last executing test programs:

3.168666036s ago: executing program 0 (id=2415):
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dmmidi2\x00', 0x0, 0x0)
socket(0x1d, 0x2, 0x2)
socket(0x2b, 0x1, 0x1)
socket(0xa, 0x3, 0x73)
r0 = socket(0xa, 0x2, 0x88)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x1801, @old_map_fd=0x3ff}, 0xa3)

3.140045565s ago: executing program 1 (id=2417):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_TCP_METRICS_CMD_GET(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b00)={0x14, r1, 0x89c1beb01534ff9b, 0x70bd29, 0x25dfdbfb}, 0x14}}, 0x0)

3.018200754s ago: executing program 0 (id=2418):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)
mknod$auto(0x0, 0x1081, 0x3)
creat$auto(0x0, 0x4)
open(0x0, 0x22242, 0x155)

2.880808965s ago: executing program 1 (id=2420):
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/020/001\x00', 0x102, 0x0)
mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
read$auto(0x3, 0x0, 0x1f40)
r0 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x3b70, 0x0)

2.695377015s ago: executing program 1 (id=2430):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
io_pgetevents$auto(0x7fff, 0xd47, 0x3, 0x0, 0x0, 0x0)

2.626736252s ago: executing program 0 (id=2424):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
pipe$auto(0x0)
futex$auto(0x0, 0xb, 0x5, &(0x7f00000000c0)={0x1, 0x9}, &(0x7f0000000100)=0x6, 0x7ff)

2.453791117s ago: executing program 0 (id=2426):
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
uname$auto(0x0)
clone$auto(0x81000005, 0x6, 0xfffffffffffffffd, 0xffffffffffffffff, 0x80000001)
move_pages$auto(0x0, 0xd0, 0x0, &(0x7f0000001140), 0x0, 0x2)

2.030318979s ago: executing program 3 (id=2429):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1, @_tid})
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x80)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, &(0x7f0000000040)='~', 0x8000, 0x1}, 0x8}, 0x1, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x1, 0x3}, 0xed7138c}, 0xb, 0x0)

1.739005436s ago: executing program 3 (id=2431):
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
getsockname$auto(0x3, 0x0, &(0x7f0000000d40))

1.60654278s ago: executing program 3 (id=2432):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0x4018aebd, 0x38)

1.476488138s ago: executing program 0 (id=2433):
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1)
ioctl$auto(0x1, 0x541b, 0x8)
mmap$auto(0xffffffffffffffff, 0x6, 0x9, 0x9b72, 0x2, 0x7ffc)
r0 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x88600, 0x0)
ioctl$auto_UBI_IOCATT(r0, 0x40186f40, 0x0)

1.476236933s ago: executing program 2 (id=2434):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
open(&(0x7f0000000000)='./file0\x00', 0x221c2, 0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x40049409, 0x0)

1.312392552s ago: executing program 3 (id=2435):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
pipe$auto(0x0)
futex$auto(0x0, 0xb, 0x5, &(0x7f00000000c0)={0x1, 0x9}, &(0x7f0000000100)=0x6, 0x7ff)

1.286662815s ago: executing program 2 (id=2436):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000005c0), 0x2000, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_STOP(r0, 0x54a1, 0x0)

1.229885285s ago: executing program 1 (id=2437):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x3a)
socket(0x2b, 0x1, 0x1)
getsockopt$auto(0x6, 0x11e, 0x50, 0xfffffffffffffffe, 0x0)

1.077870656s ago: executing program 3 (id=2438):
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x3, 0x6)
memfd_create$auto(0x0, 0x7)
read$auto(0x4000000003, 0x0, 0x0)

1.03816804s ago: executing program 2 (id=2439):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/dummy0/carrier\x00', 0x8182, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
write$auto(0x3, 0x0, 0x100082)

822.624972ms ago: executing program 1 (id=2440):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0x4008ae48, 0x38)

821.54604ms ago: executing program 2 (id=2441):
io_uring_setup$auto(0x8000, &(0x7f0000000180)={0x6, 0x8000, 0x8, 0x7fff, 0x20000002, 0xfffe, 0xffffffffffffffff, [0xfffffffc], {0x6, 0x9, 0x10001, 0x6, 0x9, 0x2d9, 0xfffffff9, 0x7ff, 0x18}, {0x5, 0x60b, 0x1000, 0x2, 0x200, 0x1, 0xff, 0x6, 0xe0000000000000}})
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="000126bd7000fbdbdf2502000000080001"], 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x20044000)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x4070bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040804)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

206.907959ms ago: executing program 3 (id=2442):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
mkdir$auto(0x0, 0x40)
socket$nl_generic(0x10, 0x3, 0x10)
inotify_init1$auto(0x3000000000000)
inotify_add_watch$auto(0x4, 0x0, 0x100400a)

206.233529ms ago: executing program 0 (id=2450):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r0 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
write$auto(r0, 0x0, 0xe)

205.622603ms ago: executing program 2 (id=2451):
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, 0x0, 0x55)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000140)={0x4, 0x7, 0x8})
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xe0240, 0x0)

39.579254ms ago: executing program 1 (id=2443):
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
io_uring_setup$auto(0x1, 0x0)
r0 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r0, 0x107, 0x1, 0x0, 0x8004)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)

0s ago: executing program 2 (id=2444):
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x13, 0x940, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x400000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, 0x1fe, 0x81)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

kernel console output (not intermixed with test programs):

iscuous mode
[   87.918719][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   87.926656][ T5841] Cannot create hsr debugfs directory
[   88.005900][ T5836] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   88.019058][ T5836] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   88.048610][ T5836] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   88.082628][ T5836] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   88.176012][ T5844] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   88.189061][ T5844] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   88.232142][ T5844] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   88.246850][ T5844] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   88.320665][ T5848] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   88.340992][ T5848] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   88.354538][ T5848] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   88.377944][ T5848] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   88.426499][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.489176][ T5841] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   88.513709][ T5841] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   88.527794][ T5841] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   88.556757][ T5841] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   88.578567][ T5836] 8021q: adding VLAN 0 to HW filter on device team0
[   88.619147][   T54] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.626479][   T54] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.661470][   T54] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.668668][   T54] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.687987][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.772608][ T5844] 8021q: adding VLAN 0 to HW filter on device team0
[   88.803607][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.816618][ T1095] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.823948][ T1095] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.856666][ T1095] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.863917][ T1095] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.914460][ T5848] 8021q: adding VLAN 0 to HW filter on device team0
[   88.975457][   T64] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.983218][   T64] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.003744][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.010963][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.032480][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.102128][ T5841] 8021q: adding VLAN 0 to HW filter on device team0
[   89.156596][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.163790][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.186346][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.204045][ T3028] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.211268][ T3028] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.393634][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.460164][ T5836] veth0_vlan: entered promiscuous mode
[   89.532250][ T5836] veth1_vlan: entered promiscuous mode
[   89.602396][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.626046][ T5844] veth0_vlan: entered promiscuous mode
[   89.654307][ T5844] veth1_vlan: entered promiscuous mode
[   89.664979][ T5836] veth0_macvtap: entered promiscuous mode
[   89.692272][ T5836] veth1_macvtap: entered promiscuous mode
[   89.735238][ T5848] veth0_vlan: entered promiscuous mode
[   89.759618][ T5848] veth1_vlan: entered promiscuous mode
[   89.771942][ T5844] veth0_macvtap: entered promiscuous mode
[   89.782496][ T5844] veth1_macvtap: entered promiscuous mode
[   89.797812][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.816175][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.835465][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.846260][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.862912][   T56] Bluetooth: hci0: command tx timeout
[   89.863029][ T5843] Bluetooth: hci2: command tx timeout
[   89.874810][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.895436][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.917670][ T5836] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.926792][ T5836] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.936341][ T5836] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.946033][ T5843] Bluetooth: hci3: command tx timeout
[   89.951580][ T5843] Bluetooth: hci1: command tx timeout
[   89.952748][ T5836] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.972290][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.983280][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.998198][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.025688][ T5844] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.035754][ T5844] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.045280][ T5844] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.054788][ T5844] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.081637][ T5848] veth0_macvtap: entered promiscuous mode
[   90.100114][ T5848] veth1_macvtap: entered promiscuous mode
[   90.199753][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.216791][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.227718][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.238272][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.250396][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.282130][   T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.288794][ T5841] veth0_vlan: entered promiscuous mode
[   90.298260][   T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.318293][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.333624][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.350937][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.361878][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.372739][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.399807][ T5848] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.413698][ T5848] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.423652][ T5848] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.432896][ T5848] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.456541][ T5841] veth1_vlan: entered promiscuous mode
[   90.482435][ T3028] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.493026][ T3028] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.507839][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.524286][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.594653][ T5841] veth0_macvtap: entered promiscuous mode
[   90.622548][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.629508][ T5841] veth1_macvtap: entered promiscuous mode
[   90.659029][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.743817][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.749305][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.782513][ T5836] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   90.787007][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.799036][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.816294][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.831605][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.845369][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.856146][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.869270][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.879641][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.892170][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.902595][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.913394][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.923335][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.933933][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.946024][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.968889][ T5841] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.983732][ T5841] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.992968][ T5841] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.001761][ T5841] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.071331][   T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.105078][   T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.300157][ T1095] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.319927][ T1095] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.553864][   T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.602082][   T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.757592][ T5913] Zero length message leads to an empty skb
[   91.944163][ T5843] Bluetooth: hci0: command tx timeout
[   91.950391][   T56] Bluetooth: hci2: command tx timeout
[   92.019390][ T5843] Bluetooth: hci1: command tx timeout
[   92.024879][ T5843] Bluetooth: hci3: command tx timeout
[   92.106248][ T5920] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   92.385177][ T5929] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10'.
[   93.300824][ T5950] netlink: 342 bytes leftover after parsing attributes in process `syz.1.16'.
[   94.018877][ T5843] Bluetooth: hci0: command tx timeout
[   94.024359][ T5843] Bluetooth: hci2: command tx timeout
[   94.097150][ T5843] Bluetooth: hci3: command tx timeout
[   94.097199][ T5843] Bluetooth: hci1: command tx timeout
[   94.455194][ T5975] sd 0:0:1:0: PR command failed: 1026
[   94.460769][ T5975] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[   94.468611][ T5975] sd 0:0:1:0: Add. Sense: Invalid command operation code
[   95.935445][ T6010] process 'syz.3.44' launched '/dev/fd/4' with NULL argv: empty string added
[   97.393881][  T977] cfg80211: failed to load regulatory.db
[   98.878463][ T6089] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   99.229909][ T6094] perf: Dynamic interrupt throttling disabled, can hang your system!

