last executing test programs:

3m50.50916434s ago: executing program 1 (id=3499):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
pipe$auto(0x0)
dup2$auto(0x5, 0x4)
write$auto(0x6, 0x0, 0x100000001)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9)

3m47.137590386s ago: executing program 1 (id=3508):
socket(0x10, 0x3, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/nbd14/sched/write1_fifo_list\x00', 0x189e42, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="1b0026bd7400fddbdf250300000004000800100003800c000980"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

3m46.744829499s ago: executing program 1 (id=3513):
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x8880)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x58, 0x0)
r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/usbmon8\x00', 0x640, 0x0)
read$auto_mon_fops_binary_mon_bin(r0, 0x0, 0x2f)
ioctl$auto_MON_IOCG_STATS(r0, 0x80089203, 0x0)
chmod$auto(0x0, 0xf4ba)
close_range$auto(0x2, 0xa, 0x0)

3m46.266641344s ago: executing program 1 (id=3518):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
mkdir$auto(0x0, 0x353)

3m45.80464866s ago: executing program 1 (id=3520):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/usbip-vudc.0/usbip_sockfd\x00', 0x103841, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0x2, 0xd4, 0x3, 0x6, 0x0, 0x10000, 0x1, 0x2, {0x2100000000, 0x10000}, 0x3, 0x6, 0xffffffffffffffdd, 0x1008000, 0x0, 0x80000004, 0x0, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
socket$nl_generic(0x10, 0x3, 0x10)
epoll_pwait$auto(0xffffffffffffffff, 0x0, 0x0, 0x3, &(0x7f0000000180), 0x8)
write$auto(r0, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xabxo\xd9\x90\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xa5\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5Y\a\xc1\xe9(\x85R\x96\xe4\x86\\\x13\xa9\x1a&\x19\x8a9\x82\xf0\x83\f\xf7\xeb\x00\x00\x00\x00\x00\x00\x00\x00v\x92<e\x8b?#a\xa3 \xaa\x19\xde}\x10\xa4\x95\x02\x12\xbb\x13\xeb<\xc8x\x86\xc6\x12w2u\xe5\xb0\x8f\xda\x88R\xf4 @\xdc\x8e\xaa\xf0{\xa8,\xa3\xc7\x01\\\x03(\xc0\xb3\xf3\xf80eqo\x1a\xe0\xc6\xd9\xcf\xab\xf4_\xf2', 0x100000000)

3m45.459710303s ago: executing program 1 (id=3521):
mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4)
close_range$auto(0x2, 0xa, 0x0)
r0 = socket(0xa, 0x5, 0x0)
socket(0xa, 0x3, 0xff)
r1 = socket(0x2, 0x801, 0x100)
sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44010}, 0x20000054)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_ifindex=r2, r1, 0x9c, 0x0, 0x1, @relative_fd, 0x5}, 0x96)

3m45.125073324s ago: executing program 32 (id=3521):
mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4)
close_range$auto(0x2, 0xa, 0x0)
r0 = socket(0xa, 0x5, 0x0)
socket(0xa, 0x3, 0xff)
r1 = socket(0x2, 0x801, 0x100)
sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44010}, 0x20000054)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r2=>0x0})
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_ifindex=r2, r1, 0x9c, 0x0, 0x1, @relative_fd, 0x5}, 0x96)

2m33.287759938s ago: executing program 2 (id=4011):
sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c080}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
socket(0xa, 0x3, 0xff)
poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108)
close_range$auto(0x2, 0x8, 0x0)

2m32.977981833s ago: executing program 2 (id=4013):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x3, 0x6)
lstat$auto(&(0x7f0000000000)='./file1\x00', 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'team_slave_1\x00', <r1=>0x0})
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, &(0x7f0000021740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4004804)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}}, 0x20044000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x103, 0x300)

2m32.707033641s ago: executing program 2 (id=4016):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x2ff, 0x400, 0x2}]})

2m32.323463133s ago: executing program 2 (id=4017):
statmount$auto(0x0, 0x0, 0x10, 0xd)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0x2, 0x0)
unshare$auto(0x40000080)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0x8208ae63, 0x38)

2m31.536938914s ago: executing program 2 (id=4021):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
rename$auto(&(0x7f0000000480)='./file0\x00', 0x0)

2m30.933535882s ago: executing program 2 (id=4024):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000180), 0xffffffffffffffff)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0xe000)

2m15.649444306s ago: executing program 33 (id=4024):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000180), 0xffffffffffffffff)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0xe000)

6.734684406s ago: executing program 0 (id=4932):
open(0x0, 0xd02, 0xc3)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xffff, 0x3, 0x3)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
gettid()
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
unshare$auto(0x40000080)
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xd0, 0x0, 0x4)

6.507152932s ago: executing program 4 (id=4935):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
read$auto(r1, 0x0, 0x20)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3)
socket(0xa, 0x1, 0x100)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
socket(0x21, 0x3, 0x9)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)

5.351918838s ago: executing program 0 (id=4939):
socket(0x15, 0x5, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x10000000000048, 0x0)
r0 = fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xc048aec8, r0)

5.280401994s ago: executing program 4 (id=4940):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0)
openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/buffer_percent\x00', 0x6c0002, 0x0)
ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r0, 0x4018bc13, 0x0)
clone$auto(0x6, 0x2, 0x0, 0x0, 0xff)

5.13425212s ago: executing program 0 (id=4941):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000940)={'hsr0\x00', <r1=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x60, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_AGE={0x8, 0x3, 0x200}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IF1_AGE={0x8, 0x3, 0x400}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_IFINDEX={0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='h'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

5.037501609s ago: executing program 5 (id=4942):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x100000000000007, 0x0)
r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x40080, 0x0)
ioctl$auto_UI_DEV_SETUP(r2, 0x405c5503, 0x0)
ioctl$auto_UI_DEV_CREATE(r2, 0x5501, 0x0)

4.851428444s ago: executing program 0 (id=4944):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x4000804)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60642, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x10000009b72, 0x2, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x400100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
read$auto(r0, 0x0, 0x39b8)

3.864977949s ago: executing program 5 (id=4945):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0482, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/hugepages-256kB/stats/shmem_fallback_charge\x00', 0x101100, 0x0)
socket(0x23, 0x80805, 0x0)
memfd_secret$auto(0x0)
pipe$auto(&(0x7f0000000280)=r0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3e, 0x9, 0xbb7f, 0x6]}, 0x0)

3.633981892s ago: executing program 4 (id=4947):
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
socket(0x10, 0x2, 0xf)
mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0xc00, 0x0)
fanotify_init$auto(0x65, 0x2)
pipe$auto(0x0)
r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
write$auto(r0, 0x0, 0xc3)

3.605072709s ago: executing program 5 (id=4948):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800)
bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xb, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x3624239c, 0xfffff5b2, 0x3bb, 0x8000007, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

3.440774267s ago: executing program 5 (id=4950):
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
setrlimit$auto(0xb, 0x0)
r0 = gettid()
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x11, 0x3, 0x9)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
tkill$auto(r0, 0x7)

3.159925204s ago: executing program 5 (id=4952):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x1c9180, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x47, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(0xffffffffffffffff, 0x0, 0x40)
mincore$auto(0x1000, 0x8001, 0x0)
fcntl$auto(0x8000000000000001, 0x7, 0x8)
fcntl$auto(0x8000000000000001, 0x26, 0x8)
clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6)
fcntl$auto(0x8000000000000001, 0x26, 0x8)
close_range$auto(0x2, 0x8, 0x0)

2.756474931s ago: executing program 4 (id=4953):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0x2, 0x5, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x13, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0x2}, 0x1002}, 0x739618ce, 0x311)
unshare$auto(0x40000080)
recvfrom$auto(0x3, 0x0, 0x800000000a, 0x3, 0x0, 0xfffffffffffffffd)

2.27328872s ago: executing program 3 (id=4955):
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x1, 0x100)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b)
socket(0x2a, 0x2, 0x6)
socket(0xa, 0x801, 0x84)
getsockopt$auto(0x6, 0x84, 0x22, 0x0, 0x0)

1.974446927s ago: executing program 5 (id=4956):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0)
openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/buffer_percent\x00', 0x6c0002, 0x0)
ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r0, 0x4018bc13, 0x0)
clone$auto(0x6, 0x2, 0x0, 0x0, 0xff)

1.63115243s ago: executing program 4 (id=4957):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0)
ioctl$auto(0x3, 0xc0303e03, r0)

1.250474943s ago: executing program 3 (id=4958):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x5, 0x80000000, 0x0)
socket(0xa, 0x5, 0x0)
socket(0xa, 0x801, 0x84)
connect$auto(0x3, 0x0, 0x55)
listen$auto(0x3, 0x81)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8)
accept$auto(0x3, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)

1.050911008s ago: executing program 3 (id=4959):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8})
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/arch_status\x00', 0x200, 0x0)
socket(0x2, 0x802, 0x1)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)

867.292249ms ago: executing program 3 (id=4960):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
semctl$auto(0x100, 0xfffffffffffffffa, 0x3, 0x8)
r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x20002, 0x0)
ioctl$auto(r1, 0x560a, r2)

387.907279ms ago: executing program 4 (id=4961):
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x80, 0x0)
mmap$auto(0x0, 0x400008, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x200007, 0x19)
r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
socket(0x2b, 0x1, 0x0)
openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
unshare$auto(0x40000080)
read$auto(0x3, 0x0, 0x80)
ioctl$auto_TUNGETIFF(r0, 0x800454d2, 0x0)

271.331143ms ago: executing program 3 (id=4962):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/numa_balancing\x00', 0x2002, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x2, 0x1)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/icmp\x00', 0xc0880, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000001b40)='/dev/cuse\x00', 0x40, 0x0)
pread64$auto(r0, 0x0, 0x1ffffffffffe, 0x8)

197.039665ms ago: executing program 0 (id=4963):
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
mknod$auto(&(0x7f0000000280)='X))\x00', 0x63c5, 0x7bf)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001280)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x20042, 0x0)
ioctl$auto_UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, &(0x7f0000000440)=0x1)
close_range$auto(0x2, 0x8, 0x0)
bpf$auto(0x2, 0x0, 0xc)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vkms/graphics/fb0/bits_per_pixel\x00', 0x82942, 0x0)
sendfile$auto(r0, r0, 0x0, 0x200)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0)

100.91195ms ago: executing program 3 (id=4964):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/traceSMB\x00', 0x0, 0x0)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(0x3, 0x0, 0x1f40)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0xc00000, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mlockall$auto(0x7)

0s ago: executing program 0 (id=4965):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000040)={0x28, 0x0, 0x1, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x5}, @ETHTOOL_A_LINKMODES_HEADER={0x6d, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008801}, 0x24000802)
close_range$auto(0x2, 0x8, 0x0)
socket(0x29, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf251bee05ba000000000000000008"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf251c"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

kernel console output (not intermixed with test programs):

