last executing test programs:
6.159046749s ago: executing program 1 (id=3711):
r0 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
shutdown$auto(0x200000003, 0x2)
uname$auto(0x0)
setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90)
connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @private=0xa010100}, 0x54)
close_range$auto(0x2, 0x8, 0x0)
5.550956957s ago: executing program 1 (id=3715):
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x82000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
msgctl$auto_IPC_RMID(0x0, 0x0, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
gettid()
3.530607991s ago: executing program 1 (id=3722):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, 0x0, 0x6a)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x6, 0x4, 0x0, 0xfb3)
3.383070101s ago: executing program 2 (id=3723):
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
select$auto(0x3, 0x0, &(0x7f0000000100)={[0x8, 0xb, 0x0, 0x9, 0xfffffffffffffffc, 0x83, 0x6, 0x2, 0x9, 0x5, 0x4000000000000002, 0xd, 0x3, 0xfffffffffffffffa, 0x7, 0x1000000006]}, 0x0, 0x0)
close_range$auto(0x2, 0xa, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
3.166303554s ago: executing program 1 (id=3724):
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
socket(0x2, 0x1, 0x106)
write$auto(0x3, 0x0, 0xffd8)
r0 = getpid()
r1 = gettid()
rt_tgsigqueueinfo$auto(r0, r1, 0x16, &(0x7f0000000400)={@siginfo_0_0={0xfffeffff, 0x0, 0x2, @_sigpoll={0x8}}})
tgkill$auto_SIGCONT(r0, r0, 0x12)
2.915614323s ago: executing program 1 (id=3726):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_GET_RADIO(r1, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000580)={0x14, 0x0, 0xf3e97f51700e57cf, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x8000)
read$auto(r1, 0x0, 0x3)
bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68)
getsockopt$auto(r0, 0x10e, 0x9, 0xfffffffffffffffe, 0x0)
2.59212727s ago: executing program 0 (id=3728):
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0xa, 0x801, 0x84)
socket(0x2, 0x1, 0x0)
socket(0x1, 0x2, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x0)
fcntl$auto(0x3, 0x400, 0x9ec0000000000000)
fremovexattr$auto(0x3, &(0x7f0000000080)='\\-\x00')
2.38034107s ago: executing program 2 (id=3730):
mmap$auto(0x0, 0x4000b, 0x3, 0x9b72, 0x7, 0x28000)
close_range$auto(0x0, 0xffffffffffffffff, 0x0)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x26, 0x80805, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
pidfd_getfd$auto(0x3, 0x1, 0x100000000)
2.277330518s ago: executing program 0 (id=3732):
r0 = gettid()
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0xa, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
ioperm$auto(0x3, 0xe, 0x2000000000000149)
kill$auto(r0, 0x11)
prctl$auto(0x16, 0x1, 0x6, 0xfffffffffffffffe, 0x4)
2.14590437s ago: executing program 2 (id=3733):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001480)='/proc/self/net/rxrpc/locals\x00', 0x40, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000001800), 0x101101, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_DEVICE_ATTR(r0, 0x4018aee2, &(0x7f0000000040)={0xd, 0x0, 0x0, 0xfffffffffffffffe})
2.062439677s ago: executing program 3 (id=3734):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x0, &(0x7f0000000100)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_prog_fd=r0}, 0xa3)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0)
writev$auto(0x3, &(0x7f00000000c0)={0x0, 0x7111}, 0x8)
1.898167231s ago: executing program 3 (id=3735):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='\t\x00\x00\x00', @ANYBLOB="1e00df45"], 0x1ac}, 0x1, 0x0, 0x0, 0x5}, 0x40000d0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='&'], 0x1ac}}, 0x40000)
1.885027458s ago: executing program 1 (id=3736):
close_range$auto(0x2, 0xffffffffffffffff, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
vmsplice$auto(0x2, 0x0, 0x8000000000000001, 0x0)
1.745057335s ago: executing program 3 (id=3737):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x3, 0x2)
clock_gettime$auto(0x1, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)
1.322943706s ago: executing program 0 (id=3738):
socket(0xa, 0x2, 0x88)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x1f, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84}, 0x1fe, 0xd)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
getsockname$auto(0x3, &(0x7f00000002c0), &(0x7f0000000180)=0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0xfffffea7, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
1.322298728s ago: executing program 2 (id=3739):
io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x401, 0x8, 0xfe, 0x6fb3, 0x8a, 0x9, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3032, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b3}, {0x0, 0xfc, 0x6, 0x0, 0x0, 0xf89, 0xd5, 0x837, 0x8}})
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000326bd7000fedbdf250200000800130001"], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
1.010857915s ago: executing program 0 (id=3740):
mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000c4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='v'], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x6, 0x1}, 0x5}, 0x3, 0x0)
829.431119ms ago: executing program 0 (id=3741):
kexec_load$auto(0x6, 0x2, &(0x7f00000002c0)={@buf=&(0x7f0000000200)="54d407", 0x2aa7, 0x6c0000bffd, 0xbffe}, 0x4)
mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r0, 0x107, 0xf, 0x0, 0x6)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x7}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x100)
790.360579ms ago: executing program 2 (id=3742):
mmap$auto(0x0, 0xe00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
unshare$auto(0x8000000)
syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0)
657.818356ms ago: executing program 3 (id=3743):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
socket(0x10, 0x2, 0x0)
bpf$auto(0x68, &(0x7f0000000000)=@bpf_attr_3={0xa332, 0x2, 0x6, 0x5, 0xfffffbff, 0x2, 0x1, 0x4, 0x7, "0108a5172d53c2dc73bf58e1423b2178", 0x0, 0x9, 0xffffffffffffffff, 0x81, 0x8, 0x81, 0xb03, 0xfffffffffffffffd, 0x3ff, 0x7, @attach_prog_fd, 0xb5f3, 0x632, 0x57d, 0x1ff, 0x8}, 0xa3)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000fbdbdf25020000000800030000000000080016"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
253.364842ms ago: executing program 3 (id=3744):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@NFSD_A_SERVER_LEASETIME={0x8}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x81f}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {0xa, 0x0, 0xa00}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
125.772691ms ago: executing program 0 (id=3745):
mmap$auto(0x0, 0x2020009, 0x100003, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0xa, 0x1, 0x84)
socketpair$auto(0x0, 0x5, 0xffffffff, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x300, @remote}, 0x53)
shutdown$auto(0x200000003, 0x2)
shutdown$auto(0x200000003, 0x2)
17.37509ms ago: executing program 2 (id=3746):
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x0, 0x10000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
0s ago: executing program 3 (id=3747):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xffb}, 0x1, &(0x7f0000000100)={&(0x7f0000000540)="6acceff8bc83", 0xffffffff}, 0x4, 0x0)
socket(0xa, 0x5, 0x0)
memfd_create$auto(0x0, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
kernel console output (not intermixed with test programs):
tionality.
[ 103.622528][ T5838] veth0_macvtap: entered promiscuous mode
[ 103.639887][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 103.661978][ T5838] veth1_macvtap: entered promiscuous mode
[ 103.689891][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 103.732813][ T5829] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.744856][ T5829] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.754760][ T5829] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.764210][ T5829] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.783621][ T5831] veth0_macvtap: entered promiscuous mode
[ 103.807952][ T5831] veth1_macvtap: entered promiscuous mode
[ 103.852919][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 103.939890][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 103.980984][ T5838] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 103.994052][ T5838] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.004043][ T5838] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.014304][ T5838] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.031209][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 104.082836][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 104.132571][ T5831] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.155099][ T5831] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.167857][ T5831] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.178371][ T5831] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 104.215962][ T5835] Bluetooth: hci1: command tx timeout
[ 104.221597][ T51] Bluetooth: hci0: command tx timeout
[ 104.233969][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.252297][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.377493][ T5835] Bluetooth: hci3: command tx timeout
[ 104.386984][ T51] Bluetooth: hci2: command tx timeout
[ 104.407763][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.416159][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.443399][ T1148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.461613][ T1148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.592573][ T4539] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.628082][ T3486] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.642080][ T4539] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.656988][ T3486] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 104.774804][ T4539] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 104.802516][ T4539] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 105.710123][ T5929] netlink: 'syz.2.14': attribute type 1 has an invalid length.
[ 105.730191][ T5929] netlink: 206 bytes leftover after parsing attributes in process `syz.2.14'.
[ 105.772619][ T5929] Zero length message leads to an empty skb
[ 106.306898][ T51] Bluetooth: hci0: command tx timeout
[ 106.306988][ T5835] Bluetooth: hci1: command tx timeout
[ 106.456918][ T5835] Bluetooth: hci2: command tx timeout
[ 106.457325][ T51] Bluetooth: hci3: command tx timeout
[ 106.494770][ T5940] Invalid ELF header magic: != ELF
[ 106.649132][ T30] audit: type=1800 audit(1748856729.986:2): pid=5956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.26" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[ 107.291684][ T5969] sock: sock_set_timeout: `syz.1.32' (pid 5969) tries to set negative timeout
[ 109.502534][ T6019] process 'syz.1.52' launched '/dev/fd/4' with NULL argv: empty string added
[ 110.276928][ T6031] netlink: 28 bytes leftover after parsing attributes in process `syz.2.57'.
[ 110.310723][ T6031] ipvlan0: entered allmulticast mode
[ 110.334628][ T6031] veth0_vlan: entered allmulticast mode
[ 110.570177][ T6041] tipc: Started in network mode
[ 110.581711][ T6041] tipc: Node identity ee00, cluster identity 4711
[ 110.600371][ T6041] tipc: Node number set to 60928
[ 112.187629][ T51] Bluetooth: hci2: Unable to find connection for big 0xd2
[ 112.336067][ T6077] batman_adv: batadv0: adding TT local entry 00:00:01:00:00:00 to non-existent VLAN 16
[ 112.359902][ T6078] syz.3.74 uses obsolete (PF_INET,SOCK_PACKET)
[ 113.332986][ T6103] capability: warning: `syz.3.85' uses 32-bit capabilities (legacy support in use)
[ 118.587362][ T6226] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.141'.
[ 120.148090][ T6269] netlink: 'syz.2.159': attribute type 2 has an invalid length.
[ 120.551434][ T5835] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[ 120.551481][ T5835] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[ 120.566817][ T5835] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[ 120.566870][ T5835] Bluetooth: hci0: adv larger than maximum supported
[ 120.574063][ T5835] Bluetooth: hci0: adv larger than maximum supported
[ 120.582893][ T5835] Bluetooth: hci0: Malformed LE Event: 0x0d
[ 124.470322][ T6395] netlink: 'syz.1.211': attribute type 1 has an invalid length.
[ 125.915389][ T6437] FAULT_INJECTION: forcing a failure.
[ 125.915389][ T6437] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 125.946143][ T6437] CPU: 0 UID: 0 PID: 6437 Comm: syz.3.227 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 125.946186][ T6437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 125.946202][ T6437] Call Trace:
[ 125.946213][ T6437]
[ 125.946223][ T6437] dump_stack_lvl+0x16c/0x1f0
[ 125.946270][ T6437] should_fail_ex+0x512/0x640
[ 125.946321][ T6437] should_fail_alloc_page+0xe7/0x130
[ 125.946367][ T6437] prepare_alloc_pages+0x3c2/0x610
[ 125.946404][ T6437] __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 125.946447][ T6437] ? __schedule+0x1181/0x5de0
[ 125.946495][ T6437] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 125.946547][ T6437] ? __pfx___schedule+0x10/0x10
[ 125.946604][ T6437] ? find_held_lock+0x2b/0x80
[ 125.946648][ T6437] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 125.946689][ T6437] ? policy_nodemask+0xea/0x4e0
[ 125.946734][ T6437] alloc_pages_mpol+0x1fb/0x550
[ 125.946778][ T6437] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 125.946830][ T6437] folio_alloc_mpol_noprof+0x36/0x2f0
[ 125.946881][ T6437] vma_alloc_folio_noprof+0xed/0x1e0
[ 125.946929][ T6437] ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 125.946972][ T6437] ? find_held_lock+0x2b/0x80
[ 125.947012][ T6437] ? __handle_mm_fault+0x1092/0x53d0
[ 125.947048][ T6437] __handle_mm_fault+0x2f21/0x53d0
[ 125.947094][ T6437] ? __pfx___handle_mm_fault+0x10/0x10
[ 125.947127][ T6437] ? lock_vma_under_rcu+0x47d/0x970
[ 125.947160][ T6437] ? lock_vma_under_rcu+0x47d/0x970
[ 125.947223][ T6437] handle_mm_fault+0x589/0xd10
[ 125.947257][ T6437] ? __pkru_allows_pkey+0x21/0xb0
[ 125.947291][ T6437] do_user_addr_fault+0x60c/0x1370
[ 125.947323][ T6437] ? rcu_is_watching+0x12/0xc0
[ 125.947368][ T6437] exc_page_fault+0x5c/0xb0
[ 125.947403][ T6437] asm_exc_page_fault+0x26/0x30
[ 125.947431][ T6437] RIP: 0033:0x7f034fc5a35b
[ 125.947458][ T6437] Code: 00 00 00 48 8d 3d dd 2b 19 00 48 89 c1 31 c0 e8 db 3c ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 11 2c 19 00 48 89 34 24 48 8b 14 24 48 8b
[ 125.947485][ T6437] RSP: 002b:00007f0350c59fb0 EFLAGS: 00010202
[ 125.947509][ T6437] RAX: 0000000000000000 RBX: 00007f034ffb5fa0 RCX: 0000000000000000
[ 125.947527][ T6437] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000
[ 125.947546][ T6437] RBP: 00007f034fe10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 125.947573][ T6437] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 125.947589][ T6437] R13: 0000000000000000 R14: 00007f034ffb5fa0 R15: 00007ffe914ba4e8
[ 125.947630][ T6437]
[ 125.947886][ T6437] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 126.939301][ T6458] netlink: 8 bytes leftover after parsing attributes in process `syz.2.235'.
[ 127.065700][ T6465] sctp: [Deprecated]: syz.0.236 (pid 6465) Use of int in max_burst socket option deprecated.
[ 127.065700][ T6465] Use struct sctp_assoc_value instead
[ 130.598462][ T6550] =======================================================
[ 130.598462][ T6550] WARNING: The mand mount option has been deprecated and
[ 130.598462][ T6550] and is ignored by this kernel. Remove the mand
[ 130.598462][ T6550] option from the mount to silence this warning.
[ 130.598462][ T6550] =======================================================
[ 130.731350][ T6551] sctp: [Deprecated]: syz.2.265 (pid 6551) Use of int in max_burst socket option deprecated.
[ 130.731350][ T6551] Use struct sctp_assoc_value instead
[ 130.903106][ T6557] mmap: syz.3.268 (6557) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 133.008030][ T6595] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5
[ 138.178752][ T6713] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 138.229461][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 138.241707][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 139.375836][ T6741] FAULT_INJECTION: forcing a failure.
[ 139.375836][ T6741] name failslab, interval 1, probability 0, space 0, times 1
[ 139.411736][ T6741] CPU: 0 UID: 0 PID: 6741 Comm: syz.2.337 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 139.411783][ T6741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 139.411800][ T6741] Call Trace:
[ 139.411811][ T6741]
[ 139.411823][ T6741] dump_stack_lvl+0x16c/0x1f0
[ 139.411870][ T6741] should_fail_ex+0x512/0x640
[ 139.411918][ T6741] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 139.411959][ T6741] should_failslab+0xc2/0x120
[ 139.412005][ T6741] __kmalloc_cache_noprof+0x6a/0x3e0
[ 139.412041][ T6741] ? snd_pcm_oss_change_params_locked+0x1db/0x3a30
[ 139.412083][ T6741] snd_pcm_oss_change_params_locked+0x1db/0x3a30
[ 139.412121][ T6741] ? rcu_is_watching+0x12/0xc0
[ 139.412169][ T6741] ? __mutex_lock+0x1ca/0xb90
[ 139.412216][ T6741] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 139.412254][ T6741] ? __pfx___mutex_lock+0x10/0x10
[ 139.412307][ T6741] ? __fsnotify_parent+0x24b/0xc40
[ 139.412353][ T6741] snd_pcm_oss_make_ready+0xe6/0x1b0
[ 139.412397][ T6741] ? __pfx_snd_pcm_oss_release+0x10/0x10
[ 139.412427][ T6741] snd_pcm_oss_sync+0x1de/0x840
[ 139.412464][ T6741] ? __pfx_snd_pcm_oss_release+0x10/0x10
[ 139.412495][ T6741] snd_pcm_oss_release+0x28b/0x310
[ 139.412530][ T6741] ? __pfx_snd_pcm_oss_release+0x10/0x10
[ 139.412561][ T6741] __fput+0x3ff/0xb70
[ 139.412616][ T6741] task_work_run+0x150/0x240
[ 139.412657][ T6741] ? __pfx_task_work_run+0x10/0x10
[ 139.412696][ T6741] ? __pfx___do_sys_close_range+0x10/0x10
[ 139.412745][ T6741] exit_to_user_mode_loop+0xeb/0x110
[ 139.412787][ T6741] do_syscall_64+0x3f6/0x490
[ 139.412833][ T6741] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 139.412864][ T6741] RIP: 0033:0x7f838ab8e969
[ 139.412890][ T6741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 139.412918][ T6741] RSP: 002b:00007f838b922038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 139.412948][ T6741] RAX: 0000000000000000 RBX: 00007f838adb5fa0 RCX: 00007f838ab8e969
[ 139.412967][ T6741] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000
[ 139.412985][ T6741] RBP: 00007f838ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 139.413002][ T6741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 139.413020][ T6741] R13: 0000000000000000 R14: 00007f838adb5fa0 R15: 00007ffdf8ccb888
[ 139.413060][ T6741]
[ 140.461340][ T6756] zswap: compressor not available
[ 141.460070][ T6787] ima: policy update failed
[ 141.474901][ T30] audit: type=1802 audit(4294967327.080:3): pid=6787 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.353" res=0 errno=0
[ 141.772342][ T6770] kexec: Could not allocate control_code_buffer
[ 142.186211][ T6797] sctp: [Deprecated]: syz.3.355 (pid 6797) Use of int in max_burst socket option deprecated.
