last executing test programs: 5m0.742853036s ago: executing program 1 (id=5613): userfaultfd$auto(0x1) read$auto(0x3, 0x0, 0x80) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mq_unlink$auto(0x0) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x5, 0x8000) sysfs$auto(0x2, 0x100000000, 0x40) close_range$auto(0x2, 0x8, 0x0) 5m0.255236639s ago: executing program 1 (id=5616): socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0) setsockopt$auto(0x3, 0x0, 0x17, 0x0, 0x28) sysfs$auto(0x2, 0xe, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x40146f2c, 0x0) 5m0.073504323s ago: executing program 1 (id=5619): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) read$auto(0xc8, 0x0, 0x200) fcntl$auto(r0, 0x6, 0x0) 4m59.573181967s ago: executing program 1 (id=5625): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 4m59.210799483s ago: executing program 1 (id=5628): mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0) 4m58.108236584s ago: executing program 1 (id=5636): socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x9, &(0x7f00000001c0)=@raw_tracepoint={0x1006, 0xffffffffffffffff, 0x0, 0x11}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/neigh/nlmon0/retrans_time_ms\x00', 0x200, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 4m57.78661537s ago: executing program 32 (id=5636): socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x9, &(0x7f00000001c0)=@raw_tracepoint={0x1006, 0xffffffffffffffff, 0x0, 0x11}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/neigh/nlmon0/retrans_time_ms\x00', 0x200, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.787932831s ago: executing program 4 (id=7904): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x80) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x89f2, 0x24) 2.367017194s ago: executing program 3 (id=7908): close_range$auto(0x2, 0x8, 0x0) setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) io_submit$auto(0xa, 0x7, &(0x7f0000000040)=&(0x7f0000000000)={0x7, 0x839a, 0x0, 0x2, 0xe7, 0xffffffffffffffff, 0x0, 0x2, 0x45, 0x0, 0x1}) bpf$auto(0x0, &(0x7f0000000000)=@raw_tracepoint={0x1a, 0xffffffffffffffff, 0x0, 0x4}, 0x7f) openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x45a500, 0x0) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x30, 0xf1, 0xb0, @raw=0xfffff00c}}) 2.057974532s ago: executing program 3 (id=7911): socket(0x23, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r0, 0x29, 0x39, 0x0, 0x110) io_uring_setup$auto(0x6, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x4) socket$nl_generic(0x10, 0x3, 0x10) 2.005731502s ago: executing program 2 (id=7912): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x60, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IF1_AGE={0x8, 0x3, 0x400}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_IFINDEX={0x8}, @HSR_A_IFINDEX={0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004c18}, 0x8894) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a0000fb"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='h'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.932384667s ago: executing program 0 (id=7913): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer\x00', 0x101401, 0x0) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x73) socket(0x18, 0x3, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0xfffffdef) 1.788503187s ago: executing program 2 (id=7914): mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) openat$auto_generic(0xffffffffffffff9c, 0x0, 0x101000, 0x0) close_range$auto(0x0, 0x5, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyy1\x00', 0x121882, 0x0) ioctl$auto(r0, 0x80045439, 0x82003e) 1.752559801s ago: executing program 3 (id=7915): sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, 0x0, 0x4) r0 = socket(0x10, 0x2, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(r0, 0x0, 0x4004) gettid() read$auto(0xffffffffffffffff, &(0x7f0000000000)='/proc/threaZ-sml\x01/net/ip6_mr_vif<', 0x205) sendmsg$auto_NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, &(0x7f00000011c0)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x408000}, 0xc, &(0x7f0000001180)={&(0x7f0000001140)={0x18, 0x0, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_DISABLE_HE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x4008000) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f00000000c0)=""/4087, 0xff7) shmctl$auto_IPC_STAT(0x0, 0x2, 0x0) 1.736754645s ago: executing program 0 (id=7916): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40080}, 0x40090) setresuid$auto(0x0, 0x7, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x7fffffff, 0x0, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x804}, 0x4, 0xfff) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x89f2, 0x24) 1.688668222s ago: executing program 4 (id=7917): mmap$auto(0x0, 0x400008, 0xdf, 0x9b7e, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x3, 0x7, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r0) r1 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r1, 0x0, 0xe) 1.643609461s ago: executing program 2 (id=7918): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x104, 0x6, 0x3}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) r0 = mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u50x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r1, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r1, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.188926411s ago: executing program 4 (id=7921): fcntl$auto(0xffffffffffffffff, 0x402, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) close_range$auto(0x2, 0x8, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x8681, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.086640073s ago: executing program 3 (id=7922): mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x10, 0x2, 0x0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c8008001b"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="04000000", @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.007088753s ago: executing program 0 (id=7923): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x400, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a001}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) setsockopt$auto(0x3, 0x10000000084, 0x80, 0x0, 0x8) 968.101198ms ago: executing program 4 (id=7924): socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x1, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x2e, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000040), r0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x14, r1, 0x1, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) 837.078032ms ago: executing program 3 (id=7925): socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) io_uring_setup$auto(0x52, 0x0) fanotify_init$auto(0x200, 0x2010000000000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x4004800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0) 771.609229ms ago: executing program 4 (id=7926): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xb, 0xb5, 0x10, 0x4, 0x53000000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x4f4, 0x7}, 0x10) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/028/001\x00', 0xa901, 0x0) semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0) ioctl$auto_USBDEVFS_SUBMITURB32(r0, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="020000000000000005"]) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x80900, 0x0) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x100000000, 0x66) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) 585.490953ms ago: executing program 0 (id=7927): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_11={0x8000000000000000, 0x51, 0x6, 0x9, 0x2, 0x2, 0xbe69}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20000804) open(&(0x7f00000001c0)='./cgroup\x00', 0x0, 0x6f) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 528.325359ms ago: executing program 2 (id=7928): socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/kcore\x00', 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/loginuid\x00', 0x1a1081, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/i8042/serio1/resetafter\x00', 0x129102, 0x0) read$auto(r0, 0x0, 0x18) write$auto(0x3, 0x0, 0xfdef) 467.572167ms ago: executing program 3 (id=7929): mknod$auto(&(0x7f00000000c0)='./file0\x00', 0x1001, 0x804) rseq$auto(0x0, 0x8000, 0x0, 0x6) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8003) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) setns(0xffffffffffffffff, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/hid_cougar/parameters/g6_is_space\x00', 0x129102, 0x0) write$auto(r1, 0x0, 0x2) 357.396094ms ago: executing program 2 (id=7930): mmap$auto(0x0, 0x400008, 0xdf, 0x9b7e, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x3, 0x7, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r0) r1 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r1, 0x0, 0xe) 48.337343ms ago: executing program 0 (id=7931): mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x902, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) 0s ago: executing program 4 (id=7932): r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYBLOB="080028bd7000fddbdf2503000000080006"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) kernel console output (not intermixed with test programs): 7.905841][T24020] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 917.905887][T24020] snd_pcm_oss_release+0x28b/0x310 [ 917.905935][T24020] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 917.905983][T24020] __fput+0x3ff/0xb70 [ 917.906032][T24020] task_work_run+0x14d/0x240 [ 917.906084][T24020] ? __pfx_task_work_run+0x10/0x10 [ 917.906142][T24020] ? __pfx___do_sys_close_range+0x10/0x10 [ 917.906173][T24020] ? rcu_is_watching+0x12/0xc0 [ 917.906210][T24020] syscall_exit_to_user_mode+0x27b/0x2a0 [ 917.906258][T24020] do_syscall_64+0xda/0x230 [ 917.906307][T24020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 917.906340][T24020] RIP: 0033:0x7f32f838e969 [ 917.906364][T24020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 917.906397][T24020] RSP: 002b:00007f32f929a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 917.906428][T24020] RAX: 0000000000000000 RBX: 00007f32f85b5fa0 RCX: 00007f32f838e969 [ 917.906447][T24020] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 917.906467][T24020] RBP: 00007f32f8410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 917.906487][T24020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 917.906507][T24020] R13: 0000000000000000 R14: 00007f32f85b5fa0 R15: 00007ffe4fa15518 [ 917.906550][T24020] [ 918.688453][T24037] netlink: 130 bytes leftover after parsing attributes in process `syz.2.6852'. [ 919.436689][T24063] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6859'. [ 919.482629][T24067] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6859'. [ 920.462859][T24097] FAULT_INJECTION: forcing a failure. [ 920.462859][T24097] name failslab, interval 1, probability 0, space 0, times 0 [ 920.478311][T24097] CPU: 1 UID: 0 PID: 24097 Comm: syz.4.6875 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 920.478371][T24097] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 920.478386][T24097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 920.478407][T24097] Call Trace: [ 920.478418][T24097] [ 920.478431][T24097] dump_stack_lvl+0x16c/0x1f0 [ 920.478486][T24097] should_fail_ex+0x512/0x640 [ 920.478533][T24097] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 920.478576][T24097] should_failslab+0xc2/0x120 [ 920.478617][T24097] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 920.478658][T24097] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 920.478702][T24097] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 920.478741][T24097] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 920.478782][T24097] alloc_inode+0x61/0x240 [ 920.478837][T24097] new_inode+0x22/0x1c0 [ 920.478879][T24097] hugetlbfs_get_inode+0x354/0x730 [ 920.478931][T24097] hugetlb_file_setup+0x15b/0x620 [ 920.478976][T24097] ksys_mmap_pgoff+0x189/0x5c0 [ 920.479024][T24097] ? rcu_is_watching+0x12/0xc0 [ 920.479058][T24097] __x64_sys_mmap+0x125/0x190 [ 920.479096][T24097] do_syscall_64+0xcd/0x230 [ 920.479143][T24097] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 920.479173][T24097] RIP: 0033:0x7f38a178e969 [ 920.479199][T24097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 920.479231][T24097] RSP: 002b:00007f38a265a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 920.479262][T24097] RAX: ffffffffffffffda RBX: 00007f38a19b5fa0 RCX: 00007f38a178e969 [ 920.479283][T24097] RDX: 00004000000000df RSI: 0000000000200004 RDI: 0000000000000000 [ 920.479304][T24097] RBP: 00007f38a1810ab1 R08: ffffffffffffffff R09: 0000300004000000 [ 920.479326][T24097] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 920.479346][T24097] R13: 0000000000000000 R14: 00007f38a19b5fa0 R15: 00007ffd56d6a4b8 [ 920.479386][T24097] [ 920.872745][T24104] FAULT_INJECTION: forcing a failure. [ 920.872745][T24104] name failslab, interval 1, probability 0, space 0, times 0 [ 920.885537][T24104] CPU: 1 UID: 0 PID: 24104 Comm: syz.0.6878 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 920.885590][T24104] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 920.885604][T24104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 920.885623][T24104] Call Trace: [ 920.885633][T24104] [ 920.885646][T24104] dump_stack_lvl+0x16c/0x1f0 [ 920.885697][T24104] should_fail_ex+0x512/0x640 [ 920.885742][T24104] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 920.885800][T24104] should_failslab+0xc2/0x120 [ 920.885839][T24104] __kmalloc_cache_noprof+0x6a/0x3e0 [ 920.885888][T24104] ? __asan_memset+0x23/0x50 [ 920.885969][T24104] ? snd_pcm_oss_change_params_locked+0x6f4/0x3b40 [ 920.886029][T24104] snd_pcm_oss_change_params_locked+0x6f4/0x3b40 [ 920.886085][T24104] ? rcu_is_watching+0x12/0xc0 [ 920.886129][T24104] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 920.886183][T24104] ? __pfx___mutex_lock+0x10/0x10 [ 920.886260][T24104] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 920.886312][T24104] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 920.886361][T24104] snd_pcm_oss_sync+0x1de/0x840 [ 920.886414][T24104] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 920.886464][T24104] snd_pcm_oss_release+0x28b/0x310 [ 920.886516][T24104] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 920.886563][T24104] __fput+0x3ff/0xb70 [ 920.886612][T24104] task_work_run+0x14d/0x240 [ 920.886666][T24104] ? __pfx_task_work_run+0x10/0x10 [ 920.886719][T24104] ? __pfx___do_sys_close_range+0x10/0x10 [ 920.886751][T24104] ? rcu_is_watching+0x12/0xc0 [ 920.886790][T24104] syscall_exit_to_user_mode+0x27b/0x2a0 [ 920.886839][T24104] do_syscall_64+0xda/0x230 [ 920.886886][T24104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 920.886929][T24104] RIP: 0033:0x7f4e3d98e969 [ 920.886958][T24104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 920.886991][T24104] RSP: 002b:00007f4e3e86f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 920.887023][T24104] RAX: 0000000000000000 RBX: 00007f4e3dbb5fa0 RCX: 00007f4e3d98e969 [ 920.887045][T24104] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 920.887066][T24104] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 920.887088][T24104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 920.887109][T24104] R13: 0000000000000000 R14: 00007f4e3dbb5fa0 R15: 00007ffe0ae0c8d8 [ 920.887151][T24104] [ 921.913498][T24130] netlink: 'syz.2.6886': attribute type 32 has an invalid length. [ 921.934277][T24130] netlink: 'syz.2.6886': attribute type 33 has an invalid length. [ 921.957472][T24130] netlink: 'syz.2.6886': attribute type 35 has an invalid length. [ 921.989979][T24130] netlink: 'syz.2.6886': attribute type 37 has an invalid length. [ 922.014204][T24130] netlink: 'syz.2.6886': attribute type 39 has an invalid length. [ 922.046834][T24130] netlink: 'syz.2.6886': attribute type 40 has an invalid length. [ 922.061436][T24135] FAULT_INJECTION: forcing a failure. [ 922.061436][T24135] name failslab, interval 1, probability 0, space 0, times 0 [ 922.076789][T24130] netlink: 'syz.2.6886': attribute type 41 has an invalid length. [ 922.087186][T24135] CPU: 0 UID: 0 PID: 24135 Comm: syz.0.6887 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 922.087240][T24135] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 922.087253][T24135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 922.087271][T24135] Call Trace: [ 922.087282][T24135] [ 922.087294][T24135] dump_stack_lvl+0x16c/0x1f0 [ 922.087347][T24135] should_fail_ex+0x512/0x640 [ 