1.105672][T13223]  do_syscall_64+0xcd/0x230
[  421.105718][T13223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.105746][T13223] RIP: 0033:0x7fc20238e969
[  421.105769][T13223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  421.105795][T13223] RSP: 002b:00007fc203201038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  421.105823][T13223] RAX: ffffffffffffffda RBX: 00007fc2025b5fa0 RCX: 00007fc20238e969
[  421.105842][T13223] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  421.105858][T13223] RBP: 00007fc202410ab1 R08: 0000000000000000 R09: 0000000000000000
[  421.105875][T13223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  421.105892][T13223] R13: 0000000000000000 R14: 00007fc2025b5fa0 R15: 00007ffd3d8290e8
[  421.105931][T13223]  </TASK>
[  421.637582][T13234] netlink: 86 bytes leftover after parsing attributes in process `syz.0.2853'.
[  421.868596][T13239] netlink: 'syz.1.2854': attribute type 16 has an invalid length.
[  421.924881][T13239] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2854'.
[  424.463767][T13293] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2875'.
[  425.656710][T13325] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2888'.
[  425.670992][T13325] netlink: 9 bytes leftover after parsing attributes in process `syz.3.2888'.
[  425.681856][T13325] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2888'.
[  425.888354][T13331] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2891'.
[  425.943155][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  425.953299][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  426.347368][ T5842] Bluetooth: hci2: unexpected event 0x05 length: 440 > 4
[  426.553663][T13347] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2898'.
[  427.430112][T13375] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2911'.
[  427.509865][T13377] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2912'.
[  428.057451][T13399] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2922'.
[  428.321883][T13404] FAULT_INJECTION: forcing a failure.
[  428.321883][T13404] name failslab, interval 1, probability 0, space 0, times 0
[  428.337533][T13404] CPU: 1 UID: 0 PID: 13404 Comm: syz.1.2924 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  428.337576][T13404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  428.337593][T13404] Call Trace:
[  428.337602][T13404]  <TASK>
[  428.337614][T13404]  dump_stack_lvl+0x16c/0x1f0
[  428.337663][T13404]  should_fail_ex+0x512/0x640
[  428.337707][T13404]  ? __kvmalloc_node_noprof+0x122/0x600
[  428.337744][T13404]  should_failslab+0xc2/0x120
[  428.337782][T13404]  __kvmalloc_node_noprof+0x135/0x600
[  428.337814][T13404]  ? lockdep_init_map_type+0x5c/0x280
[  428.337855][T13404]  ? __v4l2_subdev_state_alloc+0x1a7/0x400
[  428.337897][T13404]  ? __v4l2_subdev_state_alloc+0x1a7/0x400
[  428.337929][T13404]  __v4l2_subdev_state_alloc+0x1a7/0x400
[  428.337965][T13404]  subdev_open+0xa6/0x560
[  428.337998][T13404]  v4l2_open+0x222/0x490
[  428.338038][T13404]  ? __pfx_v4l2_open+0x10/0x10
[  428.338072][T13404]  chrdev_open+0x234/0x6a0
[  428.338101][T13404]  ? __pfx_apparmor_file_open+0x10/0x10
[  428.338137][T13404]  ? __pfx_chrdev_open+0x10/0x10
[  428.338173][T13404]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  428.338235][T13404]  do_dentry_open+0x741/0x1c10
[  428.338268][T13404]  ? __pfx_chrdev_open+0x10/0x10
[  428.338309][T13404]  vfs_open+0x82/0x3f0
[  428.338353][T13404]  path_openat+0x1e5e/0x2d40
[  428.338399][T13404]  ? __pfx_path_openat+0x10/0x10
[  428.338439][T13404]  do_filp_open+0x20b/0x470
[  428.338467][T13404]  ? __pfx_do_filp_open+0x10/0x10
[  428.338526][T13404]  ? alloc_fd+0x471/0x7d0
[  428.338584][T13404]  do_sys_openat2+0x11b/0x1d0
[  428.338624][T13404]  ? __pfx_do_sys_openat2+0x10/0x10
[  428.338681][T13404]  __x64_sys_openat+0x174/0x210
[  428.338720][T13404]  ? __pfx___x64_sys_openat+0x10/0x10
[  428.338762][T13404]  ? rcu_is_watching+0x12/0xc0
[  428.338803][T13404]  do_syscall_64+0xcd/0x230
[  428.338851][T13404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.338881][T13404] RIP: 0033:0x7fc20238e969
[  428.338906][T13404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  428.338934][T13404] RSP: 002b:00007fc203201038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  428.338962][T13404] RAX: ffffffffffffffda RBX: 00007fc2025b5fa0 RCX: 00007fc20238e969
[  428.338982][T13404] RDX: 0000000000080000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  428.339000][T13404] RBP: 00007fc202410ab1 R08: 0000000000000000 R09: 0000000000000000
[  428.339017][T13404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  428.339034][T13404] R13: 0000000000000000 R14: 00007fc2025b5fa0 R15: 00007ffd3d8290e8
[  428.339073][T13404]  </TASK>
[  428.710231][T13409] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2925'.
[  429.847773][T13440] __nla_validate_parse: 2 callbacks suppressed
[  429.847801][T13440] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2938'.
[  429.897102][T13440] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2938'.
[  431.466426][T13478] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2950'.
[  432.719585][T13504] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2960'.
[  432.919498][T13507] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2961'.
[  432.932455][T13507] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2961'.
[  433.016160][T13510] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input6
[  433.305758][T13517] netlink: 'syz.1.2964': attribute type 27 has an invalid length.
[  433.356052][T13517] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2964'.
[  434.965247][T13543] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2975'.
[  437.765550][T13605] FAULT_INJECTION: forcing a failure.
[  437.765550][T13605] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  437.804429][T13605] CPU: 1 UID: 0 PID: 13605 Comm: syz.2.2995 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  437.804476][T13605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  437.804494][T13605] Call Trace:
[  437.804505][T13605]  <TASK>
[  437.804518][T13605]  dump_stack_lvl+0x16c/0x1f0
[  437.804568][T13605]  should_fail_ex+0x512/0x640
[  437.804621][T13605]  should_fail_alloc_page+0xe7/0x130
[  437.804664][T13605]  prepare_alloc_pages+0x3c2/0x610
[  437.804714][T13605]  ? rcu_is_watching+0x12/0xc0
[  437.804748][T13605]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  437.804793][T13605]  ? cgroup_rstat_updated+0x2a/0xb20
[  437.804851][T13605]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  437.804894][T13605]  ? __asan_memcpy+0x3c/0x60
[  437.804930][T13605]  ? __pfx_interleave_nid+0x10/0x10
[  437.804975][T13605]  ? __lock_acquire+0x5ca/0x1ba0
[  437.805042][T13605]  ? policy_nodemask+0xea/0x4e0
[  437.805084][T13605]  alloc_pages_mpol+0x1fb/0x550
[  437.805123][T13605]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  437.805163][T13605]  ? __lock_acquire+0x5ca/0x1ba0
[  437.805209][T13605]  folio_alloc_mpol_noprof+0x36/0x2f0
[  437.805256][T13605]  vma_alloc_folio_noprof+0xed/0x1e0
[  437.805297][T13605]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  437.805345][T13605]  do_pte_missing+0x223d/0x3fb0
[  437.805399][T13605]  __handle_mm_fault+0x103d/0x2a40
[  437.805444][T13605]  ? __pfx___handle_mm_fault+0x10/0x10
[  437.805474][T13605]  ? __pte_offset_map_lock+0x155/0x2f0
[  437.805520][T13605]  ? find_held_lock+0x2b/0x80
[  437.805549][T13605]  ? find_held_lock+0x2b/0x80
[  437.805608][T13605]  handle_mm_fault+0x3fe/0xad0
[  437.805650][T13605]  __get_user_pages+0x771/0x36f0
[  437.805711][T13605]  ? __pfx_mt_find+0x10/0x10
[  437.805741][T13605]  ? __pfx___get_user_pages+0x10/0x10
[  437.805804][T13605]  populate_vma_page_range+0x278/0x3a0
[  437.805837][T13605]  ? __pfx_populate_vma_page_range+0x10/0x10
[  437.805866][T13605]  ? __pfx_find_vma_intersection+0x10/0x10
[  437.805915][T13605]  ? do_mmap+0x69c/0x11b0
[  437.805966][T13605]  __mm_populate+0x1d8/0x380
[  437.805998][T13605]  ? __pfx___mm_populate+0x10/0x10
[  437.806031][T13605]  ? up_write+0x1b2/0x520
[  437.806079][T13605]  vm_mmap_pgoff+0x362/0x450
[  437.806127][T13605]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  437.806173][T13605]  ? do_set_mempolicy+0x220/0x480
[  437.806216][T13605]  ? __x64_sys_futex+0x1e0/0x4c0
[  437.806248][T13605]  ? __x64_sys_futex+0x1e9/0x4c0
[  437.806288][T13605]  ksys_mmap_pgoff+0x7d/0x5c0
[  437.806331][T13605]  ? rcu_is_watching+0x12/0xc0
[  437.806371][T13605]  __x64_sys_mmap+0x125/0x190
[  437.806406][T13605]  do_syscall_64+0xcd/0x230
[  437.806452][T13605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.806483][T13605] RIP: 0033:0x7f3440d8e969
[  437.806510][T13605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  437.806540][T13605] RSP: 002b:00007f3441cb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  437.806569][T13605] RAX: ffffffffffffffda RBX: 00007f3440fb5fa0 RCX: 00007f3440d8e969
[  437.806587][T13605] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  437.806604][T13605] RBP: 00007f3440e10ab1 R08: 0000000000000002 R09: 0000000000008000
[  437.806620][T13605] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  437.806635][T13605] R13: 0000000000000000 R14: 00007f3440fb5fa0 R15: 00007ffd683a59a8
[  437.806674][T13605]  </TASK>
[  439.124411][T13623] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3002'.
[  439.174946][T13621] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3000'.
[  439.819758][T13637] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3007'.
[  440.025210][T13642] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3009'.
[  440.037880][T13642] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3009'.
[  441.422263][T13677] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3024'.
[  441.643624][ T5842] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  441.643671][ T5842] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  441.668211][ T5842] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  441.668290][ T5842] Bluetooth: hci0: Malformed LE Event: 0x0d
[  442.108815][T13685] netlink: 186 bytes leftover after parsing attributes in process `syz.0.3028'.
[  442.292633][T13666] kexec: Could not allocate control_code_buffer
[  444.316262][T13745] netlink: 'syz.2.3050': attribute type 4 has an invalid length.
[  445.826180][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  445.834168][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  447.783608][T13833] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3092'.
[  452.170075][  T975] smpboot: CPU 0 is now offline
[  452.774030][T13953] netlink: 146 bytes leftover after parsing attributes in process `syz.0.3129'.
[  453.235453][T13963] netlink: 'syz.0.3133': attribute type 21 has an invalid length.
[  453.262657][T13963] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3133'.
[  453.294244][T13965] netlink: 326 bytes leftover after parsing attributes in process `syz.1.3134'.
[  455.369786][T14002] Invalid ELF header magic: != ELF
[  456.165196][T14018] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3152'.
[  456.423643][T14022] netlink: 'syz.2.3153': attribute type 19 has an invalid length.
[  456.445321][T14023] netlink: 'syz.1.3154': attribute type 27 has an invalid length.
[  456.473877][T14023] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3154'.
[  456.494446][T14022] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3153'.
[  456.822178][T14030] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3157'.
[  457.566350][T14046] netlink: 'syz.1.3162': attribute type 28 has an invalid length.
[  457.605400][T14046] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3162'.
[  460.118676][T14098] netlink: 'syz.2.3184': attribute type 28 has an invalid length.
[  460.170039][T14103] netlink: 'syz.2.3184': attribute type 28 has an invalid length.
[  460.214318][T14098] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3184'.
[  460.292944][T14103] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3184'.
[  462.730922][T14145] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3202'.
[  463.798677][T14153] netlink: 146 bytes leftover after parsing attributes in process `syz.1.3205'.
[  465.131773][T14187] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3215'.
[  465.784431][T14201] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3220'.
[  468.820818][ T5842] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  470.439250][T14306] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3249'.
[  471.116412][T14326] sctp: [Deprecated]: syz.3.3256 (pid 14326) Use of struct sctp_assoc_value in delayed_ack socket option.
[  471.116412][T14326] Use struct sctp_sack_info instead
[  472.223616][T14357] Invalid ELF header magic: != ELF
[  473.176047][T14388] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3283'.
[  473.297350][T14382] netlink: 186 bytes leftover after parsing attributes in process `syz.0.3280'.
[  473.356555][T14382] netlink: 186 bytes leftover after parsing attributes in process `syz.0.3280'.
[  473.464598][T14395] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3285'.
[  474.189920][T14412] sock: sock_timestamping_bind_phc: sock not bind to device
[  474.440298][T14422] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3299'.
[  474.651430][T14427] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3301'.
[  474.741693][T14429] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3302'.
[  474.860662][T14433] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3304'.
[  475.231146][T14444] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3309'.
[  475.281937][T14444] bridge0: port 3(vlan1) entered disabled state
[  475.483500][T14444] vlan1 (unregistering): left allmulticast mode
[  475.506393][T14444] vlan1 (unregistering): left promiscuous mode
[  475.529326][T14444] bridge0: port 3(vlan1) entered disabled state
[  475.567047][ T5842] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  477.530645][T14494] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3327'.
[  479.220881][T14533] __nla_validate_parse: 3 callbacks suppressed
[  479.220897][T14533] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3343'.
[  479.891466][T14556] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  479.891466][T14556] The task syz.1.3353 (14556) triggered the difference, watch for misbehavior.
[  480.153540][T14567] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  480.369654][T14571] netlink: 30 bytes leftover after parsing attributes in process `syz.2.3359'.
[  480.716830][T14573] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3360'.
[  480.747655][T14583] FAULT_INJECTION: forcing a failure.
[  480.747655][T14583] name failslab, interval 1, probability 0, space 0, times 0
[  480.794504][T14585] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3365'.
[  480.809220][T14583] CPU: 1 UID: 0 PID: 14583 Comm: syz.2.3364 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  480.809249][T14583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  480.809259][T14583] Call Trace:
[  480.809266][T14583]  <TASK>
[  480.809272][T14583]  dump_stack_lvl+0x16c/0x1f0
[  480.809304][T14583]  should_fail_ex+0x512/0x640
[  480.809329][T14583]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  480.809352][T14583]  should_failslab+0xc2/0x120
[  480.809374][T14583]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  480.809392][T14583]  ? __pfx___might_resched+0x10/0x10
[  480.809411][T14583]  ? __anon_vma_prepare+0x344/0x5e0
[  480.809434][T14583]  __anon_vma_prepare+0x344/0x5e0
[  480.809455][T14583]  __vmf_anon_prepare+0x11c/0x240
[  480.809481][T14583]  do_pte_missing+0x1194/0x3fb0
[  480.809499][T14583]  ? find_held_lock+0x2b/0x80
[  480.809516][T14583]  ? __handle_mm_fault+0x1010/0x2a40
[  480.809537][T14583]  __handle_mm_fault+0x103d/0x2a40
[  480.809560][T14583]  ? __pfx___handle_mm_fault+0x10/0x10
[  480.809577][T14583]  ? __pte_offset_map_lock+0x155/0x2f0
[  480.809600][T14583]  ? find_held_lock+0x2b/0x80
[  480.809615][T14583]  ? find_held_lock+0x2b/0x80
[  480.809644][T14583]  handle_mm_fault+0x3fe/0xad0
[  480.809665][T14583]  __get_user_pages+0x771/0x36f0
[  480.809697][T14583]  ? __pfx_mt_find+0x10/0x10
[  480.809713][T14583]  ? __pfx___get_user_pages+0x10/0x10
[  480.809747][T14583]  populate_vma_page_range+0x278/0x3a0
[  480.809772][T14583]  ? __pfx_populate_vma_page_range+0x10/0x10
[  480.809788][T14583]  ? __pfx_find_vma_intersection+0x10/0x10
[  480.809814][T14583]  ? do_mmap+0x69c/0x11b0
[  480.809840][T14583]  __mm_populate+0x1d8/0x380
[  480.809857][T14583]  ? __pfx___mm_populate+0x10/0x10
[  480.809875][T14583]  ? up_write+0x1b2/0x520
[  480.809901][T14583]  vm_mmap_pgoff+0x362/0x450
[  480.809929][T14583]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  480.809953][T14583]  ? __pfx_alarmtimer_nsleep_wakeup+0x10/0x10
[  480.809976][T14583]  ? __x64_sys_futex+0x1e0/0x4c0
[  480.809993][T14583]  ? __x64_sys_futex+0x1e9/0x4c0
[  480.810014][T14583]  ksys_mmap_pgoff+0x7d/0x5c0
[  480.810038][T14583]  ? rcu_is_watching+0x12/0xc0
[  480.810057][T14583]  __x64_sys_mmap+0x125/0x190
[  480.810076][T14583]  do_syscall_64+0xcd/0x230
[  480.810102][T14583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.810118][T14583] RIP: 0033:0x7f3440d8e969
[  480.810133][T14583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  480.810149][T14583] RSP: 002b:00007f3441cb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  480.810166][T14583] RAX: ffffffffffffffda RBX: 00007f3440fb5fa0 RCX: 00007f3440d8e969
[  480.810177][T14583] RDX: 0000000400000072 RSI: 0000000000000009 RDI: 0000000000000000
[  480.810187][T14583] RBP: 00007f3440e10ab1 R08: 0000001000000002 R09: 0000000000008000
[  480.810197][T14583] R10: 0000000000008b72 R11: 0000000000000246 R12: 0000000000000000
[  480.810206][T14583] R13: 0000000000000000 R14: 00007f3440fb5fa0 R15: 00007ffd683a59a8
[  480.810228][T14583]  </TASK>
[  481.471067][T14596] netlink: 266 bytes leftover after parsing attributes in process `syz.0.3369'.
[  481.480508][T14596] IPv6: NLM_F_CREATE should be specified when creating new route
[  481.651182][T14602] netlink: 326 bytes leftover after parsing attributes in process `syz.1.3372'.
[  481.845775][T14608] FAULT_INJECTION: forcing a failure.
[  481.845775][T14608] name failslab, interval 1, probability 0, space 0, times 0
[  481.860810][ T5140] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  481.892420][T14608] CPU: 1 UID: 0 PID: 14608 Comm: syz.1.3373 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  481.892447][T14608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  481.892458][T14608] Call Trace:
[  481.892464][T14608]  <TASK>
[  481.892471][T14608]  dump_stack_lvl+0x16c/0x1f0
[  481.892501][T14608]  should_fail_ex+0x512/0x640
[  481.892526][T14608]  ? __kmalloc_noprof+0xbf/0x510
[  481.892547][T14608]  ? lsm_blob_alloc+0x68/0x90
[  481.892561][T14608]  should_failslab+0xc2/0x120
[  481.892582][T14608]  __kmalloc_noprof+0xd2/0x510
[  481.892606][T14608]  lsm_blob_alloc+0x68/0x90
[  481.892622][T14608]  security_sk_alloc+0x30/0x270
[  481.892642][T14608]  sk_prot_alloc+0xfb/0x2a0
[  481.892669][T14608]  sk_alloc+0x36/0xc20
[  481.892688][T14608]  inet_create+0x3a1/0x1090
[  481.892713][T14608]  ? inet_create+0x93/0x1090
[  481.892752][T14608]  __sock_create+0x335/0x8d0
[  481.892782][T14608]  __sys_socket+0x14d/0x260
[  481.892798][T14608]  ? __pfx___sys_socket+0x10/0x10
[  481.892814][T14608]  ? rcu_is_watching+0x12/0xc0
[  481.892835][T14608]  __x64_sys_socket+0x72/0xb0
[  481.892849][T14608]  ? lockdep_hardirqs_on+0x7c/0x110
[  481.892873][T14608]  do_syscall_64+0xcd/0x230
[  481.892900][T14608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.892917][T14608] RIP: 0033:0x7fc20238e969
[  481.892932][T14608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.892947][T14608] RSP: 002b:00007fc203201038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  481.892964][T14608] RAX: ffffffffffffffda RBX: 00007fc2025b5fa0 RCX: 00007fc20238e969
[  481.892974][T14608] RDX: 0000000000000106 RSI: 0000000000000001 RDI: 0000000000000002
[  481.892984][T14608] RBP: 00007fc202410ab1 R08: 0000000000000000 R09: 0000000000000000
[  481.892993][T14608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  481.893003][T14608] R13: 0000000000000000 R14: 00007fc2025b5fa0 R15: 00007ffd3d8290e8
[  481.893023][T14608]  </TASK>
[  482.223795][T14613] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3375'.
[  482.876191][T14627] dlm: Unknown command passed to DLM device : 0
[  482.876191][T14627] 
[  483.188285][T14642] TCP: TCP_TX_DELAY enabled
[  483.207946][T14644] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3388'.
[  483.726500][ T5842] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  484.366990][T14675] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3400'.
[  484.413571][ T5842] Bluetooth: hci3: unexpected event 0x06 length: 440 > 3
[  484.445119][T14679] netlink: 314 bytes leftover after parsing attributes in process `syz.0.3403'.
[  484.704418][T14675] bridge0: port 3(vlan1) entered disabled state
[  484.870213][T14675] vlan1 (unregistering): left allmulticast mode
[  484.926440][T14675] vlan1 (unregistering): left promiscuous mode
[  484.997901][T14675] bridge0: port 3(vlan1) entered disabled state
[  485.446017][   T30] audit: type=1326 audit(4294967434.660:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14696 comm="syz.0.3411" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6f7ab8e969 code=0x0
[  486.165416][T14714] netlink: 'syz.1.3417': attribute type 17 has an invalid length.
[  486.204339][T14714] netlink: 326 bytes leftover after parsing attributes in process `syz.1.3417'.
[  486.768599][T14722] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3419'.
[  486.852555][T14725] netlink: 326 bytes leftover after parsing attributes in process `syz.1.3421'.
[  487.099456][T14733] netlink: 350 bytes leftover after parsing attributes in process `syz.3.3425'.
[  489.882656][T14797] netlink: 326 bytes leftover after parsing attributes in process `syz.0.3450'.
[  489.984320][ T5842] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  489.992513][ T5842] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  490.142362][T14805] netlink: 'syz.2.3453': attribute type 4 has an invalid length.
[  490.171435][T14805] netlink: 314 bytes leftover after parsing attributes in process `syz.2.3453'.
[  491.035903][T14822] netlink: 346 bytes leftover after parsing attributes in process `syz.0.3460'.
[  491.161277][T14824] FAULT_INJECTION: forcing a failure.
[  491.161277][T14824] name failslab, interval 1, probability 0, space 0, times 0
[  491.279262][T14824] CPU: 1 UID: 0 PID: 14824 Comm: syz.1.3461 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  491.279291][T14824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  491.279302][T14824] Call Trace:
[  491.279308][T14824]  <TASK>
[  491.279315][T14824]  dump_stack_lvl+0x16c/0x1f0
[  491.279345][T14824]  should_fail_ex+0x512/0x640
[  491.279371][T14824]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  491.279390][T14824]  should_failslab+0xc2/0x120
[  491.279412][T14824]  __kmalloc_cache_noprof+0x6a/0x3e0
[  491.279429][T14824]  ? percpu_ref_init+0xec/0x410
[  491.279451][T14824]  ? __pfx_io_ring_ctx_ref_free+0x10/0x10
[  491.279477][T14824]  percpu_ref_init+0xec/0x410
[  491.279501][T14824]  io_uring_setup+0x453/0x1ff0
[  491.279527][T14824]  ? __pfx_io_uring_setup+0x10/0x10
[  491.279548][T14824]  ? do_futex+0x122/0x350
[  491.279567][T14824]  ? __pfx_do_futex+0x10/0x10
[  491.279585][T14824]  ? fd_install+0x225/0x750
[  491.279611][T14824]  ? rcu_is_watching+0x12/0xc0
[  491.279641][T14824]  __x64_sys_io_uring_setup+0xc2/0x170
[  491.279664][T14824]  do_syscall_64+0xcd/0x230
[  491.279689][T14824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.279707][T14824] RIP: 0033:0x7fc20238e969
[  491.279722][T14824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.279738][T14824] RSP: 002b:00007fc203201038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  491.279756][T14824] RAX: ffffffffffffffda RBX: 00007fc2025b5fa0 RCX: 00007fc20238e969
[  491.279767][T14824] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  491.279777][T14824] RBP: 00007fc202410ab1 R08: 0000000000000000 R09: 0000000000000000
[  491.279787][T14824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  491.279798][T14824] R13: 0000000000000000 R14: 00007fc2025b5fa0 R15: 00007ffd3d8290e8
[  491.279818][T14824]  </TASK>
[  492.320679][T14847] netlink: 'syz.2.3470': attribute type 27 has an invalid length.
[  492.371089][T14847] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3470'.
[  494.000971][T14891] nbd: socks must be embedded in a SOCK_ITEM attr
[  494.020710][T14891] block nbd3: shutting down sockets
[  494.490366][T14901] netlink: 326 bytes leftover after parsing attributes in process `syz.0.3491'.
[  494.712999][T14914] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3495'.
[  496.204371][T14941] netlink: 326 bytes leftover after parsing attributes in process `syz.3.3503'.
[  496.730985][T14945] netlink: 'syz.2.3505': attribute type 1 has an invalid length.
[  499.107177][T14956] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3508'.
[  500.576761][T14950] kexec: Could not allocate control_code_buffer
[  501.496496][T14993] netlink: 146 bytes leftover after parsing attributes in process `syz.0.3526'.
[  501.699912][ T5140] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  501.716992][ T5140] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  501.725370][ T5140] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  501.737231][ T5140] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  501.745163][ T5140] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  502.106749][T15005] netlink: 138 bytes leftover after parsing attributes in process `syz.2.3530'.
[  502.366958][T14996] chnl_net:caif_netlink_parms(): no params data found
[  502.606090][T14996] bridge0: port 1(bridge_slave_0) entered blocking state
[  502.633343][T14996] bridge0: port 1(bridge_slave_0) entered disabled state
[  502.659039][T14996] bridge_slave_0: entered allmulticast mode
[  502.688859][T14996] bridge_slave_0: entered promiscuous mode
[  502.717582][T14996] bridge0: port 2(bridge_slave_1) entered blocking state
[  502.743172][T14996] bridge0: port 2(bridge_slave_1) entered disabled state
[  502.763370][T14996] bridge_slave_1: entered allmulticast mode
[  502.783246][T14996] bridge_slave_1: entered promiscuous mode
[  502.878230][T14996] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  502.902048][T14996] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  502.985975][T14996] team0: Port device team_slave_0 added
[  503.007982][T14996] team0: Port device team_slave_1 added
[  503.092580][T14996] batman_adv: batadv0: Adding interface: batadv_slave_0
[  503.121987][T14996] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  503.218881][T14996] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  503.266771][T14996] batman_adv: batadv0: Adding interface: batadv_slave_1
[  503.295405][T14996] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  503.392406][T14996] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  503.561376][T14996] hsr_slave_0: entered promiscuous mode
[  503.584840][T14996] hsr_slave_1: entered promiscuous mode
[  503.611579][T14996] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  503.646758][T14996] Cannot create hsr debugfs directory
[  503.824729][ T5140] Bluetooth: hci0: command tx timeout
[  504.211425][T14996] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  504.256568][T14996] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  504.328337][T14996] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  504.389407][T14996] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  504.426207][T15050] netlink: 146 bytes leftover after parsing attributes in process `syz.3.3546'.
[  504.689407][T14996] 8021q: adding VLAN 0 to HW filter on device bond0
[  504.792296][T14996] 8021q: adding VLAN 0 to HW filter on device team0
[  504.832924][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  504.840542][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  504.914023][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  504.921268][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  505.649030][T14996] 8021q: adding VLAN 0 to HW filter on device batadv0
[  505.909196][ T5140] Bluetooth: hci0: command tx timeout
[  506.556394][T14996] veth0_vlan: entered promiscuous mode
[  506.594561][T14996] veth1_vlan: entered promiscuous mode
[  506.735989][T14996] veth0_macvtap: entered promiscuous mode
[  506.777850][T14996] veth1_macvtap: entered promiscuous mode
[  506.870768][T14996] batman_adv: batadv0: Interface activated: batadv_slave_0
[  506.930831][T14996] batman_adv: batadv0: Interface activated: batadv_slave_1
[  506.989116][T14996] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  507.040599][T14996] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  507.078775][T14996] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  507.126635][T14996] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  507.271147][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  507.277753][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  507.511393][ T3457] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  507.567745][ T3457] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  507.650640][ T3457] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  507.694426][ T3457] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  507.986848][ T5140] Bluetooth: hci0: command tx timeout
[  508.037900][T15119] netlink: 504 bytes leftover after parsing attributes in process `syz.4.3522'.
[  508.078380][T15119] netlink: 504 bytes leftover after parsing attributes in process `syz.4.3522'.
[  508.430799][ T5140] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  509.627394][T15143] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3575'.
[  510.070854][ T5140] Bluetooth: hci0: command tx timeout
[  510.522032][T15158] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3580'.
[  511.216583][T15165] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3583'.
[  511.501867][T15172] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3587'.
[  511.568034][T15172] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3587'.
[  511.600256][T15175] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3588'.
[  511.625348][T15176] netlink: 102 bytes leftover after parsing attributes in process `syz.4.3587'.
[  511.650554][T15175] netlink: 354 bytes leftover after parsing attributes in process `syz.0.3588'.
[  512.966784][T15204] 
: renamed from gre0 (while UP)
[  513.147280][T15206] FAULT_INJECTION: forcing a failure.
[  513.147280][T15206] name failslab, interval 1, probability 0, space 0, times 0
[  513.201871][T15206] CPU: 1 UID: 0 PID: 15206 Comm: syz.2.3599 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  513.201899][T15206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  513.201909][T15206] Call Trace:
[  513.201915][T15206]  <TASK>
[  513.201922][T15206]  dump_stack_lvl+0x16c/0x1f0
[  513.201952][T15206]  should_fail_ex+0x512/0x640
[  513.201979][T15206]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  513.202003][T15206]  should_failslab+0xc2/0x120
[  513.202025][T15206]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  513.202047][T15206]  ? snd_timer_instance_new+0x65/0x2e0
[  513.202075][T15206]  kstrdup+0x53/0x100
[  513.202097][T15206]  snd_timer_instance_new+0x65/0x2e0
[  513.202121][T15206]  snd_seq_timer_open+0x1cc/0x5e0
[  513.202142][T15206]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  513.202163][T15206]  ? find_held_lock+0x2b/0x80
[  513.202183][T15206]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  513.202206][T15206]  ? lockdep_hardirqs_on+0x7c/0x110
[  513.202229][T15206]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  513.202258][T15206]  queue_use+0xe3/0x250
[  513.202273][T15206]  snd_seq_queue_alloc+0x2e5/0x550
[  513.202293][T15206]  snd_seq_ioctl_create_queue+0xa9/0x380
[  513.202316][T15206]  snd_seq_kernel_client_ctl+0x107/0x1c0
[  513.202343][T15206]  alloc_seq_queue+0xda/0x180
[  513.202375][T15206]  ? __pfx_alloc_seq_queue+0x10/0x10
[  513.202420][T15206]  ? mark_held_locks+0x49/0x80
[  513.202443][T15206]  ? _raw_spin_unlock_irq+0x23/0x50
[  513.202466][T15206]  snd_seq_oss_open+0x38c/0xa20
[  513.202494][T15206]  odev_open+0x6f/0x90
[  513.202514][T15206]  ? __pfx_odev_open+0x10/0x10
[  513.202535][T15206]  soundcore_open+0x409/0x580
[  513.202560][T15206]  ? __pfx_soundcore_open+0x10/0x10
[  513.202582][T15206]  chrdev_open+0x234/0x6a0
[  513.202600][T15206]  ? __pfx_apparmor_file_open+0x10/0x10
[  513.202623][T15206]  ? __pfx_chrdev_open+0x10/0x10
[  513.202643][T15206]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  513.202673][T15206]  do_dentry_open+0x741/0x1c10
[  513.202692][T15206]  ? __pfx_chrdev_open+0x10/0x10
[  513.202714][T15206]  vfs_open+0x82/0x3f0
[  513.202739][T15206]  path_openat+0x1e5e/0x2d40
[  513.202769][T15206]  ? __pfx_path_openat+0x10/0x10
[  513.202792][T15206]  do_filp_open+0x20b/0x470
[  513.202810][T15206]  ? __pfx_do_filp_open+0x10/0x10
[  513.202843][T15206]  ? alloc_fd+0x471/0x7d0
[  513.202876][T15206]  do_sys_openat2+0x11b/0x1d0
[  513.202898][T15206]  ? __pfx_do_sys_openat2+0x10/0x10
[  513.202930][T15206]  __x64_sys_openat+0x174/0x210
[  513.202953][T15206]  ? __pfx___x64_sys_openat+0x10/0x10
[  513.202977][T15206]  ? rcu_is_watching+0x12/0xc0
[  513.203000][T15206]  do_syscall_64+0xcd/0x230
[  513.203027][T15206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.203044][T15206] RIP: 0033:0x7f3440d8e969
[  513.203058][T15206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  513.203075][T15206] RSP: 002b:00007f3441cb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  513.203092][T15206] RAX: ffffffffffffffda RBX: 00007f3440fb5fa0 RCX: 00007f3440d8e969
[  513.203102][T15206] RDX: 0000000000000080 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  513.203113][T15206] RBP: 00007f3440e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  513.203122][T15206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  513.203132][T15206] R13: 0000000000000000 R14: 00007f3440fb5fa0 R15: 00007ffd683a59a8
[  513.203154][T15206]  </TASK>
[  514.628560][T15245] __nla_validate_parse: 5 callbacks suppressed
[  514.628577][T15245] netlink: 350 bytes leftover after parsing attributes in process `syz.2.3623'.
[  516.280808][T15248] kexec: Could not allocate control_code_buffer
[  516.649793][T15280] netlink: 'syz.4.3627': attribute type 19 has an invalid length.
[  516.659361][T15281] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3628'.
[  516.680285][T15280] netlink: 114 bytes leftover after parsing attributes in process `syz.4.3627'.
[  517.262835][T15293] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3632'.
[  517.636462][T15298] netlink: 'syz.2.3635': attribute type 5 has an invalid length.
[  517.673900][T15298] netlink: 314 bytes leftover after parsing attributes in process `syz.2.3635'.
[  518.184109][T15308] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3637'.
[  518.424021][T15313] netlink: 2 bytes leftover after parsing attributes in process `syz.2.3640'.
[  519.390556][T15300] kexec: Could not allocate control_code_buffer
[  519.572917][T15337] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3650'.
[  521.066299][T15365] FAULT_INJECTION: forcing a failure.
[  521.066299][T15365] name failslab, interval 1, probability 0, space 0, times 0
[  521.137905][T15365] CPU: 1 UID: 0 PID: 15365 Comm: syz.4.3659 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  521.137934][T15365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  521.137945][T15365] Call Trace:
[  521.137951][T15365]  <TASK>
[  521.137959][T15365]  dump_stack_lvl+0x16c/0x1f0
[  521.137989][T15365]  should_fail_ex+0x512/0x640
[  521.138014][T15365]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  521.138037][T15365]  should_failslab+0xc2/0x120
[  521.138059][T15365]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  521.138078][T15365]  ? security_file_alloc+0x34/0x2b0
[  521.138105][T15365]  security_file_alloc+0x34/0x2b0
[  521.138128][T15365]  init_file+0x93/0x4c0
[  521.138149][T15365]  alloc_empty_file+0x73/0x1e0
[  521.138172][T15365]  path_openat+0xe0/0x2d40
[  521.138187][T15365]  ? __x64_sys_openat+0x174/0x210
[  521.138208][T15365]  ? do_syscall_64+0xcd/0x230
[  521.138231][T15365]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.138255][T15365]  ? __pfx_path_openat+0x10/0x10
[  521.138278][T15365]  do_filp_open+0x20b/0x470
[  521.138294][T15365]  ? __pfx_do_filp_open+0x10/0x10
[  521.138326][T15365]  ? alloc_fd+0x471/0x7d0
[  521.138357][T15365]  do_sys_openat2+0x11b/0x1d0
[  521.138379][T15365]  ? __pfx_do_sys_openat2+0x10/0x10
[  521.138402][T15365]  ? find_held_lock+0x2b/0x80
[  521.138425][T15365]  __x64_sys_openat+0x174/0x210
[  521.138447][T15365]  ? __pfx___x64_sys_openat+0x10/0x10
[  521.138471][T15365]  ? rcu_is_watching+0x12/0xc0
[  521.138493][T15365]  do_syscall_64+0xcd/0x230