[ 142.186211][ T6797] Use struct sctp_assoc_value instead
[ 142.625957][ T6807] capability: warning: `syz.1.359' uses deprecated v2 capabilities in a way that may be insecure
[ 144.611773][ T6848] svc: failed to register nfsdv3 RPC service (errno 111).
[ 144.623417][ T6848] svc: failed to register nfsaclv3 RPC service (errno 111).
[ 146.696944][ T6903] netlink: 19 bytes leftover after parsing attributes in process `syz.1.398'.
[ 147.166775][ T6914] overlayfs: missing 'lowerdir'
[ 148.153774][ T6936] netlink: 342 bytes leftover after parsing attributes in process `syz.3.412'.
[ 148.880265][ T6954] netlink: 28 bytes leftover after parsing attributes in process `syz.3.419'.
[ 150.725199][ T6988] netlink: 342 bytes leftover after parsing attributes in process `syz.1.431'.
[ 153.099506][ T7034] netlink: 206 bytes leftover after parsing attributes in process `syz.3.451'.
[ 153.454592][ T7041] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[ 155.679383][ T5835] Bluetooth: hci2: unexpected event 0x1d length: 10 > 5
[ 158.314858][ T7134] qrtr: Invalid version 0
[ 158.801432][ T7145] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6
[ 159.669418][ T30] audit: type=1806 audit(4294967345.270:4): xattr="0x00060000" res=-22
[ 161.189718][ T7195] FAULT_INJECTION: forcing a failure.
[ 161.189718][ T7195] name failslab, interval 1, probability 0, space 0, times 0
[ 161.225929][ T7195] CPU: 1 UID: 0 PID: 7195 Comm: syz.0.518 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 161.225974][ T7195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 161.225992][ T7195] Call Trace:
[ 161.226003][ T7195]
[ 161.226014][ T7195] dump_stack_lvl+0x16c/0x1f0
[ 161.226058][ T7195] should_fail_ex+0x512/0x640
[ 161.226104][ T7195] ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 161.226148][ T7195] should_failslab+0xc2/0x120
[ 161.226191][ T7195] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 161.226229][ T7195] ? __pfx_map_id_range_down+0x10/0x10
[ 161.226264][ T7195] ? prepare_creds+0x2c/0x7d0
[ 161.226304][ T7195] prepare_creds+0x2c/0x7d0
[ 161.226340][ T7195] __sys_setfsuid+0xda/0x350
[ 161.226382][ T7195] ? rcu_is_watching+0x12/0xc0
[ 161.226429][ T7195] do_syscall_64+0xcd/0x490
[ 161.226474][ T7195] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 161.226503][ T7195] RIP: 0033:0x7f69a118e969
[ 161.226527][ T7195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 161.226554][ T7195] RSP: 002b:00007f69a1f26038 EFLAGS: 00000246 ORIG_RAX: 000000000000007a
[ 161.226592][ T7195] RAX: ffffffffffffffda RBX: 00007f69a13b5fa0 RCX: 00007f69a118e969
[ 161.226611][ T7195] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee00
[ 161.226628][ T7195] RBP: 00007f69a1210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 161.226646][ T7195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 161.226663][ T7195] R13: 0000000000000000 R14: 00007f69a13b5fa0 R15: 00007fffd9930ef8
[ 161.226702][ T7195]
[ 162.130817][ T30] audit: type=1800 audit(4294967347.740:5): pid=7215 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.525" name="dmabuf" dev="dmabuf" ino=2 res=0 errno=0
[ 162.277650][ T7219] Value of "id" is too big.
[ 162.441544][ T7221] FAULT_INJECTION: forcing a failure.
[ 162.441544][ T7221] name failslab, interval 1, probability 0, space 0, times 0
[ 162.494181][ T7221] CPU: 0 UID: 0 PID: 7221 Comm: syz.0.529 Not tainted 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 162.494225][ T7221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 162.494243][ T7221] Call Trace:
[ 162.494261][ T7221]
[ 162.494272][ T7221] dump_stack_lvl+0x16c/0x1f0
[ 162.494319][ T7221] should_fail_ex+0x512/0x640
[ 162.494361][ T7221] ? __kmalloc_noprof+0xbf/0x510
[ 162.494403][ T7221] ? memcg_list_lru_alloc+0x4e9/0x740
[ 162.494438][ T7221] should_failslab+0xc2/0x120
[ 162.494556][ T7221] __kmalloc_noprof+0xd2/0x510
[ 162.494603][ T7221] ? __lock_acquire+0x622/0x1c90
[ 162.494644][ T7221] memcg_list_lru_alloc+0x4e9/0x740
[ 162.494694][ T7221] ? __pfx_memcg_list_lru_alloc+0x10/0x10
[ 162.494741][ T7221] ? get_mem_cgroup_from_objcg+0xd3/0x330
[ 162.494782][ T7221] __memcg_slab_post_alloc_hook+0x133/0x960
[ 162.494834][ T7221] ? kasan_save_track+0x14/0x30
[ 162.494874][ T7221] kmem_cache_alloc_lru_noprof+0x30f/0x3b0
[ 162.494913][ T7221] ? alloc_inode+0xc3/0x240
[ 162.494963][ T7221] alloc_inode+0xc3/0x240
[ 162.495005][ T7221] create_pipe_files+0x4c/0x930
[ 162.495049][ T7221] do_pipe2+0xaf/0x1c0
[ 162.495086][ T7221] ? __pfx_do_pipe2+0x10/0x10
[ 162.495124][ T7221] ? xfd_validate_state+0x61/0x180
[ 162.495153][ T7221] ? __pfx___x64_sys_epoll_pwait2+0x10/0x10
[ 162.495198][ T7221] __x64_sys_pipe+0x33/0x50
[ 162.495238][ T7221] do_syscall_64+0xcd/0x490
[ 162.495342][ T7221] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 162.495371][ T7221] RIP: 0033:0x7f69a118e969
[ 162.495398][ T7221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 162.495427][ T7221] RSP: 002b:00007f69a1f26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016
[ 162.495457][ T7221] RAX: ffffffffffffffda RBX: 00007f69a13b5fa0 RCX: 00007f69a118e969
[ 162.495477][ T7221] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 162.495494][ T7221] RBP: 00007f69a1210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 162.495509][ T7221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 162.495523][ T7221] R13: 0000000000000000 R14: 00007f69a13b5fa0 R15: 00007fffd9930ef8
[ 162.495563][ T7221]
[ 164.389341][ T7259] netlink: 342 bytes leftover after parsing attributes in process `syz.0.545'.
[ 165.647196][ T7283] netlink: 28 bytes leftover after parsing attributes in process `syz.1.553'.
[ 168.507849][ T7331] netlink: 342 bytes leftover after parsing attributes in process `syz.0.577'.
[ 172.213314][ T7374] kexec: Could not allocate control_code_buffer
[ 174.264669][ T7460] sctp: [Deprecated]: syz.2.629 (pid 7460) Use of int in maxseg socket option.
[ 174.264669][ T7460] Use struct sctp_assoc_value instead
[ 174.877588][ T7476] netlink: 342 bytes leftover after parsing attributes in process `syz.2.634'.
[ 174.982155][ T7479] bridge0: port 3(vlan1) entered blocking state
[ 175.025938][ T7479] bridge0: port 3(vlan1) entered disabled state
[ 175.047240][ T7479] vlan1: entered allmulticast mode
[ 175.074761][ T7479] veth0_vlan: entered allmulticast mode
[ 175.108672][ T7479] vlan1: entered promiscuous mode
[ 175.114841][ T7479] bridge0: port 3(vlan1) entered blocking state
[ 175.122129][ T7479] bridge0: port 3(vlan1) entered forwarding state
[ 176.025141][ T7507] netlink: 342 bytes leftover after parsing attributes in process `syz.1.649'.
[ 178.329838][ T7543] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 178.352715][ T7543] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 178.400507][ T7543] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 178.454973][ T7543] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 178.470909][ T7543] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 178.499904][ T7543] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 178.591787][ T7543] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 178.606005][ T7543] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 178.615417][ T7543] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 178.649456][ T7543] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 178.655611][ T7543] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 178.683003][ T7543] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 179.196243][ T7577] netlink: 342 bytes leftover after parsing attributes in process `syz.3.674'.
[ 179.425158][ T7580] netlink: 28 bytes leftover after parsing attributes in process `syz.1.675'.
[ 179.476009][ T7580] ipvlan0: entered allmulticast mode
[ 179.481392][ T7580] veth0_vlan: entered allmulticast mode
[ 179.489912][ T7550] kexec: Could not allocate control_code_buffer
[ 179.576071][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout
[ 180.461766][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout
[ 180.526562][ T7607] netlink: 28 bytes leftover after parsing attributes in process `syz.3.689'.
[ 180.549722][ T7607] ipvlan0: entered allmulticast mode
[ 180.567427][ T7607] veth0_vlan: entered allmulticast mode
[ 180.636291][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout
[ 180.705430][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout
[ 181.656202][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout
[ 182.329682][ T7643] netlink: 346 bytes leftover after parsing attributes in process `syz.3.704'.
[ 182.502395][ T7646] zero sized request
[ 182.535930][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout
[ 182.640689][ T7605] kexec: Could not allocate control_code_buffer
[ 182.700988][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout
[ 182.775896][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout
[ 183.736066][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout
[ 184.622751][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout
[ 184.776507][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout
[ 184.855900][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout
[ 186.420923][ T7752] netlink: 334 bytes leftover after parsing attributes in process `syz.2.749'.
[ 186.825994][ T7766] sock: sock_timestamping_bind_phc: sock not bind to device
[ 187.062031][ T7773] XFS: Clearing xfsstats
[ 189.236790][ T7843] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 190.174635][ T7866] netlink: 28 bytes leftover after parsing attributes in process `syz.2.799'.
[ 190.908722][ T7890] netlink: 40 bytes leftover after parsing attributes in process `syz.0.808'.
[ 191.425482][ T30] audit: type=1804 audit(4294967305.060:6): pid=7908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.819" name="/newroot/194/file0" dev="tmpfs" ino=1000 res=1 errno=0
[ 191.495829][ T30] audit: type=1800 audit(4294967305.060:7): pid=7908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.819" name="file0" dev="tmpfs" ino=1000 res=0 errno=0
[ 191.572040][ T30] audit: type=1800 audit(4294967305.060:8): pid=7908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.819" name="file0" dev="tmpfs" ino=1000 res=0 errno=0
[ 191.735253][ T7918] netlink: 28 bytes leftover after parsing attributes in process `syz.1.823'.
[ 193.748627][ T7967] zswap: compressor not available
[ 193.754129][ T7970] Setting dangerous option i915.mitigations - tainting kernel
[ 198.656395][ T8079] nbd1: detected capacity change from 0 to 68719476736
[ 198.704109][ T5836] block nbd1: Send control failed (result -22)
[ 198.741310][ T5836] block nbd1: Request send failed, requeueing
[ 198.761366][ T8089] netlink: 346 bytes leftover after parsing attributes in process `syz.1.886'.
[ 198.772778][ T5835] block nbd1: Receive control failed (result -32)
[ 198.784130][ T55] block nbd1: Dead connection, failed to find a fallback
[ 198.791506][ T55] block nbd1: shutting down sockets
[ 198.800237][ T55] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 198.809767][ T55] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 198.826172][ T5836] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 198.865216][ T5836] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 198.903290][ T5836] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 198.964550][ T5836] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 198.996118][ T5836] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 199.027322][ T5836] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 199.058000][ T5836] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 199.105855][ T5836] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 199.128236][ T5836] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 199.173878][ T5836] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 199.190136][ T5836] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 199.216661][ T5836] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 199.244490][ T5836] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 199.281879][ T5836] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 199.302494][ T5836] ldm_validate_partition_table(): Disk read failed.
[ 199.326090][ T5836] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 199.354673][ T5836] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 199.389206][ T5836] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 199.410896][ T5836] Buffer I/O error on dev nbd1, logical block 0, async page read
[ 199.423962][ T5836] Dev nbd1: unable to read RDB block 0
[ 199.446713][ T5836] nbd1: unable to read partition table
[ 199.460700][ T5836] ldm_validate_partition_table(): Disk read failed.
[ 199.488908][ T5836] Dev nbd1: unable to read RDB block 0
[ 199.495308][ T5836] nbd1: unable to read partition table
[ 199.666719][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 199.677811][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 206.746960][ T8256] netlink: 280 bytes leftover after parsing attributes in process `syz.3.955'.
[ 212.386246][ T8369] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1002'.
[ 214.629438][ T5835] Bluetooth: hci3: Malformed Event: 0x02
[ 215.263816][ T8448] netlink: 'syz.1.1031': attribute type 1 has an invalid length.
[ 221.090148][ T5835] Bluetooth: hci2: Malformed Event: 0x02
[ 224.406221][ T5835] Bluetooth: hci0: Malformed Event: 0x02
[ 224.532178][ T30] audit: type=1800 audit(4294967338.170:9): pid=8644 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1109" name="dbroot" dev="configfs" ino=15960 res=0 errno=0
[ 224.817691][ T8638] db_root: cannot open:
[ 224.817691][ T8638] use_profile 0
[ 224.817691][ T8638]
[ 224.817691][ T8638] file mkdir/chmod /dev/ 0755
[ 224.817691][ T8638] file chown/chgrp /dev/ 0
[ 224.817691][ T8638] file mkchar /dev/console 0600 5 1
[ 224.817691][ T8638] file chown/chgrp /dev/console 0
[ 224.817691][ T8638] file chmod /dev/console 0600
[ 224.817691][ T8638] file mkdir/chmod /root/ 0700
[ 224.817691][ T8638] file chown/chgrp /root/ 0
[ 224.817691][ T8638] file read/write /dev/console
[ 224.817691][ T8638] file mkblock /dev/ram 0600 1 0
[ 224.817691][ T8638] file read/write/unlink /dev/ram
[ 224.817691][ T8638] file mkblock /dev/root 0600 8 1
[ 224.817691][ T8638] file mount /dev/root /root/ ext3 0x8001
[ 224.817691][ T8638] file mount /dev/root /root/ ext2 0x8001
[ 224.817691][ T8638] file mount /dev/root /root/ ext4 0x8001
[ 224.817691][ T8638] file mount devtmpfs /root/dev/ devtmpfs 0x8000
[ 224.817691][ T8638] file mount /root/ / --move 0x0
[ 224.817691][ T8638] file chroot /
[ 224.817691][ T8638] file write proc:/sys/kernel/hung_task_all_cpu_backtrace
[ 224.817691][ T8638] file write proc:/sys/vm/nr_hugepages
[ 224.817691][ T8638] file write proc:/sys/vm/nr_overcommit_hugepages
[ 224.817691][ T8638] file write proc:/sys/net/core/netdev_unregister_timeout_secs
[ 224.817691][ T8638] file execute /sbin/init exec.realpath="/sbin/init" exec.argv[0]="/sbin/init"
[ 224.817691][ T8638] file execute /sbin/modprobe exec.realpath="/sbin/modprobe" exec.argv[0]="/sbin/modprobe"
[ 224.817691][ T8638]
[ 224.817691][ T8638] /sbin/init
[ 224.817691][ T8638] use_profile 0
[ 224.817691][ T8638]
[ 224.817691][ T8638] misc env HOME
[ 224.817691][ T8638] misc env TERM
[ 224.817691][ T8638] misc
[ 226.009067][ T8667] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1119'.
[ 226.370356][ T8667] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1119'.
[ 227.911382][ T8695] netlink: 'syz.3.1130': attribute type 1 has an invalid length.
[ 229.090775][ T5835] Bluetooth: hci1: Malformed Event: 0x02
[ 231.052909][ T8754] netlink: 294 bytes leftover after parsing attributes in process `syz.0.1154'.
[ 231.337164][ T8761] netlink: 'syz.2.1156': attribute type 9 has an invalid length.
[ 231.385818][ T8761] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1156'.
[ 232.773851][ T8791] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1169'.
[ 233.116797][ T8797] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1172'.
[ 233.348398][ T8797] team0: Port device team_slave_0 removed
[ 234.482557][ T8818] overlayfs: missing 'lowerdir'
[ 235.527756][ T8841] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1190'.
