last executing test programs: 1m15.346089838s ago: executing program 2 (id=1137): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x1e, 0x1, 0x0) listen$auto(r0, 0x9) accept$auto(r0, 0x0, 0x0) close_range$auto(0x0, 0x5, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 1m12.96230208s ago: executing program 2 (id=1151): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffffff, 0x0, 0x0) socket(0x1e, 0x4, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x5) r0 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x80080, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r0, 0x4018bc13, &(0x7f00000001c0)={0x0, 0x5}) close_range$auto(0x2, 0x8, 0x0) 1m12.596770371s ago: executing program 2 (id=1154): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x4) r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) close_range$auto(r0, r0, 0x0) socket(0x2, 0x2, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000000c0), r1) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x3c, r2, 0x1, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x58}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x8}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_FD={0x8, 0x17, r0}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 1m12.311621605s ago: executing program 2 (id=1157): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 1m11.608152555s ago: executing program 2 (id=1161): r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027617c36720add70ab0343990f7d0bbc96dc0b"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) read$auto(r0, &(0x7f0000000040)='\x00', 0x10001) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004c18}, 0x810) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="01202cbd7000fbdbdf250a"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='H'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1m11.061939233s ago: executing program 2 (id=1166): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x1, 0xffffffff, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x80047456, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000000)='[_') ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) 1m10.533596679s ago: executing program 32 (id=1166): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x1, 0xffffffff, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x80047456, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000000)='[_') ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) 4.506336493s ago: executing program 4 (id=1521): mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010026bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000080003003800000008000200", @ANYRES32=0x0, @ANYBLOB="0a0001"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.424731164s ago: executing program 3 (id=1524): socket(0x2, 0x2, 0x88) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x6e}, 0x1, 0x0, 0x0, 0x44800}, 0x40080c8) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.941988074s ago: executing program 3 (id=1526): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x23, 0x80805, 0x0) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) open(&(0x7f0000000840)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_\x00', 0x22240, 0x0) io_uring_setup$auto(0x1, 0x0) prctl$auto(0x41555856, 0x4, 0x2008, 0x0, 0x0) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x0, 0x29, 0x0, 0x10001) 2.820115458s ago: executing program 4 (id=1527): close_range$auto(0x1, 0x8000, 0x0) socket(0x2, 0x5, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) open(&(0x7f0000000080)='./file0\x00', 0x200101, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000) getsockopt$auto(0x5, 0x2000000006, 0x10, 0xfffffffffffffffd, 0x0) 2.52704958s ago: executing program 4 (id=1530): close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) capset$auto(0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x106) setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb) 2.334980887s ago: executing program 3 (id=1531): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) fstat$auto(0x2, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/video13\x00', 0x20000, 0x0) ioctl$auto(0x3, 0xc0285628, 0x8) 2.194158672s ago: executing program 4 (id=1532): mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'xfrm0\x00'}) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f000001f300), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=r2], 0x1ac}}, 0x40000) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x30, 0xff, 0x0, @raw=0xfffff004}}) 2.132971023s ago: executing program 1 (id=1533): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000200), 0x101802, 0x0) fcntl$auto(0x3, 0x4, 0xa553) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x5607, 0x7) close_range$auto(0x2, 0x8, 0x0) 1.968190559s ago: executing program 0 (id=1534): close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x4, 0x8000000000001, 0xffff}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(r1, 0x8, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 1.828920903s ago: executing program 4 (id=1535): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) socket(0xa, 0x1, 0x84) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000980)='/dev/snd/controlC0\x00', 0x0, 0x0) r0 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r0, 0x65, 0x1, 0x0, 0x800) bind$auto(0x3, &(0x7f0000000040)=@can, 0x6a) 1.787303371s ago: executing program 1 (id=1536): socket(0xa, 0x1, 0x100) socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) pidfd_open$auto(0x1, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0xb05403, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0xc, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) 1.568242942s ago: executing program 1 (id=1537): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) open(0x0, 0x2a4c0, 0x20) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x8000, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto(r1, 0x40045542, r0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) 1.566351873s ago: executing program 0 (id=1545): close_range$auto(0x2, 0x8, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x801, 0x84) getsockopt$auto(r0, 0x84, 0x2, 0x0, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x64, 0x0, 0x1c) 1.319665562s ago: executing program 0 (id=1538): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vkms/graphics/fb0/bits_per_pixel\x00', 0x82942, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000680)='/dev/v4l-subdev5\x00', 0x20281, 0x0) sendmsg$auto_NL80211_CMD_GET_MPP(0xffffffffffffffff, 0x0, 0x880) getrandom$auto(0x0, 0x6000000, 0x3) sendfile$auto(r0, r0, 0x0, 0x200) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x1f) 1.030154579s ago: executing program 3 (id=1539): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x22340, 0x0) open(0x0, 0x149443, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) dup3$auto(0x8000000000000001, 0x5, 0x800000000) splice$auto(0x8, &(0x7f0000000080)=0x10d, 0x5, 0x0, 0x1, 0x3) 970.032702ms ago: executing program 0 (id=1540): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x100000020003b49, 0x80000000002, 0x0, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, 0x0) select$auto(0x8, 0x0, &(0x7f0000000340)={[0x9, 0x8000, 0xfffffffffffffffd, 0xd7d, 0x4, 0x9, 0x100, 0x8, 0x9, 0x7, 0x3, 0x4, 0x847, 0xffffffff7fffffff, 0x401, 0x6]}, 0x0, 0x0) 849.929795ms ago: executing program 1 (id=1541): close_range$auto(0x0, 0xfffffffffffff000, 0x2) fanotify_init$auto(0x5, 0x2000000000002) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 779.288839ms ago: executing program 0 (id=1542): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2a, 0x2, 0x88) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, r1, 0x4, 0x1, r0, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x7}, 0xc) 517.92695ms ago: executing program 1 (id=1543): mmap$auto(0x0, 0x428, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xffffeffe, 0x2) io_uring_setup$auto(0x59, 0x0) open(0x0, 0x64842, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_register$auto(0x2, 0x14, 0x0, 0x3) io_uring_register$auto(0x2, 0x15, 0x0, 0x6) 486.749568ms ago: executing program 3 (id=1544): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_SEG6_CMD_SETHMAC(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0181"], 0x1c}, 0x1, 0x0, 0x0, 0x40012}, 0x24000090) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 450.620381ms ago: executing program 4 (id=1546): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) lseek$auto(r0, 0x0, 0x2) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) read$auto(0x3, 0x0, 0xfffffdef) 199.12104ms ago: executing program 0 (id=1547): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00@\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a0005000700000000000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010072e0fa60fddbdf2500009c8814816b5e81"], 0x1c}, 0x1, 0x0, 0x0, 0x40080}, 0x2) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4002, 0x4}, 0x77, 0xfffffffc, 0x0, 0x62bd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x6}, 0x3, 0x2) 170.704125ms ago: executing program 1 (id=1548): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x6ad) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/oom_adj\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) read$auto(0xffffffffffffffff, &(0x7f00000000c0)='/proc/thread-self/fail-nth\x00', 0xff) syz_open_procfs$namespace(0x0, 0x0) 0s ago: executing program 3 (id=1549): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x3, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap$auto(0x0, 0x61, 0x100001000000003, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0x40106f52, r0) kernel console output (not intermixed with test programs): 2][ T7445] RIP: 0033:0x7f8fc778e969 [ 180.250968][ T7445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.251000][ T7445] RSP: 002b:00007f8fc8643038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 180.251039][ T7445] RAX: ffffffffffffffda RBX: 00007f8fc79b5fa0 RCX: 00007f8fc778e969 [ 180.251061][ T7445] RDX: 00000000000000df RSI: 0000000000400005 RDI: 0000000000000000 [ 180.251081][ T7445] RBP: 00007f8fc7810ab1 R08: 0000000000000002 R09: 0000000000008000 [ 180.251102][ T7445] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 180.251122][ T7445] R13: 0000000000000000 R14: 00007f8fc79b5fa0 R15: 00007ffc6c2610d8 [ 180.251164][ T7445] [ 180.969095][ T7459] FAULT_INJECTION: forcing a failure. [ 180.969095][ T7459] name failslab, interval 1, probability 0, space 0, times 0 [ 180.990298][ T7459] CPU: 0 UID: 0 PID: 7459 Comm: syz.1.568 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 180.990346][ T7459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 180.990366][ T7459] Call Trace: [ 180.990376][ T7459] [ 180.990389][ T7459] dump_stack_lvl+0x16c/0x1f0 [ 180.990439][ T7459] should_fail_ex+0x512/0x640 [ 180.990485][ T7459] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 180.990542][ T7459] should_failslab+0xc2/0x120 [ 180.990582][ T7459] __kmalloc_cache_noprof+0x6a/0x3e0 [ 180.990658][ T7459] ? snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 180.990712][ T7459] snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 180.990761][ T7459] ? preempt_count_sub+0xd5/0x160 [ 180.990802][ T7459] ? trace_contention_end+0xdd/0x130 [ 180.990846][ T7459] ? __mutex_lock+0x1ca/0xb90 [ 180.990893][ T7459] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 180.990945][ T7459] ? __pfx___mutex_lock+0x10/0x10 [ 180.991005][ T7459] ? find_held_lock+0x2b/0x80 [ 180.991051][ T7459] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 180.991106][ T7459] snd_pcm_oss_ioctl+0x31aa/0x37a0 [ 180.991152][ T7459] ? find_held_lock+0x2b/0x80 [ 180.991181][ T7459] ? hook_file_ioctl_common+0x145/0x410 [ 180.991217][ T7459] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 180.991268][ T7459] ? __fget_files+0x20e/0x3c0 [ 180.991324][ T7459] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 180.991372][ T7459] __x64_sys_ioctl+0x190/0x200 [ 180.991421][ T7459] do_syscall_64+0xcd/0x230 [ 180.991469][ T7459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.991506][ T7459] RIP: 0033:0x7f8fc778e969 [ 180.991531][ T7459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.991560][ T7459] RSP: 002b:00007f8fc8643038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 180.991590][ T7459] RAX: ffffffffffffffda RBX: 00007f8fc79b5fa0 RCX: 00007f8fc778e969 [ 180.991611][ T7459] RDX: 0000000000000000 RSI: 00000000c0045005 RDI: 0000000000000004 [ 180.991629][ T7459] RBP: 00007f8fc7810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 180.991648][ T7459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 180.991664][ T7459] R13: 0000000000000000 R14: 00007f8fc79b5fa0 R15: 00007ffc6c2610d8 [ 180.991706][ T7459] [ 181.605639][ T7462] netlink: 322 bytes leftover after parsing attributes in process `syz.3.569'. [ 181.695072][ T7465] FAULT_INJECTION: forcing a failure. [ 181.695072][ T7465] name failslab, interval 1, probability 0, space 0, times 0 [ 181.741859][ T7465] CPU: 0 UID: 0 PID: 7465 Comm: syz.1.570 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 181.741904][ T7465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 181.741923][ T7465] Call Trace: [ 181.741934][ T7465] [ 181.741947][ T7465] dump_stack_lvl+0x16c/0x1f0 [ 181.741993][ T7465] should_fail_ex+0x512/0x640 [ 181.742036][ T7465] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 181.742093][ T7465] should_failslab+0xc2/0x120 [ 181.742132][ T7465] __kmalloc_cache_noprof+0x6a/0x3e0 [ 181.742183][ T7465] ? fib_rules_register+0x403/0x500 [ 181.742221][ T7465] ? mr_table_alloc+0x5f/0x2e0 [ 181.742257][ T7465] ? do_raw_spin_unlock+0x172/0x230 [ 181.742306][ T7465] ? __pfx_ipmr_new_table_set+0x10/0x10 [ 181.742358][ T7465] mr_table_alloc+0x5f/0x2e0 [ 181.742392][ T7465] ? __pfx_ipmr_expire_process+0x10/0x10 [ 181.742423][ T7465] ? __pfx_ipmr_net_init+0x10/0x10 [ 181.742457][ T7465] ipmr_net_init+0x3c4/0x4e0 [ 181.742490][ T7465] ? __pfx_ipmr_net_init+0x10/0x10 [ 181.742522][ T7465] ops_init+0x1df/0x5f0 [ 181.742563][ T7465] setup_net+0x21e/0x850 [ 181.742605][ T7465] ? __pfx_setup_net+0x10/0x10 [ 181.742639][ T7465] ? lockdep_init_map_type+0x5c/0x280 [ 181.742689][ T7465] ? __pfx_down_read_killable+0x10/0x10 [ 181.742745][ T7465] ? debug_mutex_init+0x37/0x70 [ 181.742803][ T7465] copy_net_ns+0x2a6/0x5f0 [ 181.742850][ T7465] create_new_namespaces+0x3ea/0xad0 [ 181.742897][ T7465] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 181.742938][ T7465] ksys_unshare+0x45b/0xa40 [ 181.742983][ T7465] ? __pfx_ksys_unshare+0x10/0x10 [ 181.743024][ T7465] ? xfd_validate_state+0x5d/0x180 [ 181.743078][ T7465] ? rcu_is_watching+0x12/0xc0 [ 181.743116][ T7465] __x64_sys_unshare+0x31/0x40 [ 181.743159][ T7465] do_syscall_64+0xcd/0x230 [ 181.743204][ T7465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.743237][ T7465] RIP: 0033:0x7f8fc778e969 [ 181.743262][ T7465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.743293][ T7465] RSP: 002b:00007f8fc8643038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 181.743323][ T7465] RAX: ffffffffffffffda RBX: 00007f8fc79b5fa0 RCX: 00007f8fc778e969 [ 181.743344][ T7465] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 181.743364][ T7465] RBP: 00007f8fc7810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 181.743382][ T7465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 181.743414][ T7465] R13: 0000000000000000 R14: 00007f8fc79b5fa0 R15: 00007ffc6c2610d8 [ 181.743452][ T7465] [ 182.958998][ T7496] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 183.577174][ T7506] netlink: 'syz.0.587': attribute type 33 has an invalid length. [ 183.591867][ T7506] netlink: 322 bytes leftover after parsing attributes in process `syz.0.587'. [ 184.566324][ T7539] netlink: 4 bytes leftover after parsing attributes in process `syz.0.600'. [ 184.795255][ T7546] netlink: 'syz.0.603': attribute type 4 has an invalid length. [ 185.423919][ T7561] netlink: 322 bytes leftover after parsing attributes in process `syz.3.609'. [ 185.675088][ T7557] netlink: 4 bytes leftover after parsing attributes in process `syz.0.607'. [ 186.315090][ T7581] netlink: 334 bytes leftover after parsing attributes in process `syz.3.615'. [ 187.258753][ T7604] netlink: 334 bytes leftover after parsing attributes in process `syz.1.625'. [ 187.306220][ T7604] netlink: 334 bytes leftover after parsing attributes in process `syz.1.625'. [ 189.577885][ T7658] ima: policy update failed [ 189.621646][ T30] audit: type=1802 audit(6041032918.999:3): pid=7658 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.648" res=0 errno=0 [ 190.113150][ T7673] netlink: 'syz.1.654': attribute type 22 has an invalid length. [ 190.161646][ T7673] netlink: 334 bytes leftover after parsing attributes in process `syz.1.654'. [ 190.362086][ T7676] netlink: 342 bytes leftover after parsing attributes in process `syz.3.655'. [ 191.451328][ T7699] netlink: 342 bytes leftover after parsing attributes in process `syz.0.663'. [ 192.826863][ T7731] netlink: 'syz.2.676': attribute type 33 has an invalid length. [ 192.871445][ T7735] netlink: 334 bytes leftover after parsing attributes in process `syz.3.679'. [ 192.871791][ T7731] netlink: 322 bytes leftover after parsing attributes in process `syz.2.676'. [ 192.872084][ T7731] netlink: 'syz.2.676': attribute type 33 has an invalid length. [ 192.872105][ T7731] netlink: 322 bytes leftover after parsing attributes in process `syz.2.676'. [ 193.269798][ T7743] netlink: 342 bytes leftover after parsing attributes in process `syz.1.682'. [ 193.290407][ T7743] netlink: 342 bytes leftover after parsing attributes in process `syz.1.682'. [ 193.520910][ T7746] netlink: 330 bytes leftover after parsing attributes in process `syz.2.683'. [ 193.936832][ T7756] netlink: 'syz.0.688': attribute type 28 has an invalid length. [ 193.980121][ T7756] netlink: 334 bytes leftover after parsing attributes in process `syz.0.688'. [ 194.772588][ T7775] mmap: syz.1.694 (7775) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 194.940787][ T7777] FAULT_INJECTION: forcing a failure. [ 194.940787][ T7777] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 195.013658][ T30] audit: type=1800 audit(6041032924.399:4): pid=7781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.697" name="dbroot" dev="configfs" ino=14853 res=0 errno=0 [ 195.045092][ T7777] CPU: 0 UID: 0 PID: 7777 Comm: syz.2.696 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 195.045140][ T7777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 195.045159][ T7777] Call Trace: [ 195.045170][ T7777] [ 195.045182][ T7777] dump_stack_lvl+0x16c/0x1f0 [ 195.045230][ T7777] should_fail_ex+0x512/0x640 [ 195.045281][ T7777] core_sys_select+0x4b2/0xbe0 [ 195.045341][ T7777] ? __pfx_core_sys_select+0x10/0x10 [ 195.045438][ T7777] ? read_tsc+0x9/0x20 [ 195.045477][ T7777] ? ktime_get_ts64+0x256/0x400 [ 195.045525][ T7777] kern_select+0x15d/0x1e0 [ 195.045582][ T7777] ? __pfx_kern_select+0x10/0x10 [ 195.045633][ T7777] ? xfd_validate_state+0x5d/0x180 [ 195.045687][ T7777] ? rcu_is_watching+0x12/0xc0 [ 195.045722][ T7777] __x64_sys_select+0xbd/0x160 [ 195.045770][ T7777] ? do_syscall_64+0x91/0x230 [ 195.045813][ T7777] ? lockdep_hardirqs_on+0x7c/0x110 [ 195.045854][ T7777] do_syscall_64+0xcd/0x230 [ 195.045900][ T7777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.045932][ T7777] RIP: 0033:0x7ffa16d8e969 [ 195.045958][ T7777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 195.045989][ T7777] RSP: 002b:00007ffa17b21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 195.046020][ T7777] RAX: ffffffffffffffda RBX: 00007ffa16fb5fa0 RCX: 00007ffa16d8e969 [ 195.046042][ T7777] RDX: 0000200000000500 RSI: 0000200000000480 RDI: 0000000000000009 [ 195.046062][ T7777] RBP: 00007ffa16e10ab1 R08: 0000200000000600 R09: 0000000000000000 [ 195.046083][ T7777] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000000 [ 195.046103][ T7777] R13: 0000000000000000 R14: 00007ffa16fb5fa0 R15: 00007ffe9a0b49e8 [ 195.046147][ T7777] [ 196.037913][ T7800] netlink: 330 bytes leftover after parsing attributes in process `syz.0.713'. [ 196.341820][ T7807] netlink: 146 bytes leftover after parsing attributes in process `syz.2.708'. [ 196.604783][ T7812] FAULT_INJECTION: forcing a failure. [ 196.604783][ T7812] name failslab, interval 1, probability 0, space 0, times 0 [ 196.637969][ T7812] CPU: 1 UID: 0 PID: 7812 Comm: syz.2.710 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 196.638017][ T7812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 196.638036][ T7812] Call Trace: [ 196.638047][ T7812] [ 196.638060][ T7812] dump_stack_lvl+0x16c/0x1f0 [ 196.638110][ T7812] should_fail_ex+0x512/0x640 [ 196.638163][ T7812] ? __kmalloc_noprof+0xbf/0x510 [ 196.638201][ T7812] ? lsm_blob_alloc+0x68/0x90 [ 196.638248][ T7812] should_failslab+0xc2/0x120 [ 196.638288][ T7812] __kmalloc_noprof+0xd2/0x510 [ 196.638334][ T7812] lsm_blob_alloc+0x68/0x90 [ 196.638385][ T7812] security_sk_alloc+0x30/0x270 [ 196.638422][ T7812] sk_prot_alloc+0x1c7/0x2a0 [ 196.638467][ T7812] sk_alloc+0x36/0xc20 [ 196.638501][ T7812] __netlink_create+0x5e/0x2c0 [ 196.638557][ T7812] __netlink_kernel_create+0xed/0x750 [ 196.638598][ T7812] ? __pfx___netlink_kernel_create+0x10/0x10 [ 196.638649][ T7812] fib_net_init+0x26d/0x3f0 [ 196.638684][ T7812] ? __pfx___register_sysctl_table+0x10/0x10 [ 196.638722][ T7812] ? __pfx_fib_net_init+0x10/0x10 [ 196.638756][ T7812] ? lockdep_init_map_type+0x5c/0x280 [ 196.638800][ T7812] ? __pfx_nl_fib_input+0x10/0x10 [ 196.638842][ T7812] ? devinet_init_net+0x5c2/0x910 [ 196.638885][ T7812] ? __pfx_fib_net_init+0x10/0x10 [ 196.638918][ T7812] ops_init+0x1df/0x5f0 [ 196.638960][ T7812] setup_net+0x21e/0x850 [ 196.639001][ T7812] ? __pfx_setup_net+0x10/0x10 [ 196.639036][ T7812] ? lockdep_init_map_type+0x5c/0x280 [ 196.639077][ T7812] ? __pfx_down_read_killable+0x10/0x10 [ 196.639138][ T7812] ? debug_mutex_init+0x37/0x70 [ 196.639196][ T7812] copy_net_ns+0x2a6/0x5f0 [ 196.639242][ T7812] create_new_namespaces+0x3ea/0xad0 [ 196.639289][ T7812] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 196.639329][ T7812] ksys_unshare+0x45b/0xa40 [ 196.639374][ T7812] ? __pfx_ksys_unshare+0x10/0x10 [ 196.639413][ T7812] ? xfd_validate_state+0x5d/0x180 [ 196.639466][ T7812] ? rcu_is_watching+0x12/0xc0 [ 196.639506][ T7812] __x64_sys_unshare+0x31/0x40 [ 196.639549][ T7812] do_syscall_64+0xcd/0x230 [ 196.639597][ T7812] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.639630][ T7812] RIP: 0033:0x7ffa16d8e969 [ 196.639655][ T7812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 196.639686][ T7812] RSP: 002b:00007ffa17b21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 196.639716][ T7812] RAX: ffffffffffffffda RBX: 00007ffa16fb5fa0 RCX: 00007ffa16d8e969 [ 196.639738][ T7812] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 196.639757][ T7812] RBP: 00007ffa16e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 196.639777][ T7812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 196.639796][ T7812] R13: 0000000000000000 R14: 00007ffa16fb5fa0 R15: 00007ffe9a0b49e8 [ 196.639838][ T7812] [ 197.010295][ T7816] FAULT_INJECTION: forcing a failure. [ 197.010295][ T7816] name failslab, interval 1, probability 0, space 0, times 0 [ 197.024483][ T7816] CPU: 1 UID: 0 PID: 7816 Comm: syz.3.712 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 197.024527][ T7816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 197.024547][ T7816] Call Trace: [ 197.024558][ T7816] [ 197.024570][ T7816] dump_stack_lvl+0x16c/0x1f0 [ 197.024619][ T7816] should_fail_ex+0x512/0x640 [ 197.024663][ T7816] ? __kmalloc_noprof+0xbf/0x510 [ 197.024699][ T7816] ? lsm_blob_alloc+0x68/0x90 [ 197.024747][ T7816] should_failslab+0xc2/0x120 [ 197.024786][ T7816] __kmalloc_noprof+0xd2/0x510 [ 197.024830][ T7816] lsm_blob_alloc+0x68/0x90 [ 197.024896][ T7816] security_sk_alloc+0x30/0x270 [ 197.024933][ T7816] sk_prot_alloc+0x1c7/0x2a0 [ 197.024979][ T7816] sk_alloc+0x36/0xc20 [ 197.025010][ T7816] mISDN_sock_create+0x275/0x410 [ 197.025056][ T7816] __sock_create+0x335/0x8d0 [ 197.025109][ T7816] __sys_socket+0x14d/0x260 [ 197.025157][ T7816] ? __pfx___sys_socket+0x10/0x10 [ 197.025205][ T7816] ? rcu_is_watching+0x12/0xc0 [ 197.025241][ T7816] __x64_sys_socket+0x72/0xb0 [ 197.025284][ T7816] ? lockdep_hardirqs_on+0x7c/0x110 [ 197.025325][ T7816] do_syscall_64+0xcd/0x230 [ 197.025379][ T7816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.025412][ T7816] RIP: 0033:0x7fd62998e969 [ 197.025438][ T7816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 197.025468][ T7816] RSP: 002b:00007fd62a785038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 197.025498][ T7816] RAX: ffffffffffffffda RBX: 00007fd629bb5fa0 RCX: 00007fd62998e969 [ 197.025520][ T7816] RDX: 0000000000000003 RSI: 0000000000000002 RDI: 0000000000000022 [ 197.025539][ T7816] RBP: 00007fd629a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 197.025559][ T7816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 197.025577][ T7816] R13: 0000000000000000 R14: 00007fd629bb5fa0 R15: 00007ffd60701d08 [ 197.025618][ T7816] [ 198.546975][ T7838] __nla_validate_parse: 1 callbacks suppressed [ 198.546999][ T7838] netlink: 186 bytes leftover after parsing attributes in process `syz.3.721'. [ 198.613531][ T7841] netlink: 186 bytes leftover after parsing attributes in process `syz.3.721'. [ 198.908517][ T7852] netlink: 342 bytes leftover after parsing attributes in process `syz.0.728'. [ 199.036868][ T7855] netlink: 'syz.2.730': attribute type 4 has an invalid length. [ 199.066070][ T7855] netlink: 314 bytes leftover after parsing attributes in process `syz.2.730'. [ 199.309516][ T7862] syz.0.740 uses obsolete (PF_INET,SOCK_PACKET) [ 199.446122][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.454661][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.751076][ T7895] netlink: 'syz.3.745': attribute type 8 has an invalid length. [ 200.785030][ T7895] netlink: 'syz.3.745': attribute type 8 has an invalid length. [ 201.015562][ T7901] netlink: 'syz.3.750': attribute type 2 has an invalid length. [ 201.833873][ T7918] netlink: 334 bytes leftover after parsing attributes in process `syz.0.755'. [ 202.995924][ T7956] netlink: 28 bytes leftover after parsing attributes in process `syz.0.768'. [ 203.071425][ T7958] netlink: 'syz.1.769': attribute type 1 has an invalid length. [ 203.105083][ T7958] netlink: 306 bytes leftover after parsing attributes in process `syz.1.769'. [ 204.006584][ T7972] netlink: 74 bytes leftover after parsing attributes in process `syz.3.776'. [ 205.066616][ T8005] netlink: 334 bytes leftover after parsing attributes in process `syz.3.789'. [ 206.187516][ T8029] netlink: 28 bytes leftover after parsing attributes in process `syz.2.799'. [ 206.540000][ T8037] netlink: 330 bytes leftover after parsing attributes in process `syz.3.803'. [ 207.321831][ T8058] netlink: 8 bytes leftover after parsing attributes in process `syz.3.813'. [ 207.808121][ T8067] netlink: 330 bytes leftover after parsing attributes in process `syz.0.815'. [ 209.031430][ T8089] netlink: 28 bytes leftover after parsing attributes in process `syz.1.822'. [ 209.140118][ T8094] netlink: 4 bytes leftover after parsing attributes in process `syz.2.824'. [ 209.223947][ T8094] netlink: 25 bytes leftover after parsing attributes in process `syz.2.824'. [ 210.140342][ T8117] netlink: 330 bytes leftover after parsing attributes in process `syz.1.829'. [ 210.701788][ T24] smpboot: CPU 0 is now offline [ 210.945778][ T8134] netlink: 322 bytes leftover after parsing attributes in process `syz.2.834'. [ 211.541406][ T8147] delete_channel: no stack [ 213.514612][ T8175] netlink: 322 bytes leftover after parsing attributes in process `syz.0.845'. [ 214.105054][ T8185] netlink: 28 bytes leftover after parsing attributes in process `syz.2.850'. [ 215.301578][ T5832] Bluetooth: hci2: command 0x0406 tx timeout [ 216.883966][ T5834] Bluetooth: hci1: command 0x0406 tx timeout [ 216.890121][ T5834] Bluetooth: hci0: command 0x0406 tx timeout [ 216.896853][ T5832] Bluetooth: hci3: command 0x0406 tx timeout [ 217.425511][ T8240] FAULT_INJECTION: forcing a failure. [ 217.425511][ T8240] name failslab, interval 1, probability 0, space 0, times 0 [ 217.473934][ T8240] CPU: 1 UID: 0 PID: 8240 Comm: syz.3.874 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 217.473974][ T8240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 217.473988][ T8240] Call Trace: [ 217.473996][ T8240] [ 217.474004][ T8240] dump_stack_lvl+0x16c/0x1f0 [ 217.474040][ T8240] should_fail_ex+0x512/0x640 [ 217.474074][ T8240] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 217.474103][ T8240] should_failslab+0xc2/0x120 [ 217.474132][ T8240] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 217.474157][ T8240] ? __pfx___might_resched+0x10/0x10 [ 217.474183][ T8240] ? __anon_vma_prepare+0xae/0x5e0 [ 217.474211][ T8240] __anon_vma_prepare+0xae/0x5e0 [ 217.474240][ T8240] __vmf_anon_prepare+0x11c/0x240 [ 217.474276][ T8240] do_wp_page+0x11a6/0x58e0 [ 217.474319][ T8240] ? __pfx_do_wp_page+0x10/0x10 [ 217.474356][ T8240] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 217.474391][ T8240] ? ___pte_offset_map+0x1bc/0x540 [ 217.474429][ T8240] __handle_mm_fault+0x1ada/0x2a40 [ 217.474460][ T8240] ? __pfx___handle_mm_fault+0x10/0x10 [ 217.474505][ T8240] ? find_vma+0xbf/0x140 [ 217.474536][ T8240] ? __pfx_find_vma+0x10/0x10 [ 217.474572][ T8240] handle_mm_fault+0x3fe/0xad0 [ 217.474600][ T8240] do_user_addr_fault+0x7a6/0x1370 [ 217.474627][ T8240] ? rcu_is_watching+0x12/0xc0 [ 217.474651][ T8240] exc_page_fault+0x5c/0xc0 [ 217.474681][ T8240] asm_exc_page_fault+0x26/0x30 [ 217.474703][ T8240] RIP: 0010:__put_user_4+0xd/0x20 [ 217.474734][ T8240] Code: 66 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 [ 217.474757][ T8240] RSP: 0018:ffffc90003adfcc0 EFLAGS: 00050202 [ 217.474775][ T8240] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000004 [ 217.474789][ T8240] RDX: 0000000000080000 RSI: ffffffff8236531c RDI: ffffffff8bf467e0 [ 217.474804][ T8240] RBP: 1ffff9200075bf9b R08: e7151b5d2ecc2001 R09: 0000000000000001 [ 217.474819][ T8240] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000ffffffea [ 217.474833][ T8240] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 217.474855][ T8240] ? do_vfs_ioctl+0x110c/0x1990 [ 217.474891][ T8240] do_vfs_ioctl+0x1117/0x1990 [ 217.474924][ T8240] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 217.474984][ T8240] ? find_held_lock+0x2b/0x80 [ 217.475006][ T8240] ? hook_file_ioctl_common+0x145/0x410 [ 217.475038][ T8240] ? __fget_files+0x20e/0x3c0 [ 217.475083][ T8240] __x64_sys_ioctl+0x11d/0x200 [ 217.475118][ T8240] do_syscall_64+0xcd/0x230 [ 217.475153][ T8240] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.475175][ T8240] RIP: 0033:0x7fd62998e969 [ 217.475193][ T8240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.475215][ T8240] RSP: 002b:00007fd62a785038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 217.475235][ T8240] RAX: ffffffffffffffda RBX: 00007fd629bb5fa0 RCX: 00007fd62998e969 [ 217.475250][ T8240] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000003 [ 217.475264][ T8240] RBP: 00007fd629a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 217.475277][ T8240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 217.475291][ T8240] R13: 0000000000000000 R14: 00007fd629bb5fa0 R15: 00007ffd60701d08 [ 217.475320][ T8240] [ 218.258280][ T8252] FAULT_INJECTION: forcing a failure. [ 218.258280][ T8252] name failslab, interval 1, probability 0, space 0, times 0 [ 218.291074][ T8252] CPU: 1 UID: 0 PID: 8252 Comm: syz.0.885 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 218.291109][ T8252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 218.291123][ T8252] Call Trace: [ 218.291131][ T8252] [ 218.291139][ T8252] dump_stack_lvl+0x16c/0x1f0 [ 218.291176][ T8252] should_fail_ex+0x512/0x640 [ 218.291210][ T8252] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 218.291252][ T8252] should_failslab+0xc2/0x120 [ 218.291281][ T8252] __kmalloc_cache_noprof+0x6a/0x3e0 [ 218.291334][ T8252] ? mousedev_open+0xdc/0x580 [ 218.291360][ T8252] mousedev_open+0xdc/0x580 [ 218.291385][ T8252] ? __pfx_mousedev_open+0x10/0x10 [ 218.291409][ T8252] misc_open+0x35a/0x420 [ 218.291445][ T8252] ? __pfx_misc_open+0x10/0x10 [ 218.291483][ T8252] chrdev_open+0x231/0x6a0 [ 218.291504][ T8252] ? __pfx_apparmor_file_open+0x10/0x10 [ 218.291533][ T8252] ? __pfx_chrdev_open+0x10/0x10 [ 218.291558][ T8252] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 218.291596][ T8252] do_dentry_open+0x741/0x1c10 [ 218.291619][ T8252] ? __pfx_chrdev_open+0x10/0x10 [ 218.291647][ T8252] vfs_open+0x82/0x3f0 [ 218.291679][ T8252] path_openat+0x1e5e/0x2d40 [ 218.291710][ T8252] ? __pfx_path_openat+0x10/0x10 [ 218.291738][ T8252] do_filp_open+0x20b/0x470 [ 218.291759][ T8252] ? __pfx_do_filp_open+0x10/0x10 [ 218.291800][ T8252] ? alloc_fd+0x471/0x7d0 [ 218.291841][ T8252] do_sys_openat2+0x11b/0x1d0 [ 218.291870][ T8252] ? __pfx_do_sys_openat2+0x10/0x10 [ 218.291910][ T8252] __x64_sys_openat+0x174/0x210 [ 218.291940][ T8252] ? __pfx___x64_sys_openat+0x10/0x10 [ 218.291977][ T8252] ? rcu_is_watching+0x12/0xc0 [ 218.292007][ T8252] do_syscall_64+0xcd/0x230 [ 218.292040][ T8252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.292063][ T8252] RIP: 0033:0x7f270af8e969 [ 218.292080][ T8252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.292102][ T8252] RSP: 002b:00007f270be1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 218.292123][ T8252] RAX: ffffffffffffffda RBX: 00007f270b1b5fa0 RCX: 