last executing test programs: 9.302282116s ago: executing program 0 (id=402): mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x101040, 0x149) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x20002, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000001280)='/dev/v4l-subdev0\x00', 0x101000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x68100, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0xc6, 0x3, 0xfff, &(0x7f0000000000)=0x1) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, r1, 0x0) r2 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r2, 0x107, 0x14, 0x0, 0x4) sendmmsg$auto(r1, &(0x7f0000000400)={{&(0x7f0000000000), 0x205aa, &(0x7f0000000100)={0x0, 0x4b}, 0x1, 0x0, 0x5, 0x1000}, 0x5}, 0x2, 0x100) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) 8.832274995s ago: executing program 1 (id=403): close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) memfd_secret$auto(0x0) socket(0x2b, 0x1, 0x0) socket(0x2, 0xa, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x71, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x2e, 0x0, 0x9) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xfffffdef}, 0x1) 8.75228288s ago: executing program 0 (id=413): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/security/tomoyo/manager\x00', 0x200, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/pcmC1D1p\x00', 0xa00, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0) ioctl$auto_BLKRRPART(r1, 0x125f, 0x700000000000000) msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004) open(0x0, 0xeee00, 0x31) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0) socket(0x21, 0x2, 0x2) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0xffffffffffffc318, 0x948b, 0x3, 0x15f4da06, 0x3, 0x40000003, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) 7.377021018s ago: executing program 1 (id=408): unshare$auto(0x40000080) clock_settime$auto(0x0, &(0x7f0000000000)={0x100000004, 0x8}) adjtimex$auto(&(0x7f0000000280)={0xf, 0x0, 0x8, 0x100000001, 0x7f, 0x0, 0x2, 0x0, 0xe, 0x0, 0x10001, {0xf, 0x6}, 0x7ffffffffffffffe, 0x3a9d, 0x5, 0xf, 0x0, 0x6, 0x1, 0x7, 0x8, 0x5, 0x1015c8}) adjtimex$auto(0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/ip6_tables_targets\x00', 0x4800, 0x0) set_mempolicy_home_node$auto(0x0, 0x10001, 0x0, 0x0) bind$auto(0x3, 0x0, 0x6e) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) unshare$auto(0x40000080) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) write$auto(0xca, &(0x7f0000000000)='\x04>\x01\x01\x00\x00\x00\x01\x00\xb6', 0x7f) 7.22352352s ago: executing program 0 (id=410): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x7ffd) r0 = io_uring_setup$auto(0x5c, 0x0) select$auto(0xef, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, r0, 0xfffffffc) madvise$auto(0x201, 0xe, 0xcbc) madvise$auto(0x0, 0x800000002003f0, 0x15) keyctl$auto(0x1000001f, 0x1, 0x0, 0xffffffffffffffff, 0x3) open(0x0, 0xc2, 0x84) clone$auto(0x1, 0x3, 0x0, 0x0, 0x3) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, 0x0, 0x0) mlockall$auto(0x800000000000005) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x80, 0x9, 0x0) madvise$auto(0x0, 0x200007, 0x19) 6.446339368s ago: executing program 3 (id=411): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x112) statx$auto(r0, 0x0, 0xfffffffb, 0x2, 0x0) unshare$auto(0x40000080) ioctl$auto_IMADDTIMER(0xffffffffffffffff, 0x80044940, 0x0) bpf$auto(0x8, &(0x7f00000001c0)=@bpf_attr_0={0x7, 0xb5, 0xe, 0x4, 0x53400000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x8005, 0x7, 0x7, 0x6}, 0x10) ioctl$auto_USBDEVFS_SUBMITURB32(0xffffffffffffffff, 0x802c550a, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = open(0x0, 0x261c2, 0x84) ioctl$auto_SNAPSHOT_UNFREEZE(r1, 0x3302, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x6) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) memfd_create$auto(0x0, 0x12) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty12\x00', 0x800, 0x0) r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r2, 0x541c, r3) 5.820085937s ago: executing program 0 (id=412): close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x80002, 0x73) clock_getres$auto(0x400, &(0x7f0000000000)={0x3, 0x800}) read$auto(0x3, 0x0, 0x80) getsockopt$auto(r0, 0x9, 0x9, &(0x7f0000000040)='![@\':/\'\\.$]\x00', &(0x7f0000000080)=0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) socket(0x11, 0x80003, 0x300) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) io_uring_enter$auto(r1, 0x7, 0x7ffffffb, 0x3, 0x0, 0x3) move_pages$auto(0x0, 0xa, 0x0, 0x0, 0x0, 0x2) io_uring_enter$auto(0x3, 0x5, 0x5f3, 0x3, 0x0, 0x2) 5.819418484s ago: executing program 2 (id=414): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000) madvise$auto_MADV_HUGEPAGE(0x0, 0x80000001, 0xe) madvise$auto_MADV_HUGEPAGE(0x0, 0x2, 0xe) socket(0x2c, 0x3, 0x0) bpf$auto(0x4, 0x0, 0x6f6) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x1) socket(0x2, 0x1, 0x106) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0) r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0) ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r0, 0x5509, 0x0) unshare$auto(0x40000080) openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000340), 0x400, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r1, &(0x7f0000006200)={0x0, 0xfffffffffffffe47, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="230027bd7000fcdbdf2508ffe9000c000380050001800300000004000280080001"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044) 5.566780566s ago: executing program 1 (id=415): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r0 = socket(0x2b, 0x1, 0x1) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) socket(0x23, 0x80805, 0x0) ioctl$auto(0x3, 0x89ed, 0xfffffffffffff4e0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001480)={'veth0_virt_wifi\x00'}) munmap$auto(0x8000, 0xffffffff) getrandom$auto(0x0, 0x6000000, 0x3) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x19, 0x4, 0x4, 0x880b, 0x8, 0xd, 0x66b, 0x4, 0x7ff}, 0x6f4) 5.565920739s ago: executing program 3 (id=423): r0 = socket(0x15, 0x5, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x400800, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0xc8, 0x800454d7, 0x5c8d) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) unshare$auto(0x40000080) mbind$auto(0x8000, 0x7f, 0x2, 0x0, 0x3, 0x1) prctl$auto(0x29, 0x5, 0x0, 0x0, 0x0) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/net/bonding/bond0\x00', 0x0, 0x0) sysfs$auto(0x401, 0x101, 0x1) read$auto(r1, &(0x7f0000000240)='/proc/scsi/sg\x00\x00\x00\x00ices\x00\r\xe2\xc9\x04\x986\xbc\xb0FI\xb9-E\xe3\x87j\xdes1\xa7\xdf\xc4\b\xb3\xeelc\x7f\xfdg\x18*\a:_\xb0\x92\xacwH\x9c\x9dF\xb1\xc47\x85\xc7\x13\xe1\x19UR\x96\xd8\x86\xd3\xe4\xa9R\x1c\xeb\xc8\xe5X\xfcR\xc7\vdU\x8b\xaa^\xfd\x83#\xc1o\x04\xeca\xbf\x8bYz\xd9\r\xcbk\xfd\x9e\x97\xcbOf\x80', 0xffffffff) 5.020945822s ago: executing program 2 (id=416): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/pid_for_children\x00') r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) r1 = socket(0x18, 0xa, 0x1) close_range$auto(0x2, 0x8000, 0x0) socket(0x1, 0x5, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/mnt\x00') socket(0x80000000000000a, 0x2, 0x0) bpf$auto(0x0, &(0x7f0000000300)=@link_update={r1, @new_prog_fd=r0, 0x100, @old_map_fd=r0}, 0x10) bpf$auto(0x3, &(0x7f0000000340)=@enable_stats={0x5}, 0x3) 4.270881393s ago: executing program 3 (id=417): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x23, 0x80805, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) prctl$auto_PR_GET_CHILD_SUBREAPER(0x25, 0x4d69, 0xffffffffffffffff, 0x8, 0x2) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) pwrite64$auto(r0, &(0x7f0000000040)='.\'*&\x04!\x00', 0x1, 0x8) 3.436881854s ago: executing program 0 (id=418): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e21, @empty}, 0x70) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x1) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3f83, 0xfffffffb) capset$auto(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x2, 0x3a) connect$auto(0x3, 0x0, 0x54) 3.436722188s ago: executing program 2 (id=419): close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) memfd_secret$auto(0x0) socket(0x2b, 0x1, 0x0) socket(0x2, 0xa, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x71, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x2e, 0x0, 0x9) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xfffffdef}, 0x1) 3.06361275s ago: executing program 1 (id=420): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) unshare$auto(0x40000080) r0 = socket(0xa, 0x1, 0x84) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) shmdt$auto(0x0) getsockopt$auto(r0, 0x84, 0x85, 0x0, &(0x7f00000000c0)=0x646b) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x109c40, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(0x0, 0x0, 0x700) socket(0xa, 0x5, 0x0) ioctl$auto(0x1, 0x8941, 0x8) 2.983096302s ago: executing program 3 (id=421): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyw5\x00', 0x28341, 0x0) socket(0x2, 0x3, 0xa) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/ip6_tables_targets\x00', 0x608100, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TIOCMGET2(r1, 0x5415, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0) 2.145608062s ago: executing program 2 (id=422): clock_nanosleep$auto(0x9, 0x0, &(0x7f0000000000)={0x0, 0x200}, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socket(0x2b, 0x1, 0x1) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/17, 0x11) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0xe0800, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_TIOCEXCL2(r0, 0x540c, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) unshare$auto(0x40000080) r1 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r1, &(0x7f0000000440)="110000001265", 0x6) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r2 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r2, 0x4018bc13, &(0x7f00000005c0)={0x0, 0x9d, 0x720, [0x0]}) 1.862418229s ago: executing program 3 (id=424): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, 0x0, 0xa3) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0xe8) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f682, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) r2 = socket(0xf, 0x3, 0x2) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/security/tomoyo/stat\x00', 0x40802, 0x0) syz_genetlink_get_family_id$auto_hsr(0x0, r2) read$auto(r3, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xfdef) 1.861450189s ago: executing program 1 (id=432): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(r0, 0x0, 0x400fffd, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) ioctl$auto_KVM_CHECK_EXTENSION(r2, 0xae03, 0xd6) ioperm$auto(0x400, 0x7f, 0xd) r3 = semctl$auto(0x0, 0xe3, 0x0, 0x5) ioctl$auto_XFS_IOC_FREESP64(r1, 0x40305825, &(0x7f0000000040)={0xa, 0x8001, 0xe1, 0x1, 0xfffffff9, r3}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:03.0/resource\x00', 0xa00, 0x0) lsm_set_self_attr$auto(0x1, 0x0, 0x7, 0x6) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) 876.640364ms ago: executing program 3 (id=425): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0xa02, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000040)={0x6, 0xd}) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x40242, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) unshare$auto(0x40000080) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/mpls/platform_labels\x00', 0x202, 0x0) mmap$auto(0x5, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x1) fstat$auto(0x2, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) madvise$auto(0x110c234000, 0x1, 0x9) pwrite64$auto(r3, &(0x7f0000000040)='/proc/sys/user/max_fanotify_g\b\x00\x00\x00s@', 0x7, 0x7) read$auto(r2, 0x0, 0x7fffffff) writev$auto(r1, &(0x7f0000000200)={0x0, 0x10}, 0x3) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x129c00, 0x0) ioctl$auto_MTDFILEMODE(0xffffffffffffffff, 0x4d13, 0x0) 862.189019ms ago: executing