syzkaller
syzkaller login: [  104.357162][ T6214] netlink: 'syz.3.124': attribute type 1 has an invalid length.
[  104.365131][ T6214] netlink: 'syz.3.124': attribute type 3 has an invalid length.
[  105.292469][ T6232] capability: warning: `syz.3.128' uses 32-bit capabilities (legacy support in use)
[  106.080093][ T6257] syz.1.133 uses obsolete (PF_INET,SOCK_PACKET)
[  106.767585][ T6276] kafs: addr_prefs: Too many elements in string
[  107.501602][ T6293] netlink: 18 bytes leftover after parsing attributes in process `syz.3.145'.
[  107.760605][ T6296] MTRR 1 not used
[  112.630973][ T6407] hub 2-0:1.0: USB hub found
[  112.648994][ T6407] hub 2-0:1.0: 1 port detected
[  113.346584][ T6425] MTRR 1 not used
[  113.445422][ T6428] netlink: 350 bytes leftover after parsing attributes in process `syz.3.202'.
[  115.176515][ T6434] kexec: Could not allocate control_code_buffer
[  115.381101][ T6468] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  115.723452][ T6475] PM: Enabling pm_trace changes system date and time during resume.
[  115.723452][ T6475] PM: Correct system time has to be restored manually after resume.
[  116.692356][ T6498] syz.1.231 (6498): /proc/6497/oom_adj is deprecated, please use /proc/6497/oom_score_adj instead.
[  117.055400][ T6506] netlink: 280 bytes leftover after parsing attributes in process `syz.3.234'.
[  118.646468][   T56] Bluetooth: hci0: unexpected event 0x06 length: 11 > 3
[  119.904212][ T6581] dyndbg: bad flag-op 1, at start of 15
[  119.947042][ T6581] dyndbg: flags parse failed
[  119.955326][ T6583] netlink: 12 bytes leftover after parsing attributes in process `syz.0.267'.
[  119.966073][ T6583] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  121.827797][ T6641] qrtr: Invalid version 0
[  123.508788][ T6679] netlink: 28 bytes leftover after parsing attributes in process `syz.0.302'.
[  126.339138][ T6747] netlink: 4 bytes leftover after parsing attributes in process `syz.2.333'.
[  129.222688][ T6791] syz.0.348 (6791) used greatest stack depth: 20528 bytes left
[  132.262383][ T6836] kexec: Could not allocate control_code_buffer
[  132.661213][ T6867] netlink: 342 bytes leftover after parsing attributes in process `syz.0.385'.
[  133.408540][ T6887] netlink: 346 bytes leftover after parsing attributes in process `syz.1.392'.
[  134.241237][   T30] audit: type=1804 audit(1742446581.196:2): pid=6909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.403" name="/newroot/123/file0" dev="tmpfs" ino=645 res=1 errno=0
[  134.303986][   T30] audit: type=1800 audit(1742446581.196:3): pid=6909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.403" name="file0" dev="tmpfs" ino=645 res=0 errno=0
[  134.377376][   T30] audit: type=1804 audit(1742446581.226:4): pid=6909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.403" name="/newroot/123/file0" dev="tmpfs" ino=645 res=1 errno=0
[  134.417123][   T30] audit: type=1800 audit(1742446581.226:5): pid=6909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.403" name="file0" dev="tmpfs" ino=645 res=0 errno=0
[  135.317714][ T6944] netlink: 58 bytes leftover after parsing attributes in process `syz.2.416'.
[  135.824723][ T6957] tipc: Trying to set illegal importance in message
[  136.537910][ T6979] netlink: 'syz.1.432': attribute type 1 has an invalid length.
[  137.237422][ T7004] nbd: socks must be embedded in a SOCK_ITEM attr
[  137.251689][ T7004] block nbd0: shutting down sockets
[  137.641022][ T7020] netlink: 338 bytes leftover after parsing attributes in process `syz.3.452'.
[  138.357023][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  138.363933][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  139.256449][ T7075] Console: switching to colour VGA+ 80x25
[  139.569396][ T7083] netlink: 28 bytes leftover after parsing attributes in process `syz.2.476'.
[  140.661444][ T7117] Device name cannot be null; rc = [-22]
[  142.101720][ T7163] ptrace attach of "./syz-executor exec"[5848] was attempted by ""[7163]
[  142.657183][ T7179] netlink: 342 bytes leftover after parsing attributes in process `syz.3.517'.
[  144.557451][ T7217] netlink: 280 bytes leftover after parsing attributes in process `syz.2.532'.
[  146.386456][ T7248] sd 0:0:1:0: PR command failed: 1026
[  146.392138][ T7248] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  146.423437][ T7248] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  147.364591][ T7262] kafs: addr_prefs: Too many elements in string
[  154.670332][ T7407] netlink: 342 bytes leftover after parsing attributes in process `syz.0.615'.
[  158.072738][ T7472] perf: Dynamic interrupt throttling disabled, can hang your system!
[  158.448438][ T7480] sd 0:0:1:0: PR command failed: 1026
[  158.453964][ T7480] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  158.487106][ T7480] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  160.468575][ T7503] netlink: 18 bytes leftover after parsing attributes in process `syz.1.642'.
[  163.111018][ T7559] sd 0:0:1:0: device reset
[  163.507769][ T7565] hub 2-0:1.0: USB hub found
[  163.530337][ T7565] hub 2-0:1.0: 1 port detected
[  163.878738][ T7575] netlink: 342 bytes leftover after parsing attributes in process `syz.2.675'.
[  164.083329][ T7579] netlink: 4 bytes leftover after parsing attributes in process `syz.0.676'.
[  164.096477][ T7579] netlink: 4 bytes leftover after parsing attributes in process `syz.0.676'.
[  164.106227][ T7578] netlink: 20 bytes leftover after parsing attributes in process `syz.2.677'.
[  164.484869][ T7585] netlink: 4 bytes leftover after parsing attributes in process `syz.0.681'.
[  164.988983][ T7599] hub 2-0:1.0: USB hub found
[  164.993925][ T7599] hub 2-0:1.0: 1 port detected
[  165.379895][ T7610] openvswitch: netlink: IP tunnel dst address not specified
[  165.418867][ T7610] openvswitch: netlink: IP tunnel dst address not specified
[  165.670581][ T7619] FAULT_INJECTION: forcing a failure.
[  165.670581][ T7619] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  165.744180][ T7619] CPU: 0 UID: 0 PID: 7619 Comm: syz.1.691 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  165.744227][ T7619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  165.744250][ T7619] Call Trace:
[  165.744260][ T7619]  <TASK>
[  165.744272][ T7619]  dump_stack_lvl+0x16c/0x1f0
[  165.744333][ T7619]  should_fail_ex+0x50a/0x650
[  165.744363][ T7619]  ? __pfx___might_resched+0x10/0x10
[  165.744420][ T7619]  should_fail_alloc_page+0xe7/0x130
[  165.744455][ T7619]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  165.744503][ T7619]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  165.744558][ T7619]  ? is_bpf_text_address+0x94/0x1a0
[  165.744602][ T7619]  ? kernel_text_address+0x8d/0x100
[  165.744648][ T7619]  ? __kernel_text_address+0xd/0x40
[  165.744691][ T7619]  ? unwind_get_return_address+0x59/0xa0
[  165.744750][ T7619]  ? arch_stack_walk+0xa7/0x100
[  165.744784][ T7619]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  165.744853][ T7619]  ? stack_depot_save_flags+0x28/0x9c0
[  165.744892][ T7619]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  165.744945][ T7619]  ? policy_nodemask+0xea/0x4e0
[  165.744978][ T7619]  alloc_pages_mpol+0x1fc/0x540
[  165.745008][ T7619]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  165.745049][ T7619]  alloc_pages_noprof+0x131/0x390
[  165.745082][ T7619]  kimage_alloc_pages+0x75/0x300
[  165.745136][ T7619]  kimage_alloc_control_pages+0x148/0x8e0
[  165.745205][ T7619]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  165.745267][ T7619]  do_kexec_load+0x47e/0x8c0
[  165.745300][ T7619]  ? __pfx_do_kexec_load+0x10/0x10
[  165.745336][ T7619]  ? _copy_from_user+0x59/0xd0
[  165.745376][ T7619]  __x64_sys_kexec_load+0x1bf/0x230
[  165.745412][ T7619]  do_syscall_64+0xcd/0x250
[  165.745464][ T7619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.745510][ T7619] RIP: 0033:0x7f272998d169
[  165.745542][ T7619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.745578][ T7619] RSP: 002b:00007f272a8a4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  165.745609][ T7619] RAX: ffffffffffffffda RBX: 00007f2729ba5fa0 RCX: 00007f272998d169
[  165.745631][ T7619] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000005
[  165.745650][ T7619] RBP: 00007f2729a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  165.745669][ T7619] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  165.745688][ T7619] R13: 0000000000000000 R14: 00007f2729ba5fa0 R15: 00007ffd79f0e358
[  165.745737][ T7619]  </TASK>
[  166.001466][ T7619] kexec: Could not allocate control_code_buffer
[  166.277918][ T7628] hub 2-0:1.0: USB hub found
[  166.318327][ T7628] hub 2-0:1.0: 1 port detected
[  166.818972][ T7649] FAULT_INJECTION: forcing a failure.
[  166.818972][ T7649] name failslab, interval 1, probability 0, space 0, times 1
[  166.854082][ T7651] netlink: 60 bytes leftover after parsing attributes in process `syz.2.702'.
[  166.867232][ T7649] CPU: 0 UID: 0 PID: 7649 Comm: syz.0.701 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  166.867276][ T7649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  166.867294][ T7649] Call Trace:
[  166.867303][ T7649]  <TASK>
[  166.867316][ T7649]  dump_stack_lvl+0x16c/0x1f0
[  166.867372][ T7649]  should_fail_ex+0x50a/0x650
[  166.867403][ T7649]  ? fs_reclaim_acquire+0xae/0x150
[  166.867448][ T7649]  ? snd_rawmidi_open+0x3b7/0xbd0
[  166.867494][ T7649]  should_failslab+0xc2/0x120
[  166.867527][ T7649]  __kmalloc_cache_noprof+0x68/0x410
[  166.867573][ T7649]  ? _raw_spin_unlock+0x28/0x50
[  166.867613][ T7649]  ? snd_card_file_add+0x25f/0x320
[  166.867656][ T7649]  snd_rawmidi_open+0x3b7/0xbd0
[  166.867703][ T7649]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  166.867755][ T7649]  ? lock_acquire.part.0+0x11b/0x380
[  166.867804][ T7649]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  166.867869][ T7649]  ? do_raw_spin_lock+0x12d/0x2c0
[  166.867905][ T7649]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  166.867974][ T7649]  snd_open+0x1fe/0x450
[  166.868009][ T7649]  ? __pfx_snd_open+0x10/0x10
[  166.868045][ T7649]  chrdev_open+0x237/0x6a0
[  166.868098][ T7649]  ? __pfx_chrdev_open+0x10/0x10
[  166.868152][ T7649]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  166.868202][ T7649]  do_dentry_open+0x735/0x1c40
[  166.868250][ T7649]  ? __pfx_chrdev_open+0x10/0x10
[  166.868308][ T7649]  ? inode_permission+0xdd/0x5f0
[  166.868348][ T7649]  vfs_open+0x82/0x3f0
[  166.868380][ T7649]  ? may_open+0x1f2/0x400
[  166.868421][ T7649]  path_openat+0x1e88/0x2d80
[  166.868484][ T7649]  ? __pfx_path_openat+0x10/0x10
[  166.868532][ T7649]  ? __pfx___lock_acquire+0x10/0x10
[  166.868576][ T7649]  ? lock_acquire.part.0+0x11b/0x380
[  166.868623][ T7649]  ? find_held_lock+0x2d/0x110
[  166.868661][ T7649]  do_filp_open+0x20c/0x470
[  166.868711][ T7649]  ? __pfx_do_filp_open+0x10/0x10
[  166.868757][ T7649]  ? find_held_lock+0x2d/0x110
[  166.868821][ T7649]  ? alloc_fd+0x41f/0x760
[  166.868879][ T7649]  do_sys_openat2+0x17a/0x1e0
[  166.868920][ T7649]  ? __pfx_do_sys_openat2+0x10/0x10
[  166.868971][ T7649]  __x64_sys_openat+0x175/0x210
[  166.869008][ T7649]  ? __pfx___x64_sys_openat+0x10/0x10
[  166.869061][ T7649]  do_syscall_64+0xcd/0x250
[  166.869113][ T7649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.869161][ T7649] RIP: 0033:0x7f9368f8d169
[  166.869187][ T7649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  166.869218][ T7649] RSP: 002b:00007f9369ea8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  166.869247][ T7649] RAX: ffffffffffffffda RBX: 00007f93691a5fa0 RCX: 00007f9368f8d169
[  166.869267][ T7649] RDX: 0000000000002841 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  166.869287][ T7649] RBP: 00007f936900e2a0 R08: 0000000000000000 R09: 0000000000000000
[  166.869305][ T7649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  166.869323][ T7649] R13: 0000000000000000 R14: 00007f93691a5fa0 R15: 00007ffc8caa8fa8
[  166.869363][ T7649]  </TASK>
[  166.883172][ T7651] netlink: 8 bytes leftover after parsing attributes in process `syz.2.702'.
[  167.655293][ T7668] hub 2-0:1.0: USB hub found
[  167.720800][ T7668] hub 2-0:1.0: 1 port detected
[  168.053135][ T7685] WARNING! power/level is deprecated; use power/control instead
[  168.238569][ T7691] hub 2-0:1.0: USB hub found
[  168.267575][ T7691] hub 2-0:1.0: 1 port detected
[  168.593110][ T7700] FAULT_INJECTION: forcing a failure.
[  168.593110][ T7700] name failslab, interval 1, probability 0, space 0, times 0
[  168.593176][ T7700] CPU: 0 UID: 0 PID: 7700 Comm: syz.2.716 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  168.593213][ T7700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  168.593231][ T7700] Call Trace:
[  168.593241][ T7700]  <TASK>
[  168.593254][ T7700]  dump_stack_lvl+0x16c/0x1f0
[  168.593308][ T7700]  should_fail_ex+0x50a/0x650
[  168.593339][ T7700]  ? fs_reclaim_acquire+0xae/0x150
[  168.593384][ T7700]  ? snd_rawmidi_open+0x3b7/0xbd0
[  168.593429][ T7700]  should_failslab+0xc2/0x120
[  168.593462][ T7700]  __kmalloc_cache_noprof+0x68/0x410
[  168.593506][ T7700]  ? _raw_spin_unlock+0x28/0x50
[  168.593546][ T7700]  ? snd_card_file_add+0x25f/0x320
[  168.593590][ T7700]  snd_rawmidi_open+0x3b7/0xbd0
[  168.593636][ T7700]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  168.593687][ T7700]  ? lock_acquire.part.0+0x11b/0x380
[  168.593735][ T7700]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  168.593796][ T7700]  ? kobject_get_unless_zero+0x157/0x1e0
[  168.593855][ T7700]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  168.593915][ T7700]  snd_open+0x1fe/0x450
[  168.593951][ T7700]  ? __pfx_snd_open+0x10/0x10
[  168.593987][ T7700]  chrdev_open+0x237/0x6a0
[  168.594037][ T7700]  ? __pfx_apparmor_file_open+0x10/0x10
[  168.594081][ T7700]  ? __pfx_chrdev_open+0x10/0x10
[  168.594136][ T7700]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  168.594189][ T7700]  do_dentry_open+0x735/0x1c40
[  168.594237][ T7700]  ? __pfx_chrdev_open+0x10/0x10
[  168.594289][ T7700]  ? inode_permission+0xdd/0x5f0
[  168.594330][ T7700]  vfs_open+0x82/0x3f0
[  168.594360][ T7700]  ? may_open+0x1f2/0x400
[  168.594401][ T7700]  path_openat+0x1e88/0x2d80
[  168.594466][ T7700]  ? __pfx_path_openat+0x10/0x10
[  168.594516][ T7700]  ? __pfx___lock_acquire+0x10/0x10
[  168.594562][ T7700]  ? lock_acquire.part.0+0x11b/0x380
[  168.594608][ T7700]  ? find_held_lock+0x2d/0x110
[  168.594648][ T7700]  do_filp_open+0x20c/0x470
[  168.594698][ T7700]  ? __pfx_do_filp_open+0x10/0x10
[  168.594746][ T7700]  ? find_held_lock+0x2d/0x110
[  168.594808][ T7700]  ? alloc_fd+0x41f/0x760
[  168.594867][ T7700]  do_sys_openat2+0x17a/0x1e0
[  168.594910][ T7700]  ? __pfx_do_sys_openat2+0x10/0x10
[  168.594962][ T7700]  __x64_sys_openat+0x175/0x210
[  168.595000][ T7700]  ? __pfx___x64_sys_openat+0x10/0x10
[  168.595054][ T7700]  do_syscall_64+0xcd/0x250
[  168.595107][ T7700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.595153][ T7700] RIP: 0033:0x7fd88c78d169
[  168.595180][ T7700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.595211][ T7700] RSP: 002b:00007fd88d573038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  168.595241][ T7700] RAX: ffffffffffffffda RBX: 00007fd88c9a5fa0 RCX: 00007fd88c78d169
[  168.595262][ T7700] RDX: 0000000000002841 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  168.595283][ T7700] RBP: 00007fd88c80e2a0 R08: 0000000000000000 R09: 0000000000000000
[  168.595302][ T7700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  168.595319][ T7700] R13: 0000000000000000 R14: 00007fd88c9a5fa0 R15: 00007ffe9a680ef8
[  168.595359][ T7700]  </TASK>
[  168.786060][ T7704] hub 2-0:1.0: USB hub found
[  168.786348][ T7704] hub 2-0:1.0: 1 port detected
[  169.868176][ T7725] FAULT_INJECTION: forcing a failure.
[  169.868176][ T7725] name failslab, interval 1, probability 0, space 0, times 0
[  169.927120][ T7725] CPU: 1 UID: 0 PID: 7725 Comm: syz.3.728 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  169.927166][ T7725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  169.927186][ T7725] Call Trace:
[  169.927196][ T7725]  <TASK>
[  169.927209][ T7725]  dump_stack_lvl+0x16c/0x1f0
[  169.927266][ T7725]  should_fail_ex+0x50a/0x650
[  169.927297][ T7725]  ? fs_reclaim_acquire+0xae/0x150
[  169.927342][ T7725]  ? snd_rawmidi_open+0x3b7/0xbd0
[  169.927388][ T7725]  should_failslab+0xc2/0x120
[  169.927420][ T7725]  __kmalloc_cache_noprof+0x68/0x410
[  169.927465][ T7725]  ? _raw_spin_unlock+0x28/0x50
[  169.927505][ T7725]  ? snd_card_file_add+0x25f/0x320
[  169.927549][ T7725]  snd_rawmidi_open+0x3b7/0xbd0
[  169.927595][ T7725]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  169.927647][ T7725]  ? lock_acquire.part.0+0x11b/0x380
[  169.927696][ T7725]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  169.927761][ T7725]  ? kobject_get_unless_zero+0x157/0x1e0