[ 237.776619][ T8891] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1212'.
[ 239.494626][ T8939] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1232'.
[ 239.529201][ T8939] caif0: entered promiscuous mode
[ 241.251237][ T8989] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1251'.
syzkaller
syzkaller login: [ 243.998511][ T9064] netlink: 130 bytes leftover after parsing attributes in process `syz.3.1281'.
[ 244.817928][ T9090] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1290'.
[ 244.879381][ T9090] vlan1: entered allmulticast mode
[ 244.965432][ T9092] netlink: 'syz.3.1294': attribute type 5 has an invalid length.
[ 245.152802][ T9100] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1296'.
[ 245.461991][ T9110] binder: 9109:9110 ioctl c0306201 0 returned -14
[ 246.143884][ T9126] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1306'.
[ 246.228681][ T9126] team0: Port device team_slave_0 removed
[ 246.252812][ T9128] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1307'.
[ 249.474553][ T9199] binder: 9198:9199 ioctl c0306201 0 returned -14
[ 251.692195][ T9252] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1357'.
[ 252.720718][ T9288] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1373'.
[ 253.283450][ T9309] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1383'.
[ 254.306587][ T9343] netlink: 214 bytes leftover after parsing attributes in process `syz.1.1395'.
[ 254.904875][ T9358] netlink: 19 bytes leftover after parsing attributes in process `syz.3.1401'.
[ 256.106704][ T9398] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1419'.
[ 256.409006][ T9407] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1421'.
[ 256.437409][ T9406] nbd: socks must be embedded in a SOCK_ITEM attr
[ 256.470207][ T9406] block nbd2: shutting down sockets
[ 256.818430][ T9416] openvswitch: netlink: nsh attribute has 14 unknown bytes.
[ 258.581024][ T9459] nbd: socks must be embedded in a SOCK_ITEM attr
[ 258.599115][ T9459] block nbd2: shutting down sockets
[ 258.637523][ T9468] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1448'.
[ 258.657825][ T9468] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1448'.
[ 258.884113][ T5835] Bluetooth: hci0: Malformed Event: 0x2f
[ 261.101016][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 261.111251][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 262.692657][ T5835] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[ 262.692703][ T5835] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[ 262.708200][ T5835] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[ 262.708238][ T5835] Bluetooth: hci0: adv larger than maximum supported
[ 262.716737][ T5835] Bluetooth: hci0: adv larger than maximum supported
[ 262.723493][ T5835] Bluetooth: hci0: Malformed LE Event: 0x0d
[ 267.226335][ T9678] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1516'.
[ 269.413007][ T9722] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1536'.
[ 269.681659][ T9730] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1547'.
[ 269.709818][ T9730] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1547'.
[ 270.200995][ T5152] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 270.210151][ T5152] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 270.219104][ T5152] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 270.233614][ T5152] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 270.245560][ T5152] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 271.042584][ T9747] chnl_net:caif_netlink_parms(): no params data found
[ 271.653766][ T9747] bridge0: port 1(bridge_slave_0) entered blocking state
[ 271.670806][ T9747] bridge0: port 1(bridge_slave_0) entered disabled state
[ 271.690720][ T9747] bridge_slave_0: entered allmulticast mode
[ 271.704901][ T9747] bridge_slave_0: entered promiscuous mode
[ 271.720023][ T9747] bridge0: port 2(bridge_slave_1) entered blocking state
[ 271.738610][ T9747] bridge0: port 2(bridge_slave_1) entered disabled state
[ 271.746622][ T9747] bridge_slave_1: entered allmulticast mode
[ 271.754923][ T9747] bridge_slave_1: entered promiscuous mode
[ 271.807714][ T9747] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 271.844770][ T9747] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 271.909114][ T9784] netlink: 'syz.3.1556': attribute type 4 has an invalid length.
[ 271.926074][ T9784] netlink: 314 bytes leftover after parsing attributes in process `syz.3.1556'.
[ 271.987476][ T9747] team0: Port device team_slave_0 added
[ 272.022166][ T9747] team0: Port device team_slave_1 added
[ 272.200126][ T9747] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 272.227723][ T9747] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 272.299260][ T5835] Bluetooth: hci0: command tx timeout
[ 272.314167][ T9747] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 272.330081][ T9747] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 272.343889][ T9747] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 272.377959][ T9747] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 272.541822][ T9747] hsr_slave_0: entered promiscuous mode
[ 272.562193][ T9747] hsr_slave_1: entered promiscuous mode
[ 272.576919][ T9747] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 272.597193][ T9747] Cannot create hsr debugfs directory
[ 273.140718][ T9805] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1562'.
[ 273.348999][ T9747] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 273.633302][ T9747] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 273.800175][ T9747] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 273.974998][ T9747] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 274.335401][ T9747] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 274.374016][ T9747] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 274.376066][ T5835] Bluetooth: hci0: command tx timeout
[ 274.416598][ T9747] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 274.473196][ T9747] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 274.500840][ T9836] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1576'.
[ 274.517095][ T9836] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1576'.
[ 274.763381][ T9747] 8021q: adding VLAN 0 to HW filter on device bond0
[ 274.820601][ T9747] 8021q: adding VLAN 0 to HW filter on device team0
[ 274.844890][ T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 274.852528][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 274.921674][ T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 274.929187][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 275.693318][ T9747] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 275.818733][ T9747] veth0_vlan: entered promiscuous mode
[ 275.859768][ T9747] veth1_vlan: entered promiscuous mode
[ 275.959289][ T9747] veth0_macvtap: entered promiscuous mode
[ 275.983484][ T9747] veth1_macvtap: entered promiscuous mode
[ 276.061099][ T9747] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 276.110467][ T9747] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 276.133631][ T9747] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 276.155950][ T9747] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 276.175371][ T9747] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 276.189985][ T9747] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 276.276780][ T9868] nbd: must specify at least one socket
[ 276.421149][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 276.454394][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 276.464994][ T5835] Bluetooth: hci0: command tx timeout
[ 276.591734][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 276.625051][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 277.344721][ T9891] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1595'.
[ 277.609344][ T9899] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1601'.
[ 277.644908][ T9901] netlink: 'syz.1.1600': attribute type 1 has an invalid length.
[ 277.654660][ T9901] netlink: 322 bytes leftover after parsing attributes in process `syz.1.1600'.
[ 277.688053][ T9901] netlink: 'syz.1.1600': attribute type 1 has an invalid length.
[ 277.717201][ T9901] netlink: 322 bytes leftover after parsing attributes in process `syz.1.1600'.
[ 277.739059][ T9903] FAULT_INJECTION: forcing a failure.
[ 277.739059][ T9903] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 277.781543][ T9903] CPU: 0 UID: 0 PID: 9903 Comm: syz.0.1602 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 277.781598][ T9903] Tainted: [U]=USER
[ 277.781609][ T9903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 277.781627][ T9903] Call Trace:
[ 277.781636][ T9903]
[ 277.781648][ T9903] dump_stack_lvl+0x16c/0x1f0
[ 277.781698][ T9903] should_fail_ex+0x512/0x640
[ 277.781752][ T9903] should_fail_alloc_page+0xe7/0x130
[ 277.781798][ T9903] prepare_alloc_pages+0x3c2/0x610
[ 277.781832][ T9903] __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 277.781880][ T9903] ? __up_read+0x1f8/0x750
[ 277.781916][ T9903] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 277.781988][ T9903] __folio_alloc_noprof+0x11/0x220
[ 277.782025][ T9903] alloc_migration_target+0x2bf/0x770
[ 277.782072][ T9903] migrate_pages_batch+0x3bc/0x31a0
[ 277.782121][ T9903] ? __pfx_alloc_migration_target+0x10/0x10
[ 277.782187][ T9903] ? __pfx_migrate_pages_batch+0x10/0x10
[ 277.782247][ T9903] migrate_pages_sync+0x12d/0x8a0
[ 277.782301][ T9903] ? __pfx_alloc_migration_target+0x10/0x10
[ 277.782356][ T9903] ? __pfx_migrate_pages_sync+0x10/0x10
[ 277.782397][ T9903] ? __pfx_queue_pages_test_walk+0x10/0x10
[ 277.782448][ T9903] ? walk_page_range_mm+0x269/0x8a0
[ 277.782493][ T9903] migrate_pages+0x1b67/0x23b0
[ 277.782551][ T9903] ? __pfx_alloc_migration_target+0x10/0x10
[ 277.782608][ T9903] ? __pfx_migrate_pages+0x10/0x10
[ 277.782657][ T9903] ? queue_pages_range+0x11e/0x180
[ 277.782703][ T9903] ? __pfx___up_read+0x10/0x10
[ 277.782740][ T9903] ? do_migrate_pages+0x458/0x750
[ 277.782786][ T9903] do_migrate_pages+0x48e/0x750
[ 277.782841][ T9903] ? __pfx_do_migrate_pages+0x10/0x10
[ 277.782886][ T9903] ? rcu_is_watching+0x12/0xc0
[ 277.782935][ T9903] ? cap_capable+0xb3/0x250
[ 277.782964][ T9903] ? get_task_mm+0xc2/0xf0
[ 277.783006][ T9903] ? security_capable+0x250/0x260
[ 277.783040][ T9903] kernel_migrate_pages+0x5b0/0x750
[ 277.783080][ T9903] ? __pfx_kernel_migrate_pages+0x10/0x10
[ 277.783121][ T9903] ? __pfx_do_writev+0x10/0x10
[ 277.783170][ T9903] __x64_sys_migrate_pages+0x96/0x100
[ 277.783212][ T9903] ? lockdep_hardirqs_on+0x7c/0x110
[ 277.783248][ T9903] do_syscall_64+0xcd/0x490
[ 277.783290][ T9903] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 277.783318][ T9903] RIP: 0033:0x7f69a118e969
[ 277.783343][ T9903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 277.783369][ T9903] RSP: 002b:00007f69a1f26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000100
[ 277.783398][ T9903] RAX: ffffffffffffffda RBX: 00007f69a13b5fa0 RCX: 00007f69a118e969
[ 277.783417][ T9903] RDX: 0000200000000100 RSI: 000000000000000a RDI: 0000000000000000
[ 277.783434][ T9903] RBP: 00007f69a1210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 277.783450][ T9903] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000
[ 277.783468][ T9903] R13: 0000000000000000 R14: 00007f69a13b5fa0 R15: 00007fffd9930ef8
[ 277.783503][ T9903]
[ 277.784691][ T9905] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1603'.
[ 278.429656][ T9918] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1616'.
[ 278.536271][ T5835] Bluetooth: hci0: command tx timeout
[ 279.594865][ T5835] Bluetooth: hci0: unexpected event 0x03 length: 725 > 11
[ 280.983091][ T9973] netlink: 130 bytes leftover after parsing attributes in process `syz.2.1630'.
[ 282.024134][ T9999] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1640'.
[ 282.778644][T10020] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1648'.
[ 283.443514][T10037] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1654'.
[ 283.583407][T10039] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1655'.
[ 284.390853][T10060] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1663'.
[ 284.431491][T10060] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1663'.
[ 286.225078][T10092] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1673'.
[ 288.018014][T10134] netlink: 74 bytes leftover after parsing attributes in process `syz.0.1685'.
[ 289.306230][T10147] FAULT_INJECTION: forcing a failure.
[ 289.306230][T10147] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 289.334689][T10147] CPU: 1 UID: 0 PID: 10147 Comm: syz.0.1690 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 289.334745][T10147] Tainted: [U]=USER
[ 289.334754][T10147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 289.334772][T10147] Call Trace:
[ 289.334782][T10147]
[ 289.334795][T10147] dump_stack_lvl+0x16c/0x1f0
[ 289.334841][T10147] should_fail_ex+0x512/0x640
[ 289.334895][T10147] core_sys_select+0x949/0xc10
[ 289.334943][T10147] ? __pfx_core_sys_select+0x10/0x10
[ 289.335019][T10147] ? set_user_sigmask+0x21b/0x2b0
[ 289.335070][T10147] ? __pfx_set_user_sigmask+0x10/0x10
[ 289.335107][T10147] ? find_held_lock+0x2b/0x80
[ 289.335157][T10147] do_pselect.constprop.0+0x19f/0x1e0
[ 289.335196][T10147] ? __pfx_do_pselect.constprop.0+0x10/0x10
[ 289.335242][T10147] ? __x64_sys_futex+0x1e0/0x4c0
[ 289.335278][T10147] __x64_sys_pselect6+0x182/0x240
[ 289.335314][T10147] ? __pfx___x64_sys_pselect6+0x10/0x10
[ 289.335363][T10147] do_syscall_64+0xcd/0x490
[ 289.335408][T10147] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 289.335438][T10147] RIP: 0033:0x7f69a118e969
[ 289.335463][T10147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 289.335491][T10147] RSP: 002b:00007f69a1f26038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 289.335521][T10147] RAX: ffffffffffffffda RBX: 00007f69a13b5fa0 RCX: 00007f69a118e969
[ 289.335541][T10147] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000009
[ 289.335559][T10147] RBP: 00007f69a1210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 289.335576][T10147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 289.335594][T10147] R13: 0000000000000000 R14: 00007f69a13b5fa0 R15: 00007fffd9930ef8
[ 289.335634][T10147]
[ 289.686512][T10155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1694'.
[ 289.793440][T10159] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1698'.
[ 290.191941][T10171] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1703'.
[ 290.500111][T10182] netlink: 'syz.2.1706': attribute type 15 has an invalid length.
[ 290.508457][T10182] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1706'.
[ 290.723030][T10186] netlink: 'syz.2.1708': attribute type 13 has an invalid length.
[ 291.300253][T10205] netlink: 'syz.0.1718': attribute type 27 has an invalid length.
[ 291.308938][T10205] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1718'.
[ 293.041534][T10252] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1738'.
[ 293.319809][T10252] bond0: (slave bond_slave_1): Releasing backup interface
[ 293.803490][T10264] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1748'.
[ 294.888659][T10290] openvswitch: netlink: Unknown nsh attribute 0
[ 298.968492][T10369] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1781'.
[ 299.625752][T10381] syz.2.1786 (10381): /proc/10379/oom_adj is deprecated, please use /proc/10379/oom_score_adj instead.
[ 299.971154][T10386] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1789'.
[ 299.982984][T10387] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1788'.
[ 300.356612][T10395] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1793'.
[ 300.464153][T10387] bond0: (slave bond_slave_1): Releasing backup interface
[ 301.206606][T10410] netlink: 206 bytes leftover after parsing attributes in process `syz.3.1797'.
[ 302.840887][T10430] netlink: 'syz.0.1803': attribute type 21 has an invalid length.
[ 302.869096][T10430] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1803'.
[ 303.695557][T10443] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1810'.
[ 304.475001][T10459] netlink: 'syz.0.1818': attribute type 2 has an invalid length.
[ 304.494207][T10459] netlink: 'syz.0.1818': attribute type 2 has an invalid length.
[ 306.862158][T10487] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1827'.
[ 307.342880][T10491] netlink: 'syz.3.1830': attribute type 19 has an invalid length.
[ 307.389376][T10491] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1830'.
[ 308.216041][T10519] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1841'.
[ 308.358666][T10519] bond0: (slave bond_slave_1): Releasing backup interface
[ 310.397093][T10549] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1855'.
[ 310.611123][T10549] bond0: (slave bond_slave_1): Releasing backup interface
[ 310.710405][T10553] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1856'.
[ 311.217416][T10563] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1859'.
[ 311.594836][T10565] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 311.878548][T10578] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1866'.
[ 312.458749][T10588] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1870'.
[ 312.590632][T10588] vcan0: entered promiscuous mode
[ 313.328023][T10603] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1876'.
[ 313.346516][T10603] hsr0: entered allmulticast mode
[ 313.351815][T10603] hsr_slave_0: entered allmulticast mode
[ 313.360153][T10603] hsr_slave_1: entered allmulticast mode
[ 313.865511][T10618] netlink: 350 bytes leftover after parsing attributes in process `syz.2.1884'.
[ 314.163373][T10625] netlink: 130 bytes leftover after parsing attributes in process `syz.2.1887'.
[ 315.040042][T10643] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1894'.
[ 316.642351][T10678] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1908'.
