last executing test programs:

8.617772603s ago: executing program 2 (id=550):
mmap$auto(0x200000000000f400, 0x9, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x4001, 0x0)
recvmmsg$auto(r0, &(0x7f0000000280)={{0x0, 0x1d, &(0x7f0000000180)={&(0x7f0000000100), 0x80000000}, 0x10000, &(0x7f00000001c0)="d7cd776347984e13077263bfd5f9f5abd994085367e723ee8dd0f7dfe8708ad83c9fecd395", 0x962, 0x9}, 0x2e6}, 0x9a, 0x69ac, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0xb8b42, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/hw_params\x00', 0x1c1282, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x0, 0x154)
execveat$auto(r1, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x11000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_short_retry_limit_ops_(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0x8, 0xeb0, 0x401, 0x9)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x106000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
read$auto(r2, 0x0, 0x39b8)
mmap$auto(0x0, 0x2020009, 0x2000000000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x22240, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x102, 0x0)
write$auto(0x3, 0x0, 0x4fffffdf2)
ioctl$auto(0x3, 0x402c542b, 0x38)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0)
read$auto(r3, 0x0, 0x9)

8.324194891s ago: executing program 0 (id=551):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x8000000000000000, 0x15)
mmap$auto(0x0, 0x40008, 0xb3, 0x9b72, 0xffffffffffffffff, 0x28000)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r0, 0x4, 0x7ff)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0xc0010141, 0x400, 0x2}]})
ptrace$auto_PTRACE_GETREGS(0xc, r0, 0x80000000, 0x1)
r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x22800, 0x0)
read$auto(r3, 0x0, 0x1f40)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18"], 0x18}, 0x1, 0x0, 0x0, 0x60040001}, 0x80)
r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000000))
close_range$auto(0x2, 0x8, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/net\x00')
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime$auto(0x0, 0xb746, &(0x7f0000000000)={{0x4d4, 0x2}, {0xfe, 0x4}}, 0x0)
socket(0xa, 0x5, 0x84)
mmap$auto(0x10000000000008a, 0xfffffffffffffffc, 0x6, 0x19, r3, 0x200000000000005)

5.670097384s ago: executing program 2 (id=555):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TCFLSH2(r1, 0x80045439, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto(r0, 0x89f2, r0)

5.266080801s ago: executing program 3 (id=559):
openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000240), 0xa002, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/audio\x00', 0x34cd03, 0x0)
openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/netdevsim3/sriov_numvfs\x00', 0x10b142, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x20000000007, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)

5.162870802s ago: executing program 0 (id=560):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000040)={0x1, 0x0, 0x36, 0x828, 0x9, 0x8000000000000000, 0x9f, 0x7, 0x9, 0x8, 0x2, 0x9, 0x3, 0x8, 0x0, 0x200000000000f, 0x100, 0x1, 0x10001, 0x2cf8}, 0xe3c, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='N\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
setresuid$auto(0x2, 0x7, 0x8080)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

5.057392088s ago: executing program 2 (id=561):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x40, 0x0, 0x2}}, 0x66)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
sendmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x2, 0x0, 0x400}, 0x4}, 0xfff, 0xb07e)

4.768123144s ago: executing program 3 (id=562):
mmap$auto(0x0, 0x2020008, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0x9, 0xe)
r0 = semctl$auto(0x2b0, 0x4, 0x1, 0x800)
r1 = syz_open_procfs$namespace(r0, &(0x7f0000000040)='ns/pid_for_children\x00')
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
unshare$auto(0x8000000)
shmget$auto(0x0, 0x2, 0x8)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
socket(0x2, 0x1, 0x106)
socket(0x1f, 0x2, 0x106)
r2 = socket(0x2b, 0x807, 0x5)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/trace_pipe\x00', 0x0, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYRESHEX=r0], 0x14}, 0x1, 0x0, 0x0, 0x240400c1}, 0x4000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x80800, 0x0)
read$auto(r3, 0x0, 0x39b8)
madvise$auto(0x0, 0x2003f0, 0x15)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D3\x00', 0x2001, 0x0)
r5 = socket(0x1d, 0x2, 0x2)
connect$auto(0x3, &(0x7f0000000180), 0x54)
sendmsg$auto_NL80211_CMD_DISASSOCIATE(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="6c0000007e4bdac92c92110200000000000000e1dc2271b4c423b3a67b7088d4e378", @ANYRES16=0x0, @ANYBLOB="02002abd7000fbdbdf25280000003500fa009aea7b23492654c3fb73763d86a05bf478037c98e5f964298f4e214f6fe91851f6393096dbd10f454ac6616c21e3bdf5810000000400a680040073000800c900020000000800a400000000000400480104005a80"], 0x6c}, 0x1, 0x0, 0x0, 0x24040000}, 0x40084)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000000)={[0x1ff, 0xd5b, 0xc, 0x37, 0x948a, 0x2, 0x15f4da0d, 0x1f, 0x2, 0x300000000000604, 0x40080000001, 0x7, 0x6d3c, 0xc, 0xc8c, 0xffffffffffffffff]}, 0x0)
ioctl$auto(r1, 0x8004b707, 0xffffffffffffffff)
r6 = eventfd$auto(0x0)
write$auto_ecryptfs_miscdev_fops_miscdev(r6, &(0x7f0000000080)="0e7ce00aefee2b52c56b63aaaa4060ae87af5e99aca511c5705f54f2ba4894a6a6fd57733374bf0123ff3c7f08b3815ac49154dd5ccb101a97baca1b45d32de727eafda04d7acb93c44d6baa61e0f683cda5f8703832775a828b9ae005fdd77980b58f826be6ab3e1fff9053bee5e60408e11d8229e088254eafa97c5a13edd99dc57430a09238429fcabc2e63114fcef2d79f693022b6a5ae893d8c76b6643e8199880ec2ab1c94bf6cfd9ae7cd1a1d3c77052978575ea8caed813a79b1b1e6", 0xc0)
r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x0, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r7, 0x4c08, 0x0)
sendmsg$auto_NL80211_CMD_AUTHENTICATE(r2, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f00000009c0)={0x780, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_IE_PROBE_RESP={0x742, 0x7f, "69e3739a28b50db869de51e15d4a0893412975e9e60b141c9e36840cd40f38709f2e4509da70640896a4721fcb1e941953cd033b7a1ad29d8e9557e3ce8b896b5bc6839ed4e23778c1536541e2619e29cf571f4bc84d81cb6c92547d867e6395f9d694b52715bf743bfec19134461a8e71508391d84573e61302b49ad8c50e685e5b85b15e7ad975e27699e77eb9302ac54a2acd16be170106dec7e01e1d2be597d21698964e0cea7c323c076a60ff3bae75b402132996bf91a484afcda64c23c44119dbb32c04cc9ac2ffb2ab34a874d953200fbbffef82d5f2f919a7960186d57394bed49c39d03bc390bf00b8cefb080d4153afac1891485a3e67d21c6a1e6734ca806825114d7b3b8a186010328ae691200d77371bad61f6944d3c7054f89ae05b67ecd43847ca2c3b6950d305ce8c6eeb2664fe4d170fab22cdaf89df447815338e567952449291f8f63a3982e074d812f866800d0183e0b2fec2d5081275d4692ade5f535b0b698d7e88431ab3d70982003a3a662729e4bf375ed53d0a82d31205f77ade6ef3ad614c1314f82521c888522a0b94b72dd5e992b077b08d1df553991450a7a07bde153e1e1c46ddd0d885e2af1cce81d7a069448828aa746a89db621cb3864d00b998ebdf63e30e460379afccd4891d17a7d49bd50eba017c8fe8573d984ab89e92dc6726cc035f928e914f2c3caa2b00a9ac14be53a948ea5bce24f4d15059a9086bb4e3e7029b9d198cf8a8e8df788692bafb147e52f5da9dafe469a8d26e0dd114bd8f4a613dc73f6e7d7c68506d1719b788f01303cc30f2a8dec42a4ad2eee863090b7fd3f4c6ac88b992be1f7583f7e7f95f004fecc4e8723aae743977dfd4c20f48cb68493beabe4f35f37cf2928f75628dc0b3b9e11c135c719e43fccb9b048b55f3ee91d7850f8c20c9176c034b9130d79c7f54eca4665d346284560b9216ccf34ea07fe53c401ce6961b1432d05b9cbc82b13fb4658eacf76e900a7f99329e8aa3b71bc4ee1bb3a7909a994fb45371b1eecb416acbb5d72aa5496c94b08f52540639804ba65cfe15559951966672fb8551b19b32a827289e3827275e3cb11774be8f58be9e5ee24e8b91e2fd2eb7395b300ac6ddb6f44025acb47a3b85446530bdf22c48fbac6be4592ba76107eabb5391d136b05cfd421ab5398c31a8d8b741bf0e0cd97245588bdcbb922c2c4f3526759e3a29902df1dea30b9bb10d104709918b357de4f5ea71c9219a6d7322fe809dc303299652aa246e3b461ecdf8c535938f4027cc42775bbeb652a7ed68b314353866a60a146506720ea9fefc42cb6a5a7df42cfe9dcdde41630737bd90d9a1fc6115544e661f7c3af2267dc04ee3dfd73588493665c8e75e96b9ef3fd19173c8ad3aeed7f3122d86ff8d47b1006785a913ed09f31ddfe3bf5c77417d433fca059356759f40714ebdf5152faba49117cb2f8273b78bd6446dbafec7c7813a401f32fae299007a96d5d8919b951a969c3e3e51c95666c014afcacb210f211a73eabf6fbb3152ea032e11c9393d6f108757f063c441ab2a7fc5e03936debc970beb07f867a8973a29db36659a98e0331d28103b54b688d5d9be1c922d6b0924c65c8666d22dc95f9243372f6c8231b249e1db8b429814ce1374dc535fd656e9d93960bf32d0ab06a2a591a43a0bf77433e72afe132ec4a62426e891a1e5f5a1ccb94641dc9f384b4117b942dcf9cdd9a409459c00129e9b13f82c84b6f322dca4929017a55c93d7662a5a6155f3ca2784625985c0fe6414dc45f202d9d9e1d80305fdff91705152416815680a5849378e6b847992b6bb26086ad128e58a486114c90be4e701648345d4783a97fa650cdef73af7e8fd4ca80b306e2846ef07cb846880a81c7f2e90665e1b5e7cb0627520ad6a0b161830673f9d7fa730ac39f56239f2220ceb6a4a63a6ec3e76e7f531559a44c597c58be6c5bbbd339452d13b6327eeeef248f6ae828d38571871d139e1b988cf627f99adb8bdeb9937573d84431a188be740da2f844d000dfb388e98a8e8453a32782836e35d38bdd18a411de9d122538f401fa34a30c1999fb12dff3358eec425d189a91463b226b6fff74d77680c6f3352bdc20a4e3e4b52afb8587033d3b8e4e7d4ef961d7d024fbea7de5cbdc90090d4636a87eaeef1fe1ca54b3280f929fd2e3d2f94a4704d269a31eb33ef81d9c7f9d53861fa914fe8336e27384a51551b4dca4be1db8e6779698bd9d48b3229cedc107a2e0bbeb6d946568c749855899b3a5e1150c2d65cdcbff02c7bb303dfaa568a7f2534b2ae53d53d50c192bb66d997c2aeb71da5b406f72235508895265f984021bb9e4c58c9aee96d7aa178b84459090b5d4c595967398b4424a0284401b4699cdbca8724d6a668c5dc337dddcd936a59f4648636ecb7cf9983afe1ade3cab252121ac3d356b1bd5e45fa0d76091815f96167c3ef04a9d5f35cbabfc0f2ee311bed4c921ea9e8b1402f52f34f074820d137e6a19e21a8989291d0f3058890ee769527c1b70d4632dac687bbdc2f547b88916f7c8fd6f4bd710479c2d5c836797e474de74c46f374d6f5788c81eb6594e8308e7e47420b1013bac9"}, @NL80211_ATTR_WIPHY_COVERAGE_CLASS={0x5, 0x59, 0x8}, @NL80211_ATTR_TWT_RESPONDER={0x4}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_FILS_KEK={0xd, 0xf2, "7298e7faec8c9f7966"}, @NL80211_ATTR_MAX_HW_TIMESTAMP_PEERS={0x6, 0x143, 0x13e4}]}, 0x780}, 0x1, 0x0, 0x0, 0x40}, 0x4040851)