00007f270af8e969 [ 218.292137][ T8252] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 218.292151][ T8252] RBP: 00007f270b010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 218.292165][ T8252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 218.292178][ T8252] R13: 0000000000000000 R14: 00007f270b1b5fa0 R15: 00007fff6713edb8 [ 218.292206][ T8252] [ 218.552886][ T8254] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 219.446568][ T8265] random: crng reseeded on system resumption [ 219.495299][ T8265] FAULT_INJECTION: forcing a failure. [ 219.495299][ T8265] name failslab, interval 1, probability 0, space 0, times 0 [ 219.620589][ T8265] CPU: 1 UID: 0 PID: 8265 Comm: syz.2.882 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 219.620623][ T8265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 219.620637][ T8265] Call Trace: [ 219.620645][ T8265] [ 219.620654][ T8265] dump_stack_lvl+0x16c/0x1f0 [ 219.620689][ T8265] should_fail_ex+0x512/0x640 [ 219.620722][ T8265] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 219.620763][ T8265] should_failslab+0xc2/0x120 [ 219.620791][ T8265] __kmalloc_cache_noprof+0x6a/0x3e0 [ 219.620840][ T8265] ? memory_bm_create+0x154/0x810 [ 219.620883][ T8265] memory_bm_create+0x154/0x810 [ 219.620934][ T8265] create_basic_memory_bitmaps+0x10f/0x680 [ 219.620965][ T8265] snapshot_open+0x235/0x2b0 [ 219.620990][ T8265] ? __pfx_snapshot_open+0x10/0x10 [ 219.621017][ T8265] misc_open+0x35a/0x420 [ 219.621054][ T8265] ? __pfx_misc_open+0x10/0x10 [ 219.621090][ T8265] chrdev_open+0x231/0x6a0 [ 219.621114][ T8265] ? __pfx_apparmor_file_open+0x10/0x10 [ 219.621144][ T8265] ? __pfx_chrdev_open+0x10/0x10 [ 219.621171][ T8265] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 219.621213][ T8265] do_dentry_open+0x741/0x1c10 [ 219.621236][ T8265] ? __pfx_chrdev_open+0x10/0x10 [ 219.621267][ T8265] vfs_open+0x82/0x3f0 [ 219.621300][ T8265] path_openat+0x1e5e/0x2d40 [ 219.621333][ T8265] ? __pfx_path_openat+0x10/0x10 [ 219.621363][ T8265] do_filp_open+0x20b/0x470 [ 219.621386][ T8265] ? __pfx_do_filp_open+0x10/0x10 [ 219.621430][ T8265] ? alloc_fd+0x471/0x7d0 [ 219.621477][ T8265] do_sys_openat2+0x11b/0x1d0 [ 219.621508][ T8265] ? __pfx_do_sys_openat2+0x10/0x10 [ 219.621551][ T8265] __x64_sys_openat+0x174/0x210 [ 219.621584][ T8265] ? __pfx___x64_sys_openat+0x10/0x10 [ 219.621618][ T8265] ? rcu_is_watching+0x12/0xc0 [ 219.621648][ T8265] do_syscall_64+0xcd/0x230 [ 219.621682][ T8265] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.621707][ T8265] RIP: 0033:0x7ffa16d8e969 [ 219.621725][ T8265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 219.621747][ T8265] RSP: 002b:00007ffa17b21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 219.621769][ T8265] RAX: ffffffffffffffda RBX: 00007ffa16fb5fa0 RCX: 00007ffa16d8e969 [ 219.621784][ T8265] RDX: 0000000000184b01 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 219.621804][ T8265] RBP: 00007ffa16e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 219.621818][ T8265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 219.621831][ T8265] R13: 0000000000000000 R14: 00007ffa16fb5fa0 R15: 00007ffe9a0b49e8 [ 219.621861][ T8265] [ 220.227230][ T8270] netlink: 326 bytes leftover after parsing attributes in process `syz.3.883'. [ 222.115151][ T8297] netlink: 334 bytes leftover after parsing attributes in process `syz.2.896'. [ 222.369658][ T8301] netlink: 122 bytes leftover after parsing attributes in process `syz.0.898'. [ 222.816399][ T8310] FAULT_INJECTION: forcing a failure. [ 222.816399][ T8310] name failslab, interval 1, probability 0, space 0, times 0 [ 222.982224][ T8310] CPU: 1 UID: 0 PID: 8310 Comm: syz.2.902 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 222.982260][ T8310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 222.982274][ T8310] Call Trace: [ 222.982281][ T8310] [ 222.982290][ T8310] dump_stack_lvl+0x16c/0x1f0 [ 222.982327][ T8310] should_fail_ex+0x512/0x640 [ 222.982360][ T8310] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 222.982402][ T8310] should_failslab+0xc2/0x120 [ 222.982429][ T8310] __kmalloc_cache_noprof+0x6a/0x3e0 [ 222.982473][ T8310] ? fib_rules_register+0x403/0x500 [ 222.982498][ T8310] ? mr_table_alloc+0x5f/0x2e0 [ 222.982524][ T8310] ? do_raw_spin_unlock+0x172/0x230 [ 222.982562][ T8310] ? __pfx_ipmr_new_table_set+0x10/0x10 [ 222.982602][ T8310] mr_table_alloc+0x5f/0x2e0 [ 222.982626][ T8310] ? __pfx_ipmr_expire_process+0x10/0x10 [ 222.982650][ T8310] ? __pfx_ipmr_net_init+0x10/0x10 [ 222.982674][ T8310] ipmr_net_init+0x3c4/0x4e0 [ 222.982698][ T8310] ? __pfx_ipmr_net_init+0x10/0x10 [ 222.982722][ T8310] ops_init+0x1df/0x5f0 [ 222.982752][ T8310] setup_net+0x21e/0x850 [ 222.982782][ T8310] ? __pfx_setup_net+0x10/0x10 [ 222.982807][ T8310] ? lockdep_init_map_type+0x5c/0x280 [ 222.982838][ T8310] ? __pfx_down_read_killable+0x10/0x10 [ 222.982878][ T8310] ? debug_mutex_init+0x37/0x70 [ 222.982919][ T8310] copy_net_ns+0x2a6/0x5f0 [ 222.982952][ T8310] create_new_namespaces+0x3ea/0xad0 [ 222.982985][ T8310] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 222.983015][ T8310] ksys_unshare+0x45b/0xa40 [ 222.983047][ T8310] ? __pfx_ksys_unshare+0x10/0x10 [ 222.983077][ T8310] ? xfd_validate_state+0x5d/0x180 [ 222.983117][ T8310] ? rcu_is_watching+0x12/0xc0 [ 222.983145][ T8310] __x64_sys_unshare+0x31/0x40 [ 222.983177][ T8310] do_syscall_64+0xcd/0x230 [ 222.983211][ T8310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.983234][ T8310] RIP: 0033:0x7ffa16d8e969 [ 222.983258][ T8310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.983281][ T8310] RSP: 002b:00007ffa17b21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 222.983303][ T8310] RAX: ffffffffffffffda RBX: 00007ffa16fb5fa0 RCX: 00007ffa16d8e969 [ 222.983318][ T8310] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 222.983333][ T8310] RBP: 00007ffa16e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 222.983347][ T8310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.983361][ T8310] R13: 0000000000000000 R14: 00007ffa16fb5fa0 R15: 00007ffe9a0b49e8 [ 222.983391][ T8310] [ 225.447905][ T8335] netlink: 146 bytes leftover after parsing attributes in process `syz.0.912'. [ 226.592630][ T8350] FAULT_INJECTION: forcing a failure. [ 226.592630][ T8350] name failslab, interval 1, probability 0, space 0, times 0 [ 226.666981][ T8350] CPU: 1 UID: 0 PID: 8350 Comm: syz.3.917 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 226.667015][ T8350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 226.667037][ T8350] Call Trace: [ 226.667044][ T8350] [ 226.667053][ T8350] dump_stack_lvl+0x16c/0x1f0 [ 226.667088][ T8350] should_fail_ex+0x512/0x640 [ 226.667120][ T8350] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 226.667162][ T8350] should_failslab+0xc2/0x120 [ 226.667190][ T8350] __kmalloc_cache_noprof+0x6a/0x3e0 [ 226.667228][ T8350] ? snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 226.667267][ T8350] snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 226.667301][ T8350] ? preempt_count_sub+0xd5/0x160 [ 226.667329][ T8350] ? trace_contention_end+0xdd/0x130 [ 226.667360][ T8350] ? __mutex_lock+0x1ca/0xb90 [ 226.667393][ T8350] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 226.667429][ T8350] ? __pfx___mutex_lock+0x10/0x10 [ 226.667470][ T8350] ? find_held_lock+0x2b/0x80 [ 226.667496][ T8350] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 226.667535][ T8350] snd_pcm_oss_ioctl+0x31aa/0x37a0 [ 226.667567][ T8350] ? find_held_lock+0x2b/0x80 [ 226.667587][ T8350] ? hook_file_ioctl_common+0x145/0x410 [ 226.667613][ T8350] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 226.667649][ T8350] ? __fget_files+0x20e/0x3c0 [ 226.667688][ T8350] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 226.667723][ T8350] __x64_sys_ioctl+0x190/0x200 [ 226.667757][ T8350] do_syscall_64+0xcd/0x230 [ 226.667790][ T8350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.667813][ T8350] RIP: 0033:0x7fd62998e969 [ 226.667832][ T8350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.667854][ T8350] RSP: 002b:00007fd62a785038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 226.667876][ T8350] RAX: ffffffffffffffda RBX: 00007fd629bb5fa0 RCX: 00007fd62998e969 [ 226.667892][ T8350] RDX: 0000000000000000 RSI: 00000000c0045005 RDI: 0000000000000004 [ 226.667906][ T8350] RBP: 00007fd629a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 226.667944][ T8350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.667958][ T8350] R13: 0000000000000000 R14: 00007fd629bb5fa0 R15: 00007ffd60701d08 [ 226.667986][ T8350] [ 228.235616][ T8366] netlink: 330 bytes leftover after parsing attributes in process `syz.1.924'. [ 229.225392][ T8362] netlink: 4 bytes leftover after parsing attributes in process `syz.0.921'. [ 230.268445][ T8387] netlink: 'syz.0.931': attribute type 1 has an invalid length. [ 230.367106][ T8387] netlink: 318 bytes leftover after parsing attributes in process `syz.0.931'. [ 231.347465][ T8402] block2mtd: illegal erase size [ 231.378005][ T8404] FAULT_INJECTION: forcing a failure. [ 231.378005][ T8404] name failslab, interval 1, probability 0, space 0, times 0 [ 231.479374][ T8404] CPU: 1 UID: 0 PID: 8404 Comm: syz.1.938 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 231.479409][ T8404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 231.479423][ T8404] Call Trace: [ 231.479431][ T8404] [ 231.479440][ T8404] dump_stack_lvl+0x16c/0x1f0 [ 231.479476][ T8404] should_fail_ex+0x512/0x640 [ 231.479510][ T8404] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 231.479538][ T8404] should_failslab+0xc2/0x120 [ 231.479566][ T8404] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 231.479592][ T8404] ? security_file_alloc+0x34/0x2b0 [ 231.479626][ T8404] security_file_alloc+0x34/0x2b0 [ 231.479656][ T8404] init_file+0x93/0x4c0 [ 231.479684][ T8404] alloc_empty_file+0x73/0x1e0 [ 231.479713][ T8404] alloc_file_pseudo+0x13a/0x230 [ 231.479744][ T8404] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 231.479782][ T8404] ioctx_alloc+0x5ab/0x2060 [ 231.479827][ T8404] ? find_held_lock+0x2b/0x80 [ 231.479848][ T8404] ? __pfx_ioctx_alloc+0x10/0x10 [ 231.479879][ T8404] ? __might_fault+0x13b/0x190 [ 231.479924][ T8404] __x64_sys_io_setup+0xc9/0x210 [ 231.479961][ T8404] do_syscall_64+0xcd/0x230 [ 231.479996][ T8404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.480020][ T8404] RIP: 0033:0x7f8fc778e969 [ 231.480038][ T8404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.480061][ T8404] RSP: 002b:00007f8fc8643038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 231.480083][ T8404] RAX: ffffffffffffffda RBX: 00007f8fc79b5fa0 RCX: 00007f8fc778e969 [ 231.480098][ T8404] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 231.480113][ T8404] RBP: 00007f8fc7810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 231.480127][ T8404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 231.480140][ T8404] R13: 0000000000000000 R14: 00007f8fc79b5fa0 R15: 00007ffc6c2610d8 [ 231.480169][ T8404] [ 232.322256][ T8415] sctp: [Deprecated]: syz.2.943 (pid 8415) Use of struct sctp_assoc_value in delayed_ack socket option. [ 232.322256][ T8415] Use struct sctp_sack_info instead [ 232.351033][ T8412] FAULT_INJECTION: forcing a failure. [ 232.351033][ T8412] name failslab, interval 1, probability 0, space 0, times 0 [ 232.536805][ T8412] CPU: 1 UID: 0 PID: 8412 Comm: syz.0.941 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 232.536840][ T8412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 232.536854][ T8412] Call Trace: [ 232.536862][ T8412] [ 232.536871][ T8412] dump_stack_lvl+0x16c/0x1f0 [ 232.536906][ T8412] should_fail_ex+0x512/0x640 [ 232.536945][ T8412] should_failslab+0xc2/0x120 [ 232.536974][ T8412] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 232.537002][ T8412] ? __alloc_skb+0x2b2/0x380 [ 232.537031][ T8412] __alloc_skb+0x2b2/0x380 [ 232.537054][ T8412] ? __pfx___alloc_skb+0x10/0x10 [ 232.537082][ T8412] ? __pfx___futex_wait+0x10/0x10 [ 232.537118][ T8412] new_skb+0x21/0x230 [ 232.537155][ T8412] aoecmd_cfg+0x21c/0x7d0 [ 232.537180][ T8412] ? __pfx_aoecmd_cfg+0x10/0x10 [ 232.537212][ T8412] ? apparmor_file_permission+0x251/0x400 [ 232.537245][ T8412] ? aoechr_write+0x120/0x160 [ 232.537280][ T8412] aoechr_write+0x120/0x160 [ 232.537316][ T8412] vfs_write+0x25c/0x1180 [ 232.537336][ T8412] ? __pfx_aoechr_write+0x10/0x10 [ 232.537379][ T8412] ? __pfx_vfs_write+0x10/0x10 [ 232.537398][ T8412] ? find_held_lock+0x2b/0x80 [ 232.537421][ T8412] ? __fget_files+0x204/0x3c0 [ 232.537470][ T8412] ? __fget_files+0x20e/0x3c0 [ 232.537516][ T8412] ksys_write+0x12a/0x240 [ 232.537537][ T8412] ? __pfx_ksys_write+0x10/0x10 [ 232.537558][ T8412] ? rcu_is_watching+0x12/0xc0 [ 232.537587][ T8412] do_syscall_64+0xcd/0x230 [ 232.537623][ T8412] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.537646][ T8412] RIP: 0033:0x7f270af8e969 [ 232.537664][ T8412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.537699][ T8412] RSP: 002b:00007f270be1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 232.537720][ T8412] RAX: ffffffffffffffda RBX: 00007f270b1b5fa0 RCX: 00007f270af8e969 [ 232.537735][ T8412] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 232.537748][ T8412] RBP: 00007f270b010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 232.537761][ T8412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 232.537775][ T8412] R13: 0000000000000000 R14: 00007f270b1b5fa0 R15: 00007fff6713edb8 [ 232.537803][ T8412] [ 232.537840][ T8412] aoe: skb alloc failure [ 232.780091][ T8419] netlink: 342 bytes leftover after parsing attributes in process `syz.3.945'. [ 234.968672][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 234.977612][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 236.425138][ T8465] netlink: 346 bytes leftover after parsing attributes in process `syz.2.961'. [ 237.597146][ T8482] netlink: 342 bytes leftover after parsing attributes in process `syz.0.967'. [ 237.609914][ T8470] raw_sendmsg: syz.2.963 forgot to set AF_INET. Fix it! [ 237.669876][ T8484] netlink: 186 bytes leftover after parsing attributes in process `syz.3.968'. [ 238.039803][ T8488] netlink: 342 bytes leftover after parsing attributes in process `syz.2.970'. [ 238.341636][ T8492] netlink: 'syz.3.971': attribute type 16 has an invalid length. [ 238.349389][ T8492] netlink: 306 bytes leftover after parsing attributes in process `syz.3.971'. [ 238.776120][ T8499] FAULT_INJECTION: forcing a failure. [ 238.776120][ T8499] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 238.882866][ T8499] CPU: 1 UID: 0 PID: 8499 Comm: syz.2.983 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 238.882901][ T8499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 238.882916][ T8499] Call Trace: [ 238.882923][ T8499] [ 238.882932][ T8499] dump_stack_lvl+0x16c/0x1f0 [ 238.882968][ T8499] should_fail_ex+0x512/0x640 [ 238.883006][ T8499] should_fail_alloc_page+0xe7/0x130 [ 238.883037][ T8499] prepare_alloc_pages+0x3c2/0x610 [ 238.883078][ T8499] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 238.883112][ T8499] ? cgroup_rstat_updated+0x2a/0xb20 [ 238.883156][ T8499] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 238.883185][ T8499] ? weighted_interleave_nid+0x3e9/0x5a0 [ 238.883222][ T8499] ? __pfx_weighted_interleave_nid+0x10/0x10 [ 238.883254][ T8499] ? __lock_acquire+0x5ca/0x1ba0 [ 238.883288][ T8499] ? policy_nodemask+0xea/0x4e0 [ 238.883318][ T8499] alloc_pages_mpol+0x1fb/0x550 [ 238.883361][ T8499] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 238.883390][ T8499] ? __lock_acquire+0x5ca/0x1ba0 [ 238.883423][ T8499] folio_alloc_mpol_noprof+0x36/0x2f0 [ 238.883457][ T8499] vma_alloc_folio_noprof+0xed/0x1e0 [ 238.883489][ T8499] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 238.883530][ T8499] do_pte_missing+0x223d/0x3fb0 [ 238.883563][ T8499] __handle_mm_fault+0x103d/0x2a40 [ 238.883593][ T8499] ? __pfx___handle_mm_fault+0x10/0x10 [ 238.883614][ T8499] ? __pte_offset_map_lock+0x155/0x2f0 [ 238.883653][ T8499] ? find_held_lock+0x2b/0x80 [ 238.883692][ T8499] ? find_held_lock+0x2b/0x80 [ 238.883734][ T8499] handle_mm_fault+0x3fe/0xad0 [ 238.883763][ T8499] __get_user_pages+0x771/0x36f0 [ 238.883816][ T8499] ? __pfx_mt_find+0x10/0x10 [ 238.883852][ T8499] ? __pfx___get_user_pages+0x10/0x10 [ 238.883900][ T8499] populate_vma_page_range+0x278/0x3a0 [ 238.883924][ T8499] ? __pfx_populate_vma_page_range+0x10/0x10 [ 238.883963][ T8499] ? __pfx_find_vma_intersection+0x10/0x10 [ 238.884000][ T8499] ? do_mmap+0x69c/0x11b0 [ 238.884037][ T8499] __mm_populate+0x1d8/0x380 [ 238.884059][ T8499] ? __pfx___mm_populate+0x10/0x10 [ 238.884083][ T8499] ? up_write+0x1b2/0x520 [ 238.884119][ T8499] vm_mmap_pgoff+0x362/0x450 [ 238.884157][ T8499] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 