][T10653] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 286.176667][T10653] __sys_setsockopt+0x1a0/0x230 [ 286.176700][T10653] __x64_sys_setsockopt+0xbd/0x160 [ 286.176730][T10653] ? do_syscall_64+0x91/0x260 [ 286.176768][T10653] ? lockdep_hardirqs_on+0x7c/0x110 [ 286.176803][T10653] do_syscall_64+0xcd/0x260 [ 286.176840][T10653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.176865][T10653] RIP: 0033:0x7fe67ef8d169 [ 286.176885][T10653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.176908][T10653] RSP: 002b:00007fe67fda3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 286.176930][T10653] RAX: ffffffffffffffda RBX: 00007fe67f1a5fa0 RCX: 00007fe67ef8d169 [ 286.176946][T10653] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000000000003 [ 286.176961][T10653] RBP: 00007fe67f00e990 R08: 0000000000008000 R09: 0000000000000000 [ 286.176976][T10653] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000000 [ 286.176991][T10653] R13: 0000000000000000 R14: 00007fe67f1a5fa0 R15: 00007ffeb6723ed8 [ 286.177018][T10653] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)