4.767939688s ago: executing program 0 (id=563):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x2060009, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
rt_sigaction$auto(0x1, 0x0, 0x0, 0x8)

4.748118779s ago: executing program 1 (id=564):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8400)
prlimit64$auto(0x0, 0x803, &(0x7f00000001c0)={0x4, 0x6}, &(0x7f0000000240)={0xd, 0x7})
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/manager\x00', 0x40802, 0x0)
pread64$auto(r0, 0x0, 0xffff, 0xa)

4.55584965s ago: executing program 1 (id=565):
mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TCFLSH2(r1, 0x80045439, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
ioctl$auto(r0, 0x8925, r0)

4.504319075s ago: executing program 2 (id=566):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r0, 0x4, 0x7ff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb3/threaded\x00', 0x8a801, 0x0)
write$auto(r1, &(0x7f0000000040)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
unshare$auto(0x40000080)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1c1282, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000280)=""/65, 0x41)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap$auto(0x81, 0x10000, 0x8000, 0xeb1, r2, 0x7ffc)
ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8)
madvise$auto(0x0, 0x200007, 0x19)
syz_clone3(0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
futex_wait$auto(0x0, 0x0, 0x7f, 0x2, 0x0, 0x1)
futex_wake$auto(0x0, 0x6, 0xfffffffa, 0x6)
sysfs$auto(0x2, 0x23, 0x0)
r4 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r4, 0x0, 0x4)

3.967195154s ago: executing program 1 (id=567):
mmap$auto(0x6, 0x2020009, 0x3, 0x11, 0xfffffffffffffffa, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x3a3c02, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x10004)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x0, 0x7, 0x3fd6, 0x0, 0x1ffffffe)

3.149796843s ago: executing program 3 (id=568):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000080)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0xbb, 0x0, 0x8, &(0x7f0000000040), 0x81, 0x9}, 0xfffffffb}, 0x5, 0x6586, 0x0)
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10001}, 0x80)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2.774966922s ago: executing program 1 (id=569):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x8000000000000000, 0x15)
mmap$auto(0x0, 0x40008, 0xb3, 0x9b72, 0xffffffffffffffff, 0x28000)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r0, 0x4, 0x7ff)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0xc0010141, 0x400, 0x2}]})
ptrace$auto_PTRACE_GETREGS(0xc, r0, 0x80000000, 0x1)
r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x22800, 0x0)
read$auto(r3, 0x0, 0x1f40)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18"], 0x18}, 0x1, 0x0, 0x0, 0x60040001}, 0x80)
r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000000))
close_range$auto(0x2, 0x8, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/net\x00')
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime$auto(0x0, 0xb746, &(0x7f0000000000)={{0x4d4, 0x2}, {0xfe, 0x4}}, 0x0)
socket(0xa, 0x5, 0x84)
mmap$auto(0x10000000000008a, 0xfffffffffffffffc, 0x6, 0x19, r3, 0x200000000000005)

2.303624034s ago: executing program 3 (id=570):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000100)='/proc/kpageflags\x00', 0x2, 0x0)
socket(0xa, 0x2, 0x3a)
read$auto(0x3, 0x0, 0x80)
r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5)
ioctl$auto(r0, 0x4008af03, r0)

1.805662559s ago: executing program 3 (id=571):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x3498c2, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0x4b564d06, 0xe3, 0x80}]})

1.748047572s ago: executing program 0 (id=572):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/ip_forward\x00', 0x2002, 0x0)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x26, 0x80805, 0x0)
clone$auto(0x20003b46, 0x3a, 0x0, 0x0, 0x2)
fcntl$auto(0x3, 0x400, 0x9ec0000000000000)
fcntl$auto(0x3, 0x400, 0x2)

1.651230538s ago: executing program 2 (id=573):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x8)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
setsockopt$auto_SO_OOBINLINE(r1, 0x3, 0xa, &(0x7f0000000140)='&\x00', 0x1d6)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x1, 0x0, 0x0, &(0x7f00000002c0)={[0x100000001, 0xfffffffffffffbff, 0xd, 0x1000001, 0x20009489, 0x3, 0x2, 0x5, 0x1, 0xb8, 0x7ffffffe, 0x3, 0x10000000006d3d, 0xa, 0x2, 0xfffffffffffffffa]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/deo1\x00\x00\x00\x00\x00\x00\x00', 0x100000a3d9)
socket(0x25, 0x1, 0x0)
setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa)
mlockall$auto(0x5)
rt_sigprocmask$auto(0x26, &(0x7f0000000040)={0x80000000}, &(0x7f0000000080)={0x9}, 0x8)
sendmsg$auto_OVS_DP_CMD_GET(0xffffffffffffffff, 0x0, 0x40c0)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffdcb, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x200040c4}, 0x440c5)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x38, 0x100000001, 0xffffffff, 0x0, 0x0, 0x0, 0x1000000006, 0x10001, 0x7, 0x400, 0x7ffffffb, 0x5, 0xffffffff80000000, 0x5, 0x61, 0x103})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})
setsockopt$auto(0x3, 0x6a, 0x7, 0xffffffffffffffff, 0x3)
r3 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r3, 0x0, 0x1ff)
mmap$auto(0xfffffffffffffffc, 0x6, 0x100, 0x17, 0x2, 0x7fff)
close_range$auto(0x2, 0x8, 0x0)
write$auto(r0, &(0x7f0000000100)='/dev/net/tun\x00', 0x4128)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)

1.016463318s ago: executing program 0 (id=574):
ioctl$auto(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
unshare$auto(0x40000080)
socket(0x22, 0x1, 0x80000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x85, 0x0)
ioctl$auto(0x4000000000000c8, 0x400454d9, 0x3)

859.918498ms ago: executing program 1 (id=575):
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/zoneinfo\x00', 0x10b402, 0x0)
mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000)
openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/mem\x00', 0x0, 0x0)
madvise$auto_MADV_HUGEPAGE(0x0, 0x80000001, 0xe)
readv$auto(0x3, &(0x7f0000000040)={0x0, 0x36a}, 0x6)
mprotect$auto(0x1000, 0x400000, 0x4)

624.151324ms ago: executing program 3 (id=576):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x8)

268.355678ms ago: executing program 1 (id=577):
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0)
umount2$auto(&(0x7f0000000040)='.\x00', 0x4)
umount2$auto(&(0x7f0000000000)='.\x00', 0x4)

161.993537ms ago: executing program 2 (id=578):
r0 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000006900)='/sys/kernel/config/target/dbroot\x00', 0x189002, 0x0)
write$auto(r0, &(0x7f0000000040)='/sys/kernel/config/target/dbroot\x00', 0x6e)
write$auto(r0, &(0x7f0000000000)='/dev/audio1\x00', 0x4)

0s ago: executing program 0 (id=579):
socket(0x2d, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto(0x3, 0x89e2, 0x91)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.92' (ED25519) to the list of known hosts.
[   87.439199][ T5824] cgroup: Unknown subsys name 'net'
[   87.567275][ T5824] cgroup: Unknown subsys name 'cpuset'
[   87.576834][ T5824] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   89.535321][ T5824] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   91.689239][ T5836] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   91.704168][ T5836] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   91.713819][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   91.733458][ T5836] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   91.741385][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   91.772787][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   91.784278][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   91.795390][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   91.805307][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   91.814300][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   91.851151][ T5838] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   91.860397][ T5838] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   91.868464][ T5838] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   91.877931][ T5838] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   91.887880][ T5845] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   91.933290][ T5845] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   91.966292][ T5157] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   91.983460][ T5157] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   91.993490][ T5157] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   92.003046][ T5157] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   92.523548][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   92.716623][ T5837] chnl_net:caif_netlink_parms(): no params data found
[   92.780901][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.790045][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.798128][ T5833] bridge_slave_0: entered allmulticast mode
[   92.807127][ T5833] bridge_slave_0: entered promiscuous mode
[   92.862372][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.869612][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.877540][ T5833] bridge_slave_1: entered allmulticast mode
[   92.885678][ T5833] bridge_slave_1: entered promiscuous mode
[   92.971440][ T5842] chnl_net:caif_netlink_parms(): no params data found
[   93.007715][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.020870][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.089647][ T5841] chnl_net:caif_netlink_parms(): no params data found
[   93.113416][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.120630][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.128404][ T5837] bridge_slave_0: entered allmulticast mode
[   93.135732][ T5837] bridge_slave_0: entered promiscuous mode
[   93.147533][ T5833] team0: Port device team_slave_0 added
[   93.166029][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.173363][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.180667][ T5837] bridge_slave_1: entered allmulticast mode
[   93.188351][ T5837] bridge_slave_1: entered promiscuous mode
[   93.212763][ T5833] team0: Port device team_slave_1 added
[   93.280941][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.325301][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.335797][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.342788][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.369135][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.414368][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.421449][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.450143][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.466864][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.474495][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.481677][ T5842] bridge_slave_0: entered allmulticast mode
[   93.489103][ T5842] bridge_slave_0: entered promiscuous mode
[   93.531682][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.539340][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.547900][ T5842] bridge_slave_1: entered allmulticast mode
[   93.556392][ T5842] bridge_slave_1: entered promiscuous mode
[   93.566976][ T5837] team0: Port device team_slave_0 added
[   93.619534][ T5837] team0: Port device team_slave_1 added
[   93.644354][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.670912][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.678203][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.689781][ T5841] bridge_slave_0: entered allmulticast mode
[   93.697161][ T5841] bridge_slave_0: entered promiscuous mode
[   93.720013][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.754081][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.761310][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.770151][ T5841] bridge_slave_1: entered allmulticast mode
[   93.774748][ T5157] Bluetooth: hci0: command tx timeout
[   93.779461][ T5841] bridge_slave_1: entered promiscuous mode
[   93.789544][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0
[   93.796887][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.823098][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   93.836265][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1
[   93.843412][ T5157] Bluetooth: hci1: command tx timeout
[   93.843867][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   93.875570][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   93.906862][ T5833] hsr_slave_0: entered promiscuous mode
[   93.913967][ T5833] hsr_slave_1: entered promiscuous mode
[   93.960618][ T5842] team0: Port device team_slave_0 added
[   93.969434][ T5842] team0: Port device team_slave_1 added
[   93.979933][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.003559][ T5157] Bluetooth: hci2: command tx timeout
[   94.036475][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.063825][ T5837] hsr_slave_0: entered promiscuous mode
[   94.070307][ T5837] hsr_slave_1: entered promiscuous mode
[   94.076818][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.085076][ T5837] Cannot create hsr debugfs directory
[   94.093694][ T5157] Bluetooth: hci3: command tx timeout
[   94.136664][ T5841] team0: Port device team_slave_0 added
[   94.161384][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.169284][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.196194][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.210040][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.217303][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.243875][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.265460][ T5841] team0: Port device team_slave_1 added
[   94.398292][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.405650][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.432915][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.470983][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.478069][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.505381][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.537151][ T5842] hsr_slave_0: entered promiscuous mode
[   94.544399][ T5842] hsr_slave_1: entered promiscuous mode
[   94.550653][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.558407][ T5842] Cannot create hsr debugfs directory
[   94.699054][ T5841] hsr_slave_0: entered promiscuous mode
[   94.706155][ T5841] hsr_slave_1: entered promiscuous mode
[   94.712321][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.720088][ T5841] Cannot create hsr debugfs directory
[   94.981380][ T5837] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   94.995739][ T5837] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   95.022955][ T5837] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   95.035366][ T5837] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   95.135839][ T5842] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   95.152882][ T5842] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   95.168711][ T5842] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   95.182991][ T5842] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   95.271540][ T5833] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   95.318036][ T5833] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   95.330887][ T5833] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   95.342768][ T5833] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   95.457589][ T5841] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   95.487792][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.495248][ T5841] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   95.509254][ T5841] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   95.535877][ T5841] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   95.612985][ T5837] 8021q: adding VLAN 0 to HW filter on device team0
[   95.650738][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.658120][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.698686][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.705920][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.732137][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.812854][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[   95.852298][ T5157] Bluetooth: hci0: command tx timeout
[   95.860436][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.867612][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.882799][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.907449][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.914649][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.923669][ T5157] Bluetooth: hci1: command tx timeout
[   95.935718][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.991693][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   96.051973][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.059690][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.082253][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.089528][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.097370][ T5157] Bluetooth: hci2: command tx timeout
[   96.112165][ T5841] 8021q: adding VLAN 0 to HW filter on device team0
[   96.163633][ T5157] Bluetooth: hci3: command tx timeout
[   96.168057][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.176323][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   96.256474][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.263738][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   96.429074][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.622665][ T5837] veth0_vlan: entered promiscuous mode
[   96.682759][ T5837] veth1_vlan: entered promiscuous mode
[   96.789929][ T5837] veth0_macvtap: entered promiscuous mode
[   96.841673][ T5837] veth1_macvtap: entered promiscuous mode
[   96.879291][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.922044][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.955544][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.999446][ T5837] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.011176][ T5837] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.020244][ T5837] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.029963][ T5837] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.055656][ T1219] cfg80211: failed to load regulatory.db
[   97.168208][ T5842] veth0_vlan: entered promiscuous mode
[   97.198307][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.215151][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0
[   97.238829][ T5842] veth1_vlan: entered promiscuous mode
[   97.361853][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.378802][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.421399][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.437947][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.462604][ T5833] veth0_vlan: entered promiscuous mode
[   97.517168][ T5833] veth1_vlan: entered promiscuous mode
[   97.546208][ T5841] veth0_vlan: entered promiscuous mode
[   97.559832][ T5842] veth0_macvtap: entered promiscuous mode
[   97.586428][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   97.591723][ T5842] veth1_macvtap: entered promiscuous mode
[   97.634377][ T5841] veth1_vlan: entered promiscuous mode
[   97.677119][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.705517][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.749033][ T5842] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.780743][ T5842] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.791418][ T5842] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.806621][ T5842] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.830034][ T5841] veth0_macvtap: entered promiscuous mode
[   97.869493][ T5833] veth0_macvtap: entered promiscuous mode
[   97.890838][ T5841] veth1_macvtap: entered promiscuous mode
[   97.924460][ T5157] Bluetooth: hci0: command tx timeout
[   97.989092][ T5833] veth1_macvtap: entered promiscuous mode
[   98.003650][ T5157] Bluetooth: hci1: command tx timeout
[   98.103787][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.163898][ T5157] Bluetooth: hci2: command tx timeout
[   98.177372][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.211285][   T78] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.231497][   T78] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.247030][ T5157] Bluetooth: hci3: command tx timeout
[   98.270467][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   98.285714][ T5841] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.295648][ T5841] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.306335][ T5841] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.316395][ T5841] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.398262][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   98.418658][ T5833] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.427832][ T5833] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.438765][ T5833] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.449679][ T5833] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.464387][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.472279][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.783842][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.801058][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.946011][   T78] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.967127][   T78] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.994115][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.014223][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.064721][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.094048][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.333620][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   99.416046][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   99.483666][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  100.003623][ T5157] Bluetooth: hci0: command tx timeout
[  100.083785][ T5157] Bluetooth: hci1: command tx timeout
[  100.232963][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  100.244371][ T5157] Bluetooth: hci2: command tx timeout
[  100.325301][ T5157] Bluetooth: hci3: command tx timeout