922.087396][T24135] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 922.087439][T24135] should_failslab+0xc2/0x120 [ 922.087480][T24135] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 922.087521][T24135] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 922.087565][T24135] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 922.087604][T24135] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 922.087644][T24135] alloc_inode+0x61/0x240 [ 922.087685][T24135] new_inode+0x22/0x1c0 [ 922.087731][T24135] hugetlbfs_get_inode+0x354/0x730 [ 922.087777][T24135] hugetlb_file_setup+0x15b/0x620 [ 922.087832][T24135] ksys_mmap_pgoff+0x189/0x5c0 [ 922.087884][T24135] ? rcu_is_watching+0x12/0xc0 [ 922.087920][T24135] __x64_sys_mmap+0x125/0x190 [ 922.087959][T24135] do_syscall_64+0xcd/0x230 [ 922.088010][T24135] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 922.088044][T24135] RIP: 0033:0x7f4e3d98e969 [ 922.088070][T24135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 922.088105][T24135] RSP: 002b:00007f4e3e86f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 922.088136][T24135] RAX: ffffffffffffffda RBX: 00007f4e3dbb5fa0 RCX: 00007f4e3d98e969 [ 922.088159][T24135] RDX: 00004000000000df RSI: 0000000000200004 RDI: 0000000000000000 [ 922.088182][T24135] RBP: 00007f4e3da10ab1 R08: ffffffffffffffff R09: 0000300004000000 [ 922.088204][T24135] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 922.088225][T24135] R13: 0000000000000000 R14: 00007f4e3dbb5fa0 R15: 00007ffe0ae0c8d8 [ 922.088268][T24135] [ 922.304368][T24130] netlink: 'syz.2.6886': attribute type 44 has an invalid length. [ 922.316698][T24130] netlink: 'syz.2.6886': attribute type 46 has an invalid length. [ 922.329299][T24130] netlink: 'syz.2.6886': attribute type 47 has an invalid length. [ 922.375291][T24130] netlink: 2 bytes leftover after parsing attributes in process `syz.2.6886'. [ 922.401037][T24140] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6889'. [ 923.290901][T24160] netlink: 326 bytes leftover after parsing attributes in process `syz.2.6897'. [ 924.251416][T24174] program syz.0.6909 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 924.349321][T24181] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6904'. [ 924.913618][T24191] erspan0: entered allmulticast mode [ 928.046904][T24243] erspan0: entered allmulticast mode [ 930.875207][T23880] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 930.885913][T23880] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 930.895079][T23880] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 930.910056][T23880] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 930.918056][T23880] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 931.376866][T24283] chnl_net:caif_netlink_parms(): no params data found [ 931.692506][T24283] bridge0: port 1(bridge_slave_0) entered blocking state [ 931.700154][T24283] bridge0: port 1(bridge_slave_0) entered disabled state [ 931.707438][T24283] bridge_slave_0: entered allmulticast mode [ 931.717186][T24283] bridge_slave_0: entered promiscuous mode [ 931.726539][T24283] bridge0: port 2(bridge_slave_1) entered blocking state [ 931.734116][T24283] bridge0: port 2(bridge_slave_1) entered disabled state [ 931.742209][T24283] bridge_slave_1: entered allmulticast mode [ 931.750732][T24283] bridge_slave_1: entered promiscuous mode [ 931.850742][T24283] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 931.884135][T24283] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 931.986234][T24283] team0: Port device team_slave_0 added [ 932.002956][T24283] team0: Port device team_slave_1 added [ 932.167051][T24283] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 932.179373][T24283] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 932.225831][T24283] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 932.253919][T24283] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 932.305629][T24283] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 932.331619][ C1] vkms_vblank_simulate: vblank timer overrun [ 932.360161][T24283] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 932.464490][T24283] hsr_slave_0: entered promiscuous mode [ 932.471366][T24283] hsr_slave_1: entered promiscuous mode [ 932.478644][T24283] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 932.497513][T24283] Cannot create hsr debugfs directory [ 932.926996][T24283] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 932.970620][T23881] Bluetooth: hci0: command tx timeout [ 933.171089][T24283] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 933.328023][T24283] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 933.447800][T24283] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 933.727349][T24283] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 933.753066][T24283] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 933.804954][T24283] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 933.827039][T24283] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 934.053512][T24283] 8021q: adding VLAN 0 to HW filter on device bond0 [ 934.076048][T24325] FAULT_INJECTION: forcing a failure. [ 934.076048][T24325] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 934.103208][T24283] 8021q: adding VLAN 0 to HW filter on device team0 [ 934.131973][T24325] CPU: 1 UID: 0 PID: 24325 Comm: syz.0.6949 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 934.132037][T24325] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 934.132050][T24325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 934.132067][T24325] Call Trace: [ 934.132077][T24325] [ 934.132088][T24325] dump_stack_lvl+0x16c/0x1f0 [ 934.132133][T24325] should_fail_ex+0x512/0x640 [ 934.132179][T24325] _copy_from_user+0x2e/0xd0 [ 934.132222][T24325] udmabuf_ioctl+0x115/0x310 [ 934.132251][T24325] ? __pfx_udmabuf_ioctl+0x10/0x10 [ 934.132277][T24325] ? find_held_lock+0x2b/0x80 [ 934.132314][T24325] ? __fget_files+0x20e/0x3c0 [ 934.132361][T24325] ? __pfx_udmabuf_ioctl+0x10/0x10 [ 934.132391][T24325] __x64_sys_ioctl+0x190/0x200 [ 934.132431][T24325] do_syscall_64+0xcd/0x230 [ 934.132472][T24325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 934.132500][T24325] RIP: 0033:0x7f4e3d98e969 [ 934.132522][T24325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 934.132549][T24325] RSP: 002b:00007f4e3e86f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 934.132575][T24325] RAX: ffffffffffffffda RBX: 00007f4e3dbb5fa0 RCX: 00007f4e3d98e969 [ 934.132593][T24325] RDX: 0000000000000000 RSI: 0000000040187542 RDI: 0000000000000003 [ 934.132610][T24325] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 934.132627][T24325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 934.132643][T24325] R13: 0000000000000000 R14: 00007f4e3dbb5fa0 R15: 00007ffe0ae0c8d8 [ 934.132676][T24325] [ 934.136500][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 934.307729][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 934.348508][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 934.355773][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 934.753937][T24283] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 935.051143][T23881] Bluetooth: hci0: command tx timeout [ 935.418591][T24283] veth0_vlan: entered promiscuous mode [ 935.448942][T24283] veth1_vlan: entered promiscuous mode [ 935.616207][T24283] veth0_macvtap: entered promiscuous mode [ 935.632776][T24283] veth1_macvtap: entered promiscuous mode [ 935.745280][T24283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 935.793633][T24283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 935.822015][T24283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 935.853307][T24283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 935.875577][T24283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 935.903338][T24283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 935.938738][T24283] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 936.068960][T24283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 936.086733][T24283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 936.097876][T24283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 936.109219][T24283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 936.119489][T24283] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 936.133595][T24283] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 936.161139][T24283] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 936.216349][T24283] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 936.225397][T24283] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 936.234235][T24283] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 936.243476][T24283] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 936.596295][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 936.614430][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 936.714484][T11525] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 936.723642][T11525] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 936.818088][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 936.824622][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 937.131805][T23881] Bluetooth: hci0: command tx timeout [ 939.216409][T23881] Bluetooth: hci0: command tx timeout [ 940.108744][T24407] netlink: 330 bytes leftover after parsing attributes in process `syz.3.6972'. [ 940.562211][T24396] Process accounting resumed [ 942.513930][T24458] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6999'. [ 942.687929][T24465] i2c i2c-0: Failed to register i2c client card: at 0x01 (-16) [ 943.997734][T24497] netlink: 330 bytes leftover after parsing attributes in process `syz.0.7007'. [ 944.165826][T24506] netlink: 338 bytes leftover after parsing attributes in process `syz.2.7017'. [ 945.262327][T24529] sctp: [Deprecated]: syz.3.7020 (pid 24529) Use of struct sctp_assoc_value in delayed_ack socket option. [ 945.262327][T24529] Use struct sctp_sack_info instead [ 947.535574][T24579] FAULT_INJECTION: forcing a failure. [ 947.535574][T24579] name failslab, interval 1, probability 0, space 0, times 0 [ 947.549262][T24579] CPU: 1 UID: 0 PID: 24579 Comm: syz.4.7038 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 947.549322][T24579] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 947.549338][T24579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 947.549358][T24579] Call Trace: [ 947.549369][T24579] [ 947.549382][T24579] dump_stack_lvl+0x16c/0x1f0 [ 947.549436][T24579] should_fail_ex+0x512/0x640 [ 947.549484][T24579] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 947.549525][T24579] should_failslab+0xc2/0x120 [ 947.549565][T24579] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 947.549604][T24579] ? security_file_alloc+0x34/0x2b0 [ 947.549653][T24579] security_file_alloc+0x34/0x2b0 [ 947.549698][T24579] init_file+0x93/0x4c0 [ 947.549739][T24579] alloc_empty_file+0x73/0x1e0 [ 947.549782][T24579] dentry_open+0x46/0xd0 [ 947.549836][T24579] vfs_open_tree+0x1ca/0x910 [ 947.549873][T24579] ? __pfx_vfs_open_tree+0x10/0x10 [ 947.549909][T24579] ? rcu_is_watching+0x12/0xc0 [ 947.549947][T24579] __x64_sys_open_tree+0x84/0x130 [ 947.549984][T24579] do_syscall_64+0xcd/0x230 [ 947.550035][T24579] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 947.550069][T24579] RIP: 0033:0x7fd69ed8e969 [ 947.550095][T24579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 947.550128][T24579] RSP: 002b:00007fd69fb5f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ac [ 947.550159][T24579] RAX: ffffffffffffffda RBX: 00007fd69efb5fa0 RCX: 00007fd69ed8e969 [ 947.550181][T24579] RDX: 0000000000000000 RSI: 0000200000001100 RDI: ffffffffffffff9c [ 947.550202][T24579] RBP: 00007fd69ee10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 947.550224][T24579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 947.550243][T24579] R13: 0000000000000000 R14: 00007fd69efb5fa0 R15: 00007ffeaebe6a68 [ 947.550284][T24579] [ 948.941315][T24593] netlink: 342 bytes leftover after parsing attributes in process `syz.3.7051'. [ 949.020604][T24593] netlink: 298 bytes leftover after parsing attributes in process `syz.3.7051'. [ 949.978617][T24626] netlink: 338 bytes leftover after parsing attributes in process `syz.4.7053'. [ 950.857052][T24643] netlink: 'syz.4.7058': attribute type 33 has an invalid length. [ 950.865894][T24643] netlink: 322 bytes leftover after parsing attributes in process `syz.4.7058'. [ 951.574565][T24664] netlink: 186 bytes leftover after parsing attributes in process `syz.3.7069'. [ 951.612884][T24664] netlink: 186 bytes leftover after parsing attributes in process `syz.3.7069'. [ 952.199995][T24674] type: 4278190080 invalid [ 953.731902][T24700] netlink: 20 bytes leftover after parsing attributes in process `syz.2.7089'. [ 953.988421][T24709] netlink: 186 bytes leftover after parsing attributes in process `syz.2.7080'. [ 954.000977][T24709] netlink: 186 bytes leftover after parsing attributes in process `syz.2.7080'. [ 954.105196][T24716] netlink: 186 bytes leftover after parsing attributes in process `syz.4.7095'. [ 954.119191][T24716] netlink: 186 bytes leftover after parsing attributes in process `syz.4.7095'. [ 955.281490][T24745] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7093'. [ 955.527684][T24754] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7104'. [ 956.234503][T24771] netlink: 'syz.3.7108': attribute type 4 has an invalid length. [ 956.273356][T24771] netlink: 314 bytes leftover after parsing attributes in process `syz.3.7108'. [ 956.389693][T24775] netlink: 'syz.3.7108': attribute type 4 has an invalid length. [ 956.418624][T24775] netlink: 314 bytes leftover after parsing attributes in process `syz.3.7108'. [ 956.764594][T24778] mkiss: ax0: crc mode is auto. [ 957.204352][T24791] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7115'. [ 958.028512][T24796] mkiss: ax0: crc mode is auto. [ 958.059663][T24798] mkiss: ax1: crc mode is auto. [ 958.068590][T24800] netlink: 342 bytes leftover after parsing attributes in process `syz.2.7118'. [ 958.297904][T24807] netlink: 'syz.0.7121': attribute type 4 has an invalid length. [ 958.323471][T24809] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 958.339833][T24807] netlink: 'syz.0.7121': attribute type 4 has an invalid length. [ 958.398013][T23881] Bluetooth: hci0: unexpected event 0x07 length: 11 < 255 [ 958.407413][T24808] ima: policy update failed [ 958.423013][ T30] audit: type=1802 audit(4294969869.117:32): pid=24808 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.7124" res=0 errno=0 [ 959.419980][T24832] mkiss: ax0: crc mode is auto. [ 959.611636][T24838] netlink: 'syz.4.7137': attribute type 4 has an invalid length. [ 959.619913][T24838] __nla_validate_parse: 4 callbacks suppressed [ 959.619933][T24838] netlink: 314 bytes leftover after parsing attributes in process `syz.4.7137'. [ 959.652265][T24836] mkiss: ax0: crc mode is auto. [ 959.657026][T24838] netlink: 'syz.4.7137': attribute type 4 has an invalid length. [ 959.667959][T24838] netlink: 314 bytes leftover after parsing attributes in process `syz.4.7137'. [ 959.810028][T24843] netlink: 330 bytes leftover after parsing attributes in process `syz.0.7148'. [ 959.903816][T24847] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 959.932478][T23881] Bluetooth: hci3: unexpected event 0x07 length: 11 < 255 [ 959.933443][T24846] ima: policy update failed [ 959.945974][ T30] audit: type=1802 audit(4294969870.656:33): pid=24846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.7139" res=0 errno=0 [ 960.277361][T24858] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 960.391784][T23881] Bluetooth: hci2: unexpected event 0x07 length: 11 < 255 [ 960.402604][T24857] ima: policy update failed [ 960.426398][ T30] audit: type=1802 audit(4294969871.126:34): pid=24857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.7154" res=0 errno=0 [ 960.891381][T24860] could not allocate digest TFM handle [ 961.097467][T24877] mkiss: ax0: crc mode is auto. [ 961.579738][T24893] netlink: 326 bytes leftover after parsing attributes in process `syz.0.7159'. [ 962.267151][T24909] mkiss: ax0: crc mode is auto. [ 962.452029][T24901] could not allocate digest TFM handle [ 963.161974][T24934] FAULT_INJECTION: forcing a failure. [ 963.161974][T24934] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 963.192033][T24934] CPU: 1 UID: 0 PID: 24934 Comm: syz.4.7176 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 963.192092][T24934] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 963.192107][T24934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 963.192129][T24934] Call Trace: [ 963.192140][T24934] [ 963.192153][T24934] dump_stack_lvl+0x16c/0x1f0 [ 963.192207][T24934] should_fail_ex+0x512/0x640 [ 963.192262][T24934] strncpy_from_user+0x3b/0x2e0 [ 963.192312][T24934] __do_sys_memfd_create+0x1b2/0x8a0 [ 963.192364][T24934] do_syscall_64+0xcd/0x230 [ 963.192415][T24934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 963.192449][T24934] RIP: 0033:0x7fd69ed8e969 [ 963.192477][T24934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 963.192509][T24934] RSP: 002b:00007fd69fb5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 963.192539][T24934] RAX: ffffffffffffffda RBX: 00007fd69efb5fa0 RCX: 00007fd69ed8e969 [ 963.192560][T24934] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 963.192579][T24934] RBP: 00007fd69ee10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 963.192598][T24934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 963.192618][T24934] R13: 0000000000000000 R14: 00007fd69efb5fa0 R15: 00007ffeaebe6a68 [ 963.192660][T24934] [ 963.511829][T24937] sp0: Synchronizing with TNC [ 963.909289][T24945] could not allocate digest TFM handle [ 964.566231][T24965] kvm: kvm [24964]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x40000025) = 0x2 [ 965.472864][T24990] netlink: 346 bytes leftover after parsing attributes in process `syz.2.7194'. [ 965.884644][T24997] kvm: kvm [24996]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x40000025) = 0x2 [ 967.603314][T25040] FAULT_INJECTION: forcing a failure. [ 967.603314][T25040] name failslab, interval 1, probability 0, space 0, times 0 [ 967.616819][T25040] CPU: 1 UID: 0 PID: 25040 Comm: syz.0.7215 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 967.616873][T25040] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 967.616887][T25040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 967.616906][T25040] Call Trace: [ 967.616917][T25040] [ 967.616928][T25040] dump_stack_lvl+0x116/0x1f0 [ 967.616981][T25040] should_fail_ex+0x512/0x640 [ 967.617034][T25040] should_failslab+0xc2/0x120 [ 967.617076][T25040] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 967.617115][T25040] ? __send_signal_locked+0x159/0x12c0 [ 967.617173][T25040] __send_signal_locked+0x159/0x12c0 [ 967.617229][T25040] ? __lock_task_sighand+0x146/0x340 [ 967.617288][T25040] do_send_specific+0x1e8/0x370 [ 967.617331][T25040] ? __pfx_do_send_specific+0x10/0x10 [ 967.617382][T25040] ? __task_pid_nr_ns+0x17c/0x500 [ 967.617441][T25040] do_rt_tgsigqueueinfo+0xa9/0x100 [ 967.617488][T25040] __x64_sys_rt_tgsigqueueinfo+0x17a/0x210 [ 967.617540][T25040] ? __pfx___x64_sys_rt_tgsigqueueinfo+0x10/0x10 [ 967.617588][T25040] ? xfd_validate_state+0x5d/0x180 [ 967.617667][T25040] do_syscall_64+0xcd/0x230 [ 967.617719][T25040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 967.617751][T25040] RIP: 0033:0x7f4e3d98e969 [ 967.617777][T25040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 967.617810][T25040] RSP: 002b:00007f4e3e86f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000129 [ 967.617841][T25040] RAX: ffffffffffffffda RBX: 00007f4e3dbb5fa0 RCX: 00007f4e3d98e969 [ 967.617864][T25040] RDX: 0000000000000021 RSI: 000000000000116c RDI: 000000000000116b [ 967.617885][T25040] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 967.617905][T25040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 967.617925][T25040] R13: 0000000000000000 R14: 00007f4e3dbb5fa0 R15: 00007ffe0ae0c8d8 [ 967.617967][T25040] [ 968.205246][T25050] netlink: 346 bytes leftover after parsing attributes in process `syz.3.7221'. [ 970.320651][T25108] netlink: 338 bytes leftover after parsing attributes in process `syz.3.7242'. [ 970.350283][T25109] netlink: 338 bytes leftover after parsing attributes in process `syz.3.7242'. [ 970.361337][T25108] netlink: 210 bytes leftover after parsing attributes in process `syz.3.7242'. [ 970.567863][T25115] FAULT_INJECTION: forcing a failure. [ 970.567863][T25115] name failslab, interval 1, probability 0, space 0, times 0 [ 970.580591][T25115] CPU: 1 UID: 0 PID: 25115 Comm: syz.4.7253 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 970.580645][T25115] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 970.580660][T25115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 970.580681][T25115] Call Trace: [ 970.580692][T25115] [ 970.580705][T25115] dump_stack_lvl+0x116/0x1f0 [ 970.580757][T25115] should_fail_ex+0x512/0x640 [ 970.580811][T25115] should_failslab+0xc2/0x120 [ 970.580855][T25115] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 970.580896][T25115] ? __send_signal_locked+0x159/0x12c0 [ 970.580957][T25115] __send_signal_locked+0x159/0x12c0 [ 970.581013][T25115] ? __lock_task_sighand+0x146/0x340 [ 970.581071][T25115] do_send_specific+0x1e8/0x370 [ 970.581115][T25115] ? __pfx_do_send_specific+0x10/0x10 [ 970.581154][T25115] ? __task_pid_nr_ns+0x17c/0x500 [ 970.581212][T25115] do_rt_tgsigqueueinfo+0xa9/0x100 [ 970.581259][T25115] __x64_sys_rt_tgsigqueueinfo+0x17a/0x210 [ 970.581310][T25115] ? __pfx___x64_sys_rt_tgsigqueueinfo+0x10/0x10 [ 970.581382][T25115] do_syscall_64+0xcd/0x230 [ 970.581432][T25115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 970.581474][T25115] RIP: 0033:0x7fd69ed8e969 [ 970.581501][T25115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 970.581535][T25115] RSP: 002b:00007fd69fb5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000129 [ 970.581567][T25115] RAX: ffffffffffffffda RBX: 00007fd69efb5fa0 RCX: 00007fd69ed8e969 [ 970.581590][T25115] RDX: 0000000000000021 RSI: 00000000000000b6 RDI: 00000000000000b5 [ 970.581611][T25115] RBP: 00007fd69ee10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 970.581632][T25115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 970.581653][T25115] R13: 0000000000000000 R14: 00007fd69efb5fa0 R15: 00007ffeaebe6a68 [ 970.581695][T25115] [ 971.006402][T25114] Process accounting paused [ 973.499768][T25174] FAULT_INJECTION: forcing a failure. [ 973.499768][T25174] name failslab, interval 1, probability 0, space 0, times 0 [ 973.512466][T25174] CPU: 1 UID: 0 PID: 25174 Comm: syz.2.7269 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 973.512521][T25174] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 973.512535][T25174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 973.512556][T25174] Call Trace: [ 973.512567][T25174] [ 973.512581][T25174] dump_stack_lvl+0x116/0x1f0 [ 973.512633][T25174] should_fail_ex+0x512/0x640 [ 973.512687][T25174] should_failslab+0xc2/0x120 [ 973.512728][T25174] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 973.512769][T25174] ? __send_signal_locked+0x159/0x12c0 [ 973.512829][T25174] __send_signal_locked+0x159/0x12c0 [ 973.512886][T25174] ? __lock_task_sighand+0x146/0x340 [ 973.512943][T25174] do_send_specific+0x1e8/0x370 [ 973.512986][T25174] ? __pfx_do_send_specific+0x10/0x10 [ 973.513025][T25174] ? __task_pid_nr_ns+0x17c/0x500 [ 973.513092][T25174] do_rt_tgsigqueueinfo+0xa9/0x100 [ 973.513135][T25174] __x64_sys_rt_tgsigqueueinfo+0x17a/0x210 [ 973.513188][T25174] ? __pfx___x64_sys_rt_tgsigqueueinfo+0x10/0x10 [ 973.513238][T25174] ? xfd_validate_state+0x5d/0x180 [ 973.513310][T25174] do_syscall_64+0xcd/0x230 [ 973.513362][T25174] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 973.513396][T25174] RIP: 0033:0x7f32f838e969 [ 973.513424][T25174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 973.513456][T25174] RSP: 002b:00007f32f929a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000129 [ 973.513488][T25174] RAX: ffffffffffffffda RBX: 00007f32f85b5fa0 RCX: 00007f32f838e969 [ 973.513511][T25174] RDX: 0000000000000021 RSI: 0000000000001145 RDI: 0000000000001144 [ 973.513532][T25174] RBP: 00007f32f8410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 973.513553][T25174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 973.513574][T25174] R13: 0000000000000000 R14: 00007f32f85b5fa0 R15: 00007ffe4fa15518 [ 973.513618][T25174] [ 974.224881][T25192] netlink: 338 bytes leftover after parsing attributes in process `syz.4.7274'. [ 974.240777][T25192] netlink: 338 bytes leftover after parsing attributes in process `syz.4.7274'. [ 974.255626][T25192] netlink: 210 bytes leftover after parsing attributes in process `syz.4.7274'. [ 974.416865][T25198] netlink: 326 bytes leftover after parsing attributes in process `syz.2.7278'. [ 974.517402][T25202] netlink: 334 bytes leftover after parsing attributes in process `syz.2.7280'. [ 974.617028][T25205] netlink: 'syz.2.7283': attribute type 21 has an invalid length. [ 974.625334][T25205] netlink: 326 bytes leftover after parsing attributes in process `syz.2.7283'. [ 974.631554][T25206] FAULT_INJECTION: forcing a failure. [ 974.631554][T25206] name failslab, interval 1, probability 0, space 0, times 0 [ 974.647034][T25206] CPU: 1 UID: 0 PID: 25206 Comm: syz.4.7281 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 974.647093][T25206] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 974.647108][T25206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 974.647129][T25206] Call Trace: [ 974.647141][T25206] [ 974.647155][T25206] dump_stack_lvl+0x116/0x1f0 [ 974.647207][T25206] should_fail_ex+0x512/0x640 [ 974.647261][T25206] should_failslab+0xc2/0x120 [ 974.647302][T25206] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 974.647342][T25206] ? __send_signal_locked+0x159/0x12c0 [ 974.647402][T25206] __send_signal_locked+0x159/0x12c0 [ 974.647458][T25206] ? __lock_task_sighand+0x146/0x340 [ 974.647516][T25206] do_send_specific+0x1e8/0x370 [ 974.647558][T25206] ? __pfx_do_send_specific+0x10/0x10 [ 974.647598][T25206] ? __task_pid_nr_ns+0x17c/0x500 [ 974.647656][T25206] do_rt_tgsigqueueinfo+0xa9/0x100 [ 974.647701][T25206] __x64_sys_rt_tgsigqueueinfo+0x17a/0x210 [ 974.647751][T25206] ? __pfx___x64_sys_rt_tgsigqueueinfo+0x10/0x10 [ 974.647798][T25206] ? xfd_validate_state+0x5d/0x180 [ 974.647877][T25206] do_syscall_64+0xcd/0x230 [ 974.647930][T25206] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 974.647964][T25206] RIP: 0033:0x7fd69ed8e969 [ 974.647991][T25206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 974.648024][T25206] RSP: 002b:00007fd69fb5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000129 [ 974.648056][T25206] RAX: ffffffffffffffda RBX: 00007fd69efb5fa0 RCX: 00007fd69ed8e969 [ 974.648077][T25206] RDX: 0000000000000021 RSI: 00000000000000d1 RDI: 00000000000000d0 [ 974.648097][T25206] RBP: 00007fd69ee10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 974.648119][T25206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 974.648139][T25206] R13: 0000000000000000 R14: 00007fd69efb5fa0 R15: 00007ffeaebe6a68 [ 974.648183][T25206] [ 976.375145][T25263] netlink: 326 bytes leftover after parsing attributes in process `syz.0.7305'. [ 976.940725][T25285] netlink: 334 bytes leftover after parsing attributes in process `syz.3.7312'. [ 977.833992][T25312] netlink: 334 bytes leftover after parsing attributes in process `syz.0.7323'. [ 978.232116][T23881] Bluetooth: hci2: unexpected subevent 0x01 length: 122 > 18 [ 978.546727][T25336] netlink: 146 bytes leftover after parsing attributes in process `syz.4.7331'. [ 978.601864][T25338] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 978.632222][T25338] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 978.717924][T25342] netlink: 'syz.4.7342': attribute type 21 has an invalid length. [ 979.204966][T23880] Bluetooth: hci0: unexpected subevent 0x01 length: 122 > 18 [ 982.259911][T25429] __nla_validate_parse: 1 callbacks suppressed [ 982.259939][T25429] netlink: 504 bytes leftover after parsing attributes in process `syz.2.7364'. [ 982.314675][T25430] netlink: 504 bytes leftover after parsing attributes in process `syz.2.7364'. [ 983.482377][T25457] netlink: 146 bytes leftover after parsing attributes in process `syz.2.7373'. [ 983.712843][T25464] netlink: 504 bytes leftover after parsing attributes in process `syz.0.7383'. [ 983.731989][T25464] netlink: 504 bytes leftover after parsing attributes in process `syz.0.7383'. [ 983.758798][T25465] netlink: 146 bytes leftover after parsing attributes in process `syz.2.7376'. [ 984.132361][T25475] netlink: 504 bytes leftover after parsing attributes in process `syz.4.7389'. [ 984.186532][T25479] netlink: 504 bytes leftover after parsing attributes in process `syz.4.7389'. [ 984.549642][T23880] Bluetooth: hci3: unexpected subevent 0x01 length: 122 > 18 [ 985.218256][T25503] netlink: 'syz.0.7387': attribute type 21 has an invalid length. [ 985.241646][T25503] netlink: 326 bytes leftover after parsing attributes in process `syz.0.7387'. [ 986.161262][T25528] FAULT_INJECTION: forcing a failure. [ 986.161262][T25528] name failslab, interval 1, probability 0, space 0, times 0 [ 986.241470][T25528] CPU: 0 UID: 0 PID: 25528 Comm: syz.4.7399 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 986.241528][T25528] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 986.241543][T25528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 986.241564][T25528] Call Trace: [ 986.241575][T25528] [ 986.241588][T25528] dump_stack_lvl+0x16c/0x1f0 [ 986.241641][T25528] should_fail_ex+0x512/0x640 [ 986.241687][T25528] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 986.241729][T25528] should_failslab+0xc2/0x120 [ 986.241771][T25528] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 986.241810][T25528] ? __proc_create+0xc3/0x8c0 [ 986.241845][T25528] ? __proc_create+0x2ce/0x8c0 [ 986.241888][T25528] __proc_create+0x2ce/0x8c0 [ 986.241928][T25528] ? __pfx___proc_create+0x10/0x10 [ 986.241965][T25528] ? find_held_lock+0x2b/0x80 [ 986.242000][T25528] ? mark_held_locks+0x49/0x80 [ 986.242048][T25528] proc_create_reg+0x7d/0x180 [ 986.242101][T25528] proc_create_net_data+0x8e/0x1b0 [ 986.242142][T25528] ? __pfx_proc_create_net_data+0x10/0x10 [ 986.242181][T25528] ? __pfx___netlink_kernel_create+0x10/0x10 [ 986.242234][T25528] fib_proc_init+0x58/0x1b0 [ 986.242269][T25528] fib_net_init+0x2af/0x3f0 [ 986.242306][T25528] ? __pfx___register_sysctl_table+0x10/0x10 [ 986.242346][T25528] ? __pfx_fib_net_init+0x10/0x10 [ 986.242383][T25528] ? lockdep_init_map_type+0x5c/0x280 [ 986.242428][T25528] ? __pfx_nl_fib_input+0x10/0x10 [ 986.242478][T25528] ? devinet_init_net+0x5c2/0x910 [ 986.242525][T25528] ? __pfx_fib_net_init+0x10/0x10 [ 986.242561][T25528] ops_init+0x1df/0x5f0 [ 986.242605][T25528] setup_net+0x21e/0x850 [ 986.242650][T25528] ? __pfx_setup_net+0x10/0x10 [ 986.242689][T25528] ? lockdep_init_map_type+0x5c/0x280 [ 986.242734][T25528] ? __pfx_down_read_killable+0x10/0x10 [ 986.242791][T25528] ? debug_mutex_init+0x37/0x70 [ 986.242828][T25528] copy_net_ns+0x2a6/0x5f0 [ 986.242878][T25528] create_new_namespaces+0x3ea/0xad0 [ 986.242926][T25528] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 986.242968][T25528] ksys_unshare+0x45b/0xa40 [ 986.243014][T25528] ? __pfx_ksys_unshare+0x10/0x10 [ 986.243057][T25528] ? xfd_validate_state+0x5d/0x180 [ 986.243123][T25528] ? rcu_is_watching+0x12/0xc0 [ 986.243166][T25528] __x64_sys_unshare+0x31/0x40 [ 986.243211][T25528] do_syscall_64+0xcd/0x230 [ 986.243263][T25528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 986.243298][T25528] RIP: 0033:0x7fd69ed8e969 [ 986.243324][T25528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 986.243358][T25528] RSP: 002b:00007fd69fb3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 986.243390][T25528] RAX: ffffffffffffffda RBX: 00007fd69efb6080 RCX: 00007fd69ed8e969 [ 986.243413][T25528] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 986.243435][T25528] RBP: 00007fd69ee10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 986.243456][T25528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 986.243476][T25528] R13: 0000000000000000 R14: 00007fd69efb6080 R15: 00007ffeaebe6a68 [ 986.243521][T25528] [ 986.580334][T23880] Bluetooth: hci1: unexpected subevent 0x01 length: 122 > 18 [ 986.921108][T25545] FAULT_INJECTION: forcing a failure. [ 986.921108][T25545] name failslab, interval 1, probability 0, space 0, times 0 [ 986.972677][T25545] CPU: 1 UID: 0 PID: 25545 Comm: syz.4.7404 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 986.972723][T25545] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 986.972733][T25545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 986.972748][T25545] Call Trace: [ 986.972757][T25545] [ 986.972767][T25545] dump_stack_lvl+0x16c/0x1f0 [ 986.972806][T25545] should_fail_ex+0x512/0x640 [ 986.972842][T25545] ? __kmalloc_noprof+0xbf/0x510 [ 986.972872][T25545] ? __register_sysctl_table+0xb3/0x1900 [ 986.972899][T25545] should_failslab+0xc2/0x120 [ 986.972967][T25545] __kmalloc_noprof+0xd2/0x510 [ 986.973008][T25545] __register_sysctl_table+0xb3/0x1900 [ 986.973037][T25545] ? is_module_address+0x5f/0xf0 [ 986.973075][T25545] ? __pfx___register_sysctl_table+0x10/0x10 [ 986.973103][T25545] ? is_module_address+0x69/0xf0 [ 986.973134][T25545] ? register_net_sysctl_sz+0x228/0x3e0 [ 986.973174][T25545] ? __asan_memcpy+0x3c/0x60 [ 986.973196][T25545] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 986.973226][T25545] nf_lwtunnel_net_init+0x60/0xf0 [ 986.973257][T25545] ops_init+0x1df/0x5f0 [ 986.973293][T25545] setup_net+0x21e/0x850 [ 986.973337][T25545] ? __pfx_setup_net+0x10/0x10 [ 986.973374][T25545] ? lockdep_init_map_type+0x5c/0x280 [ 986.973417][T25545] ? __pfx_down_read_killable+0x10/0x10 [ 986.973460][T25545] ? debug_mutex_init+0x37/0x70 [ 986.973486][T25545] copy_net_ns+0x2a6/0x5f0 [ 986.973521][T25545] create_new_namespaces+0x3ea/0xad0 [ 986.973555][T25545] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 986.973586][T25545] ksys_unshare+0x45b/0xa40 [ 986.973620][T25545] ? __pfx_ksys_unshare+0x10/0x10 [ 986.973651][T25545] ? xfd_validate_state+0x5d/0x180 [ 986.973693][T25545] ? rcu_is_watching+0x12/0xc0 [ 986.973722][T25545] __x64_sys_unshare+0x31/0x40 [ 986.973755][T25545] do_syscall_64+0xcd/0x230 [ 986.973792][T25545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 986.973817][T25545] RIP: 0033:0x7fd69ed8e969 [ 986.973837][T25545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 986.973861][T25545] RSP: 002b:00007fd69fb5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 986.973884][T25545] RAX: ffffffffffffffda RBX: 00007fd69efb5fa0 RCX: 00007fd69ed8e969 [ 986.973901][T25545] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 986.973916][T25545] RBP: 00007fd69ee10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 986.973930][T25545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 986.973945][T25545] R13: 0000000000000000 R14: 00007fd69efb5fa0 R15: 00007ffeaebe6a68 [ 986.973975][T25545] [ 987.477083][T25547] netlink: 146 bytes leftover after parsing attributes in process `syz.3.7405'. [ 988.237422][T23880] Bluetooth: hci3: unexpected subevent 0x01 length: 122 > 18 [ 988.245029][T23880] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 988.875269][T25584] netlink: 146 bytes leftover after parsing attributes in process `syz.0.7419'. [ 989.422452][T23881] Bluetooth: hci2: unexpected subevent 0x01 length: 122 > 18 [ 989.433471][T23881] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 990.507980][T25620] FAULT_INJECTION: forcing a failure. [ 990.507980][T25620] name failslab, interval 1, probability 0, space 0, times 0 [ 990.529414][T25620] CPU: 0 UID: 0 PID: 25620 Comm: syz.0.7436 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 990.529469][T25620] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 990.529483][T25620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 990.529502][T25620] Call Trace: [ 990.529512][T25620] [ 990.529525][T25620] dump_stack_lvl+0x16c/0x1f0 [ 990.529593][T25620] should_fail_ex+0x512/0x640 [ 990.529637][T25620] ? __kmalloc_noprof+0xbf/0x510 [ 990.529677][T25620] ? __register_sysctl_table+0xb3/0x1900 [ 990.529715][T25620] should_failslab+0xc2/0x120 [ 990.529756][T25620] __kmalloc_noprof+0xd2/0x510 [ 990.529801][T25620] __register_sysctl_table+0xb3/0x1900 [ 990.529841][T25620] ? is_module_address+0x5f/0xf0 [ 990.529890][T25620] ? __pfx___register_sysctl_table+0x10/0x10 [ 990.529926][T25620] ? is_module_address+0x69/0xf0 [ 990.529968][T25620] ? register_net_sysctl_sz+0x228/0x3e0 [ 990.530020][T25620] ? __asan_memcpy+0x3c/0x60 [ 990.530046][T25620] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 990.530093][T25620] nf_lwtunnel_net_init+0x60/0xf0 [ 990.530131][T25620] ops_init+0x1df/0x5f0 [ 990.530170][T25620] setup_net+0x21e/0x850 [ 990.530209][T25620] ? __pfx_setup_net+0x10/0x10 [ 990.530244][T25620] ? lockdep_init_map_type+0x5c/0x280 [ 990.530289][T25620] ? __pfx_down_read_killable+0x10/0x10 [ 990.530347][T25620] ? debug_mutex_init+0x37/0x70 [ 990.530381][T25620] copy_net_ns+0x2a6/0x5f0 [ 990.530428][T25620] create_new_namespaces+0x3ea/0xad0 [ 990.530474][T25620] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 990.530517][T25620] ksys_unshare+0x45b/0xa40 [ 990.530562][T25620] ? __pfx_ksys_unshare+0x10/0x10 [ 990.530606][T25620] ? xfd_validate_state+0x5d/0x180 [ 990.530662][T25620] ? rcu_is_watching+0x12/0xc0 [ 990.530703][T25620] __x64_sys_unshare+0x31/0x40 [ 990.530749][T25620] do_syscall_64+0xcd/0x230 [ 990.530810][T25620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 990.530842][T25620] RIP: 0033:0x7f4e3d98e969 [ 990.530868][T25620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 990.530899][T25620] RSP: 002b:00007f4e3e86f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 990.530929][T25620] RAX: ffffffffffffffda RBX: 00007f4e3dbb5fa0 RCX: 00007f4e3d98e969 [ 990.530951][T25620] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 990.530971][T25620] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 990.530991][T25620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 990.531011][T25620] R13: 0000000000000000 R14: 00007f4e3dbb5fa0 R15: 00007ffe0ae0c8d8 [ 990.531053][T25620] [ 993.983871][T25695] FAULT_INJECTION: forcing a failure. [ 993.983871][T25695] name failslab, interval 1, probability 0, space 0, times 0 [ 994.033630][T25695] CPU: 1 UID: 0 PID: 25695 Comm: syz.2.7455 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 994.033683][T25695] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 994.033696][T25695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 994.033716][T25695] Call Trace: [ 994.033726][T25695] [ 994.033737][T25695] dump_stack_lvl+0x16c/0x1f0 [ 994.033796][T25695] should_fail_ex+0x512/0x640 [ 994.033838][T25695] ? __kmalloc_noprof+0xbf/0x510 [ 994.033877][T25695] ? lsm_blob_alloc+0x68/0x90 [ 994.033924][T25695] should_failslab+0xc2/0x120 [ 994.033962][T25695] __kmalloc_noprof+0xd2/0x510 [ 994.034008][T25695] lsm_blob_alloc+0x68/0x90 [ 994.034056][T25695] security_sk_alloc+0x30/0x270 [ 994.034092][T25695] sk_prot_alloc+0x1c7/0x2a0 [ 994.034141][T25695] sk_alloc+0x36/0xc20 [ 994.034174][T25695] __netlink_create+0x5e/0x2c0 [ 994.034209][T25695] __netlink_kernel_create+0xed/0x750 [ 994.034252][T25695] ? __pfx___netlink_kernel_create+0x10/0x10 [ 994.034303][T25695] fib_net_init+0x26d/0x3f0 [ 994.034338][T25695] ? __pfx___register_sysctl_table+0x10/0x10 [ 994.034377][T25695] ? __pfx_fib_net_init+0x10/0x10 [ 994.034411][T25695] ? lockdep_init_map_type+0x5c/0x280 [ 994.034456][T25695] ? __pfx_nl_fib_input+0x10/0x10 [ 994.034498][T25695] ? devinet_init_net+0x5c2/0x910 [ 994.034543][T25695] ? __pfx_fib_net_init+0x10/0x10 [ 994.034577][T25695] ops_init+0x1df/0x5f0 [ 994.034620][T25695] setup_net+0x21e/0x850 [ 994.034663][T25695] ? __pfx_setup_net+0x10/0x10 [ 994.034698][T25695] ? lockdep_init_map_type+0x5c/0x280 [ 994.034741][T25695] ? __pfx_down_read_killable+0x10/0x10 [ 994.034803][T25695] ? debug_mutex_init+0x37/0x70 [ 994.034839][T25695] copy_net_ns+0x2a6/0x5f0 [ 994.034885][T25695] create_new_namespaces+0x3ea/0xad0 [ 994.034933][T25695] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 994.034974][T25695] ksys_unshare+0x45b/0xa40 [ 994.035019][T25695] ? __pfx_ksys_unshare+0x10/0x10 [ 994.035062][T25695] ? xfd_validate_state+0x5d/0x180 [ 994.035116][T25695] ? rcu_is_watching+0x12/0xc0 [ 994.035157][T25695] __x64_sys_unshare+0x31/0x40 [ 994.035200][T25695] do_syscall_64+0xcd/0x230 [ 994.035249][T25695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 994.035282][T25695] RIP: 0033:0x7f32f838e969 [ 994.035307][T25695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 994.035339][T25695] RSP: 002b:00007f32f9279038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 994.035369][T25695] RAX: ffffffffffffffda RBX: 00007f32f85b6080 RCX: 00007f32f838e969 [ 994.035390][T25695] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 994.035410][T25695] RBP: 00007f32f8410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 994.035431][T25695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 994.035451][T25695] R13: 0000000000000000 R14: 00007f32f85b6080 R15: 00007ffe4fa15518 [ 994.035494][T25695] [ 994.334944][T25696] netlink: 'syz.3.7457': attribute type 21 has an invalid length. [ 994.342967][T25696] netlink: 326 bytes leftover after parsing attributes in process `syz.3.7457'. [ 994.405785][T25699] netlink: 'syz.0.7467': attribute type 16 has an invalid length. [ 994.413873][T25699] netlink: 326 bytes leftover after parsing attributes in process `syz.0.7467'. [ 994.658071][T25704] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7459'. [ 996.758586][T23880] Bluetooth: hci3: unexpected subevent 0x01 length: 122 > 18 [ 996.766313][T23880] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 998.290963][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 998.297368][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 998.501923][T25778] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 998.627851][T25781] FAULT_INJECTION: forcing a failure. [ 998.627851][T25781] name failslab, interval 1, probability 0, space 0, times 0 [ 998.701652][T25785] FAULT_INJECTION: forcing a failure. [ 998.701652][T25785] name failslab, interval 1, probability 0, space 0, times 0 [ 998.712536][T25781] CPU: 0 UID: 0 PID: 25781 Comm: syz.0.7484 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 998.712594][T25781] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 998.712608][T25781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 998.712629][T25781] Call Trace: [ 998.712641][T25781] [ 998.712653][T25781] dump_stack_lvl+0x16c/0x1f0 [ 998.712718][T25781] should_fail_ex+0x512/0x640 [ 998.712764][T25781] ? __kvmalloc_node_noprof+0x122/0x600 [ 998.712801][T25781] should_failslab+0xc2/0x120 [ 998.712840][T25781] __kvmalloc_node_noprof+0x135/0x600 [ 998.712876][T25781] ? fib4_semantics_init+0x25/0x100 [ 998.712934][T25781] ? fib4_semantics_init+0x25/0x100 [ 998.712981][T25781] ? fib4_rules_init+0x151/0x1c0 [ 998.713026][T25781] fib4_semantics_init+0x25/0x100 [ 998.713075][T25781] fib_net_init+0x1fc/0x3f0 [ 998.713110][T25781] ? __pfx___register_sysctl_table+0x10/0x10 [ 998.713147][T25781] ? __pfx_fib_net_init+0x10/0x10 [ 998.713182][T25781] ? lockdep_init_map_type+0x5c/0x280 [ 998.713227][T25781] ? do_init_timer+0xc9/0x110 [ 998.713267][T25781] ? devinet_init_net+0x5c2/0x910 [ 998.713311][T25781] ? __pfx_fib_net_init+0x10/0x10 [ 998.713345][T25781] ops_init+0x1df/0x5f0 [ 998.713388][T25781] setup_net+0x21e/0x850 [ 998.713430][T25781] ? __pfx_setup_net+0x10/0x10 [ 998.713473][T25781] ? lockdep_init_map_type+0x5c/0x280 [ 998.713515][T25781] ? __pfx_down_read_killable+0x10/0x10 [ 998.713571][T25781] ? debug_mutex_init+0x37/0x70 [ 998.713605][T25781] copy_net_ns+0x2a6/0x5f0 [ 998.713653][T25781] create_new_namespaces+0x3ea/0xad0 [ 998.713698][T25781] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 998.713737][T25781] ksys_unshare+0x45b/0xa40 [ 998.713782][T25781] ? __pfx_ksys_unshare+0x10/0x10 [ 998.713840][T25781] __x64_sys_unshare+0x31/0x40 [ 998.713881][T25781] do_syscall_64+0xcd/0x230 [ 998.713929][T25781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 998.713962][T25781] RIP: 0033:0x7f4e3d98e969 [ 998.713988][T25781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 998.714019][T25781] RSP: 002b:00007f4e3e84e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 998.714048][T25781] RAX: ffffffffffffffda RBX: 00007f4e3dbb6080 RCX: 00007f4e3d98e969 [ 998.714070][T25781] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 998.714089][T25781] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 998.714108][T25781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 998.714128][T25781] R13: 0000000000000000 R14: 00007f4e3dbb6080 R15: 00007ffe0ae0c8d8 [ 998.714168][T25781] [ 999.016091][T25785] CPU: 1 UID: 0 PID: 25785 Comm: syz.4.7490 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 999.016146][T25785] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 999.016160][T25785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 999.016178][T25785] Call Trace: [ 999.016198][T25785] [ 999.016212][T25785] dump_stack_lvl+0x16c/0x1f0 [ 999.016261][T25785] should_fail_ex+0x512/0x640 [ 999.016305][T25785] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 999.016345][T25785] should_failslab+0xc2/0x120 [ 999.016383][T25785] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 999.016421][T25785] ? new_userfaultfd+0x79/0x3d0 [ 999.016464][T25785] new_userfaultfd+0x79/0x3d0 [ 999.016510][T25785] __x64_sys_userfaultfd+0x4b/0xb0 [ 999.016554][T25785] do_syscall_64+0xcd/0x230 [ 999.016602][T25785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 999.016635][T25785] RIP: 0033:0x7fd69ed8e969 [ 999.016661][T25785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 999.016693][T25785] RSP: 002b:00007fd69fb5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 999.016724][T25785] RAX: ffffffffffffffda RBX: 00007fd69efb5fa0 RCX: 00007fd69ed8e969 [ 999.016745][T25785] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 999.016765][T25785] RBP: 00007fd69ee10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 999.016791][T25785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 999.016810][T25785] R13: 0000000000000000 R14: 00007fd69efb5fa0 R15: 00007ffeaebe6a68 [ 999.016852][T25785] [ 999.628994][T25801] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7494'. [ 999.672534][T25802] FAULT_INJECTION: forcing a failure. [ 999.672534][T25802] name failslab, interval 1, probability 0, space 0, times 0 [ 999.693797][T25802] CPU: 1 UID: 0 PID: 25802 Comm: syz.0.7503 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 999.693852][T25802] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 999.693866][T25802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 999.693885][T25802] Call Trace: [ 999.693895][T25802] [ 999.693907][T25802] dump_stack_lvl+0x16c/0x1f0 [ 999.693957][T25802] should_fail_ex+0x512/0x640 [ 999.694002][T25802] ? fs_reclaim_acquire+0xae/0x150 [ 999.694053][T25802] should_failslab+0xc2/0x120 [ 999.694093][T25802] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 999.694130][T25802] ? security_inode_alloc+0x3b/0x2b0 [ 999.694179][T25802] security_inode_alloc+0x3b/0x2b0 [ 999.694221][T25802] inode_init_always_gfp+0xce4/0x1030 [ 999.694281][T25802] alloc_inode+0x86/0x240 [ 999.694320][T25802] sock_alloc+0x40/0x280 [ 999.694363][T25802] sock_create_lite+0x82/0x120 [ 999.694407][T25802] __netlink_kernel_create+0xbd/0x750 [ 999.694444][T25802] ? __kvmalloc_node_noprof+0x296/0x600 [ 999.694479][T25802] ? __pfx___netlink_kernel_create+0x10/0x10 [ 999.694532][T25802] fib_net_init+0x26d/0x3f0 [ 999.694568][T25802] ? __pfx___register_sysctl_table+0x10/0x10 [ 999.694607][T25802] ? __pfx_fib_net_init+0x10/0x10 [ 999.694643][T25802] ? lockdep_init_map_type+0x5c/0x280 [ 999.694688][T25802] ? __pfx_nl_fib_input+0x10/0x10 [ 999.694731][T25802] ? devinet_init_net+0x5c2/0x910 [ 999.694776][T25802] ? __pfx_fib_net_init+0x10/0x10 [ 999.694811][T25802] ops_init+0x1df/0x5f0 [ 999.694853][T25802] setup_net+0x21e/0x850 [ 999.694895][T25802] ? __pfx_setup_net+0x10/0x10 [ 999.694930][T25802] ? lockdep_init_map_type+0x5c/0x280 [ 999.694973][T25802] ? __pfx_down_read_killable+0x10/0x10 [ 999.695029][T25802] ? debug_mutex_init+0x37/0x70 [ 999.695063][T25802] copy_net_ns+0x2a6/0x5f0 [ 999.695111][T25802] create_new_namespaces+0x3ea/0xad0 [ 999.695165][T25802] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 999.695207][T25802] ksys_unshare+0x45b/0xa40 [ 999.695253][T25802] ? __pfx_ksys_unshare+0x10/0x10 [ 999.695295][T25802] ? xfd_validate_state+0x5d/0x180 [ 999.695362][T25802] ? rcu_is_watching+0x12/0xc0 [ 999.695400][T25802] __x64_sys_unshare+0x31/0x40 [ 999.695441][T25802] do_syscall_64+0xcd/0x230 [ 999.695486][T25802] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 999.695517][T25802] RIP: 0033:0x7f4e3d98e969 [ 999.695542][T25802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 999.695572][T25802] RSP: 002b:00007f4e3e84e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 999.695601][T25802] RAX: ffffffffffffffda RBX: 00007f4e3dbb6080 RCX: 00007f4e3d98e969 [ 999.695621][T25802] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 999.695641][T25802] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 999.695659][T25802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 999.695677][T25802] R13: 0000000000000000 R14: 00007f4e3dbb6080 R15: 00007ffe0ae0c8d8 [ 999.695717][T25802] [ 1001.439011][T25812] Process accounting resumed [ 1001.907950][T25845] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1002.343216][T25849] netlink: 326 bytes leftover after parsing attributes in process `syz.2.7510'. [ 1003.016069][T25866] netlink: 326 bytes leftover after parsing attributes in process `syz.3.7517'. [ 1003.365459][T25876] netlink: 