[  169.927818][ T7725]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  169.927865][ T7725]  snd_open+0x1fe/0x450
[  169.927901][ T7725]  ? __pfx_snd_open+0x10/0x10
[  169.927936][ T7725]  chrdev_open+0x237/0x6a0
[  169.927987][ T7725]  ? __pfx_apparmor_file_open+0x10/0x10
[  169.928031][ T7725]  ? __pfx_chrdev_open+0x10/0x10
[  169.928087][ T7725]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  169.928138][ T7725]  do_dentry_open+0x735/0x1c40
[  169.928185][ T7725]  ? __pfx_chrdev_open+0x10/0x10
[  169.928235][ T7725]  ? inode_permission+0xdd/0x5f0
[  169.928273][ T7725]  vfs_open+0x82/0x3f0
[  169.928314][ T7725]  ? may_open+0x1f2/0x400
[  169.928354][ T7725]  path_openat+0x1e88/0x2d80
[  169.928418][ T7725]  ? __pfx_path_openat+0x10/0x10
[  169.928465][ T7725]  ? __pfx___lock_acquire+0x10/0x10
[  169.928507][ T7725]  ? lock_acquire.part.0+0x11b/0x380
[  169.928552][ T7725]  ? find_held_lock+0x2d/0x110
[  169.928592][ T7725]  do_filp_open+0x20c/0x470
[  169.928641][ T7725]  ? __pfx_do_filp_open+0x10/0x10
[  169.928687][ T7725]  ? find_held_lock+0x2d/0x110
[  169.928756][ T7725]  ? alloc_fd+0x41f/0x760
[  169.928815][ T7725]  do_sys_openat2+0x17a/0x1e0
[  169.928850][ T7725]  ? __pfx_do_sys_openat2+0x10/0x10
[  169.928899][ T7725]  __x64_sys_openat+0x175/0x210
[  169.928936][ T7725]  ? __pfx___x64_sys_openat+0x10/0x10
[  169.928988][ T7725]  do_syscall_64+0xcd/0x250
[  169.929041][ T7725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.929088][ T7725] RIP: 0033:0x7f962d18d169
[  169.929114][ T7725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.929143][ T7725] RSP: 002b:00007f962df88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  169.929174][ T7725] RAX: ffffffffffffffda RBX: 00007f962d3a5fa0 RCX: 00007f962d18d169
[  169.929194][ T7725] RDX: 0000000000002841 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  169.929213][ T7725] RBP: 00007f962d20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  169.929231][ T7725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  169.929248][ T7725] R13: 0000000000000000 R14: 00007f962d3a5fa0 R15: 00007ffee4610528
[  169.929286][ T7725]  </TASK>
[  170.722146][ T7736] hub 2-0:1.0: USB hub found
[  170.764816][ T7736] hub 2-0:1.0: 1 port detected
[  171.398475][ T7742] FAULT_INJECTION: forcing a failure.
[  171.398475][ T7742] name failslab, interval 1, probability 0, space 0, times 0
[  171.439958][ T7742] CPU: 0 UID: 0 PID: 7742 Comm: syz.0.733 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  171.440004][ T7742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  171.440022][ T7742] Call Trace:
[  171.440032][ T7742]  <TASK>
[  171.440045][ T7742]  dump_stack_lvl+0x16c/0x1f0
[  171.440097][ T7742]  should_fail_ex+0x50a/0x650
[  171.440127][ T7742]  ? fs_reclaim_acquire+0xae/0x150
[  171.440170][ T7742]  ? ops_init+0x77/0x5f0
[  171.440198][ T7742]  should_failslab+0xc2/0x120
[  171.440250][ T7742]  __kmalloc_noprof+0xcb/0x510
[  171.440302][ T7742]  ? __raw_spin_lock_init+0x3a/0x110
[  171.440342][ T7742]  ops_init+0x77/0x5f0
[  171.440380][ T7742]  setup_net+0x21f/0x860
[  171.440415][ T7742]  ? __pfx_setup_net+0x10/0x10
[  171.440447][ T7742]  ? down_read_killable+0xcc/0x380
[  171.440500][ T7742]  ? __pfx_down_read_killable+0x10/0x10
[  171.440552][ T7742]  ? __raw_spin_lock_init+0x3a/0x110
[  171.440586][ T7742]  ? debug_mutex_init+0x37/0x70
[  171.440624][ T7742]  copy_net_ns+0x2a6/0x5f0
[  171.440688][ T7742]  create_new_namespaces+0x3ea/0xad0
[  171.440753][ T7742]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  171.440810][ T7742]  ksys_unshare+0x45d/0xa40
[  171.440845][ T7742]  ? __pfx_ksys_unshare+0x10/0x10
[  171.440877][ T7742]  ? xfd_validate_state+0x5d/0x180
[  171.440937][ T7742]  __x64_sys_unshare+0x31/0x40
[  171.440970][ T7742]  do_syscall_64+0xcd/0x250
[  171.441023][ T7742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.441070][ T7742] RIP: 0033:0x7f9368f8d169
[  171.441095][ T7742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.441126][ T7742] RSP: 002b:00007f9369ea8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  171.441158][ T7742] RAX: ffffffffffffffda RBX: 00007f93691a5fa0 RCX: 00007f9368f8d169
[  171.441179][ T7742] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  171.441197][ T7742] RBP: 00007f936900e2a0 R08: 0000000000000000 R09: 0000000000000000
[  171.441215][ T7742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  171.441232][ T7742] R13: 0000000000000000 R14: 00007f93691a5fa0 R15: 00007ffc8caa8fa8
[  171.441271][ T7742]  </TASK>
[  173.016794][ T7768] openvswitch: netlink: IP tunnel dst address not specified
[  173.033461][ T7768] openvswitch: netlink: IP tunnel dst address not specified
[  173.151727][ T7772] FAULT_INJECTION: forcing a failure.
[  173.151727][ T7772] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  173.177102][ T7772] CPU: 1 UID: 0 PID: 7772 Comm: syz.2.744 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  173.177146][ T7772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  173.177164][ T7772] Call Trace:
[  173.177173][ T7772]  <TASK>
[  173.177185][ T7772]  dump_stack_lvl+0x16c/0x1f0
[  173.177237][ T7772]  should_fail_ex+0x50a/0x650
[  173.177267][ T7772]  ? __pfx___might_resched+0x10/0x10
[  173.177335][ T7772]  should_fail_alloc_page+0xe7/0x130
[  173.177370][ T7772]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  173.177419][ T7772]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  173.177475][ T7772]  ? is_bpf_text_address+0x94/0x1a0
[  173.177520][ T7772]  ? kernel_text_address+0x8d/0x100
[  173.177566][ T7772]  ? __kernel_text_address+0xd/0x40
[  173.177611][ T7772]  ? unwind_get_return_address+0x59/0xa0
[  173.177662][ T7772]  ? arch_stack_walk+0xa7/0x100
[  173.177696][ T7772]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  173.177762][ T7772]  ? stack_depot_save_flags+0x28/0x9c0
[  173.177802][ T7772]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  173.177855][ T7772]  ? policy_nodemask+0xea/0x4e0
[  173.177889][ T7772]  alloc_pages_mpol+0x1fc/0x540
[  173.177921][ T7772]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  173.177964][ T7772]  alloc_pages_noprof+0x131/0x390
[  173.177997][ T7772]  kimage_alloc_pages+0x75/0x300
[  173.178052][ T7772]  kimage_alloc_control_pages+0x148/0x8e0
[  173.178115][ T7772]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  173.178181][ T7772]  do_kexec_load+0x47e/0x8c0
[  173.178215][ T7772]  ? __pfx_do_kexec_load+0x10/0x10
[  173.178252][ T7772]  ? _copy_from_user+0x59/0xd0
[  173.178299][ T7772]  __x64_sys_kexec_load+0x1bf/0x230
[  173.178337][ T7772]  do_syscall_64+0xcd/0x250
[  173.178390][ T7772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.178438][ T7772] RIP: 0033:0x7fd88c78d169
[  173.178464][ T7772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.178494][ T7772] RSP: 002b:00007fd88d573038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  173.178525][ T7772] RAX: ffffffffffffffda RBX: 00007fd88c9a5fa0 RCX: 00007fd88c78d169
[  173.178545][ T7772] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000005
[  173.178563][ T7772] RBP: 00007fd88c80e2a0 R08: 0000000000000000 R09: 0000000000000000
[  173.178581][ T7772] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  173.178599][ T7772] R13: 0000000000000000 R14: 00007fd88c9a5fa0 R15: 00007ffe9a680ef8
[  173.178636][ T7772]  </TASK>
[  173.184558][ T7772] kexec: Could not allocate control_code_buffer
[  173.838051][ T7787] netlink: 342 bytes leftover after parsing attributes in process `syz.0.753'.
[  173.868490][ T7787] netlink: 342 bytes leftover after parsing attributes in process `syz.0.753'.
[  174.104842][ T7793] delete_channel: no stack
[  175.645668][ T7816] netlink: 24 bytes leftover after parsing attributes in process `syz.1.764'.
[  175.687353][ T7816] netlink: 23 bytes leftover after parsing attributes in process `syz.1.764'.
[  175.741023][ T7818] hub 2-0:1.0: USB hub found
[  175.751838][ T7818] hub 2-0:1.0: 1 port detected
[  176.289508][ T7832] FAULT_INJECTION: forcing a failure.
[  176.289508][ T7832] name failslab, interval 1, probability 0, space 0, times 0
[  176.347118][ T7832] CPU: 1 UID: 0 PID: 7832 Comm: syz.1.770 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  176.347164][ T7832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  176.347183][ T7832] Call Trace:
[  176.347192][ T7832]  <TASK>
[  176.347204][ T7832]  dump_stack_lvl+0x16c/0x1f0
[  176.347258][ T7832]  should_fail_ex+0x50a/0x650
[  176.347289][ T7832]  ? fs_reclaim_acquire+0xae/0x150
[  176.347334][ T7832]  should_failslab+0xc2/0x120
[  176.347366][ T7832]  __kmalloc_node_track_caller_noprof+0xcf/0x510
[  176.347427][ T7832]  ? kfree+0x260/0x4d0
[  176.347467][ T7832]  ? snd_pcm_hw_rule_add+0x41c/0x5b0
[  176.347511][ T7832]  krealloc_noprof+0x157/0x380
[  176.347560][ T7832]  ? krealloc_noprof+0x1b1/0x380
[  176.347615][ T7832]  snd_pcm_hw_rule_add+0x41c/0x5b0
[  176.347651][ T7832]  ? __pfx_snd_pcm_hw_rule_muldivk+0x10/0x10
[  176.347690][ T7832]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[  176.347724][ T7832]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[  176.347767][ T7832]  ? debug_mutex_init+0x37/0x70
[  176.347803][ T7832]  ? snd_pcm_attach_substream+0x871/0xd20
[  176.347862][ T7832]  snd_pcm_open_substream+0x91e/0x17c0
[  176.347916][ T7832]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  176.347977][ T7832]  snd_pcm_open+0x29b/0x700
[  176.348030][ T7832]  ? __pfx_snd_pcm_open+0x10/0x10
[  176.348084][ T7832]  ? __pfx_default_wake_function+0x10/0x10
[  176.348149][ T7832]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  176.348200][ T7832]  snd_pcm_capture_open+0x89/0xe0
[  176.348250][ T7832]  snd_open+0x1fe/0x450
[  176.348288][ T7832]  ? __pfx_snd_open+0x10/0x10
[  176.348324][ T7832]  chrdev_open+0x237/0x6a0
[  176.348373][ T7832]  ? __pfx_apparmor_file_open+0x10/0x10
[  176.348423][ T7832]  ? __pfx_chrdev_open+0x10/0x10
[  176.348477][ T7832]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  176.348529][ T7832]  do_dentry_open+0x735/0x1c40
[  176.348577][ T7832]  ? __pfx_chrdev_open+0x10/0x10
[  176.348629][ T7832]  ? inode_permission+0xdd/0x5f0
[  176.348668][ T7832]  vfs_open+0x82/0x3f0
[  176.348699][ T7832]  ? may_open+0x1f2/0x400
[  176.348741][ T7832]  path_openat+0x1e88/0x2d80
[  176.348804][ T7832]  ? __pfx_path_openat+0x10/0x10
[  176.348854][ T7832]  ? __pfx___lock_acquire+0x10/0x10
[  176.348898][ T7832]  ? lock_acquire.part.0+0x11b/0x380
[  176.348945][ T7832]  ? find_held_lock+0x2d/0x110
[  176.348984][ T7832]  do_filp_open+0x20c/0x470
[  176.349034][ T7832]  ? __pfx_do_filp_open+0x10/0x10
[  176.349081][ T7832]  ? find_held_lock+0x2d/0x110
[  176.349145][ T7832]  ? alloc_fd+0x41f/0x760
[  176.349203][ T7832]  do_sys_openat2+0x17a/0x1e0
[  176.349238][ T7832]  ? __pfx_do_sys_openat2+0x10/0x10
[  176.349290][ T7832]  __x64_sys_openat+0x175/0x210
[  176.349326][ T7832]  ? __pfx___x64_sys_openat+0x10/0x10
[  176.349379][ T7832]  do_syscall_64+0xcd/0x250
[  176.349439][ T7832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.349486][ T7832] RIP: 0033:0x7f272998d169
[  176.349514][ T7832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.349545][ T7832] RSP: 002b:00007f272a8a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  176.349576][ T7832] RAX: ffffffffffffffda RBX: 00007f2729ba5fa0 RCX: 00007f272998d169
[  176.349596][ T7832] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  176.349616][ T7832] RBP: 00007f2729a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  176.349634][ T7832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  176.349651][ T7832] R13: 0000000000000000 R14: 00007f2729ba5fa0 R15: 00007ffd79f0e358
[  176.349691][ T7832]  </TASK>
[  177.347582][ T7846] hub 2-0:1.0: USB hub found
[  177.357330][ T7846] hub 2-0:1.0: 1 port detected
[  177.564111][ T7851] netlink: 342 bytes leftover after parsing attributes in process `syz.2.779'.
[  181.375058][ T7911] netlink: 342 bytes leftover after parsing attributes in process `syz.2.804'.
[  181.400944][ T7911] netlink: 342 bytes leftover after parsing attributes in process `syz.2.804'.
[  181.648218][ T7917] FAULT_INJECTION: forcing a failure.
[  181.648218][ T7917] name failslab, interval 1, probability 0, space 0, times 0
[  181.681658][ T7917] CPU: 0 UID: 0 PID: 7917 Comm: syz.2.806 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  181.681706][ T7917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  181.681733][ T7917] Call Trace:
[  181.681743][ T7917]  <TASK>
[  181.681755][ T7917]  dump_stack_lvl+0x16c/0x1f0
[  181.681822][ T7917]  should_fail_ex+0x50a/0x650
[  181.681855][ T7917]  ? fs_reclaim_acquire+0xae/0x150
[  181.681899][ T7917]  ? nat_init_net+0x56/0x270
[  181.681944][ T7917]  should_failslab+0xc2/0x120
[  181.681974][ T7917]  __kmalloc_cache_noprof+0x68/0x410
[  181.682025][ T7917]  ? __pfx_nat_init_net+0x10/0x10
[  181.682073][ T7917]  nat_init_net+0x56/0x270
[  181.682121][ T7917]  ops_init+0x1df/0x5f0
[  181.682158][ T7917]  setup_net+0x21f/0x860
[  181.682194][ T7917]  ? __pfx_setup_net+0x10/0x10
[  181.682225][ T7917]  ? down_read_killable+0xcc/0x380
[  181.682278][ T7917]  ? __pfx_down_read_killable+0x10/0x10
[  181.682330][ T7917]  ? __raw_spin_lock_init+0x3a/0x110
[  181.682362][ T7917]  ? debug_mutex_init+0x37/0x70
[  181.682402][ T7917]  copy_net_ns+0x2a6/0x5f0
[  181.682443][ T7917]  create_new_namespaces+0x3ea/0xad0
[  181.682505][ T7917]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  181.682564][ T7917]  ksys_unshare+0x45d/0xa40
[  181.682598][ T7917]  ? __pfx_ksys_unshare+0x10/0x10
[  181.682648][ T7917]  __x64_sys_unshare+0x31/0x40
[  181.682686][ T7917]  do_syscall_64+0xcd/0x250
[  181.682736][ T7917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.682788][ T7917] RIP: 0033:0x7fd88c78d169
[  181.682814][ T7917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  181.682844][ T7917] RSP: 002b:00007fd88d573038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  181.682875][ T7917] RAX: ffffffffffffffda RBX: 00007fd88c9a5fa0 RCX: 00007fd88c78d169
[  181.682896][ T7917] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  181.682915][ T7917] RBP: 00007fd88c80e2a0 R08: 0000000000000000 R09: 0000000000000000
[  181.682934][ T7917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  181.682952][ T7917] R13: 0000000000000000 R14: 00007fd88c9a5fa0 R15: 00007ffe9a680ef8
[  181.682991][ T7917]  </TASK>
[  184.741937][ T7995] netlink: 28 bytes leftover after parsing attributes in process `syz.1.836'.
[  191.186985][   T30] audit: type=1800 audit(6037413934.137:6): pid=8144 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.899" name="lu_gp_id" dev="configfs" ino=15868 res=0 errno=0
[  191.188652][ T8144] ALUA LU Group already has a valid ID, ignoring request
[  191.284129][ T8146] netlink: 334 bytes leftover after parsing attributes in process `syz.2.901'.
[  193.379840][   T56] Bluetooth: hci2: unexpected event 0x03 length: 725 > 11
[  195.175343][ T8238] FAULT_INJECTION: forcing a failure.
[  195.175343][ T8238] name failslab, interval 1, probability 0, space 0, times 0
[  195.218698][ T8235] sctp: [Deprecated]: syz.2.937 (pid 8235) Use of struct sctp_assoc_value in delayed_ack socket option.
[  195.218698][ T8235] Use struct sctp_sack_info instead
[  195.247295][ T8238] CPU: 0 UID: 0 PID: 8238 Comm: syz.3.938 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  195.247340][ T8238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  195.247359][ T8238] Call Trace:
[  195.247369][ T8238]  <TASK>
[  195.247381][ T8238]  dump_stack_lvl+0x16c/0x1f0
[  195.247436][ T8238]  should_fail_ex+0x50a/0x650
[  195.247467][ T8238]  ? fs_reclaim_acquire+0xae/0x150
[  195.247512][ T8238]  ? alloc_mnt_ns+0xd2/0x520
[  195.247552][ T8238]  should_failslab+0xc2/0x120
[  195.247583][ T8238]  __kmalloc_cache_noprof+0x68/0x410
[  195.247637][ T8238]  alloc_mnt_ns+0xd2/0x520
[  195.247681][ T8238]  copy_mnt_ns+0x115/0xa70
[  195.247708][ T8238]  ? trace_kmem_cache_alloc+0x2d/0xd0
[  195.247745][ T8238]  ? kmem_cache_alloc_noprof+0x279/0x3d0
[  195.247796][ T8238]  ? create_new_namespaces+0x30/0xad0
[  195.247852][ T8238]  create_new_namespaces+0xd3/0xad0
[  195.247903][ T8238]  ? bpf_lsm_capable+0x9/0x10
[  195.247936][ T8238]  ? security_capable+0x7e/0x260
[  195.247973][ T8238]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  195.248038][ T8238]  ksys_unshare+0x45d/0xa40
[  195.248073][ T8238]  ? __pfx_ksys_unshare+0x10/0x10
[  195.248106][ T8238]  ? xfd_validate_state+0x5d/0x180
[  195.248164][ T8238]  __x64_sys_unshare+0x31/0x40
[  195.248198][ T8238]  do_syscall_64+0xcd/0x250
[  195.248250][ T8238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.248296][ T8238] RIP: 0033:0x7f962d18d169
[  195.248321][ T8238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.248351][ T8238] RSP: 002b:00007f962df88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  195.248382][ T8238] RAX: ffffffffffffffda RBX: 00007f962d3a5fa0 RCX: 00007f962d18d169