[ 318.201787][T10708] GUP no longer grows the stack in syz.2.1921 (10708): 14000-401000 (4000)
[ 318.255787][T10708] CPU: 0 UID: 0 PID: 10708 Comm: syz.2.1921 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 318.255837][T10708] Tainted: [U]=USER
[ 318.255847][T10708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 318.255864][T10708] Call Trace:
[ 318.255874][T10708]
[ 318.255886][T10708] dump_stack_lvl+0x16c/0x1f0
[ 318.255933][T10708] gup_vma_lookup+0x1d2/0x220
[ 318.255981][T10708] __get_user_pages+0x271/0x3b80
[ 318.256043][T10708] ? process_vm_rw_core.constprop.0+0x1d8/0x9a0
[ 318.256086][T10708] ? kasan_save_stack+0x42/0x60
[ 318.256123][T10708] ? __pfx___get_user_pages+0x10/0x10
[ 318.256170][T10708] ? register_lock_class+0x41/0x4c0
[ 318.256201][T10708] ? __x64_sys_process_vm_readv+0xe2/0x1c0
[ 318.256240][T10708] ? do_syscall_64+0xcd/0x490
[ 318.256302][T10708] __gup_longterm_locked+0x20d/0x1850
[ 318.256334][T10708] ? __lock_acquire+0xb8a/0x1c90
[ 318.256373][T10708] ? __pfx___gup_longterm_locked+0x10/0x10
[ 318.256425][T10708] pin_user_pages_remote+0xed/0x140
[ 318.256458][T10708] ? __pfx_pin_user_pages_remote+0x10/0x10
[ 318.256486][T10708] ? mm_access+0x22d/0x2e0
[ 318.256529][T10708] process_vm_rw_core.constprop.0+0x41b/0x9a0
[ 318.256595][T10708] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[ 318.256642][T10708] ? iovec_from_user+0xbb/0x140
[ 318.256695][T10708] ? iovec_from_user+0xbb/0x140
[ 318.256730][T10708] process_vm_rw+0x216/0x2c0
[ 318.256776][T10708] ? __pfx_process_vm_rw+0x10/0x10
[ 318.256834][T10708] ? task_mm_cid_work+0x6b9/0x910
[ 318.256916][T10708] ? xfd_validate_state+0x61/0x180
[ 318.256944][T10708] ? __task_pid_nr_ns+0x17c/0x500
[ 318.256978][T10708] __x64_sys_process_vm_readv+0xe2/0x1c0
[ 318.257022][T10708] ? do_syscall_64+0x91/0x490
[ 318.257061][T10708] ? lockdep_hardirqs_on+0x7c/0x110
[ 318.257096][T10708] do_syscall_64+0xcd/0x490
[ 318.257138][T10708] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 318.257167][T10708] RIP: 0033:0x7f838ab8e969
[ 318.257191][T10708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 318.257218][T10708] RSP: 002b:00007f838b922038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[ 318.257247][T10708] RAX: ffffffffffffffda RBX: 00007f838adb5fa0 RCX: 00007f838ab8e969
[ 318.257267][T10708] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 000000000000045d
[ 318.257293][T10708] RBP: 00007f838ac10ab1 R08: 0000000000000003 R09: 0000000000000000
[ 318.257310][T10708] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[ 318.257327][T10708] R13: 0000000000000000 R14: 00007f838adb5fa0 R15: 00007ffdf8ccb888
[ 318.257368][T10708]
[ 319.106890][T10730] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1930'.
[ 321.641161][T10798] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1958'.
[ 322.544134][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 322.562561][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 325.434314][T10882] cifs: Unknown parameter 'no�+ 1§�• Ö`Ñørê�sFn)�È�øaõH†šÄ¿¡h`àØÝë9k¤�A}€žŠ�1\D@�‹Ç.ÁäZÔC�g^��‚'
[ 326.221024][T10895] netlink: 'syz.0.1992': attribute type 16 has an invalid length.
[ 326.273007][T10895] netlink: 322 bytes leftover after parsing attributes in process `syz.0.1992'.
[ 329.348238][T10966] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2022'.
[ 329.663983][T10973] cifs: Unknown parameter 'no�+ 1§�• Ö`Ñørê�sFn)�È�øaõH†šÄ¿¡h`àØÝë9k¤�A}€žŠ�1\D@�‹Ç.ÁäZÔC�g^��‚'
[ 332.241236][T11037] FAULT_INJECTION: forcing a failure.
[ 332.241236][T11037] name failslab, interval 1, probability 0, space 0, times 0
[ 332.259989][T11037] CPU: 1 UID: 0 PID: 11037 Comm: syz.2.2052 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 332.260042][T11037] Tainted: [U]=USER
[ 332.260053][T11037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 332.260082][T11037] Call Trace:
[ 332.260093][T11037]
[ 332.260104][T11037] dump_stack_lvl+0x16c/0x1f0
[ 332.260153][T11037] should_fail_ex+0x512/0x640
[ 332.260209][T11037] ? __kmalloc_noprof+0xbf/0x510
[ 332.260253][T11037] ? snd_midi_event_new+0xa1/0x210
[ 332.260296][T11037] should_failslab+0xc2/0x120
[ 332.260337][T11037] __kmalloc_noprof+0xd2/0x510
[ 332.260384][T11037] snd_midi_event_new+0xa1/0x210
[ 332.260429][T11037] snd_virmidi_output_open+0x106/0x670
[ 332.260483][T11037] open_substream+0x478/0x9b0
[ 332.260520][T11037] rawmidi_open_priv+0x543/0x6e0
[ 332.260563][T11037] snd_rawmidi_open+0x4cc/0xbf0
[ 332.260607][T11037] ? __pfx_snd_rawmidi_open+0x10/0x10
[ 332.260647][T11037] ? __pfx_default_wake_function+0x10/0x10
[ 332.260695][T11037] ? do_raw_spin_lock+0x12c/0x2b0
[ 332.260737][T11037] ? __pfx_snd_rawmidi_open+0x10/0x10
[ 332.260774][T11037] snd_open+0x201/0x450
[ 332.260820][T11037] ? __pfx_snd_open+0x10/0x10
[ 332.260865][T11037] chrdev_open+0x234/0x6a0
[ 332.260907][T11037] ? __pfx_chrdev_open+0x10/0x10
[ 332.260950][T11037] ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 332.260994][T11037] do_dentry_open+0x741/0x1c10
[ 332.261033][T11037] ? __pfx_chrdev_open+0x10/0x10
[ 332.261089][T11037] vfs_open+0x82/0x3f0
[ 332.261143][T11037] path_openat+0x1de4/0x2cb0
[ 332.261195][T11037] ? __pfx_path_openat+0x10/0x10
[ 332.261234][T11037] ? __lock_acquire+0xb8a/0x1c90
[ 332.261271][T11037] do_filp_open+0x20b/0x470
[ 332.261309][T11037] ? __pfx_do_filp_open+0x10/0x10
[ 332.261377][T11037] ? alloc_fd+0x471/0x7d0
[ 332.261424][T11037] do_sys_openat2+0x11b/0x1d0
[ 332.261452][T11037] ? __pfx_do_sys_openat2+0x10/0x10
[ 332.261515][T11037] __x64_sys_openat+0x174/0x210
[ 332.261544][T11037] ? __pfx___x64_sys_openat+0x10/0x10
[ 332.261590][T11037] do_syscall_64+0xcd/0x490
[ 332.261636][T11037] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 332.261665][T11037] RIP: 0033:0x7f838ab8e969
[ 332.261691][T11037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 332.261719][T11037] RSP: 002b:00007f838b922038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 332.261748][T11037] RAX: ffffffffffffffda RBX: 00007f838adb5fa0 RCX: 00007f838ab8e969
[ 332.261768][T11037] RDX: 0000000000000001 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 332.261787][T11037] RBP: 00007f838ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 332.261804][T11037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 332.261822][T11037] R13: 0000000000000000 R14: 00007f838adb5fa0 R15: 00007ffdf8ccb888
[ 332.261865][T11037]
[ 333.104243][T11049] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2057'.
[ 334.736459][T11053] kexec: Could not allocate control_code_buffer
[ 335.011105][T11068] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2062'.
[ 335.029194][T11068] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2062'.
[ 336.719909][T11116] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 338.105643][T11150] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2095'.
[ 338.233526][T11154] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2097'.
[ 338.266020][T11154] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2097'.
[ 339.213751][T11174] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2105'.
[ 339.908903][T11185] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2110'.
[ 340.030634][T11160] kexec: Could not allocate control_code_buffer
[ 342.532488][T11234] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2129'.
[ 342.558652][ T5835] Bluetooth: hci3: ACL packet for unknown connection handle 0
[ 344.158498][T11267] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[ 345.254443][ T5835] Bluetooth: hci0: ACL packet for unknown connection handle 0
[ 346.332634][T11309] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2160'.
[ 346.819696][T11322] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2166'.
[ 346.833667][T11322] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2166'.
[ 348.401082][T11354] sctp: [Deprecated]: syz.2.2179 (pid 11354) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 348.401082][T11354] Use struct sctp_sack_info instead
[ 348.574922][T11361] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2182'.
[ 349.324222][T11379] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2188'.
[ 351.511494][ T5835] Bluetooth: hci2: ACL packet for unknown connection handle 0
[ 351.552083][T11454] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2215'.
[ 352.863887][T11487] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2225'.
[ 352.930785][T11489] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2226'.
[ 353.245181][T11500] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2230'.
[ 353.865505][T11510] sctp: [Deprecated]: syz.1.2233 (pid 11510) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 353.865505][T11510] Use struct sctp_sack_info instead
[ 354.184891][T11529] ubi0: attaching mtd0
[ 354.209268][T11529] ubi0: scanning is finished
[ 354.237551][T11529] ubi0: empty MTD device detected
[ 354.458782][T11529] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 354.477885][T11529] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 354.516954][T11529] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 354.542576][ T5836] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #2: comm udevd: No space for directory leaf checksum. Please run e2fsck -D.
[ 354.557967][T11529] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[ 354.585846][T11529] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 354.595922][ T5836] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #2: comm udevd: checksumming directory block 0
[ 354.607782][T11529] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 354.627814][T11529] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3729870621
[ 354.647326][ T5836] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #2: comm udevd: No space for directory leaf checksum. Please run e2fsck -D.
[ 354.665799][T11529] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 354.705548][ T5836] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #2: comm udevd: checksumming directory block 0
[ 354.711102][T11535] ubi0: background thread "ubi_bgt0d" started, PID 11535
[ 354.728477][T11532] ubi0: detaching mtd0
[ 354.798040][T11532] ubi0: mtd0 is detached
[ 357.392098][T11605] netlink: 'syz.1.2274': attribute type 8 has an invalid length.
[ 358.949678][T11640] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2287'.
[ 359.407771][T11643] lo: entered allmulticast mode
[ 359.488172][T11647] lo: left allmulticast mode
[ 362.136546][T11689] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2306'.
[ 363.537194][T11713] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2315'.
[ 363.622852][T11716] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2317'.
[ 364.612312][T11730] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2323'.
[ 365.056723][T11734] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2326'.
[ 365.167067][T11738] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2327'.
[ 367.106978][T11778] tc_dump_action: action bad kind
[ 367.611079][T11793] netlink: 'syz.3.2351': attribute type 3 has an invalid length.
[ 369.009696][T11829] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2366'.
[ 369.660217][T11848] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2372'.
[ 370.299779][T11873] netlink: 130 bytes leftover after parsing attributes in process `syz.2.2382'.
[ 370.594728][T11881] FAULT_INJECTION: forcing a failure.
[ 370.594728][T11881] name failslab, interval 1, probability 0, space 0, times 0
[ 370.621888][T11881] CPU: 0 UID: 0 PID: 11881 Comm: syz.0.2386 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 370.621940][T11881] Tainted: [U]=USER
[ 370.621956][T11881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 370.621974][T11881] Call Trace:
[ 370.621983][T11881]
[ 370.621995][T11881] dump_stack_lvl+0x16c/0x1f0
[ 370.622043][T11881] should_fail_ex+0x512/0x640
[ 370.622089][T11881] ? fs_reclaim_acquire+0xae/0x150
[ 370.622124][T11881] should_failslab+0xc2/0x120
[ 370.622168][T11881] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 370.622217][T11881] ? security_inode_alloc+0x3b/0x2b0
[ 370.622259][T11881] security_inode_alloc+0x3b/0x2b0
[ 370.622296][T11881] inode_init_always_gfp+0xce4/0x1030
[ 370.622337][T11881] alloc_inode+0x86/0x240
[ 370.622380][T11881] path_from_stashed+0x2be/0xb00
[ 370.622418][T11881] ? do_raw_spin_lock+0x12c/0x2b0
[ 370.622457][T11881] ? __pfx_path_from_stashed+0x10/0x10
[ 370.622494][T11881] ? do_raw_spin_unlock+0x172/0x230
[ 370.622539][T11881] ns_get_path+0x5f/0x80
[ 370.622573][T11881] proc_ns_get_link+0x121/0x260
[ 370.622610][T11881] ? __pfx_proc_ns_get_link+0x10/0x10
[ 370.622649][T11881] ? atime_needs_update+0x8b/0x710
[ 370.622696][T11881] ? __pfx_proc_ns_get_link+0x10/0x10
[ 370.622729][T11881] step_into+0x1a2c/0x2270
[ 370.622769][T11881] ? __pfx_step_into+0x10/0x10
[ 370.622797][T11881] ? find_held_lock+0x2b/0x80
[ 370.622849][T11881] path_openat+0x6db/0x2cb0
[ 370.622897][T11881] ? __pfx_path_openat+0x10/0x10
[ 370.622937][T11881] ? __lock_acquire+0xb8a/0x1c90
[ 370.622971][T11881] do_filp_open+0x20b/0x470
[ 370.623010][T11881] ? __pfx_do_filp_open+0x10/0x10
[ 370.623076][T11881] ? alloc_fd+0x471/0x7d0
[ 370.623121][T11881] do_sys_openat2+0x11b/0x1d0
[ 370.623149][T11881] ? __pfx_do_sys_openat2+0x10/0x10
[ 370.623221][T11881] __x64_sys_openat+0x174/0x210
[ 370.623250][T11881] ? __pfx___x64_sys_openat+0x10/0x10
[ 370.623296][T11881] do_syscall_64+0xcd/0x490
[ 370.623343][T11881] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 370.623373][T11881] RIP: 0033:0x7f69a118d2d0
[ 370.623398][T11881] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 370.623427][T11881] RSP: 002b:00007f69a1f25f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 370.623456][T11881] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f69a118d2d0
[ 370.623475][T11881] RDX: 0000000000000002 RSI: 00007f69a1f25fa0 RDI: 00000000ffffff9c
[ 370.623493][T11881] RBP: 00007f69a1f25fa0 R08: 0000000000000000 R09: 0000000000000000
[ 370.623511][T11881] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 370.623528][T11881] R13: 0000000000000000 R14: 00007f69a13b5fa0 R15: 00007fffd9930ef8
[ 370.623567][T11881]
[ 371.048881][T11889] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2391'.
[ 371.878549][T11911] FAULT_INJECTION: forcing a failure.
[ 371.878549][T11911] name failslab, interval 1, probability 0, space 0, times 0
[ 371.901681][T11911] CPU: 0 UID: 0 PID: 11911 Comm: syz.2.2399 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 371.901734][T11911] Tainted: [U]=USER
[ 371.901745][T11911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 371.901762][T11911] Call Trace:
[ 371.901772][T11911]
[ 371.901784][T11911] dump_stack_lvl+0x16c/0x1f0
[ 371.901831][T11911] should_fail_ex+0x512/0x640
[ 371.901878][T11911] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 371.901916][T11911] ? __pfx_blk_mq_debugfs_open+0x10/0x10
[ 371.901962][T11911] should_failslab+0xc2/0x120
[ 371.902005][T11911] __kmalloc_cache_noprof+0x6a/0x3e0
[ 371.902039][T11911] ? single_open+0x4d/0x1f0
[ 371.902088][T11911] ? __pfx_blk_mq_debugfs_open+0x10/0x10
[ 371.902125][T11911] ? __pfx_blk_mq_debugfs_show+0x10/0x10
[ 371.902159][T11911] single_open+0x4d/0x1f0
[ 371.902204][T11911] blk_mq_debugfs_open+0x14a/0x250
[ 371.902246][T11911] full_proxy_open_regular+0x1b6/0x360
[ 371.902299][T11911] do_dentry_open+0x741/0x1c10
[ 371.902338][T11911] ? __pfx_full_proxy_open_regular+0x10/0x10
[ 371.902394][T11911] vfs_open+0x82/0x3f0
[ 371.902447][T11911] path_openat+0x1de4/0x2cb0
[ 371.902498][T11911] ? __pfx_path_openat+0x10/0x10
[ 371.902537][T11911] ? __lock_acquire+0xb8a/0x1c90
[ 371.902575][T11911] do_filp_open+0x20b/0x470
[ 371.902613][T11911] ? __pfx_do_filp_open+0x10/0x10
[ 371.902680][T11911] ? alloc_fd+0x471/0x7d0
[ 371.902726][T11911] do_sys_openat2+0x11b/0x1d0
[ 371.902753][T11911] ? __pfx_do_sys_openat2+0x10/0x10
[ 371.902816][T11911] __x64_sys_openat+0x174/0x210
[ 371.902845][T11911] ? __pfx___x64_sys_openat+0x10/0x10
[ 371.902889][T11911] do_syscall_64+0xcd/0x490
[ 371.902934][T11911] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 371.902971][T11911] RIP: 0033:0x7f838ab8e969
[ 371.902995][T11911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 371.903023][T11911] RSP: 002b:00007f838b922038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 371.903051][T11911] RAX: ffffffffffffffda RBX: 00007f838adb5fa0 RCX: 00007f838ab8e969
[ 371.903070][T11911] RDX: 0000000000000001 RSI: 0000200000000280 RDI: ffffffffffffff9c
[ 371.903088][T11911] RBP: 00007f838ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 371.903105][T11911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 371.903123][T11911] R13: 0000000000000000 R14: 00007f838adb5fa0 R15: 00007ffdf8ccb888
[ 371.903162][T11911]
[ 372.546171][T11925] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2405'.