[  521.138518][T15365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.138535][T15365] RIP: 0033:0x7fa5e058e969
[  521.138550][T15365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  521.138566][T15365] RSP: 002b:00007fa5e1323038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  521.138582][T15365] RAX: ffffffffffffffda RBX: 00007fa5e07b5fa0 RCX: 00007fa5e058e969
[  521.138593][T15365] RDX: 0000000000002002 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  521.138603][T15365] RBP: 00007fa5e0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  521.138613][T15365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  521.138622][T15365] R13: 0000000000000000 R14: 00007fa5e07b5fa0 R15: 00007fffdd1603e8
[  521.138643][T15365]  </TASK>
[  522.927545][T15387] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3667'.
[  523.019134][T15387] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3667'.
[  523.031052][T15391] netlink: 302 bytes leftover after parsing attributes in process `syz.4.3669'.
[  523.908639][T15405] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3676'.
[  525.502862][T15429] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3684'.
[  526.997347][T15463] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3694'.
[  527.489344][T15471] netlink: 146 bytes leftover after parsing attributes in process `syz.4.3695'.
[  529.734907][T15518] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3711'.
[  530.070217][T15522] netlink: 146 bytes leftover after parsing attributes in process `syz.0.3713'.
[  531.114286][T15552] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  531.293103][T15555] netlink: 222 bytes leftover after parsing attributes in process `syz.0.3728'.
[  531.360562][T15555] netlink: 222 bytes leftover after parsing attributes in process `syz.0.3728'.
[  531.445268][T15557] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3727'.
[  531.462222][T15559] netlink: 146 bytes leftover after parsing attributes in process `syz.4.3730'.
[  531.513344][T15557] IPv6: Can't replace route, no match found
[  533.294611][T15596] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3741'.
[  534.731677][T15623] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3751'.
[  535.416029][T15633] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3755'.
[  535.741320][T15643] netlink: 186 bytes leftover after parsing attributes in process `syz.4.3759'.
[  535.916640][T15647] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3760'.
[  537.795275][T15683] FAULT_INJECTION: forcing a failure.
[  537.795275][T15683] name failslab, interval 1, probability 0, space 0, times 0
[  537.879032][T15683] CPU: 1 UID: 0 PID: 15683 Comm: syz.2.3773 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  537.879060][T15683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  537.879070][T15683] Call Trace:
[  537.879077][T15683]  <TASK>
[  537.879084][T15683]  dump_stack_lvl+0x16c/0x1f0
[  537.879115][T15683]  should_fail_ex+0x512/0x640
[  537.879143][T15683]  ? fs_reclaim_acquire+0xae/0x150
[  537.879171][T15683]  should_failslab+0xc2/0x120
[  537.879192][T15683]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  537.879213][T15683]  ? security_inode_alloc+0x3b/0x2b0
[  537.879237][T15683]  security_inode_alloc+0x3b/0x2b0
[  537.879258][T15683]  inode_init_always_gfp+0xce4/0x1030
[  537.879289][T15683]  alloc_inode+0x86/0x240
[  537.879310][T15683]  path_from_stashed+0x2be/0xb00
[  537.879328][T15683]  ? do_raw_spin_lock+0x12c/0x2b0
[  537.879355][T15683]  ? __pfx_path_from_stashed+0x10/0x10
[  537.879374][T15683]  ? do_raw_spin_unlock+0x172/0x230
[  537.879403][T15683]  ns_get_path+0x5f/0x80
[  537.879429][T15683]  proc_ns_get_link+0x121/0x260
[  537.879446][T15683]  ? __pfx_proc_ns_get_link+0x10/0x10
[  537.879462][T15683]  ? __pfx___might_resched+0x10/0x10
[  537.879484][T15683]  ? __pfx_proc_ns_get_link+0x10/0x10
[  537.879499][T15683]  step_into+0x1b25/0x2270
[  537.879529][T15683]  ? __pfx_step_into+0x10/0x10
[  537.879552][T15683]  ? find_held_lock+0x2b/0x80
[  537.879575][T15683]  path_openat+0x749/0x2d40
[  537.879599][T15683]  ? __pfx_path_openat+0x10/0x10
[  537.879622][T15683]  do_filp_open+0x20b/0x470
[  537.879639][T15683]  ? __pfx_do_filp_open+0x10/0x10
[  537.879670][T15683]  ? alloc_fd+0x471/0x7d0
[  537.879702][T15683]  do_sys_openat2+0x11b/0x1d0
[  537.879724][T15683]  ? __pfx_do_sys_openat2+0x10/0x10
[  537.879755][T15683]  __x64_sys_openat+0x174/0x210
[  537.879777][T15683]  ? __pfx___x64_sys_openat+0x10/0x10
[  537.879801][T15683]  ? do_user_addr_fault+0x843/0x1370
[  537.879824][T15683]  do_syscall_64+0xcd/0x230
[  537.879850][T15683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.879868][T15683] RIP: 0033:0x7f3440d8d2d0
[  537.879883][T15683] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  537.879899][T15683] RSP: 002b:00007f3441cb3f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  537.879915][T15683] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f3440d8d2d0
[  537.879926][T15683] RDX: 0000000000000002 RSI: 00007f3441cb3fa0 RDI: 00000000ffffff9c
[  537.879936][T15683] RBP: 00007f3441cb3fa0 R08: 0000000000000000 R09: 0000000000000000
[  537.879946][T15683] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  537.879956][T15683] R13: 0000000000000000 R14: 00007f3440fb5fa0 R15: 00007ffd683a59a8
[  537.879976][T15683]  </TASK>
[  539.655119][T15718] netlink: 146 bytes leftover after parsing attributes in process `syz.3.3787'.
[  540.419647][T15736] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3794'.
[  541.288185][T15759] netlink: 146 bytes leftover after parsing attributes in process `syz.0.3802'.
[  541.869241][T15776] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3809'.
[  541.907859][T15777] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3808'.
[  544.193366][T15824] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3828'.
[  544.320520][T15827] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3828'.
[  544.345817][T15829] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3830'.
[  544.612052][T15833] netlink: 29 bytes leftover after parsing attributes in process `syz.4.3841'.
[  544.975065][T15845] netlink: 'syz.3.3836': attribute type 1 has an invalid length.
[  545.021559][T15845] netlink: 33 bytes leftover after parsing attributes in process `syz.3.3836'.
[  545.125325][T15850] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3838'.
[  545.266806][T15852] netlink: 326 bytes leftover after parsing attributes in process `syz.3.3839'.
[  546.297270][T15870] netlink: 'syz.0.3846': attribute type 20 has an invalid length.
[  546.305442][T15870] __nla_validate_parse: 1 callbacks suppressed
[  546.305455][T15870] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3846'.
[  546.527402][T15870] IPv6: NLM_F_CREATE should be specified when creating new route
[  548.219398][T15898] netlink: zone id is out of range
[  548.224610][T15898] netlink: zone id is out of range
[  548.249690][T15894] netlink: 146 bytes leftover after parsing attributes in process `syz.3.3854'.
[  548.270027][T15898] netlink: zone id is out of range
[  548.300733][T15898] netlink: zone id is out of range
[  548.305893][T15898] netlink: zone id is out of range
[  548.338084][T15898] netlink: zone id is out of range
[  548.355112][T15898] netlink: zone id is out of range
[  548.385816][T15898] netlink: zone id is out of range
[  548.409046][T15898] netlink: zone id is out of range
[  548.441450][T15898] netlink: zone id is out of range
[  548.781705][T15904] netlink: 'syz.0.3864': attribute type 21 has an invalid length.
[  548.853575][T15904] netlink: 326 bytes leftover after parsing attributes in process `syz.0.3864'.
[  548.904131][T15908] input: f�
 as /devices/virtual/input/input7
[  549.265880][T15881] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  549.301381][T15916] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3860'.
[  549.360190][T15916] IPv6: NLM_F_CREATE should be specified when creating new route
[  549.418884][T15916] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  549.426433][T15916] IPv6: NLM_F_CREATE should be set when creating new route
[  549.433790][T15916] IPv6: NLM_F_CREATE should be set when creating new route
[  551.494537][T15950] netlink: 326 bytes leftover after parsing attributes in process `syz.3.3872'.
[  551.539726][T15950] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  552.360220][   T30] audit: type=1800 audit(4294968524.541:16): pid=15968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3881" name="ram7" dev="tmpfs" ino=1451 res=0 errno=0
[  552.392838][T15967] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3880'.
[  552.472632][T15969] netlink: 17 bytes leftover after parsing attributes in process `syz.2.3880'.
[  552.556528][T15971] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3882'.
[  552.577783][T15969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3880'.
[  552.776387][T15973] netlink: 146 bytes leftover after parsing attributes in process `syz.0.3883'.
[  553.585876][T15995] sctp: [Deprecated]: syz.3.3895 (pid 15995) Use of struct sctp_assoc_value in delayed_ack socket option.
[  553.585876][T15995] Use struct sctp_sack_info instead
[  554.087444][T16007] netlink: 266 bytes leftover after parsing attributes in process `syz.3.3899'.
[  554.331155][T16010] netlink: 146 bytes leftover after parsing attributes in process `syz.0.3900'.
[  554.499870][T16014] netlink: 'syz.3.3902': attribute type 4 has an invalid length.
[  554.527456][T16014] netlink: 314 bytes leftover after parsing attributes in process `syz.3.3902'.
[  556.406482][T16048] FAULT_INJECTION: forcing a failure.
[  556.406482][T16048] name failslab, interval 1, probability 0, space 0, times 0
[  556.489660][T16048] CPU: 1 UID: 0 PID: 16048 Comm: syz.2.3914 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  556.489689][T16048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  556.489699][T16048] Call Trace:
[  556.489706][T16048]  <TASK>
[  556.489713][T16048]  dump_stack_lvl+0x16c/0x1f0
[  556.489743][T16048]  should_fail_ex+0x512/0x640
[  556.489767][T16048]  ? fs_reclaim_acquire+0xae/0x150
[  556.489795][T16048]  should_failslab+0xc2/0x120
[  556.489817][T16048]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  556.489836][T16048]  ? security_inode_alloc+0x3b/0x2b0
[  556.489860][T16048]  security_inode_alloc+0x3b/0x2b0
[  556.489881][T16048]  inode_init_always_gfp+0xce4/0x1030
[  556.489902][T16048]  alloc_inode+0x86/0x240
[  556.489923][T16048]  alloc_anon_inode+0x28/0x3e0
[  556.489940][T16048]  ioctx_alloc+0x4ad/0x2060
[  556.489973][T16048]  ? find_held_lock+0x2b/0x80
[  556.489990][T16048]  ? __pfx_ioctx_alloc+0x10/0x10
[  556.490012][T16048]  ? __might_fault+0x13b/0x190
[  556.490039][T16048]  __x64_sys_io_setup+0xc9/0x210
[  556.490067][T16048]  do_syscall_64+0xcd/0x230
[  556.490093][T16048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.490110][T16048] RIP: 0033:0x7f3440d8e969
[  556.490125][T16048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  556.490141][T16048] RSP: 002b:00007f3441cb4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  556.490158][T16048] RAX: ffffffffffffffda RBX: 00007f3440fb5fa0 RCX: 00007f3440d8e969
[  556.490168][T16048] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff
[  556.490178][T16048] RBP: 00007f3440e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  556.490188][T16048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  556.490197][T16048] R13: 0000000000000000 R14: 00007f3440fb5fa0 R15: 00007ffd683a59a8
[  556.490218][T16048]  </TASK>
[  556.979231][T16052] FAULT_INJECTION: forcing a failure.
[  556.979231][T16052] name failslab, interval 1, probability 0, space 0, times 0
[  557.078903][T16052] CPU: 1 UID: 0 PID: 16052 Comm: syz.4.3917 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  557.078932][T16052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  557.078942][T16052] Call Trace:
[  557.078948][T16052]  <TASK>
[  557.078955][T16052]  dump_stack_lvl+0x16c/0x1f0
[  557.078986][T16052]  should_fail_ex+0x512/0x640
[  557.079011][T16052]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  557.079031][T16052]  should_failslab+0xc2/0x120
[  557.079053][T16052]  __kmalloc_cache_noprof+0x6a/0x3e0
[  557.079070][T16052]  ? snd_seq_port_connect+0x61/0x550
[  557.079097][T16052]  snd_seq_port_connect+0x61/0x550
[  557.079125][T16052]  ? _raw_read_unlock+0x28/0x50
[  557.079147][T16052]  ? check_subscription_permission.isra.0+0xf5/0x240
[  557.079174][T16052]  snd_seq_ioctl_subscribe_port+0x211/0x450
[  557.079201][T16052]  ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10
[  557.079236][T16052]  snd_seq_kernel_client_ctl+0x107/0x1c0
[  557.079263][T16052]  snd_seq_oss_midi_open+0x442/0x660
[  557.079282][T16052]  ? __pfx_snd_seq_oss_midi_open+0x10/0x10
[  557.079306][T16052]  ? rcu_is_watching+0x12/0xc0
[  557.079324][T16052]  ? trace_contention_end+0xdd/0x130
[  557.079350][T16052]  snd_seq_oss_synth_reset+0x437/0x880
[  557.079369][T16052]  ? __pfx_snd_seq_oss_synth_reset+0x10/0x10
[  557.079388][T16052]  ? __pfx___fsnotify_parent+0x10/0x10
[  557.079417][T16052]  snd_seq_oss_reset+0x73/0x290
[  557.079442][T16052]  ? __pfx_odev_release+0x10/0x10
[  557.079463][T16052]  snd_seq_oss_release+0x7c/0x180
[  557.079487][T16052]  odev_release+0x4c/0x70
[  557.079508][T16052]  __fput+0x3ff/0xb70
[  557.079534][T16052]  task_work_run+0x150/0x240
[  557.079560][T16052]  ? __pfx_task_work_run+0x10/0x10
[  557.079585][T16052]  ? __pfx___do_sys_close_range+0x10/0x10
[  557.079601][T16052]  ? rcu_is_watching+0x12/0xc0
[  557.079621][T16052]  syscall_exit_to_user_mode+0x27b/0x2a0
[  557.079646][T16052]  do_syscall_64+0xda/0x230
[  557.079672][T16052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.079690][T16052] RIP: 0033:0x7fa5e058e969
[  557.079705][T16052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  557.079721][T16052] RSP: 002b:00007fa5e1323038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  557.079737][T16052] RAX: 0000000000000000 RBX: 00007fa5e07b5fa0 RCX: 00007fa5e058e969
[  557.079748][T16052] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  557.079757][T16052] RBP: 00007fa5e0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  557.079766][T16052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  557.079776][T16052] R13: 0000000000000000 R14: 00007fa5e07b5fa0 R15: 00007fffdd1603e8
[  557.079797][T16052]  </TASK>
[  557.783987][T16056] netlink: 146 bytes leftover after parsing attributes in process `syz.4.3918'.
[  557.914274][T16060] dlm: Unknown command passed to DLM device : 0
[  557.914274][T16060] 
[  558.231019][T16068] netlink: 146 bytes leftover after parsing attributes in process `syz.0.3922'.
[  558.376783][T16071] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3923'.
[  559.844947][T16099] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3933'.
[  559.937216][T16104] netlink: 354 bytes leftover after parsing attributes in process `syz.2.3933'.
[  560.277535][T16113] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3938'.
[  561.804435][T16137] netlink: 202 bytes leftover after parsing attributes in process `syz.2.3947'.
[  561.982462][T16141] netlink: 326 bytes leftover after parsing attributes in process `syz.3.3949'.
[  562.447561][T16150] netlink: 326 bytes leftover after parsing attributes in process `syz.0.3953'.
[  563.235689][T16165] netlink: 290 bytes leftover after parsing attributes in process `syz.0.3958'.
[  563.611679][T16171] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3960'.
[  565.888000][T16197] vivid-003: =================  START STATUS  =================
[  565.980196][T16197] vivid-003: Radio HW Seek Mode: Bounded
[  566.047015][T16197] vivid-003: Radio Programmable HW Seek: false
[  566.129223][T16197] vivid-003: RDS Rx I/O Mode: Block I/O
[  566.205755][T16197] vivid-003: Generate RBDS Instead of RDS: false
[  566.233274][T16197] vivid-003: RDS Reception: true
[  566.277144][T16197] vivid-003: RDS Program Type: 0 inactive
[  566.339028][T16197] vivid-003: RDS PS Name:  inactive
[  566.393520][T16197] vivid-003: RDS Radio Text:  inactive
[  566.444978][T16197] vivid-003: RDS Traffic Announcement: false inactive
[  566.519747][T16197] vivid-003: RDS Traffic Program: false inactive
[  566.586923][T16197] vivid-003: RDS Music: false inactive
[  566.647353][T16197] vivid-003: ==================  END STATUS  ==================
[  567.029616][T16212] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3976'.
[  568.758633][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  568.764971][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  568.807460][T16243] FAULT_INJECTION: forcing a failure.
[  568.807460][T16243] name failslab, interval 1, probability 0, space 0, times 0
[  568.887134][T16243] CPU: 1 UID: 0 PID: 16243 Comm: syz.2.3988 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  568.887161][T16243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  568.887171][T16243] Call Trace:
[  568.887178][T16243]  <TASK>
[  568.887185][T16243]  dump_stack_lvl+0x16c/0x1f0
[  568.887214][T16243]  should_fail_ex+0x512/0x640
[  568.887239][T16243]  ? fs_reclaim_acquire+0xae/0x150
[  568.887267][T16243]  should_failslab+0xc2/0x120
[  568.887288][T16243]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  568.887308][T16243]  ? security_inode_alloc+0x3b/0x2b0
[  568.887331][T16243]  security_inode_alloc+0x3b/0x2b0
[  568.887352][T16243]  inode_init_always_gfp+0xce4/0x1030
[  568.887372][T16243]  alloc_inode+0x86/0x240
[  568.887393][T16243]  path_from_stashed+0x2be/0xb00
[  568.887410][T16243]  ? do_raw_spin_lock+0x12c/0x2b0
[  568.887437][T16243]  ? __pfx_path_from_stashed+0x10/0x10
[  568.887455][T16243]  ? do_raw_spin_unlock+0x172/0x230
[  568.887483][T16243]  ns_get_path+0x5f/0x80
[  568.887508][T16243]  proc_ns_get_link+0x121/0x260
[  568.887524][T16243]  ? __pfx_proc_ns_get_link+0x10/0x10
[  568.887540][T16243]  ? __pfx___might_resched+0x10/0x10
[  568.887562][T16243]  ? __pfx_proc_ns_get_link+0x10/0x10
[  568.887577][T16243]  step_into+0x1b25/0x2270
[  568.887606][T16243]  ? __pfx_step_into+0x10/0x10
[  568.887630][T16243]  ? find_held_lock+0x2b/0x80
[  568.887653][T16243]  path_openat+0x749/0x2d40
[  568.887676][T16243]  ? __pfx_path_openat+0x10/0x10
[  568.887699][T16243]  do_filp_open+0x20b/0x470
[  568.887716][T16243]  ? __pfx_do_filp_open+0x10/0x10
[  568.887746][T16243]  ? alloc_fd+0x471/0x7d0
[  568.887777][T16243]  do_sys_openat2+0x11b/0x1d0
[  568.887800][T16243]  ? __pfx_do_sys_openat2+0x10/0x10
[  568.887830][T16243]  __x64_sys_openat+0x174/0x210