'syz.2.7520': attribute type 4 has an invalid length. [ 1003.392878][T25876] netlink: 314 bytes leftover after parsing attributes in process `syz.2.7520'. [ 1003.424472][T25876] IPv6: Can't replace route, no match found [ 1003.895461][T25885] FAULT_INJECTION: forcing a failure. [ 1003.895461][T25885] name failslab, interval 1, probability 0, space 0, times 0 [ 1003.913566][T25885] CPU: 1 UID: 0 PID: 25885 Comm: syz.2.7522 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1003.913624][T25885] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1003.913640][T25885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1003.913659][T25885] Call Trace: [ 1003.913671][T25885] [ 1003.913685][T25885] dump_stack_lvl+0x16c/0x1f0 [ 1003.913738][T25885] should_fail_ex+0x512/0x640 [ 1003.913785][T25885] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1003.913827][T25885] should_failslab+0xc2/0x120 [ 1003.913869][T25885] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1003.913907][T25885] ? new_userfaultfd+0x79/0x3d0 [ 1003.913952][T25885] new_userfaultfd+0x79/0x3d0 [ 1003.913994][T25885] __x64_sys_userfaultfd+0x4b/0xb0 [ 1003.914036][T25885] do_syscall_64+0xcd/0x230 [ 1003.914096][T25885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1003.914131][T25885] RIP: 0033:0x7f32f838e969 [ 1003.914157][T25885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1003.914191][T25885] RSP: 002b:00007f32f929a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 1003.914222][T25885] RAX: ffffffffffffffda RBX: 00007f32f85b5fa0 RCX: 00007f32f838e969 [ 1003.914244][T25885] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 1003.914265][T25885] RBP: 00007f32f8410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1003.914287][T25885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1003.914308][T25885] R13: 0000000000000000 R14: 00007f32f85b5fa0 R15: 00007ffe4fa15518 [ 1003.914350][T25885] [ 1004.481960][T25892] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7535'. [ 1004.491141][T25892] ipvlan1: entered promiscuous mode [ 1004.504666][T25892] ipvlan1: entered allmulticast mode [ 1004.510190][T25892] veth0_vlan: entered allmulticast mode [ 1005.657750][T25918] FAULT_INJECTION: forcing a failure. [ 1005.657750][T25918] name failslab, interval 1, probability 0, space 0, times 0 [ 1005.674420][T25918] CPU: 1 UID: 0 PID: 25918 Comm: syz.0.7534 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1005.674473][T25918] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1005.674488][T25918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1005.674508][T25918] Call Trace: [ 1005.674519][T25918] [ 1005.674531][T25918] dump_stack_lvl+0x16c/0x1f0 [ 1005.674585][T25918] should_fail_ex+0x512/0x640 [ 1005.674631][T25918] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1005.674673][T25918] should_failslab+0xc2/0x120 [ 1005.674722][T25918] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1005.674761][T25918] ? new_userfaultfd+0x79/0x3d0 [ 1005.674808][T25918] new_userfaultfd+0x79/0x3d0 [ 1005.674849][T25918] __x64_sys_userfaultfd+0x4b/0xb0 [ 1005.674893][T25918] do_syscall_64+0xcd/0x230 [ 1005.674944][T25918] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1005.674978][T25918] RIP: 0033:0x7f4e3d98e969 [ 1005.675005][T25918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1005.675036][T25918] RSP: 002b:00007f4e3e86f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 1005.675067][T25918] RAX: ffffffffffffffda RBX: 00007f4e3dbb5fa0 RCX: 00007f4e3d98e969 [ 1005.675091][T25918] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 1005.675112][T25918] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1005.675132][T25918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1005.675153][T25918] R13: 0000000000000000 R14: 00007f4e3dbb5fa0 R15: 00007ffe0ae0c8d8 [ 1005.675195][T25918] [ 1006.902319][T25946] netlink: 326 bytes leftover after parsing attributes in process `syz.0.7548'. [ 1007.209628][T25957] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN [ 1007.233081][T25958] FAULT_INJECTION: forcing a failure. [ 1007.233081][T25958] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.247653][T25958] CPU: 0 UID: 0 PID: 25958 Comm: syz.0.7561 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1007.247712][T25958] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1007.247727][T25958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1007.247749][T25958] Call Trace: [ 1007.247760][T25958] [ 1007.247774][T25958] dump_stack_lvl+0x16c/0x1f0 [ 1007.247826][T25958] should_fail_ex+0x512/0x640 [ 1007.247872][T25958] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1007.247925][T25958] should_failslab+0xc2/0x120 [ 1007.247967][T25958] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1007.248005][T25958] ? find_held_lock+0x2b/0x80 [ 1007.248037][T25958] ? alloc_inode+0xc3/0x240 [ 1007.248082][T25958] alloc_inode+0xc3/0x240 [ 1007.248121][T25958] alloc_anon_inode+0x28/0x3e0 [ 1007.248172][T25958] ? alloc_fd+0x471/0x7d0 [ 1007.248223][T25958] __anon_inode_getfile+0x1ea/0x370 [ 1007.248283][T25958] new_userfaultfd+0x25e/0x3d0 [ 1007.248324][T25958] __x64_sys_userfaultfd+0x4b/0xb0 [ 1007.248369][T25958] do_syscall_64+0xcd/0x230 [ 1007.248420][T25958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1007.248454][T25958] RIP: 0033:0x7f4e3d98e969 [ 1007.248480][T25958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1007.248513][T25958] RSP: 002b:00007f4e3e86f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 1007.248545][T25958] RAX: ffffffffffffffda RBX: 00007f4e3dbb5fa0 RCX: 00007f4e3d98e969 [ 1007.248567][T25958] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 1007.248587][T25958] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1007.248607][T25958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1007.248627][T25958] R13: 0000000000000000 R14: 00007f4e3dbb5fa0 R15: 00007ffe0ae0c8d8 [ 1007.248669][T25958] [ 1007.622954][T25964] netlink: 326 bytes leftover after parsing attributes in process `syz.0.7554'. [ 1007.854593][T25972] netlink: 326 bytes leftover after parsing attributes in process `syz.4.7568'. [ 1008.200468][T25981] netlink: 326 bytes leftover after parsing attributes in process `syz.4.7559'. [ 1009.993929][T26014] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7578'. [ 1010.041429][T26014] ipvlan1: entered promiscuous mode [ 1010.054334][T26014] ipvlan1: entered allmulticast mode [ 1010.059870][T26014] veth0_vlan: entered allmulticast mode [ 1011.021968][T26042] netlink: 18 bytes leftover after parsing attributes in process `syz.0.7588'. [ 1011.530506][T26057] FAULT_INJECTION: forcing a failure. [ 1011.530506][T26057] name failslab, interval 1, probability 0, space 0, times 0 [ 1011.553809][T26057] CPU: 1 UID: 0 PID: 26057 Comm: syz.0.7594 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1011.553868][T26057] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1011.553883][T26057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1011.553901][T26057] Call Trace: [ 1011.553912][T26057] [ 1011.553924][T26057] dump_stack_lvl+0x16c/0x1f0 [ 1011.553975][T26057] should_fail_ex+0x512/0x640 [ 1011.554021][T26057] ? __kmalloc_noprof+0xbf/0x510 [ 1011.554060][T26057] ? sk_prot_alloc+0x1a8/0x2a0 [ 1011.554101][T26057] should_failslab+0xc2/0x120 [ 1011.554141][T26057] __kmalloc_noprof+0xd2/0x510 [ 1011.554177][T26057] ? evm_inode_alloc_security+0x49/0xc0 [ 1011.554236][T26057] sk_prot_alloc+0x1a8/0x2a0 [ 1011.554283][T26057] sk_alloc+0x36/0xc20 [ 1011.554337][T26057] __netlink_create+0x5e/0x2c0 [ 1011.554372][T26057] __netlink_kernel_create+0xed/0x750 [ 1011.554413][T26057] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1011.554465][T26057] fib_net_init+0x26d/0x3f0 [ 1011.554501][T26057] ? __pfx___register_sysctl_table+0x10/0x10 [ 1011.554539][T26057] ? __pfx_fib_net_init+0x10/0x10 [ 1011.554577][T26057] ? lockdep_init_map_type+0x5c/0x280 [ 1011.554621][T26057] ? __pfx_nl_fib_input+0x10/0x10 [ 1011.554664][T26057] ? devinet_init_net+0x5c2/0x910 [ 1011.554710][T26057] ? __pfx_fib_net_init+0x10/0x10 [ 1011.554762][T26057] ops_init+0x1df/0x5f0 [ 1011.554806][T26057] setup_net+0x21e/0x850 [ 1011.554851][T26057] ? __pfx_setup_net+0x10/0x10 [ 1011.554889][T26057] ? lockdep_init_map_type+0x5c/0x280 [ 1011.554934][T26057] ? __pfx_down_read_killable+0x10/0x10 [ 1011.554993][T26057] ? debug_mutex_init+0x37/0x70 [ 1011.555028][T26057] copy_net_ns+0x2a6/0x5f0 [ 1011.555077][T26057] create_new_namespaces+0x3ea/0xad0 [ 1011.555125][T26057] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1011.555167][T26057] ksys_unshare+0x45b/0xa40 [ 1011.555213][T26057] ? __pfx_ksys_unshare+0x10/0x10 [ 1011.555257][T26057] ? xfd_validate_state+0x5d/0x180 [ 1011.555322][T26057] ? rcu_is_watching+0x12/0xc0 [ 1011.555365][T26057] __x64_sys_unshare+0x31/0x40 [ 1011.555410][T26057] do_syscall_64+0xcd/0x230 [ 1011.555461][T26057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1011.555496][T26057] RIP: 0033:0x7f4e3d98e969 [ 1011.555523][T26057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1011.555555][T26057] RSP: 002b:00007f4e3e84e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1011.555588][T26057] RAX: ffffffffffffffda RBX: 00007f4e3dbb6080 RCX: 00007f4e3d98e969 [ 1011.555611][T26057] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1011.555632][T26057] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1011.555653][T26057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1011.555673][T26057] R13: 0000000000000000 R14: 00007f4e3dbb6080 R15: 00007ffe0ae0c8d8 [ 1011.555717][T26057] [ 1013.023371][T26091] netlink: 338 bytes leftover after parsing attributes in process `syz.3.7608'. [ 1013.039065][T26092] FAULT_INJECTION: forcing a failure. [ 1013.039065][T26092] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1013.055656][T26092] CPU: 0 UID: 0 PID: 26092 Comm: syz.2.7607 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1013.055718][T26092] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1013.055732][T26092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1013.055752][T26092] Call Trace: [ 1013.055764][T26092] [ 1013.055777][T26092] dump_stack_lvl+0x16c/0x1f0 [ 1013.055827][T26092] should_fail_ex+0x512/0x640 [ 1013.055880][T26092] should_fail_alloc_page+0xe7/0x130 [ 1013.055924][T26092] prepare_alloc_pages+0x3c2/0x610 [ 1013.055974][T26092] ? rcu_is_watching+0x12/0xc0 [ 1013.056009][T26092] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 1013.056052][T26092] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1013.056096][T26092] ? __lock_acquire+0xaa4/0x1ba0 [ 1013.056144][T26092] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1013.056201][T26092] ? lock_acquire+0x179/0x350 [ 1013.056250][T26092] ? find_next_iomem_res+0x1c6/0x4f0 [ 1013.056296][T26092] ? do_raw_read_unlock+0x44/0xe0 [ 1013.056346][T26092] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1013.056394][T26092] ? policy_nodemask+0xea/0x4e0 [ 1013.056437][T26092] alloc_pages_mpol+0x1fb/0x550 [ 1013.056479][T26092] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1013.056521][T26092] ? __pti_set_user_pgtbl+0xf1/0x190 [ 1013.056572][T26092] ? __pfx___pti_set_user_pgtbl+0x10/0x10 [ 1013.056627][T26092] alloc_pages_noprof+0x131/0x390 [ 1013.056671][T26092] get_zeroed_page_noprof+0x14/0x50 [ 1013.056718][T26092] machine_kexec_prepare+0xc15/0xf90 [ 1013.056775][T26092] ? __pfx_machine_kexec_prepare+0x10/0x10 [ 1013.056827][T26092] ? __pfx_alloc_pgt_page+0x10/0x10 [ 1013.056893][T26092] do_kexec_load+0x664/0x8d0 [ 1013.056946][T26092] ? __pfx_do_kexec_load+0x10/0x10 [ 1013.057000][T26092] ? _copy_from_user+0x59/0xd0 [ 1013.057054][T26092] __x64_sys_kexec_load+0x1bf/0x230 [ 1013.057108][T26092] do_syscall_64+0xcd/0x230 [ 1013.057159][T26092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1013.057201][T26092] RIP: 0033:0x7f32f838e969 [ 1013.057229][T26092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1013.057263][T26092] RSP: 002b:00007f32f929a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 1013.057295][T26092] RAX: ffffffffffffffda RBX: 00007f32f85b5fa0 RCX: 00007f32f838e969 [ 1013.057317][T26092] RDX: 0000200000000080 RSI: 0000000000000002 RDI: 00000000000000ff [ 1013.057338][T26092] RBP: 00007f32f8410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1013.057360][T26092] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 1013.057380][T26092] R13: 0000000000000000 R14: 00007f32f85b5fa0 R15: 00007ffe4fa15518 [ 1013.057423][T26092] [ 1013.910981][T26112] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1014.072638][T26116] netlink: 18 bytes leftover after parsing attributes in process `syz.2.7617'. [ 1014.182928][T26119] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7619'. [ 1014.839208][T26136] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1014.861940][T26137] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1014.884597][T26137] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1015.183350][T26149] netlink: 18 bytes leftover after parsing attributes in process `syz.4.7630'. [ 1015.419562][T26158] QAT: failed to copy from user. [ 1015.468883][T26156] mkiss: ax0: crc mode is auto. [ 1016.081771][T26168] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1017.271377][T26195] FAULT_INJECTION: forcing a failure. [ 1017.271377][T26195] name failslab, interval 1, probability 0, space 0, times 0 [ 1017.302843][T26195] CPU: 1 UID: 0 PID: 26195 Comm: syz.4.7645 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1017.302905][T26195] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1017.302920][T26195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1017.302941][T26195] Call Trace: [ 1017.302952][T26195] [ 1017.302984][T26195] dump_stack_lvl+0x16c/0x1f0 [ 1017.303037][T26195] should_fail_ex+0x512/0x640 [ 1017.303084][T26195] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1017.303127][T26195] should_failslab+0xc2/0x120 [ 1017.303169][T26195] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1017.303205][T26195] ? __proc_create+0xc3/0x8c0 [ 1017.303239][T26195] ? __proc_create+0x2ce/0x8c0 [ 1017.303282][T26195] __proc_create+0x2ce/0x8c0 [ 1017.303319][T26195] ? __pfx___proc_create+0x10/0x10 [ 1017.303363][T26195] ? _raw_write_unlock+0x28/0x50 [ 1017.303401][T26195] ? proc_register+0x314/0x5f0 [ 1017.303443][T26195] proc_create_reg+0x7d/0x180 [ 1017.303485][T26195] proc_create_data+0x86/0x110 [ 1017.303522][T26195] ? __pfx_proc_create_data+0x10/0x10 [ 1017.303564][T26195] ? cache_register_net+0x137/0x5e0 [ 1017.303605][T26195] cache_register_net+0x2d6/0x5e0 [ 1017.303643][T26195] nfsd_idmap_init+0x16e/0x250 [ 1017.303681][T26195] ? __pfx_nfsd_net_init+0x10/0x10 [ 1017.303733][T26195] nfsd_net_init+0x69/0x3d0 [ 1017.303788][T26195] ? __pfx_nfsd_net_init+0x10/0x10 [ 1017.303839][T26195] ops_init+0x1df/0x5f0 [ 1017.303884][T26195] setup_net+0x21e/0x850 [ 1017.303929][T26195] ? __pfx_setup_net+0x10/0x10 [ 1017.303975][T26195] ? lockdep_init_map_type+0x5c/0x280 [ 1017.304023][T26195] ? __pfx_down_read_killable+0x10/0x10 [ 1017.304079][T26195] ? debug_mutex_init+0x37/0x70 [ 1017.304115][T26195] copy_net_ns+0x2a6/0x5f0 [ 1017.304164][T26195] create_new_namespaces+0x3ea/0xad0 [ 1017.304210][T26195] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1017.304254][T26195] ksys_unshare+0x45b/0xa40 [ 1017.304301][T26195] ? __pfx_ksys_unshare+0x10/0x10 [ 1017.304343][T26195] ? xfd_validate_state+0x5d/0x180 [ 1017.304401][T26195] ? rcu_is_watching+0x12/0xc0 [ 1017.304441][T26195] __x64_sys_unshare+0x31/0x40 [ 1017.304484][T26195] do_syscall_64+0xcd/0x230 [ 1017.304533][T26195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1017.304567][T26195] RIP: 0033:0x7fd69ed8e969 [ 1017.304595][T26195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1017.304628][T26195] RSP: 002b:00007fd69fb5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1017.304661][T26195] RAX: ffffffffffffffda RBX: 00007fd69efb5fa0 RCX: 00007fd69ed8e969 [ 1017.304684][T26195] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1017.304706][T26195] RBP: 00007fd69ee10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1017.304726][T26195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1017.304747][T26195] R13: 0000000000000000 R14: 00007fd69efb5fa0 R15: 00007ffeaebe6a68 [ 1017.304790][T26195] [ 1017.319143][T26197] netlink: 18 bytes leftover after parsing attributes in process `syz.3.7646'. [ 1018.335598][T26213] netlink: 338 bytes leftover after parsing attributes in process `syz.4.7653'. [ 1018.379338][T26213] netlink: 338 bytes leftover after parsing attributes in process `syz.4.7653'. [ 1018.450173][T26213] netlink: 290 bytes leftover after parsing attributes in process `syz.4.7653'. [ 