238.884191][ T8499] ? do_set_mempolicy+0x220/0x480 [ 238.884223][ T8499] ? __x64_sys_futex+0x1e0/0x4c0 [ 238.884247][ T8499] ? __x64_sys_futex+0x1e9/0x4c0 [ 238.884275][ T8499] ksys_mmap_pgoff+0x7d/0x5c0 [ 238.884310][ T8499] ? rcu_is_watching+0x12/0xc0 [ 238.884334][ T8499] __x64_sys_mmap+0x125/0x190 [ 238.884359][ T8499] do_syscall_64+0xcd/0x230 [ 238.884394][ T8499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.884417][ T8499] RIP: 0033:0x7ffa16d8e969 [ 238.884436][ T8499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.884458][ T8499] RSP: 002b:00007ffa17b21038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 238.884480][ T8499] RAX: ffffffffffffffda RBX: 00007ffa16fb5fa0 RCX: 00007ffa16d8e969 [ 238.884496][ T8499] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 238.884510][ T8499] RBP: 00007ffa16e10ab1 R08: 0000000000000002 R09: 0000000000008000 [ 238.884524][ T8499] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 238.884538][ T8499] R13: 0000000000000000 R14: 00007ffa16fb5fa0 R15: 00007ffe9a0b49e8 [ 238.884567][ T8499] [ 239.624582][ T8504] sctp: [Deprecated]: syz.3.975 (pid 8504) Use of struct sctp_assoc_value in delayed_ack socket option. [ 239.624582][ T8504] Use struct sctp_sack_info instead [ 240.099921][ T8512] netlink: 330 bytes leftover after parsing attributes in process `syz.3.979'. [ 241.945790][ T8528] netlink: 20 bytes leftover after parsing attributes in process `syz.3.986'. [ 242.102114][ T8530] netlink: 4 bytes leftover after parsing attributes in process `syz.0.987'. [ 242.223377][ T8531] netlink: 13 bytes leftover after parsing attributes in process `syz.0.987'. [ 243.830032][ T8556] netlink: 330 bytes leftover after parsing attributes in process `syz.2.998'. [ 245.515754][ T8579] FAULT_INJECTION: forcing a failure. [ 245.515754][ T8579] name failslab, interval 1, probability 0, space 0, times 0 [ 245.577810][ T8579] CPU: 1 UID: 0 PID: 8579 Comm: syz.3.1006 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 245.577845][ T8579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 245.577862][ T8579] Call Trace: [ 245.577870][ T8579] [ 245.577882][ T8579] dump_stack_lvl+0x16c/0x1f0 [ 245.577919][ T8579] should_fail_ex+0x512/0x640 [ 245.577952][ T8579] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 245.577982][ T8579] should_failslab+0xc2/0x120 [ 245.578010][ T8579] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 245.578037][ T8579] ? __mpol_dup+0x74/0x380 [ 245.578073][ T8579] __mpol_dup+0x74/0x380 [ 245.578111][ T8579] ? __pfx___mpol_dup+0x10/0x10 [ 245.578142][ T8579] ? trace_kmem_cache_alloc+0x28/0xc0 [ 245.578173][ T8579] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 245.578197][ T8579] ? current_cpuset_is_being_rebound+0xf6/0x370 [ 245.578222][ T8579] ? sp_alloc+0x27/0x160 [ 245.578257][ T8579] sp_alloc+0x4d/0x160 [ 245.578290][ T8579] mpol_set_shared_policy+0xab/0x8c0 [ 245.578331][ T8579] ? __pfx_shmem_set_policy+0x10/0x10 [ 245.578365][ T8579] mbind_range+0x336/0x570 [ 245.578401][ T8579] do_mbind+0x848/0xf30 [ 245.578442][ T8579] ? __pfx_do_mbind+0x10/0x10 [ 245.578489][ T8579] ? do_writev+0x218/0x330 [ 245.578537][ T8579] ? __pfx_get_nodes+0x10/0x10 [ 245.578568][ T8579] kernel_mbind+0x1e3/0x1f0 [ 245.578603][ T8579] ? __pfx_kernel_mbind+0x10/0x10 [ 245.578634][ T8579] ? rcu_is_watching+0x12/0xc0 [ 245.578662][ T8579] do_syscall_64+0xcd/0x230 [ 245.578695][ T8579] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.578719][ T8579] RIP: 0033:0x7fd62998e969 [ 245.578736][ T8579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 245.578758][ T8579] RSP: 002b:00007fd62a785038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 245.578779][ T8579] RAX: ffffffffffffffda RBX: 00007fd629bb5fa0 RCX: 00007fd62998e969 [ 245.578794][ T8579] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000002000 [ 245.578810][ T8579] RBP: 00007fd629a10ab1 R08: 0000000000000006 R09: 0000000000000002 [ 245.578824][ T8579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 245.578838][ T8579] R13: 0000000000000000 R14: 00007fd629bb5fa0 R15: 00007ffd60701d08 [ 245.578866][ T8579] [ 247.112229][ T8593] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1012'. [ 247.920035][ T8607] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1017'. [ 247.968611][ T8607] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1017'. [ 248.864987][ T8620] netlink: 306 bytes leftover after parsing attributes in process `syz.1.1022'. [ 249.334590][ T8634] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1029'. [ 249.836843][ T8644] ubi4: attaching mtd0 [ 251.594405][ T8671] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1044'. [ 252.030168][ T8678] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 252.192555][ T8680] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1048'. [ 252.294813][ T8683] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1048'. [ 252.327036][ T8682] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1049'. [ 252.364308][ T8680] netlink: 102 bytes leftover after parsing attributes in process `syz.2.1048'. [ 253.325038][ T8701] netlink: 314 bytes leftover after parsing attributes in process `syz.0.1057'. [ 253.392592][ T8703] netlink: 146 bytes leftover after parsing attributes in process `syz.3.1059'. [ 253.704931][ T8711] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1062'. [ 254.233690][ T8723] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1065'. [ 254.334530][ T8723] : renamed from gre0 (while UP) [ 254.475451][ T8723] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1065'. [ 254.955365][ T8733] netlink: 266 bytes leftover after parsing attributes in process `syz.3.1070'. [ 255.005413][ T8733] IPv6: NLM_F_CREATE should be specified when creating new route [ 255.235541][ T8740] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1073'. [ 256.221355][ T8750] netlink: 'syz.1.1076': attribute type 19 has an invalid length. [ 256.286120][ T8747] FAULT_INJECTION: forcing a failure. [ 256.286120][ T8747] name failslab, interval 1, probability 0, space 0, times 0 [ 256.310613][ T8750] netlink: 114 bytes leftover after parsing attributes in process `syz.1.1076'. [ 256.364681][ T8747] CPU: 1 UID: 0 PID: 8747 Comm: syz.0.1075 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 256.364716][ T8747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 256.364730][ T8747] Call Trace: [ 256.364737][ T8747] [ 256.364746][ T8747] dump_stack_lvl+0x16c/0x1f0 [ 256.364781][ T8747] should_fail_ex+0x512/0x640 [ 256.364816][ T8747] ? __kmalloc_noprof+0xbf/0x510 [ 256.364843][ T8747] ? lsm_blob_alloc+0x68/0x90 [ 256.364877][ T8747] should_failslab+0xc2/0x120 [ 256.364920][ T8747] __kmalloc_noprof+0xd2/0x510 [ 256.364950][ T8747] lsm_blob_alloc+0x68/0x90 [ 256.364985][ T8747] security_sk_alloc+0x30/0x270 [ 256.365016][ T8747] sk_prot_alloc+0x1c7/0x2a0 [ 256.365049][ T8747] sk_alloc+0x36/0xc20 [ 256.365071][ T8747] xsk_create+0x11b/0x750 [ 256.365116][ T8747] __sock_create+0x335/0x8d0 [ 256.365154][ T8747] __sys_socket+0x14d/0x260 [ 256.365188][ T8747] ? __pfx___sys_socket+0x10/0x10 [ 256.365223][ T8747] ? rcu_is_watching+0x12/0xc0 [ 256.365249][ T8747] __x64_sys_socket+0x72/0xb0 [ 256.365282][ T8747] ? lockdep_hardirqs_on+0x7c/0x110 [ 256.365312][ T8747] do_syscall_64+0xcd/0x230 [ 256.365346][ T8747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.365370][ T8747] RIP: 0033:0x7f270af8e969 [ 256.365388][ T8747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 256.365411][ T8747] RSP: 002b:00007f270be1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 256.365432][ T8747] RAX: ffffffffffffffda RBX: 00007f270b1b5fa0 RCX: 00007f270af8e969 [ 256.365459][ T8747] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 000000000000002c [ 256.365473][ T8747] RBP: 00007f270b010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 256.365486][ T8747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 256.365518][ T8747] R13: 0000000000000000 R14: 00007f270b1b5fa0 R15: 00007fff6713edb8 [ 256.365546][ T8747] [ 256.572869][ T8753] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1077'. [ 256.583710][ T8753] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1077'. [ 258.160107][ T8771] FAULT_INJECTION: forcing a failure. [ 258.160107][ T8771] name fail_futex, interval 1, probability 0, space 0, times 0 [ 258.226279][ T8771] CPU: 1 UID: 0 PID: 8771 Comm: syz.3.1085 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 258.226314][ T8771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 258.226328][ T8771] Call Trace: [ 258.226336][ T8771] [ 258.226344][ T8771] dump_stack_lvl+0x16c/0x1f0 [ 258.226380][ T8771] should_fail_ex+0x512/0x640 [ 258.226417][ T8771] get_futex_key+0x1c2/0x1000 [ 258.226444][ T8771] ? __pfx_get_futex_key+0x10/0x10 [ 258.226471][ T8771] ? kasan_save_track+0x14/0x30 [ 258.226495][ T8771] ? __kasan_kmalloc+0xaa/0xb0 [ 258.226521][ T8771] futex_lock_pi+0x27c/0x7b0 [ 258.226556][ T8771] ? __pfx_futex_lock_pi+0x10/0x10 [ 258.226585][ T8771] ? __pfx___futex_wait+0x10/0x10 [ 258.226636][ T8771] ? futex_wait+0x120/0x380 [ 258.226669][ T8771] ? __pfx_futex_wake_mark+0x10/0x10 [ 258.226703][ T8771] ? do_writev+0x218/0x330 [ 258.226745][ T8771] do_futex+0x11a/0x350 [ 258.226770][ T8771] ? __pfx_do_futex+0x10/0x10 [ 258.226792][ T8771] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 258.226834][ T8771] __x64_sys_futex+0x1e0/0x4c0 [ 258.226863][ T8771] ? __pfx___x64_sys_futex+0x10/0x10 [ 258.226889][ T8771] ? rcu_is_watching+0x12/0xc0 [ 258.226918][ T8771] do_syscall_64+0xcd/0x230 [ 258.226952][ T8771] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.226976][ T8771] RIP: 0033:0x7fd62998e969 [ 258.226994][ T8771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 258.227016][ T8771] RSP: 002b:00007fd62a785038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 258.227038][ T8771] RAX: ffffffffffffffda RBX: 00007fd629bb5fa0 RCX: 00007fd62998e969 [ 258.227053][ T8771] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000000 [ 258.227067][ T8771] RBP: 00007fd629a10ab1 R08: 0000000000000000 R09: 0000000000000006 [ 258.227081][ T8771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 258.227095][ T8771] R13: 0000000000000000 R14: 00007fd629bb5fa0 R15: 00007ffd60701d08 [ 258.227128][ T8771] [ 260.887479][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.903552][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.479903][ T8812] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1099'. [ 262.164074][ T8794] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 262.170499][ T5837] Bluetooth: hci1: command 0x0406 tx timeout [ 262.848378][ T8826] kAFS: No cell specified [ 262.884334][ T8794] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 262.960626][ T8794] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 263.013678][ T8794] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 263.082501][ T8794] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 263.110807][ T8794] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 263.175412][ T8794] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 263.229797][ T8794] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 263.258019][ T8794] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 263.299045][ T8832] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1107'. [ 263.345426][ T8794] CPU0 is offline. [ 263.713504][ T8840] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1111'. [ 263.921475][ T8843] FAULT_INJECTION: forcing a failure. [ 263.921475][ T8843] name failslab, interval 1, probability 0, space 0, times 0 [ 263.979813][ T8843] CPU: 1 UID: 0 PID: 8843 Comm: syz.2.1112 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 263.979848][ T8843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 263.979863][ T8843] Call Trace: [ 263.979871][ T8843] [ 263.979880][ T8843] dump_stack_lvl+0x16c/0x1f0 [ 263.979916][ T8843] should_fail_ex+0x512/0x640 [ 263.979950][ T8843] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 263.979980][ T8843] should_failslab+0xc2/0x120 [ 263.980009][ T8843] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 263.980036][ T8843] ? __d_alloc+0x31/0xaa0 [ 263.980064][ T8843] __d_alloc+0x31/0xaa0 [ 263.980085][ T8843] ? rcu_is_watching+0x12/0xc0 [ 263.980110][ T8843] d_alloc_pseudo+0x1c/0xc0 [ 263.980152][ T8843] alloc_file_pseudo+0xcf/0x230 [ 263.980192][ T8843] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 263.980224][ T8843] ? alloc_fd+0x471/0x7d0 [ 263.980263][ T8843] __anon_inode_getfile+0xf7/0x370 [ 263.980305][ T8843] anon_inode_getfile_fmode+0x37/0xa0 [ 263.980342][ T8843] __do_sys_timerfd_create+0x216/0x3e0 [ 263.980364][ T8843] ? do_syscall_64+0x91/0x230 [ 263.980396][ T8843] do_syscall_64+0xcd/0x230 [ 263.980428][ T8843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.980451][ T8843] RIP: 0033:0x7ffa16d8e969 [ 263.980469][ T8843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 263.980490][ T8843] RSP: 002b:00007ffa17b21038 EFLAGS: 00000246 ORIG_RAX: 000000000000011b [ 263.980530][ T8843] RAX: ffffffffffffffda RBX: 00007ffa16fb5fa0 RCX: 00007ffa16d8e969 [ 263.980545][ T8843] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 263.980559][ T8843] RBP: 00007ffa16e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 263.980573][ T8843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 263.980587][ T8843] R13: 0000000000000000 R14: 00007ffa16fb5fa0 R15: 00007ffe9a0b49e8 [ 263.980615][ T8843] [ 264.483260][ T5837] Bluetooth: hci1: command 0x0406 tx timeout [ 265.087342][ T5837] Bluetooth: hci2: command 0x0406 tx timeout [ 265.109464][ T8857] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1118'. [ 265.187531][ T5837] Bluetooth: hci0: command 0x0406 tx timeout [ 265.287746][ T5837] Bluetooth: hci3: command 0x0406 tx timeout [ 265.498600][ T8861] netlink: 'syz.1.1119': attribute type 5 has an invalid length. [ 265.577596][ T8861] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1119'. [ 266.464710][ T8878] FAULT_INJECTION: forcing a failure. [ 266.464710][ T8878] name failslab, interval 1, probability 0, space 0, times 0 [ 266.522982][ T8878] CPU: 1 UID: 0 PID: 8878 Comm: syz.0.1127 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 266.523015][ T8878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 266.523029][ T8878] Call Trace: [ 266.523036][ T8878] [ 266.523045][ T8878] dump_stack_lvl+0x16c/0x1f0 [ 266.523079][ T8878] should_fail_ex+0x512/0x640 [ 266.523111][ T8878] ? fs_reclaim_acquire+0xae/0x150 [ 266.523149][ T8878] should_failslab+0xc2/0x120 [ 266.523176][ T8878] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 266.523202][ T8878] ? security_inode_alloc+0x3b/0x2b0 [ 266.523231][ T8878] security_inode_alloc+0x3b/0x2b0 [ 266.523256][ T8878] inode_init_always_gfp+0xce4/0x1030 [ 266.523297][ T8878] alloc_inode+0x86/0x240 [ 266.523324][ T8878] new_inode+0x22/0x1c0 [ 266.523350][ T8878] ? alloc_fd+0x471/0x7d0 [ 266.523385][ T8878] shmem_get_inode+0x19a/0xfb0 [ 266.523427][ T8878] __shmem_file_setup+0x16f/0x300 [ 266.523452][ T8878] __do_sys_memfd_create+0x267/0x8a0 [ 266.523486][ T8878] do_syscall_64+0xcd/0x230 [ 266.523519][ T8878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.523542][ T8878] RIP: 0033:0x7f270af8e969 [ 266.523559][ T8878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 266.523581][ T8878] RSP: 002b:00007f270be1c038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 266.523620][ T8878] RAX: ffffffffffffffda RBX: 00007f270b1b5fa0 RCX: 00007f270af8e969 [ 266.523635][ T8878] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 266.523648][ T8878] RBP: 00007f270b010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 266.523662][ T8878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 266.523676][ T8878] R13: 0000000000000000 R14: 00007f270b1b5fa0 R15: 00007fff6713edb8 [ 266.523704][ T8878] [ 266.748734][ T8882] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1129'. [ 267.188651][ T5837] Bluetooth: hci2: command 0x0406 tx timeout [ 267.195225][ T8886] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1131'. [ 267.241184][ T5837] Bluetooth: hci0: command 0x0406 tx timeout [ 267.392328][ T5837] Bluetooth: hci3: command 0x0406 tx timeout [ 267.671771][ T8896] FAULT_INJECTION: forcing a failure. [ 267.671771][ T8896] name failslab, interval 1, probability 0, space 0, times 0 [ 267.773438][ T8896] CPU: 1 UID: 0 PID: 8896 Comm: syz.1.1134 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 267.773472][ T8896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 267.773486][ T8896] Call Trace: [ 267.773495][ T8896] [ 267.773504][ T8896] dump_stack_lvl+0x16c/0x1f0 [ 267.773539][ T8896] should_fail_ex+0x512/0x640 [ 267.773571][ T8896] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 267.773612][ T8896] should_failslab+0xc2/0x120 [ 267.773639][ T8896] __kmalloc_cache_noprof+0x6a/0x3e0 [ 267.773677][ T8896] ? cachefiles_daemon_open+0xa0/0x550 [ 267.773721][ T8896] cachefiles_daemon_open+0xa0/0x550 [ 267.773757][ T8896] ? __pfx_cachefiles_daemon_open+0x10/0x10 [ 267.773793][ T8896] misc_open+0x35a/0x420 [ 267.773843][ T8896] ? __pfx_misc_open+0x10/0x10 [ 267.773879][ T8896] chrdev_open+0x231/0x6a0 [ 267.773905][ T8896] ? __pfx_chrdev_open+0x10/0x10 [ 267.773932][ T8896] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 267.773974][ T8896] do_dentry_open+0x741/0x1c10 [ 267.773998][ T8896] ? __pfx_chrdev_open+0x10/0x10 [ 267.774028][ T8896] vfs_open+0x82/0x3f0 [ 267.774062][ T8896] path_openat+0x1e5e/0x2d40 [ 267.774094][ T8896] ? __pfx_path_openat+0x10/0x10 [ 267.774124][ T8896] do_filp_open+0x20b/0x470 [ 267.774146][ T8896] ? __pfx_do_filp_open+0x10/0x10 [ 267.774190][ T8896] ? alloc_fd+0x471/0x7d0 [ 267.774234][ T8896] do_sys_openat2+0x11b/0x1d0 [ 267.774265][ T8896] ? __pfx_do_sys_openat2+0x10/0x10 [ 267.774307][ T8896] __x64_sys_openat+0x174/0x210 [ 267.774339][ T8896] ? __pfx___x64_sys_openat+0x10/0x10 [ 267.774373][ T8896] ? rcu_is_watching+0x12/0xc0 [ 267.774403][ T8896] do_syscall_64+0xcd/0x230 [ 267.774437][ T8896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.774466][ T8896] RIP: 0033:0x7f8fc778e969 [ 267.774483][ T8896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 267.774506][ T8896] RSP: 002b:00007f8fc8643038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 267.774528][ T8896] RAX: ffffffffffffffda RBX: 00007f8fc79b5fa0 RCX: 00007f8fc778e969 [ 267.774543][ T8896] RDX: 0000000000008400 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 267.774558][ T8896] RBP: 00007f8fc7810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 267.774572][ T8896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 267.774585][ T8896] R13: 0000000000000000 R14: 00007f8fc79b5fa0 R15: 00007ffc6c2610d8 [ 267.774615][ T8896] [ 268.047676][ T8903] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1138'. [ 268.057367][ T8903] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 268.743177][ T8916] FAULT_INJECTION: forcing a failure. [ 268.743177][ T8916] name failslab, interval 1, probability 0, space 0, times 0 [ 268.808844][ T8917] FAULT_INJECTION: forcing a failure. [ 268.808844][ T8917] name failslab, interval 1, probability 0, space 0, times 0 [ 268.829364][ T8916] CPU: 1 UID: 0 PID: 8916 Comm: syz.1.1143 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 268.829397][ T8916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 268.829411][ T8916] Call Trace: [ 268.829419][ T8916] [ 268.829428][ T8916] dump_stack_lvl+0x16c/0x1f0 [ 268.829461][ T8916] should_fail_ex+0x512/0x640 [ 268.829494][ T8916] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 268.829524][ T8916] should_failslab+0xc2/0x120 [ 268.829551][ T8916] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 268.829576][ T8916] ? tipc_node_find+0x2dc/0x500 [ 268.829599][ T8916] ? __d_alloc+0x31/0xaa0 [ 268.829625][ T8916] __d_alloc+0x31/0xaa0 [ 268.829646][ T8916] ? __pfx_tipc_node_find+0x10/0x10 [ 268.829673][ T8916] d_alloc_pseudo+0x1c/0xc0 [ 268.829702][ T8916] alloc_file_pseudo+0xcf/0x230 [ 268.829733][ T8916] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 268.829763][ T8916] ? tipc_sk_finish_conn+0x580/0x790 [ 268.829808][ T8916] sock_alloc_file+0x50/0x210 [ 268.829837][ T8916] __sys_socketpair+0x31c/0x5a0 [ 268.829872][ T8916] ? __pfx___sys_socketpair+0x10/0x10 [ 268.829906][ T8916] ? xfd_validate_state+0x5d/0x180 [ 268.829946][ T8916] ? rcu_is_watching+0x12/0xc0 [ 268.829971][ T8916] __x64_sys_socketpair+0x96/0x100 [ 268.830004][ T8916] ? lockdep_hardirqs_on+0x7c/0x110 [ 268.830033][ T8916] do_syscall_64+0xcd/0x230 [ 268.830067][ T8916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.830090][ T8916] RIP: 0033:0x7f8fc778e969 [ 268.830107][ T8916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.830130][ T8916] RSP: 002b:00007f8fc8643038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 268.830151][ T8916] RAX: ffffffffffffffda RBX: 00007f8fc79b5fa0 RCX: 00007f8fc778e969 [ 268.830167][ T8916] RDX: 8000000000000000 RSI: 0000000000000004 RDI: 000000000000001e [ 268.830181][ T8916] RBP: 00007f8fc7810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 268.830195][ T8916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 268.830208][ T8916] R13: 0000000000000000 R14: 00007f8fc79b5fa0 R15: 00007ffc6c2610d8 [ 268.830236][ T8916] [ 269.062359][ T8919] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1144'. [ 269.128003][ T8917] CPU: 1 UID: 0 PID: 8917 Comm: syz.3.1142 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 269.128037][ T8917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 269.128052][ T8917] Call Trace: [ 269.128059][ T8917] [ 269.128068][ T8917] dump_stack_lvl+0x16c/0x1f0 [ 269.128102][ T8917] should_fail_ex+0x512/0x640 [ 269.128135][ T8917] ? __kvmalloc_node_noprof+0x122/0x600 [ 269.128162][ T8917] should_failslab+0xc2/0x120 [ 269.128191][ T8917] __kvmalloc_node_noprof+0x135/0x600 [ 269.128214][ T8917] ? __pfx_net_ctl_permissions+0x10/0x10 [ 269.128249][ T8917] ? proc_sys_call_handler+0x2a6/0x5c0 [ 269.128280][ T8917] ? proc_sys_call_handler+0x2a6/0x5c0 [ 269.128302][ T8917] proc_sys_call_handler+0x2a6/0x5c0 [ 269.128328][ T8917] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 269.128360][ T8917] ? rw_verify_area+0xcf/0x680 [ 269.128396][ T8917] vfs_read+0x8c8/0xc70 [ 269.128420][ T8917] ? __pfx___mutex_lock+0x10/0x10 [ 269.128451][ T8917] ? __pfx_vfs_read+0x10/0x10 [ 269.128490][ T8917] ksys_read+0x12a/0x240 [ 269.128510][ T8917] ? __pfx_ksys_read+0x10/0x10 [ 269.128530][ T8917] ? rcu_is_watching+0x12/0xc0 [ 269.128558][ T8917] do_syscall_64+0xcd/0x230 [ 269.128591][ T8917] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.128614][ T8917] RIP: 0033:0x7fd62998e969 [ 269.128632][ T8917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.128655][ T8917] RSP: 002b:00007fd62a764038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 269.128676][ T8917] RAX: ffffffffffffffda RBX: 00007fd629bb6080 RCX: 00007fd62998e969 [ 269.128698][ T8917] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005 [ 269.128711][ T8917] RBP: 00007fd629a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 269.128725][ T8917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 269.128739][ T8917] R13: 0000000000000000 R14: 00007fd629bb6080 R15: 00007ffd60701d08 [ 269.128768][ T8917] [ 269.373668][ T5837] Bluetooth: hci2: command 0x0406 tx timeout [ 269.822477][ T8929] netlink: 'syz.0.1147': attribute type 4 has an invalid length. [ 269.856113][ T8929] netlink: 314 bytes leftover after parsing attributes in process `syz.0.1147'. [ 270.090177][ T8934] netlink: 'syz.0.1150': attribute type 19 has an invalid length. [ 270.120049][ T8934] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1150'. [ 270.436248][ T8940] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1152'. [ 271.786519][ T8964] netlink: 306 bytes leftover after parsing attributes in process `syz.1.1162'. [ 271.822863][ T8966] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1163'. [ 273.236843][ T8990] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1175'. [ 273.687486][ T8997] FAULT_INJECTION: forcing a failure. [ 273.687486][ T8997] name failslab, interval 1, probability 0, space 0, times 0 [ 273.789954][ T5837] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 273.798371][ T5837] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 273.808578][ T5837] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 273.816519][ T5837] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 273.825808][ T5837] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 273.835285][ T8997] CPU: 1 UID: 0 PID: 8997 Comm: syz.1.1178 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 273.835317][ T8997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 273.835332][ T8997] Call Trace: [ 273.835339][ T8997] [ 273.835347][ T8997] dump_stack_lvl+0x16c/0x1f0 [ 273.835381][ T8997] should_fail_ex+0x512/0x640 [ 273.835414][ T8997] ? __kmalloc_noprof+0xbf/0x510 [ 273.835440][ T8997] ? lsm_blob_alloc+0x68/0x90 [ 273.835474][ T8997] should_failslab+0xc2/0x120 [ 273.835501][ T8997] __kmalloc_noprof+0xd2/0x510 [ 273.835531][ T8997] lsm_blob_alloc+0x68/0x90 [ 273.835566][ T8997] security_sk_alloc+0x30/0x270 [ 273.835610][ T8997] sk_prot_alloc+0x1c7/0x2a0 [ 273.835643][ T8997] sk_alloc+0x36/0xc20 [ 273.835673][ T8997] __netlink_create+0x5e/0x2c0 [ 273.835710][ T8997] ? __wake_up+0x3f/0x60 [ 273.835738][ T8997] netlink_create+0x39e/0x620 [ 273.835760][ T8997] ? __pfx_genl_bind+0x10/0x10 [ 273.835788][ T8997] ? __pfx_genl_unbind+0x10/0x10 [ 273.835815][ T8997] ? __pfx_genl_release+0x10/0x10 [ 273.835849][ T8997] __sock_create+0x335/0x8d0 [ 273.835888][ T8997] __sys_socket+0x14d/0x260 [ 273.835922][ T8997] ? __pfx___sys_socket+0x10/0x10 [ 273.835957][ T8997] ? rcu_is_watching+0x12/0xc0 [ 273.835984][ T8997] __x64_sys_socket+0x72/0xb0 [ 273.836017][ T8997] ? lockdep_hardirqs_on+0x7c/0x110 [ 273.836047][ T8997] do_syscall_64+0xcd/0x230 [ 273.836081][ T8997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.836106][ T8997] RIP: 0033:0x7f8fc778e969 [ 273.836124][ T8997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.836147][ T8997] RSP: 002b:00007f8fc8643038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 273.836169][ T8997] RAX: ffffffffffffffda RBX: 00007f8fc79b5fa0 RCX: 00007f8fc778e969 [ 273.836185][ T8997] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 273.836205][ T8997] RBP: 00007f8fc7810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 273.836220][ T8997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.836234][ T8997] R13: 0000000000000000 R14: 00007f8fc79b5fa0 R15: 00007ffc6c2610d8 [ 273.836263][ T8997] [ 274.493954][ T9007] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1181'. [ 274.506433][ T9007] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 275.024784][ T9016] netlink: 146 bytes leftover after parsing attributes in process `syz.0.1185'. [ 275.293805][ T8998] chnl_net:caif_netlink_parms(): no params data found [ 275.646936][ T8998] bridge0: port 1(bridge_slave_0) entered blocking state [ 275.673819][ T8998] bridge0: port 1(bridge_slave_0) entered disabled state [ 275.705319][ T8998] bridge_slave_0: entered allmulticast mode [ 275.761341][ T8998] bridge_slave_0: entered promiscuous mode [ 275.801937][ T8998] bridge0: port 2(bridge_slave_1) entered blocking state [ 275.878739][ T8998] bridge0: port 2(bridge_slave_1) entered disabled state [ 275.923355][ T8998] bridge_slave_1: entered allmulticast mode [ 275.951616][ T8998] bridge_slave_1: entered promiscuous mode [ 276.091031][ T5837] Bluetooth: hci0: command tx timeout [ 276.208051][ T9034] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1191'. [ 276.238932][ T8998] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 276.310181][ T8998] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 276.355045][ T9034] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 276.633985][ T9041] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1193'. [ 276.717756][ T8998] team0: Port device team_slave_0 added [ 276.770113][ T8998] team0: Port device team_slave_1 added [ 277.012216][ T8998] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 277.062977][ T8998] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 277.193803][ T8998] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 277.265887][ T8998] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 277.308287][ T8998] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 277.435508][ T8998] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 277.801161][ T9053] vivid-009: ================= START STATUS ================= [ 277.874589][ T9053] vivid-009: Enable Output Cropping: true grabbed [ 277.881293][ T9053] vivid-009: Enable Output Composing: true grabbed [ 277.962351][ T8998] hsr_slave_0: entered promiscuous mode [ 277.968768][ T8998] hsr_slave_1: entered promiscuous mode [ 277.974716][ T9053] vivid-009: Enable Output Scaler: true grabbed [ 278.006020][ T9053] vivid-009: Tx RGB Quantization Range: Automatic grabbed [ 278.054499][ T8998] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 278.065316][ T9053] vivid-009: Transmit Mode: HDMI grabbed [ 278.094755][ T9053] vivid-009: Hotplug Present: 0x00000000 [ 278.102852][ T8998] Cannot create hsr debugfs directory [ 278.123241][ T9053] vivid-009: RxSense Present: 0x00000000 [ 278.175087][ T5837] Bluetooth: hci0: command tx timeout [ 278.180681][ T9053] vivid-009: EDID Present: 0x00000000 [ 278.204523][ T9053] vivid-009: ================== END STATUS ================== [ 279.300083][ T8998] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 279.332679][ T9068] FAULT_INJECTION: forcing a failure. [ 279.332679][ T9068] name failslab, interval 1, probability 0, space 0, times 0 [ 279.363128][ T8998] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 279.394659][ T9068] CPU: 1 UID: 0 PID: 9068 Comm: syz.0.1202 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 279.394699][ T9068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 279.394714][ T9068] Call Trace: [ 279.394722][ T9068] [ 279.394730][ T9068] dump_stack_lvl+0x16c/0x1f0 [ 279.394767][ T9068] should_fail_ex+0x512/0x640 [ 279.394800][ T9068] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 279.394831][ T9068] should_failslab+0xc2/0x120 [ 279.394860][ T9068] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 279.394885][ T9068] ? tipc_node_find+0x2dc/0x500 [ 279.394909][ T9068] ? __d_alloc+0x31/0xaa0 [ 279.394936][ T9068] __d_alloc+0x31/0xaa0 [ 279.394958][ T9068] ? __pfx_tipc_node_find+0x10/0x10 [ 279.394988][ T9068] d_alloc_pseudo+0x1c/0xc0 [ 279.395020][ T9068] alloc_file_pseudo+0xcf/0x230 [ 279.395052][ T9068] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 279.395083][ T9068] ? tipc_sk_finish_conn+0x580/0x790 [ 279.395122][ T9068] sock_alloc_file+0x50/0x210 [ 279.395152][ T9068] __sys_socketpair+0x31c/0x5a0 [ 279.395189][ T9068] ? __pfx___sys_socketpair+0x10/0x10 [ 279.395225][ T9068] ? xfd_validate_state+0x5d/0x180 [ 279.395267][ T9068] ? rcu_is_watching+0x12/0xc0 [ 279.395294][ T9068] __x64_sys_socketpair+0x96/0x100 [ 279.395329][ T9068] ? lockdep_hardirqs_on+0x7c/0x110 [ 279.395359][ T9068] do_syscall_64+0xcd/0x230 [ 279.395394][ T9068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.395418][ T9068] RIP: 0033:0x7f270af8e969 [ 279.395436][ T9068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 279.395460][ T9068] RSP: 002b:00007f270be1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 279.395482][ T9068] RAX: ffffffffffffffda RBX: 00007f270b1b5fa0 RCX: 00007f270af8e969 [ 279.395497][ T9068] RDX: 8000000000000000 RSI: 0000000000000004 RDI: 000000000000001e [ 279.395512][ T9068] RBP: 00007f270b010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 279.395527][ T9068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 279.395541][ T9068] R13: 0000000000000000 R14: 00007f270b1b5fa0 R15: 00007fff6713edb8 [ 279.395569][ T9068] [ 279.843753][ T8998] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 280.002640][ T8998] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 280.042189][ T9073] netlink: 146 bytes leftover after parsing attributes in process `syz.0.1204'. [ 280.240046][ T9077] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1206'. [ 280.278846][ T5837] Bluetooth: hci0: command tx timeout [ 280.376331][ T8998] 8021q: adding VLAN 0 to HW filter on device bond0 [ 280.442672][ T8998] 8021q: adding VLAN 0 to HW filter on device team0 [ 280.523349][ T1090] bridge0: port 1(bridge_slave_0) entered blocking state [ 280.530485][ T1090] bridge0: port 1(bridge_slave_0) entered forwarding state [ 280.571956][ T1090] bridge0: port 2(bridge_slave_1) entered blocking state [ 280.579324][ T1090] bridge0: port 2(bridge_slave_1) entered forwarding state [ 280.626035][ T9079] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1207'. [ 281.753175][ T8998] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 282.333855][ T5837] Bluetooth: hci0: command tx timeout [ 282.417202][ T9106] FAULT_INJECTION: forcing a failure. [ 282.417202][ T9106] name failslab, interval 1, probability 0, space 0, times 0 [ 282.444733][ T9107] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1214'. [ 282.492067][ T9106] CPU: 1 UID: 0 PID: 9106 Comm: syz.3.1213 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 282.492101][ T9106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 282.492124][ T9106] Call Trace: [ 282.492160][ T9106] [ 282.492170][ T9106] dump_stack_lvl+0x16c/0x1f0 [ 282.492217][ T9106] should_fail_ex+0x512/0x640 [ 282.492250][ T9106] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 282.492293][ T9106] should_failslab+0xc2/0x120 [ 282.492322][ T9106] __kmalloc_cache_noprof+0x6a/0x3e0 [ 282.492362][ T9106] ? cachefiles_daemon_open+0xa0/0x550 [ 282.492403][ T9106] cachefiles_daemon_open+0xa0/0x550 [ 282.492439][ T9106] ? __pfx_cachefiles_daemon_open+0x10/0x10 [ 282.492475][ T9106] misc_open+0x35a/0x420 [ 282.492512][ T9106] ? __pfx_misc_open+0x10/0x10 [ 282.492548][ T9106] chrdev_open+0x231/0x6a0 [ 282.492572][ T9106] ? __pfx_apparmor_file_open+0x10/0x10 [ 282.492611][ T9106] ? __pfx_chrdev_open+0x10/0x10 [ 282.492638][ T9106] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 282.492681][ T9106] do_dentry_open+0x741/0x1c10 [ 282.492705][ T9106] ? __pfx_chrdev_open+0x10/0x10 [ 282.492736][ T9106] vfs_open+0x82/0x3f0 [ 282.492769][ T9106] path_openat+0x1e5e/0x2d40 [ 282.492802][ T9106] ? __pfx_path_openat+0x10/0x10 [ 282.492832][ T9106] do_filp_open+0x20b/0x470 [ 282.492854][ T9106] ? __pfx_do_filp_open+0x10/0x10 [ 282.492898][ T9106] ? alloc_fd+0x471/0x7d0 [ 282.492943][ T9106] do_sys_openat2+0x11b/0x1d0 [ 282.492974][ T9106] ? __pfx_do_sys_openat2+0x10/0x10 [ 282.493023][ T9106] __x64_sys_openat+0x174/0x210 [ 282.493056][ T9106] ? __pfx___x64_sys_openat+0x10/0x10 [ 282.493091][ T9106] ? rcu_is_watching+0x12/0xc0 [ 282.493121][ T9106] do_syscall_64+0xcd/0x230 [ 282.493159][ T9106] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.493183][ T9106] RIP: 0033:0x7fd62998e969 [ 282.493202][ T9106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.493226][ T9106] RSP: 002b:00007fd62a785038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 282.493248][ T9106] RAX: ffffffffffffffda RBX: 00007fd629bb5fa0 RCX: 00007fd62998e969 [ 282.493264][ T9106] RDX: 0000000000008400 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 282.493280][ T9106] RBP: 00007fd629a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 282.493294][ T9106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 282.493308][ T9106] R13: 0000000000000000 R14: 00007fd629bb5fa0 R15: 00007ffd60701d08 [ 282.493337][ T9106] [ 283.196711][ T9113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1215'. [ 283.270292][ T9113] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1215'. [ 283.810345][ T8998] veth0_vlan: entered promiscuous mode [ 283.890138][ T8998] veth1_vlan: entered promiscuous mode [ 284.055401][ T9124] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1222'. [ 284.083677][ T8998] veth0_macvtap: entered promiscuous mode [ 284.138419][ T8998] veth1_macvtap: entered promiscuous mode [ 284.186780][ T30] audit: type=1326 audit(6041034036.540:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9125 comm="syz.0.1223" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f270af8e969 code=0x0 [ 284.252657][ T8998] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 284.334623][ T8998] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.400447][ T8998] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 284.487751][ T8998] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.531989][ T8998] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.569436][ T8998] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.614282][ T8998] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.641159][ T8998] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.670958][ T8998] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.699572][ T8998] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 284.727393][ T8998] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 284.758969][ T8998] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 284.824883][ T8998] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.872751][ T8998] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.921616][ T8998] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 284.975351][ T8998] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 285.051073][ T9133] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1224'. [ 285.314150][ T2905] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.379264][ T2905] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.484102][ T1090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 285.549143][ T1090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 285.747048][ T9145] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1229'. [ 285.887076][ T9149] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1230'. [ 286.457548][ T5837] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 286.457582][ T5837] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 286.475520][ T5837] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 286.475570][ T5837] Bluetooth: hci2: adv larger than maximum supported [ 286.482997][ T5837] Bluetooth: hci2: Malformed LE Event: 0x0d [ 286.748432][ T9167] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1238'. [ 286.791235][ T9167] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1238'. [ 290.459180][ T9216] vhci_hcd: not connected 4 [ 291.527339][ T9232] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1262'. [ 292.720535][ T9249] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1269'. [ 292.760022][ T9249] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1269'. [ 296.103341][ T9294] netlink: 206 bytes leftover after parsing attributes in process `syz.3.1283'. [ 296.132037][ T9297] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1284'. [ 296.132721][ T9297] netlink: 13 bytes leftover after parsing attributes in process `syz.4.1284'. [ 296.949973][ T9310] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1289'. [ 297.555525][ T9320] FAULT_INJECTION: forcing a failure. [ 297.555525][ T9320] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 297.629260][ T9320] CPU: 1 UID: 0 PID: 9320 Comm: syz.3.1293 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 297.629297][ T9320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 297.629311][ T9320] Call Trace: [ 297.629319][ T9320] [ 297.629328][ T9320] dump_stack_lvl+0x16c/0x1f0 [ 297.629364][ T9320] should_fail_ex+0x512/0x640 [ 297.629402][ T9320] core_sys_select+0x921/0xbe0 [ 297.629446][ T9320] ? __pfx_core_sys_select+0x10/0x10 [ 297.629513][ T9320] ? read_tsc+0x9/0x20 [ 297.629550][ T9320] ? ktime_get_ts64+0x256/0x400 [ 297.629585][ T9320] kern_select+0x15d/0x1e0 [ 297.629621][ T9320] ? __pfx_kern_select+0x10/0x10 [ 297.629659][ T9320] ? xfd_validate_state+0x5d/0x180 [ 297.629699][ T9320] ? rcu_is_watching+0x12/0xc0 [ 297.629761][ T9320] __x64_sys_select+0xbd/0x160 [ 297.629798][ T9320] ? do_syscall_64+0x91/0x230 [ 297.629829][ T9320] ? lockdep_hardirqs_on+0x7c/0x110 [ 297.629859][ T9320] do_syscall_64+0xcd/0x230 [ 297.629894][ T9320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.629917][ T9320] RIP: 0033:0x7fd62998e969 [ 297.629935][ T9320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.629959][ T9320] RSP: 002b:00007fd62a785038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 297.629981][ T9320] RAX: ffffffffffffffda RBX: 00007fd629bb5fa0 RCX: 00007fd62998e969 [ 297.629997][ T9320] RDX: 0000200000000280 RSI: 0000200000000200 RDI: 0000000000000005 [ 297.630012][ T9320] RBP: 00007fd629a10ab1 R08: 0000200000000440 R09: 0000000000000000 [ 297.630027][ T9320] R10: 00002000000003c0 R11: 0000000000000246 R12: 0000000000000000 [ 297.630041][ T9320] R13: 0000000000000000 R14: 00007fd629bb5fa0 R15: 00007ffd60701d08 [ 297.630070][ T9320] [ 298.427303][ T9333] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 298.439075][ T9334] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1297'. [ 299.600540][ T9354] vhci_hcd: not connected 4 [ 299.687084][ T9356] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1307'. [ 300.003970][ T9363] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1310'. [ 300.042624][ T9367] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1311'. [ 300.054606][ T9366] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1312'. [ 300.096694][ T9366] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1312'. [ 300.898197][ T9387] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1321'. [ 300.923658][ T9385] hub 8-0:1.0: USB hub found [ 300.955875][ T9385] hub 8-0:1.0: 1 port detected [ 300.977396][ T9387] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1321'. [ 301.336328][ T9398] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1325'. [ 303.165289][ T9432] __nla_validate_parse: 1 callbacks suppressed [ 303.165310][ T9432] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1339'. [ 304.364563][ T9448] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1344'. [ 304.506287][ T9448] dummy0: entered promiscuous mode [ 304.829826][ T9454] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1348'. [ 305.463868][ T9462] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1351'. [ 308.253412][ T9509] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1368'. [ 308.481190][ T9509] veth0_macvtap: left promiscuous mode [ 308.762527][ T9511] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1369'. [ 308.829659][ T9514] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1369'. [ 309.113142][ T9519] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1372'. [ 310.020013][ T9534] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1378'. [ 310.105312][ T9534] netlink: 'syz.1.1378': attribute type 2 has an invalid length. [ 310.189474][ T9534] netlink: 'syz.1.1378': attribute type 3 has an invalid length. [ 310.218326][ T9534] netlink: 150 bytes leftover after parsing attributes in process `syz.1.1378'. [ 310.654927][ T9543] netlink: 146 bytes leftover after parsing attributes in process `syz.4.1380'. [ 311.162784][ T9549] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1382'. [ 311.178600][ T9549] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1382'. [ 312.087626][ T9560] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1388'. [ 312.768541][ T9573] netlink: 'syz.4.1392': attribute type 64 has an invalid length. [ 314.364127][ T9592] __nla_validate_parse: 1 callbacks suppressed [ 314.364145][ T9592] netlink: 146 bytes leftover after parsing attributes in process `syz.0.1399'. [ 316.347908][ T9614] hub 8-0:1.0: USB hub found [ 316.416315][ T9614] hub 8-0:1.0: 1 port detected [ 316.528205][ T9616] netlink: 186 bytes leftover after parsing attributes in process `syz.4.1407'. [ 317.202498][ T9628] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1413'. [ 317.255731][ T9630] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1412'. [ 318.275812][ T9642] FAULT_INJECTION: forcing a failure. [ 318.275812][ T9642] name failslab, interval 1, probability 0, space 0, times 0 [ 318.363059][ T9642] CPU: 1 UID: 0 PID: 9642 Comm: syz.4.1418 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 318.363096][ T9642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 318.363111][ T9642] Call Trace: [ 318.363118][ T9642] [ 318.363128][ T9642] dump_stack_lvl+0x16c/0x1f0 [ 318.363163][ T9642] should_fail_ex+0x512/0x640 [ 318.363195][ T9642] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 318.363225][ T9642] should_failslab+0xc2/0x120 [ 318.363252][ T9642] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 318.363279][ T9642] ? __kernfs_new_node+0xd2/0x8a0 [ 318.363321][ T9642] __kernfs_new_node+0xd2/0x8a0 [ 318.363360][ T9642] ? __pfx___kernfs_new_node+0x10/0x10 [ 318.363404][ T9642] ? find_held_lock+0x2b/0x80 [ 318.363427][ T9642] ? kernfs_root+0xee/0x2a0 [ 318.363453][ T9642] kernfs_new_node+0x13c/0x1e0 [ 318.363483][ T9642] __kernfs_create_file+0x53/0x350 [ 318.363517][ T9642] sysfs_add_file_mode_ns+0x207/0x3c0 [ 318.363559][ T9642] internal_create_group+0x578/0xf30 [ 318.363589][ T9642] ? __pfx_internal_create_group+0x10/0x10 [ 318.363615][ T9642] ? kernfs_create_link+0x1bd/0x240 [ 318.363656][ T9642] internal_create_groups+0x9d/0x150 [ 318.363682][ T9642] device_add+0x77f/0x1a70 [ 318.363718][ T9642] ? __pfx_device_add+0x10/0x10 [ 318.363753][ T9642] ? lockdep_init_map_type+0x5c/0x280 [ 318.363786][ T9642] ? __init_waitqueue_head+0xca/0x150 [ 318.363830][ T9642] netdev_register_kobject+0x182/0x3a0 [ 318.363865][ T9642] register_netdevice+0x13dc/0x2270 [ 318.363898][ T9642] ? idr_alloc+0xdd/0x130 [ 318.363925][ T9642] ? __pfx_register_netdevice+0x10/0x10 [ 318.363963][ T9642] ppp_dev_configure+0x99b/0xc80 [ 318.363998][ T9642] ppp_ioctl+0x17e0/0x2660 [ 318.364029][ T9642] ? find_held_lock+0x2b/0x80 [ 318.364050][ T9642] ? __pfx_ppp_ioctl+0x10/0x10 [ 318.364088][ T9642] ? __fget_files+0x20e/0x3c0 [ 318.364130][ T9642] ? __pfx_ppp_ioctl+0x10/0x10 [ 318.364160][ T9642] __x64_sys_ioctl+0x190/0x200 [ 318.364194][ T9642] do_syscall_64+0xcd/0x230 [ 318.364230][ T9642] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.364254][ T9642] RIP: 0033:0x7fc5bff8e969 [ 318.364272][ T9642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 318.364296][ T9642] RSP: 002b:00007fc5c0e0b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 318.364318][ T9642] RAX: ffffffffffffffda RBX: 00007fc5c01b5fa0 RCX: 00007fc5bff8e969 [ 318.364334][ T9642] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000005 [ 318.364349][ T9642] RBP: 00007fc5c0010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 318.364364][ T9642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 318.364379][ T9642] R13: 0000000000000000 R14: 00007fc5c01b5fa0 R15: 00007fff777d7698 [ 318.364409][ T9642] [ 319.825504][ T9633] kexec: Could not allocate control_code_buffer [ 320.231225][ T9668] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1427'. [ 320.527428][ T9674] syz.3.1430 (9674): /proc/9674/oom_adj is deprecated, please use /proc/9674/oom_score_adj instead. [ 320.866139][ T9684] netlink: 146 bytes leftover after parsing attributes in process `syz.3.1433'. [ 321.678715][ T9696] netlink: 290 bytes leftover after parsing attributes in process `syz.4.1440'. [ 322.364163][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.379066][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.380777][ T9723] netlink: 266 bytes leftover after parsing attributes in process `syz.0.1448'. [ 323.836670][ T9730] FAULT_INJECTION: forcing a failure. [ 323.836670][ T9730] name failslab, interval 1, probability 0, space 0, times 0 [ 323.902640][ T9730] CPU: 1 UID: 0 PID: 9730 Comm: syz.1.1452 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 323.902680][ T9730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 323.902697][ T9730] Call Trace: [ 323.902707][ T9730] [ 323.902717][ T9730] dump_stack_lvl+0x16c/0x1f0 [ 323.902757][ T9730] should_fail_ex+0x512/0x640 [ 323.902795][ T9730] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 323.902828][ T9730] should_failslab+0xc2/0x120 [ 323.902861][ T9730] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 323.902892][ T9730] ? mpol_new+0x11b/0x2d0 [ 323.902919][ T9730] ? _copy_from_user+0x59/0xd0 [ 323.902961][ T9730] mpol_new+0x11b/0x2d0 [ 323.902991][ T9730] do_set_mempolicy+0x83/0x480 [ 323.903031][ T9730] ? __pfx_do_set_mempolicy+0x10/0x10 [ 323.903066][ T9730] ? __x64_sys_futex+0x1e0/0x4c0 [ 323.903099][ T9730] kernel_set_mempolicy+0x1c4/0x1e0 [ 323.903134][ T9730] ? __pfx_kernel_set_mempolicy+0x10/0x10 [ 323.903166][ T9730] ? rcu_is_watching+0x12/0xc0 [ 323.903199][ T9730] do_syscall_64+0xcd/0x230 [ 323.903238][ T9730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.903265][ T9730] RIP: 0033:0x7f8fc778e969 [ 323.903285][ T9730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 323.903311][ T9730] RSP: 002b:00007f8fc8643038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ee [ 323.903336][ T9730] RAX: ffffffffffffffda RBX: 00007f8fc79b5fa0 RCX: 00007f8fc778e969 [ 323.903357][ T9730] RDX: 0000000000000004 RSI: 0000200000000080 RDI: 0000000000000002 [ 323.903373][ T9730] RBP: 00007f8fc7810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 323.903389][ T9730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 323.903405][ T9730] R13: 0000000000000000 R14: 00007f8fc79b5fa0 R15: 00007ffc6c2610d8 [ 323.903437][ T9730] [ 325.125692][ T9744] sp0: Synchronizing with TNC [ 325.264093][ T9747] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1459'. [ 325.843559][ T9757] netlink: 'syz.3.1462': attribute type 20 has an invalid length. [ 325.908401][ T9757] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1462'. [ 326.013475][ T9757] IPv6: NLM_F_CREATE should be specified when creating new route [ 326.063309][ T9761] FAULT_INJECTION: forcing a failure. [ 326.063309][ T9761] name failslab, interval 1, probability 0, space 0, times 0 [ 326.125701][ T9761] CPU: 1 UID: 0 PID: 9761 Comm: syz.0.1465 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 326.125738][ T9761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 326.125752][ T9761] Call Trace: [ 326.125760][ T9761] [ 326.125769][ T9761] dump_stack_lvl+0x16c/0x1f0 [ 326.125806][ T9761] should_fail_ex+0x512/0x640 [ 326.125839][ T9761] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 326.125878][ T9761] should_failslab+0xc2/0x120 [ 326.125908][ T9761] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 