[  568.887852][T16243]  ? __pfx___x64_sys_openat+0x10/0x10
[  568.887876][T16243]  ? rcu_is_watching+0x12/0xc0
[  568.887898][T16243]  do_syscall_64+0xcd/0x230
[  568.887924][T16243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  568.887942][T16243] RIP: 0033:0x7f3440d8d2d0
[  568.887956][T16243] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  568.887972][T16243] RSP: 002b:00007f3441cb3f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  568.887989][T16243] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f3440d8d2d0
[  568.887999][T16243] RDX: 0000000000000002 RSI: 00007f3441cb3fa0 RDI: 00000000ffffff9c
[  568.888016][T16243] RBP: 00007f3441cb3fa0 R08: 0000000000000000 R09: 0000000000000000
[  568.888026][T16243] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  568.888036][T16243] R13: 0000000000000000 R14: 00007f3440fb5fa0 R15: 00007ffd683a59a8
[  568.888056][T16243]  </TASK>
[  569.168497][    C1] vkms_vblank_simulate: vblank timer overrun
[  570.519719][T16248] Falling back ldisc for ptm0.
[  571.131335][T16268] netlink: 'syz.0.3997': attribute type 4 has an invalid length.
[  571.259609][T16268] netlink: 314 bytes leftover after parsing attributes in process `syz.0.3997'.
[  571.675892][T16280] sp0: Synchronizing with TNC
[  572.387716][T16295] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4008'.
[  572.435681][T16295] netlink: 354 bytes leftover after parsing attributes in process `syz.2.4008'.
[  572.661254][T16297] netlink: 334 bytes leftover after parsing attributes in process `syz.2.4010'.
[  573.189435][T16307] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4013'.
[  573.234274][T16307] unsupported nlmsg_type 40
[  573.495672][T16311] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4015'.
[  574.369212][T16326] netlink: 338 bytes leftover after parsing attributes in process `syz.0.4019'.
[  574.492754][T16327] netlink: 338 bytes leftover after parsing attributes in process `syz.0.4019'.
[  576.832604][T16353] netlink: 346 bytes leftover after parsing attributes in process `syz.0.4028'.
[  577.135762][T16355] netlink: 504 bytes leftover after parsing attributes in process `syz.4.4029'.
[  578.178929][T16368] netlink: 346 bytes leftover after parsing attributes in process `syz.4.4034'.
[  578.426226][T16374] netlink: 504 bytes leftover after parsing attributes in process `syz.4.4037'.
[  578.484655][T16374] netlink: 504 bytes leftover after parsing attributes in process `syz.4.4037'.
[  578.713527][T16379] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4039'.
[  578.768510][T16379] netlink: 13 bytes leftover after parsing attributes in process `syz.3.4039'.
[  580.874860][T16405] netlink: 'syz.3.4050': attribute type 4 has an invalid length.
[  580.914330][T16405] netlink: 314 bytes leftover after parsing attributes in process `syz.3.4050'.
[  583.474956][T16447] netlink: 334 bytes leftover after parsing attributes in process `syz.4.4063'.
[  583.869455][T16452] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4065'.
[  583.910401][T16452] netlink: 25 bytes leftover after parsing attributes in process `syz.4.4065'.
[  585.299537][T16471] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4073'.
[  585.997037][T16484] netlink: 'syz.3.4078': attribute type 4 has an invalid length.
[  586.032280][T16484] netlink: 314 bytes leftover after parsing attributes in process `syz.3.4078'.
[  586.069500][T16485] netlink: 'syz.3.4078': attribute type 4 has an invalid length.
[  586.100328][T16485] netlink: 314 bytes leftover after parsing attributes in process `syz.3.4078'.
[  587.214123][T16508] netlink: 186 bytes leftover after parsing attributes in process `syz.3.4088'.
[  587.974041][T16517] netlink: 338 bytes leftover after parsing attributes in process `syz.3.4092'.
[  588.022641][T16517] bridge0: port 2(bridge_slave_1) entered disabled state
[  588.030103][T16517] bridge0: port 1(bridge_slave_0) entered disabled state
[  589.525029][T16549] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4104'.
[  591.538080][T16582] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  591.552864][T16582] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  591.562395][T16582] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  591.571449][T16582] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  591.581062][T16582] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  592.292999][T16580] chnl_net:caif_netlink_parms(): no params data found
[  592.474219][T16580] bridge0: port 1(bridge_slave_0) entered blocking state
[  592.490264][T16580] bridge0: port 1(bridge_slave_0) entered disabled state
[  592.513168][T16580] bridge_slave_0: entered allmulticast mode
[  592.530091][T16580] bridge_slave_0: entered promiscuous mode
[  592.548453][T16580] bridge0: port 2(bridge_slave_1) entered blocking state
[  592.570152][T16580] bridge0: port 2(bridge_slave_1) entered disabled state
[  592.591725][T16580] bridge_slave_1: entered allmulticast mode
[  592.605680][T16580] bridge_slave_1: entered promiscuous mode
[  592.687521][T16580] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  592.714057][T16580] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  592.811399][T16580] team0: Port device team_slave_0 added
[  592.833824][T16580] team0: Port device team_slave_1 added
[  592.935145][T16580] batman_adv: batadv0: Adding interface: batadv_slave_0
[  592.968629][T16580] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  593.067543][T16580] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  593.111823][T16580] batman_adv: batadv0: Adding interface: batadv_slave_1
[  593.141090][T16580] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  593.269314][T16580] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  593.636374][T16582] Bluetooth: hci1: command tx timeout
[  593.733945][T16580] hsr_slave_0: entered promiscuous mode
[  593.763051][T16580] hsr_slave_1: entered promiscuous mode
[  593.810667][T16580] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  593.843019][T16580] Cannot create hsr debugfs directory
[  594.620226][T16580] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  594.669082][T16580] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  594.776083][T16580] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  594.881975][T16580] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  595.219202][T16580] 8021q: adding VLAN 0 to HW filter on device bond0
[  595.316124][T16580] 8021q: adding VLAN 0 to HW filter on device team0
[  595.395686][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  595.404075][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  595.463262][T16582] Bluetooth: hci3: unexpected subevent 0x01 length: 122 > 18
[  595.493015][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  595.500473][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  595.711894][ T5140] Bluetooth: hci1: command tx timeout
[  596.692990][T16580] 8021q: adding VLAN 0 to HW filter on device batadv0
[  597.775558][T16580] veth0_vlan: entered promiscuous mode
[  597.791872][ T5140] Bluetooth: hci1: command tx timeout
[  597.834980][T16580] veth1_vlan: entered promiscuous mode
[  597.939234][T16580] veth0_macvtap: entered promiscuous mode
[  597.980424][T16580] veth1_macvtap: entered promiscuous mode
[  598.069678][T16580] batman_adv: batadv0: Interface activated: batadv_slave_0
[  598.144191][T16580] batman_adv: batadv0: Interface activated: batadv_slave_1
[  598.207317][T16580] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  598.256588][T16580] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  598.298914][T16580] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  598.329227][T16580] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  598.796672][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  598.866446][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  598.999700][ T1309] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  599.055831][ T1309] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  599.415260][T16708] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4110'.
[  599.714542][T16708] bond0: (slave bond_slave_1): Releasing backup interface
[  599.872733][ T5140] Bluetooth: hci1: command tx timeout
[  602.404960][T16775] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4178'.
[  602.484465][T16778] netlink: 354 bytes leftover after parsing attributes in process `syz.5.4178'.
[  602.704449][T16782] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  604.163218][ T5140] Bluetooth: hci2: unexpected event 0xff length: 440 > 260
[  605.356690][T16840] netlink: 334 bytes leftover after parsing attributes in process `syz.0.4205'.
[  607.203278][    C1] vcan0: j1939_tp_rxtimer: 0xffff888034c54800: rx timeout, send abort
[  607.213573][    C1] vcan0: j1939_tp_rxtimer: 0xffff888034c54000: rx timeout, send abort
[  607.225367][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888034c54800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  607.241064][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888034c54000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  607.528632][T16886] FAULT_INJECTION: forcing a failure.
[  607.528632][T16886] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  607.668051][T16886] CPU: 1 UID: 0 PID: 16886 Comm: syz.4.4225 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  607.668081][T16886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  607.668091][T16886] Call Trace:
[  607.668097][T16886]  <TASK>
[  607.668105][T16886]  dump_stack_lvl+0x16c/0x1f0
[  607.668135][T16886]  should_fail_ex+0x512/0x640
[  607.668165][T16886]  should_fail_alloc_page+0xe7/0x130
[  607.668189][T16886]  prepare_alloc_pages+0x3c2/0x610
[  607.668214][T16886]  ? rcu_is_watching+0x12/0xc0
[  607.668233][T16886]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  607.668255][T16886]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  607.668283][T16886]  ? __lock_acquire+0x5ca/0x1ba0
[  607.668308][T16886]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  607.668327][T16886]  ? relay_open+0x653/0xad0
[  607.668344][T16886]  ? blk_trace_setup+0xed/0x1b0
[  607.668367][T16886]  ? rcu_read_unlock+0x17/0x60
[  607.668392][T16886]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  607.668416][T16886]  ? policy_nodemask+0xea/0x4e0
[  607.668438][T16886]  alloc_pages_mpol+0x1fb/0x550
[  607.668460][T16886]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  607.668479][T16886]  ? __kvmalloc_node_noprof.cold+0x60/0x65
[  607.668502][T16886]  ? trace_kmalloc+0x2b/0xd0
[  607.668523][T16886]  ? __kmalloc_noprof.cold+0x5c/0x61
[  607.668543][T16886]  ? relay_open_buf.part.0+0x194/0xb90
[  607.668564][T16886]  alloc_pages_noprof+0x131/0x390
[  607.668585][T16886]  relay_open_buf.part.0+0x262/0xb90
[  607.668613][T16886]  relay_open+0x653/0xad0
[  607.668632][T16886]  ? debugfs_create_file_full+0x41/0x60
[  607.668663][T16886]  do_blk_trace_setup+0x503/0xb50
[  607.668692][T16886]  blk_trace_setup+0xed/0x1b0
[  607.668720][T16886]  ? __pfx_blk_trace_setup+0x10/0x10
[  607.668736][T16886]  ? __pfx_snprintf+0x10/0x10
[  607.668771][T16886]  blk_trace_ioctl+0x146/0x280
[  607.668788][T16886]  ? __pfx_blk_trace_ioctl+0x10/0x10
[  607.668809][T16886]  ? find_held_lock+0x2b/0x80
[  607.668825][T16886]  ? hook_file_ioctl_common+0x145/0x410
[  607.668849][T16886]  blkdev_ioctl+0x108/0x6d0
[  607.668871][T16886]  ? __pfx_blkdev_ioctl+0x10/0x10
[  607.668895][T16886]  ? __pfx_blkdev_ioctl+0x10/0x10
[  607.668916][T16886]  __x64_sys_ioctl+0x190/0x200
[  607.668941][T16886]  do_syscall_64+0xcd/0x230
[  607.668967][T16886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  607.668984][T16886] RIP: 0033:0x7fa5e058e969
[  607.668998][T16886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  607.669014][T16886] RSP: 002b:00007fa5e1323038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  607.669031][T16886] RAX: ffffffffffffffda RBX: 00007fa5e07b5fa0 RCX: 00007fa5e058e969
[  607.669042][T16886] RDX: 00002000000000c0 RSI: 00000000c0481273 RDI: 0000000000000006
[  607.669051][T16886] RBP: 00007fa5e0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  607.669061][T16886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  607.669071][T16886] R13: 0000000000000000 R14: 00007fa5e07b5fa0 R15: 00007fffdd1603e8
[  607.669098][T16886]  </TASK>
[  608.358063][T16892] netlink: 130 bytes leftover after parsing attributes in process `syz.0.4228'.
[  611.040471][T16935] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4247'.
[  612.649642][ T5140] Bluetooth: hci3: unexpected subevent 0x01 length: 5 < 18
[  615.031815][T17027] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4287'.
[  615.043857][T17028] FAULT_INJECTION: forcing a failure.
[  615.043857][T17028] name fail_futex, interval 1, probability 0, space 0, times 1
[  615.087520][T17028] CPU: 1 UID: 0 PID: 17028 Comm: syz.4.4285 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  615.087548][T17028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  615.087558][T17028] Call Trace:
[  615.087564][T17028]  <TASK>
[  615.087571][T17028]  dump_stack_lvl+0x16c/0x1f0
[  615.087601][T17028]  should_fail_ex+0x512/0x640
[  615.087637][T17028]  get_futex_key+0x49e/0x1000
[  615.087658][T17028]  ? __pfx_get_futex_key+0x10/0x10
[  615.087676][T17028]  ? find_held_lock+0x2b/0x80
[  615.087692][T17028]  ? __might_fault+0xe3/0x190
[  615.087711][T17028]  ? __might_fault+0xe3/0x190
[  615.087728][T17028]  ? __might_fault+0x13b/0x190
[  615.087752][T17028]  futex_wake+0xe7/0x4e0
[  615.087776][T17028]  ? __pfx_futex_wake+0x10/0x10
[  615.087800][T17028]  ? read_tsc+0x9/0x20
[  615.087821][T17028]  ? ktime_get_ts64+0x256/0x400
[  615.087840][T17028]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  615.087866][T17028]  do_futex+0x1e3/0x350
[  615.087885][T17028]  ? __pfx_do_futex+0x10/0x10
[  615.087909][T17028]  __x64_sys_futex+0x1e0/0x4c0
[  615.087930][T17028]  ? __pfx___x64_sys_futex+0x10/0x10
[  615.087950][T17028]  ? rcu_is_watching+0x12/0xc0
[  615.087972][T17028]  do_syscall_64+0xcd/0x230
[  615.087998][T17028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  615.088015][T17028] RIP: 0033:0x7fa5e058e969
[  615.088029][T17028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  615.088045][T17028] RSP: 002b:00007fa5de3f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  615.088062][T17028] RAX: ffffffffffffffda RBX: 00007fa5e07b6088 RCX: 00007fa5e058e969
[  615.088073][T17028] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa5e07b608c
[  615.088083][T17028] RBP: 00007fa5e07b6080 R08: 00007fa5e1324000 R09: 0000000000000000
[  615.088093][T17028] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fa5e07b608c
[  615.088102][T17028] R13: 0000000000000000 R14: 00007fffdd160300 R15: 00007fffdd1603e8
[  615.088123][T17028]  </TASK>
[  615.558273][ T5140] Bluetooth: hci0: unexpected event 0x03 length: 18 > 11
[  616.634994][T17054] mkiss: ax0: crc mode is auto.
[  619.056385][T17097] mkiss: ax0: crc mode is auto.
[  622.615193][T17168] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4339'.
[  627.167643][T16582] Bluetooth: hci0: command 0x0406 tx timeout
[  627.690908][T17288] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4389'.
[  628.745588][T17315] netlink: 'syz.5.4402': attribute type 8 has an invalid length.
[  628.811385][T17315] netlink: 'syz.5.4402': attribute type 8 has an invalid length.
[  630.216617][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  630.223275][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  632.634661][ T5140] Bluetooth: hci0: unexpected subevent 0x01 length: 122 > 18
[  632.660508][T17385] netlink: 'syz.3.4435': attribute type 8 has an invalid length.
[  632.720803][T17385] netlink: 'syz.3.4435': attribute type 8 has an invalid length.
[  635.281780][T16582] Bluetooth: hci0: unexpected subevent 0x01 length: 5 < 18
[  635.812720][T16582] Bluetooth: hci2: unexpected subevent 0x01 length: 122 > 18
[  636.828619][T17453] FAULT_INJECTION: forcing a failure.
[  636.828619][T17453] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  636.909451][T17453] CPU: 1 UID: 0 PID: 17453 Comm: syz.5.4450 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  636.909479][T17453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  636.909490][T17453] Call Trace:
[  636.909496][T17453]  <TASK>
[  636.909503][T17453]  dump_stack_lvl+0x16c/0x1f0
[  636.909533][T17453]  should_fail_ex+0x512/0x640
[  636.909562][T17453]  _copy_to_user+0x32/0xd0
[  636.909582][T17453]  put_timespec64+0xb5/0x120
[  636.909602][T17453]  ? __pfx_put_timespec64+0x10/0x10
[  636.909621][T17453]  ? lockdep_hardirqs_on+0x7c/0x110
[  636.909645][T17453]  ? read_tsc+0x9/0x20
[  636.909665][T17453]  ? ktime_get_ts64+0x256/0x400
[  636.909685][T17453]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  636.909719][T17453]  poll_select_finish+0x557/0x6b0
[  636.909747][T17453]  ? __pfx_poll_select_finish+0x10/0x10
[  636.909773][T17453]  ? lockdep_hardirqs_on+0x7c/0x110
[  636.909796][T17453]  ? _raw_spin_unlock_irq+0x2e/0x50
[  636.909828][T17453]  __x64_sys_ppoll+0x266/0x2d0
[  636.909846][T17453]  ? __pfx___x64_sys_ppoll+0x10/0x10
[  636.909865][T17453]  ? rcu_is_watching+0x12/0xc0
[  636.909887][T17453]  do_syscall_64+0xcd/0x230
[  636.909914][T17453]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  636.909931][T17453] RIP: 0033:0x7fb82378e969
[  636.909946][T17453] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  636.909963][T17453] RSP: 002b:00007fb8215f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  636.909981][T17453] RAX: ffffffffffffffda RBX: 00007fb8239b5fa0 RCX: 00007fb82378e969
[  636.909992][T17453] RDX: 0000200000000080 RSI: 0000000080000001 RDI: 0000000000000000
[  636.910003][T17453] RBP: 00007fb823810ab1 R08: 0000000000000008 R09: 0000000000000000
[  636.910013][T17453] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[  636.910023][T17453] R13: 0000000000000000 R14: 00007fb8239b5fa0 R15: 00007ffe249a3238
[  636.910044][T17453]  </TASK>
[  637.270357][T17464] netlink: 330 bytes leftover after parsing attributes in process `syz.5.4454'.
[  638.540635][T17492] FAULT_INJECTION: forcing a failure.
[  638.540635][T17492] name failslab, interval 1, probability 0, space 0, times 0
[  638.620479][T17492] CPU: 1 UID: 0 PID: 17492 Comm: syz.4.4462 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  638.620506][T17492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  638.620517][T17492] Call Trace:
[  638.620524][T17492]  <TASK>
[  638.620531][T17492]  dump_stack_lvl+0x16c/0x1f0
[  638.620560][T17492]  should_fail_ex+0x512/0x640