syzkaller
syzkaller login: [  102.366119][ T5975] netlink: 8 bytes leftover after parsing attributes in process `syz.2.24'.
[  103.384586][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  103.393106][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  104.053710][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  104.055443][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  104.057772][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  104.058587][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  104.177250][ T5992] netlink: 'syz.0.26': attribute type 11 has an invalid length.
[  104.177415][ T5992] netlink: 'syz.0.26': attribute type 11 has an invalid length.
[  104.177447][ T5992] netlink: 'syz.0.26': attribute type 11 has an invalid length.
[  104.351544][ T5996] FAULT_INJECTION: forcing a failure.
[  104.351544][ T5996] name failslab, interval 1, probability 0, space 0, times 1
[  104.351606][ T5996] CPU: 1 UID: 0 PID: 5996 Comm: syz.3.29 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  104.351629][ T5996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.351639][ T5996] Call Trace:
[  104.351645][ T5996]  <TASK>
[  104.351652][ T5996]  dump_stack_lvl+0x16c/0x1f0
[  104.351688][ T5996]  should_fail_ex+0x512/0x640
[  104.351708][ T5996]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  104.351741][ T5996]  should_failslab+0xc2/0x120
[  104.351759][ T5996]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  104.351790][ T5996]  ? sysctl_core_net_init+0x42/0x280
[  104.351820][ T5996]  kmemdup_noprof+0x29/0x60
[  104.351848][ T5996]  sysctl_core_net_init+0x42/0x280
[  104.351873][ T5996]  ? __pfx_sysctl_core_net_init+0x10/0x10
[  104.351898][ T5996]  ops_init+0x1df/0x5f0
[  104.351919][ T5996]  setup_net+0x1ff/0x510
[  104.351936][ T5996]  ? lockdep_init_map_type+0x5c/0x280
[  104.351961][ T5996]  ? __pfx_setup_net+0x10/0x10
[  104.351981][ T5996]  ? debug_mutex_init+0x37/0x70
[  104.352001][ T5996]  copy_net_ns+0x2a6/0x5f0
[  104.352024][ T5996]  create_new_namespaces+0x3ea/0xa90
[  104.352049][ T5996]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  104.352070][ T5996]  ksys_unshare+0x45b/0xa40
[  104.352095][ T5996]  ? __pfx_ksys_unshare+0x10/0x10
[  104.352120][ T5996]  ? xfd_validate_state+0x61/0x180
[  104.352150][ T5996]  __x64_sys_unshare+0x31/0x40
[  104.352173][ T5996]  do_syscall_64+0xcd/0x490
[  104.352192][ T5996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.352210][ T5996] RIP: 0033:0x7f9d69d8e969
[  104.352224][ T5996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.352241][ T5996] RSP: 002b:00007f9d6ab8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  104.352258][ T5996] RAX: ffffffffffffffda RBX: 00007f9d69fb6080 RCX: 00007f9d69d8e969
[  104.352269][ T5996] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  104.352279][ T5996] RBP: 00007f9d69e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  104.352289][ T5996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  104.352306][ T5996] R13: 0000000000000000 R14: 00007f9d69fb6080 R15: 00007ffcde9e5788
[  104.352328][ T5996]  </TASK>
[  104.591920][ T5992] hub 8-0:1.0: USB hub found
[  104.592276][ T5992] hub 8-0:1.0: 1 port detected
[  104.909782][ T5986] WARNING! power/level is deprecated; use power/control instead
[  106.379033][ T6016] FAULT_INJECTION: forcing a failure.
[  106.379033][ T6016] name failslab, interval 1, probability 0, space 0, times 0
[  106.409301][ T6016] CPU: 1 UID: 0 PID: 6016 Comm: syz.0.32 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  106.409342][ T6016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  106.409360][ T6016] Call Trace:
[  106.409370][ T6016]  <TASK>
[  106.409382][ T6016]  dump_stack_lvl+0x16c/0x1f0
[  106.409435][ T6016]  should_fail_ex+0x512/0x640
[  106.409466][ T6016]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  106.409516][ T6016]  should_failslab+0xc2/0x120
[  106.409546][ T6016]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  106.409590][ T6016]  ? d_instantiate+0x77/0x90
[  106.409616][ T6016]  ? alloc_empty_file+0x55/0x1e0
[  106.409652][ T6016]  alloc_empty_file+0x55/0x1e0
[  106.409686][ T6016]  alloc_file_pseudo+0x13a/0x230
[  106.409722][ T6016]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  106.409757][ T6016]  ? alloc_fd+0x471/0x7d0
[  106.409800][ T6016]  __anon_inode_getfile+0xf7/0x3a0
[  106.409850][ T6016]  anon_inode_getfile_fmode+0x37/0xa0
[  106.409891][ T6016]  do_eventfd+0x19b/0x2c0
[  106.409915][ T6016]  ? rcu_is_watching+0x12/0xc0
[  106.409947][ T6016]  __x64_sys_eventfd+0x32/0x50
[  106.409975][ T6016]  do_syscall_64+0xcd/0x490
[  106.410007][ T6016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.410049][ T6016] RIP: 0033:0x7fb3fbf8e969
[  106.410075][ T6016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.410104][ T6016] RSP: 002b:00007fb3fcdbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c
[  106.410135][ T6016] RAX: ffffffffffffffda RBX: 00007fb3fc1b5fa0 RCX: 00007fb3fbf8e969
[  106.410154][ T6016] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  106.410172][ T6016] RBP: 00007fb3fc010ab1 R08: 0000000000000000 R09: 0000000000000000
[  106.410189][ T6016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  106.410207][ T6016] R13: 0000000000000000 R14: 00007fb3fc1b5fa0 R15: 00007ffc949a5298
[  106.410246][ T6016]  </TASK>
[  106.604993][    C1] vkms_vblank_simulate: vblank timer overrun
[  107.309100][ T6013] Invalid ELF header magic: != ELF
[  107.399138][ T6004] kAFS: Invalid Command on /proc/fs/afs/cells file
[  107.938107][ T6018] Console: switching to colour VGA+ 80x25
[  109.512371][ T6053] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(5.0.1), cmd(5)
[  110.058962][ T6061] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  112.148265][ T6090] XFS: Clearing xfsstats
[  112.759828][ T6086] [U] 
[  113.460614][ T6106] netlink: 28 bytes leftover after parsing attributes in process `syz.0.59'.
[  113.541166][ T6112] nfs4: Unknown parameter '€
'
[  113.606034][ T6120] ptp ptp0: new virtual clock ptp1
[  113.645519][ T6120] ptp ptp0: new virtual clock ptp2
[  113.705135][ T6120] ptp ptp0: new virtual clock ptp3
[  113.710431][ T6120] ptp ptp0: guarantee physical clock free running
[  113.895586][ T6106] Zero length message leads to an empty skb
[  114.930597][ T6157] dyndbg: bad flag-op , at start of 
[  114.961938][ T6157] dyndbg: flags parse failed
[  115.728812][ T6165] zswap: compressor  not available
[  116.750602][ T5157] Bluetooth: hci2: Malformed Event: 0x2f
[  117.963650][ T6217] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5
[  118.443525][ T6220] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6
[  120.570423][ T6252] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  121.578084][ T6275] FAULT_INJECTION: forcing a failure.
[  121.578084][ T6275] name failslab, interval 1, probability 0, space 0, times 0
[  121.591155][ T6275] CPU: 1 UID: 0 PID: 6275 Comm: syz.0.101 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  121.591197][ T6275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  121.591214][ T6275] Call Trace:
[  121.591224][ T6275]  <TASK>
[  121.591236][ T6275]  dump_stack_lvl+0x16c/0x1f0
[  121.591290][ T6275]  should_fail_ex+0x512/0x640
[  121.591322][ T6275]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  121.591368][ T6275]  should_failslab+0xc2/0x120
[  121.591397][ T6275]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  121.591441][ T6275]  ? __d_alloc+0x31/0xaa0
[  121.591472][ T6275]  __d_alloc+0x31/0xaa0
[  121.591503][ T6275]  d_alloc_pseudo+0x1c/0xc0
[  121.591538][ T6275]  alloc_file_pseudo+0xcf/0x230
[  121.591574][ T6275]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  121.591610][ T6275]  ? alloc_fd+0x471/0x7d0
[  121.591655][ T6275]  __anon_inode_getfile+0xf7/0x3a0
[  121.591706][ T6275]  anon_inode_getfile_fmode+0x37/0xa0
[  121.591753][ T6275]  do_eventfd+0x19b/0x2c0
[  121.591778][ T6275]  ? rcu_is_watching+0x12/0xc0
[  121.591810][ T6275]  __x64_sys_eventfd+0x32/0x50
[  121.591840][ T6275]  do_syscall_64+0xcd/0x490
[  121.591872][ T6275]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.591911][ T6275] RIP: 0033:0x7fb3fbf8e969
[  121.591936][ T6275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.591964][ T6275] RSP: 002b:00007fb3fcdbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c
[  121.591992][ T6275] RAX: ffffffffffffffda RBX: 00007fb3fc1b5fa0 RCX: 00007fb3fbf8e969
[  121.592012][ T6275] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  121.592030][ T6275] RBP: 00007fb3fc010ab1 R08: 0000000000000000 R09: 0000000000000000
[  121.592047][ T6275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  121.592065][ T6275] R13: 0000000000000000 R14: 00007fb3fc1b5fa0 R15: 00007ffc949a5298
[  121.592111][ T6275]  </TASK>
[  123.603690][ T6308] syz.0.112 (6308): /proc/6307/oom_adj is deprecated, please use /proc/6307/oom_score_adj instead.
[  125.299399][ T6335] netlink: 330 bytes leftover after parsing attributes in process `syz.3.118'.
[  125.385203][ T6335] ›: renamed from hsr0 (while UP)
[  125.655280][ T6346] FAULT_INJECTION: forcing a failure.
[  125.655280][ T6346] name failslab, interval 1, probability 0, space 0, times 0
[  125.686157][ T6346] CPU: 1 UID: 0 PID: 6346 Comm: syz.1.121 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  125.686205][ T6346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  125.686222][ T6346] Call Trace:
[  125.686232][ T6346]  <TASK>
[  125.686244][ T6346]  dump_stack_lvl+0x16c/0x1f0
[  125.686298][ T6346]  should_fail_ex+0x512/0x640
[  125.686331][ T6346]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  125.686374][ T6346]  should_failslab+0xc2/0x120
[  125.686405][ T6346]  __kmalloc_cache_noprof+0x6a/0x3e0
[  125.686447][ T6346]  ? mark_held_locks+0x49/0x80
[  125.686485][ T6346]  ? rfkill_fop_open+0x1b6/0x750
[  125.686534][ T6346]  rfkill_fop_open+0x1b6/0x750
[  125.686581][ T6346]  ? __pfx_rfkill_fop_open+0x10/0x10
[  125.686622][ T6346]  misc_open+0x35d/0x420
[  125.686675][ T6346]  ? __pfx_misc_open+0x10/0x10
[  125.686722][ T6346]  chrdev_open+0x234/0x6a0
[  125.686750][ T6346]  ? __pfx_apparmor_file_open+0x10/0x10
[  125.686797][ T6346]  ? __pfx_chrdev_open+0x10/0x10
[  125.686829][ T6346]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  125.686879][ T6346]  do_dentry_open+0x741/0x1c10
[  125.686935][ T6346]  ? __pfx_chrdev_open+0x10/0x10
[  125.686969][ T6346]  vfs_open+0x82/0x3f0
[  125.687009][ T6346]  path_openat+0x1de4/0x2cb0
[  125.687069][ T6346]  ? __pfx_path_openat+0x10/0x10
[  125.687116][ T6346]  ? __lock_acquire+0xb8a/0x1c90
[  125.687161][ T6346]  do_filp_open+0x20b/0x470
[  125.687207][ T6346]  ? __pfx_do_filp_open+0x10/0x10
[  125.687285][ T6346]  ? alloc_fd+0x471/0x7d0
[  125.687341][ T6346]  do_sys_openat2+0x11b/0x1d0
[  125.687377][ T6346]  ? __pfx_do_sys_openat2+0x10/0x10
[  125.687430][ T6346]  __x64_sys_openat+0x174/0x210
[  125.687467][ T6346]  ? __pfx___x64_sys_openat+0x10/0x10
[  125.687521][ T6346]  do_syscall_64+0xcd/0x490
[  125.687556][ T6346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.687587][ T6346] RIP: 0033:0x7f21cd78e969
[  125.687613][ T6346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.687641][ T6346] RSP: 002b:00007f21cb5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  125.687672][ T6346] RAX: ffffffffffffffda RBX: 00007f21cd9b5fa0 RCX: 00007f21cd78e969
[  125.687691][ T6346] RDX: 0000000000080480 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  125.687710][ T6346] RBP: 00007f21cd810ab1 R08: 0000000000000000 R09: 0000000000000000
[  125.687728][ T6346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  125.687745][ T6346] R13: 0000000000000000 R14: 00007f21cd9b5fa0 R15: 00007ffd44d199b8
[  125.687787][ T6346]  </TASK>
[  126.070943][ T6339] zswap: compressor  not available
[  126.172934][ T6349] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  127.298270][ T6375] netlink: 326 bytes leftover after parsing attributes in process `syz.2.131'.
[  127.990196][ T6379] FAULT_INJECTION: forcing a failure.