326.125935][ T9761] ? __kernfs_new_node+0xd2/0x8a0 [ 326.125979][ T9761] __kernfs_new_node+0xd2/0x8a0 [ 326.126020][ T9761] ? __pfx___kernfs_new_node+0x10/0x10 [ 326.126066][ T9761] ? find_held_lock+0x2b/0x80 [ 326.126090][ T9761] ? kernfs_root+0xee/0x2a0 [ 326.126116][ T9761] kernfs_new_node+0x13c/0x1e0 [ 326.126147][ T9761] __kernfs_create_file+0x53/0x350 [ 326.126182][ T9761] sysfs_add_file_mode_ns+0x207/0x3c0 [ 326.126226][ T9761] internal_create_group+0x578/0xf30 [ 326.126257][ T9761] ? __pfx_internal_create_group+0x10/0x10 [ 326.126284][ T9761] ? kernfs_create_link+0x1bd/0x240 [ 326.126321][ T9761] internal_create_groups+0x9d/0x150 [ 326.126346][ T9761] device_add+0x77f/0x1a70 [ 326.126382][ T9761] ? __pfx_device_add+0x10/0x10 [ 326.126413][ T9761] ? lockdep_init_map_type+0x5c/0x280 [ 326.126445][ T9761] ? __init_waitqueue_head+0xca/0x150 [ 326.126490][ T9761] netdev_register_kobject+0x182/0x3a0 [ 326.126524][ T9761] register_netdevice+0x13dc/0x2270 [ 326.126557][ T9761] ? idr_alloc+0xdd/0x130 [ 326.126584][ T9761] ? __pfx_register_netdevice+0x10/0x10 [ 326.126622][ T9761] ppp_dev_configure+0x99b/0xc80 [ 326.126657][ T9761] ppp_ioctl+0x17e0/0x2660 [ 326.126688][ T9761] ? find_held_lock+0x2b/0x80 [ 326.126714][ T9761] ? __pfx_ppp_ioctl+0x10/0x10 [ 326.126747][ T9761] ? __fget_files+0x20e/0x3c0 [ 326.126789][ T9761] ? __pfx_ppp_ioctl+0x10/0x10 [ 326.126818][ T9761] __x64_sys_ioctl+0x190/0x200 [ 326.126854][ T9761] do_syscall_64+0xcd/0x230 [ 326.126893][ T9761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.126917][ T9761] RIP: 0033:0x7f270af8e969 [ 326.126936][ T9761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 326.126960][ T9761] RSP: 002b:00007f270be1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 326.126982][ T9761] RAX: ffffffffffffffda RBX: 00007f270b1b5fa0 RCX: 00007f270af8e969 [ 326.126998][ T9761] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000005 [ 326.127012][ T9761] RBP: 00007f270b010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 326.127027][ T9761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 326.127041][ T9761] R13: 0000000000000000 R14: 00007f270b1b5fa0 R15: 00007fff6713edb8 [ 326.127071][ T9761] [ 327.162299][ T9771] netlink: 146 bytes leftover after parsing attributes in process `syz.4.1469'. [ 328.689684][ T9802] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1481'. [ 328.751437][ T9802] IPv6: Can't replace route, no match found [ 330.105297][ T9828] FAULT_INJECTION: forcing a failure. [ 330.105297][ T9828] name failslab, interval 1, probability 0, space 0, times 0 [ 330.267896][ T9828] CPU: 1 UID: 0 PID: 9828 Comm: syz.0.1486 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 330.267936][ T9828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 330.267951][ T9828] Call Trace: [ 330.267958][ T9828] [ 330.267967][ T9828] dump_stack_lvl+0x16c/0x1f0 [ 330.268003][ T9828] should_fail_ex+0x512/0x640 [ 330.268035][ T9828] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 330.268064][ T9828] should_failslab+0xc2/0x120 [ 330.268096][ T9828] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 330.268123][ T9828] ? sk_prot_alloc+0x60/0x2a0 [ 330.268159][ T9828] sk_prot_alloc+0x60/0x2a0 [ 330.268192][ T9828] sk_alloc+0x36/0xc20 [ 330.268218][ T9828] inet_create+0x3a1/0x1090 [ 330.268251][ T9828] ? inet_create+0x93/0x1090 [ 330.268288][ T9828] __sock_create+0x335/0x8d0 [ 330.268328][ T9828] inet_ctl_sock_create+0x94/0x230 [ 330.268364][ T9828] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 330.268396][ T9828] ? lockdep_init_map_type+0x5c/0x280 [ 330.268430][ T9828] ? lockdep_init_map_type+0x5c/0x280 [ 330.268463][ T9828] ? __pfx_igmp_net_init+0x10/0x10 [ 330.268497][ T9828] igmp_net_init+0xd0/0x1a0 [ 330.268533][ T9828] ops_init+0x1df/0x5f0 [ 330.268566][ T9828] setup_net+0x21e/0x850 [ 330.268596][ T9828] ? __pfx_setup_net+0x10/0x10 [ 330.268621][ T9828] ? lockdep_init_map_type+0x5c/0x280 [ 330.268653][ T9828] ? __pfx_down_read_killable+0x10/0x10 [ 330.268694][ T9828] ? debug_mutex_init+0x37/0x70 [ 330.268739][ T9828] copy_net_ns+0x2a6/0x5f0 [ 330.268772][ T9828] create_new_namespaces+0x3ea/0xad0 [ 330.268805][ T9828] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 330.268835][ T9828] ksys_unshare+0x45b/0xa40 [ 330.268867][ T9828] ? __pfx_ksys_unshare+0x10/0x10 [ 330.268898][ T9828] ? xfd_validate_state+0x5d/0x180 [ 330.268946][ T9828] ? rcu_is_watching+0x12/0xc0 [ 330.268974][ T9828] __x64_sys_unshare+0x31/0x40 [ 330.269006][ T9828] do_syscall_64+0xcd/0x230 [ 330.269042][ T9828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.269066][ T9828] RIP: 0033:0x7f270af8e969 [ 330.269085][ T9828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.269108][ T9828] RSP: 002b:00007f270be1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 330.269131][ T9828] RAX: ffffffffffffffda RBX: 00007f270b1b5fa0 RCX: 00007f270af8e969 [ 330.269147][ T9828] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 330.269161][ T9828] RBP: 00007f270b010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 330.269175][ T9828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.269189][ T9828] R13: 0000000000000000 R14: 00007f270b1b5fa0 R15: 00007fff6713edb8 [ 330.269219][ T9828] [ 330.554804][ T9832] netlink: 146 bytes leftover after parsing attributes in process `syz.4.1488'. [ 330.829138][ T9828] Failed to initialize the IGMP autojoin socket (err -12) [ 331.009147][ T9838] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1490'. [ 331.052284][ T9838] bridge0: port 2(bridge_slave_1) entered disabled state [ 331.060852][ T9838] bridge0: port 1(bridge_slave_0) entered disabled state [ 331.743255][ T9851] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1493'. [ 331.852987][ T9853] FAULT_INJECTION: forcing a failure. [ 331.852987][ T9853] name failslab, interval 1, probability 0, space 0, times 0 [ 331.949219][ T9853] CPU: 1 UID: 0 PID: 9853 Comm: syz.1.1494 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 331.949254][ T9853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 331.949268][ T9853] Call Trace: [ 331.949276][ T9853] [ 331.949285][ T9853] dump_stack_lvl+0x16c/0x1f0 [ 331.949319][ T9853] should_fail_ex+0x512/0x640 [ 331.949352][ T9853] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 331.949393][ T9853] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 331.949424][ T9853] should_failslab+0xc2/0x120 [ 331.949452][ T9853] __kmalloc_cache_noprof+0x6a/0x3e0 [ 331.949499][ T9853] ? lockdep_init_map_type+0x5c/0x280 [ 331.949530][ T9853] ? __kthread_create_on_node+0xce/0x3f0 [ 331.949564][ T9853] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 331.949595][ T9853] __kthread_create_on_node+0xce/0x3f0 [ 331.949624][ T9853] ? __pfx___mutex_trylock_common+0x10/0x10 [ 331.949656][ T9853] ? __pfx___kthread_create_on_node+0x10/0x10 [ 331.949701][ T9853] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 331.949733][ T9853] kthread_create_on_node+0xc7/0x100 [ 331.949763][ T9853] ? __pfx_kthread_create_on_node+0x10/0x10 [ 331.949798][ T9853] ? mark_held_locks+0x49/0x80 [ 331.949826][ T9853] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 331.949853][ T9853] ? lockdep_hardirqs_on+0x7c/0x110 [ 331.949888][ T9853] dvb_frontend_open+0xf47/0x1730 [ 331.949927][ T9853] ? __pfx_dvb_frontend_open+0x10/0x10 [ 331.949959][ T9853] dvb_device_open+0x26d/0x3b0 [ 331.949990][ T9853] ? __pfx_dvb_device_open+0x10/0x10 [ 331.950021][ T9853] chrdev_open+0x231/0x6a0 [ 331.950045][ T9853] ? __pfx_apparmor_file_open+0x10/0x10 [ 331.950074][ T9853] ? __pfx_chrdev_open+0x10/0x10 [ 331.950100][ T9853] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 331.950141][ T9853] do_dentry_open+0x741/0x1c10 [ 331.950165][ T9853] ? __pfx_chrdev_open+0x10/0x10 [ 331.950195][ T9853] vfs_open+0x82/0x3f0 [ 331.950227][ T9853] path_openat+0x1e5e/0x2d40 [ 331.950260][ T9853] ? __pfx_path_openat+0x10/0x10 [ 331.950289][ T9853] do_filp_open+0x20b/0x470 [ 331.950310][ T9853] ? __pfx_do_filp_open+0x10/0x10 [ 331.950353][ T9853] ? alloc_fd+0x471/0x7d0 [ 331.950397][ T9853] do_sys_openat2+0x11b/0x1d0 [ 331.950427][ T9853] ? __pfx_do_sys_openat2+0x10/0x10 [ 331.950459][ T9853] ? __pfx___might_resched+0x10/0x10 [ 331.950499][ T9853] __x64_sys_openat+0x174/0x210 [ 331.950531][ T9853] ? __pfx___x64_sys_openat+0x10/0x10 [ 331.950564][ T9853] ? rcu_is_watching+0x12/0xc0 [ 331.950593][ T9853] do_syscall_64+0xcd/0x230 [ 331.950627][ T9853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.950650][ T9853] RIP: 0033:0x7f8fc778e969 [ 331.950668][ T9853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.950691][ T9853] RSP: 002b:00007f8fc8643038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 331.950713][ T9853] RAX: ffffffffffffffda RBX: 00007f8fc79b5fa0 RCX: 00007f8fc778e969 [ 331.950728][ T9853] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 331.950743][ T9853] RBP: 00007f8fc7810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 331.950757][ T9853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 331.950771][ T9853] R13: 0000000000000000 R14: 00007f8fc79b5fa0 R15: 00007ffc6c2610d8 [ 331.950800][ T9853] [ 331.950814][ T9853] i2c i2c-0: dvb_frontend_start: failed to start kthread (-12) [ 333.827799][ T9878] FAULT_INJECTION: forcing a failure. [ 333.827799][ T9878] name failslab, interval 1, probability 0, space 0, times 0 [ 333.915775][ T9878] CPU: 1 UID: 0 PID: 9878 Comm: syz.4.1502 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 333.915811][ T9878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 333.915825][ T9878] Call Trace: [ 333.915833][ T9878] [ 333.915842][ T9878] dump_stack_lvl+0x16c/0x1f0 [ 333.915878][ T9878] should_fail_ex+0x512/0x640 [ 333.915911][ T9878] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 333.915941][ T9878] should_failslab+0xc2/0x120 [ 333.915969][ T9878] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 333.915997][ T9878] ? __d_alloc+0x31/0xaa0 [ 333.916028][ T9878] ? find_held_lock+0x2b/0x80 [ 333.916053][ T9878] __d_alloc+0x31/0xaa0 [ 333.916081][ T9878] d_alloc+0x4a/0x1e0 [ 333.916107][ T9878] d_alloc_parallel+0xe3/0x12e0 [ 333.916147][ T9878] ? find_held_lock+0x2b/0x80 [ 333.916171][ T9878] ? __pfx_d_alloc_parallel+0x10/0x10 [ 333.916207][ T9878] ? __d_lookup+0x266/0x4a0 [ 333.916246][ T9878] lookup_open.isra.0+0x665/0x1580 [ 333.916287][ T9878] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 333.916338][ T9878] ? mnt_get_write_access+0x20c/0x300 [ 333.916373][ T9878] path_openat+0x905/0x2d40 [ 333.916407][ T9878] ? __pfx_path_openat+0x10/0x10 [ 333.916437][ T9878] do_filp_open+0x20b/0x470 [ 333.916460][ T9878] ? __pfx_do_filp_open+0x10/0x10 [ 333.916493][ T9878] ? __pfx_kfree_link+0x10/0x10 [ 333.916533][ T9878] ? alloc_fd+0x471/0x7d0 [ 333.916577][ T9878] do_sys_openat2+0x11b/0x1d0 [ 333.916609][ T9878] ? __pfx_do_sys_openat2+0x10/0x10 [ 333.916642][ T9878] ? find_held_lock+0x2b/0x80 [ 333.916671][ T9878] __x64_sys_openat+0x174/0x210 [ 333.916703][ T9878] ? __pfx___x64_sys_openat+0x10/0x10 [ 333.916738][ T9878] ? rcu_is_watching+0x12/0xc0 [ 333.916768][ T9878] do_syscall_64+0xcd/0x230 [ 333.916803][ T9878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.916827][ T9878] RIP: 0033:0x7fc5bff8d2d0 [ 333.916846][ T9878] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 333.916869][ T9878] RSP: 002b:00007fc5c0e0af10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 333.916891][ T9878] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc5bff8d2d0 [ 333.916907][ T9878] RDX: 0000000000000002 RSI: 00007fc5c0e0afa0 RDI: 00000000ffffff9c [ 333.916921][ T9878] RBP: 00007fc5c0e0afa0 R08: 0000000000000000 R09: 00007fc5c0e0acd5 [ 333.916936][ T9878] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 333.916951][ T9878] R13: 0000000000000000 R14: 00007fc5c01b5fa0 R15: 00007fff777d7698 [ 333.916980][ T9878] [ 334.839831][ T9884] FAULT_INJECTION: forcing a failure. [ 334.839831][ T9884] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 334.941177][ T9884] CPU: 1 UID: 0 PID: 9884 Comm: syz.0.1504 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 334.941215][ T9884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 334.941229][ T9884] Call Trace: [ 334.941237][ T9884] [ 334.941246][ T9884] dump_stack_lvl+0x16c/0x1f0 [ 334.941282][ T9884] should_fail_ex+0x512/0x640 [ 334.941319][ T9884] should_fail_alloc_page+0xe7/0x130 [ 334.941350][ T9884] prepare_alloc_pages+0x3c2/0x610 [ 334.941384][ T9884] ? rcu_is_watching+0x12/0xc0 [ 334.941408][ T9884] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 334.941442][ T9884] ? stack_trace_save+0x8e/0xc0 [ 334.941465][ T9884] ? __pfx_stack_trace_save+0x10/0x10 [ 334.941487][ T9884] ? stack_depot_save_flags+0x28/0xa50 [ 334.941520][ T9884] ? __lock_acquire+0xaa4/0x1ba0 [ 334.941549][ T9884] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 334.941578][ T9884] ? kasan_save_stack+0x42/0x60 [ 334.941600][ T9884] ? kasan_save_stack+0x33/0x60 [ 334.941622][ T9884] ? kasan_save_track+0x14/0x30 [ 334.941644][ T9884] ? __kasan_kmalloc+0xaa/0xb0 [ 334.941664][ T9884] ? mon_bin_open+0x1a8/0x4a0 [ 334.941699][ T9884] ? chrdev_open+0x231/0x6a0 [ 334.941725][ T9884] ? __x64_sys_openat+0x174/0x210 [ 334.941754][ T9884] ? do_syscall_64+0xcd/0x230 [ 334.941783][ T9884] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.941813][ T9884] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 334.941845][ T9884] ? policy_nodemask+0xea/0x4e0 [ 334.941876][ T9884] alloc_pages_mpol+0x1fb/0x550 [ 334.941914][ T9884] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 334.941951][ T9884] alloc_pages_noprof+0x131/0x390 [ 334.941982][ T9884] get_zeroed_page_noprof+0x14/0x50 [ 334.942016][ T9884] mon_alloc_buff+0xbc/0x180 [ 334.942055][ T9884] ? kasan_save_track+0x14/0x30 [ 334.942082][ T9884] mon_bin_open+0x207/0x4a0 [ 334.942120][ T9884] ? __pfx_mon_bin_open+0x10/0x10 [ 334.942158][ T9884] chrdev_open+0x231/0x6a0 [ 334.942181][ T9884] ? __pfx_apparmor_file_open+0x10/0x10 [ 334.942215][ T9884] ? __pfx_chrdev_open+0x10/0x10 [ 334.942242][ T9884] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 334.942284][ T9884] do_dentry_open+0x741/0x1c10 [ 334.942309][ T9884] ? __pfx_chrdev_open+0x10/0x10 [ 334.942339][ T9884] vfs_open+0x82/0x3f0 [ 334.942373][ T9884] path_openat+0x1e5e/0x2d40 [ 334.942406][ T9884] ? __pfx_path_openat+0x10/0x10 [ 334.942437][ T9884] do_filp_open+0x20b/0x470 [ 334.942459][ T9884] ? __pfx_do_filp_open+0x10/0x10 [ 334.942503][ T9884] ? alloc_fd+0x471/0x7d0 [ 334.942547][ T9884] do_sys_openat2+0x11b/0x1d0 [ 334.942578][ T9884] ? __pfx_do_sys_openat2+0x10/0x10 [ 334.942621][ T9884] __x64_sys_openat+0x174/0x210 [ 334.942653][ T9884] ? __pfx___x64_sys_openat+0x10/0x10 [ 334.942688][ T9884] ? rcu_is_watching+0x12/0xc0 [ 334.942717][ T9884] do_syscall_64+0xcd/0x230 [ 334.942751][ T9884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.942775][ T9884] RIP: 0033:0x7f270af8e969 [ 334.942794][ T9884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.942818][ T9884] RSP: 002b:00007f270be1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 334.942840][ T9884] RAX: ffffffffffffffda RBX: 00007f270b1b5fa0 RCX: 00007f270af8e969 [ 334.942856][ T9884] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 334.942872][ T9884] RBP: 00007f270b010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 334.942886][ T9884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 334.942906][ T9884] R13: 0000000000000000 R14: 00007f270b1b5fa0 R15: 00007fff6713edb8 [ 334.942935][ T9884] [ 336.091262][ T9895] netlink: 'syz.1.1507': attribute type 16 has an invalid length. [ 336.125799][ T9895] netlink: 50 bytes leftover after parsing attributes in process `syz.1.1507'. [ 336.531350][ T9904] FAULT_INJECTION: forcing a failure. [ 336.531350][ T9904] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 336.551288][ T9904] CPU: 1 UID: 0 PID: 9904 Comm: syz.1.1513 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 336.551322][ T9904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 336.551337][ T9904] Call Trace: [ 336.551345][ T9904] [ 336.551353][ T9904] dump_stack_lvl+0x16c/0x1f0 [ 336.551390][ T9904] should_fail_ex+0x512/0x640 [ 336.551428][ T9904] should_fail_alloc_page+0xe7/0x130 [ 336.551459][ T9904] prepare_alloc_pages+0x3c2/0x610 [ 336.551495][ T9904] ? rcu_is_watching+0x12/0xc0 [ 336.551519][ T9904] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 336.551562][ T9904] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 336.551590][ T9904] ? do_raw_spin_lock+0x12c/0x2b0 [ 336.551627][ T9904] ? __asan_memcpy+0x3c/0x60 [ 336.551653][ T9904] ? __pfx_interleave_nid+0x10/0x10 [ 336.551681][ T9904] ? __lock_acquire+0xaa4/0x1ba0 [ 336.551715][ T9904] ? policy_nodemask+0xea/0x4e0 [ 336.551756][ T9904] alloc_pages_mpol+0x1fb/0x550 [ 336.551785][ T9904] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 