[  638.620585][T17492]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  638.620608][T17492]  should_failslab+0xc2/0x120
[  638.620631][T17492]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  638.620649][T17492]  ? do_raw_read_unlock+0x44/0xe0
[  638.620676][T17492]  ? ima_d_path+0xbd/0x2a0
[  638.620696][T17492]  ima_d_path+0xbd/0x2a0
[  638.620712][T17492]  ? vfs_getxattr_alloc+0xec/0x340
[  638.620729][T17492]  ? __pfx_ima_d_path+0x10/0x10
[  638.620750][T17492]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  638.620780][T17492]  process_measurement+0x1d86/0x23e0
[  638.620813][T17492]  ? __pfx_process_measurement+0x10/0x10
[  638.620837][T17492]  ? __lock_acquire+0x5ca/0x1ba0
[  638.620861][T17492]  ? __resched_curr+0x30a/0x3a0
[  638.620902][T17492]  ? mtree_load+0x325/0xa40
[  638.620930][T17492]  ima_file_mmap+0x1b1/0x1d0
[  638.620955][T17492]  ? __pfx_ima_file_mmap+0x10/0x10
[  638.620989][T17492]  security_mmap_file+0x88c/0x990
[  638.621013][T17492]  __do_sys_remap_file_pages+0x2e2/0xac0
[  638.621047][T17492]  ? __pfx___do_sys_remap_file_pages+0x10/0x10
[  638.621072][T17492]  ? __x64_sys_futex+0x1e0/0x4c0
[  638.621094][T17492]  ? xfd_validate_state+0x5d/0x180
[  638.621112][T17492]  ? rcu_is_watching+0x12/0xc0
[  638.621134][T17492]  do_syscall_64+0xcd/0x230
[  638.621161][T17492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.621178][T17492] RIP: 0033:0x7fa5e058e969
[  638.621192][T17492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  638.621209][T17492] RSP: 002b:00007fa5e1323038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[  638.621225][T17492] RAX: ffffffffffffffda RBX: 00007fa5e07b5fa0 RCX: 00007fa5e058e969
[  638.621236][T17492] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000000000006a2b
[  638.621245][T17492] RBP: 00007fa5e0610ab1 R08: 0000000000010000 R09: 0000000000000000
[  638.621255][T17492] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  638.621265][T17492] R13: 0000000000000000 R14: 00007fa5e07b5fa0 R15: 00007fffdd1603e8
[  638.621286][T17492]  </TASK>
[  638.883635][T17498] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4463'.
[  643.226850][T17610] FAULT_INJECTION: forcing a failure.
[  643.226850][T17610] name failslab, interval 1, probability 0, space 0, times 0
[  643.312162][T17610] CPU: 1 UID: 0 PID: 17610 Comm: syz.4.4499 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  643.312191][T17610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  643.312201][T17610] Call Trace:
[  643.312208][T17610]  <TASK>
[  643.312214][T17610]  dump_stack_lvl+0x16c/0x1f0
[  643.312244][T17610]  should_fail_ex+0x512/0x640
[  643.312269][T17610]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  643.312295][T17610]  should_failslab+0xc2/0x120
[  643.312317][T17610]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  643.312339][T17610]  ? kasprintf+0xc7/0x100
[  643.312358][T17610]  kvasprintf+0xbc/0x160
[  643.312375][T17610]  ? __pfx_kvasprintf+0x10/0x10
[  643.312407][T17610]  kasprintf+0xc7/0x100
[  643.312423][T17610]  ? __pfx_kasprintf+0x10/0x10
[  643.312440][T17610]  ? __is_module_percpu_address+0x1e0/0x440
[  643.312469][T17610]  alloc_workqueue+0x114/0x200
[  643.312491][T17610]  ? __pfx_alloc_workqueue+0x10/0x10
[  643.312515][T17610]  ? rcu_is_watching+0x12/0xc0
[  643.312532][T17610]  ? __kmalloc_noprof+0x242/0x510
[  643.312554][T17610]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  643.312583][T17610]  ieee80211_register_hw+0x1e92/0x4140
[  643.312606][T17610]  ? __debug_object_init+0x281/0x3d0
[  643.312627][T17610]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  643.312649][T17610]  ? find_held_lock+0x2b/0x80
[  643.312666][T17610]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  643.312689][T17610]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  643.312709][T17610]  ? __hrtimer_setup+0x176/0x280
[  643.312736][T17610]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  643.312776][T17610]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  643.312810][T17610]  hwsim_new_radio_nl+0xb51/0x12c0
[  643.312838][T17610]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  643.312871][T17610]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  643.312898][T17610]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  643.312929][T17610]  genl_family_rcv_msg_doit+0x209/0x2f0
[  643.312956][T17610]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  643.312981][T17610]  ? trace_cap_capable+0x18d/0x200
[  643.313005][T17610]  ? bpf_lsm_capable+0x9/0x10
[  643.313022][T17610]  ? security_capable+0x7e/0x260
[  643.313041][T17610]  ? ns_capable+0xd7/0x110
[  643.313060][T17610]  genl_rcv_msg+0x55c/0x800
[  643.313088][T17610]  ? __pfx_genl_rcv_msg+0x10/0x10
[  643.313111][T17610]  ? __pfx___dev_queue_xmit+0x10/0x10
[  643.313128][T17610]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  643.313156][T17610]  ? __lock_acquire+0xaa4/0x1ba0
[  643.313182][T17610]  netlink_rcv_skb+0x16d/0x440
[  643.313204][T17610]  ? __pfx_genl_rcv_msg+0x10/0x10
[  643.313230][T17610]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  643.313264][T17610]  ? __pfx_down_read+0x10/0x10
[  643.313281][T17610]  ? netlink_deliver_tap+0x1ae/0xd30
[  643.313306][T17610]  genl_rcv+0x28/0x40
[  643.313327][T17610]  netlink_unicast+0x53a/0x7f0
[  643.313352][T17610]  ? __pfx_netlink_unicast+0x10/0x10
[  643.313373][T17610]  ? __lock_acquire+0xaa4/0x1ba0
[  643.313408][T17610]  netlink_sendmsg+0x8d1/0xdd0
[  643.313435][T17610]  ? __pfx_netlink_sendmsg+0x10/0x10
[  643.313466][T17610]  ____sys_sendmsg+0xa98/0xc70
[  643.313493][T17610]  ? copy_msghdr_from_user+0x10a/0x160
[  643.313514][T17610]  ? __pfx_____sys_sendmsg+0x10/0x10
[  643.313551][T17610]  ___sys_sendmsg+0x134/0x1d0
[  643.313574][T17610]  ? __pfx____sys_sendmsg+0x10/0x10
[  643.313625][T17610]  __sys_sendmsg+0x16d/0x220
[  643.313646][T17610]  ? __pfx___sys_sendmsg+0x10/0x10
[  643.313666][T17610]  ? native_tss_update_io_bitmap+0x3ca/0x720
[  643.313691][T17610]  ? rcu_is_watching+0x12/0xc0
[  643.313714][T17610]  do_syscall_64+0xcd/0x230
[  643.313741][T17610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  643.313759][T17610] RIP: 0033:0x7fa5e058e969
[  643.313773][T17610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  643.313789][T17610] RSP: 002b:00007fa5e1323038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  643.313806][T17610] RAX: ffffffffffffffda RBX: 00007fa5e07b5fa0 RCX: 00007fa5e058e969
[  643.313817][T17610] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000005
[  643.313827][T17610] RBP: 00007fa5e0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  643.313836][T17610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  643.313846][T17610] R13: 0000000000000000 R14: 00007fa5e07b5fa0 R15: 00007fffdd1603e8
[  643.313868][T17610]  </TASK>
[  644.244540][T17623] net_ratelimit: 23 callbacks suppressed
[  644.244556][T17623] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  644.257056][T17623] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  644.738778][T17636] ima: policy update failed
[  644.768090][   T30] audit: type=1802 audit(4294968616.885:17): pid=17636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.4509" res=0 errno=0
[  644.788223][ T5140] Bluetooth: hci0: unexpected event 0x07 length: 440 > 255
[  646.267669][T17667] netlink: 'syz.5.4519': attribute type 32 has an invalid length.
[  646.318001][T17667] netlink: 'syz.5.4519': attribute type 33 has an invalid length.
[  646.389636][T17667] netlink: 'syz.5.4519': attribute type 35 has an invalid length.
[  646.469675][T17667] netlink: 'syz.5.4519': attribute type 37 has an invalid length.
[  646.515798][T17667] netlink: 'syz.5.4519': attribute type 39 has an invalid length.
[  646.558499][T17667] netlink: 'syz.5.4519': attribute type 40 has an invalid length.
[  646.606805][T17667] netlink: 'syz.5.4519': attribute type 41 has an invalid length.
[  646.668697][T17667] netlink: 'syz.5.4519': attribute type 44 has an invalid length.
[  646.713556][T17667] netlink: 'syz.5.4519': attribute type 46 has an invalid length.
[  646.766426][T17667] netlink: 'syz.5.4519': attribute type 47 has an invalid length.
[  646.820419][T17667] netlink: 2 bytes leftover after parsing attributes in process `syz.5.4519'.
[  649.322753][T17719] kvm_intel: kvm [17718]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x2
[  649.427381][T17716] syz.3.4536 (17716) used greatest stack depth: 19912 bytes left
[  650.612361][ T5140] Bluetooth: hci3: unexpected event 0xff length: 440 > 260
[  650.915180][T17747] netlink: 338 bytes leftover after parsing attributes in process `syz.3.4547'.
[  651.007033][T17748] netlink: 338 bytes leftover after parsing attributes in process `syz.3.4547'.
[  651.053893][T17747] netlink: 170 bytes leftover after parsing attributes in process `syz.3.4547'.
[  651.596278][T17732] kexec: Could not allocate control_code_buffer
[  657.720716][T17839] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4583'.
[  658.584009][T17857] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4592'.
[  658.684972][T17857] : renamed from lo
[  658.694448][T17835] kexec: Could not allocate control_code_buffer
[  659.312467][ T5140] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  659.320682][ T5140] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  659.331120][ T5140] CPU: 1 UID: 0 PID: 5140 Comm: kworker/u9:1 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  659.331146][ T5140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  659.331158][ T5140] Workqueue: hci0 hci_rx_work
[  659.331181][ T5140] Call Trace:
[  659.331187][ T5140]  <TASK>
[  659.331194][ T5140]  dump_stack_lvl+0x16c/0x1f0
[  659.331268][ T5140]  sysfs_warn_dup+0x7f/0xa0
[  659.331296][ T5140]  sysfs_create_dir_ns+0x24b/0x2b0
[  659.331322][ T5140]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  659.331354][ T5140]  ? find_held_lock+0x2b/0x80
[  659.331375][ T5140]  ? do_raw_spin_unlock+0x172/0x230
[  659.331402][ T5140]  kobject_add_internal+0x2c4/0x9b0
[  659.331422][ T5140]  kobject_add+0x16e/0x240
[  659.331438][ T5140]  ? __pfx_kobject_add+0x10/0x10
[  659.331456][ T5140]  ? do_raw_spin_unlock+0x172/0x230
[  659.331481][ T5140]  ? kobject_put+0xab/0x5a0
[  659.331513][ T5140]  device_add+0x288/0x1a70
[  659.331538][ T5140]  ? __pfx_dev_set_name+0x10/0x10
[  659.331563][ T5140]  ? __pfx_device_add+0x10/0x10
[  659.331587][ T5140]  ? mgmt_send_event_skb+0x2fb/0x460
[  659.331618][ T5140]  hci_conn_add_sysfs+0x17e/0x230
[  659.331638][ T5140]  le_conn_complete_evt+0x1075/0x1d70
[  659.331669][ T5140]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  659.331799][ T5140]  ? bt_warn+0xe4/0x120
[  659.331873][ T5140]  ? __pfx_bt_warn+0x10/0x10
[  659.331956][ T5140]  hci_le_conn_complete_evt+0x23c/0x370
[  659.332062][ T5140]  hci_le_meta_evt+0x2f3/0x5e0
[  659.332127][ T5140]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  659.332202][ T5140]  hci_event_packet+0x669/0x1190
[  659.332275][ T5140]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  659.332312][ T5140]  ? __pfx_hci_event_packet+0x10/0x10
[  659.332384][ T5140]  ? kcov_remote_start+0x3c9/0x6d0
[  659.332438][ T5140]  ? lockdep_hardirqs_on+0x7c/0x110
[  659.332502][ T5140]  hci_rx_work+0x2c5/0x16b0
[  659.332541][ T5140]  ? rcu_is_watching+0x12/0xc0
[  659.332585][ T5140]  process_one_work+0x9cf/0x1b70
[  659.332671][ T5140]  ? __pfx_process_one_work+0x10/0x10
[  659.332744][ T5140]  ? assign_work+0x1a0/0x250
[  659.332804][ T5140]  worker_thread+0x6c8/0xf10
[  659.332897][ T5140]  ? __kthread_parkme+0x19e/0x250
[  659.332958][ T5140]  ? __pfx_worker_thread+0x10/0x10
[  659.333039][ T5140]  kthread+0x3c2/0x780
[  659.333111][ T5140]  ? __pfx_kthread+0x10/0x10
[  659.333178][ T5140]  ? __pfx_kthread+0x10/0x10
[  659.333335][ T5140]  ? __pfx_kthread+0x10/0x10
[  659.333410][ T5140]  ? __pfx_kthread+0x10/0x10
[  659.333474][ T5140]  ? rcu_is_watching+0x12/0xc0
[  659.333513][ T5140]  ? __pfx_kthread+0x10/0x10
[  659.333584][ T5140]  ret_from_fork+0x48/0x80
[  659.333624][ T5140]  ? __pfx_kthread+0x10/0x10
[  659.333684][ T5140]  ret_from_fork_asm+0x1a/0x30
[  659.333764][ T5140]  </TASK>
[  659.885134][ T5140] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  659.901973][ T5140] Bluetooth: hci0: failed to register connection device
[  660.425550][T17881] netlink: 146 bytes leftover after parsing attributes in process `syz.3.4600'.
[  661.441879][T17902] FAULT_INJECTION: forcing a failure.
[  661.441879][T17902] name failslab, interval 1, probability 0, space 0, times 0
[  661.501961][T17902] CPU: 1 UID: 0 PID: 17902 Comm: syz.4.4616 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  661.501990][T17902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  661.502000][T17902] Call Trace:
[  661.502006][T17902]  <TASK>
[  661.502013][T17902]  dump_stack_lvl+0x16c/0x1f0
[  661.502043][T17902]  should_fail_ex+0x512/0x640
[  661.502068][T17902]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  661.502092][T17902]  should_failslab+0xc2/0x120
[  661.502114][T17902]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  661.502133][T17902]  ? do_timer_create+0x18a/0x14e0
[  661.502160][T17902]  do_timer_create+0x18a/0x14e0
[  661.502183][T17902]  ? __might_fault+0xe3/0x190
[  661.502203][T17902]  ? __pfx_do_timer_create+0x10/0x10
[  661.502232][T17902]  __x64_sys_timer_create+0x182/0x1d0
[  661.502255][T17902]  ? __pfx___x64_sys_timer_create+0x10/0x10
[  661.502288][T17902]  do_syscall_64+0xcd/0x230
[  661.502314][T17902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.502331][T17902] RIP: 0033:0x7fa5e058e969
[  661.502345][T17902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  661.502361][T17902] RSP: 002b:00007fa5e1323038 EFLAGS: 00000246 ORIG_RAX: 00000000000000de
[  661.502378][T17902] RAX: ffffffffffffffda RBX: 00007fa5e07b5fa0 RCX: 00007fa5e058e969
[  661.502396][T17902] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000000
[  661.502405][T17902] RBP: 00007fa5e0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  661.502415][T17902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  661.502425][T17902] R13: 0000000000000000 R14: 00007fa5e07b5fa0 R15: 00007fffdd1603e8
[  661.502445][T17902]  </TASK>
[  661.907840][ T5140] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  663.595982][T17932] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4617'.
[  663.628781][T17932] ipvlan1: entered promiscuous mode
[  663.666455][T17932] ipvlan1: entered allmulticast mode
[  663.693995][T17932] veth0_vlan: entered allmulticast mode
[  664.344488][T17949] kvm: user requested TSC rate below hardware speed
[  665.273627][T17971] netlink: 'syz.5.4633': attribute type 4 has an invalid length.
[  665.319562][T17971] netlink: 314 bytes leftover after parsing attributes in process `syz.5.4633'.
[  665.825053][T17977] netlink: 'syz.3.4636': attribute type 21 has an invalid length.
[  665.875767][T17977] netlink: 326 bytes leftover after parsing attributes in process `syz.3.4636'.
[  665.967556][T17984] FAULT_INJECTION: forcing a failure.
[  665.967556][T17984] name failslab, interval 1, probability 0, space 0, times 0
[  666.145115][T17984] CPU: 1 UID: 0 PID: 17984 Comm: syz.4.4638 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  666.145143][T17984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  666.145153][T17984] Call Trace:
[  666.145159][T17984]  <TASK>
[  666.145166][T17984]  dump_stack_lvl+0x16c/0x1f0
[  666.145195][T17984]  should_fail_ex+0x512/0x640
[  666.145226][T17984]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  666.145246][T17984]  should_failslab+0xc2/0x120
[  666.145267][T17984]  __kmalloc_cache_noprof+0x6a/0x3e0
[  666.145284][T17984]  ? rfkill_fop_open+0x56/0x750
[  666.145308][T17984]  ? __pfx_rfkill_fop_open+0x10/0x10
[  666.145326][T17984]  rfkill_fop_open+0x56/0x750
[  666.145344][T17984]  ? kobject_get_unless_zero+0x156/0x1e0
[  666.145373][T17984]  ? __pfx_rfkill_fop_open+0x10/0x10
[  666.145393][T17984]  misc_open+0x35d/0x420
[  666.145417][T17984]  ? __pfx_misc_open+0x10/0x10
[  666.145432][T17984]  chrdev_open+0x234/0x6a0
[  666.145450][T17984]  ? __pfx_apparmor_file_open+0x10/0x10
[  666.145473][T17984]  ? __pfx_chrdev_open+0x10/0x10
[  666.145494][T17984]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  666.145524][T17984]  do_dentry_open+0x741/0x1c10
[  666.145543][T17984]  ? __pfx_chrdev_open+0x10/0x10
[  666.145567][T17984]  vfs_open+0x82/0x3f0
[  666.145592][T17984]  path_openat+0x1e5e/0x2d40
[  666.145619][T17984]  ? __pfx_path_openat+0x10/0x10
[  666.145642][T17984]  do_filp_open+0x20b/0x470
[  666.145659][T17984]  ? __pfx_do_filp_open+0x10/0x10
[  666.145693][T17984]  ? alloc_fd+0x471/0x7d0
[  666.145725][T17984]  do_sys_openat2+0x11b/0x1d0
[  666.145748][T17984]  ? __pfx_do_sys_openat2+0x10/0x10
[  666.145779][T17984]  __x64_sys_openat+0x174/0x210
[  666.145802][T17984]  ? __pfx___x64_sys_openat+0x10/0x10
[  666.145825][T17984]  ? rcu_is_watching+0x12/0xc0
[  666.145849][T17984]  do_syscall_64+0xcd/0x230
[  666.145875][T17984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  666.145892][T17984] RIP: 0033:0x7fa5e058e969
[  666.145906][T17984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  666.145922][T17984] RSP: 002b:00007fa5de3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  666.145939][T17984] RAX: ffffffffffffffda RBX: 00007fa5e07b6080 RCX: 00007fa5e058e969
[  666.145950][T17984] RDX: 0000000000000400 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  666.145960][T17984] RBP: 00007fa5e0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  666.145969][T17984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  666.145979][T17984] R13: 0000000000000000 R14: 00007fa5e07b6080 R15: 00007fffdd1603e8
[  666.146001][T17984]  </TASK>
[  668.394650][T18021] FAULT_INJECTION: forcing a failure.
[  668.394650][T18021] name failslab, interval 1, probability 0, space 0, times 0
[  668.530368][T18021] CPU: 1 UID: 0 PID: 18021 Comm: syz.4.4650 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  668.530397][T18021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  668.530408][T18021] Call Trace:
[  668.530414][T18021]  <TASK>
[  668.530422][T18021]  dump_stack_lvl+0x16c/0x1f0
[  668.530453][T18021]  should_fail_ex+0x512/0x640
[  668.530478][T18021]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  668.530502][T18021]  should_failslab+0xc2/0x120
[  668.530523][T18021]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  668.530544][T18021]  ? __pmd_alloc+0xc3/0x870
[  668.530571][T18021]  __pmd_alloc+0xc3/0x870
[  668.530599][T18021]  walk_to_pmd+0x21a/0x2a0
[  668.530626][T18021]  vm_insert_pages+0x202/0xa50