[ 372.850037][T11939] netlink: 74 bytes leftover after parsing attributes in process `syz.3.2409'.
[ 372.992722][T11943] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2414'.
[ 373.023485][T11943] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 373.063183][T11943] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 373.109011][T11943] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 373.140505][T11943] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 374.276856][T11976] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2427'.
[ 374.479131][T11978] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2428'.
[ 374.705914][T11986] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2432'.
[ 375.632853][T12012] netlink: 'syz.2.2444': attribute type 11 has an invalid length.
[ 376.123370][T12027] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2451'.
[ 377.398548][ T5835] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[ 377.398608][ T5835] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[ 377.425575][ T5835] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[ 377.425695][ T5835] Bluetooth: hci3: adv larger than maximum supported
[ 377.433224][ T5835] Bluetooth: hci3: adv larger than maximum supported
[ 377.441431][ T5835] Bluetooth: hci3: adv larger than maximum supported
[ 377.448303][ T5835] Bluetooth: hci3: Malformed LE Event: 0x0d
[ 377.693792][T12064] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2465'.
[ 378.707318][T12094] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2477'.
[ 379.311934][T12105] openvswitch: netlink: IP tunnel dst address not specified
[ 379.330717][T12105] openvswitch: netlink: IP tunnel dst address not specified
[ 382.157409][T12177] lo: entered promiscuous mode
[ 382.177597][T12177] lo: left promiscuous mode
[ 382.953137][T12204] FAULT_INJECTION: forcing a failure.
[ 382.953137][T12204] name failslab, interval 1, probability 0, space 0, times 0
[ 382.997197][T12204] CPU: 0 UID: 0 PID: 12204 Comm: syz.1.2524 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 382.997249][T12204] Tainted: [U]=USER
[ 382.997259][T12204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 382.997276][T12204] Call Trace:
[ 382.997286][T12204]
[ 382.997298][T12204] dump_stack_lvl+0x16c/0x1f0
[ 382.997345][T12204] should_fail_ex+0x512/0x640
[ 382.997398][T12204] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 382.997437][T12204] should_failslab+0xc2/0x120
[ 382.997479][T12204] __kmalloc_cache_noprof+0x6a/0x3e0
[ 382.997515][T12204] ? pty_common_install+0x10e/0xb30
[ 382.997564][T12204] pty_common_install+0x10e/0xb30
[ 382.997613][T12204] ? __pfx_pty_install+0x10/0x10
[ 382.997657][T12204] tty_init_dev.part.0+0x99/0x500
[ 382.997693][T12204] tty_open+0xa50/0xf90
[ 382.997733][T12204] ? __pfx_tty_open+0x10/0x10
[ 382.997764][T12204] ? chrdev_open+0x58c/0x6a0
[ 382.997809][T12204] ? __pfx_tty_open+0x10/0x10
[ 382.997838][T12204] chrdev_open+0x234/0x6a0
[ 382.997878][T12204] ? __pfx_chrdev_open+0x10/0x10
[ 382.997920][T12204] ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 382.997972][T12204] do_dentry_open+0x741/0x1c10
[ 382.998012][T12204] ? __pfx_chrdev_open+0x10/0x10
[ 382.998062][T12204] vfs_open+0x82/0x3f0
[ 382.998116][T12204] path_openat+0x1de4/0x2cb0
[ 382.998170][T12204] ? __pfx_path_openat+0x10/0x10
[ 382.998208][T12204] ? __lock_acquire+0xb8a/0x1c90
[ 382.998246][T12204] do_filp_open+0x20b/0x470
[ 382.998285][T12204] ? __pfx_do_filp_open+0x10/0x10
[ 382.998355][T12204] ? alloc_fd+0x471/0x7d0
[ 382.998402][T12204] do_sys_openat2+0x11b/0x1d0
[ 382.998429][T12204] ? __pfx_do_sys_openat2+0x10/0x10
[ 382.998492][T12204] __x64_sys_openat+0x174/0x210
[ 382.998520][T12204] ? __pfx___x64_sys_openat+0x10/0x10
[ 382.998567][T12204] do_syscall_64+0xcd/0x490
[ 382.998611][T12204] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 382.998642][T12204] RIP: 0033:0x7f3e2d38e969
[ 382.998667][T12204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 382.998696][T12204] RSP: 002b:00007f3e2e1b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 382.998721][T12204] RAX: ffffffffffffffda RBX: 00007f3e2d5b5fa0 RCX: 00007f3e2d38e969
[ 382.998740][T12204] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 382.998758][T12204] RBP: 00007f3e2d410ab1 R08: 0000000000000000 R09: 0000000000000000
[ 382.998775][T12204] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[ 382.998792][T12204] R13: 0000000000000000 R14: 00007f3e2d5b5fa0 R15: 00007fff480d5028
[ 382.998833][T12204]
[ 383.981014][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 383.993116][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 384.366456][T12242] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2532'.
[ 384.825970][T12252] netlink: 'syz.1.2540': attribute type 35 has an invalid length.
[ 384.879806][T12253] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2539'.
[ 385.473876][T12280] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2548'.
[ 385.582505][T12283] netlink: 'syz.3.2549': attribute type 3 has an invalid length.
[ 388.496955][T12354] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2568'.
[ 388.822895][T12361] FAULT_INJECTION: forcing a failure.
[ 388.822895][T12361] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 388.874793][T12361] CPU: 0 UID: 0 PID: 12361 Comm: syz.2.2571 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 388.874849][T12361] Tainted: [U]=USER
[ 388.874859][T12361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 388.874876][T12361] Call Trace:
[ 388.874886][T12361]
[ 388.874898][T12361] dump_stack_lvl+0x16c/0x1f0
[ 388.874945][T12361] should_fail_ex+0x512/0x640
[ 388.875000][T12361] _copy_to_iter+0x29f/0x16f0
[ 388.875038][T12361] ? chacha_block_generic+0x211/0x330
[ 388.875101][T12361] ? __pfx__copy_to_iter+0x10/0x10
[ 388.875142][T12361] ? __pfx___might_resched+0x10/0x10
[ 388.875193][T12361] ? crng_make_state+0x48e/0x6d0
[ 388.875235][T12361] get_random_bytes_user+0x17f/0x3c0
[ 388.875274][T12361] ? __pfx_get_random_bytes_user+0x10/0x10
[ 388.875313][T12361] ? do_writev+0x218/0x340
[ 388.875356][T12361] ? do_futex+0x122/0x350
[ 388.875395][T12361] ? import_ubuf+0x1b6/0x220
[ 388.875426][T12361] __x64_sys_getrandom+0x183/0x290
[ 388.875464][T12361] ? __pfx___x64_sys_getrandom+0x10/0x10
[ 388.875526][T12361] do_syscall_64+0xcd/0x490
[ 388.875570][T12361] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 388.875600][T12361] RIP: 0033:0x7f838ab8e969
[ 388.875626][T12361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 388.875652][T12361] RSP: 002b:00007f838b922038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e
[ 388.875680][T12361] RAX: ffffffffffffffda RBX: 00007f838adb5fa0 RCX: 00007f838ab8e969
[ 388.875698][T12361] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000
[ 388.875715][T12361] RBP: 00007f838ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 388.875730][T12361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 388.875746][T12361] R13: 0000000000000000 R14: 00007f838adb5fa0 R15: 00007ffdf8ccb888
[ 388.875786][T12361]
[ 390.914474][T12415] netlink: 26 bytes leftover after parsing attributes in process `syz.3.2592'.
[ 390.949591][T12415] openvswitch: netlink: IP tunnel dst address not specified
[ 391.145956][ T5835] Bluetooth: hci2: Malformed LE Event: 0x1b
[ 392.902940][T12451] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2607'.
[ 393.667232][T12468] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2613'.
[ 393.943170][T12472] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2614'.
[ 394.443771][T12478] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2624'.
[ 394.790916][T12480] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2618'.
[ 395.042570][T12485] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2620'.
[ 395.258374][T12488] netlink: 'syz.1.2621': attribute type 64 has an invalid length.
[ 395.318383][T12488] netlink: 74 bytes leftover after parsing attributes in process `syz.1.2621'.
[ 395.829694][T12495] size and base must be multiples of 4 kiB
[ 395.855768][T12495] CPU: 0 UID: 0 PID: 12495 Comm: syz.2.2626 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 395.855820][T12495] Tainted: [U]=USER
[ 395.855830][T12495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 395.855847][T12495] Call Trace:
[ 395.855857][T12495]
[ 395.855869][T12495] dump_stack_lvl+0x16c/0x1f0
[ 395.855914][T12495] mtrr_add+0xdf/0x110
[ 395.855943][T12495] mtrr_ioctl+0x7ef/0xcf0
[ 395.855971][T12495] ? __pfx_mtrr_ioctl+0x10/0x10
[ 395.856009][T12495] ? find_held_lock+0x2b/0x80
[ 395.856063][T12495] ? __fget_files+0x20e/0x3c0
[ 395.856099][T12495] ? __pfx_mtrr_ioctl+0x10/0x10
[ 395.856129][T12495] proc_reg_unlocked_ioctl+0x226/0x320
[ 395.856169][T12495] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10
[ 395.856228][T12495] __x64_sys_ioctl+0x18b/0x210
[ 395.856261][T12495] do_syscall_64+0xcd/0x490
[ 395.856306][T12495] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 395.856335][T12495] RIP: 0033:0x7f838ab8e969
[ 395.856360][T12495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 395.856388][T12495] RSP: 002b:00007f838b922038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 395.856416][T12495] RAX: ffffffffffffffda RBX: 00007f838adb5fa0 RCX: 00007f838ab8e969
[ 395.856435][T12495] RDX: 0000000000000003 RSI: 00000000400c4d01 RDI: 0000000000000003
[ 395.856452][T12495] RBP: 00007f838ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 395.856469][T12495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 395.856486][T12495] R13: 0000000000000000 R14: 00007f838adb5fa0 R15: 00007ffdf8ccb888
[ 395.856525][T12495]
[ 396.117702][ T5152] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[ 396.117745][ T5152] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[ 396.133037][ T5152] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[ 396.133075][ T5152] Bluetooth: hci2: adv larger than maximum supported
[ 396.141923][ T5152] Bluetooth: hci2: Malformed LE Event: 0x0d
[ 396.232662][T12508] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2630'.
[ 396.298362][ T5152] Bluetooth: hci0: command 0x0406 tx timeout
[ 397.696351][T12539] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2642'.
[ 398.101867][T12543] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2644'.
[ 399.727019][T12565] Process accounting resumed
[ 400.540185][T12590] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2662'.
[ 402.123188][T12641] netlink: 'syz.3.2678': attribute type 1 has an invalid length.
[ 402.972889][T12657] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2681'.
[ 404.474331][T12685] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2689'.
[ 404.888884][T12692] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2692'.
[ 405.945977][T12717] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2700'.
[ 406.571273][T12734] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2710'.
[ 406.818603][T12741] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2713'.
[ 407.321650][T12756] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2718'.
[ 407.972862][T12770] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2724'.
[ 408.229641][T12773] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2725'.
[ 408.548641][T12785] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2730'.
[ 408.578600][T12785] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2730'.
[ 408.820990][T12787] Device name cannot be null; rc = [-22]
[ 408.990978][T12795] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2734'.
[ 410.857671][T12843] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2753'.
[ 411.723179][T12876] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2768'.
[ 411.753887][T12876] netlink: 354 bytes leftover after parsing attributes in process `syz.3.2768'.
[ 411.907718][T12867] program syz.1.2764 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 412.040731][T12882] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2770'.
[ 412.842851][T12904] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2779'.
[ 413.084288][T12904] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[ 413.208067][T12907] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2780'.
[ 413.252046][T12907] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2780'.
[ 414.897485][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[ 414.907651][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[ 415.078891][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[ 415.517992][T12972] sd 0:0:1:0: device reset
[ 416.451263][T12994] FAULT_INJECTION: forcing a failure.
[ 416.451263][T12994] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 416.515036][T12994] CPU: 0 UID: 0 PID: 12994 Comm: syz.0.2815 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 416.515093][T12994] Tainted: [U]=USER
[ 416.515113][T12994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 416.515131][T12994] Call Trace:
[ 416.515142][T12994]
[ 416.515154][T12994] dump_stack_lvl+0x16c/0x1f0
[ 416.515204][T12994] should_fail_ex+0x512/0x640
[ 416.515259][T12994] should_fail_alloc_page+0xe7/0x130
[ 416.515308][T12994] prepare_alloc_pages+0x3c2/0x610
[ 416.515339][T12994] ? rcu_is_watching+0x12/0xc0
[ 416.515388][T12994] __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 416.515439][T12994] ? __lock_acquire+0x622/0x1c90
[ 416.515476][T12994] ? xas_create+0x1d7/0x1460
[ 416.515524][T12994] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 416.515570][T12994] ? lock_acquire+0x179/0x350
[ 416.515602][T12994] ? rcu_is_watching+0x12/0xc0
[ 416.515660][T12994] ? __lock_acquire+0x622/0x1c90
[ 416.515689][T12994] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 416.515727][T12994] ? policy_nodemask+0xea/0x4e0
[ 416.515773][T12994] alloc_pages_mpol+0x1fb/0x550
[ 416.515814][T12994] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 416.515856][T12994] ? filemap_get_entry+0x1a7/0x3b0
[ 416.515902][T12994] folio_alloc_noprof+0x20/0x2d0
[ 416.515947][T12994] filemap_alloc_folio_noprof+0x3a1/0x470
[ 416.515983][T12994] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[ 416.516030][T12994] __filemap_get_folio+0x5e1/0xc30
[ 416.516085][T12994] ioctx_alloc+0x761/0x2120
[ 416.516150][T12994] ? __pfx_ioctx_alloc+0x10/0x10
[ 416.516179][T12994] ? __might_fault+0x13b/0x190
[ 416.516228][T12994] __x64_sys_io_setup+0xc9/0x210
[ 416.516266][T12994] do_syscall_64+0xcd/0x490
[ 416.516310][T12994] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 416.516340][T12994] RIP: 0033:0x7f69a118e969
[ 416.516366][T12994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 416.516394][T12994] RSP: 002b:00007f69a1f26038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[ 416.516425][T12994] RAX: ffffffffffffffda RBX: 00007f69a13b5fa0 RCX: 00007f69a118e969
[ 416.516445][T12994] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000007ffe
[ 416.516464][T12994] RBP: 00007f69a1210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 416.516482][T12994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 416.516500][T12994] R13: 0000000000000000 R14: 00007f69a13b5fa0 R15: 00007fffd9930ef8
[ 416.516540][T12994]
[ 416.825078][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[ 418.070011][T13029] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2828'.
[ 418.465581][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[ 418.577640][T13046] FAULT_INJECTION: forcing a failure.
[ 418.577640][T13046] name failslab, interval 1, probability 0, space 0, times 0
[ 418.626453][T13046] CPU: 0 UID: 0 PID: 13046 Comm: syz.1.2836 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 418.626506][T13046] Tainted: [U]=USER
[ 418.626516][T13046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 418.626533][T13046] Call Trace:
[ 418.626543][T13046]
[ 418.626555][T13046] dump_stack_lvl+0x16c/0x1f0
[ 418.626602][T13046] should_fail_ex+0x512/0x640
[ 418.626649][T13046] ? __kmalloc_noprof+0xbf/0x510
[ 418.626690][T13046] ? ops_init+0x77/0x5f0
[ 418.626730][T13046] should_failslab+0xc2/0x120
[ 418.626774][T13046] __kmalloc_noprof+0xd2/0x510
[ 418.626812][T13046] ? __raw_spin_lock_init+0x3a/0x110
[ 418.626857][T13046] ops_init+0x77/0x5f0
[ 418.626904][T13046] setup_net+0x1ff/0x510
[ 418.626953][T13046] ? lockdep_init_map_type+0x5c/0x280
[ 418.626986][T13046] ? __pfx_setup_net+0x10/0x10
[ 418.627033][T13046] ? debug_mutex_init+0x37/0x70
[ 418.627079][T13046] copy_net_ns+0x2a6/0x5f0
[ 418.627110][T13046] create_new_namespaces+0x3ea/0xa90
[ 418.627166][T13046] unshare_nsproxy_namespaces+0xc0/0x1f0
[ 418.627214][T13046] ksys_unshare+0x45b/0xa40
[ 418.627246][T13046] ? __pfx_ksys_unshare+0x10/0x10
[ 418.627279][T13046] ? xfd_validate_state+0x61/0x180
[ 418.627323][T13046] __x64_sys_unshare+0x31/0x40
[ 418.627354][T13046] do_syscall_64+0xcd/0x490
[ 418.627397][T13046] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 418.627433][T13046] RIP: 0033:0x7f3e2d38e969
[ 418.627457][T13046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 418.627485][T13046] RSP: 002b:00007f3e2e1b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 418.627513][T13046] RAX: ffffffffffffffda RBX: 00007f3e2d5b5fa0 RCX: 00007f3e2d38e969
[ 418.627533][T13046] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 418.627550][T13046] RBP: 00007f3e2d410ab1 R08: 0000000000000000 R09: 0000000000000000
[ 418.627567][T13046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 418.627583][T13046] R13: 0000000000000000 R14: 00007f3e2d5b5fa0 R15: 00007fff480d5028
[ 418.627624][T13046]
[ 421.013353][T13098] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 421.425206][T13111] sctp: [Deprecated]: syz.1.2861 (pid 13111) Use of int in max_burst socket option deprecated.