[  127.990196][ T6379] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  128.033297][ T6379] CPU: 0 UID: 0 PID: 6379 Comm: syz.2.133 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  128.033343][ T6379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  128.033360][ T6379] Call Trace:
[  128.033370][ T6379]  <TASK>
[  128.033381][ T6379]  dump_stack_lvl+0x16c/0x1f0
[  128.033433][ T6379]  should_fail_ex+0x512/0x640
[  128.033472][ T6379]  should_fail_alloc_page+0xe7/0x130
[  128.033505][ T6379]  prepare_alloc_pages+0x3c2/0x610
[  128.033539][ T6379]  ? rcu_is_watching+0x12/0xc0
[  128.033573][ T6379]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  128.033623][ T6379]  ? stack_trace_save+0x8e/0xc0
[  128.033653][ T6379]  ? __pfx_stack_trace_save+0x10/0x10
[  128.033685][ T6379]  ? stack_depot_save_flags+0x28/0xa40
[  128.033721][ T6379]  ? __kernel_text_address+0xd/0x40
[  128.033772][ T6379]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  128.033825][ T6379]  ? __lock_acquire+0x622/0x1c90
[  128.033872][ T6379]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.033914][ T6379]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  128.033959][ T6379]  ? policy_nodemask+0xea/0x4e0
[  128.033992][ T6379]  alloc_pages_mpol+0x1fb/0x550
[  128.034024][ T6379]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  128.034065][ T6379]  alloc_pages_noprof+0x131/0x390
[  128.034096][ T6379]  alloc_pages_exact_noprof+0x37/0xe0
[  128.034131][ T6379]  ? __asan_memset+0x23/0x50
[  128.034168][ T6379]  snd_pcm_attach_substream+0x4bb/0xd60
[  128.034218][ T6379]  snd_pcm_open_substream+0x8d/0x17f0
[  128.034256][ T6379]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  128.034302][ T6379]  snd_pcm_oss_open+0x735/0x1400
[  128.034346][ T6379]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  128.034377][ T6379]  ? __lock_acquire+0xb8a/0x1c90
[  128.034408][ T6379]  ? __pfx_default_wake_function+0x10/0x10
[  128.034436][ T6379]  ? __lock_acquire+0xb8a/0x1c90
[  128.034475][ T6379]  ? do_raw_spin_lock+0x12c/0x2b0
[  128.034514][ T6379]  ? soundcore_open+0x35a/0x580
[  128.034540][ T6379]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  128.034571][ T6379]  soundcore_open+0x40c/0x580
[  128.034599][ T6379]  ? __pfx_soundcore_open+0x10/0x10
[  128.034623][ T6379]  chrdev_open+0x234/0x6a0
[  128.034646][ T6379]  ? __pfx_chrdev_open+0x10/0x10
[  128.034671][ T6379]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  128.034710][ T6379]  do_dentry_open+0x741/0x1c10
[  128.034747][ T6379]  ? __pfx_chrdev_open+0x10/0x10
[  128.034775][ T6379]  vfs_open+0x82/0x3f0
[  128.034839][ T6379]  path_openat+0x1de4/0x2cb0
[  128.034889][ T6379]  ? __pfx_path_openat+0x10/0x10
[  128.034928][ T6379]  ? __lock_acquire+0xb8a/0x1c90
[  128.034965][ T6379]  do_filp_open+0x20b/0x470
[  128.035002][ T6379]  ? __pfx_do_filp_open+0x10/0x10
[  128.035069][ T6379]  ? alloc_fd+0x471/0x7d0
[  128.035115][ T6379]  do_sys_openat2+0x11b/0x1d0
[  128.035142][ T6379]  ? __pfx_do_sys_openat2+0x10/0x10
[  128.035173][ T6379]  ? __sys_sendmsg+0x18c/0x220
[  128.035206][ T6379]  __x64_sys_openat+0x174/0x210
[  128.035235][ T6379]  ? __pfx___x64_sys_openat+0x10/0x10
[  128.035280][ T6379]  do_syscall_64+0xcd/0x490
[  128.035307][ T6379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.035331][ T6379] RIP: 0033:0x7fa6fa78e969
[  128.035351][ T6379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.035373][ T6379] RSP: 002b:00007fa6f85f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  128.035397][ T6379] RAX: ffffffffffffffda RBX: 00007fa6fa9b5fa0 RCX: 00007fa6fa78e969
[  128.035412][ T6379] RDX: 0000000000020b42 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  128.035427][ T6379] RBP: 00007fa6fa810ab1 R08: 0000000000000000 R09: 0000000000000000
[  128.035440][ T6379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  128.035454][ T6379] R13: 0000000000000000 R14: 00007fa6fa9b5fa0 R15: 00007ffc135fe8e8
[  128.035487][ T6379]  </TASK>
[  128.414211][    C0] vkms_vblank_simulate: vblank timer overrun
[  128.956134][ T6401] mkiss: ax0: crc mode is auto.
[  132.900881][ T6476] Invalid ELF header magic: != ELF
[  133.229056][ T6489] sd 0:0:1:0: PR command failed: 1026
[  133.243295][ T6489] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  133.251812][ T6489] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  137.919248][ T6556] ptp ptp0: max value is 20
[  138.008414][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  138.026824][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  140.641898][ T6614] FAULT_INJECTION: forcing a failure.
[  140.641898][ T6614] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  140.666415][ T6614] CPU: 0 UID: 0 PID: 6614 Comm: syz.3.199 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  140.666443][ T6614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  140.666454][ T6614] Call Trace:
[  140.666460][ T6614]  <TASK>
[  140.666467][ T6614]  dump_stack_lvl+0x16c/0x1f0
[  140.666503][ T6614]  should_fail_ex+0x512/0x640
[  140.666527][ T6614]  core_sys_select+0x949/0xc10
[  140.666558][ T6614]  ? __pfx_core_sys_select+0x10/0x10
[  140.666604][ T6614]  ? set_user_sigmask+0x21b/0x2b0
[  140.666622][ T6614]  ? __pfx_set_user_sigmask+0x10/0x10
[  140.666638][ T6614]  ? find_held_lock+0x2b/0x80
[  140.666660][ T6614]  do_pselect.constprop.0+0x19f/0x1e0
[  140.666688][ T6614]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  140.666725][ T6614]  ? __x64_sys_futex+0x1e0/0x4c0
[  140.666750][ T6614]  __x64_sys_pselect6+0x182/0x240
[  140.666776][ T6614]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  140.666808][ T6614]  do_syscall_64+0xcd/0x490
[  140.666827][ T6614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.666845][ T6614] RIP: 0033:0x7f9d69d8e969
[  140.666860][ T6614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.666877][ T6614] RSP: 002b:00007f9d6abaf038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  140.666894][ T6614] RAX: ffffffffffffffda RBX: 00007f9d69fb5fa0 RCX: 00007f9d69d8e969
[  140.666905][ T6614] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[  140.666915][ T6614] RBP: 00007f9d69e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  140.666925][ T6614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  140.666935][ T6614] R13: 0000000000000000 R14: 00007f9d69fb5fa0 R15: 00007ffcde9e5788
[  140.666956][ T6614]  </TASK>
[  141.402990][ T6615] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  141.413795][ T6615] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  141.438856][ T6615] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  141.474322][ T6615] page_type: f5(slab)
[  141.480507][ T6615] raw: 00fff00000000040 ffff88801ca948c0 dead000000000122 0000000000000000
[  141.541543][ T6615] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[  141.556247][ T6615] head: 00fff00000000040 ffff88801ca948c0 dead000000000122 0000000000000000
[  141.568608][ T6615] head: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000
[  141.577850][ T6615] head: 00fff00000000002 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  141.588224][ T6615] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  141.597328][ T6615] page dumped because: unmovable page
[  141.604495][ T6615] page_owner tracks the page as allocated
[  141.610474][ T6615] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5221, tgid 5221 (udevadm), ts 41680731896, free_ts 33188041983
[  141.662629][ T5189] ERROR: Out of memory at tomoyo_memory_ok.
[  141.703417][ T6615]  post_alloc_hook+0x1c0/0x230
[  141.741022][ T6615]  get_page_from_freelist+0x1321/0x3890
[  141.762933][ T6622] Invalid ELF header magic: != ELF
[  141.778746][ T6615]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  141.793373][ T6615]  alloc_pages_mpol+0x1fb/0x550
[  141.798275][ T6615]  new_slab+0x23b/0x330
[  141.802450][ T6615]  ___slab_alloc+0xd9c/0x1940
[  141.833239][ T6615]  __slab_alloc.constprop.0+0x56/0xb0
[  141.853285][ T6615]  kmem_cache_alloc_lru_noprof+0xf4/0x3b0
[  141.859972][ T6615]  alloc_inode+0xc3/0x240
[  141.873369][ T6615]  iget_locked+0x2e4/0x830
[  141.884183][ T6615]  kernfs_get_inode+0x48/0x460
[  141.893242][ T6615]  kernfs_iop_lookup+0x1a7/0x2d0
[  141.914330][ T6615]  __lookup_slow+0x24e/0x460
[  141.926735][ T6615]  walk_component+0x353/0x5b0
[  141.944193][ T6615]  path_lookupat+0x142/0x6d0
[  141.948869][ T6615]  filename_lookup+0x224/0x5f0
[  141.957433][ T6635] FAULT_INJECTION: forcing a failure.
[  141.957433][ T6635] name failslab, interval 1, probability 0, space 0, times 0
[  141.963804][ T6615] page last free pid 1 tgid 1 stack trace:
[  141.973643][ T6635] CPU: 0 UID: 0 PID: 6635 Comm: syz.0.206 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  141.973692][ T6635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  141.973707][ T6635] Call Trace:
[  141.973716][ T6635]  <TASK>
[  141.973726][ T6635]  dump_stack_lvl+0x16c/0x1f0
[  141.973774][ T6635]  should_fail_ex+0x512/0x640
[  141.973802][ T6635]  ? __kmalloc_noprof+0xbf/0x510
[  141.973845][ T6635]  ? lsm_blob_alloc+0x68/0x90
[  141.973872][ T6635]  should_failslab+0xc2/0x120
[  141.973898][ T6635]  __kmalloc_noprof+0xd2/0x510
[  141.973943][ T6635]  lsm_blob_alloc+0x68/0x90
[  141.973973][ T6635]  security_sk_alloc+0x30/0x270
[  141.974009][ T6635]  sk_prot_alloc+0xfb/0x2a0
[  141.974043][ T6635]  sk_alloc+0x36/0xc20
[  141.974083][ T6635]  unix_create1+0xa6/0x700
[  141.974122][ T6635]  unix_create+0x10e/0x1d0
[  141.974159][ T6635]  __sock_create+0x335/0x8d0
[  141.974200][ T6635]  __sys_socketpair+0x25c/0x5a0
[  141.974237][ T6635]  ? __pfx___sys_socketpair+0x10/0x10
[  141.974270][ T6635]  ? fput+0x70/0xf0
[  141.974299][ T6635]  ? xfd_validate_state+0x61/0x180
[  141.974331][ T6635]  ? __pfx_do_writev+0x10/0x10
[  141.974371][ T6635]  __x64_sys_socketpair+0x96/0x100
[  141.974405][ T6635]  ? lockdep_hardirqs_on+0x7c/0x110
[  141.974443][ T6635]  do_syscall_64+0xcd/0x490
[  141.974472][ T6635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.974497][ T6635] RIP: 0033:0x7fb3fbf8e969
[  141.974518][ T6635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.974542][ T6635] RSP: 002b:00007fb3fcdbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  141.974567][ T6635] RAX: ffffffffffffffda RBX: 00007fb3fc1b5fa0 RCX: 00007fb3fbf8e969
[  141.974584][ T6635] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000001
[  141.974600][ T6635] RBP: 00007fb3fc010ab1 R08: 0000000000000000 R09: 0000000000000000
[  141.974615][ T6635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  141.974630][ T6635] R13: 0000000000000000 R14: 00007fb3fc1b5fa0 R15: 00007ffc949a5298
[  141.974678][ T6635]  </TASK>
[  142.215426][ T6615]  __free_frozen_pages+0x7fe/0x1180
[  142.233193][ T6615]  free_contig_range+0x183/0x4b0
[  142.243508][ T6615]  destroy_args+0x7f6/0xa60
[  142.248073][ T6615]  debug_vm_pgtable+0x13b8/0x2d00
[  142.276159][ T6615]  do_one_initcall+0x120/0x6e0
[  142.280969][ T6615]  kernel_init_freeable+0x5c2/0x900
[  142.287169][ T6615]  kernel_init+0x1c/0x2b0
[  142.291533][ T6615]  ret_from_fork+0x5d7/0x6f0
[  142.307287][ T6615]  ret_from_fork_asm+0x1a/0x30
[  142.772180][ T6649] : Can't lookup blockdev
[  143.986226][ T6679] netlink: 346 bytes leftover after parsing attributes in process `syz.0.218'.
[  145.522822][ T6701] netlink: 8 bytes leftover after parsing attributes in process `syz.0.226'.
[  145.576418][ T6697] ERROR: Out of memory at tomoyo_memory_ok.
[  145.611851][ T6701] netlink: 8 bytes leftover after parsing attributes in process `syz.0.226'.
[  146.779276][ T6735] netlink: 28 bytes leftover after parsing attributes in process `syz.2.239'.
[  146.845088][ T6738] process 'syz.2.239' launched './file0' with NULL argv: empty string added
[  146.906262][ T6738] ERROR: Out of memory at tomoyo_memory_ok.
[  146.949100][ T6738] ERROR: Domain '<kernel> /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /sbin/start-stop-daemon /usr/sbin/sshd /usr/libexec/sshd-session /bin/sh /root/syz-executor /root/syz-executor /newroot/57/file0' not defined.
[  149.985343][ T6792] ecryptfs_parse_packet_length: Five-byte packet length not supported
[  150.026932][ T6792] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22]