[  195.248403][ T8238] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000
[  195.248422][ T8238] RBP: 00007f962d20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  195.248441][ T8238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  195.248459][ T8238] R13: 0000000000000000 R14: 00007f962d3a5fa0 R15: 00007ffee4610528
[  195.248497][ T8238]  </TASK>
[  198.167121][ T8274] netlink: 74 bytes leftover after parsing attributes in process `syz.1.954'.
[  199.129636][   T30] audit: type=1800 audit(6037413942.087:7): pid=8285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.957" name="lu_gp_id" dev="configfs" ino=16430 res=0 errno=0
[  199.154436][ T8285] ALUA LU Group already has a valid ID, ignoring request
[  199.263452][ T8287] netlink: 'syz.1.958': attribute type 2 has an invalid length.
[  199.308037][ T8287] netlink: 'syz.1.958': attribute type 2 has an invalid length.
[  199.422415][ T8293] netlink: 342 bytes leftover after parsing attributes in process `syz.0.970'.
[  199.779907][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  199.786274][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  199.818204][   T56] Bluetooth: hci0: unexpected event 0x03 length: 725 > 11
[  200.788510][ T8324] netlink: 4 bytes leftover after parsing attributes in process `syz.0.974'.
[  202.427415][ T8346] FAULT_INJECTION: forcing a failure.
[  202.427415][ T8346] name failslab, interval 1, probability 0, space 0, times 0
[  202.507144][ T8346] CPU: 1 UID: 0 PID: 8346 Comm: syz.1.981 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  202.507193][ T8346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  202.507214][ T8346] Call Trace:
[  202.507225][ T8346]  <TASK>
[  202.507237][ T8346]  dump_stack_lvl+0x16c/0x1f0
[  202.507291][ T8346]  should_fail_ex+0x50a/0x650
[  202.507323][ T8346]  ? fs_reclaim_acquire+0xae/0x150
[  202.507370][ T8346]  should_failslab+0xc2/0x120
[  202.507403][ T8346]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  202.507456][ T8346]  ? alloc_vfsmnt+0x23/0x6f0
[  202.507492][ T8346]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  202.507546][ T8346]  alloc_vfsmnt+0x23/0x6f0
[  202.507583][ T8346]  clone_mnt+0x6d/0xf90
[  202.507622][ T8346]  ? lock_acquire+0x2f/0xb0
[  202.507665][ T8346]  ? copy_mnt_ns+0x14d/0xa70
[  202.507701][ T8346]  copy_tree+0xeb/0x9c0
[  202.507747][ T8346]  ? __pfx_down_write+0x10/0x10
[  202.507805][ T8346]  ? alloc_mnt_ns+0x325/0x520
[  202.507848][ T8346]  copy_mnt_ns+0x1b5/0xa70
[  202.507884][ T8346]  ? kmem_cache_alloc_noprof+0x279/0x3d0
[  202.507938][ T8346]  ? create_new_namespaces+0x30/0xad0
[  202.508000][ T8346]  create_new_namespaces+0xd3/0xad0
[  202.508054][ T8346]  ? bpf_lsm_capable+0x9/0x10
[  202.508088][ T8346]  ? security_capable+0x7e/0x260
[  202.508127][ T8346]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  202.508186][ T8346]  ksys_unshare+0x45d/0xa40
[  202.508222][ T8346]  ? __pfx_ksys_unshare+0x10/0x10
[  202.508255][ T8346]  ? xfd_validate_state+0x5d/0x180
[  202.508316][ T8346]  __x64_sys_unshare+0x31/0x40
[  202.508351][ T8346]  do_syscall_64+0xcd/0x250
[  202.508403][ T8346]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.508450][ T8346] RIP: 0033:0x7f272998d169
[  202.508475][ T8346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.508506][ T8346] RSP: 002b:00007f272a8a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  202.508537][ T8346] RAX: ffffffffffffffda RBX: 00007f2729ba5fa0 RCX: 00007f272998d169
[  202.508558][ T8346] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000
[  202.508577][ T8346] RBP: 00007f2729a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  202.508595][ T8346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  202.508613][ T8346] R13: 0000000000000000 R14: 00007f2729ba5fa0 R15: 00007ffd79f0e358
[  202.508653][ T8346]  </TASK>
[  203.705241][ T8357] sctp: [Deprecated]: syz.3.987 (pid 8357) Use of struct sctp_assoc_value in delayed_ack socket option.
[  203.705241][ T8357] Use struct sctp_sack_info instead
[  204.399080][ T8375] netlink: 342 bytes leftover after parsing attributes in process `syz.2.993'.
[  204.515830][ T8379] netlink: 4 bytes leftover after parsing attributes in process `syz.3.994'.
[  206.441204][ T8408] sctp: [Deprecated]: syz.1.1004 (pid 8408) Use of struct sctp_assoc_value in delayed_ack socket option.
[  206.441204][ T8408] Use struct sctp_sack_info instead
[  206.657878][ T8404] netlink: 74 bytes leftover after parsing attributes in process `syz.3.1012'.
[  211.248022][ T8489] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1037'.
[  212.100010][ T5147] Bluetooth: hci0: command 0x0406 tx timeout
[  212.107642][ T5147] Bluetooth: hci1: command 0x0406 tx timeout
[  212.113738][ T5147] Bluetooth: hci2: command 0x0406 tx timeout
[  212.121796][ T5842] Bluetooth: hci3: command 0x0406 tx timeout
[  212.797408][ T8517] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1050'.
[  213.520227][ T8542] FAULT_INJECTION: forcing a failure.
[  213.520227][ T8542] name failslab, interval 1, probability 0, space 0, times 0
[  213.553951][ T8542] CPU: 1 UID: 0 PID: 8542 Comm: syz.3.1062 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  213.554001][ T8542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  213.554019][ T8542] Call Trace:
[  213.554029][ T8542]  <TASK>
[  213.554041][ T8542]  dump_stack_lvl+0x16c/0x1f0
[  213.554095][ T8542]  should_fail_ex+0x50a/0x650
[  213.554126][ T8542]  ? fs_reclaim_acquire+0xae/0x150
[  213.554169][ T8542]  ? lsm_blob_alloc+0x68/0x90
[  213.554230][ T8542]  should_failslab+0xc2/0x120
[  213.554262][ T8542]  __kmalloc_noprof+0xcb/0x510
[  213.554313][ T8542]  ? kasan_save_stack+0x33/0x60
[  213.554369][ T8542]  lsm_blob_alloc+0x68/0x90
[  213.554419][ T8542]  security_sk_alloc+0x30/0x270
[  213.554458][ T8542]  sk_prot_alloc+0x1c7/0x2a0
[  213.554499][ T8542]  sk_alloc+0x36/0xc20
[  213.554551][ T8542]  tap_open+0x2e8/0x1150
[  213.554592][ T8542]  ? __pfx_tap_open+0x10/0x10
[  213.554629][ T8542]  chrdev_open+0x237/0x6a0
[  213.554682][ T8542]  ? __pfx_chrdev_open+0x10/0x10
[  213.554736][ T8542]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  213.554788][ T8542]  do_dentry_open+0x735/0x1c40
[  213.554837][ T8542]  ? __pfx_chrdev_open+0x10/0x10
[  213.554890][ T8542]  ? inode_permission+0xdd/0x5f0
[  213.554930][ T8542]  vfs_open+0x82/0x3f0
[  213.554961][ T8542]  ? may_open+0x1f2/0x400
[  213.555002][ T8542]  path_openat+0x1e88/0x2d80
[  213.555066][ T8542]  ? __pfx_path_openat+0x10/0x10
[  213.555115][ T8542]  ? __pfx___lock_acquire+0x10/0x10
[  213.555158][ T8542]  ? lock_acquire.part.0+0x11b/0x380
[  213.555208][ T8542]  ? find_held_lock+0x2d/0x110
[  213.555249][ T8542]  do_filp_open+0x20c/0x470
[  213.555301][ T8542]  ? __pfx_do_filp_open+0x10/0x10
[  213.555349][ T8542]  ? find_held_lock+0x2d/0x110
[  213.555409][ T8542]  ? alloc_fd+0x41f/0x760
[  213.555465][ T8542]  do_sys_openat2+0x17a/0x1e0
[  213.555494][ T8542]  ? __pfx_do_sys_openat2+0x10/0x10
[  213.555527][ T8542]  ? kvm_sched_clock_read+0x11/0x20
[  213.555563][ T8542]  ? sched_clock+0x38/0x60
[  213.555601][ T8542]  __x64_sys_openat+0x175/0x210
[  213.555630][ T8542]  ? __pfx___x64_sys_openat+0x10/0x10
[  213.555659][ T8542]  ? __pfx_flush_tlb_func+0x10/0x10
[  213.555692][ T8542]  ? trace_csd_function_exit+0x17f/0x1f0
[  213.555746][ T8542]  do_syscall_64+0xcd/0x250
[  213.555788][ T8542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.555826][ T8542] RIP: 0033:0x7f962d18d169
[  213.555857][ T8542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.555888][ T8542] RSP: 002b:00007f962df88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  213.555914][ T8542] RAX: ffffffffffffffda RBX: 00007f962d3a5fa0 RCX: 00007f962d18d169
[  213.555932][ T8542] RDX: 0000000000082000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  213.555950][ T8542] RBP: 00007f962d20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  213.555967][ T8542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  213.555998][ T8542] R13: 0000000000000000 R14: 00007f962d3a5fa0 R15: 00007ffee4610528
[  213.556031][ T8542]  </TASK>
[  219.614147][ T8648] FAULT_INJECTION: forcing a failure.
[  219.614147][ T8648] name failslab, interval 1, probability 0, space 0, times 0
[  219.647100][ T8648] CPU: 1 UID: 0 PID: 8648 Comm: syz.0.1103 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  219.647145][ T8648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  219.647163][ T8648] Call Trace:
[  219.647173][ T8648]  <TASK>
[  219.647185][ T8648]  dump_stack_lvl+0x16c/0x1f0
[  219.647239][ T8648]  should_fail_ex+0x50a/0x650
[  219.647271][ T8648]  ? fs_reclaim_acquire+0xae/0x150
[  219.647317][ T8648]  ? lsm_blob_alloc+0x68/0x90
[  219.647366][ T8648]  should_failslab+0xc2/0x120
[  219.647398][ T8648]  __kmalloc_noprof+0xcb/0x510
[  219.647456][ T8648]  lsm_blob_alloc+0x68/0x90
[  219.647506][ T8648]  security_sk_alloc+0x30/0x270
[  219.647545][ T8648]  sk_prot_alloc+0x1c7/0x2a0
[  219.647587][ T8648]  sk_alloc+0x36/0xc20
[  219.647636][ T8648]  tap_open+0x2e8/0x1150
[  219.647678][ T8648]  ? __pfx_tap_open+0x10/0x10
[  219.647714][ T8648]  chrdev_open+0x237/0x6a0
[  219.647764][ T8648]  ? __pfx_apparmor_file_open+0x10/0x10
[  219.647808][ T8648]  ? __pfx_chrdev_open+0x10/0x10
[  219.647863][ T8648]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  219.647922][ T8648]  do_dentry_open+0x735/0x1c40
[  219.647971][ T8648]  ? __pfx_chrdev_open+0x10/0x10
[  219.648024][ T8648]  ? inode_permission+0xdd/0x5f0
[  219.648062][ T8648]  vfs_open+0x82/0x3f0
[  219.648091][ T8648]  ? may_open+0x1f2/0x400
[  219.648132][ T8648]  path_openat+0x1e88/0x2d80
[  219.648196][ T8648]  ? __pfx_path_openat+0x10/0x10
[  219.648246][ T8648]  ? __pfx___lock_acquire+0x10/0x10
[  219.648290][ T8648]  ? lock_acquire.part.0+0x11b/0x380
[  219.648337][ T8648]  ? find_held_lock+0x2d/0x110
[  219.648376][ T8648]  do_filp_open+0x20c/0x470
[  219.648425][ T8648]  ? __pfx_do_filp_open+0x10/0x10
[  219.648471][ T8648]  ? find_held_lock+0x2d/0x110
[  219.648535][ T8648]  ? alloc_fd+0x41f/0x760
[  219.648594][ T8648]  do_sys_openat2+0x17a/0x1e0
[  219.648629][ T8648]  ? __pfx_do_sys_openat2+0x10/0x10
[  219.648680][ T8648]  __x64_sys_openat+0x175/0x210
[  219.648715][ T8648]  ? __pfx___x64_sys_openat+0x10/0x10
[  219.648766][ T8648]  do_syscall_64+0xcd/0x250
[  219.648817][ T8648]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.648870][ T8648] RIP: 0033:0x7f9368f8d169
[  219.648897][ T8648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.648928][ T8648] RSP: 002b:00007f9369ea8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  219.648960][ T8648] RAX: ffffffffffffffda RBX: 00007f93691a5fa0 RCX: 00007f9368f8d169
[  219.648981][ T8648] RDX: 0000000000082000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  219.649002][ T8648] RBP: 00007f936900e2a0 R08: 0000000000000000 R09: 0000000000000000
[  219.649021][ T8648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  219.649040][ T8648] R13: 0000000000000000 R14: 00007f93691a5fa0 R15: 00007ffc8caa8fa8
[  219.649086][ T8648]  </TASK>
[  221.776138][ T8699] netlink: 130 bytes leftover after parsing attributes in process `syz.0.1123'.
[  222.195087][ T8701] FAULT_INJECTION: forcing a failure.
[  222.195087][ T8701] name failslab, interval 1, probability 0, space 0, times 0
[  222.217053][ T8701] CPU: 1 UID: 0 PID: 8701 Comm: syz.0.1125 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  222.217096][ T8701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  222.217115][ T8701] Call Trace:
[  222.217124][ T8701]  <TASK>
[  222.217136][ T8701]  dump_stack_lvl+0x16c/0x1f0
[  222.217189][ T8701]  should_fail_ex+0x50a/0x650
[  222.217221][ T8701]  ? fs_reclaim_acquire+0xae/0x150
[  222.217267][ T8701]  should_failslab+0xc2/0x120
[  222.217299][ T8701]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  222.217371][ T8701]  ? lockdep_init_map_type+0x16d/0x7d0
[  222.217422][ T8701]  ? security_inode_alloc+0x3b/0x2b0
[  222.217465][ T8701]  security_inode_alloc+0x3b/0x2b0
[  222.217505][ T8701]  inode_init_always_gfp+0xce4/0x1030
[  222.217561][ T8701]  alloc_inode+0x82/0x230
[  222.217591][ T8701]  path_from_stashed+0x560/0xec0
[  222.217642][ T8701]  ? __pfx_lock_release+0x10/0x10
[  222.217691][ T8701]  ? __pfx_path_from_stashed+0x10/0x10
[  222.217748][ T8701]  ? lock_acquire+0x2f/0xb0
[  222.217791][ T8701]  ? pidns_get+0x32/0x320
[  222.217831][ T8701]  ns_get_path+0x5f/0x80
[  222.217877][ T8701]  proc_ns_get_link+0x122/0x260
[  222.217924][ T8701]  ? __pfx_proc_ns_get_link+0x10/0x10
[  222.217970][ T8701]  ? __pfx___might_resched+0x10/0x10
[  222.218026][ T8701]  ? __pfx_proc_ns_get_link+0x10/0x10
[  222.218072][ T8701]  step_into+0x1aba/0x2220
[  222.218123][ T8701]  ? __pfx_step_into+0x10/0x10
[  222.218166][ T8701]  ? __pfx___up_read+0x10/0x10
[  222.218228][ T8701]  path_openat+0x74c/0x2d80
[  222.218289][ T8701]  ? __pfx_path_openat+0x10/0x10
[  222.218337][ T8701]  ? __pfx___lock_acquire+0x10/0x10
[  222.218381][ T8701]  ? lock_acquire.part.0+0x11b/0x380
[  222.218428][ T8701]  ? find_held_lock+0x2d/0x110
[  222.218465][ T8701]  do_filp_open+0x20c/0x470
[  222.218514][ T8701]  ? __pfx_do_filp_open+0x10/0x10
[  222.218561][ T8701]  ? find_held_lock+0x2d/0x110
[  222.218622][ T8701]  ? alloc_fd+0x41f/0x760
[  222.218679][ T8701]  do_sys_openat2+0x17a/0x1e0
[  222.218714][ T8701]  ? __pfx_do_sys_openat2+0x10/0x10
[  222.218770][ T8701]  __x64_sys_openat+0x175/0x210
[  222.218807][ T8701]  ? __pfx___x64_sys_openat+0x10/0x10
[  222.218859][ T8701]  do_syscall_64+0xcd/0x250
[  222.218910][ T8701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.218955][ T8701] RIP: 0033:0x7f9368f8bad0
[  222.218981][ T8701] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  222.219012][ T8701] RSP: 002b:00007f9369ea7f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  222.219042][ T8701] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f9368f8bad0
[  222.219063][ T8701] RDX: 0000000000000002 RSI: 00007f9369ea7fa0 RDI: 00000000ffffff9c
[  222.219087][ T8701] RBP: 00007f9369ea7fa0 R08: 0000000000000000 R09: 0000000000000000
[  222.219107][ T8701] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  222.219129][ T8701] R13: 0000000000000000 R14: 00007f93691a5fa0 R15: 00007ffc8caa8fa8
[  222.219168][ T8701]  </TASK>
[  227.684062][ T8740] netlink: 130 bytes leftover after parsing attributes in process `syz.1.1139'.
[  229.217946][ T8783] FAULT_INJECTION: forcing a failure.
[  229.217946][ T8783] name failslab, interval 1, probability 0, space 0, times 0
[  229.327114][ T8783] CPU: 1 UID: 0 PID: 8783 Comm: syz.1.1159 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  229.327158][ T8783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  229.327178][ T8783] Call Trace:
[  229.327187][ T8783]  <TASK>
[  229.327199][ T8783]  dump_stack_lvl+0x16c/0x1f0
[  229.327253][ T8783]  should_fail_ex+0x50a/0x650
[  229.327285][ T8783]  ? fs_reclaim_acquire+0xae/0x150
[  229.327341][ T8783]  should_failslab+0xc2/0x120
[  229.327373][ T8783]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  229.327423][ T8783]  ? lockdep_init_map_type+0x16d/0x7d0
[  229.327473][ T8783]  ? security_inode_alloc+0x3b/0x2b0
[  229.327517][ T8783]  security_inode_alloc+0x3b/0x2b0
[  229.327555][ T8783]  inode_init_always_gfp+0xce4/0x1030
[  229.327611][ T8783]  alloc_inode+0x82/0x230
[  229.327643][ T8783]  path_from_stashed+0x560/0xec0
[  229.327692][ T8783]  ? __pfx_lock_release+0x10/0x10
[  229.327742][ T8783]  ? __pfx_path_from_stashed+0x10/0x10
[  229.327791][ T8783]  ? lock_acquire+0x2f/0xb0
[  229.327834][ T8783]  ? pidns_get+0x32/0x320
[  229.327875][ T8783]  ns_get_path+0x5f/0x80
[  229.327921][ T8783]  proc_ns_get_link+0x122/0x260
[  229.327966][ T8783]  ? __pfx_proc_ns_get_link+0x10/0x10
[  229.328014][ T8783]  ? __pfx___might_resched+0x10/0x10
[  229.328071][ T8783]  ? __pfx_proc_ns_get_link+0x10/0x10
[  229.328117][ T8783]  step_into+0x1aba/0x2220
[  229.328168][ T8783]  ? __pfx_step_into+0x10/0x10
[  229.328213][ T8783]  ? __pfx___up_read+0x10/0x10
[  229.328275][ T8783]  path_openat+0x74c/0x2d80
[  229.328347][ T8783]  ? __pfx_path_openat+0x10/0x10
[  229.328399][ T8783]  ? __pfx___lock_acquire+0x10/0x10
[  229.328445][ T8783]  ? lock_acquire.part.0+0x11b/0x380
[  229.328492][ T8783]  ? find_held_lock+0x2d/0x110
[  229.328532][ T8783]  do_filp_open+0x20c/0x470
[  229.328581][ T8783]  ? __pfx_do_filp_open+0x10/0x10
[  229.328626][ T8783]  ? find_held_lock+0x2d/0x110
[  229.328688][ T8783]  ? alloc_fd+0x41f/0x760
[  229.328746][ T8783]  do_sys_openat2+0x17a/0x1e0
[  229.328780][ T8783]  ? __pfx_do_sys_openat2+0x10/0x10
[  229.328831][ T8783]  __x64_sys_openat+0x175/0x210
[  229.328868][ T8783]  ? __pfx___x64_sys_openat+0x10/0x10
[  229.328920][ T8783]  do_syscall_64+0xcd/0x250