1018.678196][T26219] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1019.698981][T26239] FAULT_INJECTION: forcing a failure. [ 1019.698981][T26239] name failslab, interval 1, probability 0, space 0, times 0 [ 1019.729801][T26241] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1019.753029][T26239] CPU: 1 UID: 0 PID: 26239 Comm: syz.4.7666 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1019.753088][T26239] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1019.753103][T26239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1019.753123][T26239] Call Trace: [ 1019.753135][T26239] [ 1019.753149][T26239] dump_stack_lvl+0x16c/0x1f0 [ 1019.753202][T26239] should_fail_ex+0x512/0x640 [ 1019.753250][T26239] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1019.753298][T26239] should_failslab+0xc2/0x120 [ 1019.753341][T26239] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1019.753380][T26239] ? mas_alloc_nodes+0x18b/0x8b0 [ 1019.753427][T26239] mas_alloc_nodes+0x18b/0x8b0 [ 1019.753477][T26239] mas_node_count_gfp+0x105/0x130 [ 1019.753521][T26239] mas_preallocate+0x53e/0xcd0 [ 1019.753580][T26239] ? __pfx_mas_preallocate+0x10/0x10 [ 1019.753648][T26239] ? mt_find+0x757/0xa30 [ 1019.753712][T26239] vma_link+0x135/0x6a0 [ 1019.753756][T26239] ? __pfx_vma_link+0x10/0x10 [ 1019.753818][T26239] insert_vm_struct+0x196/0x3e0 [ 1019.753873][T26239] ? __pfx_insert_vm_struct+0x10/0x10 [ 1019.753930][T26239] ? lockdep_init_map_type+0x5c/0x280 [ 1019.753981][T26239] alloc_bprm+0x76d/0xdd0 [ 1019.754037][T26239] do_execveat_common.isra.0+0x1ce/0x610 [ 1019.754100][T26239] __x64_sys_execve+0x8e/0xb0 [ 1019.754155][T26239] do_syscall_64+0xcd/0x230 [ 1019.754205][T26239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1019.754241][T26239] RIP: 0033:0x7fd69ed8e969 [ 1019.754268][T26239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1019.754302][T26239] RSP: 002b:00007fd69fb5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 1019.754335][T26239] RAX: ffffffffffffffda RBX: 00007fd69efb5fa0 RCX: 00007fd69ed8e969 [ 1019.754357][T26239] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000001c0 [ 1019.754378][T26239] RBP: 00007fd69ee10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1019.754399][T26239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1019.754419][T26239] R13: 0000000000000000 R14: 00007fd69efb5fa0 R15: 00007ffeaebe6a68 [ 1019.754462][T26239] [ 1019.759442][T26243] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1020.144190][T26248] openvswitch: netlink: IP tunnel dst address not specified [ 1021.212410][T26270] FAULT_INJECTION: forcing a failure. [ 1021.212410][T26270] name failslab, interval 1, probability 0, space 0, times 0 [ 1021.234696][T26270] CPU: 0 UID: 0 PID: 26270 Comm: syz.2.7678 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1021.234753][T26270] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1021.234767][T26270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1021.234788][T26270] Call Trace: [ 1021.234799][T26270] [ 1021.234811][T26270] dump_stack_lvl+0x16c/0x1f0 [ 1021.234862][T26270] should_fail_ex+0x512/0x640 [ 1021.234909][T26270] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1021.234951][T26270] should_failslab+0xc2/0x120 [ 1021.234992][T26270] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1021.235029][T26270] ? mas_alloc_nodes+0x18b/0x8b0 [ 1021.235076][T26270] mas_alloc_nodes+0x18b/0x8b0 [ 1021.235124][T26270] mas_node_count_gfp+0x105/0x130 [ 1021.235168][T26270] mas_preallocate+0x53e/0xcd0 [ 1021.235225][T26270] ? __pfx_mas_preallocate+0x10/0x10 [ 1021.235290][T26270] ? mt_find+0x757/0xa30 [ 1021.235343][T26270] vma_link+0x135/0x6a0 [ 1021.235384][T26270] ? __pfx_vma_link+0x10/0x10 [ 1021.235445][T26270] insert_vm_struct+0x196/0x3e0 [ 1021.235497][T26270] ? __pfx_insert_vm_struct+0x10/0x10 [ 1021.235553][T26270] ? lockdep_init_map_type+0x5c/0x280 [ 1021.235602][T26270] alloc_bprm+0x76d/0xdd0 [ 1021.235667][T26270] do_execveat_common.isra.0+0x1ce/0x610 [ 1021.235729][T26270] __x64_sys_execve+0x8e/0xb0 [ 1021.235783][T26270] do_syscall_64+0xcd/0x230 [ 1021.235832][T26270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1021.235865][T26270] RIP: 0033:0x7f32f838e969 [ 1021.235891][T26270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1021.235923][T26270] RSP: 002b:00007f32f929a038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 1021.235953][T26270] RAX: ffffffffffffffda RBX: 00007f32f85b5fa0 RCX: 00007f32f838e969 [ 1021.235976][T26270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000001c0 [ 1021.235996][T26270] RBP: 00007f32f8410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1021.236015][T26270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1021.236035][T26270] R13: 0000000000000000 R14: 00007f32f85b5fa0 R15: 00007ffe4fa15518 [ 1021.236076][T26270] [ 1022.117804][T26288] netlink: 330 bytes leftover after parsing attributes in process `syz.0.7683'. [ 1022.858754][T26306] FAULT_INJECTION: forcing a failure. [ 1022.858754][T26306] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1022.908656][T26306] CPU: 1 UID: 0 PID: 26306 Comm: syz.0.7693 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1022.908718][T26306] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1022.908734][T26306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1022.908754][T26306] Call Trace: [ 1022.908765][T26306] [ 1022.908779][T26306] dump_stack_lvl+0x16c/0x1f0 [ 1022.908831][T26306] should_fail_ex+0x512/0x640 [ 1022.908885][T26306] should_fail_alloc_page+0xe7/0x130 [ 1022.908928][T26306] prepare_alloc_pages+0x3c2/0x610 [ 1022.908996][T26306] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 1022.909035][T26306] ? bpf_ksym_find+0x124/0x1c0 [ 1022.909087][T26306] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1022.909123][T26306] ? is_bpf_text_address+0x94/0x1a0 [ 1022.909162][T26306] ? kernel_text_address+0x8d/0x100 [ 1022.909212][T26306] ? __kernel_text_address+0xd/0x40 [ 1022.909261][T26306] ? unwind_get_return_address+0x59/0xa0 [ 1022.909298][T26306] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1022.909372][T26306] ? stack_trace_save+0x8e/0xc0 [ 1022.909405][T26306] ? __pfx_stack_trace_save+0x10/0x10 [ 1022.909438][T26306] ? stack_depot_save_flags+0x28/0xa50 [ 1022.909496][T26306] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1022.909546][T26306] ? policy_nodemask+0xea/0x4e0 [ 1022.909591][T26306] alloc_pages_mpol+0x1fb/0x550 [ 1022.909632][T26306] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1022.909686][T26306] alloc_pages_noprof+0x131/0x390 [ 1022.909728][T26306] __pud_alloc+0x39/0x690 [ 1022.909779][T26306] __handle_mm_fault+0x996/0x2a40 [ 1022.909825][T26306] ? __pfx___handle_mm_fault+0x10/0x10 [ 1022.909896][T26306] handle_mm_fault+0x3fe/0xad0 [ 1022.909938][T26306] __get_user_pages+0x771/0x36f0 [ 1022.910005][T26306] ? __pfx___get_user_pages+0x10/0x10 [ 1022.910074][T26306] get_user_pages_remote+0x258/0xb20 [ 1022.910136][T26306] ? __pfx_get_user_pages_remote+0x10/0x10 [ 1022.910207][T26306] get_arg_page+0xf4/0x310 [ 1022.910256][T26306] ? __pfx_get_arg_page+0x10/0x10 [ 1022.910308][T26306] ? up_write+0x1b2/0x520 [ 1022.910361][T26306] copy_string_kernel+0x155/0x4a0 [ 1022.910420][T26306] do_execveat_common.isra.0+0x2ed/0x610 [ 1022.910486][T26306] __x64_sys_execve+0x8e/0xb0 [ 1022.910539][T26306] do_syscall_64+0xcd/0x230 [ 1022.910590][T26306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1022.910624][T26306] RIP: 0033:0x7f4e3d98e969 [ 1022.910652][T26306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1022.910685][T26306] RSP: 002b:00007f4e3e86f038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 1022.910717][T26306] RAX: ffffffffffffffda RBX: 00007f4e3dbb5fa0 RCX: 00007f4e3d98e969 [ 1022.910740][T26306] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000001c0 [ 1022.910760][T26306] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1022.910781][T26306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1022.910801][T26306] R13: 0000000000000000 R14: 00007f4e3dbb5fa0 R15: 00007ffe0ae0c8d8 [ 1022.910845][T26306] [ 1023.661218][T26304] FAULT_INJECTION: forcing a failure. [ 1023.661218][T26304] name failslab, interval 1, probability 0, space 0, times 0 [ 1023.699809][T26304] CPU: 1 UID: 0 PID: 26304 Comm: syz.4.7691 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1023.699872][T26304] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1023.699887][T26304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1023.699907][T26304] Call Trace: [ 1023.699919][T26304] [ 1023.699932][T26304] dump_stack_lvl+0x16c/0x1f0 [ 1023.699984][T26304] should_fail_ex+0x512/0x640 [ 1023.700032][T26304] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1023.700093][T26304] should_failslab+0xc2/0x120 [ 1023.700135][T26304] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1023.700188][T26304] ? lockdep_init_map_type+0x5c/0x280 [ 1023.700236][T26304] ? nci_hci_allocate+0x45/0x330 [ 1023.700291][T26304] nci_hci_allocate+0x45/0x330 [ 1023.700338][T26304] nci_allocate_device+0x26f/0x430 [ 1023.700379][T26304] virtual_ncidev_open+0x6f/0x220 [ 1023.700428][T26304] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 1023.700471][T26304] misc_open+0x35a/0x420 [ 1023.700521][T26304] ? __pfx_misc_open+0x10/0x10 [ 1023.700579][T26304] chrdev_open+0x231/0x6a0 [ 1023.700615][T26304] ? __pfx_apparmor_file_open+0x10/0x10 [ 1023.700659][T26304] ? __pfx_chrdev_open+0x10/0x10 [ 1023.700699][T26304] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1023.700758][T26304] do_dentry_open+0x741/0x1c10 [ 1023.700799][T26304] ? __pfx_chrdev_open+0x10/0x10 [ 1023.700843][T26304] vfs_open+0x82/0x3f0 [ 1023.700893][T26304] path_openat+0x1e5e/0x2d40 [ 1023.700942][T26304] ? __pfx_path_openat+0x10/0x10 [ 1023.700987][T26304] do_filp_open+0x20b/0x470 [ 1023.701021][T26304] ? __pfx_do_filp_open+0x10/0x10 [ 1023.701085][T26304] ? alloc_fd+0x471/0x7d0 [ 1023.701149][T26304] do_sys_openat2+0x11b/0x1d0 [ 1023.701193][T26304] ? __pfx_do_sys_openat2+0x10/0x10 [ 1023.701255][T26304] __x64_sys_openat+0x174/0x210 [ 1023.701301][T26304] ? __pfx___x64_sys_openat+0x10/0x10 [ 1023.701349][T26304] ? rcu_is_watching+0x12/0xc0 [ 1023.701393][T26304] do_syscall_64+0xcd/0x230 [ 1023.701444][T26304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1023.701479][T26304] RIP: 0033:0x7fd69ed8e969 [ 1023.701505][T26304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1023.701546][T26304] RSP: 002b:00007fd69fb5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1023.701578][T26304] RAX: ffffffffffffffda RBX: 00007fd69efb5fa0 RCX: 00007fd69ed8e969 [ 1023.701602][T26304] RDX: 0000000000000100 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1023.701623][T26304] RBP: 00007fd69ee10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1023.701644][T26304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1023.701664][T26304] R13: 0000000000000000 R14: 00007fd69efb5fa0 R15: 00007ffeaebe6a68 [ 1023.701708][T26304] [ 1025.289964][T26349] netlink: 342 bytes leftover after parsing attributes in process `syz.2.7710'. [ 1025.461452][T26360] netlink: 342 bytes leftover after parsing attributes in process `syz.2.7711'. [ 1026.239423][T26370] netlink: 330 bytes leftover after parsing attributes in process `syz.2.7715'. [ 1026.258888][T26368] mkiss: ax0: crc mode is auto. [ 1026.556587][T26377] QAT: failed to copy from user. [ 1027.546455][T26395] QAT: failed to copy from user. [ 1027.610980][T26397] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7723'. [ 1028.848621][T26414] FAULT_INJECTION: forcing a failure. [ 1028.848621][T26414] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1028.924330][T26414] CPU: 0 UID: 0 PID: 26414 Comm: syz.4.7727 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1028.924391][T26414] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1028.924405][T26414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1028.924424][T26414] Call Trace: [ 1028.924435][T26414] [ 1028.924448][T26414] dump_stack_lvl+0x16c/0x1f0 [ 1028.924497][T26414] should_fail_ex+0x512/0x640 [ 1028.924548][T26414] should_fail_alloc_page+0xe7/0x130 [ 1028.924591][T26414] prepare_alloc_pages+0x3c2/0x610 [ 1028.924646][T26414] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 1028.924685][T26414] ? kasan_save_stack+0x33/0x60 [ 1028.924717][T26414] ? kasan_save_track+0x14/0x30 [ 1028.924750][T26414] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 1028.924792][T26414] ? __lock_acquire+0x5ca/0x1ba0 [ 1028.924841][T26414] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1028.924881][T26414] ? __lock_acquire+0x5ca/0x1ba0 [ 1028.924958][T26414] ? __lock_acquire+0x5ca/0x1ba0 [ 1028.925007][T26414] ? __lock_acquire+0xaa4/0x1ba0 [ 1028.925050][T26414] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1028.925102][T26414] ? policy_nodemask+0xea/0x4e0 [ 1028.925148][T26414] alloc_pages_mpol+0x1fb/0x550 [ 1028.925192][T26414] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1028.925230][T26414] ? page_table_check_set+0x96f/0xb50 [ 1028.925282][T26414] alloc_pages_noprof+0x131/0x390 [ 1028.925326][T26414] pte_alloc_one+0x19/0x380 [ 1028.925377][T26414] __pte_alloc+0x6d/0x3c0 [ 1028.925421][T26414] ? __pfx___pte_alloc+0x10/0x10 [ 1028.925465][T26414] ? __pfx___might_resched+0x10/0x10 [ 1028.925501][T26414] ? copy_page_range+0x197d/0x5fe0 [ 1028.925559][T26414] copy_page_range+0x3a29/0x5fe0 [ 1028.925657][T26414] ? __pfx_copy_page_range+0x10/0x10 [ 1028.925724][T26414] ? __pfx___might_resched+0x10/0x10 [ 1028.925759][T26414] ? __pfx_mas_store+0x10/0x10 [ 1028.925807][T26414] ? __vma_enter_locked+0x163/0x3f0 [ 1028.925853][T26414] ? copy_process+0x85dd/0x91a0 [ 1028.925894][T26414] ? down_write+0x14d/0x200 [ 1028.925950][T26414] ? up_write+0x1b2/0x520 [ 1028.926002][T26414] copy_process+0x862b/0x91a0 [ 1028.926077][T26414] ? __pfx_copy_process+0x10/0x10 [ 1028.926124][T26414] ? try_to_wake_up+0xa2f/0x1680 [ 1028.926164][T26414] ? plist_check_head+0xa3/0x150 [ 1028.926198][T26414] ? find_held_lock+0x2b/0x80 [ 1028.926237][T26414] ? wake_up_q+0xb0/0x160 [ 1028.926265][T26414] ? do_raw_spin_unlock+0x172/0x230 [ 1028.926321][T26414] kernel_clone+0xfc/0x960 [ 1028.926372][T26414] ? __pfx_futex_wake+0x10/0x10 [ 1028.926416][T26414] ? __pfx_kernel_clone+0x10/0x10 [ 1028.926485][T26414] __do_sys_clone+0xce/0x120 [ 1028.926528][T26414] ? __pfx___do_sys_clone+0x10/0x10 [ 1028.926569][T26414] ? ksys_unshare+0x687/0xa40 [ 1028.926634][T26414] ? rcu_is_watching+0x12/0xc0 [ 1028.926680][T26414] do_syscall_64+0xcd/0x230 [ 1028.926732][T26414] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1028.926766][T26414] RIP: 0033:0x7fd69ed8e969 [ 1028.926794][T26414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1028.926825][T26414] RSP: 002b:00007fd69fb5efe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1028.926857][T26414] RAX: ffffffffffffffda RBX: 00007fd69efb5fa0 RCX: 00007fd69ed8e969 [ 1028.926879][T26414] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1028.926898][T26414] RBP: 00007fd69ee10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1028.926919][T26414] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1028.926938][T26414] R13: 0000000000000000 R14: 00007fd69efb5fa0 R15: 00007ffeaebe6a68 [ 1028.926982][T26414] [ 1029.701477][T26420] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1030.306372][T26434] netlink: 8 bytes leftover after parsing attributes in process `syz.2.7738'. [ 1030.682152][T26437] netlink: 330 bytes leftover after parsing attributes in process `syz.4.7747'. [ 1031.071435][T26441] FAULT_INJECTION: forcing a failure. [ 1031.071435][T26441] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1031.129031][T26441] CPU: 0 UID: 0 PID: 26441 Comm: syz.0.7740 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1031.129087][T26441] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1031.129100][T26441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1031.129120][T26441] Call Trace: [ 1031.129130][T26441] [ 1031.129143][T26441] dump_stack_lvl+0x16c/0x1f0 [ 1031.129204][T26441] should_fail_ex+0x512/0x640 [ 1031.129257][T26441] should_fail_alloc_page+0xe7/0x130 [ 1031.129298][T26441] prepare_alloc_pages+0x3c2/0x610 [ 1031.129354][T26441] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 1031.129390][T26441] ? __alloc_frozen_pages_noprof+0x298/0x23a0 [ 1031.129433][T26441] ? __lock_acquire+0x5ca/0x1ba0 [ 1031.129487][T26441] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1031.129554][T26441] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1031.129602][T26441] ? policy_nodemask+0xea/0x4e0 [ 1031.129645][T26441] alloc_pages_mpol+0x1fb/0x550 [ 