syzkaller
syzkaller login: [  151.839858][ T6820] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  152.074457][ T6824] binder: 6823:6824 ioctl c0306201 0 returned -14
[  152.312154][ T6829] netlink: 8 bytes leftover after parsing attributes in process `syz.0.265'.
[  153.086535][ T6856] FAULT_INJECTION: forcing a failure.
[  153.086535][ T6856] name failslab, interval 1, probability 0, space 0, times 0
[  153.140454][ T6856] CPU: 1 UID: 0 PID: 6856 Comm: syz.3.278 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  153.140497][ T6856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  153.140512][ T6856] Call Trace:
[  153.140521][ T6856]  <TASK>
[  153.140533][ T6856]  dump_stack_lvl+0x16c/0x1f0
[  153.140585][ T6856]  should_fail_ex+0x512/0x640
[  153.140614][ T6856]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  153.140663][ T6856]  should_failslab+0xc2/0x120
[  153.140692][ T6856]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  153.140735][ T6856]  ? __pfx_map_id_range_down+0x10/0x10
[  153.140777][ T6856]  ? prepare_creds+0x2c/0x7d0
[  153.140825][ T6856]  prepare_creds+0x2c/0x7d0
[  153.140876][ T6856]  __sys_setfsgid+0xe3/0x380
[  153.140906][ T6856]  ? rcu_is_watching+0x12/0xc0
[  153.140938][ T6856]  do_syscall_64+0xcd/0x490
[  153.140967][ T6856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.140996][ T6856] RIP: 0033:0x7f9d69d8e969
[  153.141018][ T6856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.141042][ T6856] RSP: 002b:00007f9d6abaf038 EFLAGS: 00000246 ORIG_RAX: 000000000000007b
[  153.141068][ T6856] RAX: ffffffffffffffda RBX: 00007f9d69fb5fa0 RCX: 00007f9d69d8e969
[  153.141086][ T6856] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee01
[  153.141101][ T6856] RBP: 00007f9d69e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  153.141118][ T6856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  153.141134][ T6856] R13: 0000000000000000 R14: 00007f9d69fb5fa0 R15: 00007ffcde9e5788
[  153.141170][ T6856]  </TASK>
[  155.894316][ T6934] ERROR: Out of memory at tomoyo_memory_ok.
[  157.930010][ T6958] =======================================================
[  157.930010][ T6958] WARNING: The mand mount option has been deprecated and
[  157.930010][ T6958]          and is ignored by this kernel. Remove the mand
[  157.930010][ T6958]          option from the mount to silence this warning.
[  157.930010][ T6958] =======================================================
[  159.157115][ T5157] Bluetooth: hci2: SCO packet too small
[  160.874107][ T7016] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  161.221878][ T7018] netlink: 28 bytes leftover after parsing attributes in process `syz.1.339'.
[  161.631961][ T7018] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  161.644867][ T7018] batman_adv: batadv0: Removing interface: batadv_slave_0
[  161.729527][ T7018] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.765767][ T7018] batman_adv: batadv0: Removing interface: batadv_slave_1
[  162.171147][ T7031] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[  163.660420][ T7052] Invalid ELF header magic: != ELF
[  165.180382][ T7069] FAULT_INJECTION: forcing a failure.
[  165.180382][ T7069] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.225266][ T7069] CPU: 0 UID: 0 PID: 7069 Comm: syz.1.355 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  165.225312][ T7069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  165.225329][ T7069] Call Trace:
[  165.225339][ T7069]  <TASK>
[  165.225351][ T7069]  dump_stack_lvl+0x16c/0x1f0
[  165.225403][ T7069]  should_fail_ex+0x512/0x640
[  165.225441][ T7069]  core_sys_select+0x9ca/0xc10
[  165.225492][ T7069]  ? __pfx_core_sys_select+0x10/0x10
[  165.225598][ T7069]  ? read_tsc+0x9/0x20
[  165.225624][ T7069]  ? ktime_get_ts64+0x256/0x400
[  165.225670][ T7069]  kern_select+0x15d/0x1e0
[  165.225709][ T7069]  ? __pfx_kern_select+0x10/0x10
[  165.225753][ T7069]  ? xfd_validate_state+0x61/0x180
[  165.225788][ T7069]  ? bpf_lsm_capable+0x9/0x10
[  165.225831][ T7069]  __x64_sys_select+0xbd/0x160
[  165.225868][ T7069]  ? do_syscall_64+0x91/0x490
[  165.225893][ T7069]  ? lockdep_hardirqs_on+0x7c/0x110
[  165.225937][ T7069]  do_syscall_64+0xcd/0x490
[  165.225966][ T7069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.225995][ T7069] RIP: 0033:0x7f21cd78e969
[  165.226018][ T7069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.226044][ T7069] RSP: 002b:00007f21cb5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  165.226070][ T7069] RAX: ffffffffffffffda RBX: 00007f21cd9b5fa0 RCX: 00007f21cd78e969
[  165.226088][ T7069] RDX: 0000200000000100 RSI: 0000200000000080 RDI: 0000000000000005
[  165.226105][ T7069] RBP: 00007f21cd810ab1 R08: 0000200000000280 R09: 0000000000000000
[  165.226122][ T7069] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000
[  165.226138][ T7069] R13: 0000000000000000 R14: 00007f21cd9b5fa0 R15: 00007ffd44d199b8
[  165.226174][ T7069]  </TASK>
[  167.926239][   T30] audit: type=1806 audit(6043974644.941:2): xattr="." res=0
[  168.330066][ T7107] FAULT_INJECTION: forcing a failure.
[  168.330066][ T7107] name failslab, interval 1, probability 0, space 0, times 0
[  168.345755][ T7107] CPU: 1 UID: 0 PID: 7107 Comm: syz.3.354 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  168.345798][ T7107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  168.345824][ T7107] Call Trace:
[  168.345835][ T7107]  <TASK>
[  168.345846][ T7107]  dump_stack_lvl+0x16c/0x1f0
[  168.345901][ T7107]  should_fail_ex+0x512/0x640
[  168.345935][ T7107]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  168.345985][ T7107]  should_failslab+0xc2/0x120
[  168.346016][ T7107]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  168.346072][ T7107]  ? alloc_unbound_pwq+0x3ff/0xe10
[  168.346112][ T7107]  alloc_unbound_pwq+0x3ff/0xe10
[  168.346156][ T7107]  apply_wqattrs_prepare+0x8a0/0xbd0
[  168.346203][ T7107]  apply_workqueue_attrs_locked+0x64/0xe0
[  168.346235][ T7107]  __alloc_workqueue+0x1007/0x1810
[  168.346285][ T7107]  alloc_workqueue+0xd2/0x200
[  168.346321][ T7107]  ? __pfx_alloc_workqueue+0x10/0x10
[  168.346359][ T7107]  ? __fget_files+0x204/0x3c0
[  168.346419][ T7107]  loop_configure+0x1072/0x1720
[  168.346492][ T7107]  ? find_held_lock+0x2b/0x80
[  168.346524][ T7107]  ? is_bpf_text_address+0x8a/0x1a0
[  168.346564][ T7107]  ? __pfx_loop_configure+0x10/0x10
[  168.346651][ T7107]  lo_ioctl+0xc1c/0x2760
[  168.346697][ T7107]  ? __lock_acquire+0xb8a/0x1c90
[  168.346740][ T7107]  ? kasan_save_stack+0x42/0x60
[  168.346782][ T7107]  ? kasan_save_stack+0x33/0x60
[  168.346831][ T7107]  ? kasan_save_track+0x14/0x30
[  168.346873][ T7107]  ? kasan_save_free_info+0x3b/0x60
[  168.346908][ T7107]  ? __kasan_slab_free+0x51/0x70
[  168.346950][ T7107]  ? kfree+0x2b4/0x4d0
[  168.346985][ T7107]  ? tomoyo_path_number_perm+0x470/0x580
[  168.347026][ T7107]  ? security_file_ioctl+0x9b/0x240
[  168.347067][ T7107]  ? __x64_sys_ioctl+0xb7/0x210
[  168.347098][ T7107]  ? do_syscall_64+0xcd/0x490
[  168.347125][ T7107]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.347168][ T7107]  ? __pfx_lo_ioctl+0x10/0x10
[  168.347247][ T7107]  ? kasan_quarantine_put+0x10a/0x240
[  168.347290][ T7107]  ? lockdep_hardirqs_on+0x7c/0x110
[  168.347340][ T7107]  ? find_held_lock+0x2b/0x80
[  168.347369][ T7107]  ? tomoyo_path_number_perm+0x295/0x580
[  168.347419][ T7107]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  168.347466][ T7107]  ? blkdev_common_ioctl+0x1dd/0x2480
[  168.347503][ T7107]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  168.347594][ T7107]  ? __pfx_lo_ioctl+0x10/0x10
[  168.347638][ T7107]  blkdev_ioctl+0x277/0x6d0
[  168.347684][ T7107]  ? __pfx_blkdev_ioctl+0x10/0x10
[  168.347733][ T7107]  ? __pfx_blkdev_ioctl+0x10/0x10
[  168.347780][ T7107]  __x64_sys_ioctl+0x18b/0x210
[  168.347829][ T7107]  do_syscall_64+0xcd/0x490
[  168.347863][ T7107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.347892][ T7107] RIP: 0033:0x7f9d69d8e969
[  168.347925][ T7107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.347952][ T7107] RSP: 002b:00007f9d6abaf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  168.347982][ T7107] RAX: ffffffffffffffda RBX: 00007f9d69fb5fa0 RCX: 00007f9d69d8e969
[  168.348002][ T7107] RDX: 0000000000000000 RSI: 0000000000004c00 RDI: 0000000000000001
[  168.348020][ T7107] RBP: 00007f9d69e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  168.348039][ T7107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  168.348056][ T7107] R13: 0000000000000000 R14: 00007f9d69fb5fa0 R15: 00007ffcde9e5788
[  168.348097][ T7107]  </TASK>
[  168.916166][  T980] rtc_cmos 00:00: Alarms can be up to one day in the future
[  168.986055][  T980] rtc_cmos 00:00: Alarms can be up to one day in the future
[  169.010470][  T980] rtc_cmos 00:00: Alarms can be up to one day in the future
[  169.029465][  T980] rtc_cmos 00:00: Alarms can be up to one day in the future
[  169.037313][  T980] rtc rtc0: __rtc_set_alarm: err=-22
[  173.648989][ T7186] netlink: 330 bytes leftover after parsing attributes in process `syz.2.382'.
[  173.658043][ T7186] ›: renamed from hsr0 (while UP)
[  175.829807][ T7220] FAULT_INJECTION: forcing a failure.
[  175.829807][ T7220] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  175.879525][ T7220] CPU: 0 UID: 0 PID: 7220 Comm: syz.0.387 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  175.879570][ T7220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  175.879588][ T7220] Call Trace:
[  175.879598][ T7220]  <TASK>
[  175.879610][ T7220]  dump_stack_lvl+0x16c/0x1f0
[  175.879662][ T7220]  should_fail_ex+0x512/0x640
[  175.879703][ T7220]  should_fail_alloc_page+0xe7/0x130
[  175.879738][ T7220]  prepare_alloc_pages+0x3c2/0x610
[  175.879775][ T7220]  ? rcu_is_watching+0x12/0xc0