program 0 (id=434): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(0x0, 0x64842, 0x0) timerfd_settime$auto(0xffffffffffffffff, 0x4, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000de, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) sendmsg$auto_NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, 0x0, 0x40000) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) setsockopt$auto(0xffffffffffffffff, 0x9, 0xff, &(0x7f00000002c0)='SEG6\x00', 0xeec) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) mmap$auto(0x5254, 0x5, 0x4, 0x14, r0, 0x1) getsockopt$auto_SO_PASSCRED(r2, 0x1, 0x10, 0x0, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000280), 0x440, 0x0) gettid() 857.080891ms ago: executing program 2 (id=435): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, 0x0, 0xa3) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0xe8) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f682, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) r2 = socket(0xf, 0x3, 0x2) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/security/tomoyo/stat\x00', 0x40802, 0x0) syz_genetlink_get_family_id$auto_hsr(0x0, r2) read$auto(r3, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xfdef) 553.131027ms ago: executing program 1 (id=426): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyw5\x00', 0x28341, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mknod$auto(&(0x7f0000000040)='X))\x00', 0x1, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mknod$auto(&(0x7f0000000280)='X))\x00', 0x63c5, 0x7bf) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, r1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x83, 0x202000a, 0x3, 0xebf, 0xffffffffffffffff, 0x5) sysfs$auto(0x2, 0x10000000000045, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) 0s ago: executing program 2 (id=427): mmap$auto(0x0, 0x9, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) r3 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) splice$auto(0xffffffffffffffff, 0x0, r1, 0x0, 0x80000000000004cb, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) write$auto(r0, 0x0, 0x100000a3d9) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.170' (ED25519) to the list of known hosts. [ 91.312021][ T5816] cgroup: Unknown subsys name 'net' [ 91.488858][ T5816] cgroup: Unknown subsys name 'cpuset' [ 91.499416][ T5816] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 93.425936][ T5816] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 95.745481][ T5827] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 95.765378][ T5827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 95.773084][ T5827] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 95.785385][ T5827] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 95.804920][ T5827] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 95.875115][ T5827] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 95.897736][ T5834] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 95.907248][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 95.915759][ T5834] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 95.924225][ T5837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 95.931852][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 95.939218][ T5837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 95.948553][ T5837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 95.957209][ T5837] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 95.968136][ T5839] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 95.975806][ T5839] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 95.975815][ T5827] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 95.976599][ T5827] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 95.998623][ T5839] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 96.007199][ T5827] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 96.523492][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 96.638449][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 96.706350][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 96.822160][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.829524][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.837590][ T5825] bridge_slave_0: entered allmulticast mode [ 96.845584][ T5825] bridge_slave_0: entered promiscuous mode [ 96.860837][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 96.903902][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.911221][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.918526][ T5825] bridge_slave_1: entered allmulticast mode [ 96.929511][ T10] cfg80211: failed to load regulatory.db [ 96.929880][ T5825] bridge_slave_1: entered promiscuous mode [ 96.998738][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.006421][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.013553][ T5831] bridge_slave_0: entered allmulticast mode [ 97.021159][ T5831] bridge_slave_0: entered promiscuous mode [ 97.028585][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.037992][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.045266][ T5829] bridge_slave_0: entered allmulticast mode [ 97.052621][ T5829] bridge_slave_0: entered promiscuous mode [ 97.092643][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.100086][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.107665][ T5831] bridge_slave_1: entered allmulticast mode [ 97.115637][ T5831] bridge_slave_1: entered promiscuous mode [ 97.122461][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.129746][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.136944][ T5829] bridge_slave_1: entered allmulticast mode [ 97.144200][ T5829] bridge_slave_1: entered promiscuous mode [ 97.154056][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.172858][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.243096][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.289793][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.302521][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.329111][ T5825] team0: Port device team_slave_0 added [ 97.353054][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.383709][ T5825] team0: Port device team_slave_1 added [ 97.416315][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.423694][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.431406][ T5830] bridge_slave_0: entered allmulticast mode [ 97.439965][ T5830] bridge_slave_0: entered promiscuous mode [ 97.463828][ T5831] team0: Port device team_slave_0 added [ 97.472415][ T5831] team0: Port device team_slave_1 added [ 97.492976][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.500905][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.508272][ T5830] bridge_slave_1: entered allmulticast mode [ 97.515972][ T5830] bridge_slave_1: entered promiscuous mode [ 97.553325][ T5829] team0: Port device team_slave_0 added [ 97.574030][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.581155][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.607798][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.634278][ T5829] team0: Port device team_slave_1 added [ 97.653360][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.661741][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.687986][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.700497][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.707693][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.733699][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.760514][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.781273][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.788310][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.814784][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.846413][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.885509][ T5827] Bluetooth: hci0: command tx timeout [ 97.892112][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.899303][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.925463][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.938511][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.945580][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.972061][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.024131][ T5831] hsr_slave_0: entered promiscuous mode [ 98.030746][ T5831] hsr_slave_1: entered promiscuous mode [ 98.045335][ T5150] Bluetooth: hci2: command tx timeout [ 98.051088][ T5840] Bluetooth: hci1: command tx timeout [ 98.053898][ T5827] Bluetooth: hci3: command tx timeout [ 98.066985][ T5830] team0: Port device team_slave_0 added [ 98.076521][ T5830] team0: Port device team_slave_1 added [ 98.118254][ T5825] hsr_slave_0: entered promiscuous mode [ 98.125291][ T5825] hsr_slave_1: entered promiscuous mode [ 98.131566][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 98.139709][ T5825] Cannot create hsr debugfs directory [ 98.202482][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.209905][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.237149][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.277327][ T5829] hsr_slave_0: entered promiscuous mode [ 98.283662][ T5829] hsr_slave_1: entered promiscuous mode [ 98.289932][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 98.297559][ T5829] Cannot create hsr debugfs directory [ 98.303848][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.311814][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.338091][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.509264][ T5830] hsr_slave_0: entered promiscuous mode [ 98.517037][ T5830] hsr_slave_1: entered promiscuous mode [ 98.523159][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 98.530969][ T5830] Cannot create hsr debugfs directory [ 98.896860][ T5831] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 98.911187][ T5831] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 98.923289][ T5831] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 98.936153][ T5831] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 99.019140][ T5825] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 99.037698][ T5825] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 99.050235][ T5825] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 99.061733][ T5825] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 99.199758][ T5829] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 99.214353][ T5829] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 99.230400][ T5829] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 99.265359][ T5829] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 99.339941][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.368043][ T5830] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 99.412306][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.420461][ T5830] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 99.446468][ T3019] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.454074][ T3019] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.471762][ T5830] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 99.490487][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.497811][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.512475][ T5830] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 99.546107][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.618197][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.643569][ T5831] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 99.704146][ T65] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.711325][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.742152][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.768885][ T65] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.776187][ T65] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.830611][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.877314][ T3019] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.884557][ T3019] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.932702][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.943360][ T3019] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.950594][ T3019] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.964969][ T5827] Bluetooth: hci0: command tx timeout [ 100.051595][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.105461][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.112661][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.125826][ T5827] Bluetooth: hci3: command tx timeout [ 100.126173][ T5150] Bluetooth: hci2: command tx timeout [ 100.136537][ T5829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 100.138467][ T5840] Bluetooth: hci1: command tx timeout [ 100.181567][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.188798][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.316206][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.490610][ T5831] veth0_vlan: entered promiscuous mode [ 100.538034][ T5831] veth1_vlan: entered promiscuous mode [ 100.623817][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.677254][ T5831] veth0_macvtap: entered promiscuous mode [ 100.707662][ T5831] veth1_macvtap: entered promiscuous mode [ 100.776007][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.806755][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.865283][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.891462][ T5825] veth0_vlan: entered promiscuous mode [ 100.903880][ T5831] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.913799][ T5831] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.924378][ T5831] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.935927][ T5831] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.962670][ T5825] veth1_vlan: entered promiscuous mode [ 101.037247][ T5829] veth0_vlan: entered promiscuous mode [ 101.045345][ T5825] veth0_macvtap: entered promiscuous mode [ 101.066546][ T5825] veth1_macvtap: entered promiscuous mode [ 101.080605][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.090185][ T5829] veth1_vlan: entered promiscuous mode [ 101.147651][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.190120][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.213837][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.223260][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.239499][ T5829] veth0_macvtap: entered promiscuous mode [ 101.265937][ T5825] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.277913][ T5825] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.286863][ T5825] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.295856][ T5825] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.311440][ T5829] veth1_macvtap: entered promiscuous mode [ 101.362878][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.373597][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.442591][ T5830] veth0_vlan: entered promiscuous mode [ 101.468292][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.510909][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.523250][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.528371][ T5830] veth1_vlan: entered promiscuous mode [ 101.548647][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.559770][ T5831] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 101.609612][ T5829] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.621371][ T5829] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.630661][ T5829] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.639673][ T5829] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.709139][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.722394][ T5830] veth0_macvtap: entered promiscuous mode [ 101.740365][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.789549][ T5830] veth1_macvtap: entered promiscuous mode [ 101.952328][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.045543][ T5840] Bluetooth: hci0: command tx timeout [ 102.070306][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.117017][ T5830] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.136249][ T5830] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.148613][ T5830] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.174612][ T5830] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.204859][ T5840] Bluetooth: hci1: command tx timeout [ 102.210318][ T5150] Bluetooth: hci2: command tx timeout [ 102.210351][ T5827] Bluetooth: hci3: command tx timeout [ 102.227960][ T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.238767][ T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.381101][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.457585][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.688099][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.696339][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.818220][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.864358][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.012774][ T5903] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 103.280587][ T5913] netlink: 350 bytes leftover after parsing attributes in process `syz.3.4'. [ 103.307296][ T5913] Zero length message leads to an empty skb [ 103.625141][ T5921] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7'. [ 103.675434][ T5921] netlink: 354 bytes leftover after parsing attributes in process `syz.2.7'. [ 104.126081][ T5827] Bluetooth: hci0: command tx timeout [ 104.231996][ T5935] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 104.288663][ T5827] Bluetooth: hci2: command tx timeout [ 104.294417][ T5840] Bluetooth: hci3: command tx timeout [ 104.294427][ T5150] Bluetooth: hci1: command tx timeout [ 105.117083][ T5939] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 105.218475][ T5943] zswap: compressor not available [ 106.885425][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 106.894065][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 107.215962][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 107.245312][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 109.611623][ T6002] FAULT_INJECTION: forcing a failure. [ 109.611623][ T6002] name fail_futex, interval 1, probability 0, space 0, times 1 [ 109.664611][ T6002] CPU: 0 UID: 0 PID: 6002 Comm: syz.3.29 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 109.664654][ T6002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 109.664677][ T6002] Call Trace: [ 109.664687][ T6002] [ 109.664702][ T6002] dump_stack_lvl+0x16c/0x1f0 [ 109.664749][ T6002] should_fail_ex+0x512/0x640 [ 109.664805][ T6002] get_futex_key+0x1d0/0x1540 [ 109.664861][ T6002] ? __pfx_get_futex_key+0x10/0x10 [ 109.664913][ T6002] ? __mutex_trylock_common+0xe9/0x250 [ 109.664956][ T6002] futex_wake+0xea/0x530 [ 109.664996][ T6002] ? __pfx_futex_wake+0x10/0x10 [ 109.665028][ T6002] ? __lock_acquire+0xb8a/0x1c90 [ 109.665079][ T6002] do_futex+0x1e3/0x350 [ 109.665109][ T6002] ? __pfx_do_futex+0x10/0x10 [ 109.665135][ T6002] ? __might_fault+0xe3/0x190 [ 109.665186][ T6002] mm_release+0x24e/0x300 [ 109.665234][ T6002] do_exit+0x683/0x2bd0 [ 109.665301][ T6002] ? __pfx_do_exit+0x10/0x10 [ 109.665335][ T6002] ? do_raw_spin_lock+0x12c/0x2b0 [ 109.665375][ T6002] ? find_held_lock+0x2b/0x80 [ 109.665427][ T6002] do_group_exit+0xd3/0x2a0 [ 109.665465][ T6002] get_signal+0x2673/0x26d0 [ 109.665528][ T6002] ? __pfx_get_signal+0x10/0x10 [ 109.665576][ T6002] ? do_futex+0x122/0x350 [ 109.665607][ T6002] ? __pfx_do_futex+0x10/0x10 [ 109.665641][ T6002] arch_do_signal_or_restart+0x8f/0x790 [ 109.665694][ T6002] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 109.665756][ T6002] ? xfd_validate_state+0x61/0x180 [ 109.665788][ T6002] ? __pfx___do_sys_close_range+0x10/0x10 [ 109.665839][ T6002] exit_to_user_mode_loop+0x84/0x110 [ 109.665883][ T6002] do_syscall_64+0x3f6/0x490 [ 109.665932][ T6002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.665963][ T6002] RIP: 0033:0x7fc26338e969 [ 109.665988][ T6002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 109.666018][ T6002] RSP: 002b:00007fc26429f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 109.666048][ T6002] RAX: fffffffffffffe00 RBX: 00007fc2635b6168 RCX: 00007fc26338e969 [ 109.666069][ T6002] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc2635b6168 [ 109.666088][ T6002] RBP: 00007fc2635b6160 R08: 0000000000000000 R09: 0000000000000000 [ 109.666107][ T6002] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc2635b616c [ 109.666126][ T6002] R13: 0000000000000000 R14: 00007ffee11464d0 R15: 00007ffee11465b8 [ 109.666178][ T6002] [ 111.107642][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 111.566948][ T6032] FAULT_INJECTION: forcing a failure. [ 111.566948][ T6032] name failslab, interval 1, probability 0, space 0, times 1 [ 111.615005][ T6032] CPU: 0 UID: 0 PID: 6032 Comm: syz.1.38 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 111.615052][ T6032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 111.615071][ T6032] Call Trace: [ 111.615081][ T6032] [ 111.615093][ T6032] dump_stack_lvl+0x16c/0x1f0 [ 111.615149][ T6032] should_fail_ex+0x512/0x640 [ 111.615200][ T6032] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 111.615248][ T6032] should_failslab+0xc2/0x120 [ 111.615295][ T6032] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 111.615335][ T6032] ? __asan_memcpy+0x3c/0x60 [ 111.615371][ T6032] ? __kernfs_new_node+0xd2/0x8e0 [ 111.615419][ T6032] __kernfs_new_node+0xd2/0x8e0 [ 111.615464][ T6032] ? __pfx___kernfs_new_node+0x10/0x10 [ 111.615515][ T6032] ? find_held_lock+0x2b/0x80 [ 111.615560][ T6032] ? kernfs_root+0xee/0x2a0 [ 111.615607][ T6032] kernfs_new_node+0x13c/0x1e0 [ 111.615659][ T6032] kernfs_create_link+0xcc/0x240 [ 111.615694][ T6032] sysfs_do_create_link_sd+0x90/0x140 [ 111.615737][ T6032] sysfs_create_link+0x61/0xc0 [ 111.615776][ T6032] device_add+0x62c/0x1a70 [ 111.615817][ T6032] ? __pfx_device_add+0x10/0x10 [ 111.615849][ T6032] ? kfree+0x24f/0x4d0 [ 111.615897][ T6032] device_create_groups_vargs+0x1f8/0x270 [ 111.615941][ T6032] device_create+0xed/0x130 [ 111.615980][ T6032] ? __pfx_device_create+0x10/0x10 [ 111.616020][ T6032] ? do_init_timer+0xc9/0x110 [ 111.616073][ T6032] ? ieee80211_roc_setup+0x136/0x270 [ 111.616122][ T6032] ? ieee80211_alloc_hw_nm+0x231/0x2260 [ 111.616183][ T6032] mac80211_hwsim_new_radio+0x369/0x54d0 [ 111.616256][ T6032] ? __asan_memset+0x23/0x50 [ 111.616293][ T6032] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 111.616362][ T6032] hwsim_new_radio_nl+0xb51/0x12c0 [ 111.616418][ T6032] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 111.616481][ T6032] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 111.616520][ T6032] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 111.616567][ T6032] genl_family_rcv_msg_doit+0x206/0x2f0 [ 111.616608][ T6032] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 111.616643][ T6032] ? trace_cap_capable+0x18d/0x200 [ 111.616683][ T6032] ? bpf_lsm_capable+0x9/0x10 [ 111.616710][ T6032] ? security_capable+0x7e/0x260 [ 111.616738][ T6032] ? ns_capable+0xd7/0x110 [ 111.616780][ T6032] genl_rcv_msg+0x55c/0x800 [ 111.616813][ T6032] ? __pfx_genl_rcv_msg+0x10/0x10 [ 111.616844][ T6032] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 111.616898][ T6032] netlink_rcv_skb+0x155/0x420 [ 111.616922][ T6032] ? __pfx_genl_rcv_msg+0x10/0x10 [ 111.616953][ T6032] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 111.616992][ T6032] ? netlink_deliver_tap+0x1ae/0xd30 [ 111.617038][ T6032] genl_rcv+0x28/0x40 [ 111.617063][ T6032] netlink_unicast+0x53a/0x7f0 [ 111.617119][ T6032] ? __pfx_netlink_unicast+0x10/0x10 [ 111.617175][ T6032] netlink_sendmsg+0x8d1/0xdd0 [ 111.617205][ T6032] ? __pfx_netlink_sendmsg+0x10/0x10 [ 111.617263][ T6032] ____sys_sendmsg+0xa95/0xc70 [ 111.617292][ T6032] ? copy_msghdr_from_user+0x10a/0x160 [ 111.617330][ T6032] ? __pfx_____sys_sendmsg+0x10/0x10 [ 111.617354][ T6032] ? preempt_schedule_thunk+0x16/0x30 [ 111.617395][ T6032] ? try_to_wake_up+0xa2f/0x1680 [ 111.617439][ T6032] ___sys_sendmsg+0x134/0x1d0 [ 111.617478][ T6032] ? __pfx____sys_sendmsg+0x10/0x10 [ 111.617512][ T6032] ? __lock_acquire+0x622/0x1c90 [ 111.617580][ T6032] __sys_sendmsg+0x16d/0x220 [ 111.617617][ T6032] ? __pfx___sys_sendmsg+0x10/0x10 [ 111.617654][ T6032] ? __x64_sys_futex+0x1e0/0x4c0 [ 111.617719][ T6032] do_syscall_64+0xcd/0x490 [ 111.617760][ T6032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.617788][ T6032] RIP: 0033:0x7f7590b8e969 [ 111.617809][ T6032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.617836][ T6032] RSP: 002b:00007f75919bd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 111.617861][ T6032] RAX: ffffffffffffffda RBX: 00007f7590db6080 RCX: 00007f7590b8e969 [ 111.617880][ T6032] RDX: 0000000000018800 RSI: 0000200000000040 RDI: 0000000000000005 [ 111.617897][ T6032] RBP: 00007f7590c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 111.617913][ T6032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.617930][ T6032] R13: 0000000000000000 R14: 00007f7590db6080 R15: 00007ffce741e9b8 [ 111.617965][ T6032] [ 112.563996][ T6044] process 'syz.3.41' launched './file0' with NULL argv: empty string added [ 112.729475][ T6049] netlink: 28 bytes leftover after parsing attributes in process `syz.1.43'. [ 113.207656][ T6057] FAULT_INJECTION: forcing a failure. [ 113.207656][ T6057] name failslab, interval 1, probability 0, space 0, times 0 [ 113.280981][ T6057] CPU: 1 UID: 0 PID: 6057 Comm: syz.1.44 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 113.281027][ T6057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 113.281046][ T6057] Call Trace: [ 113.281057][ T6057] [ 113.281069][ T6057] dump_stack_lvl+0x16c/0x1f0 [ 113.281122][ T6057] should_fail_ex+0x512/0x640 [ 113.281184][ T6057] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 113.281227][ T6057] should_failslab+0xc2/0x120 [ 113.281277][ T6057] __kmalloc_cache_noprof+0x6a/0x3e0 [ 113.281314][ T6057] ? find_held_lock+0x2b/0x80 [ 113.281358][ T6057] ? posix_clock_open+0xc8/0x290 [ 113.281416][ T6057] posix_clock_open+0xc8/0x290 [ 113.281469][ T6057] ? __pfx_posix_clock_open+0x10/0x10 [ 113.281521][ T6057] chrdev_open+0x234/0x6a0 [ 113.281565][ T6057] ? __pfx_apparmor_file_open+0x10/0x10 [ 113.281613][ T6057] ? __pfx_chrdev_open+0x10/0x10 [ 113.281660][ T6057] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 113.281705][ T6057] do_dentry_open+0x741/0x1c10 [ 113.281749][ T6057] ? __pfx_chrdev_open+0x10/0x10 [ 113.281805][ T6057] vfs_open+0x82/0x3f0 [ 113.281863][ T6057] path_openat+0x1de4/0x2cb0 [ 113.281919][ T6057] ? __pfx_path_openat+0x10/0x10 [ 113.281964][ T6057] ? __lock_acquire+0xb8a/0x1c90 [ 113.282020][ T6057] do_filp_open+0x20b/0x470 [ 113.282062][ T6057] ? __pfx_do_filp_open+0x10/0x10 [ 113.282133][ T6057] ? alloc_fd+0x471/0x7d0 [ 113.282192][ T6057] do_sys_openat2+0x11b/0x1d0 [ 113.282222][ T6057] ? __pfx_do_sys_openat2+0x10/0x10 [ 113.282292][ T6057] __x64_sys_openat+0x174/0x210 [ 113.282323][ T6057] ? __pfx___x64_sys_openat+0x10/0x10 [ 113.282371][ T6057] do_syscall_64+0xcd/0x490 [ 113.282419][ T6057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.282453][ T6057] RIP: 0033:0x7f7590b8e969 [ 113.282480][ T6057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.282511][ T6057] RSP: 002b:00007f75919bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 113.282542][ T6057] RAX: ffffffffffffffda RBX: 00007f7590db6080 RCX: 00007f7590b8e969 [ 113.282564][ T6057] RDX: 0000000000000440 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 113.282585][ T6057] RBP: 00007f7590c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 113.282605][ T6057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.282624][ T6057] R13: 0000000000000000 R14: 00007f7590db6080 R15: 00007ffce741e9b8 [ 113.282665][ T6057] [ 113.780490][ T6063] netlink: 28 bytes leftover after parsing attributes in process `syz.3.45'. [ 113.890131][ T6063] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.012248][ T6063] bridge_slave_1 (unregistering): left allmulticast mode [ 114.037648][ T6063] bridge_slave_1 (unregistering): left promiscuous mode [ 114.061443][ T6063] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.445392][ T6074] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 114.796464][ T6076] netlink: 25 bytes leftover after parsing attributes in process `syz.3.49'. [ 115.691220][ T6089] FAULT_INJECTION: forcing a failure. [ 115.691220][ T6089] name failslab, interval 1, probability 0, space 0, times 0 [ 115.715346][ T0] NOHZ tick-stop error: local softirq work is pending, handler #340!!! [ 115.732113][ T6089] CPU: 1 UID: 0 PID: 6089 Comm: syz.1.54 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 115.732157][ T6089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 115.732175][ T6089] Call Trace: [ 115.732185][ T6089] [ 115.732197][ T6089] dump_stack_lvl+0x16c/0x1f0 [ 115.732247][ T6089] should_fail_ex+0x512/0x640 [ 115.732297][ T6089] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 115.732338][ T6089] should_failslab+0xc2/0x120 [ 115.732382][ T6089] __kmalloc_cache_noprof+0x6a/0x3e0 [ 115.732418][ T6089] ? drm_atomic_helper_connector_duplicate_state+0x70/0xd0 [ 115.732466][ T6089] drm_atomic_helper_connector_duplicate_state+0x70/0xd0 [ 115.732507][ T6089] drm_atomic_get_connector_state+0x38b/0x740 [ 115.732553][ T6089] drm_atomic_add_affected_connectors+0x2e0/0x3f0 [ 115.732598][ T6089] ? __pfx_drm_atomic_add_affected_connectors+0x10/0x10 [ 115.732635][ T6089] ? ww_mutex_lock+0x37/0x160 [ 115.732679][ T6089] ? modeset_lock+0x114/0x6e0 [ 115.732734][ T6089] __drm_atomic_helper_set_config+0x5ef/0xea0 [ 115.732779][ T6089] ? __pfx___drm_atomic_helper_set_config+0x10/0x10 [ 115.732827][ T6089] ? drm_client_rotation+0x4da/0x6a0 [ 115.732871][ T6089] drm_client_modeset_commit_atomic+0x53d/0x7e0 [ 115.732923][ T6089] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 115.733013][ T6089] drm_client_modeset_commit_locked+0x14d/0x580 [ 115.733059][ T6089] drm_client_modeset_commit+0x4f/0x80 [ 115.733099][ T6089] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 115.733135][ T6089] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 115.733185][ T6089] drm_fbdev_client_restore+0x2c/0x40 [ 115.733231][ T6089] drm_client_dev_restore+0x1f3/0x2a0 [ 115.733276][ T6089] drm_release+0x2c4/0x360 [ 115.733312][ T6089] ? __pfx_drm_release+0x10/0x10 [ 115.733343][ T6089] __fput+0x3ff/0xb70 [ 115.733402][ T6089] task_work_run+0x150/0x240 [ 115.733445][ T6089] ? __pfx_task_work_run+0x10/0x10 [ 115.733488][ T6089] ? __pfx___do_sys_close_range+0x10/0x10 [ 115.733539][ T6089] exit_to_user_mode_loop+0xeb/0x110 [ 115.733584][ T6089] do_syscall_64+0x3f6/0x490 [ 115.733635][ T6089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 115.733668][ T6089] RIP: 0033:0x7f7590b8e969 [ 115.733693][ T6089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 115.733724][ T6089] RSP: 002b:00007f75919de038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 115.733754][ T6089] RAX: 0000000000000000 RBX: 00007f7590db5fa0 RCX: 00007f7590b8e969 [ 115.733775][ T6089] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 115.733794][ T6089] RBP: 00007f7590c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 115.733814][ T6089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 115.733833][ T6089] R13: 0000000000000000 R14: 00007f7590db5fa0 R15: 00007ffce741e9b8 [ 115.733878][ T6089] [ 116.543054][ T6092] netlink: 4 bytes leftover after parsing attributes in process `syz.0.53'. [ 116.597410][ T6091] netlink: 13 bytes leftover after parsing attributes in process `syz.0.53'. [ 116.780609][ T6102] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 120.102000][ T6140] netlink: 338 bytes leftover after parsing attributes in process `syz.3.69'. [ 120.112455][ T6140] netlink: 338 bytes leftover after parsing attributes in process `syz.3.69'. [ 120.126739][ T6140] netlink: 210 bytes leftover after parsing attributes in process `syz.3.69'. [ 120.144656][ T6140] veth0_macvtap: left promiscuous mode [ 120.152311][ T6140] netlink: 290 bytes leftover after parsing attributes in process `syz.3.69'. [ 120.285252][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 121.553404][ T6155] syz.0.73 (6155) used greatest stack depth: 19800 bytes left [ 122.285423][ T6167] netlink: 186 bytes leftover after parsing attributes in process `syz.0.76'. [ 122.304876][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 122.313314][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 122.376786][ T6167] netlink: 186 bytes leftover after parsing attributes in process `syz.0.76'. [ 122.658191][ T6173] netlink: 28 bytes leftover after parsing attributes in process `syz.0.79'. [ 122.717940][ T6175] netlink: 326 bytes leftover after parsing attributes in process `syz.3.77'. [ 123.753294][ T6190] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input7           syzkaller syzkaller login: [ 128.850599][ T6242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.97'. [ 128.916529][ T6242] netlink: 354 bytes leftover after parsing attributes in process `syz.3.97'. [ 129.203987][ T6253] ima: policy update failed [ 129.212478][ T6253] netlink: 25 bytes leftover after parsing attributes in process `syz.3.101'. [ 129.264534][ T30] audit: type=1802 audit(1748843518.319:2): pid=6253 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.101" res=0 errno=0 [ 131.031155][ T30] audit: type=1800 audit(6043810816.141:3): pid=6282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.108" name="lu_gp_id" dev="configfs" ino=8530 res=0 errno=0 [ 131.355567][ T6286] FAULT_INJECTION: forcing a failure. [ 131.355567][ T6286] name failslab, interval 1, probability 0, space 0, times 0 [ 131.426709][ T6286] CPU: 0 UID: 0 PID: 6286 Comm: syz.0.110 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 131.426751][ T6286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 131.426769][ T6286] Call Trace: [ 131.426779][ T6286] [ 131.426790][ T6286] dump_stack_lvl+0x16c/0x1f0 [ 131.426836][ T6286] should_fail_ex+0x512/0x640 [ 131.426884][ T6286] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 131.426928][ T6286] should_failslab+0xc2/0x120 [ 131.426975][ T6286] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 131.427010][ T6286] ? __proc_create+0xc3/0x8c0 [ 131.427049][ T6286] ? __proc_create+0x2ce/0x8c0 [ 131.427091][ T6286] __proc_create+0x2ce/0x8c0 [ 131.427131][ T6286] ? __pfx___proc_create+0x10/0x10 [ 131.427176][ T6286] ? _raw_write_unlock+0x28/0x50 [ 131.427209][ T6286] ? proc_register+0x314/0x5f0 [ 131.427253][ T6286] proc_create_reg+0x7d/0x180 [ 131.427323][ T6286] proc_create_data+0x86/0x110 [ 131.427385][ T6286] ? __pfx_proc_create_data+0x10/0x10 [ 131.427445][ T6286] ? cache_register_net+0x137/0x5e0 [ 131.427500][ T6286] cache_register_net+0x2d6/0x5e0 [ 131.427552][ T6286] nfsd_idmap_init+0xb6/0x250 [ 131.427581][ T6286] ? __pfx_nfsd_net_init+0x10/0x10 [ 131.427627][ T6286] nfsd_net_init+0x69/0x3d0 [ 131.427673][ T6286] ? __pfx_nfsd_net_init+0x10/0x10 [ 131.427720][ T6286] ops_init+0x1e2/0x5f0 [ 131.427766][ T6286] setup_net+0x1ff/0x510 [ 131.427810][ T6286] ? lockdep_init_map_type+0x5c/0x280 [ 131.427846][ T6286] ? __pfx_setup_net+0x10/0x10 [ 131.427894][ T6286] ? debug_mutex_init+0x37/0x70 [ 131.427941][ T6286] copy_net_ns+0x2a6/0x5f0 [ 131.427972][ T6286] create_new_namespaces+0x3ea/0xa90 [ 131.428029][ T6286] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 131.428079][ T6286] ksys_unshare+0x45b/0xa40 [ 131.428112][ T6286] ? __pfx_ksys_unshare+0x10/0x10 [ 131.428158][ T6286] __x64_sys_unshare+0x31/0x40 [ 131.428187][ T6286] do_syscall_64+0xcd/0x490 [ 131.428233][ T6286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.428264][ T6286] RIP: 0033:0x7fd765d8e969 [ 131.428288][ T6286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 131.428316][ T6286] RSP: 002b:00007fd766bb0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 131.428345][ T6286] RAX: ffffffffffffffda RBX: 00007fd765fb5fa0 RCX: 00007fd765d8e969 [ 131.428365][ T6286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 131.428383][ T6286] RBP: 