1031.129687][T26441] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1031.129727][T26441] ? do_raw_spin_lock+0x12c/0x2b0 [ 1031.129775][T26441] ? find_held_lock+0x2b/0x80 [ 1031.129811][T26441] alloc_pages_noprof+0x131/0x390 [ 1031.129853][T26441] __pmd_alloc+0x3f/0x870 [ 1031.129905][T26441] copy_page_range+0x420e/0x5fe0 [ 1031.129999][T26441] ? __pfx_copy_page_range+0x10/0x10 [ 1031.130054][T26441] ? mas_store+0x93a/0x10c0 [ 1031.130103][T26441] ? __pfx___might_resched+0x10/0x10 [ 1031.130146][T26441] ? __pfx_mas_store+0x10/0x10 [ 1031.130200][T26441] ? __vma_enter_locked+0x163/0x3f0 [ 1031.130238][T26441] ? down_write+0x14d/0x200 [ 1031.130311][T26441] copy_process+0x862b/0x91a0 [ 1031.130384][T26441] ? __pfx_copy_process+0x10/0x10 [ 1031.130424][T26441] ? __pfx___futex_wait+0x10/0x10 [ 1031.130503][T26441] kernel_clone+0xfc/0x960 [ 1031.130549][T26441] ? __pfx_kernel_clone+0x10/0x10 [ 1031.130615][T26441] __do_sys_clone+0xce/0x120 [ 1031.130657][T26441] ? __pfx___do_sys_clone+0x10/0x10 [ 1031.130697][T26441] ? ksys_unshare+0x687/0xa40 [ 1031.130760][T26441] ? rcu_is_watching+0x12/0xc0 [ 1031.130805][T26441] do_syscall_64+0xcd/0x230 [ 1031.130855][T26441] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1031.130888][T26441] RIP: 0033:0x7f4e3d98e969 [ 1031.130914][T26441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1031.130947][T26441] RSP: 002b:00007f4e3e86efe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1031.130979][T26441] RAX: ffffffffffffffda RBX: 00007f4e3dbb5fa0 RCX: 00007f4e3d98e969 [ 1031.130999][T26441] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1031.131020][T26441] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1031.131040][T26441] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1031.131060][T26441] R13: 0000000000000000 R14: 00007f4e3dbb5fa0 R15: 00007ffe0ae0c8d8 [ 1031.131102][T26441] [ 1031.510872][T26434] Process accounting paused [ 1032.050782][T26451] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1032.226983][T26458] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7744'. [ 1033.597181][T26470] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7750'. [ 1034.196556][T26482] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1034.336670][T26477] FAULT_INJECTION: forcing a failure. [ 1034.336670][T26477] name failslab, interval 1, probability 0, space 0, times 0 [ 1034.384045][T26477] CPU: 0 UID: 0 PID: 26477 Comm: syz.2.7753 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1034.384102][T26477] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1034.384116][T26477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1034.384135][T26477] Call Trace: [ 1034.384146][T26477] [ 1034.384159][T26477] dump_stack_lvl+0x16c/0x1f0 [ 1034.384210][T26477] should_fail_ex+0x512/0x640 [ 1034.384256][T26477] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1034.384314][T26477] should_failslab+0xc2/0x120 [ 1034.384355][T26477] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1034.384406][T26477] ? lockdep_init_map_type+0x5c/0x280 [ 1034.384451][T26477] ? nci_hci_allocate+0x45/0x330 [ 1034.384503][T26477] nci_hci_allocate+0x45/0x330 [ 1034.384569][T26477] nci_allocate_device+0x26f/0x430 [ 1034.384629][T26477] virtual_ncidev_open+0x6f/0x220 [ 1034.384679][T26477] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 1034.384733][T26477] misc_open+0x35a/0x420 [ 1034.384788][T26477] ? __pfx_misc_open+0x10/0x10 [ 1034.384837][T26477] chrdev_open+0x231/0x6a0 [ 1034.384872][T26477] ? __pfx_apparmor_file_open+0x10/0x10 [ 1034.384914][T26477] ? __pfx_chrdev_open+0x10/0x10 [ 1034.384954][T26477] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1034.385014][T26477] do_dentry_open+0x741/0x1c10 [ 1034.385049][T26477] ? __pfx_chrdev_open+0x10/0x10 [ 1034.385095][T26477] vfs_open+0x82/0x3f0 [ 1034.385144][T26477] path_openat+0x1e5e/0x2d40 [ 1034.385193][T26477] ? __pfx_path_openat+0x10/0x10 [ 1034.385236][T26477] do_filp_open+0x20b/0x470 [ 1034.385269][T26477] ? __pfx_do_filp_open+0x10/0x10 [ 1034.385334][T26477] ? alloc_fd+0x471/0x7d0 [ 1034.385397][T26477] do_sys_openat2+0x11b/0x1d0 [ 1034.385441][T26477] ? __pfx_do_sys_openat2+0x10/0x10 [ 1034.385503][T26477] __x64_sys_openat+0x174/0x210 [ 1034.385549][T26477] ? __pfx___x64_sys_openat+0x10/0x10 [ 1034.385598][T26477] ? rcu_is_watching+0x12/0xc0 [ 1034.385640][T26477] do_syscall_64+0xcd/0x230 [ 1034.385690][T26477] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1034.385743][T26477] RIP: 0033:0x7f32f838e969 [ 1034.385769][T26477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1034.385801][T26477] RSP: 002b:00007f32f929a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1034.385832][T26477] RAX: ffffffffffffffda RBX: 00007f32f85b5fa0 RCX: 00007f32f838e969 [ 1034.385854][T26477] RDX: 0000000000000100 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1034.385875][T26477] RBP: 00007f32f8410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1034.385894][T26477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1034.385914][T26477] R13: 0000000000000000 R14: 00007f32f85b5fa0 R15: 00007ffe4fa15518 [ 1034.385955][T26477] [ 1035.067973][T26488] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7765'. [ 1035.716986][T26501] netlink: 346 bytes leftover after parsing attributes in process `syz.3.7762'. [ 1036.321108][T26511] openvswitch: netlink: IP tunnel dst address not specified [ 1036.615389][T26517] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7767'. [ 1036.981751][T26520] FAULT_INJECTION: forcing a failure. [ 1036.981751][T26520] name failslab, interval 1, probability 0, space 0, times 0 [ 1036.995027][T26520] CPU: 0 UID: 0 PID: 26520 Comm: syz.0.7768 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1036.995077][T26520] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1036.995091][T26520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1036.995109][T26520] Call Trace: [ 1036.995120][T26520] [ 1036.995132][T26520] dump_stack_lvl+0x16c/0x1f0 [ 1036.995179][T26520] should_fail_ex+0x512/0x640 [ 1036.995219][T26520] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1036.995272][T26520] should_failslab+0xc2/0x120 [ 1036.995308][T26520] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1036.995355][T26520] ? lockdep_init_map_type+0x5c/0x280 [ 1036.995396][T26520] ? nci_hci_allocate+0x45/0x330 [ 1036.995445][T26520] nci_hci_allocate+0x45/0x330 [ 1036.995488][T26520] nci_allocate_device+0x26f/0x430 [ 1036.995524][T26520] virtual_ncidev_open+0x6f/0x220 [ 1036.995565][T26520] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 1036.995606][T26520] misc_open+0x35a/0x420 [ 1036.995652][T26520] ? __pfx_misc_open+0x10/0x10 [ 1036.995697][T26520] chrdev_open+0x231/0x6a0 [ 1036.995736][T26520] ? __pfx_apparmor_file_open+0x10/0x10 [ 1036.995774][T26520] ? __pfx_chrdev_open+0x10/0x10 [ 1036.995808][T26520] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1036.995862][T26520] do_dentry_open+0x741/0x1c10 [ 1036.995892][T26520] ? __pfx_chrdev_open+0x10/0x10 [ 1036.995930][T26520] vfs_open+0x82/0x3f0 [ 1036.995972][T26520] path_openat+0x1e5e/0x2d40 [ 1036.996014][T26520] ? __pfx_path_openat+0x10/0x10 [ 1036.996053][T26520] do_filp_open+0x20b/0x470 [ 1036.996082][T26520] ? __pfx_do_filp_open+0x10/0x10 [ 1036.996140][T26520] ? alloc_fd+0x471/0x7d0 [ 1036.996198][T26520] do_sys_openat2+0x11b/0x1d0 [ 1036.996237][T26520] ? __pfx_do_sys_openat2+0x10/0x10 [ 1036.996291][T26520] __x64_sys_openat+0x174/0x210 [ 1036.996332][T26520] ? __pfx___x64_sys_openat+0x10/0x10 [ 1036.996373][T26520] ? rcu_is_watching+0x12/0xc0 [ 1036.996412][T26520] do_syscall_64+0xcd/0x230 [ 1036.996458][T26520] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1036.996489][T26520] RIP: 0033:0x7f4e3d98e969 [ 1036.996513][T26520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1036.996542][T26520] RSP: 002b:00007f4e3e86f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1036.996570][T26520] RAX: ffffffffffffffda RBX: 00007f4e3dbb5fa0 RCX: 00007f4e3d98e969 [ 1036.996590][T26520] RDX: 0000000000000100 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1036.996609][T26520] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1036.996628][T26520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1036.996645][T26520] R13: 0000000000000000 R14: 00007f4e3dbb5fa0 R15: 00007ffe0ae0c8d8 [ 1036.996682][T26520] [ 1037.642809][T26526] netlink: 342 bytes leftover after parsing attributes in process `syz.3.7770'. [ 1037.672109][T26527] netlink: 342 bytes leftover after parsing attributes in process `syz.0.7769'. [ 1037.879287][T26533] netlink: 346 bytes leftover after parsing attributes in process `syz.2.7780'. [ 1037.922537][T26535] netlink: 330 bytes leftover after parsing attributes in process `syz.3.7771'. [ 1038.399158][T26549] openvswitch: netlink: IP tunnel dst address not specified [ 1039.187401][T26564] netlink: 330 bytes leftover after parsing attributes in process `syz.4.7784'. [ 1039.196646][T26564] : renamed from bond_slave_1 (while UP) [ 1039.442608][T26570] netlink: 346 bytes leftover after parsing attributes in process `syz.4.7785'. [ 1040.927844][T26575] FAULT_INJECTION: forcing a failure. [ 1040.927844][T26575] name failslab, interval 1, probability 0, space 0, times 0 [ 1040.940417][T26578] netlink: 'syz.0.7795': attribute type 64 has an invalid length. [ 1040.959273][T26578] netlink: 74 bytes leftover after parsing attributes in process `syz.0.7795'. [ 1040.963707][T26575] CPU: 0 UID: 0 PID: 26575 Comm: syz.4.7796 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1040.963768][T26575] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1040.963784][T26575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1040.963808][T26575] Call Trace: [ 1040.963820][T26575] [ 1040.963834][T26575] dump_stack_lvl+0x16c/0x1f0 [ 1040.963890][T26575] should_fail_ex+0x512/0x640 [ 1040.963940][T26575] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1040.963985][T26575] should_failslab+0xc2/0x120 [ 1040.964029][T26575] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1040.964070][T26575] ? getname_kernel+0x52/0x370 [ 1040.964136][T26575] getname_kernel+0x52/0x370 [ 1040.964181][T26575] kern_path+0x1d/0x50 [ 1040.964245][T26575] tomoyo_realpath_nofollow+0x87/0xf0 [ 1040.964297][T26575] ? __pfx_tomoyo_realpath_nofollow+0x10/0x10 [ 1040.964347][T26575] ? tomoyo_domain+0xbb/0x150 [ 1040.964403][T26575] ? tomoyo_init_request_info+0x101/0x370 [ 1040.964445][T26575] tomoyo_find_next_domain+0x2a8/0x20b0 [ 1040.964485][T26575] ? __pfx___kernel_read+0x10/0x10 [ 1040.964529][T26575] ? __pfx_tomoyo_find_next_domain+0x10/0x10 [ 1040.964584][T26575] tomoyo_bprm_check_security+0x12e/0x1d0 [ 1040.964639][T26575] ? tomoyo_bprm_check_security+0x120/0x1d0 [ 1040.964699][T26575] security_bprm_check+0x1b9/0x1e0 [ 1040.964735][T26575] bprm_execve+0x810/0x1650 [ 1040.964798][T26575] ? __pfx_bprm_execve+0x10/0x10 [ 1040.964849][T26575] ? __asan_memcpy+0x3c/0x60 [ 1040.964880][T26575] ? copy_string_kernel+0x404/0x4a0 [ 1040.964943][T26575] do_execveat_common.isra.0+0x4a5/0x610 [ 1040.965010][T26575] __x64_sys_execve+0x8e/0xb0 [ 1040.965070][T26575] do_syscall_64+0xcd/0x230 [ 1040.965123][T26575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.965160][T26575] RIP: 0033:0x7fd69ed8e969 [ 1040.965188][T26575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1040.965235][T26575] RSP: 002b:00007fd69fb5f038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 1040.965268][T26575] RAX: ffffffffffffffda RBX: 00007fd69efb5fa0 RCX: 00007fd69ed8e969 [ 1040.965293][T26575] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 1040.965315][T26575] RBP: 00007fd69ee10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1040.965337][T26575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1040.965357][T26575] R13: 0000000000000000 R14: 00007fd69efb5fa0 R15: 00007ffeaebe6a68 [ 1040.965403][T26575] [ 1040.965621][T26575] ERROR: Out of memory at tomoyo_memory_ok. [ 1041.158699][T26581] FAULT_INJECTION: forcing a failure. [ 1041.158699][T26581] name failslab, interval 1, probability 0, space 0, times 0 [ 1041.250802][T26581] CPU: 1 UID: 0 PID: 26581 Comm: syz.2.7787 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1041.250861][T26581] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1041.250876][T26581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1041.250897][T26581] Call Trace: [ 1041.250908][T26581] [ 1041.250921][T26581] dump_stack_lvl+0x16c/0x1f0 [ 1041.250973][T26581] should_fail_ex+0x512/0x640 [ 1041.251016][T26581] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1041.251057][T26581] should_failslab+0xc2/0x120 [ 1041.251094][T26581] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1041.251131][T26581] ? ptlock_alloc+0x1f/0x70 [ 1041.251194][T26581] ptlock_alloc+0x1f/0x70 [ 1041.251237][T26581] pte_alloc_one+0x6d/0x380 [ 1041.251276][T26581] __pte_alloc+0x6d/0x3c0 [ 1041.251322][T26581] ? __pfx___pte_alloc+0x10/0x10 [ 1041.251364][T26581] ? __pfx___might_resched+0x10/0x10 [ 1041.251401][T26581] ? copy_page_range+0x197d/0x5fe0 [ 1041.251455][T26581] copy_page_range+0x3a29/0x5fe0 [ 1041.251554][T26581] ? __pfx_copy_page_range+0x10/0x10 [ 1041.251620][T26581] ? __pfx___might_resched+0x10/0x10 [ 1041.251654][T26581] ? __pfx_mas_store+0x10/0x10 [ 1041.251703][T26581] ? __vma_enter_locked+0x163/0x3f0 [ 1041.251748][T26581] ? copy_process+0x85dd/0x91a0 [ 1041.251788][T26581] ? down_write+0x14d/0x200 [ 1041.251843][T26581] ? up_write+0x1b2/0x520 [ 1041.251896][T26581] copy_process+0x862b/0x91a0 [ 1041.251970][T26581] ? __pfx_copy_process+0x10/0x10 [ 1041.252010][T26581] ? __pfx___futex_wait+0x10/0x10 [ 1041.252093][T26581] kernel_clone+0xfc/0x960 [ 1041.252136][T26581] ? __pfx_kernel_clone+0x10/0x10 [ 1041.252211][T26581] __do_sys_clone+0xce/0x120 [ 1041.252254][T26581] ? __pfx___do_sys_clone+0x10/0x10 [ 1041.252296][T26581] ? ksys_unshare+0x687/0xa40 [ 1041.252361][T26581] ? rcu_is_watching+0x12/0xc0 [ 1041.252405][T26581] do_syscall_64+0xcd/0x230 [ 1041.252456][T26581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1041.252492][T26581] RIP: 0033:0x7f32f838e969 [ 1041.252519][T26581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1041.252553][T26581] RSP: 002b:00007f32f9299fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1041.252585][T26581] RAX: ffffffffffffffda RBX: 00007f32f85b5fa0 RCX: 00007f32f838e969 [ 1041.252608][T26581] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 1041.252641][T26581] RBP: 00007f32f8410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1041.252661][T26581] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1041.252680][T26581] R13: 0000000000000000 R14: 00007f32f85b5fa0 R15: 00007ffe4fa15518 [ 1041.252723][T26581] [ 1041.983602][T26591] openvswitch: netlink: IP tunnel dst address not specified [ 1042.310982][T26604] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7797'. [ 1042.415069][T26607] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7797'. [ 1042.592381][T26610] FAULT_INJECTION: forcing a failure. [ 1042.592381][T26610] name failslab, interval 1, probability 0, space 0, times 0 [ 1042.638166][T26610] CPU: 1 UID: 0 PID: 26610 Comm: syz.0.7798 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1042.638228][T26610] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1042.638244][T26610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1042.638264][T26610] Call Trace: [ 1042.638276][T26610] [ 1042.638289][T26610] dump_stack_lvl+0x16c/0x1f0 [ 1042.638351][T26610] should_fail_ex+0x512/0x640 [ 1042.638397][T26610] ? __kmalloc_noprof+0xbf/0x510 [ 1042.638437][T26610] ? lsm_blob_alloc+0x68/0x90 [ 1042.638484][T26610] should_failslab+0xc2/0x120 [ 1042.638526][T26610] __kmalloc_noprof+0xd2/0x510 [ 1042.638572][T26610] lsm_blob_alloc+0x68/0x90 [ 1042.638624][T26610] security_sk_alloc+0x30/0x270 [ 1042.638659][T26610] sk_prot_alloc+0xfb/0x2a0 [ 1042.638709][T26610] sk_alloc+0x36/0xc20 [ 1042.638742][T26610] inet6_create+0x381/0x1300 [ 1042.638780][T26610] ? inet6_create+0x7f/0x1300 [ 1042.638818][T26610] __sock_create+0x335/0x8d0 [ 1042.638885][T26610] smc_create_clcsk+0x37/0xd0 [ 1042.638920][T26610] ? __pfx_smc_inet_init_sock+0x10/0x10 [ 1042.638970][T26610] inet6_create+0xb2d/0x1300 [ 1042.639004][T26610] ? inet6_create+0x7f/0x1300 [ 1042.639041][T26610] __sock_create+0x335/0x8d0 [ 1042.639101][T26610] __sys_socket+0x14d/0x260 [ 1042.639148][T26610] ? __pfx___sys_socket+0x10/0x10 [ 1042.639198][T26610] ? rcu_is_watching+0x12/0xc0 [ 1042.639237][T26610] __x64_sys_socket+0x72/0xb0 [ 1042.639281][T26610] ? lockdep_hardirqs_on+0x7c/0x110 [ 1042.639322][T26610] do_syscall_64+0xcd/0x230 [ 1042.639372][T26610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1042.639404][T26610] RIP: 0033:0x7f4e3d98e969 [ 