[  175.879811][ T7220]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  175.879861][ T7220]  ? __lock_acquire+0xb8a/0x1c90
[  175.879920][ T7220]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  175.879968][ T7220]  ? do_raw_spin_lock+0x12c/0x2b0
[  175.880015][ T7220]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  175.880061][ T7220]  ? find_held_lock+0x2b/0x80
[  175.880106][ T7220]  ? __lock_acquire+0xb8a/0x1c90
[  175.880145][ T7220]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  175.880193][ T7220]  ? policy_nodemask+0xea/0x4e0
[  175.880228][ T7220]  alloc_pages_mpol+0x1fb/0x550
[  175.880262][ T7220]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  175.880305][ T7220]  folio_alloc_mpol_noprof+0x36/0x2f0
[  175.880345][ T7220]  shmem_alloc_folio+0x135/0x160
[  175.880401][ T7220]  shmem_alloc_and_add_folio+0x499/0xc20
[  175.880475][ T7220]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  175.880527][ T7220]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  175.880583][ T7220]  shmem_get_folio_gfp+0x67f/0x1600
[  175.880640][ T7220]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  175.880687][ T7220]  ? __pfx___might_resched+0x10/0x10
[  175.880729][ T7220]  shmem_fallocate+0x795/0xf50
[  175.880797][ T7220]  ? __pfx_shmem_fallocate+0x10/0x10
[  175.880840][ T7220]  ? aa_file_perm+0x4d6/0xfb0
[  175.880886][ T7220]  ? __lock_acquire+0xb8a/0x1c90
[  175.880930][ T7220]  ? __lock_acquire+0x622/0x1c90
[  175.880995][ T7220]  ? __pfx_shmem_fallocate+0x10/0x10
[  175.881042][ T7220]  vfs_fallocate+0x60b/0x10c0
[  175.881094][ T7220]  ? __pfx_vfs_fallocate+0x10/0x10
[  175.881153][ T7220]  __x64_sys_fallocate+0xd5/0x150
[  175.881187][ T7220]  do_syscall_64+0xcd/0x490
[  175.881222][ T7220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.881252][ T7220] RIP: 0033:0x7fb3fbf8e969
[  175.881277][ T7220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  175.881305][ T7220] RSP: 002b:00007fb3fcdbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  175.881334][ T7220] RAX: ffffffffffffffda RBX: 00007fb3fc1b5fa0 RCX: 00007fb3fbf8e969
[  175.881354][ T7220] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 8000000000000003
[  175.881372][ T7220] RBP: 00007fb3fc010ab1 R08: 0000000000000000 R09: 0000000000000000
[  175.881390][ T7220] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000000
[  175.881407][ T7220] R13: 0000000000000000 R14: 00007fb3fc1b5fa0 R15: 00007ffc949a5298
[  175.881465][ T7220]  </TASK>
[  179.773868][ T7274] Invalid ELF header magic: != ELF
[  182.283118][ T7305] [U] 
[  184.428939][ T7348] netlink: 28 bytes leftover after parsing attributes in process `syz.1.436'.
[  184.501975][ T7355] nfs4: Unknown parameter '€
'
[  188.209075][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  188.219494][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  188.228837][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  188.237462][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  188.245205][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  188.760488][ T7438] chnl_net:caif_netlink_parms(): no params data found
[  189.344621][ T7438] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.372451][ T7438] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.388977][ T7438] bridge_slave_0: entered allmulticast mode
[  189.409002][ T7438] bridge_slave_0: entered promiscuous mode
[  189.487098][ T7438] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.500940][ T7438] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.516926][ T7438] bridge_slave_1: entered allmulticast mode
[  189.527734][ T7438] bridge_slave_1: entered promiscuous mode
[  189.723338][ T7438] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  189.991867][ T7438] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  190.140597][ T7438] team0: Port device team_slave_0 added
[  190.229205][ T7438] team0: Port device team_slave_1 added
[  190.343350][   T51] Bluetooth: hci0: command tx timeout
[  190.394760][ T7438] batman_adv: batadv0: Adding interface: batadv_slave_0
[  190.401771][ T7438] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.468718][ T7438] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  190.518382][ T7438] batman_adv: batadv0: Adding interface: batadv_slave_1
[  190.528962][ T7438] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.570925][ T7438] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  190.869712][ T7438] hsr_slave_0: entered promiscuous mode
[  190.879382][ T7438] hsr_slave_1: entered promiscuous mode
[  190.888152][ T7438] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  190.901368][ T7438] Cannot create hsr debugfs directory
[  191.877946][ T7438] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.200680][ T7438] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.424744][   T51] Bluetooth: hci0: command tx timeout
[  193.009908][ T7438] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.580315][ T7438] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.152276][ T7438] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  194.210036][ T7438] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  194.226601][ T7438] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  194.244179][ T7438] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  194.508268][   T51] Bluetooth: hci0: command tx timeout
[  194.610926][ T7438] 8021q: adding VLAN 0 to HW filter on device bond0
[  194.698450][ T7537] Invalid ELF header magic: != ELF
[  194.740637][ T7438] 8021q: adding VLAN 0 to HW filter on device team0
[  194.915710][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.922889][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  194.953431][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.960708][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  196.334865][ T7438] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.586185][   T51] Bluetooth: hci0: command tx timeout
[  196.609366][ T7438] veth0_vlan: entered promiscuous mode
[  196.667747][ T7438] veth1_vlan: entered promiscuous mode
[  196.837542][ T7438] veth0_macvtap: entered promiscuous mode
[  196.864252][ T7438] veth1_macvtap: entered promiscuous mode
[  196.944321][ T7438] batman_adv: batadv0: Interface activated: batadv_slave_0
[  196.977316][ T7438] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.010393][ T7438] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.046128][ T7438] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.054979][ T7438] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.087633][ T7438] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.108511][ T7597] capability: warning: `syz.0.514' uses 32-bit capabilities (legacy support in use)
[  197.178313][ T7599] netlink: 'syz.2.515': attribute type 1 has an invalid length.
[  197.383766][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  197.422863][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  197.555813][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  197.575320][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  197.728566][   T51] Bluetooth: hci2: ACL packet too small
[  198.392621][ T7619] FAULT_INJECTION: forcing a failure.
[  198.392621][ T7619] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  198.419583][ T7619] CPU: 0 UID: 0 PID: 7619 Comm: syz.3.523 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  198.419629][ T7619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.419647][ T7619] Call Trace:
[  198.419657][ T7619]  <TASK>
[  198.419670][ T7619]  dump_stack_lvl+0x16c/0x1f0
[  198.419724][ T7619]  should_fail_ex+0x512/0x640
[  198.419765][ T7619]  should_fail_alloc_page+0xe7/0x130
[  198.419800][ T7619]  prepare_alloc_pages+0x3c2/0x610
[  198.419838][ T7619]  ? rcu_is_watching+0x12/0xc0
[  198.419874][ T7619]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  198.419926][ T7619]  ? stack_trace_save+0x8e/0xc0
[  198.419960][ T7619]  ? __pfx_stack_trace_save+0x10/0x10
[  198.419993][ T7619]  ? stack_depot_save_flags+0x28/0xa40
[  198.420029][ T7619]  ? __kernel_text_address+0xd/0x40
[  198.420081][ T7619]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  198.420133][ T7619]  ? __lock_acquire+0x622/0x1c90
[  198.420182][ T7619]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.420226][ T7619]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  198.420273][ T7619]  ? policy_nodemask+0xea/0x4e0
[  198.420307][ T7619]  alloc_pages_mpol+0x1fb/0x550
[  198.420340][ T7619]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  198.420383][ T7619]  alloc_pages_noprof+0x131/0x390
[  198.420415][ T7619]  alloc_pages_exact_noprof+0x37/0xe0
[  198.420452][ T7619]  ? __asan_memset+0x23/0x50
[  198.420492][ T7619]  snd_pcm_attach_substream+0x4bb/0xd60
[  198.420559][ T7619]  snd_pcm_open_substream+0x8d/0x17f0
[  198.420607][ T7619]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  198.420667][ T7619]  snd_pcm_oss_open+0x735/0x1400
[  198.420722][ T7619]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  198.420763][ T7619]  ? __lock_acquire+0xb8a/0x1c90
[  198.420804][ T7619]  ? __pfx_default_wake_function+0x10/0x10
[  198.420839][ T7619]  ? __lock_acquire+0xb8a/0x1c90
[  198.420888][ T7619]  ? do_raw_spin_lock+0x12c/0x2b0
[  198.420937][ T7619]  ? soundcore_open+0x35a/0x580
[  198.420972][ T7619]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  198.421012][ T7619]  soundcore_open+0x40c/0x580
[  198.421048][ T7619]  ? __pfx_soundcore_open+0x10/0x10
[  198.421079][ T7619]  chrdev_open+0x234/0x6a0
[  198.421105][ T7619]  ? __pfx_apparmor_file_open+0x10/0x10
[  198.421153][ T7619]  ? __pfx_chrdev_open+0x10/0x10
[  198.421185][ T7619]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  198.421235][ T7619]  do_dentry_open+0x741/0x1c10
[  198.421280][ T7619]  ? __pfx_chrdev_open+0x10/0x10
[  198.421318][ T7619]  vfs_open+0x82/0x3f0
[  198.421358][ T7619]  path_openat+0x1de4/0x2cb0