[ 421.425206][T13111] Use struct sctp_assoc_value instead
[ 421.838689][T13128] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[ 421.859210][T13128] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[ 422.743140][T13155] netlink: 'syz.2.2880': attribute type 1 has an invalid length.
[ 424.842407][T13211] FAULT_INJECTION: forcing a failure.
[ 424.842407][T13211] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 424.856076][T13211] CPU: 1 UID: 0 PID: 13211 Comm: syz.1.2902 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 424.856127][T13211] Tainted: [U]=USER
[ 424.856138][T13211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 424.856156][T13211] Call Trace:
[ 424.856166][T13211]
[ 424.856178][T13211] dump_stack_lvl+0x16c/0x1f0
[ 424.856227][T13211] should_fail_ex+0x512/0x640
[ 424.856282][T13211] core_sys_select+0x9ca/0xc10
[ 424.856329][T13211] ? __pfx_core_sys_select+0x10/0x10
[ 424.856407][T13211] ? read_tsc+0x9/0x20
[ 424.856447][T13211] ? ktime_get_ts64+0x256/0x400
[ 424.856487][T13211] kern_select+0x15d/0x1e0
[ 424.856522][T13211] ? __pfx_kern_select+0x10/0x10
[ 424.856563][T13211] ? xfd_validate_state+0x61/0x180
[ 424.856594][T13211] ? bpf_lsm_capable+0x9/0x10
[ 424.856635][T13211] __x64_sys_select+0xbd/0x160
[ 424.856668][T13211] ? do_syscall_64+0x91/0x490
[ 424.856709][T13211] ? lockdep_hardirqs_on+0x7c/0x110
[ 424.856748][T13211] do_syscall_64+0xcd/0x490
[ 424.856792][T13211] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 424.856823][T13211] RIP: 0033:0x7f3e2d38e969
[ 424.856848][T13211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 424.856886][T13211] RSP: 002b:00007f3e2e1b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[ 424.856916][T13211] RAX: ffffffffffffffda RBX: 00007f3e2d5b5fa0 RCX: 00007f3e2d38e969
[ 424.856936][T13211] RDX: 0000200000000100 RSI: 0000200000000080 RDI: 0000000000000005
[ 424.856954][T13211] RBP: 00007f3e2d410ab1 R08: 0000200000000280 R09: 0000000000000000
[ 424.856972][T13211] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000
[ 424.856997][T13211] R13: 0000000000000000 R14: 00007f3e2d5b5fa0 R15: 00007fff480d5028
[ 424.857037][T13211]
[ 425.890157][T13235] netlink: 'syz.3.2910': attribute type 1 has an invalid length.
[ 426.064176][T13240] FAULT_INJECTION: forcing a failure.
[ 426.064176][T13240] name failslab, interval 1, probability 0, space 0, times 0
[ 426.085832][T13240] CPU: 1 UID: 0 PID: 13240 Comm: syz.2.2912 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 426.085885][T13240] Tainted: [U]=USER
[ 426.085903][T13240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 426.085921][T13240] Call Trace:
[ 426.085931][T13240]
[ 426.085943][T13240] dump_stack_lvl+0x16c/0x1f0
[ 426.085990][T13240] should_fail_ex+0x512/0x640
[ 426.086035][T13240] ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 426.086076][T13240] should_failslab+0xc2/0x120
[ 426.086117][T13240] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 426.086153][T13240] ? __proc_create+0xc3/0x8c0
[ 426.086194][T13240] ? __proc_create+0x2ce/0x8c0
[ 426.086243][T13240] __proc_create+0x2ce/0x8c0
[ 426.086286][T13240] ? __pfx___proc_create+0x10/0x10
[ 426.086346][T13240] _proc_mkdir+0xb9/0x200
[ 426.086389][T13240] ? __pfx__proc_mkdir+0x10/0x10
[ 426.086431][T13240] ? kmem_cache_alloc_noprof+0x21e/0x3b0
[ 426.086480][T13240] proc_net_ns_init+0x265/0x410
[ 426.086525][T13240] ? __pfx_proc_net_ns_init+0x10/0x10
[ 426.086567][T13240] ops_init+0x1e2/0x5f0
[ 426.086615][T13240] setup_net+0x1ff/0x510
[ 426.086654][T13240] ? lockdep_init_map_type+0x5c/0x280
[ 426.086688][T13240] ? __pfx_setup_net+0x10/0x10
[ 426.086735][T13240] ? debug_mutex_init+0x37/0x70
[ 426.086781][T13240] copy_net_ns+0x2a6/0x5f0
[ 426.086813][T13240] create_new_namespaces+0x3ea/0xa90
[ 426.086869][T13240] unshare_nsproxy_namespaces+0xc0/0x1f0
[ 426.086926][T13240] ksys_unshare+0x45b/0xa40
[ 426.086957][T13240] ? __pfx_ksys_unshare+0x10/0x10
[ 426.086989][T13240] ? xfd_validate_state+0x61/0x180
[ 426.087032][T13240] __x64_sys_unshare+0x31/0x40
[ 426.087060][T13240] do_syscall_64+0xcd/0x490
[ 426.087103][T13240] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 426.087131][T13240] RIP: 0033:0x7f838ab8e969
[ 426.087156][T13240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 426.087184][T13240] RSP: 002b:00007f838b922038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 426.087213][T13240] RAX: ffffffffffffffda RBX: 00007f838adb5fa0 RCX: 00007f838ab8e969
[ 426.087232][T13240] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 426.087250][T13240] RBP: 00007f838ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 426.087267][T13240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 426.087283][T13240] R13: 0000000000000000 R14: 00007f838adb5fa0 R15: 00007ffdf8ccb888
[ 426.087324][T13240]
[ 427.581583][T13266] sctp: [Deprecated]: syz.2.2921 (pid 13266) Use of int in max_burst socket option deprecated.
[ 427.581583][T13266] Use struct sctp_assoc_value instead
[ 428.625319][T13275] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2925'.
[ 428.638386][T13275] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2925'.
[ 428.690042][T13281] netlink: 'syz.2.2926': attribute type 16 has an invalid length.
[ 428.735849][T13281] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2926'.
[ 429.587171][T13298] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2933'.
[ 429.851472][T13298] Process accounting paused
[ 430.729445][T13321] netlink: 306 bytes leftover after parsing attributes in process `syz.3.2944'.
[ 431.560023][T13337] netlink: 'syz.1.2950': attribute type 1 has an invalid length.
[ 433.322014][T13363] FAULT_INJECTION: forcing a failure.
[ 433.322014][T13363] name failslab, interval 1, probability 0, space 0, times 0
[ 433.409510][T13363] CPU: 0 UID: 0 PID: 13363 Comm: syz.1.2959 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 433.409563][T13363] Tainted: [U]=USER
[ 433.409573][T13363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 433.409590][T13363] Call Trace:
[ 433.409600][T13363]
[ 433.409611][T13363] dump_stack_lvl+0x16c/0x1f0
[ 433.409656][T13363] should_fail_ex+0x512/0x640
[ 433.409701][T13363] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 433.409745][T13363] should_failslab+0xc2/0x120
[ 433.409788][T13363] kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 433.409823][T13363] ? ktime_get_coarse_real_ts64_mg+0x240/0x300
[ 433.409853][T13363] ? __d_alloc+0x31/0xaa0
[ 433.409895][T13363] __d_alloc+0x31/0xaa0
[ 433.409940][T13363] d_alloc_pseudo+0x1c/0xc0
[ 433.409968][T13363] alloc_file_pseudo+0xcf/0x230
[ 433.410016][T13363] ? __pfx_alloc_file_pseudo+0x10/0x10
[ 433.410074][T13363] secretmem_file_create.constprop.0+0x108/0x2c0
[ 433.410134][T13363] __x64_sys_memfd_secret+0xc5/0x1a0
[ 433.410177][T13363] do_syscall_64+0xcd/0x490
[ 433.410220][T13363] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 433.410248][T13363] RIP: 0033:0x7f3e2d38e969
[ 433.410271][T13363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 433.410297][T13363] RSP: 002b:00007f3e2e1b5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf
[ 433.410327][T13363] RAX: ffffffffffffffda RBX: 00007f3e2d5b5fa0 RCX: 00007f3e2d38e969
[ 433.410347][T13363] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 433.410364][T13363] RBP: 00007f3e2d410ab1 R08: 0000000000000000 R09: 0000000000000000
[ 433.410382][T13363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 433.410400][T13363] R13: 0000000000000000 R14: 00007f3e2d5b5fa0 R15: 00007fff480d5028
[ 433.410440][T13363]
[ 434.205900][T13375] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2964'.
[ 434.262500][T13377] netlink: 9 bytes leftover after parsing attributes in process `syz.2.2964'.
[ 434.305847][T13377] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2964'.
[ 434.394553][T13381] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2966'.
[ 435.991735][T13413] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2976'.
[ 436.016137][T13413] netlink: 9 bytes leftover after parsing attributes in process `syz.1.2976'.
[ 436.017546][T13409] FAULT_INJECTION: forcing a failure.
[ 436.017546][T13409] name failslab, interval 1, probability 0, space 0, times 0
[ 436.043403][T13413] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2976'.
[ 436.074316][T13409] CPU: 1 UID: 0 PID: 13409 Comm: syz.0.2975 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 436.074368][T13409] Tainted: [U]=USER
[ 436.074378][T13409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 436.074394][T13409] Call Trace:
[ 436.074402][T13409]
[ 436.074413][T13409] dump_stack_lvl+0x16c/0x1f0
[ 436.074458][T13409] should_fail_ex+0x512/0x640
[ 436.074502][T13409] ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 436.074542][T13409] should_failslab+0xc2/0x120
[ 436.074583][T13409] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 436.074615][T13409] ? __proc_create+0xc3/0x8c0
[ 436.074652][T13409] ? __proc_create+0x2ce/0x8c0
[ 436.074695][T13409] __proc_create+0x2ce/0x8c0
[ 436.074734][T13409] ? __pfx___proc_create+0x10/0x10
[ 436.074772][T13409] ? pcpu_chunk_relocate+0x126/0x190
[ 436.074821][T13409] proc_create_reg+0x7d/0x180
[ 436.074862][T13409] ? __pfx_xfrm_statistics_seq_show+0x10/0x10
[ 436.074908][T13409] proc_create_net_single+0x86/0x170
[ 436.074971][T13409] ? __pfx_proc_create_net_single+0x10/0x10
[ 436.075025][T13409] ? __pfx_xfrm_net_init+0x10/0x10
[ 436.075062][T13409] xfrm_proc_init+0x4d/0x70
[ 436.075104][T13409] xfrm_net_init+0x1f0/0xcc0
[ 436.075151][T13409] ? __pfx_xfrm_net_init+0x10/0x10
[ 436.075187][T13409] ops_init+0x1e2/0x5f0
[ 436.075237][T13409] setup_net+0x1ff/0x510
[ 436.075278][T13409] ? lockdep_init_map_type+0x5c/0x280
[ 436.075312][T13409] ? __pfx_setup_net+0x10/0x10
[ 436.075355][T13409] ? debug_mutex_init+0x37/0x70
[ 436.075401][T13409] copy_net_ns+0x2a6/0x5f0
[ 436.075433][T13409] create_new_namespaces+0x3ea/0xa90
[ 436.075483][T13409] unshare_nsproxy_namespaces+0xc0/0x1f0
[ 436.075532][T13409] ksys_unshare+0x45b/0xa40
[ 436.075565][T13409] ? __pfx_ksys_unshare+0x10/0x10
[ 436.075599][T13409] ? xfd_validate_state+0x61/0x180
[ 436.075640][T13409] __x64_sys_unshare+0x31/0x40
[ 436.075671][T13409] do_syscall_64+0xcd/0x490
[ 436.075726][T13409] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 436.075757][T13409] RIP: 0033:0x7f69a118e969
[ 436.075783][T13409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 436.075812][T13409] RSP: 002b:00007f69a1f26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 436.075842][T13409] RAX: ffffffffffffffda RBX: 00007f69a13b5fa0 RCX: 00007f69a118e969
[ 436.075862][T13409] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 436.075879][T13409] RBP: 00007f69a1210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 436.075896][T13409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 436.075913][T13409] R13: 0000000000000000 R14: 00007f69a13b5fa0 R15: 00007fffd9930ef8
[ 436.075963][T13409]
[ 436.431016][T13417] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2979'.
[ 436.647387][T13421] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2981'.
[ 436.656785][T13423] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2983'.
[ 436.899028][T13429] netlink: 'syz.0.2985': attribute type 1 has an invalid length.
[ 437.292334][T13445] netlink: 'syz.2.2992': attribute type 4 has an invalid length.
[ 437.551971][T13450] bridge0: port 3(netdevsim1) entered blocking state
[ 437.582456][T13450] bridge0: port 3(netdevsim1) entered disabled state
[ 437.620558][T13450] netdevsim netdevsim1 netdevsim1: entered allmulticast mode
[ 437.649836][T13450] netdevsim netdevsim1 netdevsim1: entered promiscuous mode
[ 437.660115][T13450] bridge0: port 3(netdevsim1) entered blocking state
[ 437.667138][T13450] bridge0: port 3(netdevsim1) entered forwarding state
[ 438.102048][T13468] netlink: 'syz.0.3000': attribute type 16 has an invalid length.
[ 440.601279][T13518] __nla_validate_parse: 4 callbacks suppressed
[ 440.601307][T13518] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3019'.
[ 441.088087][T13526] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3022'.
[ 441.122323][T13526] netlink: 25 bytes leftover after parsing attributes in process `syz.0.3022'.
[ 444.824687][T13606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3051'.
[ 445.217308][T13618] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3056'.
[ 445.256473][T13618] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3056'.
[ 445.425387][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 445.432086][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 446.057995][T13639] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3066'.
[ 447.260806][T13661] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3074'.
[ 450.299871][T13720] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3096'.
[ 450.697609][T13729] netlink: 'syz.2.3101': attribute type 19 has an invalid length.
[ 450.722792][T13729] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3101'.
[ 450.744999][T13727] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3099'.
[ 451.192681][T13738] netlink: 186 bytes leftover after parsing attributes in process `syz.2.3104'.
[ 451.215359][T13738] netlink: 186 bytes leftover after parsing attributes in process `syz.2.3104'.
[ 451.668563][T13753] netlink: 'syz.2.3109': attribute type 27 has an invalid length.
[ 451.696053][T13753] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3109'.
[ 451.982359][T13758] netlink: 25 bytes leftover after parsing attributes in process `syz.3.3112'.
[ 452.131026][T13761] netlink: 'syz.3.3113': attribute type 4 has an invalid length.
[ 452.629306][T13767] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3117'.
[ 453.136741][T13777] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[ 454.144635][T13802] netlink: 'syz.0.3128': attribute type 27 has an invalid length.
[ 454.152820][T13802] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3128'.
[ 454.520657][T13812] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3133'.
[ 454.666821][T13818] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3134'.
[ 454.953155][T13824] netlink: 122 bytes leftover after parsing attributes in process `syz.1.3137'.
[ 456.056754][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[ 456.651529][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[ 456.661689][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[ 458.487938][T13893] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3163'.
[ 459.373390][T13916] netlink: 'syz.3.3173': attribute type 1 has an invalid length.
[ 459.416303][T13916] netlink: 318 bytes leftover after parsing attributes in process `syz.3.3173'.
[ 459.516470][T13924] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3176'.
[ 460.040462][T13936] Process accounting resumed
[ 461.953355][T13966] HfR: entered promiscuous mode
[ 462.030636][T13966] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3190'.
[ 462.088990][T13966] HfR: left promiscuous mode
[ 464.966563][T14042] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3227'.
[ 466.036922][T14066] netlink: 'syz.3.3228': attribute type 19 has an invalid length.
[ 466.055287][T14066] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3228'.
[ 466.691518][T14071] netlink: 146 bytes leftover after parsing attributes in process `syz.3.3230'.
[ 470.630693][T14139] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3256'.
[ 471.807607][T14159] sctp: [Deprecated]: syz.1.3262 (pid 14159) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 471.807607][T14159] Use struct sctp_sack_info instead
[ 472.471522][T14167] netlink: 146 bytes leftover after parsing attributes in process `syz.2.3266'.
[ 474.362007][T14196] netlink: 'syz.2.3277': attribute type 1 has an invalid length.
[ 474.405797][T14196] netlink: 230 bytes leftover after parsing attributes in process `syz.2.3277'.
[ 475.188207][T14211] FAULT_INJECTION: forcing a failure.