[  229.328972][ T8783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.329019][ T8783] RIP: 0033:0x7f272998bad0
[  229.329045][ T8783] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  229.329077][ T8783] RSP: 002b:00007f272a8a3f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  229.329109][ T8783] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f272998bad0
[  229.329130][ T8783] RDX: 0000000000000002 RSI: 00007f272a8a3fa0 RDI: 00000000ffffff9c
[  229.329149][ T8783] RBP: 00007f272a8a3fa0 R08: 0000000000000000 R09: 0000000000000000
[  229.329169][ T8783] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  229.329186][ T8783] R13: 0000000000000000 R14: 00007f2729ba5fa0 R15: 00007ffd79f0e358
[  229.329223][ T8783]  </TASK>
[  230.182711][ T8803] netlink: 'syz.1.1164': attribute type 16 has an invalid length.
[  230.232349][ T8803] netlink: 322 bytes leftover after parsing attributes in process `syz.1.1164'.
[  234.414815][ T8913] program syz.1.1204 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  234.875645][ T8921] FAULT_INJECTION: forcing a failure.
[  234.875645][ T8921] name failslab, interval 1, probability 0, space 0, times 0
[  234.931986][ T8921] CPU: 0 UID: 0 PID: 8921 Comm: syz.2.1207 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  234.932028][ T8921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  234.932048][ T8921] Call Trace:
[  234.932057][ T8921]  <TASK>
[  234.932070][ T8921]  dump_stack_lvl+0x16c/0x1f0
[  234.932125][ T8921]  should_fail_ex+0x50a/0x650
[  234.932156][ T8921]  ? fs_reclaim_acquire+0xae/0x150
[  234.932202][ T8921]  should_failslab+0xc2/0x120
[  234.932232][ T8921]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  234.932284][ T8921]  ? sp_alloc+0x27/0x160
[  234.932325][ T8921]  sp_alloc+0x27/0x160
[  234.932362][ T8921]  mpol_set_shared_policy+0xaa/0x800
[  234.932410][ T8921]  ? __pfx_shmem_set_policy+0x10/0x10
[  234.932457][ T8921]  mbind_range+0x345/0x530
[  234.932498][ T8921]  do_mbind+0x818/0xed0
[  234.932545][ T8921]  ? __pfx_vfs_writev+0x10/0x10
[  234.932588][ T8921]  ? __pfx_do_mbind+0x10/0x10
[  234.932649][ T8921]  ? __pfx_get_nodes+0x10/0x10
[  234.932710][ T8921]  kernel_mbind+0x1e8/0x200
[  234.932748][ T8921]  ? __pfx_kernel_mbind+0x10/0x10
[  234.932799][ T8921]  do_syscall_64+0xcd/0x250
[  234.932863][ T8921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.932909][ T8921] RIP: 0033:0x7fd88c78d169
[  234.932934][ T8921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.932964][ T8921] RSP: 002b:00007fd88d573038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  234.932995][ T8921] RAX: ffffffffffffffda RBX: 00007fd88c9a5fa0 RCX: 00007fd88c78d169
[  234.933015][ T8921] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000
[  234.933034][ T8921] RBP: 00007fd88c80e2a0 R08: 0000000000000006 R09: 0000000000000002
[  234.933052][ T8921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  234.933071][ T8921] R13: 0000000000000000 R14: 00007fd88c9a5fa0 R15: 00007ffe9a680ef8
[  234.933112][ T8921]  </TASK>
[  238.554944][ T9012] program syz.2.1241 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  239.291386][ T9037] FAULT_INJECTION: forcing a failure.
[  239.291386][ T9037] name failslab, interval 1, probability 0, space 0, times 0
[  239.327942][ T9037] CPU: 0 UID: 0 PID: 9037 Comm: syz.3.1252 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  239.327988][ T9037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  239.328007][ T9037] Call Trace:
[  239.328016][ T9037]  <TASK>
[  239.328028][ T9037]  dump_stack_lvl+0x16c/0x1f0
[  239.328085][ T9037]  should_fail_ex+0x50a/0x650
[  239.328117][ T9037]  ? fs_reclaim_acquire+0xae/0x150
[  239.328165][ T9037]  should_failslab+0xc2/0x120
[  239.328198][ T9037]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  239.328251][ T9037]  ? __mpol_dup+0x75/0x380
[  239.328293][ T9037]  __mpol_dup+0x75/0x380
[  239.328329][ T9037]  ? __pfx___mpol_dup+0x10/0x10
[  239.328364][ T9037]  ? kmem_cache_alloc_noprof+0x279/0x3d0
[  239.328416][ T9037]  ? sp_alloc+0x27/0x160
[  239.328456][ T9037]  sp_alloc+0x4d/0x160
[  239.328494][ T9037]  mpol_set_shared_policy+0xaa/0x800
[  239.328541][ T9037]  ? __pfx_shmem_set_policy+0x10/0x10
[  239.328589][ T9037]  mbind_range+0x345/0x530
[  239.328630][ T9037]  do_mbind+0x818/0xed0
[  239.328678][ T9037]  ? __pfx_do_mbind+0x10/0x10
[  239.328746][ T9037]  ? __pfx_get_nodes+0x10/0x10
[  239.328810][ T9037]  kernel_mbind+0x1e8/0x200
[  239.328853][ T9037]  ? __pfx_kernel_mbind+0x10/0x10
[  239.328904][ T9037]  do_syscall_64+0xcd/0x250
[  239.328957][ T9037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.329005][ T9037] RIP: 0033:0x7f962d18d169
[  239.329029][ T9037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  239.329060][ T9037] RSP: 002b:00007f962df88038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  239.329091][ T9037] RAX: ffffffffffffffda RBX: 00007f962d3a5fa0 RCX: 00007f962d18d169
[  239.329112][ T9037] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000
[  239.329131][ T9037] RBP: 00007f962d20e2a0 R08: 0000000000000006 R09: 0000000000000002
[  239.329149][ T9037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  239.329167][ T9037] R13: 0000000000000000 R14: 00007f962d3a5fa0 R15: 00007ffee4610528
[  239.329207][ T9037]  </TASK>
[  240.124965][ T9054] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1258'.
[  242.215135][ T9121] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1284'.
[  242.225870][ T9121] openvswitch: netlink: IP tunnel dst address not specified
[  242.657392][ T9136] FAULT_INJECTION: forcing a failure.
[  242.657392][ T9136] name failslab, interval 1, probability 0, space 0, times 0
[  242.675852][ T9136] CPU: 0 UID: 0 PID: 9136 Comm: syz.2.1290 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  242.675897][ T9136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  242.675916][ T9136] Call Trace:
[  242.675926][ T9136]  <TASK>
[  242.675939][ T9136]  dump_stack_lvl+0x16c/0x1f0
[  242.675995][ T9136]  should_fail_ex+0x50a/0x650
[  242.676027][ T9136]  ? fs_reclaim_acquire+0xae/0x150
[  242.676072][ T9136]  should_failslab+0xc2/0x120
[  242.676104][ T9136]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  242.676170][ T9136]  ? __mpol_dup+0x75/0x380
[  242.676211][ T9136]  __mpol_dup+0x75/0x380
[  242.676263][ T9136]  ? __pfx___mpol_dup+0x10/0x10
[  242.676299][ T9136]  ? mas_walk+0x6a6/0x910
[  242.676346][ T9136]  mbind_range+0x2bc/0x530
[  242.676387][ T9136]  do_mbind+0x818/0xed0
[  242.676434][ T9136]  ? __pfx_do_mbind+0x10/0x10
[  242.676494][ T9136]  ? __pfx_get_nodes+0x10/0x10
[  242.676564][ T9136]  kernel_mbind+0x1e8/0x200
[  242.676606][ T9136]  ? __pfx_kernel_mbind+0x10/0x10
[  242.676657][ T9136]  do_syscall_64+0xcd/0x250
[  242.676709][ T9136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  242.676755][ T9136] RIP: 0033:0x7fd88c78d169
[  242.676781][ T9136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  242.676812][ T9136] RSP: 002b:00007fd88d573038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  242.676843][ T9136] RAX: ffffffffffffffda RBX: 00007fd88c9a5fa0 RCX: 00007fd88c78d169
[  242.676868][ T9136] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000002000
[  242.676886][ T9136] RBP: 00007fd88c80e2a0 R08: 0000000000000006 R09: 0000000000000002
[  242.676903][ T9136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  242.676920][ T9136] R13: 0000000000000000 R14: 00007fd88c9a5fa0 R15: 00007ffe9a680ef8
[  242.676958][ T9136]  </TASK>
[  248.413154][ T9148] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1293'.
[  248.841401][ T9164] netlink: 29 bytes leftover after parsing attributes in process `syz.1.1300'.
[  249.185252][ T9175] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1305'.
[  249.552342][ T9188] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1310'.
[  250.070292][   T30] audit: type=1800 audit(6037413993.027:8): pid=9212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1321" name="discovery_nqn" dev="configfs" ino=19080 res=0 errno=0
[  250.294514][ T9222] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1325'.
[  250.866147][ T9243] netlink: 29 bytes leftover after parsing attributes in process `syz.0.1333'.
[  252.565376][ T9294] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  253.623336][ T9324] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1364'.
[  254.753168][ T9356] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1376'.
[  254.989491][ T9363] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1379'.
[  256.028589][ T9397] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1393'.
[  256.326308][ T9408] netlink: 'syz.2.1397': attribute type 1 has an invalid length.
[  256.338243][ T9407] netlink: 'syz.1.1398': attribute type 15 has an invalid length.
[  256.357019][ T9407] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1398'.
[  256.884273][ T9428] netlink: 'syz.2.1405': attribute type 1 has an invalid length.
[  257.646051][ T9444] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1411'.
[  257.707214][ T9443] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1412'.
[  258.173371][ T9451] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1415'.
[  259.010047][ T9465] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1422'.
[  260.277625][ T9484] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1426'.
[  260.658804][ T9494] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1429'.
[  261.061591][ T9503] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1434'.
[  261.219403][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  261.225780][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  261.388908][ T9508] netlink: 'syz.0.1435': attribute type 15 has an invalid length.
[  261.400802][ T9508] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1435'.
[  261.568752][ T9511] netlink: 'syz.1.1438': attribute type 1 has an invalid length.
[  261.796632][ T9515] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1440'.
[  262.040131][ T9521] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  262.076943][ T9521] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  263.291450][ T9546] netlink: 'syz.2.1449': attribute type 15 has an invalid length.
[  263.316931][ T9546] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1449'.
[  264.727254][ T9578] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1462'.
[  265.157282][ T9584] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1465'.
[  266.052740][ T9593] FAULT_INJECTION: forcing a failure.
[  266.052740][ T9593] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  266.097070][ T9593] CPU: 0 UID: 0 PID: 9593 Comm: syz.3.1473 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  266.097112][ T9593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  266.097151][ T9593] Call Trace:
[  266.097161][ T9593]  <TASK>
[  266.097173][ T9593]  dump_stack_lvl+0x16c/0x1f0
[  266.097228][ T9593]  should_fail_ex+0x50a/0x650
[  266.097271][ T9593]  _copy_to_iter+0x2a1/0x1560
[  266.097312][ T9593]  ? chacha_block_generic+0x18a/0x270
[  266.097365][ T9593]  ? __pfx__copy_to_iter+0x10/0x10
[  266.097409][ T9593]  ? __pfx___might_resched+0x10/0x10
[  266.097461][ T9593]  ? crng_make_state+0x48e/0x6d0
[  266.097522][ T9593]  get_random_bytes_user+0x180/0x3c0
[  266.097581][ T9593]  ? __pfx_get_random_bytes_user+0x10/0x10
[  266.097642][ T9593]  ? do_futex+0x123/0x350
[  266.097690][ T9593]  ? import_ubuf+0x1b6/0x220
[  266.097728][ T9593]  __x64_sys_getrandom+0x184/0x290
[  266.097763][ T9593]  ? __pfx___x64_sys_getrandom+0x10/0x10
[  266.097797][ T9593]  ? xfd_validate_state+0x5d/0x180
[  266.097858][ T9593]  do_syscall_64+0xcd/0x250
[  266.097909][ T9593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.097955][ T9593] RIP: 0033:0x7f962d18d169
[  266.097981][ T9593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.098013][ T9593] RSP: 002b:00007f962df88038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e
[  266.098044][ T9593] RAX: ffffffffffffffda RBX: 00007f962d3a5fa0 RCX: 00007f962d18d169
[  266.098065][ T9593] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000
[  266.098085][ T9593] RBP: 00007f962d20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  266.098102][ T9593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  266.098119][ T9593] R13: 0000000000000000 R14: 00007f962d3a5fa0 R15: 00007ffee4610528
[  266.098156][ T9593]  </TASK>
[  266.841060][ T9611] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  266.858748][ T9611] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  266.942395][ T9613] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  266.964433][ T9613] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  266.998469][ T9614] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1475'.
[  268.076294][ T9632] netlink: 'syz.0.1496': attribute type 3 has an invalid length.
[  269.087278][ T9653] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1495'.
[  270.703938][ T9673] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1504'.
[  271.191094][ T9685] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1509'.
[  271.308022][ T9687] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1511'.
[  271.929538][ T9700] netlink: 130 bytes leftover after parsing attributes in process `syz.3.1517'.
[  272.366222][ T9706] sg_write: data in/out 32732/16086 bytes for SCSI command 0x0-- guessing data in;
[  272.366222][ T9706]    program syz.3.1519 not setting count and/or reply_len properly
[  273.734392][ T9743] netlink: 'syz.2.1534': attribute type 3 has an invalid length.
[  274.558456][ T9763] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1543'.
[  276.152478][ T9793] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1555'.
[  276.333862][ T9789] sg_write: data in/out 32732/16086 bytes for SCSI command 0x0-- guessing data in;
[  276.333862][ T9789]    program syz.0.1553 not setting count and/or reply_len properly
[  277.403327][ T9822] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1567'.
[  277.507409][ T9826] netlink: 'syz.3.1569': attribute type 2 has an invalid length.
[  277.718492][ T9824] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1568'.
[  278.191553][ T9845] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1577'.
[  278.462683][ T9852] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1580'.
[  278.602818][ T9849] sg_write: data in/out 32732/16086 bytes for SCSI command 0x0-- guessing data in;
[  278.602818][ T9849]    program syz.2.1578 not setting count and/or reply_len properly
[  279.352772][ T9884] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1594'.
[  279.557440][ T9891] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1596'.
[  279.749602][ T9890] sg_write: data in/out 32732/16086 bytes for SCSI command 0x0-- guessing data in;
[  279.749602][ T9890]    program syz.1.1595 not setting count and/or reply_len properly
[  279.766986][   T30] audit: type=1800 audit(6037414022.707:9): pid=9895 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1598" name="set_event" dev="tracefs" ino=1059 res=0 errno=0
[  280.001542][ T9900] FAULT_INJECTION: forcing a failure.
[  280.001542][ T9900] name failslab, interval 1, probability 0, space 0, times 0
[  280.046696][ T9900] CPU: 0 UID: 0 PID: 9900 Comm: syz.3.1601 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  280.046738][ T9900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  280.046755][ T9900] Call Trace:
[  280.046764][ T9900]  <TASK>
[  280.046775][ T9900]  dump_stack_lvl+0x16c/0x1f0
[  280.046828][ T9900]  should_fail_ex+0x50a/0x650
[  280.046863][ T9900]  ? fs_reclaim_acquire+0xae/0x150
[  280.046907][ T9900]  should_failslab+0xc2/0x120
[  280.046937][ T9900]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  280.046988][ T9900]  ? find_held_lock+0x2d/0x110
[  280.047021][ T9900]  ? ptlock_alloc+0x1f/0x70
[  280.047075][ T9900]  ptlock_alloc+0x1f/0x70
[  280.047121][ T9900]  pte_alloc_one+0x74/0x390
[  280.047170][ T9900]  __pte_alloc+0x6e/0x3d0
[  280.047208][ T9900]  ? __pfx___pte_alloc+0x10/0x10
[  280.047251][ T9900]  ? __pfx___might_resched+0x10/0x10
[  280.047303][ T9900]  copy_page_range+0x3661/0x55e0
[  280.047377][ T9900]  ? __pfx_copy_page_range+0x10/0x10
[  280.047413][ T9900]  ? find_held_lock+0x2d/0x110
[  280.047448][ T9900]  ? __pfx_lock_release+0x10/0x10
[  280.047487][ T9900]  ? lock_acquire+0x2f/0xb0
[  280.047528][ T9900]  ? copy_process+0x7c12/0x8c50
[  280.047563][ T9900]  ? down_write+0x14e/0x200
[  280.047618][ T9900]  ? up_write+0x1b2/0x520
[  280.047670][ T9900]  copy_process+0x7ccb/0x8c50
[  280.047728][ T9900]  ? __pfx_copy_process+0x10/0x10
[  280.047760][ T9900]  ? try_to_wake_up+0x953/0x1490
[  280.047813][ T9900]  ? plist_check_head+0xa3/0x150
[  280.047857][ T9900]  ? wake_up_q+0xb0/0x160
[  280.047897][ T9900]  ? do_raw_spin_unlock+0x172/0x230
[  280.047934][ T9900]  kernel_clone+0xfd/0x960
[  280.047963][ T9900]  ? __pfx_futex_wake+0x10/0x10