[  198.421417][ T7619]  ? __pfx_path_openat+0x10/0x10
[  198.421464][ T7619]  ? __lock_acquire+0xb8a/0x1c90
[  198.421519][ T7619]  do_filp_open+0x20b/0x470
[  198.421575][ T7619]  ? __pfx_do_filp_open+0x10/0x10
[  198.421660][ T7619]  ? alloc_fd+0x471/0x7d0
[  198.421716][ T7619]  do_sys_openat2+0x11b/0x1d0
[  198.421751][ T7619]  ? __pfx_do_sys_openat2+0x10/0x10
[  198.421790][ T7619]  ? __sys_sendmsg+0x18c/0x220
[  198.421839][ T7619]  __x64_sys_openat+0x174/0x210
[  198.421876][ T7619]  ? __pfx___x64_sys_openat+0x10/0x10
[  198.421949][ T7619]  do_syscall_64+0xcd/0x490
[  198.421984][ T7619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.422015][ T7619] RIP: 0033:0x7f9d69d8e969
[  198.422048][ T7619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.422076][ T7619] RSP: 002b:00007f9d6abaf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  198.422105][ T7619] RAX: ffffffffffffffda RBX: 00007f9d69fb5fa0 RCX: 00007f9d69d8e969
[  198.422126][ T7619] RDX: 0000000000020b42 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  198.422145][ T7619] RBP: 00007f9d69e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  198.422162][ T7619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  198.422181][ T7619] R13: 0000000000000000 R14: 00007f9d69fb5fa0 R15: 00007ffcde9e5788
[  198.422222][ T7619]  </TASK>
[  198.801170][    C0] vkms_vblank_simulate: vblank timer overrun
[  199.477746][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  199.485513][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  202.091736][ T7699] FAULT_INJECTION: forcing a failure.
[  202.091736][ T7699] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  202.105244][ T7699] CPU: 1 UID: 0 PID: 7699 Comm: syz.0.551 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  202.105286][ T7699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  202.105303][ T7699] Call Trace:
[  202.105315][ T7699]  <TASK>
[  202.105327][ T7699]  dump_stack_lvl+0x16c/0x1f0
[  202.105382][ T7699]  should_fail_ex+0x512/0x640
[  202.105423][ T7699]  should_fail_alloc_page+0xe7/0x130
[  202.105457][ T7699]  prepare_alloc_pages+0x3c2/0x610
[  202.105502][ T7699]  ? rcu_is_watching+0x12/0xc0
[  202.105538][ T7699]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  202.105591][ T7699]  ? stack_trace_save+0x8e/0xc0
[  202.105623][ T7699]  ? __pfx_stack_trace_save+0x10/0x10
[  202.105655][ T7699]  ? stack_depot_save_flags+0x28/0xa40
[  202.105701][ T7699]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  202.105751][ T7699]  ? __lock_acquire+0x622/0x1c90
[  202.105799][ T7699]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.105842][ T7699]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  202.105890][ T7699]  ? policy_nodemask+0xea/0x4e0
[  202.105923][ T7699]  alloc_pages_mpol+0x1fb/0x550
[  202.105955][ T7699]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  202.105999][ T7699]  alloc_pages_noprof+0x131/0x390
[  202.106031][ T7699]  alloc_pages_exact_noprof+0x37/0xe0
[  202.106068][ T7699]  ? __asan_memset+0x23/0x50
[  202.106108][ T7699]  snd_pcm_attach_substream+0x4bb/0xd60
[  202.106169][ T7699]  snd_pcm_open_substream+0x8d/0x17f0
[  202.106218][ T7699]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  202.106274][ T7699]  snd_pcm_oss_open+0x735/0x1400
[  202.106330][ T7699]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  202.106370][ T7699]  ? __lock_acquire+0xb8a/0x1c90
[  202.106409][ T7699]  ? __pfx_default_wake_function+0x10/0x10
[  202.106444][ T7699]  ? __lock_acquire+0xb8a/0x1c90
[  202.106500][ T7699]  ? do_raw_spin_lock+0x12c/0x2b0
[  202.106549][ T7699]  ? soundcore_open+0x35a/0x580
[  202.106583][ T7699]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  202.106623][ T7699]  soundcore_open+0x40c/0x580
[  202.106667][ T7699]  ? __pfx_soundcore_open+0x10/0x10
[  202.106698][ T7699]  chrdev_open+0x234/0x6a0
[  202.106725][ T7699]  ? __pfx_apparmor_file_open+0x10/0x10
[  202.106774][ T7699]  ? __pfx_chrdev_open+0x10/0x10
[  202.106805][ T7699]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  202.106856][ T7699]  do_dentry_open+0x741/0x1c10
[  202.106903][ T7699]  ? __pfx_chrdev_open+0x10/0x10
[  202.106939][ T7699]  vfs_open+0x82/0x3f0
[  202.106980][ T7699]  path_openat+0x1de4/0x2cb0
[  202.107039][ T7699]  ? __pfx_path_openat+0x10/0x10
[  202.107086][ T7699]  ? __lock_acquire+0xb8a/0x1c90
[  202.107125][ T7699]  do_filp_open+0x20b/0x470
[  202.107166][ T7699]  ? __pfx_do_filp_open+0x10/0x10
[  202.107243][ T7699]  ? alloc_fd+0x471/0x7d0
[  202.107304][ T7699]  do_sys_openat2+0x11b/0x1d0
[  202.107339][ T7699]  ? __pfx_do_sys_openat2+0x10/0x10
[  202.107376][ T7699]  ? __sys_sendmsg+0x18c/0x220
[  202.107418][ T7699]  __x64_sys_openat+0x174/0x210
[  202.107454][ T7699]  ? __pfx___x64_sys_openat+0x10/0x10
[  202.107519][ T7699]  do_syscall_64+0xcd/0x490
[  202.107555][ T7699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.107585][ T7699] RIP: 0033:0x7fb3fbf8e969
[  202.107611][ T7699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.107638][ T7699] RSP: 002b:00007fb3fcd9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  202.107667][ T7699] RAX: ffffffffffffffda RBX: 00007fb3fc1b6080 RCX: 00007fb3fbf8e969
[  202.107685][ T7699] RDX: 0000000000020b42 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  202.107701][ T7699] RBP: 00007fb3fc010ab1 R08: 0000000000000000 R09: 0000000000000000
[  202.107717][ T7699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  202.107732][ T7699] R13: 0000000000000000 R14: 00007fb3fc1b6080 R15: 00007ffc949a5298
[  202.107768][ T7699]  </TASK>
[  202.927183][ T7711] FAULT_INJECTION: forcing a failure.
[  202.927183][ T7711] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  202.972488][ T7711] CPU: 0 UID: 0 PID: 7711 Comm: syz.1.554 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  202.972545][ T7711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  202.972563][ T7711] Call Trace:
[  202.972573][ T7711]  <TASK>
[  202.972585][ T7711]  dump_stack_lvl+0x16c/0x1f0
[  202.972641][ T7711]  should_fail_ex+0x512/0x640
[  202.972683][ T7711]  should_fail_alloc_page+0xe7/0x130
[  202.972717][ T7711]  prepare_alloc_pages+0x3c2/0x610
[  202.972756][ T7711]  ? rcu_is_watching+0x12/0xc0
[  202.972791][ T7711]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  202.972847][ T7711]  ? css_rstat_updated+0x9d/0xd30
[  202.972890][ T7711]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  202.972936][ T7711]  ? __lock_acquire+0x622/0x1c90
[  202.972981][ T7711]  ? __asan_memcpy+0x3c/0x60
[  202.973028][ T7711]  ? __pfx_interleave_nid+0x10/0x10
[  202.973077][ T7711]  ? __lock_acquire+0x622/0x1c90
[  202.973122][ T7711]  ? policy_nodemask+0xea/0x4e0
[  202.973155][ T7711]  alloc_pages_mpol+0x1fb/0x550
[  202.973189][ T7711]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  202.973232][ T7711]  folio_alloc_mpol_noprof+0x36/0x2f0
[  202.973270][ T7711]  vma_alloc_folio_noprof+0xed/0x1e0
[  202.973306][ T7711]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  202.973340][ T7711]  ? find_held_lock+0x2b/0x80
[  202.973372][ T7711]  ? __handle_mm_fault+0x1092/0x5490
[  202.973420][ T7711]  __handle_mm_fault+0x2f21/0x5490
[  202.973474][ T7711]  ? __pfx___handle_mm_fault+0x10/0x10
[  202.973525][ T7711]  ? __pte_offset_map_lock+0x174/0x310
[  202.973560][ T7711]  ? find_held_lock+0x2b/0x80
[  202.973588][ T7711]  ? find_held_lock+0x2b/0x80
[  202.973630][ T7711]  ? follow_page_pte+0x3af/0x14c0
[  202.973677][ T7711]  handle_mm_fault+0x589/0xd10
[  202.973728][ T7711]  __get_user_pages+0x589/0x3b80
[  202.973777][ T7711]  ? __pfx_mt_find+0x10/0x10
[  202.973811][ T7711]  ? __pfx___get_user_pages+0x10/0x10
[  202.973864][ T7711]  populate_vma_page_range+0x278/0x3a0
[  202.973905][ T7711]  ? __pfx_populate_vma_page_range+0x10/0x10
[  202.973941][ T7711]  ? __pfx_find_vma_intersection+0x10/0x10
[  202.973979][ T7711]  ? do_mmap+0x69c/0x1210
[  202.974019][ T7711]  __mm_populate+0x1d8/0x380
[  202.974059][ T7711]  ? __pfx___mm_populate+0x10/0x10
[  202.974101][ T7711]  ? up_write+0x1b2/0x520
[  202.974150][ T7711]  vm_mmap_pgoff+0x362/0x450
[  202.974188][ T7711]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  202.974220][ T7711]  ? do_set_mempolicy+0x220/0x480
[  202.974254][ T7711]  ? __x64_sys_futex+0x1e0/0x4c0
[  202.974290][ T7711]  ? __x64_sys_futex+0x1e9/0x4c0
[  202.974333][ T7711]  ksys_mmap_pgoff+0x7d/0x5c0
[  202.974367][ T7711]  ? xfd_validate_state+0x61/0x180
[  202.974404][ T7711]  ? __pfx_kernel_set_mempolicy+0x10/0x10
[  202.974439][ T7711]  __x64_sys_mmap+0x125/0x190
[  202.974486][ T7711]  do_syscall_64+0xcd/0x490
[  202.974529][ T7711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.974559][ T7711] RIP: 0033:0x7f215858e969
[  202.974585][ T7711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.974613][ T7711] RSP: 002b:00007f2159312038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  202.974643][ T7711] RAX: ffffffffffffffda RBX: 00007f21587b5fa0 RCX: 00007f215858e969
[  202.974663][ T7711] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  202.974681][ T7711] RBP: 00007f2158610ab1 R08: 0000000000000002 R09: 0000000000008000
[  202.974699][ T7711] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  202.974716][ T7711] R13: 0000000000000000 R14: 00007f21587b5fa0 R15: 00007fff07a01c38
[  202.974758][ T7711]  </TASK>
[  204.373879][ T7724] netlink: 8 bytes leftover after parsing attributes in process `syz.0.560'.
[  209.306103][   T30] audit: type=1800 audit(6043974686.311:3): pid=7815 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.578" name="dbroot" dev="configfs" ino=15334 res=0 errno=0
[  209.373672][ T7815] 
[  209.376077][ T7815] ============================================
[  209.382273][ T7815] WARNING: possible recursive locking detected
[  209.388472][ T7815] 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 Not tainted