1042.639436][T26610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1042.639467][T26610] RSP: 002b:00007f4e3e86f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1042.639499][T26610] RAX: ffffffffffffffda RBX: 00007f4e3dbb5fa0 RCX: 00007f4e3d98e969 [ 1042.639521][T26610] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 000000000000000a [ 1042.639541][T26610] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1042.639561][T26610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1042.639581][T26610] R13: 0000000000000000 R14: 00007f4e3dbb5fa0 R15: 00007ffe0ae0c8d8 [ 1042.639622][T26610] [ 1042.899833][T26613] sp0: Synchronizing with TNC [ 1042.910209][T26613] sp0: Found TNC [ 1043.510206][T26624] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7806'. [ 1044.453481][T26645] netlink: 'syz.2.7813': attribute type 64 has an invalid length. [ 1044.475417][T26645] netlink: 74 bytes leftover after parsing attributes in process `syz.2.7813'. [ 1044.729615][T26653] FAULT_INJECTION: forcing a failure. [ 1044.729615][T26653] name failslab, interval 1, probability 0, space 0, times 0 [ 1044.765038][T26653] CPU: 0 UID: 0 PID: 26653 Comm: syz.2.7815 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1044.765095][T26653] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1044.765110][T26653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1044.765131][T26653] Call Trace: [ 1044.765142][T26653] [ 1044.765155][T26653] dump_stack_lvl+0x16c/0x1f0 [ 1044.765220][T26653] should_fail_ex+0x512/0x640 [ 1044.765268][T26653] ? fs_reclaim_acquire+0xae/0x150 [ 1044.765323][T26653] should_failslab+0xc2/0x120 [ 1044.765362][T26653] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1044.765418][T26653] ? tomoyo_find_next_domain+0x145/0x20b0 [ 1044.765452][T26653] ? kasan_save_track+0x14/0x30 [ 1044.765490][T26653] tomoyo_find_next_domain+0x145/0x20b0 [ 1044.765526][T26653] ? __pfx___kernel_read+0x10/0x10 [ 1044.765567][T26653] ? __pfx_tomoyo_find_next_domain+0x10/0x10 [ 1044.765619][T26653] tomoyo_bprm_check_security+0x12e/0x1d0 [ 1044.765670][T26653] ? tomoyo_bprm_check_security+0x120/0x1d0 [ 1044.765724][T26653] security_bprm_check+0x1b9/0x1e0 [ 1044.765755][T26653] bprm_execve+0x810/0x1650 [ 1044.765813][T26653] ? __pfx_bprm_execve+0x10/0x10 [ 1044.765860][T26653] ? __asan_memcpy+0x3c/0x60 [ 1044.765888][T26653] ? copy_string_kernel+0x404/0x4a0 [ 1044.765943][T26653] do_execveat_common.isra.0+0x4a5/0x610 [ 1044.766002][T26653] __x64_sys_execve+0x8e/0xb0 [ 1044.766048][T26653] do_syscall_64+0xcd/0x230 [ 1044.766092][T26653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1044.766121][T26653] RIP: 0033:0x7f32f838e969 [ 1044.766147][T26653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1044.766178][T26653] RSP: 002b:00007f32f929a038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 1044.766216][T26653] RAX: ffffffffffffffda RBX: 00007f32f85b5fa0 RCX: 00007f32f838e969 [ 1044.766237][T26653] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 1044.766256][T26653] RBP: 00007f32f8410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1044.766276][T26653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1044.766294][T26653] R13: 0000000000000000 R14: 00007f32f85b5fa0 R15: 00007ffe4fa15518 [ 1044.766333][T26653] [ 1044.930357][T23881] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 1046.438657][T26678] sp0: Synchronizing with TNC [ 1046.478190][T26680] sp0: Found TNC [ 1046.615476][T26683] netlink: 'syz.4.7824': attribute type 64 has an invalid length. [ 1046.649857][T26683] netlink: 74 bytes leftover after parsing attributes in process `syz.4.7824'. [ 1046.941727][T26692] RDS: rds_bind could not find a transport for ::ffff:172.20.20.55, load rds_tcp or rds_rdma? [ 1048.003148][T26713] sp0: Synchronizing with TNC [ 1048.056748][T26713] sp0: Found TNC [ 1048.472950][T26719] ERROR: Out of memory at tomoyo_memory_ok. [ 1048.671985][T26722] ERROR: Out of memory at tomoyo_memory_ok. [ 1050.439580][T23881] Bluetooth: hci3: Malformed LE Event: 0x1d [ 1051.580756][T26758] FAULT_INJECTION: forcing a failure. [ 1051.580756][T26758] name failslab, interval 1, probability 0, space 0, times 0 [ 1051.719150][T26758] CPU: 1 UID: 0 PID: 26758 Comm: syz.0.7852 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1051.719208][T26758] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1051.719223][T26758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1051.719243][T26758] Call Trace: [ 1051.719255][T26758] [ 1051.719268][T26758] dump_stack_lvl+0x16c/0x1f0 [ 1051.719320][T26758] should_fail_ex+0x512/0x640 [ 1051.719366][T26758] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1051.719409][T26758] should_failslab+0xc2/0x120 [ 1051.719450][T26758] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1051.719486][T26758] ? getname_kernel+0x52/0x370 [ 1051.719529][T26758] getname_kernel+0x52/0x370 [ 1051.719570][T26758] kern_path+0x1d/0x50 [ 1051.719619][T26758] tomoyo_realpath_nofollow+0x87/0xf0 [ 1051.719665][T26758] ? __pfx_tomoyo_realpath_nofollow+0x10/0x10 [ 1051.719710][T26758] ? tomoyo_domain+0xbb/0x150 [ 1051.719768][T26758] ? tomoyo_init_request_info+0x101/0x370 [ 1051.719807][T26758] tomoyo_find_next_domain+0x2a8/0x20b0 [ 1051.719846][T26758] ? __pfx___kernel_read+0x10/0x10 [ 1051.719886][T26758] ? __pfx_tomoyo_find_next_domain+0x10/0x10 [ 1051.719939][T26758] tomoyo_bprm_check_security+0x12e/0x1d0 [ 1051.719992][T26758] ? tomoyo_bprm_check_security+0x120/0x1d0 [ 1051.720047][T26758] security_bprm_check+0x1b9/0x1e0 [ 1051.720086][T26758] bprm_execve+0x810/0x1650 [ 1051.720144][T26758] ? __pfx_bprm_execve+0x10/0x10 [ 1051.720191][T26758] ? __asan_memcpy+0x3c/0x60 [ 1051.720220][T26758] ? copy_string_kernel+0x404/0x4a0 [ 1051.720279][T26758] do_execveat_common.isra.0+0x4a5/0x610 [ 1051.720339][T26758] __x64_sys_execve+0x8e/0xb0 [ 1051.720392][T26758] do_syscall_64+0xcd/0x230 [ 1051.720442][T26758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1051.720476][T26758] RIP: 0033:0x7f4e3d98e969 [ 1051.720503][T26758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1051.720535][T26758] RSP: 002b:00007f4e3e86f038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 1051.720566][T26758] RAX: ffffffffffffffda RBX: 00007f4e3dbb5fa0 RCX: 00007f4e3d98e969 [ 1051.720588][T26758] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 1051.720608][T26758] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1051.720628][T26758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1051.720647][T26758] R13: 0000000000000000 R14: 00007f4e3dbb5fa0 R15: 00007ffe0ae0c8d8 [ 1051.720689][T26758] [ 1051.720897][T26758] ERROR: Out of memory at tomoyo_memory_ok. [ 1052.948088][T23881] Bluetooth: hci3: Unable to find connection for big 0xd2 [ 1053.134009][T26783] ERROR: Out of memory at tomoyo_memory_ok. [ 1053.417882][T26785] netlink: 266 bytes leftover after parsing attributes in process `syz.3.7861'. [ 1054.296187][T26802] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1054.660317][T26811] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1055.043141][T26821] FAULT_INJECTION: forcing a failure. [ 1055.043141][T26821] name failslab, interval 1, probability 0, space 0, times 0 [ 1055.060811][T26821] CPU: 1 UID: 0 PID: 26821 Comm: syz.0.7875 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1055.060867][T26821] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1055.060882][T26821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1055.060902][T26821] Call Trace: [ 1055.060914][T26821] [ 1055.060926][T26821] dump_stack_lvl+0x16c/0x1f0 [ 1055.060977][T26821] should_fail_ex+0x512/0x640 [ 1055.061025][T26821] ? __kmalloc_noprof+0xbf/0x510 [ 1055.061065][T26821] ? snd_midi_event_new+0xa1/0x210 [ 1055.061105][T26821] should_failslab+0xc2/0x120 [ 1055.061146][T26821] __kmalloc_noprof+0xd2/0x510 [ 1055.061192][T26821] snd_midi_event_new+0xa1/0x210 [ 1055.061235][T26821] snd_virmidi_output_open+0x106/0x670 [ 1055.061287][T26821] open_substream+0x478/0x9b0 [ 1055.061350][T26821] rawmidi_open_priv+0x543/0x6e0 [ 1055.061416][T26821] snd_rawmidi_open+0x4cc/0xbf0 [ 1055.061457][T26821] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1055.061492][T26821] ? __pfx_default_wake_function+0x10/0x10 [ 1055.061531][T26821] ? kobject_get_unless_zero+0x156/0x1e0 [ 1055.061587][T26821] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1055.061619][T26821] snd_open+0x1fe/0x450 [ 1055.061661][T26821] ? __pfx_snd_open+0x10/0x10 [ 1055.061701][T26821] chrdev_open+0x231/0x6a0 [ 1055.061736][T26821] ? __pfx_apparmor_file_open+0x10/0x10 [ 1055.061778][T26821] ? __pfx_chrdev_open+0x10/0x10 [ 1055.061818][T26821] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1055.061877][T26821] do_dentry_open+0x741/0x1c10 [ 1055.061913][T26821] ? __pfx_chrdev_open+0x10/0x10 [ 1055.061957][T26821] vfs_open+0x82/0x3f0 [ 1055.062006][T26821] path_openat+0x1e5e/0x2d40 [ 1055.062054][T26821] ? __pfx_path_openat+0x10/0x10 [ 1055.062097][T26821] do_filp_open+0x20b/0x470 [ 1055.062130][T26821] ? __pfx_do_filp_open+0x10/0x10 [ 1055.062195][T26821] ? alloc_fd+0x471/0x7d0 [ 1055.062259][T26821] do_sys_openat2+0x11b/0x1d0 [ 1055.062301][T26821] ? __pfx_do_sys_openat2+0x10/0x10 [ 1055.062370][T26821] __x64_sys_openat+0x174/0x210 [ 1055.062416][T26821] ? __pfx___x64_sys_openat+0x10/0x10 [ 1055.062464][T26821] ? rcu_is_watching+0x12/0xc0 [ 1055.062519][T26821] do_syscall_64+0xcd/0x230 [ 1055.062567][T26821] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1055.062601][T26821] RIP: 0033:0x7f4e3d98e969 [ 1055.062627][T26821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1055.062658][T26821] RSP: 002b:00007f4e3e84e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1055.062688][T26821] RAX: ffffffffffffffda RBX: 00007f4e3dbb6080 RCX: 00007f4e3d98e969 [ 1055.062709][T26821] RDX: 0000000000000001 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1055.062731][T26821] RBP: 00007f4e3da10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1055.062751][T26821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1055.062770][T26821] R13: 0000000000000000 R14: 00007f4e3dbb6080 R15: 00007ffe0ae0c8d8 [ 1055.062811][T26821] [ 1055.374341][T26823] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7876'. [ 1055.387054][T26823] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7876'. [ 1056.712363][T23880] Bluetooth: hci0: command 0x0406 tx timeout [ 1057.530342][T26881] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7897'. [ 1057.569875][T26881] netlink: 354 bytes leftover after parsing attributes in process `syz.2.7897'. [ 1058.082724][T26885] could not allocate digest TFM handle [ 1059.762198][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1059.768811][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1059.836561][T26941] netlink: 330 bytes leftover after parsing attributes in process `syz.0.7920'. [ 1059.915650][T26941] ›: renamed from hsr0 [ 1060.134214][T26947] netlink: 334 bytes leftover after parsing attributes in process `syz.3.7922'. [ 1060.369348][T26955] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7925'. [ 1060.399789][T26955] netlink: 354 bytes leftover after parsing attributes in process `syz.3.7925'. [ 1060.618688][T26957] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1061.186055][T26971] netlink: 342 bytes leftover after parsing attributes in process `syz.4.7932'. [ 1061.203420][T23881] ================================================================== [ 1061.211575][T23881] BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240 [ 1061.219443][T23881] Read of size 140 at addr ffffc9000ded9000 by task kworker/u9:3/23881 [ 1061.227731][T23881] [ 1061.230082][T23881] CPU: 0 UID: 0 PID: 23881 Comm: kworker/u9:3 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1061.230125][T23881] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1061.230137][T23881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1061.230155][T23881] Workqueue: hci0 hci_devcd_rx [ 1061.230192][T23881] Call Trace: [ 1061.230201][T23881] [ 1061.230211][T23881] dump_stack_lvl+0x116/0x1f0 [ 1061.230249][T23881] print_report+0xc3/0x670 [ 1061.230281][T23881] ? __virt_addr_valid+0x5e/0x590 [ 1061.230318][T23881] ? hci_devcd_dump+0x142/0x240 [ 1061.230350][T23881] kasan_report+0xe0/0x110 [ 1061.230382][T23881] ? hci_devcd_dump+0x142/0x240 [ 1061.230428][T23881] kasan_check_range+0xef/0x1a0 [ 1061.230466][T23881] __asan_memcpy+0x23/0x60 [ 1061.230489][T23881] hci_devcd_dump+0x142/0x240 [ 1061.230525][T23881] hci_devcd_rx+0xa25/0x1780 [ 1061.230562][T23881] ? __pfx_hci_devcd_rx+0x10/0x10 [ 1061.230597][T23881] ? debug_object_deactivate+0x1ec/0x3a0 [ 1061.230631][T23881] ? rcu_is_watching+0x12/0xc0 [ 1061.230658][T23881] process_one_work+0x9cc/0x1b70 [ 1061.230706][T23881] ? __pfx_process_one_work+0x10/0x10 [ 1061.230752][T23881] ? assign_work+0x1a0/0x250 [ 1061.230790][T23881] worker_thread+0x6c8/0xf10 [ 1061.230838][T23881] ? __kthread_parkme+0x19e/0x250 [ 1061.230870][T23881] ? __pfx_worker_thread+0x10/0x10 [ 1061.230911][T23881] kthread+0x3c2/0x780 [ 1061.230949][T23881] ? __pfx_kthread+0x10/0x10 [ 1061.230984][T23881] ? __pfx_kthread+0x10/0x10 [ 1061.231020][T23881] ? __pfx_kthread+0x10/0x10 [ 1061.231056][T23881] ? __pfx_kthread+0x10/0x10 [ 1061.231098][T23881] ? rcu_is_watching+0x12/0xc0 [ 1061.231122][T23881] ? __pfx_kthread+0x10/0x10 [ 1061.231160][T23881] ret_from_fork+0x45/0x80 [ 1061.231202][T23881] ? __pfx_kthread+0x10/0x10 [ 1061.231238][T23881] ret_from_fork_asm+0x1a/0x30 [ 1061.231284][T23881] [ 1061.231293][T23881] [ 1061.412835][T23881] The buggy address ffffc9000ded9000 belongs to a vmalloc virtual mapping [ 1061.421342][T23881] Memory state around the buggy address: [ 1061.426980][T23881] ffffc9000ded8f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1061.435057][T23881] ffffc9000ded8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1061.443136][T23881] >ffffc9000ded9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1061.451205][T23881] ^ [ 1061.455284][T23881] ffffc9000ded9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1061.463363][T23881] ffffc9000ded9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1061.471433][T23881] ================================================================== [ 1061.479584][ C0] vkms_vblank_simulate: vblank timer overrun [ 1061.486579][T23881] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1061.493833][T23881] CPU: 0 UID: 0 PID: 23881 Comm: kworker/u9:3 Tainted: G U I 6.15.0-rc5-syzkaller #0 PREEMPT(full) [ 1061.505952][T23881] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND [ 1061.511955][T23881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025 [ 1061.522049][T23881] Workqueue: hci0 hci_devcd_rx [ 1061.526876][T23881] Call Trace: [ 1061.530183][T23881] [ 1061.533134][T23881] dump_stack_lvl+0x3d/0x1f0 [ 1061.537767][T23881] panic+0x71c/0x800 [ 1061.541707][T23881] ? __pfx_panic+0x10/0x10 [ 1061.546155][T23881] ? mark_held_locks+0x49/0x80 [ 1061.550954][T23881] ? preempt_schedule_thunk+0x16/0x30 [ 1061.556362][T23881] ? hci_devcd_dump+0x142/0x240 [ 1061.561238][T23881] ? preempt_schedule_common+0x44/0xc0 [ 1061.566728][T23881] ? check_panic_on_warn+0x1f/0xb0 [ 1061.571876][T23881] ? hci_devcd_dump+0x142/0x240 [ 1061.576752][T23881] check_panic_on_warn+0xab/0xb0 [ 1061.581729][T23881] end_report+0x107/0x170 [ 1061.586085][T23881] kasan_report+0xee/0x110 [ 1061.590526][T23881] ? hci_devcd_dump+0x142/0x240 [ 1061.595405][T23881] kasan_check_range+0xef/0x1a0 [ 1061.600306][T23881] __asan_memcpy+0x23/0x60 [ 1061.604739][T23881] hci_devcd_dump+0x142/0x240 [ 1061.609445][T23881] hci_devcd_rx+0xa25/0x1780 [ 1061.614073][T23881] ? __pfx_hci_devcd_rx+0x10/0x10 [ 1061.619124][T23881] ? debug_object_deactivate+0x1ec/0x3a0 [ 1061.624787][T23881] ? rcu_is_watching+0x12/0xc0 [ 1061.629583][T23881] process_one_work+0x9cc/0x1b70 [ 1061.634575][T23881] ? __pfx_process_one_work+0x10/0x10 [ 1061.639988][T23881] ? assign_work+0x1a0/0x250 [ 1061.644617][T23881] worker_thread+0x6c8/0xf10 [ 1061.649246][T23881] ? __kthread_parkme+0x19e/0x250 [ 1061.654294][T23881] ? __pfx_worker_thread+0x10/0x10 [ 1061.659436][T23881] kthread+0x3c2/0x780 [ 1061.663563][T23881] ? __pfx_kthread+0x10/0x10 [ 1061.668182][T23881] ? __pfx_kthread+0x10/0x10 [ 1061.672805][T23881] ? __pfx_kthread+0x10/0x10 [ 1061.677426][T23881] ? __pfx_kthread+0x10/0x10 [ 1061.682066][T23881] ? rcu_is_watching+0x12/0xc0 [ 1061.686848][T23881] ? __pfx_kthread+0x10/0x10 [ 1061.691480][T23881] ret_from_fork+0x45/0x80 [ 1061.695948][T23881] ? __pfx_kthread+0x10/0x10 [ 1061.700568][T23881] ret_from_fork_asm+0x1a/0x30 [ 1061.705366][T23881] [ 1061.708714][T23881] Kernel Offset: disabled [ 1061.713052][T23881] Rebooting in 86400 seconds..