[  280.048009][ T9900]  ? __pfx_kernel_clone+0x10/0x10
[  280.048035][ T9900]  ? __pfx_vfs_writev+0x10/0x10
[  280.048100][ T9900]  __do_sys_clone+0xcf/0x120
[  280.048131][ T9900]  ? __pfx___do_sys_clone+0x10/0x10
[  280.048182][ T9900]  ? rcu_is_watching+0x12/0xc0
[  280.048236][ T9900]  do_syscall_64+0xcd/0x250
[  280.048287][ T9900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.048332][ T9900] RIP: 0033:0x7f962d18d169
[  280.048358][ T9900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.048388][ T9900] RSP: 002b:00007f962df87fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  280.048418][ T9900] RAX: ffffffffffffffda RBX: 00007f962d3a5fa0 RCX: 00007f962d18d169
[  280.048440][ T9900] RDX: 0000000000000000 RSI: ffffffffffffff10 RDI: 0000000000000000
[  280.048458][ T9900] RBP: 00007f962d20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  280.048477][ T9900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  280.048494][ T9900] R13: 0000000000000000 R14: 00007f962d3a5fa0 R15: 00007ffee4610528
[  280.048533][ T9900]  </TASK>
[  280.454190][ T9914] netlink: 'syz.2.1604': attribute type 4 has an invalid length.
[  282.430592][ T9963] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1622'.
[  282.677011][ T9964] sg_write: data in/out 32732/16086 bytes for SCSI command 0x0-- guessing data in;
[  282.677011][ T9964]    program syz.2.1623 not setting count and/or reply_len properly
[  283.020307][ T9980] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1628'.
[  283.036163][ T9980] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1628'.
[  283.167986][ T9984] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1629'.
[  283.817058][T10004] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1637'.
[  284.015054][T10011] netlink: 'syz.2.1642': attribute type 35 has an invalid length.
[  287.963882][T10104] sctp: [Deprecated]: syz.2.1678 (pid 10104) Use of struct sctp_assoc_value in delayed_ack socket option.
[  287.963882][T10104] Use struct sctp_sack_info instead
[  289.092240][T10135] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1697'.
[  292.587658][T10221] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1714'.
[  292.734718][T10223] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1716'.
[  292.998538][T10231] netlink: 130 bytes leftover after parsing attributes in process `syz.1.1720'.
[  294.048081][T10260] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1729'.
[  295.056535][T10295] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1736'.
[  295.332725][T10290] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1734'.
[  296.093760][T10320] mtrr: base(0x400000000000000) is not aligned on a size(0x0000) boundary
[  296.793412][T10331] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1747'.
[  299.173664][T10378] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1767'.
[  299.444147][T10384] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1769'.
[  300.126307][T10402] netlink: 130 bytes leftover after parsing attributes in process `syz.2.1775'.
[  300.516384][T10416] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1780'.
[  300.606997][T10416] bond0: (slave bond_slave_1): Releasing backup interface
[  300.860556][T10421] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1782'.
[  303.911465][T10458] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1794'.
[  303.933204][T10464] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1803'.
[  307.954396][T10557] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1829'.
[  308.080448][T10557] bond0: (slave bond_slave_1): Releasing backup interface
[  308.921357][T10593] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1845'.
[  310.404951][T10617] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1862'.
[  310.464237][T10621] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1855'.
[  310.549360][T10617] bond0: (slave bond_slave_1): Releasing backup interface
[  311.523290][T10652] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1866'.
[  311.657347][T10652] bond0: (slave bond_slave_1): Releasing backup interface
[  313.053778][T10675] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1873'.
[  313.374309][T10683] FAULT_INJECTION: forcing a failure.
[  313.374309][T10683] name failslab, interval 1, probability 0, space 0, times 0
[  313.415212][T10683] CPU: 1 UID: 0 PID: 10683 Comm: syz.3.1877 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  313.415254][T10683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  313.415272][T10683] Call Trace:
[  313.415293][T10683]  <TASK>
[  313.415304][T10683]  dump_stack_lvl+0x16c/0x1f0
[  313.415354][T10683]  should_fail_ex+0x50a/0x650
[  313.415381][T10683]  ? fs_reclaim_acquire+0xae/0x150
[  313.415419][T10683]  ? dummy_hrtimer_create+0x45/0x170
[  313.415456][T10683]  should_failslab+0xc2/0x120
[  313.415482][T10683]  __kmalloc_cache_noprof+0x68/0x410
[  313.415526][T10683]  dummy_hrtimer_create+0x45/0x170
[  313.415566][T10683]  ? __pfx_dummy_hrtimer_create+0x10/0x10
[  313.415601][T10683]  dummy_pcm_open+0xd1/0x5b0
[  313.415636][T10683]  snd_pcm_open_substream+0xa50/0x17c0
[  313.415679][T10683]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  313.415730][T10683]  snd_pcm_open+0x29b/0x700
[  313.415773][T10683]  ? __pfx_snd_pcm_open+0x10/0x10
[  313.415817][T10683]  ? __pfx_default_wake_function+0x10/0x10
[  313.415866][T10683]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  313.415907][T10683]  snd_pcm_capture_open+0x89/0xe0
[  313.415947][T10683]  snd_open+0x1fe/0x450
[  313.415977][T10683]  ? __pfx_snd_open+0x10/0x10
[  313.416005][T10683]  chrdev_open+0x237/0x6a0
[  313.416050][T10683]  ? __pfx_chrdev_open+0x10/0x10
[  313.416094][T10683]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  313.416137][T10683]  do_dentry_open+0x735/0x1c40
[  313.416184][T10683]  ? __pfx_chrdev_open+0x10/0x10
[  313.416234][T10683]  ? inode_permission+0xdd/0x5f0
[  313.416272][T10683]  vfs_open+0x82/0x3f0
[  313.416312][T10683]  ? may_open+0x1f2/0x400
[  313.416353][T10683]  path_openat+0x1e88/0x2d80
[  313.416416][T10683]  ? __pfx_path_openat+0x10/0x10
[  313.416466][T10683]  ? __pfx___lock_acquire+0x10/0x10
[  313.416510][T10683]  ? lock_acquire.part.0+0x11b/0x380
[  313.416557][T10683]  ? find_held_lock+0x2d/0x110
[  313.416595][T10683]  do_filp_open+0x20c/0x470
[  313.416645][T10683]  ? __pfx_do_filp_open+0x10/0x10
[  313.416691][T10683]  ? find_held_lock+0x2d/0x110
[  313.416755][T10683]  ? alloc_fd+0x41f/0x760
[  313.416813][T10683]  do_sys_openat2+0x17a/0x1e0
[  313.416852][T10683]  ? __pfx_do_sys_openat2+0x10/0x10
[  313.416902][T10683]  __x64_sys_openat+0x175/0x210
[  313.416938][T10683]  ? __pfx___x64_sys_openat+0x10/0x10
[  313.416992][T10683]  do_syscall_64+0xcd/0x250
[  313.417044][T10683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.417091][T10683] RIP: 0033:0x7f962d18d169
[  313.417117][T10683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.417149][T10683] RSP: 002b:00007f962df88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  313.417180][T10683] RAX: ffffffffffffffda RBX: 00007f962d3a5fa0 RCX: 00007f962d18d169
[  313.417201][T10683] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  313.417222][T10683] RBP: 00007f962d20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  313.417241][T10683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  313.417259][T10683] R13: 0000000000000000 R14: 00007f962d3a5fa0 R15: 00007ffee4610528
[  313.417308][T10683]  </TASK>
[  314.064565][T10692] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1882'.
[  314.916672][T10705] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1888'.
[  317.617684][T10759] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1909'.
[  318.641618][T10781] netlink: 'syz.1.1917': attribute type 3 has an invalid length.
[  320.441999][T10808] FAULT_INJECTION: forcing a failure.
[  320.441999][T10808] name failslab, interval 1, probability 0, space 0, times 0
[  320.462735][T10808] CPU: 1 UID: 0 PID: 10808 Comm: syz.0.1928 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  320.462778][T10808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  320.462797][T10808] Call Trace:
[  320.462807][T10808]  <TASK>
[  320.462820][T10808]  dump_stack_lvl+0x16c/0x1f0
[  320.462884][T10808]  should_fail_ex+0x50a/0x650
[  320.462915][T10808]  ? fs_reclaim_acquire+0xae/0x150
[  320.462959][T10808]  ? snd_midi_event_new+0x6f/0x210
[  320.462993][T10808]  should_failslab+0xc2/0x120
[  320.463024][T10808]  __kmalloc_cache_noprof+0x68/0x410
[  320.463078][T10808]  snd_midi_event_new+0x6f/0x210
[  320.463115][T10808]  snd_virmidi_output_open+0x106/0x640
[  320.463158][T10808]  open_substream+0x478/0x9b0
[  320.463205][T10808]  rawmidi_open_priv+0x542/0x6e0
[  320.463258][T10808]  snd_rawmidi_open+0x4bf/0xbd0
[  320.463312][T10808]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  320.463358][T10808]  ? __pfx_lock_release+0x10/0x10
[  320.463404][T10808]  ? __pfx_default_wake_function+0x10/0x10
[  320.463452][T10808]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  320.463483][T10808]  ? lock_acquire+0x2f/0xb0
[  320.463525][T10808]  ? soundcore_open+0x8e/0x580
[  320.463557][T10808]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  320.463603][T10808]  soundcore_open+0x409/0x580
[  320.463637][T10808]  ? __pfx_soundcore_open+0x10/0x10
[  320.463668][T10808]  chrdev_open+0x237/0x6a0
[  320.463717][T10808]  ? __pfx_chrdev_open+0x10/0x10
[  320.463766][T10808]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  320.463814][T10808]  do_dentry_open+0x735/0x1c40
[  320.463877][T10808]  ? __pfx_chrdev_open+0x10/0x10
[  320.463926][T10808]  ? inode_permission+0xdd/0x5f0
[  320.463965][T10808]  vfs_open+0x82/0x3f0
[  320.463995][T10808]  ? may_open+0x1f2/0x400
[  320.464036][T10808]  path_openat+0x1e88/0x2d80
[  320.464098][T10808]  ? __pfx_path_openat+0x10/0x10
[  320.464146][T10808]  ? __pfx___lock_acquire+0x10/0x10
[  320.464191][T10808]  ? lock_acquire.part.0+0x11b/0x380
[  320.464235][T10808]  ? find_held_lock+0x2d/0x110
[  320.464274][T10808]  do_filp_open+0x20c/0x470
[  320.464320][T10808]  ? __pfx_do_filp_open+0x10/0x10
[  320.464366][T10808]  ? find_held_lock+0x2d/0x110
[  320.464428][T10808]  ? alloc_fd+0x41f/0x760
[  320.464485][T10808]  do_sys_openat2+0x17a/0x1e0
[  320.464519][T10808]  ? __pfx_do_sys_openat2+0x10/0x10
[  320.464570][T10808]  __x64_sys_openat+0x175/0x210
[  320.464607][T10808]  ? __pfx___x64_sys_openat+0x10/0x10
[  320.464660][T10808]  do_syscall_64+0xcd/0x250
[  320.464712][T10808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.464760][T10808] RIP: 0033:0x7f9368f8d169
[  320.464786][T10808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.464817][T10808] RSP: 002b:00007f9369ea8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  320.464858][T10808] RAX: ffffffffffffffda RBX: 00007f93691a5fa0 RCX: 00007f9368f8d169
[  320.464879][T10808] RDX: 0000000000000241 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  320.464900][T10808] RBP: 00007f936900e2a0 R08: 0000000000000000 R09: 0000000000000000
[  320.464918][T10808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  320.464936][T10808] R13: 0000000000000000 R14: 00007f93691a5fa0 R15: 00007ffc8caa8fa8
[  320.464974][T10808]  </TASK>
[  321.221375][T10818] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1932'.
[  322.659625][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  322.666008][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  324.181866][T10893] FAULT_INJECTION: forcing a failure.
[  324.181866][T10893] name failslab, interval 1, probability 0, space 0, times 0
[  324.234181][T10893] CPU: 1 UID: 0 PID: 10893 Comm: syz.3.1960 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  324.234227][T10893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  324.234247][T10893] Call Trace:
[  324.234256][T10893]  <TASK>
[  324.234268][T10893]  dump_stack_lvl+0x16c/0x1f0
[  324.234324][T10893]  should_fail_ex+0x50a/0x650
[  324.234355][T10893]  ? fs_reclaim_acquire+0xae/0x150
[  324.234401][T10893]  ? snd_midi_event_new+0xa1/0x210
[  324.234434][T10893]  should_failslab+0xc2/0x120
[  324.234466][T10893]  __kmalloc_noprof+0xcb/0x510
[  324.234525][T10893]  snd_midi_event_new+0xa1/0x210
[  324.234560][T10893]  snd_virmidi_output_open+0x106/0x640
[  324.234602][T10893]  open_substream+0x478/0x9b0
[  324.234646][T10893]  rawmidi_open_priv+0x542/0x6e0
[  324.234698][T10893]  snd_rawmidi_open+0x4bf/0xbd0
[  324.234752][T10893]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  324.234800][T10893]  ? __pfx_lock_release+0x10/0x10
[  324.234847][T10893]  ? __pfx_default_wake_function+0x10/0x10
[  324.234905][T10893]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  324.234937][T10893]  ? lock_acquire+0x2f/0xb0
[  324.234981][T10893]  ? soundcore_open+0x8e/0x580
[  324.235016][T10893]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  324.235067][T10893]  soundcore_open+0x409/0x580
[  324.235104][T10893]  ? __pfx_soundcore_open+0x10/0x10
[  324.235138][T10893]  chrdev_open+0x237/0x6a0
[  324.235188][T10893]  ? __pfx_apparmor_file_open+0x10/0x10
[  324.235231][T10893]  ? __pfx_chrdev_open+0x10/0x10
[  324.235285][T10893]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  324.235336][T10893]  do_dentry_open+0x735/0x1c40
[  324.235385][T10893]  ? __pfx_chrdev_open+0x10/0x10
[  324.235438][T10893]  ? inode_permission+0xdd/0x5f0
[  324.235478][T10893]  vfs_open+0x82/0x3f0
[  324.235509][T10893]  ? may_open+0x1f2/0x400
[  324.235550][T10893]  path_openat+0x1e88/0x2d80
[  324.235615][T10893]  ? __pfx_path_openat+0x10/0x10
[  324.235663][T10893]  ? __pfx___lock_acquire+0x10/0x10
[  324.235707][T10893]  ? lock_acquire.part.0+0x11b/0x380
[  324.235753][T10893]  ? find_held_lock+0x2d/0x110
[  324.235793][T10893]  do_filp_open+0x20c/0x470
[  324.235841][T10893]  ? __pfx_do_filp_open+0x10/0x10
[  324.235893][T10893]  ? find_held_lock+0x2d/0x110
[  324.235957][T10893]  ? alloc_fd+0x41f/0x760
[  324.236016][T10893]  do_sys_openat2+0x17a/0x1e0
[  324.236051][T10893]  ? __pfx_do_sys_openat2+0x10/0x10
[  324.236102][T10893]  __x64_sys_openat+0x175/0x210
[  324.236138][T10893]  ? __pfx___x64_sys_openat+0x10/0x10
[  324.236191][T10893]  do_syscall_64+0xcd/0x250
[  324.236243][T10893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.236289][T10893] RIP: 0033:0x7f962d18d169
[  324.236316][T10893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.236347][T10893] RSP: 002b:00007f962df88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  324.236378][T10893] RAX: ffffffffffffffda RBX: 00007f962d3a5fa0 RCX: 00007f962d18d169
[  324.236399][T10893] RDX: 0000000000000241 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  324.236420][T10893] RBP: 00007f962d20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  324.236439][T10893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  324.236458][T10893] R13: 0000000000000000 R14: 00007f962d3a5fa0 R15: 00007ffee4610528
[  324.236498][T10893]  </TASK>
[  324.923784][T10882] kexec: Could not allocate control_code_buffer
[  325.574049][T10917] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1969'.
[  327.947843][T10982] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1984'.
[  330.656033][T11047] netlink: 74 bytes leftover after parsing attributes in process `syz.1.2009'.
[  332.849151][T11086] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2024'.
[  332.891017][T11086] netlink: 11 bytes leftover after parsing attributes in process `syz.1.2024'.
[  333.399455][T11068] kexec: Could not allocate control_code_buffer
[  334.094544][T11101] netlink: 'syz.2.2032': attribute type 11 has an invalid length.
[  334.472941][T11107] FAULT_INJECTION: forcing a failure.
[  334.472941][T11107] name failslab, interval 1, probability 0, space 0, times 0
[  334.547320][T11107] CPU: 0 UID: 0 PID: 11107 Comm: syz.2.2034 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  334.547364][T11107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  334.547381][T11107] Call Trace:
[  334.547390][T11107]  <TASK>
[  334.547402][T11107]  dump_stack_lvl+0x16c/0x1f0
[  334.547457][T11107]  should_fail_ex+0x50a/0x650
[  334.547489][T11107]  ? fs_reclaim_acquire+0xae/0x150
[  334.547534][T11107]  ? ring_buffer_read_prepare+0x159/0x300
[  334.547574][T11107]  should_failslab+0xc2/0x120
[  334.547604][T11107]  __kmalloc_noprof+0xcb/0x510
[  334.547656][T11107]  ? kasan_save_track+0x14/0x30
[  334.547707][T11107]  ring_buffer_read_prepare+0x159/0x300
[  334.547753][T11107]  tracing_open+0x92e/0xfa0
[  334.547795][T11107]  do_dentry_open+0x735/0x1c40
[  334.547840][T11107]  ? __pfx_tracing_open+0x10/0x10
[  334.547876][T11107]  ? inode_permission+0xdd/0x5f0
[  334.547915][T11107]  vfs_open+0x82/0x3f0
[  334.547956][T11107]  ? may_open+0x1f2/0x400
[  334.547993][T11107]  path_openat+0x1e88/0x2d80
[  334.548060][T11107]  ? __pfx_path_openat+0x10/0x10