[  209.395271][ T7815] --------------------------------------------
[  209.401453][ T7815] syz.2.578/7815 is trying to acquire lock:
[  209.407389][ T7815] ffff888142fc2078 (&p->frag_sem){.+.+}-{4:4}, at: __configfs_open_file+0xe8/0x9c0
[  209.416802][ T7815] 
[  209.416802][ T7815] but task is already holding lock:
[  209.424213][ T7815] ffff888142fc2078 (&p->frag_sem){.+.+}-{4:4}, at: configfs_write_iter+0x219/0x4e0
[  209.433614][ T7815] 
[  209.433614][ T7815] other info that might help us debug this:
[  209.441684][ T7815]  Possible unsafe locking scenario:
[  209.441684][ T7815] 
[  209.449144][ T7815]        CPU0
[  209.452432][ T7815]        ----
[  209.455721][ T7815]   lock(&p->frag_sem);
[  209.459899][ T7815]   lock(&p->frag_sem);
[  209.464073][ T7815] 
[  209.464073][ T7815]  *** DEADLOCK ***
[  209.464073][ T7815] 
[  209.472226][ T7815]  May be due to missing lock nesting notation
[  209.472226][ T7815] 
[  209.480550][ T7815] 5 locks held by syz.2.578/7815:
[  209.485582][ T7815]  #0: ffff88807e5c57b8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[  209.494684][ T7815]  #1: ffff888144ec8428 (sb_writers#20){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  209.503793][ T7815]  #2: ffff888026df6c88 (&buffer->mutex#2){+.+.}-{4:4}, at: configfs_write_iter+0x75/0x4e0
[  209.513859][ T7815]  #3: ffff888142fc2078 (&p->frag_sem){.+.+}-{4:4}, at: configfs_write_iter+0x219/0x4e0
[  209.523656][ T7815]  #4: ffffffff8f4743e8 (target_devices_lock){+.+.}-{4:4}, at: target_core_item_dbroot_store+0x21/0x350
[  209.534846][ T7815] 
[  209.534846][ T7815] stack backtrace:
[  209.540746][ T7815] CPU: 1 UID: 0 PID: 7815 Comm: syz.2.578 Not tainted 6.15.0-syzkaller-11796-g5abc7438f1e9 #0 PREEMPT(full) 
[  209.540775][ T7815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  209.540789][ T7815] Call Trace:
[  209.540796][ T7815]  <TASK>
[  209.540804][ T7815]  dump_stack_lvl+0x116/0x1f0
[  209.540844][ T7815]  print_deadlock_bug+0x1e9/0x240
[  209.540872][ T7815]  __lock_acquire+0x1106/0x1c90
[  209.540907][ T7815]  lock_acquire+0x179/0x350
[  209.540936][ T7815]  ? __configfs_open_file+0xe8/0x9c0
[  209.540973][ T7815]  ? __pfx___might_resched+0x10/0x10
[  209.541000][ T7815]  down_read+0x9b/0x480
[  209.541023][ T7815]  ? __configfs_open_file+0xe8/0x9c0
[  209.541057][ T7815]  ? __pfx_down_read+0x10/0x10
[  209.541084][ T7815]  __configfs_open_file+0xe8/0x9c0
[  209.541118][ T7815]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  209.541153][ T7815]  do_dentry_open+0x741/0x1c10
[  209.541186][ T7815]  ? __pfx_configfs_open_file+0x10/0x10
[  209.541223][ T7815]  vfs_open+0x82/0x3f0
[  209.541248][ T7815]  path_openat+0x1de4/0x2cb0
[  209.541283][ T7815]  ? __pfx___kfence_alloc+0x10/0x10
[  209.541304][ T7815]  ? __pfx_path_openat+0x10/0x10
[  209.541334][ T7815]  ? filp_open+0x1d/0x80
[  209.541357][ T7815]  ? target_core_item_dbroot_store+0x108/0x350
[  209.541399][ T7815]  ? configfs_write_iter+0x303/0x4e0
[  209.541432][ T7815]  ? vfs_write+0x6c7/0x1150
[  209.541462][ T7815]  ? ksys_write+0x12a/0x250
[  209.541492][ T7815]  ? do_syscall_64+0xcd/0x490
[  209.541514][ T7815]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.541541][ T7815]  do_filp_open+0x20b/0x470
[  209.541574][ T7815]  ? __pfx_do_filp_open+0x10/0x10
[  209.541619][ T7815]  ? find_held_lock+0x2b/0x80
[  209.541643][ T7815]  file_open_name+0x2a3/0x450
[  209.541670][ T7815]  ? __pfx_file_open_name+0x10/0x10
[  209.541695][ T7815]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[  209.541729][ T7815]  ? getname_kernel+0x52/0x370
[  209.541751][ T7815]  ? __asan_memcpy+0x3c/0x60
[  209.541782][ T7815]  filp_open+0x4b/0x80
[  209.541806][ T7815]  target_core_item_dbroot_store+0x108/0x350
[  209.541841][ T7815]  configfs_write_iter+0x303/0x4e0
[  209.541877][ T7815]  vfs_write+0x6c7/0x1150
[  209.541909][ T7815]  ? __pfx_configfs_write_iter+0x10/0x10
[  209.541944][ T7815]  ? __pfx___mutex_lock+0x10/0x10
[  209.541965][ T7815]  ? __pfx_vfs_write+0x10/0x10
[  209.542007][ T7815]  ksys_write+0x12a/0x250
[  209.542039][ T7815]  ? __pfx_ksys_write+0x10/0x10
[  209.542075][ T7815]  do_syscall_64+0xcd/0x490
[  209.542096][ T7815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.542119][ T7815] RIP: 0033:0x7fa6fa78e969
[  209.542138][ T7815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.542160][ T7815] RSP: 002b:00007fa6f85f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  209.542181][ T7815] RAX: ffffffffffffffda RBX: 00007fa6fa9b5fa0 RCX: 00007fa6fa78e969
[  209.542196][ T7815] RDX: 000000000000006e RSI: 0000200000000040 RDI: 0000000000000003
[  209.542210][ T7815] RBP: 00007fa6fa810ab1 R08: 0000000000000000 R09: 0000000000000000
[  209.542224][ T7815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  209.542237][ T7815] R13: 0000000000000000 R14: 00007fa6fa9b5fa0 R15: 00007ffc135fe8e8
[  209.542257][ T7815]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  210.013489][   T30] audit: type=1804 audit(6043974687.020:4): pid=7815 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.578" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=15334 res=1 errno=0
[  210.013530][ T7815] db_root: not a directory: /sys/kernel/config/target/dbroot
[  210.925938][   T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.018405][   T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.096479][   T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.176550][   T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.430624][   T36] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.499371][   T36] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.581932][   T36] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.688901][   T36] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.806414][   T36] bridge_slave_1: left allmulticast mode
[  211.812149][   T36] bridge_slave_1: left promiscuous mode
[  211.833385][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.847688][   T36] bridge_slave_0: left allmulticast mode
[  211.866018][   T36] bridge_slave_0: left promiscuous mode
[  211.871800][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.895708][   T36] bridge_slave_1: left allmulticast mode
[  211.901433][   T36] bridge_slave_1: left promiscuous mode
[  211.914741][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.937394][   T36] bridge_slave_0: left allmulticast mode
[  211.943097][   T36] bridge_slave_0: left promiscuous mode
[  211.958628][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.142361][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.153172][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.163531][   T36] bond0 (unregistering): Released all slaves
[  212.263101][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.276493][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.295800][   T36] bond0 (unregistering): Released all slaves
[  212.706698][   T36] hsr_slave_0: left promiscuous mode
[  212.713485][   T36] hsr_slave_1: left promiscuous mode
[  212.719600][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  212.727356][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  212.736849][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  212.744376][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.756966][   T36] hsr_slave_0: left promiscuous mode
[  212.762666][   T36] hsr_slave_1: left promiscuous mode
[  212.768489][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  212.775993][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  212.783809][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  212.791245][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.804123][   T36] veth1_macvtap: left promiscuous mode
[  212.809639][   T36] veth0_macvtap: left promiscuous mode
[  212.816339][   T36] veth1_macvtap: left promiscuous mode
[  212.821849][   T36] veth0_macvtap: left promiscuous mode
[  212.827468][   T36] veth1_vlan: left promiscuous mode
[  212.832863][   T36] veth0_vlan: left promiscuous mode
[  212.976712][   T36] team0 (unregistering): Port device team_slave_1 removed
[  212.991756][   T36] team0 (unregistering): Port device team_slave_0 removed
[  213.162496][   T36] team0 (unregistering): Port device team_slave_1 removed
[  213.175730][   T36] team0 (unregistering): Port device team_slave_0 removed
[  213.711826][   T36] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.772022][   T36] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.820173][   T36] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.894039][   T36] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.998268][   T36] bridge_slave_1: left allmulticast mode
[  214.004060][   T36] bridge_slave_1: left promiscuous mode
[  214.010011][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.018875][   T36] bridge_slave_0: left allmulticast mode
[  214.025055][   T36] bridge_slave_0: left promiscuous mode
[  214.032026][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.155512][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  214.166135][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  214.177007][   T36] bond0 (unregistering): Released all slaves
[  214.404889][   T36] hsr_slave_0: left promiscuous mode
[  214.410743][   T36] hsr_slave_1: left promiscuous mode
[  214.420723][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  214.430731][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  214.440977][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  214.448662][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.460878][   T36] veth1_macvtap: left promiscuous mode
[  214.466639][   T36] veth0_macvtap: left promiscuous mode
[  214.472356][   T36] veth1_vlan: left promiscuous mode
[  214.478814][   T36] veth0_vlan: left promiscuous mode
[  214.691819][   T36] team0 (unregistering): Port device team_slave_1 removed
[  214.730050][   T36] team0 (unregistering): Port device team_slave_0 removed