[ 475.188207][T14211] name failslab, interval 1, probability 0, space 0, times 0
[ 475.254554][T14211] CPU: 0 UID: 0 PID: 14211 Comm: syz.2.3282 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 475.254604][T14211] Tainted: [U]=USER
[ 475.254613][T14211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 475.254630][T14211] Call Trace:
[ 475.254640][T14211]
[ 475.254653][T14211] dump_stack_lvl+0x16c/0x1f0
[ 475.254699][T14211] should_fail_ex+0x512/0x640
[ 475.254744][T14211] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 475.254782][T14211] should_failslab+0xc2/0x120
[ 475.254822][T14211] __kmalloc_cache_noprof+0x6a/0x3e0
[ 475.254857][T14211] ? vhost_net_open+0x123/0x8a0
[ 475.254897][T14211] ? kasan_save_track+0x14/0x30
[ 475.254938][T14211] vhost_net_open+0x123/0x8a0
[ 475.254975][T14211] ? __pfx_vhost_net_open+0x10/0x10
[ 475.255013][T14211] misc_open+0x35d/0x420
[ 475.255063][T14211] ? __pfx_misc_open+0x10/0x10
[ 475.255101][T14211] chrdev_open+0x234/0x6a0
[ 475.255140][T14211] ? __pfx_apparmor_file_open+0x10/0x10
[ 475.255183][T14211] ? __pfx_chrdev_open+0x10/0x10
[ 475.255227][T14211] ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 475.255269][T14211] do_dentry_open+0x741/0x1c10
[ 475.255310][T14211] ? __pfx_chrdev_open+0x10/0x10
[ 475.255360][T14211] vfs_open+0x82/0x3f0
[ 475.255411][T14211] path_openat+0x1de4/0x2cb0
[ 475.255465][T14211] ? __pfx_path_openat+0x10/0x10
[ 475.255505][T14211] ? __lock_acquire+0xb8a/0x1c90
[ 475.255543][T14211] do_filp_open+0x20b/0x470
[ 475.255580][T14211] ? __pfx_do_filp_open+0x10/0x10
[ 475.255659][T14211] ? alloc_fd+0x471/0x7d0
[ 475.255708][T14211] do_sys_openat2+0x11b/0x1d0
[ 475.255737][T14211] ? __pfx_do_sys_openat2+0x10/0x10
[ 475.255804][T14211] __x64_sys_openat+0x174/0x210
[ 475.255833][T14211] ? __pfx___x64_sys_openat+0x10/0x10
[ 475.255884][T14211] do_syscall_64+0xcd/0x490
[ 475.255931][T14211] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 475.255962][T14211] RIP: 0033:0x7f838ab8e969
[ 475.255988][T14211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 475.256017][T14211] RSP: 002b:00007f838b922038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 475.256055][T14211] RAX: ffffffffffffffda RBX: 00007f838adb5fa0 RCX: 00007f838ab8e969
[ 475.256074][T14211] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 475.256092][T14211] RBP: 00007f838ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 475.256110][T14211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 475.256126][T14211] R13: 0000000000000000 R14: 00007f838adb5fa0 R15: 00007ffdf8ccb888
[ 475.256167][T14211]
[ 476.123649][T14219] netlink: 322 bytes leftover after parsing attributes in process `syz.0.3286'.
[ 478.089041][T14246] netlink: 186 bytes leftover after parsing attributes in process `syz.2.3297'.
[ 480.341913][T14274] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3309'.
[ 480.565767][T14280] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3311'.
[ 480.598008][T14280] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3311'.
[ 480.638188][T14276] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3306'.
[ 480.713508][T14282] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3312'.
[ 480.765459][T14284] netlink: 'syz.2.3314': attribute type 4 has an invalid length.
[ 480.802781][T14284] netlink: 314 bytes leftover after parsing attributes in process `syz.2.3314'.
[ 481.289608][T14298] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3319'.
[ 481.776609][T14304] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3323'.
[ 483.829536][T14336] delete_channel: no stack
[ 484.488516][T14353] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3341'.
[ 484.661253][T14296] syz.1.3318 (14296) used greatest stack depth: 20584 bytes left
[ 485.753013][T14371] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3344'.
[ 486.821516][T14388] FAULT_INJECTION: forcing a failure.
[ 486.821516][T14388] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 486.878705][T14388] CPU: 1 UID: 0 PID: 14388 Comm: syz.0.3354 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 486.878759][T14388] Tainted: [U]=USER
[ 486.878769][T14388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 486.878785][T14388] Call Trace:
[ 486.878796][T14388]
[ 486.878809][T14388] dump_stack_lvl+0x16c/0x1f0
[ 486.878857][T14388] should_fail_ex+0x512/0x640
[ 486.878911][T14388] should_fail_alloc_page+0xe7/0x130
[ 486.878958][T14388] prepare_alloc_pages+0x3c2/0x610
[ 486.878989][T14388] ? rcu_is_watching+0x12/0xc0
[ 486.879047][T14388] __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 486.879090][T14388] ? __lock_acquire+0xb8a/0x1c90
[ 486.879139][T14388] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 486.879181][T14388] ? do_raw_spin_lock+0x12c/0x2b0
[ 486.879221][T14388] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 486.879260][T14388] ? find_held_lock+0x2b/0x80
[ 486.879317][T14388] ? __lock_acquire+0xb8a/0x1c90
[ 486.879348][T14388] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 486.879390][T14388] ? policy_nodemask+0xea/0x4e0
[ 486.879439][T14388] alloc_pages_mpol+0x1fb/0x550
[ 486.879485][T14388] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 486.879542][T14388] folio_alloc_mpol_noprof+0x36/0x2f0
[ 486.879594][T14388] shmem_alloc_folio+0x135/0x160
[ 486.879628][T14388] shmem_alloc_and_add_folio+0x499/0xc20
[ 486.879676][T14388] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 486.879724][T14388] ? shmem_allowable_huge_orders+0xcb/0x2f0
[ 486.879770][T14388] shmem_get_folio_gfp+0x67f/0x1600
[ 486.879810][T14388] ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 486.879844][T14388] ? __pfx___might_resched+0x10/0x10
[ 486.879893][T14388] shmem_fallocate+0x795/0xf50
[ 486.879951][T14388] ? __pfx_shmem_fallocate+0x10/0x10
[ 486.879987][T14388] ? aa_file_perm+0x4d6/0xfb0
[ 486.880055][T14388] ? __lock_acquire+0xb8a/0x1c90
[ 486.880092][T14388] ? __lock_acquire+0x622/0x1c90
[ 486.880149][T14388] ? __pfx_shmem_fallocate+0x10/0x10
[ 486.880189][T14388] vfs_fallocate+0x608/0x10c0
[ 486.880235][T14388] ? __pfx_vfs_fallocate+0x10/0x10
[ 486.880288][T14388] __x64_sys_fallocate+0xd5/0x150
[ 486.880334][T14388] do_syscall_64+0xcd/0x490
[ 486.880381][T14388] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 486.880412][T14388] RIP: 0033:0x7f69a118e969
[ 486.880438][T14388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 486.880468][T14388] RSP: 002b:00007f69a1f26038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 486.880499][T14388] RAX: ffffffffffffffda RBX: 00007f69a13b5fa0 RCX: 00007f69a118e969
[ 486.880519][T14388] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 8000000000000003
[ 486.880537][T14388] RBP: 00007f69a1210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 486.880556][T14388] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000000
[ 486.880574][T14388] R13: 0000000000000000 R14: 00007f69a13b5fa0 R15: 00007fffd9930ef8
[ 486.880616][T14388]
[ 488.280929][T14408] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3364'.
[ 488.461124][T14413] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3365'.
[ 488.695486][T14415] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3366'.
[ 488.935968][T14422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3369'.
[ 489.400664][T14428] netlink: 74 bytes leftover after parsing attributes in process `syz.0.3371'.
[ 489.698157][T14434] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3372'.
[ 490.603031][T14440] Process accounting paused
[ 493.723359][T14508] netlink: 306 bytes leftover after parsing attributes in process `syz.2.3403'.
[ 493.754773][T14507] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3402'.
[ 494.703287][ T5835] Bluetooth: hci3: unexpected event 0x05 length: 440 > 4
[ 495.444475][T14543] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[ 495.681115][T14152] syz.1.3260 (14152) used greatest stack depth: 18008 bytes left
[ 495.911838][T14551] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3416'.
[ 496.535940][T14564] netlink: 'syz.0.3421': attribute type 2 has an invalid length.
[ 496.552564][T14564] netlink: 'syz.0.3421': attribute type 2 has an invalid length.
[ 496.604429][T14567] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3423'.
[ 497.704146][T14585] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3429'.
[ 498.554625][T14603] FAULT_INJECTION: forcing a failure.
[ 498.554625][T14603] name failslab, interval 1, probability 0, space 0, times 0
[ 498.615870][T14603] CPU: 0 UID: 0 PID: 14603 Comm: syz.2.3438 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 498.615925][T14603] Tainted: [U]=USER
[ 498.615936][T14603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 498.615954][T14603] Call Trace:
[ 498.615964][T14603]
[ 498.615975][T14603] dump_stack_lvl+0x16c/0x1f0
[ 498.616032][T14603] should_fail_ex+0x512/0x640
[ 498.616080][T14603] ? __kvmalloc_node_noprof+0x122/0x620
[ 498.616122][T14603] should_failslab+0xc2/0x120
[ 498.616164][T14603] __kvmalloc_node_noprof+0x135/0x620
[ 498.616199][T14603] ? lockdep_init_map_type+0x5c/0x280
[ 498.616233][T14603] ? __v4l2_subdev_state_alloc+0x1a7/0x400
[ 498.616274][T14603] ? __v4l2_subdev_state_alloc+0x1a7/0x400
[ 498.616305][T14603] __v4l2_subdev_state_alloc+0x1a7/0x400
[ 498.616342][T14603] subdev_open+0xa6/0x560
[ 498.616376][T14603] v4l2_open+0x225/0x490
[ 498.616415][T14603] ? __pfx_v4l2_open+0x10/0x10
[ 498.616454][T14603] chrdev_open+0x234/0x6a0
[ 498.616494][T14603] ? __pfx_apparmor_file_open+0x10/0x10
[ 498.616537][T14603] ? __pfx_chrdev_open+0x10/0x10
[ 498.616581][T14603] ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 498.616623][T14603] do_dentry_open+0x741/0x1c10
[ 498.616663][T14603] ? __pfx_chrdev_open+0x10/0x10
[ 498.616712][T14603] vfs_open+0x82/0x3f0
[ 498.616762][T14603] path_openat+0x1de4/0x2cb0
[ 498.616814][T14603] ? __pfx_path_openat+0x10/0x10
[ 498.616854][T14603] ? __lock_acquire+0xb8a/0x1c90
[ 498.616891][T14603] do_filp_open+0x20b/0x470
[ 498.616930][T14603] ? __pfx_do_filp_open+0x10/0x10
[ 498.616997][T14603] ? alloc_fd+0x471/0x7d0
[ 498.617051][T14603] do_sys_openat2+0x11b/0x1d0
[ 498.617079][T14603] ? __pfx_do_sys_openat2+0x10/0x10
[ 498.617143][T14603] __x64_sys_openat+0x174/0x210
[ 498.617174][T14603] ? __pfx___x64_sys_openat+0x10/0x10
[ 498.617220][T14603] do_syscall_64+0xcd/0x490
[ 498.617266][T14603] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 498.617297][T14603] RIP: 0033:0x7f838ab8e969
[ 498.617322][T14603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 498.617352][T14603] RSP: 002b:00007f838b922038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 498.617382][T14603] RAX: ffffffffffffffda RBX: 00007f838adb5fa0 RCX: 00007f838ab8e969
[ 498.617402][T14603] RDX: 0000000000080000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 498.617420][T14603] RBP: 00007f838ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 498.617437][T14603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 498.617455][T14603] R13: 0000000000000000 R14: 00007f838adb5fa0 R15: 00007ffdf8ccb888
[ 498.617494][T14603]
[ 499.318478][T14620] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3444'.
[ 499.850282][T14626] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3446'.
[ 499.871488][T14624] netlink: 'syz.1.3445': attribute type 2 has an invalid length.
[ 499.891399][T14628] netlink: 146 bytes leftover after parsing attributes in process `syz.0.3447'.
[ 499.925521][T14629] netlink: 'syz.1.3445': attribute type 2 has an invalid length.
[ 500.633973][T14648] �: renamed from gre0 (while UP)
[ 501.437382][T14659] ovs_: entered promiscuous mode
[ 501.556279][T14663] netlink: 'syz.1.3462': attribute type 22 has an invalid length.
[ 501.592433][T14663] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3462'.
[ 501.731086][T14667] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3464'.
[ 504.311616][T14714] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3478'.
[ 505.877931][T14742] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3487'.
[ 505.906357][T14742] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3487'.
[ 506.809133][T14757] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3494'.
[ 506.824390][T14757] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3494'.
[ 506.861074][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 506.868217][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 506.951727][T14755] netlink: 'syz.0.3492': attribute type 27 has an invalid length.
[ 506.975794][T14755] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3492'.
[ 507.276785][T14767] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3499'.
[ 507.322785][T14767] hsr_slave_0: left promiscuous mode
[ 507.332941][T14767] hsr_slave_1: left promiscuous mode
[ 508.312251][T14792] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3508'.
[ 508.794248][ T5835] Bluetooth: hci3: ISO packet for unknown connection handle 0
[ 509.648833][T14816] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3514'.
[ 509.732485][T14816] netlink: 13 bytes leftover after parsing attributes in process `syz.0.3514'.
[ 510.563829][T14838] netlink: 'syz.0.3523': attribute type 27 has an invalid length.
[ 510.613902][T14837] netlink: 322 bytes leftover after parsing attributes in process `syz.1.3525'.
[ 510.629628][ T5835] Bluetooth: hci1: ISO packet for unknown connection handle 0
[ 511.951110][ T30] audit: type=1800 audit(4294967406.480:10): pid=14862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3535" name="trigger" dev="tracefs" ino=19680823 res=0 errno=0
[ 513.526480][T14885] __nla_validate_parse: 1 callbacks suppressed
[ 513.526508][T14885] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3544'.
[ 513.826521][T14895] netlink: 'syz.2.3550': attribute type 4 has an invalid length.
[ 514.915512][T14920] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3559'.
[ 514.955739][T14920] IPv6: NLM_F_CREATE should be specified when creating new route
[ 515.744549][T14940] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.3569' sets config #0
[ 515.767620][T14940] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 515.778230][T14942] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3568'.
[ 515.788012][T14942] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3568'.
[ 515.793653][T14940] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 516.235339][T14952] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3574'.
[ 519.559267][T15023] netlink: 'syz.1.3600': attribute type 14 has an invalid length.
[ 519.601439][T15023] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3600'.
[ 521.175459][T15033] Process accounting resumed
[ 522.659448][T15056] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3613'.
[ 523.778563][T15075] FAULT_INJECTION: forcing a failure.
[ 523.778563][T15075] name failslab, interval 1, probability 0, space 0, times 0
[ 523.791454][T15075] CPU: 0 UID: 0 PID: 15075 Comm: syz.0.3620 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 523.791508][T15075] Tainted: [U]=USER
[ 523.791519][T15075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 523.791537][T15075] Call Trace:
[ 523.791547][T15075]
[ 523.791560][T15075] dump_stack_lvl+0x16c/0x1f0
[ 523.791609][T15075] should_fail_ex+0x512/0x640
[ 523.791658][T15075] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 523.791698][T15075] should_failslab+0xc2/0x120
[ 523.791743][T15075] __kmalloc_cache_noprof+0x6a/0x3e0
[ 523.791780][T15075] ? percpu_ref_init+0xec/0x410
[ 523.791825][T15075] ? __pfx_io_ring_ctx_ref_free+0x10/0x10
[ 523.791858][T15075] percpu_ref_init+0xec/0x410
[ 523.791905][T15075] io_uring_setup+0x453/0x2080
[ 523.791963][T15075] ? __pfx_io_uring_setup+0x10/0x10
[ 523.792006][T15075] ? do_futex+0x122/0x350
[ 523.792037][T15075] ? __pfx_do_futex+0x10/0x10
[ 523.792066][T15075] ? fd_install+0x225/0x750
[ 523.792122][T15075] ? xfd_validate_state+0x61/0x180
[ 523.792154][T15075] ? __pfx_do_writev+0x10/0x10
[ 523.792198][T15075] __x64_sys_io_uring_setup+0xc2/0x170
[ 523.792245][T15075] do_syscall_64+0xcd/0x490
[ 523.792293][T15075] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 523.792324][T15075] RIP: 0033:0x7f69a118e969
[ 523.792349][T15075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 523.792380][T15075] RSP: 002b:00007f69a1f26038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[ 523.792409][T15075] RAX: ffffffffffffffda RBX: 00007f69a13b5fa0 RCX: 00007f69a118e969
[ 523.792429][T15075] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000001
[ 523.792448][T15075] RBP: 00007f69a1210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 523.792465][T15075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 523.792483][T15075] R13: 0000000000000000 R14: 00007f69a13b5fa0 R15: 00007fffd9930ef8
[ 523.792523][T15075]
[ 524.527488][T15080] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3623'.