[  334.548099][T11107]  ? __pfx___lock_acquire+0x10/0x10
[  334.548136][T11107]  ? lock_acquire.part.0+0x11b/0x380
[  334.548174][T11107]  ? find_held_lock+0x2d/0x110
[  334.548206][T11107]  do_filp_open+0x20c/0x470
[  334.548244][T11107]  ? __pfx_do_filp_open+0x10/0x10
[  334.548280][T11107]  ? find_held_lock+0x2d/0x110
[  334.548336][T11107]  ? alloc_fd+0x41f/0x760
[  334.548390][T11107]  do_sys_openat2+0x17a/0x1e0
[  334.548423][T11107]  ? __pfx_do_sys_openat2+0x10/0x10
[  334.548472][T11107]  __x64_sys_openat+0x175/0x210
[  334.548524][T11107]  ? __pfx___x64_sys_openat+0x10/0x10
[  334.548575][T11107]  do_syscall_64+0xcd/0x250
[  334.548628][T11107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.548674][T11107] RIP: 0033:0x7fd88c78d169
[  334.548699][T11107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.548730][T11107] RSP: 002b:00007fd88d573038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  334.548760][T11107] RAX: ffffffffffffffda RBX: 00007fd88c9a5fa0 RCX: 00007fd88c78d169
[  334.548781][T11107] RDX: 0000000000000600 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  334.548800][T11107] RBP: 00007fd88c80e2a0 R08: 0000000000000000 R09: 0000000000000000
[  334.548819][T11107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  334.548837][T11107] R13: 0000000000000000 R14: 00007fd88c9a5fa0 R15: 00007ffe9a680ef8
[  334.548878][T11107]  </TASK>
[  337.430925][T11151] kexec: Could not allocate control_code_buffer
[  339.593604][T11236] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2064'.
[  339.609545][T11236] netlink: 11 bytes leftover after parsing attributes in process `syz.2.2064'.
[  340.037896][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  340.047588][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  340.087156][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  340.157160][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  340.207164][    T0] NOHZ tick-stop error: local softirq work is pending, handler #382!!!
[  340.413729][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  344.507412][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  346.495065][T11337] kexec: Could not allocate control_code_buffer
[  346.790294][T11351] FAULT_INJECTION: forcing a failure.
[  346.790294][T11351] name failslab, interval 1, probability 0, space 0, times 0
[  346.853427][T11351] CPU: 0 UID: 0 PID: 11351 Comm: syz.1.2107 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  346.853472][T11351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  346.853491][T11351] Call Trace:
[  346.853501][T11351]  <TASK>
[  346.853514][T11351]  dump_stack_lvl+0x16c/0x1f0
[  346.853570][T11351]  should_fail_ex+0x50a/0x650
[  346.853603][T11351]  ? fs_reclaim_acquire+0xae/0x150
[  346.853649][T11351]  ? ring_buffer_read_prepare+0xe9/0x300
[  346.853691][T11351]  should_failslab+0xc2/0x120
[  346.853721][T11351]  __kmalloc_cache_noprof+0x68/0x410
[  346.853773][T11351]  ? kasan_save_track+0x14/0x30
[  346.853824][T11351]  ring_buffer_read_prepare+0xe9/0x300
[  346.853869][T11351]  tracing_open+0x92e/0xfa0
[  346.853914][T11351]  do_dentry_open+0x735/0x1c40
[  346.853961][T11351]  ? __pfx_tracing_open+0x10/0x10
[  346.853999][T11351]  ? inode_permission+0xdd/0x5f0
[  346.854038][T11351]  vfs_open+0x82/0x3f0
[  346.854063][T11351]  ? may_open+0x1f2/0x400
[  346.854097][T11351]  path_openat+0x1e88/0x2d80
[  346.854149][T11351]  ? __pfx_path_openat+0x10/0x10
[  346.854188][T11351]  ? __pfx___lock_acquire+0x10/0x10
[  346.854225][T11351]  ? lock_acquire.part.0+0x11b/0x380
[  346.854263][T11351]  ? find_held_lock+0x2d/0x110
[  346.854295][T11351]  do_filp_open+0x20c/0x470
[  346.854335][T11351]  ? __pfx_do_filp_open+0x10/0x10
[  346.854373][T11351]  ? find_held_lock+0x2d/0x110
[  346.854433][T11351]  ? alloc_fd+0x41f/0x760
[  346.854486][T11351]  do_sys_openat2+0x17a/0x1e0
[  346.854514][T11351]  ? __pfx_do_sys_openat2+0x10/0x10
[  346.854556][T11351]  __x64_sys_openat+0x175/0x210
[  346.854586][T11351]  ? __pfx___x64_sys_openat+0x10/0x10
[  346.854628][T11351]  do_syscall_64+0xcd/0x250
[  346.854673][T11351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.854711][T11351] RIP: 0033:0x7f272998d169
[  346.854732][T11351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.854757][T11351] RSP: 002b:00007f272a8a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  346.854782][T11351] RAX: ffffffffffffffda RBX: 00007f2729ba5fa0 RCX: 00007f272998d169
[  346.854799][T11351] RDX: 0000000000000600 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  346.854816][T11351] RBP: 00007f2729a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  346.854831][T11351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  346.854846][T11351] R13: 0000000000000000 R14: 00007f2729ba5fa0 R15: 00007ffd79f0e358
[  346.854879][T11351]  </TASK>
[  350.021038][T11376] kexec: Could not allocate control_code_buffer
[  350.200427][T11407] FAULT_INJECTION: forcing a failure.
[  350.200427][T11407] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  350.226947][T11407] CPU: 1 UID: 0 PID: 11407 Comm: syz.2.2131 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  350.226990][T11407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  350.227008][T11407] Call Trace:
[  350.227016][T11407]  <TASK>
[  350.227028][T11407]  dump_stack_lvl+0x16c/0x1f0
[  350.227083][T11407]  should_fail_ex+0x50a/0x650
[  350.227113][T11407]  ? __pfx___might_resched+0x10/0x10
[  350.227179][T11407]  should_fail_alloc_page+0xe7/0x130
[  350.227214][T11407]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  350.227266][T11407]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  350.227320][T11407]  ? mark_lock+0xb5/0xc60
[  350.227374][T11407]  ? hlock_class+0x4e/0x130
[  350.227408][T11407]  ? __lock_acquire+0xcc5/0x3c40
[  350.227454][T11407]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  350.227520][T11407]  ? __pfx___lock_acquire+0x10/0x10
[  350.227576][T11407]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  350.227631][T11407]  ? policy_nodemask+0xea/0x4e0
[  350.227666][T11407]  alloc_pages_mpol+0x1fc/0x540
[  350.227699][T11407]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  350.227734][T11407]  ? xas_load+0x49/0x5b0
[  350.227780][T11407]  ? filemap_get_entry+0xd0/0x3c0
[  350.227829][T11407]  folio_alloc_noprof+0x20/0x2d0
[  350.227865][T11407]  filemap_alloc_folio_noprof+0x39b/0x470
[  350.227903][T11407]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  350.227950][T11407]  __filemap_get_folio+0x5e9/0xc10
[  350.228005][T11407]  ioctx_alloc+0x763/0x2010
[  350.228054][T11407]  ? __might_fault+0x13b/0x190
[  350.228095][T11407]  ? __pfx_ioctx_alloc+0x10/0x10
[  350.228141][T11407]  ? lock_acquire+0x2f/0xb0
[  350.228188][T11407]  ? __might_fault+0xe3/0x190
[  350.228226][T11407]  __x64_sys_io_setup+0xc9/0x210
[  350.228272][T11407]  do_syscall_64+0xcd/0x250
[  350.228323][T11407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.228369][T11407] RIP: 0033:0x7fd88c78d169
[  350.228394][T11407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.228425][T11407] RSP: 002b:00007fd88d573038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  350.228455][T11407] RAX: ffffffffffffffda RBX: 00007fd88c9a5fa0 RCX: 00007fd88c78d169
[  350.228476][T11407] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ff3e
[  350.228496][T11407] RBP: 00007fd88c80e2a0 R08: 0000000000000000 R09: 0000000000000000
[  350.228514][T11407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  350.228532][T11407] R13: 0000000000000000 R14: 00007fd88c9a5fa0 R15: 00007ffe9a680ef8
[  350.228570][T11407]  </TASK>
[  351.010549][T11425] netlink: 'syz.1.2138': attribute type 2 has an invalid length.
[  352.529682][T11428] kexec: Could not allocate control_code_buffer
[  353.742326][T11457] FAULT_INJECTION: forcing a failure.
[  353.742326][T11457] name failslab, interval 1, probability 0, space 0, times 0
[  353.786949][T11457] CPU: 0 UID: 0 PID: 11457 Comm: syz.3.2146 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  353.786992][T11457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  353.787010][T11457] Call Trace:
[  353.787019][T11457]  <TASK>
[  353.787031][T11457]  dump_stack_lvl+0x16c/0x1f0
[  353.787083][T11457]  should_fail_ex+0x50a/0x650
[  353.787114][T11457]  ? fs_reclaim_acquire+0xae/0x150
[  353.787158][T11457]  ? ring_buffer_read_prepare+0xe9/0x300
[  353.787196][T11457]  should_failslab+0xc2/0x120
[  353.787227][T11457]  __kmalloc_cache_noprof+0x68/0x410
[  353.787275][T11457]  ? kasan_save_track+0x14/0x30
[  353.787326][T11457]  ring_buffer_read_prepare+0xe9/0x300
[  353.787372][T11457]  tracing_open+0x92e/0xfa0
[  353.787417][T11457]  do_dentry_open+0x735/0x1c40
[  353.787465][T11457]  ? __pfx_tracing_open+0x10/0x10
[  353.787503][T11457]  ? inode_permission+0xdd/0x5f0
[  353.787542][T11457]  vfs_open+0x82/0x3f0
[  353.787573][T11457]  ? may_open+0x1f2/0x400
[  353.787612][T11457]  path_openat+0x1e88/0x2d80
[  353.787676][T11457]  ? __pfx_path_openat+0x10/0x10
[  353.787725][T11457]  ? __pfx___lock_acquire+0x10/0x10
[  353.787768][T11457]  ? lock_acquire.part.0+0x11b/0x380
[  353.787813][T11457]  ? find_held_lock+0x2d/0x110
[  353.787852][T11457]  do_filp_open+0x20c/0x470
[  353.787908][T11457]  ? __pfx_do_filp_open+0x10/0x10
[  353.787956][T11457]  ? find_held_lock+0x2d/0x110
[  353.788020][T11457]  ? alloc_fd+0x41f/0x760
[  353.788078][T11457]  do_sys_openat2+0x17a/0x1e0
[  353.788113][T11457]  ? __pfx_do_sys_openat2+0x10/0x10
[  353.788164][T11457]  __x64_sys_openat+0x175/0x210
[  353.788198][T11457]  ? __pfx___x64_sys_openat+0x10/0x10
[  353.788251][T11457]  do_syscall_64+0xcd/0x250
[  353.788303][T11457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.788349][T11457] RIP: 0033:0x7f962d18d169
[  353.788375][T11457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.788413][T11457] RSP: 002b:00007f962df88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  353.788444][T11457] RAX: ffffffffffffffda RBX: 00007f962d3a5fa0 RCX: 00007f962d18d169
[  353.788466][T11457] RDX: 0000000000000600 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  353.788486][T11457] RBP: 00007f962d20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  353.788505][T11457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  353.788523][T11457] R13: 0000000000000000 R14: 00007f962d3a5fa0 R15: 00007ffee4610528
[  353.788565][T11457]  </TASK>
[  356.312017][T11500] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2164'.
[  356.348931][T11502] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2165'.
[  356.867158][T11513] lo: entered promiscuous mode
[  356.902898][T11513] lo: left promiscuous mode
[  357.663198][T11541] FAULT_INJECTION: forcing a failure.
[  357.663198][T11541] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  357.708815][T11541] CPU: 0 UID: 0 PID: 11541 Comm: syz.1.2181 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  357.708866][T11541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  357.708886][T11541] Call Trace:
[  357.708896][T11541]  <TASK>
[  357.708909][T11541]  dump_stack_lvl+0x16c/0x1f0
[  357.708973][T11541]  should_fail_ex+0x50a/0x650
[  357.709005][T11541]  ? __pfx___might_resched+0x10/0x10
[  357.709064][T11541]  should_fail_alloc_page+0xe7/0x130
[  357.709100][T11541]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  357.709157][T11541]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  357.709213][T11541]  ? mark_lock+0xb5/0xc60
[  357.709264][T11541]  ? hlock_class+0x4e/0x130
[  357.709297][T11541]  ? __lock_acquire+0xcc5/0x3c40
[  357.709344][T11541]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  357.709412][T11541]  ? __pfx___lock_acquire+0x10/0x10
[  357.709469][T11541]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  357.709547][T11541]  ? policy_nodemask+0xea/0x4e0
[  357.709584][T11541]  alloc_pages_mpol+0x1fc/0x540
[  357.709617][T11541]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  357.709652][T11541]  ? xas_load+0x49/0x5b0
[  357.709700][T11541]  ? filemap_get_entry+0xd0/0x3c0
[  357.709749][T11541]  folio_alloc_noprof+0x20/0x2d0
[  357.709787][T11541]  filemap_alloc_folio_noprof+0x39b/0x470
[  357.709824][T11541]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  357.709870][T11541]  __filemap_get_folio+0x5e9/0xc10
[  357.709933][T11541]  ioctx_alloc+0x763/0x2010
[  357.709984][T11541]  ? __might_fault+0x13b/0x190
[  357.710027][T11541]  ? __pfx_ioctx_alloc+0x10/0x10
[  357.710068][T11541]  ? lock_acquire+0x2f/0xb0
[  357.710116][T11541]  ? __might_fault+0xe3/0x190
[  357.710155][T11541]  __x64_sys_io_setup+0xc9/0x210
[  357.710203][T11541]  do_syscall_64+0xcd/0x250
[  357.710254][T11541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.710299][T11541] RIP: 0033:0x7f272998d169
[  357.710325][T11541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  357.710356][T11541] RSP: 002b:00007f272a8a4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  357.710388][T11541] RAX: ffffffffffffffda RBX: 00007f2729ba5fa0 RCX: 00007f272998d169
[  357.710408][T11541] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ff3e
[  357.710427][T11541] RBP: 00007f2729a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  357.710445][T11541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  357.710463][T11541] R13: 0000000000000000 R14: 00007f2729ba5fa0 R15: 00007ffd79f0e358
[  357.710502][T11541]  </TASK>
[  358.494825][T11549] lo: entered promiscuous mode
[  358.586748][T11551] netlink: 'syz.0.2185': attribute type 2 has an invalid length.
[  358.663264][T11546] lo: left promiscuous mode
[  358.812579][T11556] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2194'.
[  359.702228][T11572] blktrace: Concurrent blktraces are not allowed on sg0
[  359.952907][T11585] lo: entered promiscuous mode
[  359.959303][T11585] lo: left promiscuous mode
[  360.208823][T11598] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2213'.
[  360.624323][T11607] netlink: 206 bytes leftover after parsing attributes in process `syz.0.2215'.
[  360.795383][T11608] blktrace: Concurrent blktraces are not allowed on sg0
[  361.027469][T11618] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2211'.
[  361.201822][T11623] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2214'.
[  361.445902][T11624] lo: entered promiscuous mode
[  361.457545][T11624] lo: left promiscuous mode
[  361.508386][T11630] netlink: 'syz.3.2217': attribute type 1 has an invalid length.
[  361.527073][T11630] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2217'.
[  362.167403][T11646] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2223'.
[  362.797363][T11662] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2232'.
[  363.242464][T11676] netlink: 206 bytes leftover after parsing attributes in process `syz.3.2236'.
[  363.336095][T11678] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2237'.
[  364.008411][T11706] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2249'.
[  364.959186][T11729] Loading of unsigned module is rejected
[  365.978041][T11745] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2260'.
[  366.174085][T11751] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2266'.
[  366.225778][T11753] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2264'.
[  369.220679][T11835] ubi0: attaching mtd0
[  369.225123][T11835] ubi0 error: ubi_attach_mtd_dev: bad VID header (65536) or data offsets (65600)
[  370.181038][T11845] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2306'.
[  371.708627][T11879] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2318'.
[  371.766534][T11881] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2319'.
[  371.796254][T11881] vxcan1: entered promiscuous mode
[  373.058339][T11911] Loading of unsigned module is rejected
[  373.608714][T11926] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2337'.
[  374.092237][T11936] lo: entered allmulticast mode
[  374.178365][T11940] lo: left allmulticast mode
[  374.919181][T11960] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2350'.
[  374.945348][T11956] Loading of unsigned module is rejected
[  375.508225][T11975] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2357'.
[  376.588573][T11993] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2363'.
[  377.853177][T12014] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2369'.
[  378.290010][T12029] netlink: 206 bytes leftover after parsing attributes in process `syz.1.2377'.
[  378.607823][T12037] ubi4: attaching mtd0
[  379.664824][T12069] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2392'.
[  380.302857][   T54] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.443741][   T54] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.549158][   T54] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.632402][   T54] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  380.894197][   T54] bridge_slave_1: left allmulticast mode