[  668.530649][T18021]  ? __pfx_vm_insert_pages+0x10/0x10
[  668.530672][T18021]  io_uring_mmap+0x3ba/0x5a0
[  668.530700][T18021]  ? __pfx_io_uring_mmap+0x10/0x10
[  668.530717][T18021]  ? vm_area_alloc+0x1f/0x160
[  668.530738][T18021]  ? lockdep_init_map_type+0x5c/0x280
[  668.530764][T18021]  __mmap_region+0x1485/0x27c0
[  668.530787][T18021]  ? __pfx___mmap_region+0x10/0x10
[  668.530806][T18021]  ? trace_sched_exit_tp+0xde/0x130
[  668.530831][T18021]  ? __lock_acquire+0xaa4/0x1ba0
[  668.530890][T18021]  ? trace_cap_capable+0x18d/0x200
[  668.530910][T18021]  ? cap_capable+0xb3/0x250
[  668.530931][T18021]  mmap_region+0x32b/0x3f0
[  668.530955][T18021]  do_mmap+0xd8e/0x11b0
[  668.530984][T18021]  ? __pfx_do_mmap+0x10/0x10
[  668.531008][T18021]  ? __pfx_down_write_killable+0x10/0x10
[  668.531029][T18021]  vm_mmap_pgoff+0x281/0x450
[  668.531057][T18021]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  668.531086][T18021]  ? __fget_files+0x20e/0x3c0
[  668.531106][T18021]  ksys_mmap_pgoff+0x32c/0x5c0
[  668.531137][T18021]  ? rcu_is_watching+0x12/0xc0
[  668.531155][T18021]  __x64_sys_mmap+0x125/0x190
[  668.531175][T18021]  do_syscall_64+0xcd/0x230
[  668.531202][T18021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  668.531220][T18021] RIP: 0033:0x7fa5e058e969
[  668.531237][T18021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  668.531253][T18021] RSP: 002b:00007fa5e1323038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  668.531270][T18021] RAX: ffffffffffffffda RBX: 00007fa5e07b5fa0 RCX: 00007fa5e058e969
[  668.531282][T18021] RDX: 0000002000000329 RSI: 0000000008004008 RDI: 0000000000000000
[  668.531292][T18021] RBP: 00007fa5e0610ab1 R08: 0000000000000003 R09: 0000000000008000
[  668.531302][T18021] R10: 0002000000010011 R11: 0000000000000246 R12: 0000000000000000
[  668.531312][T18021] R13: 0000000000000000 R14: 00007fa5e07b5fa0 R15: 00007fffdd1603e8
[  668.531333][T18021]  </TASK>
[  668.907690][T18039] netlink: 'syz.4.4667': attribute type 16 has an invalid length.
[  668.915611][T18039] netlink: 50 bytes leftover after parsing attributes in process `syz.4.4667'.
[  669.473421][T18046] netlink: 146 bytes leftover after parsing attributes in process `syz.3.4661'.
[  670.349092][T18063] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4665'.
[  670.379771][T18065] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4668'.
[  670.453766][T18065] netlink: 'syz.5.4668': attribute type 1 has an invalid length.
[  670.505937][T18065] netlink: 'syz.5.4668': attribute type 2 has an invalid length.
[  670.572918][T18065] netlink: 'syz.5.4668': attribute type 7 has an invalid length.
[  670.625933][T18065] netlink: 214 bytes leftover after parsing attributes in process `syz.5.4668'.
[  671.330086][T18076] sp0: Synchronizing with TNC
[  671.842555][T16582] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  671.850750][T16582] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:0'
[  671.864702][T16582] CPU: 1 UID: 0 PID: 16582 Comm: kworker/u9:0 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  671.864730][T16582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  671.864741][T16582] Workqueue: hci2 hci_rx_work
[  671.864763][T16582] Call Trace:
[  671.864769][T16582]  <TASK>
[  671.864776][T16582]  dump_stack_lvl+0x16c/0x1f0
[  671.864803][T16582]  sysfs_warn_dup+0x7f/0xa0
[  671.864829][T16582]  sysfs_create_dir_ns+0x24b/0x2b0
[  671.864855][T16582]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  671.864879][T16582]  ? find_held_lock+0x2b/0x80
[  671.864900][T16582]  ? do_raw_spin_unlock+0x172/0x230
[  671.864927][T16582]  kobject_add_internal+0x2c4/0x9b0
[  671.864948][T16582]  kobject_add+0x16e/0x240
[  671.864965][T16582]  ? __pfx_kobject_add+0x10/0x10
[  671.864983][T16582]  ? do_raw_spin_unlock+0x172/0x230
[  671.865008][T16582]  ? kobject_put+0xab/0x5a0
[  671.865039][T16582]  device_add+0x288/0x1a70
[  671.865071][T16582]  ? __pfx_dev_set_name+0x10/0x10
[  671.865097][T16582]  ? __pfx_device_add+0x10/0x10
[  671.865120][T16582]  ? mgmt_send_event_skb+0x2fb/0x460
[  671.865156][T16582]  hci_conn_add_sysfs+0x17e/0x230
[  671.865176][T16582]  le_conn_complete_evt+0x1075/0x1d70
[  671.865208][T16582]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  671.865233][T16582]  ? bt_warn+0xe4/0x120
[  671.865256][T16582]  ? __pfx_bt_warn+0x10/0x10
[  671.865286][T16582]  hci_le_conn_complete_evt+0x23c/0x370
[  671.865318][T16582]  hci_le_meta_evt+0x2f3/0x5e0
[  671.865335][T16582]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  671.865365][T16582]  hci_event_packet+0x669/0x1190
[  671.865390][T16582]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  671.865415][T16582]  ? __pfx_hci_event_packet+0x10/0x10
[  671.865442][T16582]  ? kcov_remote_start+0x3c9/0x6d0
[  671.865465][T16582]  ? lockdep_hardirqs_on+0x7c/0x110
[  671.865493][T16582]  hci_rx_work+0x2c5/0x16b0
[  671.865528][T16582]  ? rcu_is_watching+0x12/0xc0
[  671.865549][T16582]  process_one_work+0x9cf/0x1b70
[  671.865585][T16582]  ? __pfx_process_one_work+0x10/0x10
[  671.865618][T16582]  ? assign_work+0x1a0/0x250
[  671.865644][T16582]  worker_thread+0x6c8/0xf10
[  671.865677][T16582]  ? __kthread_parkme+0x19e/0x250
[  671.865699][T16582]  ? __pfx_worker_thread+0x10/0x10
[  671.865725][T16582]  kthread+0x3c2/0x780
[  671.865749][T16582]  ? __pfx_kthread+0x10/0x10
[  671.865771][T16582]  ? __pfx_kthread+0x10/0x10
[  671.865793][T16582]  ? __pfx_kthread+0x10/0x10
[  671.865815][T16582]  ? __pfx_kthread+0x10/0x10
[  671.865836][T16582]  ? rcu_is_watching+0x12/0xc0
[  671.865852][T16582]  ? __pfx_kthread+0x10/0x10
[  671.865876][T16582]  ret_from_fork+0x48/0x80
[  671.865891][T16582]  ? __pfx_kthread+0x10/0x10
[  671.865914][T16582]  ret_from_fork_asm+0x1a/0x30
[  671.865948][T16582]  </TASK>
[  671.865970][T16582] kobject: kobject_add_internal failed for hci2:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  672.194939][T16582] Bluetooth: hci2: failed to register connection device
[  673.255632][T18112] netlink: 'syz.3.4685': attribute type 29 has an invalid length.
[  673.612658][T18120] netlink: 346 bytes leftover after parsing attributes in process `syz.0.4697'.
[  674.273595][T18131] syz.4.4692 (18131): /proc/18127/oom_adj is deprecated, please use /proc/18127/oom_score_adj instead.
[  674.973407][T16582] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  674.981577][T16582] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:0'
[  674.994241][T16582] CPU: 1 UID: 0 PID: 16582 Comm: kworker/u9:0 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  674.994273][T16582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  674.994285][T16582] Workqueue: hci3 hci_rx_work
[  674.994312][T16582] Call Trace:
[  674.994318][T16582]  <TASK>
[  674.994326][T16582]  dump_stack_lvl+0x16c/0x1f0
[  674.994353][T16582]  sysfs_warn_dup+0x7f/0xa0
[  674.994379][T16582]  sysfs_create_dir_ns+0x24b/0x2b0
[  674.994405][T16582]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  674.994431][T16582]  ? find_held_lock+0x2b/0x80
[  674.994452][T16582]  ? do_raw_spin_unlock+0x172/0x230
[  674.994479][T16582]  kobject_add_internal+0x2c4/0x9b0
[  674.994499][T16582]  kobject_add+0x16e/0x240
[  674.994515][T16582]  ? __pfx_kobject_add+0x10/0x10
[  674.994533][T16582]  ? do_raw_spin_unlock+0x172/0x230
[  674.994558][T16582]  ? kobject_put+0xab/0x5a0
[  674.994590][T16582]  device_add+0x288/0x1a70
[  674.994615][T16582]  ? __pfx_dev_set_name+0x10/0x10
[  674.994640][T16582]  ? __pfx_device_add+0x10/0x10
[  674.994663][T16582]  ? mgmt_send_event_skb+0x2fb/0x460
[  674.994695][T16582]  hci_conn_add_sysfs+0x17e/0x230
[  674.994715][T16582]  le_conn_complete_evt+0x1075/0x1d70
[  674.994747][T16582]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  674.994772][T16582]  ? bt_warn+0xe4/0x120
[  674.994795][T16582]  ? __pfx_bt_warn+0x10/0x10
[  674.994824][T16582]  hci_le_conn_complete_evt+0x23c/0x370
[  674.994855][T16582]  hci_le_meta_evt+0x2f3/0x5e0
[  674.994872][T16582]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  674.994901][T16582]  hci_event_packet+0x669/0x1190
[  674.994927][T16582]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  674.994953][T16582]  ? __pfx_hci_event_packet+0x10/0x10
[  674.994981][T16582]  ? kcov_remote_start+0x3c9/0x6d0
[  674.995003][T16582]  ? lockdep_hardirqs_on+0x7c/0x110
[  674.995032][T16582]  hci_rx_work+0x2c5/0x16b0
[  674.995053][T16582]  ? rcu_is_watching+0x12/0xc0
[  674.995075][T16582]  process_one_work+0x9cf/0x1b70
[  674.995109][T16582]  ? __pfx_process_one_work+0x10/0x10
[  674.995141][T16582]  ? assign_work+0x1a0/0x250
[  674.995167][T16582]  worker_thread+0x6c8/0xf10
[  674.995199][T16582]  ? __kthread_parkme+0x19e/0x250
[  674.995221][T16582]  ? __pfx_worker_thread+0x10/0x10
[  674.995246][T16582]  kthread+0x3c2/0x780
[  674.995269][T16582]  ? __pfx_kthread+0x10/0x10
[  674.995297][T16582]  ? __pfx_kthread+0x10/0x10
[  674.995319][T16582]  ? __pfx_kthread+0x10/0x10
[  674.995341][T16582]  ? __pfx_kthread+0x10/0x10
[  674.995364][T16582]  ? rcu_is_watching+0x12/0xc0
[  674.995380][T16582]  ? __pfx_kthread+0x10/0x10
[  674.995404][T16582]  ret_from_fork+0x48/0x80
[  674.995419][T16582]  ? __pfx_kthread+0x10/0x10
[  674.995443][T16582]  ret_from_fork_asm+0x1a/0x30
[  674.995477][T16582]  </TASK>
[  674.995499][T16582] kobject: kobject_add_internal failed for hci3:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  675.325862][T16582] Bluetooth: hci3: failed to register connection device
[  676.896310][T18174] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4707'.
[  676.908449][T18176] ima: policy update failed
[  676.934949][   T30] audit: type=1802 audit(4294968649.059:18): pid=18176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.4708" res=0 errno=0
[  676.961387][T18176] netlink: 25 bytes leftover after parsing attributes in process `syz.4.4708'.
[  677.037592][T18178] FAULT_INJECTION: forcing a failure.
[  677.037592][T18178] name failslab, interval 1, probability 0, space 0, times 0
[  677.110411][T18178] CPU: 1 UID: 0 PID: 18178 Comm: syz.5.4709 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  677.110439][T18178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  677.110449][T18178] Call Trace:
[  677.110455][T18178]  <TASK>
[  677.110463][T18178]  dump_stack_lvl+0x16c/0x1f0
[  677.110494][T18178]  should_fail_ex+0x512/0x640
[  677.110519][T18178]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  677.110541][T18178]  should_failslab+0xc2/0x120
[  677.110563][T18178]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  677.110582][T18178]  ? apparmor_capable+0x114/0x1d0
[  677.110599][T18178]  ? prepare_creds+0x2c/0x7d0
[  677.110626][T18178]  prepare_creds+0x2c/0x7d0
[  677.110651][T18178]  __do_sys_landlock_restrict_self+0x13e/0x910
[  677.110678][T18178]  ? rcu_is_watching+0x12/0xc0
[  677.110697][T18178]  do_syscall_64+0xcd/0x230
[  677.110722][T18178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.110739][T18178] RIP: 0033:0x7fb82378e969
[  677.110752][T18178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  677.110768][T18178] RSP: 002b:00007fb8215f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
[  677.110784][T18178] RAX: ffffffffffffffda RBX: 00007fb8239b5fa0 RCX: 00007fb82378e969
[  677.110795][T18178] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  677.110805][T18178] RBP: 00007fb823810ab1 R08: 0000000000000000 R09: 0000000000000000
[  677.110815][T18178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  677.110824][T18178] R13: 0000000000000000 R14: 00007fb8239b5fa0 R15: 00007ffe249a3238
[  677.110845][T18178]  </TASK>
[  678.286278][T18194] netlink: 18 bytes leftover after parsing attributes in process `syz.0.4715'.
[  679.154532][T18216] netlink: 206 bytes leftover after parsing attributes in process `syz.5.4723'.
[  681.610832][T18264] FAULT_INJECTION: forcing a failure.
[  681.610832][T18264] name failslab, interval 1, probability 0, space 0, times 0
[  681.843688][T18264] CPU: 1 UID: 0 PID: 18264 Comm: syz.4.4737 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  681.843717][T18264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  681.843728][T18264] Call Trace:
[  681.843735][T18264]  <TASK>
[  681.843742][T18264]  dump_stack_lvl+0x16c/0x1f0
[  681.843772][T18264]  should_fail_ex+0x512/0x640
[  681.843796][T18264]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  681.843817][T18264]  should_failslab+0xc2/0x120
[  681.843839][T18264]  __kmalloc_cache_noprof+0x6a/0x3e0
[  681.843855][T18264]  ? lockdep_init_map_type+0x5c/0x280
[  681.843878][T18264]  ? nci_hci_allocate+0x45/0x330
[  681.843907][T18264]  nci_hci_allocate+0x45/0x330
[  681.843933][T18264]  nci_allocate_device+0x26f/0x430
[  681.843956][T18264]  virtual_ncidev_open+0x6f/0x220
[  681.843984][T18264]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  681.844009][T18264]  misc_open+0x35d/0x420
[  681.844025][T18264]  ? __pfx_misc_open+0x10/0x10
[  681.844040][T18264]  chrdev_open+0x234/0x6a0
[  681.844067][T18264]  ? __pfx_apparmor_file_open+0x10/0x10
[  681.844091][T18264]  ? __pfx_chrdev_open+0x10/0x10
[  681.844111][T18264]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  681.844142][T18264]  do_dentry_open+0x741/0x1c10
[  681.844161][T18264]  ? __pfx_chrdev_open+0x10/0x10
[  681.844184][T18264]  vfs_open+0x82/0x3f0
[  681.844210][T18264]  path_openat+0x1e5e/0x2d40
[  681.844236][T18264]  ? __pfx_path_openat+0x10/0x10
[  681.844259][T18264]  do_filp_open+0x20b/0x470
[  681.844277][T18264]  ? __pfx_do_filp_open+0x10/0x10
[  681.844311][T18264]  ? alloc_fd+0x471/0x7d0
[  681.844342][T18264]  do_sys_openat2+0x11b/0x1d0
[  681.844365][T18264]  ? __pfx_do_sys_openat2+0x10/0x10
[  681.844395][T18264]  __x64_sys_openat+0x174/0x210
[  681.844418][T18264]  ? __pfx___x64_sys_openat+0x10/0x10
[  681.844442][T18264]  ? rcu_is_watching+0x12/0xc0
[  681.844464][T18264]  do_syscall_64+0xcd/0x230
[  681.844490][T18264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.844507][T18264] RIP: 0033:0x7fa5e058e969
[  681.844523][T18264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  681.844539][T18264] RSP: 002b:00007fa5de3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  681.844555][T18264] RAX: ffffffffffffffda RBX: 00007fa5e07b6080 RCX: 00007fa5e058e969
[  681.844566][T18264] RDX: 0000000000000100 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  681.844576][T18264] RBP: 00007fa5e0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  681.844586][T18264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  681.844596][T18264] R13: 0000000000000000 R14: 00007fa5e07b6080 R15: 00007fffdd1603e8
[  681.844617][T18264]  </TASK>
[  683.061766][T18280] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4745'.
[  683.199716][T18280] netlink: 294 bytes leftover after parsing attributes in process `syz.5.4745'.
[  691.141573][T18408] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4791'.
[  691.312268][T18411] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4793'.
[  691.335520][T18408] netlink: 294 bytes leftover after parsing attributes in process `syz.5.4791'.
[  691.684348][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  691.690880][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  692.367355][T18433] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4802'.
[  696.229087][T18504] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4825'.
[  696.451825][T18508] netlink: 306 bytes leftover after parsing attributes in process `syz.0.4827'.
[  696.493991][T18508] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4827'.
[  696.577717][T18508] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4827'.
[  704.713725][T18642] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8
[  705.553145][T18654] mkiss: ax0: crc mode is auto.
[  705.751704][T18658] netlink: 'syz.3.4877': attribute type 4 has an invalid length.
[  705.792071][T18658] netlink: 314 bytes leftover after parsing attributes in process `syz.3.4877'.
[  706.130735][T18644] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9
[  712.057549][T18719] random: crng reseeded on system resumption
[  714.251325][T16582] Bluetooth: hci1: command 0x0406 tx timeout
[  715.102565][T18784] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4920'.
[  715.146378][T18784] netlink: 17 bytes leftover after parsing attributes in process `syz.3.4920'.
[  715.534600][T18794] FAULT_INJECTION: forcing a failure.
[  715.534600][T18794] name failslab, interval 1, probability 0, space 0, times 0
[  715.684098][T18794] CPU: 1 UID: 0 PID: 18794 Comm: syz.5.4923 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  715.684132][T18794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  715.684147][T18794] Call Trace:
[  715.684154][T18794]  <TASK>
[  715.684162][T18794]  dump_stack_lvl+0x16c/0x1f0
[  715.684193][T18794]  should_fail_ex+0x512/0x640
[  715.684217][T18794]  ? __kmalloc_noprof+0xbf/0x510
[  715.684239][T18794]  ? drm_atomic_state_init+0x17b/0x320
[  715.684263][T18794]  should_failslab+0xc2/0x120
[  715.684285][T18794]  __kmalloc_noprof+0xd2/0x510
[  715.684308][T18794]  drm_atomic_state_init+0x17b/0x320
[  715.684333][T18794]  ? __kasan_kmalloc+0xaa/0xb0
[  715.684351][T18794]  drm_atomic_state_alloc+0xd3/0x120
[  715.684376][T18794]  drm_client_modeset_commit_atomic+0xcc/0x7e0
[  715.684399][T18794]  ? __pfx___might_resched+0x10/0x10
[  715.684419][T18794]  ? rcu_is_watching+0x12/0xc0
[  715.684436][T18794]  ? trace_contention_end+0xdd/0x130
[  715.684459][T18794]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  715.684506][T18794]  drm_client_modeset_commit_locked+0x14d/0x580
[  715.684532][T18794]  drm_client_modeset_commit+0x4f/0x80
[  715.684557][T18794]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  715.684582][T18794]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  715.684608][T18794]  drm_fbdev_client_restore+0x2c/0x40
[  715.684633][T18794]  drm_client_dev_restore+0x1f3/0x2a0
[  715.684659][T18794]  drm_release+0x2c4/0x360
[  715.684681][T18794]  ? __pfx_drm_release+0x10/0x10
[  715.684699][T18794]  __fput+0x3ff/0xb70
[  715.684726][T18794]  task_work_run+0x150/0x240
[  715.684762][T18794]  ? __pfx_task_work_run+0x10/0x10
[  715.684793][T18794]  ? __pfx___do_sys_close_range+0x10/0x10
[  715.684810][T18794]  ? rcu_is_watching+0x12/0xc0
[  715.684831][T18794]  syscall_exit_to_user_mode+0x27b/0x2a0
[  715.684859][T18794]  do_syscall_64+0xda/0x230
[  715.684886][T18794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  715.684903][T18794] RIP: 0033:0x7fb82378e969