00007fd765e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 131.428410][ T6286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 131.428427][ T6286] R13: 0000000000000000 R14: 00007fd765fb5fa0 R15: 00007ffce0151368 [ 131.428467][ T6286] [ 133.606816][ T6332] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input8 [ 135.323646][ T6361] netlink: set zone limit has 8 unknown bytes [ 137.899962][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.917976][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 141.554843][ T6472] cougar: G6 mapped to space [ 142.145610][ T6475] netlink: 28 bytes leftover after parsing attributes in process `syz.3.162'. [ 143.015305][ T6479] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 143.269757][ T6482] zswap: compressor not available [ 144.198343][ T6481] mmap: syz.3.164 (6481) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 145.165764][ T6513] netlink: 338 bytes leftover after parsing attributes in process `syz.2.171'. [ 147.061508][ T6532] netlink: 20 bytes leftover after parsing attributes in process `syz.2.175'. [ 147.996838][ T6544] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 148.022950][ C1] vkms_vblank_simulate: vblank timer overrun [ 148.029177][ T6544] CIFS mount error: No usable UNC path provided in device string! [ 148.029177][ T6544] [ 148.140177][ T6544] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 148.765873][ T6553] FAULT_INJECTION: forcing a failure. [ 148.765873][ T6553] name failslab, interval 1, probability 0, space 0, times 0 [ 148.804617][ T6553] CPU: 1 UID: 0 PID: 6553 Comm: syz.3.182 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 148.804663][ T6553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 148.804692][ T6553] Call Trace: [ 148.804702][ T6553] [ 148.804714][ T6553] dump_stack_lvl+0x16c/0x1f0 [ 148.804765][ T6553] should_fail_ex+0x512/0x640 [ 148.804816][ T6553] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 148.804860][ T6553] should_failslab+0xc2/0x120 [ 148.804908][ T6553] __kmalloc_cache_noprof+0x6a/0x3e0 [ 148.804946][ T6553] ? snd_seq_pool_new+0x44/0x230 [ 148.804982][ T6553] ? __pfx_snd_seq_open+0x10/0x10 [ 148.805034][ T6553] snd_seq_pool_new+0x44/0x230 [ 148.805068][ T6553] seq_create_client1+0x66/0x5e0 [ 148.805123][ T6553] ? __pfx_snd_seq_open+0x10/0x10 [ 148.805173][ T6553] snd_seq_open+0x59/0x550 [ 148.805224][ T6553] ? __pfx_snd_seq_open+0x10/0x10 [ 148.805272][ T6553] snd_open+0x201/0x450 [ 148.805325][ T6553] ? __pfx_snd_open+0x10/0x10 [ 148.805374][ T6553] chrdev_open+0x234/0x6a0 [ 148.805419][ T6553] ? __pfx_apparmor_file_open+0x10/0x10 [ 148.805466][ T6553] ? __pfx_chrdev_open+0x10/0x10 [ 148.805516][ T6553] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 148.805560][ T6553] do_dentry_open+0x741/0x1c10 [ 148.805604][ T6553] ? __pfx_chrdev_open+0x10/0x10 [ 148.805658][ T6553] vfs_open+0x82/0x3f0 [ 148.805724][ T6553] path_openat+0x1de4/0x2cb0 [ 148.805779][ T6553] ? __pfx_path_openat+0x10/0x10 [ 148.805823][ T6553] ? __lock_acquire+0xb8a/0x1c90 [ 148.805863][ T6553] do_filp_open+0x20b/0x470 [ 148.805906][ T6553] ? __pfx_do_filp_open+0x10/0x10 [ 148.805980][ T6553] ? alloc_fd+0x471/0x7d0 [ 148.806029][ T6553] do_sys_openat2+0x11b/0x1d0 [ 148.806059][ T6553] ? __pfx_do_sys_openat2+0x10/0x10 [ 148.806131][ T6553] __x64_sys_openat+0x174/0x210 [ 148.806163][ T6553] ? __pfx___x64_sys_openat+0x10/0x10 [ 148.806214][ T6553] do_syscall_64+0xcd/0x490 [ 148.806264][ T6553] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.806298][ T6553] RIP: 0033:0x7fc26338e969 [ 148.806325][ T6553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.806356][ T6553] RSP: 002b:00007fc2642c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 148.806387][ T6553] RAX: ffffffffffffffda RBX: 00007fc2635b6080 RCX: 00007fc26338e969 [ 148.806410][ T6553] RDX: 0000000000040a40 RSI: 0000200000001d40 RDI: ffffffffffffff9c [ 148.806430][ T6553] RBP: 00007fc263410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 148.806448][ T6553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 148.806468][ T6553] R13: 0000000000000000 R14: 00007fc2635b6080 R15: 00007ffee11465b8 [ 148.806511][ T6553] [ 149.264809][ T6555] netlink: 12 bytes leftover after parsing attributes in process `syz.0.183'. [ 149.418694][ T6555] nbd: must specify a size in bytes for the device [ 149.682576][ T6561] random: crng reseeded on system resumption [ 149.816407][ T6563] netlink: 28 bytes leftover after parsing attributes in process `syz.3.185'. syzkaller syzkaller login: [ 150.286501][ T6569] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 150.501052][ T6564] Unrecognized hibernate image header format! [ 150.533172][ T6564] PM: hibernation: Image mismatch: architecture specific data [ 151.287007][ T6579] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 152.395062][ T5840] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 152.395129][ T5840] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 152.411286][ T5840] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 152.411382][ T5840] Bluetooth: hci0: Malformed LE Event: 0x0d [ 153.168752][ T6593] can0: slcan on ptm0. [ 153.687916][ T6592] can0 (unregistered): slcan off ptm0. [ 157.008190][ T6660] bond0: option all_slaves_active: invalid value () [ 157.078384][ T6651] bond0: option all_slaves_active: invalid value () [ 160.685646][ T6701] Malformed UNC in devname [ 160.685646][ T6701] [ 160.692785][ T6701] CIFS: VFS: Malformed UNC in devname [ 162.272545][ T6729] netlink: 'syz.3.219': attribute type 1 has an invalid length. [ 164.518254][ T6760] netlink: 4 bytes leftover after parsing attributes in process `syz.2.226'. [ 164.561292][ T6760] netlink: 354 bytes leftover after parsing attributes in process `syz.2.226'. [ 170.336355][ T6810] syz.0.238 uses obsolete (PF_INET,SOCK_PACKET) [ 170.422670][ T6812] zswap: compressor not available [ 170.437149][ T6814] Setting dangerous option i915.mitigations - tainting kernel [ 173.631332][ T6850] FAULT_INJECTION: forcing a failure. [ 173.631332][ T6850] name failslab, interval 1, probability 0, space 0, times 0 [ 173.664625][ T6850] CPU: 0 UID: 0 PID: 6850 Comm: syz.1.252 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 173.664678][ T6850] Tainted: [U]=USER [ 173.664688][ T6850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 173.664708][ T6850] Call Trace: [ 173.664719][ T6850] [ 173.664731][ T6850] dump_stack_lvl+0x16c/0x1f0 [ 173.664784][ T6850] should_fail_ex+0x512/0x640 [ 173.664837][ T6850] ? __kmalloc_noprof+0xbf/0x510 [ 173.664885][ T6850] ? xfrm_hash_alloc+0xd1/0x100 [ 173.664924][ T6850] should_failslab+0xc2/0x120 [ 173.664973][ T6850] __kmalloc_noprof+0xd2/0x510 [ 173.665016][ T6850] ? xfrm_state_init+0x377/0x630 [ 173.665055][ T6850] ? xfrm_state_init+0x351/0x630 [ 173.665101][ T6850] xfrm_hash_alloc+0xd1/0x100 [ 173.665142][ T6850] xfrm_net_init+0x35f/0xcc0 [ 173.665194][ T6850] ? __pfx_xfrm_net_init+0x10/0x10 [ 173.665238][ T6850] ops_init+0x1e2/0x5f0 [ 173.665307][ T6850] setup_net+0x1ff/0x510 [ 173.665353][ T6850] ? lockdep_init_map_type+0x5c/0x280 [ 173.665391][ T6850] ? __pfx_setup_net+0x10/0x10 [ 173.665443][ T6850] ? debug_mutex_init+0x37/0x70 [ 173.665494][ T6850] copy_net_ns+0x2a6/0x5f0 [ 173.665529][ T6850] create_new_namespaces+0x3ea/0xa90 [ 173.665589][ T6850] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 173.665646][ T6850] ksys_unshare+0x45b/0xa40 [ 173.665681][ T6850] ? __pfx_ksys_unshare+0x10/0x10 [ 173.665717][ T6850] ? xfd_validate_state+0x61/0x180 [ 173.665764][ T6850] __x64_sys_unshare+0x31/0x40 [ 173.665798][ T6850] do_syscall_64+0xcd/0x490 [ 173.665849][ T6850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.665883][ T6850] RIP: 0033:0x7f7590b8e969 [ 173.665910][ T6850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.665942][ T6850] RSP: 002b:00007f75919de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 173.665972][ T6850] RAX: ffffffffffffffda RBX: 00007f7590db5fa0 RCX: 00007f7590b8e969 [ 173.665994][ T6850] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 173.666015][ T6850] RBP: 00007f7590c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 173.666034][ T6850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.666054][ T6850] R13: 0000000000000000 R14: 00007f7590db5fa0 R15: 00007ffce741e9b8 [ 173.666096][ T6850] [ 176.854855][ T6894] netlink: 326 bytes leftover after parsing attributes in process `syz.1.262'. [ 177.297597][ T6894] veth1_macvtap: left promiscuous mode [ 178.222741][ T6913] netlink: 330 bytes leftover after parsing attributes in process `syz.3.267'. [ 178.306571][ T6903] kexec: Could not allocate control_code_buffer [ 179.518526][ T6934] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 179.871471][ T6943] netlink: 338 bytes leftover after parsing attributes in process `syz.1.276'. [ 180.019111][ T6943] netlink: 338 bytes leftover after parsing attributes in process `syz.1.276'. [ 180.187088][ T6944] netlink: 290 bytes leftover after parsing attributes in process `syz.1.276'. [ 180.196507][ T6944] veth0_macvtap: left promiscuous mode [ 182.976988][ T6986] netlink: 25 bytes leftover after parsing attributes in process `syz.1.289'. [ 183.109860][ T6990] random: crng reseeded on system resumption [ 185.616362][ T7035] FAULT_INJECTION: forcing a failure. [ 185.616362][ T7035] name failslab, interval 1, probability 0, space 0, times 0 [ 185.696181][ T7035] CPU: 0 UID: 0 PID: 7035 Comm: syz.0.300 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 185.696227][ T7035] Tainted: [U]=USER [ 185.696249][ T7035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 185.696268][ T7035] Call Trace: [ 185.696277][ T7035] [ 185.696291][ T7035] dump_stack_lvl+0x16c/0x1f0 [ 185.696340][ T7035] should_fail_ex+0x512/0x640 [ 185.696392][ T7035] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 185.696438][ T7035] should_failslab+0xc2/0x120 [ 185.696483][ T7035] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 185.696526][ T7035] ? vm_area_dup+0x27/0x8d0 [ 185.696568][ T7035] vm_area_dup+0x27/0x8d0 [ 185.696607][ T7035] __split_vma+0x17f/0x1030 [ 185.696649][ T7035] ? mas_next_slot+0x12d3/0x21b0 [ 185.696694][ T7035] ? __pfx___split_vma+0x10/0x10 [ 185.696740][ T7035] ? lock_acquire+0x179/0x350 [ 185.696783][ T7035] vms_gather_munmap_vmas+0x392/0x1310 [ 185.696831][ T7035] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 185.696897][ T7035] do_vmi_align_munmap+0x27c/0x7d0 [ 185.696944][ T7035] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 185.697040][ T7035] do_vmi_munmap+0x204/0x3e0 [ 185.697098][ T7035] move_vma+0xb67/0x1740 [ 185.697148][ T7035] ? __pfx_move_vma+0x10/0x10 [ 185.697198][ T7035] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 185.697266][ T7035] ? vrm_set_new_addr+0x208/0x290 [ 185.697311][ T7035] __do_sys_mremap+0xe07/0x1590 [ 185.697359][ T7035] ? __pfx___do_sys_mremap+0x10/0x10 [ 185.697415][ T7035] ? find_held_lock+0x2b/0x80 [ 185.697466][ T7035] ? __x64_sys_futex+0x1e0/0x4c0 [ 185.697523][ T7035] do_syscall_64+0xcd/0x490 [ 185.697572][ T7035] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.697605][ T7035] RIP: 0033:0x7fd765d8e969 [ 185.697636][ T7035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 185.697668][ T7035] RSP: 002b:00007fd766b6e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 185.697699][ T7035] RAX: ffffffffffffffda RBX: 00007fd765fb6160 RCX: 00007fd765d8e969 [ 185.697720][ T7035] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000001000 [ 185.697740][ T7035] RBP: 00007fd765e10ab1 R08: 0000000100000000 R09: 0000000000000000 [ 185.697759][ T7035] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 185.697779][ T7035] R13: 0000000000000000 R14: 00007fd765fb6160 R15: 00007ffce0151368 [ 185.697820][ T7035] [ 186.554618][ T7045] netlink: 346 bytes leftover after parsing attributes in process `syz.2.305'. [ 186.816048][ T7050] netlink: 338 bytes leftover after parsing attributes in process `syz.2.307'. [ 186.831812][ T7050] netlink: 338 bytes leftover after parsing attributes in process `syz.2.307'. [ 186.867940][ T7050] netlink: 290 bytes leftover after parsing attributes in process `syz.2.307'. [ 186.884590][ T7050] veth0_macvtap: left promiscuous mode [ 186.913506][ T7050] netlink: 290 bytes leftover after parsing attributes in process `syz.2.307'. [ 186.935798][ T7050] veth0_macvtap: entered promiscuous mode [ 188.207450][ T7067] FAULT_INJECTION: forcing a failure. [ 188.207450][ T7067] name fail_futex, interval 1, probability 0, space 0, times 0 [ 188.264676][ T7067] CPU: 0 UID: 0 PID: 7067 Comm: syz.1.311 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 188.264733][ T7067] Tainted: [U]=USER [ 188.264745][ T7067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 188.264763][ T7067] Call Trace: [ 188.264772][ T7067] [ 188.264783][ T7067] dump_stack_lvl+0x16c/0x1f0 [ 188.264827][ T7067] should_fail_ex+0x512/0x640 [ 188.264877][ T7067] get_futex_key+0x1d0/0x1540 [ 188.264937][ T7067] ? __pfx_get_futex_key+0x10/0x10 [ 188.264986][ T7067] ? _copy_to_user+0x48/0xd0 [ 188.265019][ T7067] futex_wait_setup+0x9d/0x550 [ 188.265066][ T7067] __futex_wait+0x194/0x2f0 [ 188.265100][ T7067] ? __pfx___futex_wait+0x10/0x10 [ 188.265138][ T7067] ? __pfx_futex_wake_mark+0x10/0x10 [ 188.265190][ T7067] futex_wait+0xe8/0x380 [ 188.265222][ T7067] ? __pfx_futex_wait+0x10/0x10 [ 188.265265][ T7067] ? ksys_read+0x190/0x250 [ 188.265304][ T7067] do_futex+0x229/0x350 [ 188.265330][ T7067] ? __pfx_do_futex+0x10/0x10 [ 188.265365][ T7067] __x64_sys_futex+0x1e0/0x4c0 [ 188.265394][ T7067] ? fput+0x70/0xf0 [ 188.265433][ T7067] ? __pfx___x64_sys_futex+0x10/0x10 [ 188.265458][ T7067] ? ksys_read+0x1ac/0x250 [ 188.265490][ T7067] ? __pfx_ksys_read+0x10/0x10 [ 188.265532][ T7067] do_syscall_64+0xcd/0x490 [ 188.265574][ T7067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.265602][ T7067] RIP: 0033:0x7f7590b8e969 [ 188.265624][ T7067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.265651][ T7067] RSP: 002b:00007f75919de0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 188.265677][ T7067] RAX: ffffffffffffffda RBX: 00007f7590db5fa8 RCX: 00007f7590b8e969 [ 188.265695][ T7067] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7590db5fa8 [ 188.265712][ T7067] RBP: 00007f7590db5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 188.265728][ T7067] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7590db5fac [ 188.265745][ T7067] R13: 0000000000000000 R14: 00007ffce741e8d0 R15: 00007ffce741e9b8 [ 188.265778][ T7067] [ 189.972878][ T7086] netlink: 'syz.3.317': attribute type 4 has an invalid length. [ 189.993733][ T7086] netlink: 314 bytes leftover after parsing attributes in process `syz.3.317'. [ 190.034711][ T7086] IPv6: NLM_F_CREATE should be specified when creating new route [ 190.275454][ T7092] netlink: 13 bytes leftover after parsing attributes in process `syz.1.320'. [ 191.211366][ T5840] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 192.422475][ T7099] kexec: Could not allocate control_code_buffer [ 192.502815][ T7128] netlink: 28 bytes leftover after parsing attributes in process `syz.1.326'. [ 192.615367][ T7130] netlink: 4 bytes leftover after parsing attributes in process `syz.0.328'. [ 192.627836][ T7130] netlink: 354 bytes leftover after parsing attributes in process `syz.0.328'. [ 192.741800][ T7128] hsr_slave_0: left promiscuous mode [ 192.777658][ T7128] hsr_slave_1: left promiscuous mode [ 193.496006][ T7142] FAULT_INJECTION: forcing a failure. [ 193.496006][ T7142] name failslab, interval 1, probability 0, space 0, times 0 [ 193.542969][ T7142] CPU: 1 UID: 0 PID: 7142 Comm: syz.1.332 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 193.543025][ T7142] Tainted: [U]=USER [ 193.543036][ T7142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 193.543055][ T7142] Call Trace: [ 193.543064][ T7142] [ 193.543077][ T7142] dump_stack_lvl+0x16c/0x1f0 [ 193.543134][ T7142] should_fail_ex+0x512/0x640 [ 193.543185][ T7142] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 193.543227][ T7142] should_failslab+0xc2/0x120 [ 193.543274][ T7142] __kmalloc_cache_noprof+0x6a/0x3e0 [ 193.543310][ T7142] ? io_uring_setup+0x24f/0x2080 [ 193.543362][ T7142] io_uring_setup+0x24f/0x2080 [ 193.543413][ T7142] ? __pfx_io_uring_setup+0x10/0x10 [ 193.543457][ T7142] ? do_futex+0x122/0x350 [ 193.543488][ T7142] ? __pfx_do_futex+0x10/0x10 [ 193.543515][ T7142] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 193.543585][ T7142] ? xfd_validate_state+0x61/0x180 [ 193.543617][ T7142] ? __pfx_do_writev+0x10/0x10 [ 193.543662][ T7142] __x64_sys_io_uring_setup+0xc2/0x170 [ 193.543711][ T7142] do_syscall_64+0xcd/0x490 [ 193.543759][ T7142] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.543791][ T7142] RIP: 0033:0x7f7590b8e969 [ 193.543816][ T7142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 193.543846][ T7142] RSP: 002b:00007f759199c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 193.543876][ T7142] RAX: ffffffffffffffda RBX: 00007f7590db6160 RCX: 00007f7590b8e969 [ 193.543897][ T7142] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 193.543920][ T7142] RBP: 00007f7590c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 193.543939][ T7142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 193.543957][ T7142] R13: 0000000000000000 R14: 00007f7590db6160 R15: 00007ffce741e9b8 [ 193.543999][ T7142] [ 194.016397][ T7150] netlink: 4 bytes leftover after parsing attributes in process `syz.0.333'. [ 194.075394][ T7152] netlink: 354 bytes leftover after parsing attributes in process `syz.0.333'. [ 194.748313][ T30] audit: type=1804 audit(4294967302.261:4): pid=7163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.335" name="/newroot/81/file0" dev="tmpfs" ino=462 res=1 errno=0 [ 194.818142][ T30] audit: type=1800 audit(4294967302.261:5): pid=7163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.335" name="file0" dev="tmpfs" ino=462 res=0 errno=0 [ 196.494695][ T7176] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 196.524628][ T7176] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 196.543534][ T7176] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 196.578955][ T7176] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 196.587862][ T7176] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 196.614828][ T7176] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 196.624499][ T7176] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 196.660109][ T7176] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 196.671106][ T7176] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 196.702583][ T7176] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 196.733120][ T7176] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 196.772713][ T7176] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 196.830052][ T7176] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 197.340173][ T7183] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 197.962080][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout [ 198.603859][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 198.681497][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout [ 198.761452][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 199.121017][ T7211] FAULT_INJECTION: forcing a failure. [ 199.121017][ T7211] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 199.183654][ T7211] CPU: 0 UID: 0 PID: 7211 Comm: syz.1.348 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 199.183710][ T7211] Tainted: [U]=USER [ 199.183721][ T7211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 199.183740][ T7211] Call Trace: [ 199.183750][ T7211] [ 199.183762][ T7211] dump_stack_lvl+0x16c/0x1f0 [ 199.183813][ T7211] should_fail_ex+0x512/0x640 [ 199.183879][ T7211] should_fail_alloc_page+0xe7/0x130 [ 199.183931][ T7211] prepare_alloc_pages+0x3c2/0x610 [ 199.183964][ T7211] ? rcu_is_watching+0x12/0xc0 [ 199.184016][ T7211] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 199.184066][ T7211] ? rcu_is_watching+0x12/0xc0 [ 199.184113][ T7211] ? trace_mm_page_alloc+0x11f/0x1a0 [ 199.184168][ T7211] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 199.184210][ T7211] ? lockdep_hardirqs_on+0x7c/0x110 [ 199.184253][ T7211] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 199.184296][ T7211] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 199.184354][ T7211] ? alloc_vmap_area+0xdc8/0x29c0 [ 199.184404][ T7211] ? __vmalloc_node_range_noprof+0x271/0x14b0 [ 199.184439][ T7211] ? __do_sys_listmount+0x1c2/0xec0 [ 199.184471][ T7211] ? do_syscall_64+0xcd/0x490 [ 199.184513][ T7211] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.184564][ T7211] alloc_pages_bulk_noprof+0x71c/0x1410 [ 199.184607][ T7211] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 199.184652][ T7211] ? policy_nodemask+0xea/0x4e0 [ 199.184703][ T7211] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 199.184750][ T7211] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 199.184816][ T7211] kasan_populate_vmalloc+0xf1/0x1f0 [ 199.184871][ T7211] alloc_vmap_area+0x959/0x29c0 [ 199.184942][ T7211] ? __pfx_alloc_vmap_area+0x10/0x10 [ 199.185007][ T7211] __get_vm_area_node+0x1ca/0x330 [ 199.185047][ T7211] __vmalloc_node_range_noprof+0x271/0x14b0 [ 199.185084][ T7211] ? __do_sys_listmount+0x1c2/0xec0 [ 199.185128][ T7211] ? __lock_acquire+0xb8a/0x1c90 [ 199.185163][ T7211] ? __do_sys_listmount+0x1c2/0xec0 [ 199.185207][ T7211] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 199.185245][ T7211] ? __alloc_pages_noprof+0xb/0x1b0 [ 199.185286][ T7211] ? ___kmalloc_large_node+0x84/0x1e0 [ 199.185315][ T7211] ? find_held_lock+0x2b/0x80 [ 199.185368][ T7211] __kvmalloc_node_noprof+0x308/0x620 [ 199.185408][ T7211] ? __do_sys_listmount+0x1c2/0xec0 [ 199.185444][ T7211] ? __do_sys_listmount+0x1c2/0xec0 [ 199.185486][ T7211] ? __do_sys_listmount+0x1c2/0xec0 [ 199.185518][ T7211] __do_sys_listmount+0x1c2/0xec0 [ 199.185560][ T7211] ? __x64_sys_futex+0x1e0/0x4c0 [ 199.185591][ T7211] ? __x64_sys_futex+0x1e9/0x4c0 [ 199.185623][ T7211] ? __pfx___do_sys_listmount+0x10/0x10 [ 199.185678][ T7211] do_syscall_64+0xcd/0x490 [ 199.185727][ T7211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.185760][ T7211] RIP: 0033:0x7f7590b8e969 [ 199.185796][ T7211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.185829][ T7211] RSP: 002b:00007f75919de038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 199.185866][ T7211] RAX: ffffffffffffffda RBX: 00007f7590db5fa0 RCX: 00007f7590b8e969 [ 199.185888][ T7211] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 199.185908][ T7211] RBP: 00007f7590c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 199.185928][ T7211] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 199.185947][ T7211] R13: 0000000000000000 R14: 00007f7590db5fa0 R15: 00007ffce741e9b8 [ 199.185988][ T7211] [ 199.187544][ T7211] syz.1.348: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null) [ 199.390922][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.402793][ T7211] ,cpuset= [ 199.407703][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.412506][ T7211] / [ 199.612564][ T5840] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 199.647489][ T7211] ,mems_allowed=0-1 [ 199.675578][ T7211] CPU: 1 UID: 0 PID: 7211 Comm: syz.1.348 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 199.675648][ T7211] Tainted: [U]=USER [ 199.675660][ T7211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 199.675679][ T7211] Call Trace: [ 199.675690][ T7211] [ 199.675702][ T7211] dump_stack_lvl+0x16c/0x1f0 [ 199.675753][ T7211] warn_alloc+0x248/0x3a0 [ 199.675818][ T7211] ? __pfx_warn_alloc+0x10/0x10 [ 199.675864][ T7211] ? kfree+0x2b4/0x4d0 [ 199.675909][ T7211] ? __get_vm_area_node+0x208/0x330 [ 199.675951][ T7211] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 199.676000][ T7211] ? __lock_acquire+0xb8a/0x1c90 [ 199.676046][ T7211] ? __do_sys_listmount+0x1c2/0xec0 [ 199.676091][ T7211] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 199.676130][ T7211] ? __alloc_pages_noprof+0xb/0x1b0 [ 199.676175][ T7211] ? ___kmalloc_large_node+0x84/0x1e0 [ 199.676203][ T7211] ? find_held_lock+0x2b/0x80 [ 199.676257][ T7211] __kvmalloc_node_noprof+0x308/0x620 [ 199.676299][ T7211] ? __do_sys_listmount+0x1c2/0xec0 [ 199.676335][ T7211] ? __do_sys_listmount+0x1c2/0xec0 [ 199.676376][ T7211] ? __do_sys_listmount+0x1c2/0xec0 [ 199.676409][ T7211] __do_sys_listmount+0x1c2/0xec0 [ 199.676451][ T7211] ? __x64_sys_futex+0x1e0/0x4c0 [ 199.676481][ T7211] ? __x64_sys_futex+0x1e9/0x4c0 [ 199.676513][ T7211] ? __pfx___do_sys_listmount+0x10/0x10 [ 199.676568][ T7211] do_syscall_64+0xcd/0x490 [ 199.676617][ T7211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.676650][ T7211] RIP: 0033:0x7f7590b8e969 [ 199.676675][ T7211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.676707][ T7211] RSP: 002b:00007f75919de038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 199.676737][ T7211] RAX: ffffffffffffffda RBX: 00007f7590db5fa0 RCX: 00007f7590b8e969 [ 199.676765][ T7211] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 199.676785][ T7211] RBP: 00007f7590c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 199.676804][ T7211] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 199.676824][ T7211] R13: 0000000000000000 R14: 00007f7590db5fa0 R15: 00007ffce741e9b8 [ 199.676865][ T7211] [ 200.020934][ T7211] Mem-Info: [ 200.024123][ T7211] active_anon:16330 inactive_anon:0 isolated_anon:1 [ 200.024123][ T7211] active_file:20178 inactive_file:39572 isolated_file:0 [ 200.024123][ T7211] unevictable:2147 dirty:524 writeback:0 [ 200.024123][ T7211] slab_reclaimable:10478 slab_unreclaimable:91916 [ 200.024123][ T7211] mapped:28566 shmem:4853 pagetables:1179 [ 200.024123][ T7211] sec_pagetables:0 bounce:0 [ 200.024123][ T7211] kernel_misc_reclaimable:0 [ 200.024123][ T7211] free:1301887 free_pcp:29459 free_cma:0 [ 200.084939][ T5827] Bluetooth: hci0: command 0x0c1a tx timeout [ 200.317084][ T7211] Node 0 active_anon:77288kB inactive_anon:0kB active_file:80616kB inactive_file:158000kB unevictable:7112kB isolated(anon):0kB isolated(file):0kB mapped:128208kB dirty:2112kB writeback:0kB shmem:29880kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:4096kB writeback_tmp:0kB kernel_stack:10876kB pagetables:4612kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 200.431494][ T7211] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:180kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 200.568357][ T7211] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 200.613933][ T7211] lowmem_reserve[]: 0 2481 2483 2483 2483 [ 200.666277][ T7211] Node 0 DMA32 free:1314012kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB free_highatomic:0KB active_anon:81536kB inactive_anon:0kB active_file:80616kB inactive_file:158812kB unevictable:1612kB writepending:2112kB present:3129332kB managed:2541088kB mlocked:76kB bounce:0kB free_pcp:63952kB local_pcp:23256kB free_cma:0kB [ 200.706402][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout [ 200.770428][ T5827] Bluetooth: hci2: command 0x0c1a tx timeout [ 200.783032][ T7211] lowmem_reserve[]: 0 0 1 1 1 [ 200.787858][ T7211] Node 0 Normal free:0kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1588kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 200.850745][ T5827] Bluetooth: hci3: command 0x0c1a tx timeout [ 200.969493][ T7211] lowmem_reserve[]: 0 0 0 0 0 [ 200.980332][ T7211] Node 1 Normal free:3861424kB boost:0kB min:55788kB low:69732kB high:83676kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:56552kB local_pcp:34480kB free_cma:0kB [ 201.180264][ T7211] lowmem_reserve[]: 0 0 0 0 0 [ 201.220220][ T7211] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 201.243878][ T7211] Node 0 DMA32: 1*4kB (U) 4*8kB (UM) 1030*16kB (UM) 1695*32kB (UME) 1125*64kB (UME) 545*128kB (UME) 261*256kB (UME) 139*512kB (UME) 54*1024kB (UM) 15*2048kB (UM) 211*4096kB (M) = 1300772kB [ 201.270908][ T7211] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 201.469749][ T7211] Node 1 Normal: 26*4kB (UE) 7*8kB (UE) 5*16kB (UE) 6*32kB (UE) 6*64kB (ME) 5*128kB (UME) 4*256kB (UME) 3*512kB (U) 1*1024kB (E) 3*2048kB (UME) 940*4096kB (M) = 3861424kB [ 201.547226][ T7211] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 201.593804][ T7211] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 201.642682][ T7211] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 201.659903][ T7211] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 201.669257][ T7211] 77844 total pagecache pages [ 201.723123][ T7211] 0 pages in swap cache [ 201.730324][ T7211] Free swap = 124996kB [ 201.738467][ T7211] Total swap = 124996kB [ 201.748591][ T7211] 2097051 pages RAM [ 201.752748][ T7211] 0 pages HighMem/MovableOnly [ 201.757458][ T7211] 429737 pages reserved [ 201.769910][ T7211] 0 pages cma reserved [ 202.137694][ T5827] Bluetooth: hci0: command 0x0c1a tx timeout [ 202.424627][ T7256] netlink: 186 bytes leftover after parsing attributes in process `syz.1.359'. [ 202.456887][ T7256] netlink: 186 bytes leftover after parsing attributes in process `syz.1.359'. [ 202.777824][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout [ 202.849505][ T5827] Bluetooth: hci2: command 0x0c1a tx timeout [ 202.919434][ T5827] Bluetooth: hci3: command 0x0c1a tx timeout [ 204.838641][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout [ 207.302072][ T7314] ubi0: attaching mtd0 [ 207.328014][ T7314] ubi0: scanning is finished [ 207.347282][ T7314] ubi0: empty MTD device detected [ 207.507933][ T7316] FAULT_INJECTION: forcing a failure. [ 207.507933][ T7316] name failslab, interval 1, probability 0, space 0, times 0 [ 207.552015][ T7316] CPU: 1 UID: 0 PID: 7316 Comm: syz.0.381 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 207.552069][ T7316] Tainted: [U]=USER [ 207.552080][ T7316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 207.552097][ T7316] Call Trace: [ 207.552107][ T7316] [ 207.552120][ T7316] dump_stack_lvl+0x16c/0x1f0 [ 207.552170][ T7316] should_fail_ex+0x512/0x640 [ 207.552220][ T7316] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 207.552265][ T7316] should_failslab+0xc2/0x120 [ 207.552308][ T7316] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 207.552348][ T7316] ? __kernfs_new_node+0xd2/0x8e0 [ 207.552392][ T7316] __kernfs_new_node+0xd2/0x8e0 [ 207.552435][ T7316] ? __pfx___kernfs_new_node+0x10/0x10 [ 207.552481][ T7316] ? find_held_lock+0x2b/0x80 [ 207.552525][ T7316] ? kernfs_root+0xee/0x2a0 [ 207.552570][ T7316] kernfs_new_node+0x13c/0x1e0 [ 207.552620][ T7316] __kernfs_create_file+0x53/0x350 [ 207.552655][ T7316] sysfs_add_file_mode_ns+0x207/0x3c0 [ 207.552706][ T7316] internal_create_group+0x578/0xf30 [ 207.552771][ T7316] ? __pfx_internal_create_group+0x10/0x10 [ 207.552826][ T7316] ? kernfs_create_link+0x1bd/0x240 [ 207.552867][ T7316] internal_create_groups+0x9d/0x150 [ 207.552916][ T7316] device_add+0x6d1/0x1a70 [ 207.552959][ T7316] ? __pfx_device_add+0x10/0x10 [ 207.552996][ T7316] ? lockdep_init_map_type+0x5c/0x280 [ 207.553035][ T7316] ? __init_waitqueue_head+0xca/0x150 [ 207.553090][ T7316] netdev_register_kobject+0x182/0x3a0 [ 207.553150][ T7316] register_netdevice+0x13dc/0x2270 [ 207.553211][ T7316] ? __pfx_register_netdevice+0x10/0x10 [ 207.553276][ T7316] __ip_tunnel_create+0x540/0x6e0 [ 207.553312][ T7316] ? __pfx___ip_tunnel_create+0x10/0x10 [ 207.553359][ T7316] ip_tunnel_init_net+0x22f/0x7d0 [ 207.553400][ T7316] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 207.553444][ T7316] ? trace_kmalloc+0x2b/0xd0 [ 207.553492][ T7316] ? __kmalloc_noprof+0x242/0x510 [ 207.553533][ T7316] ? lockdep_init_map_type+0x5c/0x280 [ 207.553574][ T7316] ? __pfx_ipgre_tap_init_net+0x10/0x10 [ 207.553624][ T7316] ops_init+0x1e2/0x5f0 [ 207.553678][ T7316] setup_net+0x1ff/0x510 [ 207.553725][ T7316] ? lockdep_init_map_type+0x5c/0x280 [ 207.553770][ T7316] ? __pfx_setup_net+0x10/0x10 [ 207.553824][ T7316] ? debug_mutex_init+0x37/0x70 [ 207.553876][ T7316] copy_net_ns+0x2a6/0x5f0 [ 207.553911][ T7316] create_new_namespaces+0x3ea/0xa90 [ 207.553974][ T7316] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 207.554032][ T7316] ksys_unshare+0x45b/0xa40 [ 207.554068][ T7316] ? __pfx_ksys_unshare+0x10/0x10 [ 207.554106][ T7316] ? xfd_validate_state+0x61/0x180 [ 207.554154][ T7316] __x64_sys_unshare+0x31/0x40 [ 207.554189][ T7316] do_syscall_64+0xcd/0x490 [ 207.554240][ T7316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.554273][ T7316] RIP: 0033:0x7fd765d8e969 [ 207.554300][ T7316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 207.554332][ T7316] RSP: 002b:00007fd766bb0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 207.554364][ T7316] RAX: ffffffffffffffda RBX: 00007fd765fb5fa0 RCX: 00007fd765d8e969 [ 207.554386][ T7316] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 207.554406][ T7316] RBP: 00007fd765e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 207.554427][ T7316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 207.554447][ T7316] R13: 0000000000000000 R14: 00007fd765fb5fa0 R15: 00007ffce0151368 [ 207.554502][ T7316] [ 207.922899][ T7314] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 208.156938][ T7314] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 208.297773][ T7314] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 208.305179][ T7314] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 208.345749][ T7314] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 208.382031][ T7314] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 208.404880][ T7314] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3494825860 [ 208.464844][ T7314] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 208.505545][ T7324] ubi0: background thread "ubi_bgt0d" started, PID 7324 [ 208.518715][ T7318] ubi0: detaching mtd0 [ 208.609675][ T7318] ubi0: mtd0 is detached [ 213.401069][ T7359] kexec: Could not allocate control_code_buffer [ 217.882486][ T7433] ERROR: Out of memory at tomoyo_memory_ok. [ 218.536153][ T7438] cougar: G6 mapped to space [ 221.010809][ T7465] FAULT_INJECTION: forcing a failure. [ 221.010809][ T7465] name failslab, interval 1, probability 0, space 0, times 0 [ 221.023679][ T7465] CPU: 0 UID: 0 PID: 7465 Comm: syz.3.406 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 221.023732][ T7465] Tainted: [U]=USER [ 221.023743][ T7465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 221.023763][ T7465] Call Trace: [ 221.023774][ T7465] [ 221.023787][ T7465] dump_stack_lvl+0x16c/0x1f0 [ 221.023838][ T7465] should_fail_ex+0x512/0x640 [ 221.023891][ T7465] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 221.023952][ T7465] should_failslab+0xc2/0x120 [ 221.024001][ T7465] __kmalloc_cache_noprof+0x6a/0x3e0 [ 221.024039][ T7465] ? io_uring_setup+0x24f/0x2080 [ 221.024091][ T7465] io_uring_setup+0x24f/0x2080 [ 221.024145][ T7465] ? __pfx_io_uring_setup+0x10/0x10 [ 221.024193][ T7465] ? do_futex+0x122/0x350 [ 221.024226][ T7465] ? __pfx_do_futex+0x10/0x10 [ 221.024254][ T7465] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 221.024322][ T7465] ? xfd_validate_state+0x61/0x180 [ 221.024357][ T7465] ? __pfx_do_writev+0x10/0x10 [ 221.024402][ T7465] __x64_sys_io_uring_setup+0xc2/0x170 [ 221.024464][ T7465] do_syscall_64+0xcd/0x490 [ 221.024515][ T7465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.024549][ T7465] RIP: 0033:0x7fc26338e969 [ 221.024576][ T7465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.024608][ T7465] RSP: 002b:00007fc2642e1038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 221.024641][ T7465] RAX: ffffffffffffffda RBX: 00007fc2635b5fa0 RCX: 00007fc26338e969 [ 221.024664][ T7465] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 221.024684][ T7465] RBP: 00007fc263410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 221.024705][ T7465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.024724][ T7465] R13: 0000000000000000 R14: 00007fc2635b5fa0 R15: 00007ffee11465b8 [ 221.024767][ T7465] [ 221.859816][ T5827] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 