[  380.906146][   T54] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.928297][   T54] bridge_slave_0: left allmulticast mode
[  380.934015][   T54] bridge_slave_0: left promiscuous mode
[  380.946470][   T54] bridge0: port 1(bridge_slave_0) entered disabled state
[  381.324107][T12088] ubi0: attaching mtd0
[  381.344878][T12088] ubi0 error: ubi_attach_mtd_dev: bad VID header (65536) or data offsets (65600)
[  381.878140][   T54] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  381.931104][   T54] bond0 (unregistering): Released all slaves
[  382.005285][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  382.027084][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  382.040394][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  382.053840][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  382.064619][ T5840] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  382.075007][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  382.879550][   T54] hsr_slave_0: left promiscuous mode
[  382.887005][   T54] hsr_slave_1: left promiscuous mode
[  382.894235][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  382.912625][   T54] batman_adv: batadv0: Removing interface: batadv_slave_0
[  382.949171][   T54] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  382.956665][   T54] batman_adv: batadv0: Removing interface: batadv_slave_1
[  382.999541][   T54] veth1_macvtap: left promiscuous mode
[  383.005808][   T54] veth0_macvtap: left promiscuous mode
[  383.012416][   T54] veth1_vlan: left promiscuous mode
[  383.018352][   T54] veth0_vlan: left promiscuous mode
[  383.635147][   T54] team0 (unregistering): Port device team_slave_1 removed
[  383.682332][   T54] team0 (unregistering): Port device team_slave_0 removed
[  384.099423][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  384.106097][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  384.187179][ T5851] Bluetooth: hci4: command tx timeout
[  384.248760][T12093] chnl_net:caif_netlink_parms(): no params data found
[  384.482684][T12093] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.490194][T12093] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.498932][T12093] bridge_slave_0: entered allmulticast mode
[  384.506047][T12093] bridge_slave_0: entered promiscuous mode
[  384.515414][T12093] bridge0: port 2(bridge_slave_1) entered blocking state
[  384.523888][T12093] bridge0: port 2(bridge_slave_1) entered disabled state
[  384.531622][T12093] bridge_slave_1: entered allmulticast mode
[  384.544755][T12093] bridge_slave_1: entered promiscuous mode
[  384.591647][T12093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  384.603825][T12093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  384.655842][T12093] team0: Port device team_slave_0 added
[  384.671356][T12093] team0: Port device team_slave_1 added
[  384.707675][T12093] batman_adv: batadv0: Adding interface: batadv_slave_0
[  384.714688][T12093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  384.742495][T12093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  384.761863][T12093] batman_adv: batadv0: Adding interface: batadv_slave_1
[  384.769178][T12093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  384.795614][T12093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  384.862266][T12093] hsr_slave_0: entered promiscuous mode
[  384.874295][T12093] hsr_slave_1: entered promiscuous mode
[  385.462416][T12093] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  385.473664][T12093] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  385.491792][T12093] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  385.508410][T12093] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  385.617271][T12093] 8021q: adding VLAN 0 to HW filter on device bond0
[  385.638501][T12093] 8021q: adding VLAN 0 to HW filter on device team0
[  385.658929][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  385.666069][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  385.682745][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.689923][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  385.985379][T12093] 8021q: adding VLAN 0 to HW filter on device batadv0
[  386.044893][T12093] veth0_vlan: entered promiscuous mode
[  386.058182][T12093] veth1_vlan: entered promiscuous mode
[  386.104962][T12093] veth0_macvtap: entered promiscuous mode
[  386.115379][T12093] veth1_macvtap: entered promiscuous mode
[  386.152791][T12093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.166119][T12093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.180357][T12093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.196617][T12093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.211609][T12093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  386.222697][T12093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.234257][T12093] batman_adv: batadv0: Interface activated: batadv_slave_0
[  386.253739][T12093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.270730][ T5851] Bluetooth: hci4: command tx timeout
[  386.276288][T12093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.289217][T12093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.303746][T12093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.315294][T12093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.326499][T12093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.338262][T12093] batman_adv: batadv0: Interface activated: batadv_slave_1
[  386.364498][T12093] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  386.381178][T12093] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  386.391475][T12093] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  386.407014][T12093] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  386.557074][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  386.567065][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  386.608498][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  386.616386][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  386.837588][T12186] netlink: 350 bytes leftover after parsing attributes in process `syz.3.2414'.
[  387.995530][T12223] lo: entered allmulticast mode
[  388.077621][T12228] lo: left allmulticast mode
[  388.342342][ T5851] Bluetooth: hci4: command tx timeout
[  388.425515][T12229] Loading of unsigned module is rejected
[  388.739507][T12244] ubi0: attaching mtd0
[  388.743671][T12244] ubi0 error: ubi_attach_mtd_dev: bad VID header (65536) or data offsets (65600)
[  389.025948][T12245] Loading of unsigned module is rejected
[  390.074677][T12270] netlink: 'syz.3.2425': attribute type 1 has an invalid length.
[  390.106950][T12270] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2425'.
[  390.431952][ T5851] Bluetooth: hci4: command tx timeout
[  391.210326][T12292] ubi0: attaching mtd0
[  391.214491][T12292] ubi0 error: ubi_attach_mtd_dev: bad VID header (17408) or data offsets (17472)
[  391.875810][T12307] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2441'.
[  392.563434][T12318] lo: entered allmulticast mode
[  392.617760][T12321] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2444'.
[  392.632528][T12322] lo: left allmulticast mode
[  392.799346][T12315] ==================================================================
[  392.807481][T12315] BUG: KASAN: slab-use-after-free in force_devcd_write+0x317/0x330
[  392.815717][T12315] Read of size 8 at addr ffff888028595000 by task syz.0.2450/12315
[  392.823689][T12315] 
[  392.826088][T12315] CPU: 0 UID: 0 PID: 12315 Comm: syz.0.2450 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  392.826125][T12315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  392.826143][T12315] Call Trace:
[  392.826153][T12315]  <TASK>
[  392.826165][T12315]  dump_stack_lvl+0x116/0x1f0
[  392.826215][T12315]  print_report+0xc3/0x670
[  392.826241][T12315]  ? __virt_addr_valid+0x5e/0x590
[  392.826271][T12315]  ? __phys_addr+0xc6/0x150
[  392.826299][T12315]  kasan_report+0xd9/0x110
[  392.826323][T12315]  ? force_devcd_write+0x317/0x330
[  392.826365][T12315]  ? force_devcd_write+0x317/0x330
[  392.826409][T12315]  force_devcd_write+0x317/0x330
[  392.826451][T12315]  ? __pfx_force_devcd_write+0x10/0x10
[  392.826492][T12315]  ? __debugfs_file_get+0x1ff/0x850
[  392.826531][T12315]  ? __pfx___debugfs_file_get+0x10/0x10
[  392.826568][T12315]  ? rcu_is_watching+0x12/0xc0
[  392.826598][T12315]  ? trace_lock_acquire+0x14e/0x1f0
[  392.826634][T12315]  full_proxy_write+0x13c/0x200
[  392.826679][T12315]  ? __pfx_full_proxy_write+0x10/0x10
[  392.826719][T12315]  vfs_write+0x24c/0x1150
[  392.826760][T12315]  ? __fget_files+0x1fc/0x3a0
[  392.826802][T12315]  ? __pfx___mutex_lock+0x10/0x10
[  392.826847][T12315]  ? __pfx_vfs_write+0x10/0x10
[  392.826893][T12315]  ? __fget_files+0x206/0x3a0
[  392.826940][T12315]  ksys_write+0x12b/0x250
[  392.826983][T12315]  ? __pfx_ksys_write+0x10/0x10
[  392.827030][T12315]  do_syscall_64+0xcd/0x250
[  392.827077][T12315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.827124][T12315] RIP: 0033:0x7f9368f8d169
[  392.827152][T12315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.827187][T12315] RSP: 002b:00007f9369ea8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  392.827221][T12315] RAX: ffffffffffffffda RBX: 00007f93691a5fa0 RCX: 00007f9368f8d169
[  392.827242][T12315] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004
[  392.827262][T12315] RBP: 00007f936900e2a0 R08: 0000000000000000 R09: 0000000000000000
[  392.827282][T12315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  392.827303][T12315] R13: 0000000000000000 R14: 00007f93691a5fa0 R15: 00007ffc8caa8fa8
[  392.827331][T12315]  </TASK>
[  392.827340][T12315] 
[  393.050966][T12315] Allocated by task 5836:
[  393.055310][T12315]  kasan_save_stack+0x33/0x60
[  393.060045][T12315]  kasan_save_track+0x14/0x30
[  393.064770][T12315]  __kasan_kmalloc+0xaa/0xb0
[  393.069432][T12315]  vhci_open+0x4c/0x430
[  393.073630][T12315]  misc_open+0x35a/0x420
[  393.077900][T12315]  chrdev_open+0x237/0x6a0
[  393.084108][T12315]  do_dentry_open+0x735/0x1c40
[  393.088911][T12315]  vfs_open+0x82/0x3f0
[  393.093057][T12315]  path_openat+0x1e88/0x2d80
[  393.097691][T12315]  do_filp_open+0x20c/0x470
[  393.103194][T12315]  do_sys_openat2+0x17a/0x1e0
[  393.107927][T12315]  __x64_sys_openat+0x175/0x210
[  393.113254][T12315]  do_syscall_64+0xcd/0x250
[  393.118731][T12315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.124685][T12315] 
[  393.127290][T12315] Freed by task 5836:
[  393.131307][T12315]  kasan_save_stack+0x33/0x60
[  393.136032][T12315]  kasan_save_track+0x14/0x30
[  393.141004][T12315]  kasan_save_free_info+0x3b/0x60
[  393.146252][T12315]  __kasan_slab_free+0x51/0x70
[  393.151063][T12315]  kfree+0x2c4/0x4d0
[  393.155085][T12315]  vhci_release+0xbb/0xf0
[  393.159677][T12315]  __fput+0x3ff/0xb70
[  393.163690][T12315]  task_work_run+0x14e/0x250
[  393.168320][T12315]  do_exit+0xad8/0x2db0
[  393.172958][T12315]  do_group_exit+0xd3/0x2a0
[  393.177514][T12315]  __x64_sys_exit_group+0x3e/0x50
[  393.182765][T12315]  x64_sys_call+0x151f/0x1720
[  393.187474][T12315]  do_syscall_64+0xcd/0x250
[  393.192028][T12315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.198061][T12315] 
[  393.200492][T12315] The buggy address belongs to the object at ffff888028595000
[  393.200492][T12315]  which belongs to the cache kmalloc-1k of size 1024
[  393.214572][T12315] The buggy address is located 0 bytes inside of
[  393.214572][T12315]  freed 1024-byte region [ffff888028595000, ffff888028595400)
[  393.228337][T12315] 
[  393.230681][T12315] The buggy address belongs to the physical page:
[  393.237117][T12315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28590
[  393.245913][T12315] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  393.254438][T12315] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  393.262452][T12315] page_type: f5(slab)
[  393.266466][T12315] raw: 00fff00000000040 ffff88801b041dc0 0000000000000000 dead000000000001
[  393.275087][T12315] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  393.283721][T12315] head: 00fff00000000040 ffff88801b041dc0 0000000000000000 dead000000000001
[  393.292417][T12315] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  393.301116][T12315] head: 00fff00000000003 ffffea0000a16401 ffffffffffffffff 0000000000000000
[  393.309815][T12315] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  393.318529][T12315] page dumped because: kasan: bad access detected
[  393.324982][T12315] page_owner tracks the page as allocated
[  393.330717][T12315] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 197, tgid 197 (kworker/u8:5), ts 15460470112, free_ts 0
[  393.349335][T12315]  post_alloc_hook+0x181/0x1b0
[  393.354193][T12315]  get_page_from_freelist+0xfce/0x2f80
[  393.359798][T12315]  __alloc_frozen_pages_noprof+0x221/0x2470
[  393.365736][T12315]  new_slab+0x94/0x330
[  393.369840][T12315]  ___slab_alloc+0xc5d/0x1720
[  393.374637][T12315]  __slab_alloc.constprop.0+0x56/0xb0
[  393.380233][T12315]  __kmalloc_cache_node_noprof+0x101/0x420
[  393.386085][T12315]  blk_mq_alloc_and_init_hctx+0x639/0x11b0
[  393.391935][T12315]  blk_mq_realloc_hw_ctxs+0x8e0/0xbe0
[  393.397346][T12315]  blk_mq_init_allocated_queue+0x39e/0x11f0
[  393.403272][T12315]  blk_mq_alloc_queue+0x1c3/0x290
[  393.408335][T12315]  scsi_alloc_sdev+0x890/0xd80
[  393.413208][T12315]  scsi_probe_and_add_lun+0x789/0xda0
[  393.419086][T12315]  __scsi_scan_target+0x1ea/0x580
[  393.424249][T12315]  scsi_scan_channel+0x149/0x1e0
[  393.429224][T12315]  scsi_scan_host_selected+0x302/0x400
[  393.434716][T12315] page_owner free stack trace missing
[  393.440099][T12315] 
[  393.442436][T12315] Memory state around the buggy address:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  393.448115][T12315]  ffff888028594f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  393.456221][T12315]  ffff888028594f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  393.464398][T12315] >ffff888028595000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  393.472823][T12315]                    ^
[  393.476922][T12315]  ffff888028595080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  393.485001][T12315]  ffff888028595100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  393.493075][T12315] ==================================================================
[  393.553279][T12315] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  393.560645][T12315] CPU: 0 UID: 0 PID: 12315 Comm: syz.0.2450 Not tainted 6.14.0-rc7-syzkaller-00074-ga7f2e10ecd8f #0
[  393.571570][T12315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  393.581691][T12315] Call Trace:
[  393.585013][T12315]  <TASK>
[  393.587986][T12315]  dump_stack_lvl+0x3d/0x1f0
[  393.592752][T12315]  panic+0x71d/0x800
[  393.596726][T12315]  ? __pfx_panic+0x10/0x10
[  393.601247][T12315]  ? preempt_schedule_thunk+0x1a/0x30
[  393.606866][T12315]  ? preempt_schedule_common+0x44/0xc0
[  393.612445][T12315]  check_panic_on_warn+0xab/0xb0
[  393.617450][T12315]  end_report+0x117/0x180
[  393.621834][T12315]  kasan_report+0xe9/0x110
[  393.626312][T12315]  ? force_devcd_write+0x317/0x330
[  393.631520][T12315]  ? force_devcd_write+0x317/0x330
[  393.636730][T12315]  force_devcd_write+0x317/0x330
[  393.641787][T12315]  ? __pfx_force_devcd_write+0x10/0x10
[  393.647432][T12315]  ? __debugfs_file_get+0x1ff/0x850
[  393.652751][T12315]  ? __pfx___debugfs_file_get+0x10/0x10
[  393.658455][T12315]  ? rcu_is_watching+0x12/0xc0
[  393.663280][T12315]  ? trace_lock_acquire+0x14e/0x1f0
[  393.668524][T12315]  full_proxy_write+0x13c/0x200
[  393.673412][T12315]  ? __pfx_full_proxy_write+0x10/0x10
[  393.678817][T12315]  vfs_write+0x24c/0x1150
[  393.683197][T12315]  ? __fget_files+0x1fc/0x3a0
[  393.687913][T12315]  ? __pfx___mutex_lock+0x10/0x10
[  393.692975][T12315]  ? __pfx_vfs_write+0x10/0x10
[  393.697866][T12315]  ? __fget_files+0x206/0x3a0
[  393.702586][T12315]  ksys_write+0x12b/0x250
[  393.706958][T12315]  ? __pfx_ksys_write+0x10/0x10
[  393.711854][T12315]  do_syscall_64+0xcd/0x250
[  393.716397][T12315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.722328][T12315] RIP: 0033:0x7f9368f8d169
[  393.726763][T12315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  393.746620][T12315] RSP: 002b:00007f9369ea8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  393.755152][T12315] RAX: ffffffffffffffda RBX: 00007f93691a5fa0 RCX: 00007f9368f8d169
[  393.763176][T12315] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004
[  393.771172][T12315] RBP: 00007f936900e2a0 R08: 0000000000000000 R09: 0000000000000000
[  393.779167][T12315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  393.787162][T12315] R13: 0000000000000000 R14: 00007f93691a5fa0 R15: 00007ffc8caa8fa8
[  393.795162][T12315]  </TASK>
[  393.798469][T12315] Kernel Offset: disabled
[  393.802836][T12315] Rebooting in 86400 seconds..