[  715.684919][T18794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  715.684935][T18794] RSP: 002b:00007fb8215f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  715.684951][T18794] RAX: 0000000000000000 RBX: 00007fb8239b5fa0 RCX: 00007fb82378e969
[  715.684962][T18794] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  715.684971][T18794] RBP: 00007fb823810ab1 R08: 0000000000000000 R09: 0000000000000000
[  715.684981][T18794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  715.684990][T18794] R13: 0000000000000000 R14: 00007fb8239b5fa0 R15: 00007ffe249a3238
[  715.685012][T18794]  </TASK>
[  717.510379][T18814] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10
[  717.694499][T18813] FAULT_INJECTION: forcing a failure.
[  717.694499][T18813] name failslab, interval 1, probability 0, space 0, times 0
[  717.841697][T18813] CPU: 1 UID: 0 PID: 18813 Comm: syz.4.4927 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  717.841725][T18813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  717.841735][T18813] Call Trace:
[  717.841741][T18813]  <TASK>
[  717.841748][T18813]  dump_stack_lvl+0x16c/0x1f0
[  717.841778][T18813]  should_fail_ex+0x512/0x640
[  717.841803][T18813]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  717.841828][T18813]  should_failslab+0xc2/0x120
[  717.841849][T18813]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  717.841871][T18813]  ? __pfx___register_sysctl_table+0x10/0x10
[  717.841892][T18813]  ? sysctl_route_net_init+0x42/0x2c0
[  717.841917][T18813]  ? __pfx_sysctl_route_net_init+0x10/0x10
[  717.841941][T18813]  kmemdup_noprof+0x29/0x60
[  717.841963][T18813]  sysctl_route_net_init+0x42/0x2c0
[  717.841987][T18813]  ? __pfx_sysctl_route_net_init+0x10/0x10
[  717.842017][T18813]  ops_init+0x1df/0x5f0
[  717.842041][T18813]  setup_net+0x21e/0x850
[  717.842065][T18813]  ? __pfx_setup_net+0x10/0x10
[  717.842084][T18813]  ? lockdep_init_map_type+0x5c/0x280
[  717.842108][T18813]  ? __pfx_down_read_killable+0x10/0x10
[  717.842128][T18813]  ? debug_mutex_init+0x37/0x70
[  717.842147][T18813]  copy_net_ns+0x2a6/0x5f0
[  717.842174][T18813]  create_new_namespaces+0x3ea/0xad0
[  717.842199][T18813]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  717.842220][T18813]  ksys_unshare+0x45b/0xa40
[  717.842243][T18813]  ? __pfx_ksys_unshare+0x10/0x10
[  717.842264][T18813]  ? xfd_validate_state+0x5d/0x180
[  717.842282][T18813]  ? rcu_is_watching+0x12/0xc0
[  717.842303][T18813]  __x64_sys_unshare+0x31/0x40
[  717.842325][T18813]  do_syscall_64+0xcd/0x230
[  717.842350][T18813]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.842367][T18813] RIP: 0033:0x7fa5e058e969
[  717.842382][T18813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  717.842398][T18813] RSP: 002b:00007fa5e1323038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  717.842415][T18813] RAX: ffffffffffffffda RBX: 00007fa5e07b5fa0 RCX: 00007fa5e058e969
[  717.842425][T18813] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  717.842435][T18813] RBP: 00007fa5e0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  717.842445][T18813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  717.842454][T18813] R13: 0000000000000000 R14: 00007fa5e07b5fa0 R15: 00007fffdd1603e8
[  717.842475][T18813]  </TASK>
[  719.311366][T18815] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11
[  719.670979][T18834] netlink: 186 bytes leftover after parsing attributes in process `syz.3.4934'.
[  719.717644][T18836] FAULT_INJECTION: forcing a failure.
[  719.717644][T18836] name failslab, interval 1, probability 0, space 0, times 0
[  719.799421][T18836] CPU: 1 UID: 0 PID: 18836 Comm: syz.4.4935 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  719.799450][T18836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  719.799461][T18836] Call Trace:
[  719.799466][T18836]  <TASK>
[  719.799473][T18836]  dump_stack_lvl+0x16c/0x1f0
[  719.799503][T18836]  should_fail_ex+0x512/0x640
[  719.799528][T18836]  ? __kmalloc_noprof+0xbf/0x510
[  719.799550][T18836]  ? lsm_blob_alloc+0x68/0x90
[  719.799565][T18836]  should_failslab+0xc2/0x120
[  719.799587][T18836]  __kmalloc_noprof+0xd2/0x510
[  719.799626][T18836]  lsm_blob_alloc+0x68/0x90
[  719.799643][T18836]  security_sk_alloc+0x30/0x270
[  719.799663][T18836]  sk_prot_alloc+0xfb/0x2a0
[  719.799691][T18836]  sk_alloc+0x36/0xc20
[  719.799711][T18836]  inet6_create+0x381/0x1300
[  719.799732][T18836]  ? inet6_create+0x7f/0x1300
[  719.799753][T18836]  __sock_create+0x335/0x8d0
[  719.799782][T18836]  smc_create_clcsk+0x37/0xd0
[  719.799802][T18836]  ? __pfx_smc_inet_init_sock+0x10/0x10
[  719.799829][T18836]  inet6_create+0xb2d/0x1300
[  719.799848][T18836]  ? inet6_create+0x7f/0x1300
[  719.799868][T18836]  __sock_create+0x335/0x8d0
[  719.799896][T18836]  __sys_socket+0x14d/0x260
[  719.799911][T18836]  ? __pfx___sys_socket+0x10/0x10
[  719.799927][T18836]  ? rcu_is_watching+0x12/0xc0
[  719.799948][T18836]  __x64_sys_socket+0x72/0xb0
[  719.799962][T18836]  ? lockdep_hardirqs_on+0x7c/0x110
[  719.799985][T18836]  do_syscall_64+0xcd/0x230
[  719.800019][T18836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  719.800036][T18836] RIP: 0033:0x7fa5e058e969
[  719.800050][T18836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  719.800066][T18836] RSP: 002b:00007fa5e1323038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  719.800083][T18836] RAX: ffffffffffffffda RBX: 00007fa5e07b5fa0 RCX: 00007fa5e058e969
[  719.800095][T18836] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 000000000000000a
[  719.800105][T18836] RBP: 00007fa5e0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  719.800116][T18836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  719.800125][T18836] R13: 0000000000000000 R14: 00007fa5e07b5fa0 R15: 00007fffdd1603e8
[  719.800146][T18836]  </TASK>
[  721.242033][T18855] input: isc as /devices/virtual/input/input12
[  721.286262][T18855] FAULT_INJECTION: forcing a failure.
[  721.286262][T18855] name failslab, interval 1, probability 0, space 0, times 0
[  721.368142][T18855] CPU: 1 UID: 0 PID: 18855 Comm: syz.5.4942 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  721.368170][T18855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  721.368181][T18855] Call Trace:
[  721.368189][T18855]  <TASK>
[  721.368197][T18855]  dump_stack_lvl+0x16c/0x1f0
[  721.368226][T18855]  should_fail_ex+0x512/0x640
[  721.368251][T18855]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  721.368274][T18855]  should_failslab+0xc2/0x120
[  721.368296][T18855]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  721.368316][T18855]  ? __kernfs_new_node+0xd2/0x8a0
[  721.368336][T18855]  __kernfs_new_node+0xd2/0x8a0
[  721.368355][T18855]  ? __pfx___kernfs_new_node+0x10/0x10
[  721.368376][T18855]  ? find_held_lock+0x2b/0x80
[  721.368394][T18855]  ? kernfs_root+0xee/0x2a0
[  721.368415][T18855]  kernfs_new_node+0x13c/0x1e0
[  721.368437][T18855]  __kernfs_create_file+0x53/0x350
[  721.368462][T18855]  sysfs_add_file_mode_ns+0x207/0x3c0
[  721.368493][T18855]  sysfs_merge_group+0x1aa/0x340
[  721.368511][T18855]  ? __pfx_sysfs_merge_group+0x10/0x10
[  721.368531][T18855]  ? __pfx_dev_add_physical_location+0x10/0x10
[  721.368553][T18855]  ? bus_to_subsys+0x131/0x160
[  721.368581][T18855]  dpm_sysfs_add+0x237/0x280
[  721.368604][T18855]  device_add+0x9a6/0x1a70
[  721.368629][T18855]  ? __pfx_device_add+0x10/0x10
[  721.368651][T18855]  ? __pfx_exact_lock+0x10/0x10
[  721.368680][T18855]  ? kobject_get+0xbb/0x150
[  721.368707][T18855]  cdev_device_add+0xc2/0x1e0
[  721.368727][T18855]  evdev_connect+0x3a4/0x4c0
[  721.368753][T18855]  input_attach_handler.isra.0+0x181/0x260
[  721.368779][T18855]  input_register_device+0xa84/0x1130
[  721.368805][T18855]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[  721.368826][T18855]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  721.368856][T18855]  ? find_held_lock+0x2b/0x80
[  721.368884][T18855]  ? __pfx_uinput_ioctl+0x10/0x10
[  721.368900][T18855]  __x64_sys_ioctl+0x190/0x200
[  721.368925][T18855]  do_syscall_64+0xcd/0x230
[  721.368952][T18855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  721.368969][T18855] RIP: 0033:0x7fb82378e969
[  721.368983][T18855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  721.369000][T18855] RSP: 002b:00007fb8215f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  721.369017][T18855] RAX: ffffffffffffffda RBX: 00007fb8239b5fa0 RCX: 00007fb82378e969
[  721.369027][T18855] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000005
[  721.369037][T18855] RBP: 00007fb823810ab1 R08: 0000000000000000 R09: 0000000000000000
[  721.369046][T18855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  721.369056][T18855] R13: 0000000000000000 R14: 00007fb8239b5fa0 R15: 00007ffe249a3238
[  721.369077][T18855]  </TASK>
[  722.013081][T18855] input: failed to attach handler evdev to device input12, error: -12
[  726.170530][T18925] netlink: 334 bytes leftover after parsing attributes in process `syz.0.4965'.
[  726.227382][T18925] 
[  726.229759][T18925] =============================
[  726.234633][T18925] WARNING: suspicious RCU usage
[  726.239613][T18925] 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 Not tainted
[  726.247166][T18925] -----------------------------
[  726.252184][T18925] net/mpls/af_mpls.c:84 suspicious rcu_dereference_check() usage!
[  726.261889][T18925] 
[  726.261889][T18925] other info that might help us debug this:
[  726.261889][T18925] 
[  726.273437][T18925] 
[  726.273437][T18925] rcu_scheduler_active = 2, debug_locks = 1
[  726.281641][T18925] 1 lock held by syz.0.4965/18925:
[  726.287034][T18925]  #0: ffffffff9012a3e8 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x371/0xe90
[  726.296765][T18925] 
[  726.296765][T18925] stack backtrace:
[  726.302728][T18925] CPU: 1 UID: 0 PID: 18925 Comm: syz.0.4965 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  726.302753][T18925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  726.302763][T18925] Call Trace:
[  726.302771][T18925]  <TASK>
[  726.302778][T18925]  dump_stack_lvl+0x16c/0x1f0
[  726.302808][T18925]  lockdep_rcu_suspicious+0x166/0x260
[  726.302833][T18925]  mpls_route_input_rcu+0x1d4/0x200
[  726.302859][T18925]  mpls_getroute+0x621/0x1ea0
[  726.302888][T18925]  ? __lock_acquire+0xaa4/0x1ba0
[  726.302909][T18925]  ? __pfx_mpls_getroute+0x10/0x10
[  726.302957][T18925]  ? rcu_is_watching+0x12/0xc0
[  726.302994][T18925]  ? __pfx_mpls_getroute+0x10/0x10
[  726.303020][T18925]  rtnetlink_rcv_msg+0x3c9/0xe90
[  726.303045][T18925]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  726.303076][T18925]  netlink_rcv_skb+0x16d/0x440
[  726.303099][T18925]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  726.303122][T18925]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  726.303154][T18925]  ? netlink_deliver_tap+0x1ae/0xd30
[  726.303179][T18925]  netlink_unicast+0x53a/0x7f0
[  726.303203][T18925]  ? __pfx_netlink_unicast+0x10/0x10
[  726.303224][T18925]  ? __lock_acquire+0xaa4/0x1ba0
[  726.303250][T18925]  netlink_sendmsg+0x8d1/0xdd0
[  726.303276][T18925]  ? __pfx_netlink_sendmsg+0x10/0x10
[  726.303306][T18925]  ____sys_sendmsg+0xa98/0xc70
[  726.303332][T18925]  ? copy_msghdr_from_user+0x10a/0x160
[  726.303352][T18925]  ? __pfx_____sys_sendmsg+0x10/0x10
[  726.303380][T18925]  ? kfree+0x252/0x4d0
[  726.303394][T18925]  ? schedule+0x2d7/0x3a0
[  726.303420][T18925]  ___sys_sendmsg+0x134/0x1d0
[  726.303444][T18925]  ? __pfx____sys_sendmsg+0x10/0x10
[  726.303483][T18925]  ? __pfx___might_resched+0x10/0x10
[  726.303506][T18925]  __sys_sendmmsg+0x200/0x420
[  726.303529][T18925]  ? __pfx___sys_sendmmsg+0x10/0x10
[  726.303555][T18925]  ? __pfx_do_futex+0x10/0x10
[  726.303583][T18925]  ? xfd_validate_state+0x5d/0x180
[  726.303602][T18925]  ? rcu_is_watching+0x12/0xc0
[  726.303621][T18925]  __x64_sys_sendmmsg+0x9c/0x100
[  726.303641][T18925]  ? lockdep_hardirqs_on+0x7c/0x110
[  726.303665][T18925]  do_syscall_64+0xcd/0x230
[  726.303700][T18925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  726.303718][T18925] RIP: 0033:0x7f6f7ab8e969
[  726.303734][T18925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  726.303751][T18925] RSP: 002b:00007f6f7b913038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  726.303769][T18925] RAX: ffffffffffffffda RBX: 00007f6f7adb5fa0 RCX: 00007f6f7ab8e969
[  726.303779][T18925] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  726.303789][T18925] RBP: 00007f6f7ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[  726.303799][T18925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  726.303809][T18925] R13: 0000000000000000 R14: 00007f6f7adb5fa0 R15: 00007fff5aa93ed8
[  726.303829][T18925]  </TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  727.166028][T18925] 
[  727.168452][T18925] =============================
[  727.173313][T18925] WARNING: suspicious RCU usage
[  727.179586][T18925] 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 Not tainted
[  727.187988][T18925] -----------------------------
[  727.192866][T18925] net/mpls/af_mpls.c:85 suspicious rcu_dereference_check() usage!
[  727.200763][T18925] 
[  727.200763][T18925] other info that might help us debug this:
[  727.200763][T18925] 
[  727.211405][T18925] 
[  727.211405][T18925] rcu_scheduler_active = 2, debug_locks = 1
[  727.220020][T18925] 1 lock held by syz.0.4965/18925:
[  727.225145][T18925]  #0: ffffffff9012a3e8 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x371/0xe90
[  727.234933][T18925] 
[  727.234933][T18925] stack backtrace:
[  727.241042][T18925] CPU: 1 UID: 0 PID: 18925 Comm: syz.0.4965 Not tainted 6.15.0-rc7-syzkaller-00082-g5cdb2c77c4c3 #0 PREEMPT(full) 
[  727.241068][T18925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  727.241078][T18925] Call Trace:
[  727.241085][T18925]  <TASK>
[  727.241093][T18925]  dump_stack_lvl+0x16c/0x1f0
[  727.241122][T18925]  lockdep_rcu_suspicious+0x166/0x260
[  727.241148][T18925]  mpls_route_input_rcu+0x153/0x200
[  727.241174][T18925]  mpls_getroute+0x621/0x1ea0
[  727.241202][T18925]  ? __lock_acquire+0xaa4/0x1ba0
[  727.241224][T18925]  ? __pfx_mpls_getroute+0x10/0x10
[  727.241261][T18925]  ? rcu_is_watching+0x12/0xc0
[  727.241299][T18925]  ? __pfx_mpls_getroute+0x10/0x10
[  727.241325][T18925]  rtnetlink_rcv_msg+0x3c9/0xe90
[  727.241349][T18925]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  727.241381][T18925]  netlink_rcv_skb+0x16d/0x440
[  727.241404][T18925]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  727.241426][T18925]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  727.241459][T18925]  ? netlink_deliver_tap+0x1ae/0xd30
[  727.241483][T18925]  netlink_unicast+0x53a/0x7f0
[  727.241508][T18925]  ? __pfx_netlink_unicast+0x10/0x10
[  727.241528][T18925]  ? __lock_acquire+0xaa4/0x1ba0
[  727.241554][T18925]  netlink_sendmsg+0x8d1/0xdd0
[  727.241579][T18925]  ? __pfx_netlink_sendmsg+0x10/0x10
[  727.241611][T18925]  ____sys_sendmsg+0xa98/0xc70
[  727.241637][T18925]  ? copy_msghdr_from_user+0x10a/0x160
[  727.241656][T18925]  ? __pfx_____sys_sendmsg+0x10/0x10
[  727.241684][T18925]  ? kfree+0x252/0x4d0
[  727.241697][T18925]  ? schedule+0x2d7/0x3a0
[  727.241723][T18925]  ___sys_sendmsg+0x134/0x1d0
[  727.241744][T18925]  ? __pfx____sys_sendmsg+0x10/0x10
[  727.241782][T18925]  ? __pfx___might_resched+0x10/0x10
[  727.241805][T18925]  __sys_sendmmsg+0x200/0x420
[  727.241828][T18925]  ? __pfx___sys_sendmmsg+0x10/0x10
[  727.241854][T18925]  ? __pfx_do_futex+0x10/0x10
[  727.241882][T18925]  ? xfd_validate_state+0x5d/0x180
[  727.241900][T18925]  ? rcu_is_watching+0x12/0xc0
[  727.241919][T18925]  __x64_sys_sendmmsg+0x9c/0x100
[  727.241947][T18925]  ? lockdep_hardirqs_on+0x7c/0x110
[  727.241969][T18925]  do_syscall_64+0xcd/0x230
[  727.241996][T18925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.242013][T18925] RIP: 0033:0x7f6f7ab8e969
[  727.242029][T18925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  727.242046][T18925] RSP: 002b:00007f6f7b913038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  727.242062][T18925] RAX: ffffffffffffffda RBX: 00007f6f7adb5fa0 RCX: 00007f6f7ab8e969
[  727.242073][T18925] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  727.242083][T18925] RBP: 00007f6f7ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[  727.242092][T18925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  727.242102][T18925] R13: 0000000000000000 R14: 00007f6f7adb5fa0 R15: 00007fff5aa93ed8
[  727.242122][T18925]  </TASK>
[  730.814945][T16261] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  730.981231][T16261] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  731.263942][T16261] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  731.420572][T16261] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  731.680446][T16261] bridge_slave_1: left allmulticast mode
[  731.709686][T16261] bridge_slave_1: left promiscuous mode
[  731.716726][T16261] bridge0: port 2(bridge_slave_1) entered disabled state
[  731.778097][T16261] bridge_slave_0: left allmulticast mode
[  731.813541][T16261] bridge_slave_0: left promiscuous mode
[  731.830492][T16261] bridge0: port 1(bridge_slave_0) entered disabled state
[  732.806364][T16261] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  732.823765][T16261] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  732.835017][T16261] bond0 (unregistering): Released all slaves
[  733.217590][T16261] hsr_slave_0: left promiscuous mode
[  733.253328][T16261] hsr_slave_1: left promiscuous mode
[  733.269850][T16261] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  733.277929][T16261] batman_adv: batadv0: Removing interface: batadv_slave_0
[  733.310859][T16261] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  733.318294][T16261] batman_adv: batadv0: Removing interface: batadv_slave_1
[  733.388572][T16261] veth1_macvtap: left promiscuous mode
[  733.409314][T16261] veth0_macvtap: left promiscuous mode
[  733.416037][T16261] veth0_vlan: left promiscuous mode
[  734.100144][T16261] team0 (unregistering): Port device team_slave_1 removed
[  734.148294][T16261] team0 (unregistering): Port device team_slave_0 removed
[  735.068437][T16261] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  735.342754][T16261] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  735.529584][T16261] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  735.672544][T16261] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  736.004901][T16261] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  736.096404][T16261] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  736.175840][T16261] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0