[ 524.999055][T15086] bridge0: port 4(macvlan0) entered blocking state
[ 525.040423][T15086] bridge0: port 4(macvlan0) entered disabled state
[ 525.096886][T15086] macvlan0: entered allmulticast mode
[ 525.138090][T15086] veth1_vlan: entered allmulticast mode
[ 525.220278][T15086] macvlan0: entered promiscuous mode
[ 525.307649][T15086] bridge0: port 4(macvlan0) entered blocking state
[ 525.314496][T15086] bridge0: port 4(macvlan0) entered forwarding state
[ 528.514933][T15149] netlink: 'syz.2.3638': attribute type 4 has an invalid length.
[ 531.649173][T15189] netlink: 'syz.3.3651': attribute type 14 has an invalid length.
[ 531.689302][T15189] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3651'.
[ 533.624303][T15214] netlink: 'syz.3.3662': attribute type 28 has an invalid length.
[ 533.685326][T15214] netlink: 326 bytes leftover after parsing attributes in process `syz.3.3662'.
[ 533.706251][T15220] netlink: 'syz.3.3662': attribute type 28 has an invalid length.
[ 533.778288][T15220] netlink: 326 bytes leftover after parsing attributes in process `syz.3.3662'.
[ 535.672477][T15237] netlink: 'syz.3.3671': attribute type 4 has an invalid length.
[ 535.897968][T15240] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3672'.
[ 538.306739][T15261] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3679'.
[ 539.468265][T15267] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3681'.
[ 541.777645][T15278] can: request_module (can-proto-4) failed.
[ 542.705185][T15287] netlink: 86 bytes leftover after parsing attributes in process `syz.2.3689'.
[ 543.189268][T15296] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3693'.
[ 543.803319][T15311] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3700'.
[ 544.122727][T15318] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3703'.
[ 544.190431][T15320] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3704'.
[ 544.227719][T15320] netlink: 25 bytes leftover after parsing attributes in process `syz.3.3704'.
[ 544.887113][T15332] netlink: 326 bytes leftover after parsing attributes in process `syz.3.3708'.
[ 545.325166][T15340] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3712'.
[ 548.565042][T15383] netlink: 'syz.0.3727': attribute type 4 has an invalid length.
[ 548.581858][T15383] netlink: 314 bytes leftover after parsing attributes in process `syz.0.3727'.
[ 549.147373][ T30] audit: type=1326 audit(4294967443.670:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15393 comm="syz.0.3732" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f69a118e969 code=0x0
[ 550.171098][T15417] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3739'.
[ 550.315118][T15409] raw_sendmsg: syz.3.3737 forgot to set AF_INET. Fix it!
[ 550.347346][T15419] netlink: 346 bytes leftover after parsing attributes in process `syz.0.3740'.
[ 550.775246][T15425] netlink: 'syz.3.3743': attribute type 22 has an invalid length.
[ 550.816075][T15425] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3743'.
[ 551.175709][T15429] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3744'.
[ 551.189954][T15422] Process accounting paused
[ 551.438389][T15438] ==================================================================
[ 551.446623][T15438] BUG: KFENCE: use-after-free read in dvb_device_open+0xee/0x3b0
[ 551.446623][T15438]
[ 551.456680][T15438] Use-after-free read at 0xffff88823bf04f18 (in kfence-#129):
[ 551.464282][T15438] dvb_device_open+0xee/0x3b0
[ 551.469029][T15438] chrdev_open+0x234/0x6a0
[ 551.473510][T15438] do_dentry_open+0x741/0x1c10
[ 551.478343][T15438] vfs_open+0x82/0x3f0
[ 551.482577][T15438] path_openat+0x1de4/0x2cb0
[ 551.487398][T15438] do_filp_open+0x20b/0x470
[ 551.492041][T15438] do_sys_openat2+0x11b/0x1d0
[ 551.496771][T15438] __x64_sys_openat+0x174/0x210
[ 551.501671][T15438] do_syscall_64+0xcd/0x490
[ 551.506500][T15438] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 551.512426][T15438]
[ 551.514774][T15438] kfence-#129: 0xffff88823bf04000-0xffff88823bf0403f, size=64, cache=page->ptl
[ 551.514774][T15438]
[ 551.526010][T15438] allocated by task 15364 on cpu 0 at 547.586826s (3.939182s ago):
[ 551.533957][T15438] ptlock_alloc+0x1f/0x70
[ 551.538311][T15438] pte_alloc_one+0x82/0x3a0
[ 551.542933][T15438] __handle_mm_fault+0x3a36/0x53d0
[ 551.548150][T15438] handle_mm_fault+0x589/0xd10
[ 551.553104][T15438] do_user_addr_fault+0x60c/0x1370
[ 551.558238][T15438] exc_page_fault+0x5c/0xb0
[ 551.562850][T15438] asm_exc_page_fault+0x26/0x30
[ 551.567776][T15438]
[ 551.570157][T15438] freed by task 15338 on cpu 0 at 547.796288s (3.773868s ago):
[ 551.577794][T15438] ptlock_free+0x45/0x60
[ 551.582068][T15438] pagetable_dtor+0x14/0x260
[ 551.586691][T15438] tlb_remove_table_rcu+0xa4/0x1a0
[ 551.591875][T15438] rcu_core+0x79c/0x14e0
[ 551.596153][T15438] handle_softirqs+0x219/0x8e0
[ 551.601031][T15438] __irq_exit_rcu+0x109/0x170
[ 551.605765][T15438] irq_exit_rcu+0x9/0x30
[ 551.610055][T15438] sysvec_apic_timer_interrupt+0xa4/0xc0
[ 551.615744][T15438] asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 551.621778][T15438] lock_acquire+0x62/0x350
[ 551.626237][T15438] pfn_valid+0x15c/0x4d0
[ 551.630506][T15438] page_table_check_clear+0x21/0x740
[ 551.635818][T15438] __page_table_check_pte_clear+0xf1/0x100
[ 551.641827][T15438] unmap_page_range+0x24d3/0x47c0
[ 551.646991][T15438] unmap_single_vma.constprop.0+0x153/0x240
[ 551.653092][T15438] unmap_vmas+0x218/0x470
[ 551.657460][T15438] exit_mmap+0x1b9/0xb90
[ 551.661899][T15438] __mmput+0x12a/0x410
[ 551.666000][T15438] mmput+0x62/0x70
[ 551.669758][T15438] do_exit+0x7bc/0x2bd0
[ 551.673942][T15438] do_group_exit+0xd3/0x2a0
[ 551.678555][T15438] get_signal+0x2673/0x26d0
[ 551.683350][T15438] arch_do_signal_or_restart+0x8f/0x790
[ 551.689034][T15438] exit_to_user_mode_loop+0x84/0x110
[ 551.694358][T15438] do_syscall_64+0x3f6/0x490
[ 551.698994][T15438] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 551.704912][T15438]
[ 551.707259][T15438] CPU: 1 UID: 0 PID: 15438 Comm: syz.2.3746 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 551.720732][T15438] Tainted: [U]=USER
[ 551.724647][T15438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 551.734723][T15438] RIP: 0010:dvb_device_open+0xee/0x3b0
[ 551.740312][T15438] Code: 0f 84 3f 02 00 00 e8 d1 5f e8 f9 48 8d 7d 18 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 77 02 00 00 <4c> 8b 6d 18 4d 85 ed 0f 84 0e 02 00 00 e8 a0 5f e8 f9 4c 89 ea 48
[ 551.759947][T15438] RSP: 0018:ffffc9000d05f930 EFLAGS: 00010246
[ 551.766211][T15438] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc9000c4fc000
[ 551.774212][T15438] RDX: 1ffff110477e09e3 RSI: ffffffff87d30ddf RDI: ffff88823bf04f18
[ 551.782288][T15438] RBP: ffff88823bf04f00 R08: 0000000000000001 R09: fffffbfff1f457d1
[ 551.790382][T15438] R10: ffffffff8fa2be8f R11: 0000000000000001 R12: ffff88807f634c40
[ 551.798650][T15438] R13: ffffffff87d30d10 R14: ffff88802a3b7710 R15: ffff88807f634c88
[ 551.806661][T15438] FS: 00007f838b9226c0(0000) GS:ffff888124a75000(0000) knlGS:0000000000000000
[ 551.815626][T15438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 551.822414][T15438] CR2: ffff88823bf04f18 CR3: 0000000076c50000 CR4: 00000000003526f0
[ 551.830409][T15438] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 551.838422][T15438] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 551.846413][T15438] Call Trace:
[ 551.849725][T15438]
[ 551.852676][T15438] ? __pfx_dvb_device_open+0x10/0x10
[ 551.858178][T15438] chrdev_open+0x234/0x6a0
[ 551.862621][T15438] ? __pfx_apparmor_file_open+0x10/0x10
[ 551.868226][T15438] ? __pfx_chrdev_open+0x10/0x10
[ 551.873194][T15438] ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 551.880002][T15438] do_dentry_open+0x741/0x1c10
[ 551.884810][T15438] ? __pfx_chrdev_open+0x10/0x10
[ 551.889791][T15438] vfs_open+0x82/0x3f0
[ 551.893916][T15438] path_openat+0x1de4/0x2cb0
[ 551.898565][T15438] ? __pfx_path_openat+0x10/0x10
[ 551.903689][T15438] ? __lock_acquire+0xb8a/0x1c90
[ 551.908653][T15438] do_filp_open+0x20b/0x470
[ 551.913272][T15438] ? __pfx_do_filp_open+0x10/0x10
[ 551.918357][T15438] ? alloc_fd+0x471/0x7d0
[ 551.922801][T15438] do_sys_openat2+0x11b/0x1d0
[ 551.928258][T15438] ? __pfx_do_sys_openat2+0x10/0x10
[ 551.933812][T15438] ? find_held_lock+0x2b/0x80
[ 551.938524][T15438] ? handle_mm_fault+0x2ab/0xd10
[ 551.943491][T15438] __x64_sys_openat+0x174/0x210
[ 551.948377][T15438] ? __pfx___x64_sys_openat+0x10/0x10
[ 551.953867][T15438] ? do_user_addr_fault+0x843/0x1370
[ 551.959195][T15438] do_syscall_64+0xcd/0x490
[ 551.963768][T15438] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 551.969683][T15438] RIP: 0033:0x7f838ab8e969
[ 551.974119][T15438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 551.993761][T15438] RSP: 002b:00007f838b922038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 552.002203][T15438] RAX: ffffffffffffffda RBX: 00007f838adb5fa0 RCX: 00007f838ab8e969
[ 552.010377][T15438] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 552.018477][T15438] RBP: 00007f838ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 552.027113][T15438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 552.035125][T15438] R13: 0000000000000001 R14: 00007f838adb5fa0 R15: 00007ffdf8ccb888
[ 552.043212][T15438]
[ 552.046335][T15438] ==================================================================
[ 552.054494][T15438] Kernel panic - not syncing: KFENCE: panic_on_warn set ...
[ 552.062237][T15438] CPU: 1 UID: 0 PID: 15438 Comm: syz.2.3746 Tainted: G U 6.15.0-syzkaller-10820-gcd2e103d57e5 #0 PREEMPT(full)
[ 552.075639][T15438] Tainted: [U]=USER
[ 552.079457][T15438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 552.089535][T15438] Call Trace:
[ 552.092836][T15438]
[ 552.095808][T15438] dump_stack_lvl+0x3d/0x1f0
[ 552.100457][T15438] panic+0x71c/0x800
[ 552.104505][T15438] ? __pfx_panic+0x10/0x10
[ 552.108980][T15438] ? __pfx__printk+0x10/0x10
[ 552.113678][T15438] check_panic_on_warn+0xab/0xb0
[ 552.118765][T15438] kfence_report_error+0x5e1/0xd90
[ 552.123936][T15438] ? arch_stack_walk+0x60/0x100
[ 552.128829][T15438] ? __pfx_kfence_report_error+0x10/0x10
[ 552.134504][T15438] ? dvb_device_open+0xee/0x3b0
[ 552.139396][T15438] ? chrdev_open+0x234/0x6a0
[ 552.144022][T15438] ? do_dentry_open+0x741/0x1c10
[ 552.148992][T15438] ? vfs_open+0x82/0x3f0
[ 552.153359][T15438] ? path_openat+0x1de4/0x2cb0
[ 552.158236][T15438] ? do_filp_open+0x20b/0x470
[ 552.162938][T15438] ? do_sys_openat2+0x11b/0x1d0
[ 552.167841][T15438] ? __x64_sys_openat+0x174/0x210
[ 552.172916][T15438] ? do_syscall_64+0xcd/0x490
[ 552.177713][T15438] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 552.183895][T15438] ? do_syscall_64+0xcd/0x490
[ 552.188616][T15438] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 552.194726][T15438] kfence_handle_page_fault+0x1f6/0x5c0
[ 552.200314][T15438] page_fault_oops+0x738/0xc10
[ 552.205109][T15438] ? __pfx_page_fault_oops+0x10/0x10
[ 552.210611][T15438] ? find_held_lock+0x2b/0x80
[ 552.215335][T15438] ? is_prefetch.constprop.0+0x9c/0x510
[ 552.220993][T15438] ? search_bpf_extables+0x1c2/0x320
[ 552.226309][T15438] ? bpf_ksym_find+0x124/0x1c0
[ 552.231112][T15438] ? __pfx_is_prefetch.constprop.0+0x10/0x10
[ 552.237123][T15438] ? fixup_exception+0x10c/0xaf0
[ 552.242099][T15438] kernelmode_fixup_or_oops.constprop.0+0xb8/0xe0
[ 552.248632][T15438] __bad_area_nosemaphore+0x38b/0x690
[ 552.254131][T15438] do_kern_addr_fault+0x5b/0x80
[ 552.259021][T15438] exc_page_fault+0xa0/0xb0
[ 552.263590][T15438] asm_exc_page_fault+0x26/0x30
[ 552.268560][T15438] RIP: 0010:dvb_device_open+0xee/0x3b0
[ 552.274169][T15438] Code: 0f 84 3f 02 00 00 e8 d1 5f e8 f9 48 8d 7d 18 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 77 02 00 00 <4c> 8b 6d 18 4d 85 ed 0f 84 0e 02 00 00 e8 a0 5f e8 f9 4c 89 ea 48
[ 552.293808][T15438] RSP: 0018:ffffc9000d05f930 EFLAGS: 00010246
[ 552.300078][T15438] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc9000c4fc000
[ 552.308077][T15438] RDX: 1ffff110477e09e3 RSI: ffffffff87d30ddf RDI: ffff88823bf04f18
[ 552.316076][T15438] RBP: ffff88823bf04f00 R08: 0000000000000001 R09: fffffbfff1f457d1
[ 552.324240][T15438] R10: ffffffff8fa2be8f R11: 0000000000000001 R12: ffff88807f634c40
[ 552.332318][T15438] R13: ffffffff87d30d10 R14: ffff88802a3b7710 R15: ffff88807f634c88
[ 552.340337][T15438] ? __pfx_dvb_device_open+0x10/0x10
[ 552.345942][T15438] ? dvb_device_open+0xcf/0x3b0
[ 552.350840][T15438] ? __pfx_dvb_device_open+0x10/0x10
[ 552.356196][T15438] chrdev_open+0x234/0x6a0
[ 552.360687][T15438] ? __pfx_apparmor_file_open+0x10/0x10
[ 552.366315][T15438] ? __pfx_chrdev_open+0x10/0x10
[ 552.371304][T15438] ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 552.378113][T15438] do_dentry_open+0x741/0x1c10
[ 552.383020][T15438] ? __pfx_chrdev_open+0x10/0x10
[ 552.388093][T15438] vfs_open+0x82/0x3f0
[ 552.392203][T15438] path_openat+0x1de4/0x2cb0
[ 552.396835][T15438] ? __pfx_path_openat+0x10/0x10
[ 552.401811][T15438] ? __lock_acquire+0xb8a/0x1c90
[ 552.406793][T15438] do_filp_open+0x20b/0x470
[ 552.411421][T15438] ? __pfx_do_filp_open+0x10/0x10
[ 552.416505][T15438] ? alloc_fd+0x471/0x7d0
[ 552.420873][T15438] do_sys_openat2+0x11b/0x1d0
[ 552.425592][T15438] ? __pfx_do_sys_openat2+0x10/0x10
[ 552.430838][T15438] ? find_held_lock+0x2b/0x80
[ 552.435553][T15438] ? handle_mm_fault+0x2ab/0xd10
[ 552.440544][T15438] __x64_sys_openat+0x174/0x210
[ 552.445507][T15438] ? __pfx___x64_sys_openat+0x10/0x10
[ 552.450908][T15438] ? do_user_addr_fault+0x843/0x1370
[ 552.456239][T15438] do_syscall_64+0xcd/0x490
[ 552.460780][T15438] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 552.466734][T15438] RIP: 0033:0x7f838ab8e969
[ 552.471169][T15438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 552.490895][T15438] RSP: 002b:00007f838b922038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 552.499339][T15438] RAX: ffffffffffffffda RBX: 00007f838adb5fa0 RCX: 00007f838ab8e969
[ 552.507332][T15438] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 552.515325][T15438] RBP: 00007f838ac10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 552.523317][T15438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 552.531332][T15438] R13: 0000000000000001 R14: 00007f838adb5fa0 R15: 00007ffdf8ccb888
[ 552.539366][T15438]
[ 552.542739][T15438] Kernel Offset: disabled
[ 552.547647][T15438] Rebooting in 86400 seconds..