226.221789][ T7537] FAULT_INJECTION: forcing a failure. [ 226.221789][ T7537] name failslab, interval 1, probability 0, space 0, times 0 [ 226.248959][ T7537] CPU: 0 UID: 0 PID: 7537 Comm: syz.3.424 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 226.249006][ T7537] Tainted: [U]=USER [ 226.249013][ T7537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 226.249027][ T7537] Call Trace: [ 226.249035][ T7537] [ 226.249043][ T7537] dump_stack_lvl+0x16c/0x1f0 [ 226.249080][ T7537] should_fail_ex+0x512/0x640 [ 226.249118][ T7537] ? fs_reclaim_acquire+0xae/0x150 [ 226.249143][ T7537] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 226.249179][ T7537] should_failslab+0xc2/0x120 [ 226.249213][ T7537] __kmalloc_noprof+0xd2/0x510 [ 226.249251][ T7537] tomoyo_realpath_from_path+0xc2/0x6e0 [ 226.249295][ T7537] tomoyo_get_exe+0x63/0xa0 [ 226.249321][ T7537] tomoyo_write_control+0x689/0x1430 [ 226.249357][ T7537] ? __pfx_tomoyo_write_control+0x10/0x10 [ 226.249389][ T7537] ? __pfx_tomoyo_write+0x10/0x10 [ 226.249423][ T7537] vfs_write+0x2a0/0x1150 [ 226.249456][ T7537] ? __pfx___mutex_lock+0x10/0x10 [ 226.249490][ T7537] ? __pfx_vfs_write+0x10/0x10 [ 226.249527][ T7537] ? __fget_files+0x20e/0x3c0 [ 226.249563][ T7537] ksys_write+0x12a/0x250 [ 226.249591][ T7537] ? __pfx_ksys_write+0x10/0x10 [ 226.249629][ T7537] do_syscall_64+0xcd/0x490 [ 226.249664][ T7537] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.249688][ T7537] RIP: 0033:0x7fc26338e969 [ 226.249707][ T7537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.249729][ T7537] RSP: 002b:00007fc2642e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 226.249750][ T7537] RAX: ffffffffffffffda RBX: 00007fc2635b5fa0 RCX: 00007fc26338e969 [ 226.249765][ T7537] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 226.249779][ T7537] RBP: 00007fc263410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 226.249793][ T7537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.249807][ T7537] R13: 0000000000000000 R14: 00007fc2635b5fa0 R15: 00007ffee11465b8 [ 226.249836][ T7537] [ 226.249845][ T7537] ERROR: Out of memory at tomoyo_realpath_from_path. [ 227.434164][ T7546] FAULT_INJECTION: forcing a failure. [ 227.434164][ T7546] name failslab, interval 1, probability 0, space 0, times 0 [ 227.463167][ T7546] CPU: 1 UID: 0 PID: 7546 Comm: syz.3.425 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 227.463230][ T7546] Tainted: [U]=USER [ 227.463242][ T7546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 227.463261][ T7546] Call Trace: [ 227.463272][ T7546] [ 227.463287][ T7546] dump_stack_lvl+0x16c/0x1f0 [ 227.463343][ T7546] should_fail_ex+0x512/0x640 [ 227.463402][ T7546] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 227.463456][ T7546] should_failslab+0xc2/0x120 [ 227.463506][ T7546] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 227.463552][ T7546] ? __proc_create+0xc3/0x8c0 [ 227.463599][ T7546] ? __proc_create+0x2ce/0x8c0 [ 227.463657][ T7546] __proc_create+0x2ce/0x8c0 [ 227.463707][ T7546] ? __pfx___proc_create+0x10/0x10 [ 227.463766][ T7546] ? _raw_write_unlock+0x28/0x50 [ 227.463820][ T7546] ? proc_register+0x314/0x5f0 [ 227.463875][ T7546] proc_create_reg+0x7d/0x180 [ 227.463934][ T7546] proc_create_net_data+0x8e/0x1b0 [ 227.463987][ T7546] ? __pfx_proc_create_net_data+0x10/0x10 [ 227.464057][ T7546] nfs_fs_proc_net_init+0x141/0x1e0 [ 227.464098][ T7546] nfs_net_init+0x130/0x300 [ 227.464138][ T7546] ? __pfx_nfs_net_init+0x10/0x10 [ 227.464171][ T7546] ops_init+0x1e2/0x5f0 [ 227.464229][ T7546] setup_net+0x1ff/0x510 [ 227.464277][ T7546] ? lockdep_init_map_type+0x5c/0x280 [ 227.464319][ T7546] ? __pfx_setup_net+0x10/0x10 [ 227.464373][ T7546] ? debug_mutex_init+0x37/0x70 [ 227.464428][ T7546] copy_net_ns+0x2a6/0x5f0 [ 227.464463][ T7546] create_new_namespaces+0x3ea/0xa90 [ 227.464528][ T7546] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 227.464590][ T7546] ksys_unshare+0x45b/0xa40 [ 227.464626][ T7546] ? __pfx_ksys_unshare+0x10/0x10 [ 227.464663][ T7546] ? xfd_validate_state+0x61/0x180 [ 227.464709][ T7546] __x64_sys_unshare+0x31/0x40 [ 227.464747][ T7546] do_syscall_64+0xcd/0x490 [ 227.464810][ T7546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.464844][ T7546] RIP: 0033:0x7fc26338e969 [ 227.464871][ T7546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.464908][ T7546] RSP: 002b:00007fc2642e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 227.464941][ T7546] RAX: ffffffffffffffda RBX: 00007fc2635b5fa0 RCX: 00007fc26338e969 [ 227.464963][ T7546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 227.464987][ T7546] RBP: 00007fc263410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 227.465008][ T7546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 227.465028][ T7546] R13: 0000000000000000 R14: 00007fc2635b5fa0 R15: 00007ffee11465b8 [ 227.465076][ T7546] [ 227.857386][ T7546] ------------[ cut here ]------------ [ 227.862985][ T7546] remove_proc_entry: removing non-empty directory 'net/rpc', leaking at least 'nfs' [ 227.926975][ T7546] WARNING: CPU: 0 PID: 7546 at fs/proc/generic.c:727 remove_proc_entry+0x45e/0x530 [ 227.937758][ T7546] Modules linked in: [ 227.941929][ T7546] CPU: 0 UID: 0 PID: 7546 Comm: syz.3.425 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 227.957906][ T7546] Tainted: [U]=USER [ 227.961761][ T7546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 227.971938][ T7546] RIP: 0010:remove_proc_entry+0x45e/0x530 [ 227.977805][ T7546] Code: 3c 02 00 0f 85 85 00 00 00 48 8b 93 d8 00 00 00 4d 89 f0 4c 89 e9 48 c7 c6 00 b5 a2 8b 48 c7 c7 20 b4 a2 8b e8 53 66 1d ff 90 <0f> 0b 90 90 e9 5f fe ff ff e8 c4 42 5e ff 90 48 b8 00 00 00 00 00 [ 227.997740][ T7546] RSP: 0018:ffffc9000b38fb08 EFLAGS: 00010282 [ 228.003877][ T7546] RAX: 0000000000000000 RBX: ffff88805ca2db40 RCX: ffffc9000ceec000 [ 228.011966][ T7546] RDX: 0000000000080000 RSI: ffffffff817a92d5 RDI: 0000000000000001 [ 228.020036][ T7546] RBP: ffff888025126700 R08: 0000000000000001 R09: 0000000000000000 [ 228.028101][ T7546] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888025126640 [ 228.036809][ T7546] R13: ffff888025126724 R14: ffff888077012724 R15: dffffc0000000000 [ 228.044844][ T7546] FS: 00007fc2642e16c0(0000) GS:ffff888124975000(0000) knlGS:0000000000000000 [ 228.054699][ T7546] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 228.062259][ T7546] CR2: 0000555573fa6808 CR3: 0000000077082000 CR4: 00000000003526f0 [ 228.070774][ T7546] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 228.079238][ T7546] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 228.087705][ T7546] Call Trace: [ 228.091026][ T7546] [ 228.094012][ T7546] ? __pfx_remove_proc_entry+0x10/0x10 [ 228.099869][ T7546] ? cache_destroy_net+0x31/0x50 [ 228.104879][ T7546] ? sunrpc_exit_net+0x37/0x90 [ 228.110119][ T7546] sunrpc_exit_net+0x46/0x90 [ 228.114782][ T7546] ? __pfx_sunrpc_exit_net+0x10/0x10 [ 228.120454][ T7546] ops_undo_list+0x2ee/0xab0 [ 228.125131][ T7546] ? __pfx_ops_undo_list+0x10/0x10 [ 228.130629][ T7546] ? ops_init+0x2fa/0x5f0 [ 228.135831][ T7546] setup_net+0x2e1/0x510 [ 228.141036][ T7546] ? __pfx_setup_net+0x10/0x10 [ 228.145880][ T7546] ? debug_mutex_init+0x37/0x70 [ 228.151225][ T7546] copy_net_ns+0x2a6/0x5f0 [ 228.155707][ T7546] create_new_namespaces+0x3ea/0xa90 [ 228.161401][ T7546] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 228.167435][ T7546] ksys_unshare+0x45b/0xa40 [ 228.172001][ T7546] ? __pfx_ksys_unshare+0x10/0x10 [ 228.177417][ T7546] ? xfd_validate_state+0x61/0x180 [ 228.182597][ T7546] __x64_sys_unshare+0x31/0x40 [ 228.187830][ T7546] do_syscall_64+0xcd/0x490 [ 228.192680][ T7546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.198934][ T7546] RIP: 0033:0x7fc26338e969 [ 228.203718][ T7546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.223563][ T7546] RSP: 002b:00007fc2642e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 228.232109][ T7546] RAX: ffffffffffffffda RBX: 00007fc2635b5fa0 RCX: 00007fc26338e969 [ 228.240870][ T7546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 228.249484][ T7546] RBP: 00007fc263410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 228.257616][ T7546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 228.265632][ T7546] R13: 0000000000000000 R14: 00007fc2635b5fa0 R15: 00007ffee11465b8 [ 228.273842][ T7546] [ 228.276934][ T7546] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 228.284277][ T7546] CPU: 0 UID: 0 PID: 7546 Comm: syz.3.425 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full) [ 228.297443][ T7546] Tainted: [U]=USER [ 228.301274][ T7546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 228.311368][ T7546] Call Trace: [ 228.314685][ T7546] [ 228.317676][ T7546] dump_stack_lvl+0x3d/0x1f0 [ 228.322333][ T7546] panic+0x71c/0x800 [ 228.326289][ T7546] ? __pfx_panic+0x10/0x10 [ 228.330763][ T7546] ? show_trace_log_lvl+0x29b/0x3e0 [ 228.336031][ T7546] ? remove_proc_entry+0x45e/0x530 [ 228.341218][ T7546] check_panic_on_warn+0xab/0xb0 [ 228.346218][ T7546] __warn+0xf6/0x3c0 [ 228.350180][ T7546] ? remove_proc_entry+0x45e/0x530 [ 228.355641][ T7546] report_bug+0x3c3/0x580 [ 228.360042][ T7546] ? remove_proc_entry+0x45e/0x530 [ 228.365227][ T7546] handle_bug+0x184/0x210 [ 228.369633][ T7546] exc_invalid_op+0x17/0x50 [ 228.374218][ T7546] asm_exc_invalid_op+0x1a/0x20 [ 228.379122][ T7546] RIP: 0010:remove_proc_entry+0x45e/0x530 [ 228.384894][ T7546] Code: 3c 02 00 0f 85 85 00 00 00 48 8b 93 d8 00 00 00 4d 89 f0 4c 89 e9 48 c7 c6 00 b5 a2 8b 48 c7 c7 20 b4 a2 8b e8 53 66 1d ff 90 <0f> 0b 90 90 e9 5f fe ff ff e8 c4 42 5e ff 90 48 b8 00 00 00 00 00 [ 228.404551][ T7546] RSP: 0018:ffffc9000b38fb08 EFLAGS: 00010282 [ 228.410655][ T7546] RAX: 0000000000000000 RBX: ffff88805ca2db40 RCX: ffffc9000ceec000 [ 228.418665][ T7546] RDX: 0000000000080000 RSI: ffffffff817a92d5 RDI: 0000000000000001 [ 228.426665][ T7546] RBP: ffff888025126700 R08: 0000000000000001 R09: 0000000000000000 [ 228.434663][ T7546] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888025126640 [ 228.442662][ T7546] R13: ffff888025126724 R14: ffff888077012724 R15: dffffc0000000000 [ 228.450680][ T7546] ? __warn_printk+0x1a5/0x350 [ 228.455486][ T7546] ? remove_proc_entry+0x45d/0x530 [ 228.460651][ T7546] ? __pfx_remove_proc_entry+0x10/0x10 [ 228.466152][ T7546] ? cache_destroy_net+0x31/0x50 [ 228.471127][ T7546] ? sunrpc_exit_net+0x37/0x90 [ 228.475936][ T7546] sunrpc_exit_net+0x46/0x90 [ 228.480582][ T7546] ? __pfx_sunrpc_exit_net+0x10/0x10 [ 228.485910][ T7546] ops_undo_list+0x2ee/0xab0 [ 228.490559][ T7546] ? __pfx_ops_undo_list+0x10/0x10 [ 228.495710][ T7546] ? ops_init+0x2fa/0x5f0 [ 228.500079][ T7546] setup_net+0x2e1/0x510 [ 228.504363][ T7546] ? __pfx_setup_net+0x10/0x10 [ 228.509174][ T7546] ? debug_mutex_init+0x37/0x70 [ 228.514074][ T7546] copy_net_ns+0x2a6/0x5f0 [ 228.518520][ T7546] create_new_namespaces+0x3ea/0xa90 [ 228.523854][ T7546] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 228.529530][ T7546] ksys_unshare+0x45b/0xa40 [ 228.534061][ T7546] ? __pfx_ksys_unshare+0x10/0x10 [ 228.539112][ T7546] ? xfd_validate_state+0x61/0x180 [ 228.544264][ T7546] __x64_sys_unshare+0x31/0x40 [ 228.549065][ T7546] do_syscall_64+0xcd/0x490 [ 228.553609][ T7546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.559534][ T7546] RIP: 0033:0x7fc26338e969 [ 228.563970][ T7546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.584034][ T7546] RSP: 002b:00007fc2642e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 228.592476][ T7546] RAX: ffffffffffffffda RBX: 00007fc2635b5fa0 RCX: 00007fc26338e969 [ 228.600471][ T7546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 228.608479][ T7546] RBP: 00007fc263410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 228.616470][ T7546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 228.624461][ T7546] R13: 0000000000000000 R14: 00007fc2635b5fa0 R15: 00007ffee11465b8 [ 228.632468][ T7546] [ 228.635853][ T7546] Kernel Offset: disabled [ 228.640189][ T7546] Rebooting in 86400 seconds..