336.551823][ T9904] folio_alloc_mpol_noprof+0x36/0x2f0 [ 336.551859][ T9904] shmem_alloc_folio+0x135/0x160 [ 336.551900][ T9904] shmem_alloc_and_add_folio+0x499/0xc20 [ 336.551934][ T9904] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 336.551965][ T9904] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 336.552000][ T9904] shmem_get_folio_gfp+0x687/0x1530 [ 336.552034][ T9904] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 336.552063][ T9904] ? __pfx_timestamp_truncate+0x10/0x10 [ 336.552092][ T9904] shmem_fault+0x1fe/0xa30 [ 336.552121][ T9904] ? __pfx_shmem_fault+0x10/0x10 [ 336.552154][ T9904] ? __pfx___up_read+0x10/0x10 [ 336.552196][ T9904] ? __pfx_filemap_map_pages+0x10/0x10 [ 336.552225][ T9904] __do_fault+0x10a/0x490 [ 336.552256][ T9904] ? __pfx_filemap_map_pages+0x10/0x10 [ 336.552284][ T9904] do_pte_missing+0x1a6/0x3fb0 [ 336.552310][ T9904] ? __handle_mm_fault+0x1010/0x2a40 [ 336.552337][ T9904] __handle_mm_fault+0x103d/0x2a40 [ 336.552369][ T9904] ? __pfx___handle_mm_fault+0x10/0x10 [ 336.552391][ T9904] ? __pte_offset_map_lock+0x155/0x2f0 [ 336.552425][ T9904] ? find_held_lock+0x2b/0x80 [ 336.552445][ T9904] ? find_held_lock+0x2b/0x80 [ 336.552485][ T9904] handle_mm_fault+0x3fe/0xad0 [ 336.552513][ T9904] __get_user_pages+0x771/0x36f0 [ 336.552562][ T9904] ? __pfx___get_user_pages+0x10/0x10 [ 336.552598][ T9904] ? __pfx_down_read_killable+0x10/0x10 [ 336.552635][ T9904] ? __lock_acquire+0xaa4/0x1ba0 [ 336.552672][ T9904] faultin_page_range+0x249/0x980 [ 336.552701][ T9904] madvise_do_behavior+0x233/0x3b0 [ 336.552740][ T9904] ? __pfx_madvise_do_behavior+0x10/0x10 [ 336.552790][ T9904] do_madvise+0x10b/0x170 [ 336.552824][ T9904] __x64_sys_madvise+0xa9/0x110 [ 336.552856][ T9904] ? lockdep_hardirqs_on+0x7c/0x110 [ 336.552886][ T9904] do_syscall_64+0xcd/0x230 [ 336.552920][ T9904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.552944][ T9904] RIP: 0033:0x7f8fc778e969 [ 336.552963][ T9904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.552986][ T9904] RSP: 002b:00007f8fc8643038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 336.553008][ T9904] RAX: ffffffffffffffda RBX: 00007f8fc79b5fa0 RCX: 00007f8fc778e969 [ 336.553023][ T9904] RDX: 0000000000000017 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 336.553038][ T9904] RBP: 00007f8fc7810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 336.553053][ T9904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 336.553067][ T9904] R13: 0000000000000000 R14: 00007f8fc79b5fa0 R15: 00007ffc6c2610d8 [ 336.553096][ T9904] [ 338.651331][ T9921] FAULT_INJECTION: forcing a failure. [ 338.651331][ T9921] name failslab, interval 1, probability 0, space 0, times 0 [ 338.708848][ T9921] CPU: 1 UID: 0 PID: 9921 Comm: syz.1.1520 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 338.708885][ T9921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 338.708899][ T9921] Call Trace: [ 338.708907][ T9921] [ 338.708916][ T9921] dump_stack_lvl+0x16c/0x1f0 [ 338.708952][ T9921] should_fail_ex+0x512/0x640 [ 338.708987][ T9921] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 338.709024][ T9921] should_failslab+0xc2/0x120 [ 338.709067][ T9921] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 338.709093][ T9921] ? __kernfs_new_node+0xd2/0x8a0 [ 338.709135][ T9921] __kernfs_new_node+0xd2/0x8a0 [ 338.709175][ T9921] ? __pfx___kernfs_new_node+0x10/0x10 [ 338.709219][ T9921] ? find_held_lock+0x2b/0x80 [ 338.709242][ T9921] ? kernfs_root+0xee/0x2a0 [ 338.709287][ T9921] kernfs_new_node+0x13c/0x1e0 [ 338.709318][ T9921] __kernfs_create_file+0x53/0x350 [ 338.709353][ T9921] sysfs_add_file_mode_ns+0x207/0x3c0 [ 338.709398][ T9921] internal_create_group+0x578/0xf30 [ 338.709428][ T9921] ? __pfx_internal_create_group+0x10/0x10 [ 338.709455][ T9921] ? kernfs_create_link+0x1bd/0x240 [ 338.709499][ T9921] internal_create_groups+0x9d/0x150 [ 338.709525][ T9921] device_add+0x6d1/0x1a70 [ 338.709561][ T9921] ? __pfx_device_add+0x10/0x10 [ 338.709593][ T9921] ? lockdep_init_map_type+0x5c/0x280 [ 338.709625][ T9921] ? __init_waitqueue_head+0xca/0x150 [ 338.709669][ T9921] netdev_register_kobject+0x182/0x3a0 [ 338.709704][ T9921] register_netdevice+0x13dc/0x2270 [ 338.709739][ T9921] ? __pfx_register_netdevice+0x10/0x10 [ 338.709776][ T9921] __ip_tunnel_create+0x4a8/0x680 [ 338.709810][ T9921] ? __pfx___ip_tunnel_create+0x10/0x10 [ 338.709846][ T9921] ip_tunnel_init_net+0x22f/0x7d0 [ 338.709877][ T9921] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 338.709911][ T9921] ? trace_kmalloc+0x2b/0xd0 [ 338.709941][ T9921] ? lockdep_init_map_type+0x5c/0x280 [ 338.709978][ T9921] ? __pfx_ipgre_tap_init_net+0x10/0x10 [ 338.710016][ T9921] ops_init+0x1df/0x5f0 [ 338.710047][ T9921] setup_net+0x21e/0x850 [ 338.710076][ T9921] ? __pfx_setup_net+0x10/0x10 [ 338.710102][ T9921] ? lockdep_init_map_type+0x5c/0x280 [ 338.710134][ T9921] ? __pfx_down_read_killable+0x10/0x10 [ 338.710174][ T9921] ? debug_mutex_init+0x37/0x70 [ 338.710216][ T9921] copy_net_ns+0x2a6/0x5f0 [ 338.710249][ T9921] create_new_namespaces+0x3ea/0xad0 [ 338.710282][ T9921] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 338.710312][ T9921] ksys_unshare+0x45b/0xa40 [ 338.710345][ T9921] ? __pfx_ksys_unshare+0x10/0x10 [ 338.710375][ T9921] ? xfd_validate_state+0x5d/0x180 [ 338.710415][ T9921] ? rcu_is_watching+0x12/0xc0 [ 338.710444][ T9921] __x64_sys_unshare+0x31/0x40 [ 338.710493][ T9921] do_syscall_64+0xcd/0x230 [ 338.710527][ T9921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.710550][ T9921] RIP: 0033:0x7f8fc778e969 [ 338.710569][ T9921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 338.710611][ T9921] RSP: 002b:00007f8fc8643038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 338.710633][ T9921] RAX: ffffffffffffffda RBX: 00007f8fc79b5fa0 RCX: 00007f8fc778e969 [ 338.710649][ T9921] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 338.710664][ T9921] RBP: 00007f8fc7810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 338.710679][ T9921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 338.710705][ T9921] R13: 0000000000000000 R14: 00007f8fc79b5fa0 R15: 00007ffc6c2610d8 [ 338.710734][ T9921] [ 339.295355][ T9926] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1523'. [ 339.316229][ T9924] FAULT_INJECTION: forcing a failure. [ 339.316229][ T9924] name failslab, interval 1, probability 0, space 0, times 0 [ 339.331126][ T9924] CPU: 1 UID: 0 PID: 9924 Comm: syz.0.1522 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 339.331159][ T9924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 339.331174][ T9924] Call Trace: [ 339.331181][ T9924] [ 339.331190][ T9924] dump_stack_lvl+0x16c/0x1f0 [ 339.331226][ T9924] should_fail_ex+0x512/0x640 [ 339.331259][ T9924] ? __kmalloc_noprof+0xbf/0x510 [ 339.331287][ T9924] ? lsm_blob_alloc+0x68/0x90 [ 339.331322][ T9924] should_failslab+0xc2/0x120 [ 339.331351][ T9924] __kmalloc_noprof+0xd2/0x510 [ 339.331383][ T9924] lsm_blob_alloc+0x68/0x90 [ 339.331419][ T9924] security_sk_alloc+0x30/0x270 [ 339.331445][ T9924] sk_prot_alloc+0xfb/0x2a0 [ 339.331479][ T9924] sk_alloc+0x36/0xc20 [ 339.331507][ T9924] inet_create+0x3a1/0x1090 [ 339.331540][ T9924] ? inet_create+0x93/0x1090 [ 339.331577][ T9924] __sock_create+0x335/0x8d0 [ 339.331615][ T9924] inet_ctl_sock_create+0x94/0x230 [ 339.331646][ T9924] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 339.331677][ T9924] ? lockdep_init_map_type+0x5c/0x280 [ 339.331711][ T9924] ? lockdep_init_map_type+0x5c/0x280 [ 339.331744][ T9924] ? __pfx_igmp_net_init+0x10/0x10 [ 339.331779][ T9924] igmp_net_init+0xd0/0x1a0 [ 339.331814][ T9924] ops_init+0x1df/0x5f0 [ 339.331843][ T9924] setup_net+0x21e/0x850 [ 339.331873][ T9924] ? __pfx_setup_net+0x10/0x10 [ 339.331899][ T9924] ? lockdep_init_map_type+0x5c/0x280 [ 339.331930][ T9924] ? __pfx_down_read_killable+0x10/0x10 [ 339.331970][ T9924] ? debug_mutex_init+0x37/0x70 [ 339.332011][ T9924] copy_net_ns+0x2a6/0x5f0 [ 339.332044][ T9924] create_new_namespaces+0x3ea/0xad0 [ 339.332078][ T9924] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 339.332106][ T9924] ksys_unshare+0x45b/0xa40 [ 339.332142][ T9924] ? __pfx_ksys_unshare+0x10/0x10 [ 339.332173][ T9924] ? xfd_validate_state+0x5d/0x180 [ 339.332213][ T9924] ? rcu_is_watching+0x12/0xc0 [ 339.332242][ T9924] __x64_sys_unshare+0x31/0x40 [ 339.332273][ T9924] do_syscall_64+0xcd/0x230 [ 339.332308][ T9924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.332332][ T9924] RIP: 0033:0x7f270af8e969 [ 339.332351][ T9924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.332374][ T9924] RSP: 002b:00007f270be1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 339.332396][ T9924] RAX: ffffffffffffffda RBX: 00007f270b1b5fa0 RCX: 00007f270af8e969 [ 339.332412][ T9924] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 339.332426][ T9924] RBP: 00007f270b010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 339.332440][ T9924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 339.332455][ T9924] R13: 0000000000000000 R14: 00007f270b1b5fa0 R15: 00007fff6713edb8 [ 339.332484][ T9924] [ 340.123701][ T9930] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1521'. [ 340.317673][ T9924] Failed to initialize the IGMP autojoin socket (err -12) [ 343.179413][ T9986] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1547'. [ 343.350376][ T9989] ================================================================== [ 343.358474][ T9989] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 343.366217][ T9989] Read of size 8 at addr ffff88802a6b5e18 by task syz.3.1549/9989 [ 343.374089][ T9989] [ 343.376421][ T9989] CPU: 1 UID: 0 PID: 9989 Comm: syz.3.1549 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 343.376453][ T9989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 343.376468][ T9989] Call Trace: [ 343.376477][ T9989] [ 343.376486][ T9989] dump_stack_lvl+0x116/0x1f0 [ 343.376521][ T9989] print_report+0xc3/0x670 [ 343.376548][ T9989] ? __virt_addr_valid+0x5e/0x590 [ 343.376579][ T9989] ? __phys_addr+0xc6/0x150 [ 343.376609][ T9989] ? dvb_device_open+0x36a/0x3b0 [ 343.376641][ T9989] kasan_report+0xe0/0x110 [ 343.376669][ T9989] ? dvb_device_open+0x36a/0x3b0 [ 343.376703][ T9989] ? __pfx_dvb_device_open+0x10/0x10 [ 343.376735][ T9989] dvb_device_open+0x36a/0x3b0 [ 343.376767][ T9989] ? __pfx_dvb_device_open+0x10/0x10 [ 343.376799][ T9989] chrdev_open+0x231/0x6a0 [ 343.376823][ T9989] ? __pfx_apparmor_file_open+0x10/0x10 [ 343.376854][ T9989] ? __pfx_chrdev_open+0x10/0x10 [ 343.376879][ T9989] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 343.376918][ T9989] do_dentry_open+0x741/0x1c10 [ 343.376943][ T9989] ? __pfx_chrdev_open+0x10/0x10 [ 343.376970][ T9989] vfs_open+0x82/0x3f0 [ 343.377001][ T9989] path_openat+0x1e5e/0x2d40 [ 343.377028][ T9989] ? __pfx_path_openat+0x10/0x10 [ 343.377057][ T9989] do_filp_open+0x20b/0x470 [ 343.377079][ T9989] ? __pfx_do_filp_open+0x10/0x10 [ 343.377111][ T9989] ? alloc_fd+0x471/0x7d0 [ 343.377150][ T9989] do_sys_openat2+0x11b/0x1d0 [ 343.377180][ T9989] ? __pfx_do_sys_openat2+0x10/0x10 [ 343.377211][ T9989] ? __pfx_do_sys_openat2+0x10/0x10 [ 343.377247][ T9989] __x64_sys_openat+0x174/0x210 [ 343.377279][ T9989] ? __pfx___x64_sys_openat+0x10/0x10 [ 343.377312][ T9989] ? rcu_is_watching+0x12/0xc0 [ 343.377337][ T9989] do_syscall_64+0xcd/0x230 [ 343.377371][ T9989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.377395][ T9989] RIP: 0033:0x7fd62998e969 [ 343.377414][ T9989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 343.377438][ T9989] RSP: 002b:00007fd62a785038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 343.377460][ T9989] RAX: ffffffffffffffda RBX: 00007fd629bb5fa0 RCX: 00007fd62998e969 [ 343.377476][ T9989] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 343.377492][ T9989] RBP: 00007fd629a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 343.377507][ T9989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 343.377522][ T9989] R13: 0000000000000000 R14: 00007fd629bb5fa0 R15: 00007ffd60701d08 [ 343.377545][ T9989] [ 343.377552][ T9989] [ 343.630850][ T9989] Allocated by task 1: [ 343.634918][ T9989] kasan_save_stack+0x33/0x60 [ 343.639606][ T9989] kasan_save_track+0x14/0x30 [ 343.644293][ T9989] __kasan_kmalloc+0xaa/0xb0 [ 343.648899][ T9989] dvb_register_device+0x1e4/0x2370 [ 343.654113][ T9989] dvb_register_frontend+0x5a6/0x880 [ 343.659421][ T9989] vidtv_bridge_probe+0x459/0xa90 [ 343.664462][ T9989] platform_probe+0xff/0x1f0 [ 343.669071][ T9989] really_probe+0x23e/0xa90 [ 343.673588][ T9989] __driver_probe_device+0x1de/0x440 [ 343.678898][ T9989] driver_probe_device+0x4c/0x1b0 [ 343.683952][ T9989] __driver_attach+0x283/0x580 [ 343.688725][ T9989] bus_for_each_dev+0x13b/0x1d0 [ 343.693598][ T9989] bus_add_driver+0x2e9/0x690 [ 343.698295][ T9989] driver_register+0x15c/0x4b0 [ 343.703069][ T9989] vidtv_bridge_init+0x45/0x80 [ 343.707871][ T9989] do_one_initcall+0x120/0x6e0 [ 343.712681][ T9989] kernel_init_freeable+0x5c2/0x900 [ 343.717893][ T9989] kernel_init+0x1c/0x2b0 [ 343.722226][ T9989] ret_from_fork+0x45/0x80 [ 343.726660][ T9989] ret_from_fork_asm+0x1a/0x30 [ 343.731440][ T9989] [ 343.733767][ T9989] Freed by task 9853: [ 343.737748][ T9989] kasan_save_stack+0x33/0x60 [ 343.742435][ T9989] kasan_save_track+0x14/0x30 [ 343.747120][ T9989] kasan_save_free_info+0x3b/0x60 [ 343.752163][ T9989] __kasan_slab_free+0x51/0x70 [ 343.756954][ T9989] kfree+0x2b6/0x4d0 [ 343.760888][ T9989] dvb_device_put.part.0+0x60/0x90 [ 343.766016][ T9989] dvb_device_open+0x2a4/0x3b0 [ 343.770797][ T9989] chrdev_open+0x231/0x6a0 [ 343.775219][ T9989] do_dentry_open+0x741/0x1c10 [ 343.780009][ T9989] vfs_open+0x82/0x3f0 [ 343.784097][ T9989] path_openat+0x1e5e/0x2d40 [ 343.788689][ T9989] do_filp_open+0x20b/0x470 [ 343.793201][ T9989] do_sys_openat2+0x11b/0x1d0 [ 343.797896][ T9989] __x64_sys_openat+0x174/0x210 [ 343.802762][ T9989] do_syscall_64+0xcd/0x230 [ 343.807380][ T9989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.813297][ T9989] [ 343.815707][ T9989] The buggy address belongs to the object at ffff88802a6b5e00 [ 343.815707][ T9989] which belongs to the cache kmalloc-256 of size 256 [ 343.829870][ T9989] The buggy address is located 24 bytes inside of [ 343.829870][ T9989] freed 256-byte region [ffff88802a6b5e00, ffff88802a6b5f00) [ 343.843609][ T9989] [ 343.845939][ T9989] The buggy address belongs to the physical page: [ 343.852382][ T9989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2a6b4 [ 343.861148][ T9989] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 343.869662][ T9989] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 343.877216][ T9989] page_type: f5(slab) [ 343.881308][ T9989] raw: 00fff00000000040 ffff88801b441b40 dead000000000122 0000000000000000 [ 343.889904][ T9989] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 343.898497][ T9989] head: 00fff00000000040 ffff88801b441b40 dead000000000122 0000000000000000 [ 343.907520][ T9989] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 343.916197][ T9989] head: 00fff00000000001 ffffea0000a9ad01 00000000ffffffff 00000000ffffffff [ 343.924875][ T9989] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 343.933557][ T9989] page dumped because: kasan: bad access detected [ 343.939992][ T9989] page_owner tracks the page as allocated [ 343.945713][ T9989] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 24881517654, free_ts 0 [ 343.965436][ T9989] post_alloc_hook+0x181/0x1b0 [ 343.970213][ T9989] get_page_from_freelist+0x135c/0x3920 [ 343.975852][ T9989] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 343.981928][ T9989] alloc_pages_mpol+0x1fb/0x550 [ 343.986793][ T9989] new_slab+0x244/0x340 [ 343.990963][ T9989] ___slab_alloc+0xd9c/0x1940 [ 343.995694][ T9989] __slab_alloc.constprop.0+0x56/0xb0 [ 344.001181][ T9989] __kmalloc_cache_noprof+0xfb/0x3e0 [ 344.006493][ T9989] bus_add_driver+0x92/0x690 [ 344.011188][ T9989] driver_register+0x15c/0x4b0 [ 344.015964][ T9989] usb_register_driver+0x216/0x4d0 [ 344.021118][ T9989] do_one_initcall+0x120/0x6e0 [ 344.025900][ T9989] kernel_init_freeable+0x5c2/0x900 [ 344.031113][ T9989] kernel_init+0x1c/0x2b0 [ 344.035443][ T9989] ret_from_fork+0x45/0x80 [ 344.039875][ T9989] ret_from_fork_asm+0x1a/0x30 [ 344.044655][ T9989] page_owner free stack trace missing [ 344.050044][ T9989] [ 344.052365][ T9989] Memory state around the buggy address: [ 344.058009][ T9989] ffff88802a6b5d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 344.066079][ T9989] ffff88802a6b5d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 344.074143][ T9989] >ffff88802a6b5e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 344.082310][ T9989] ^ [ 344.087156][ T9989] ffff88802a6b5e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 344.095217][ T9989] ffff88802a6b5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 344.103293][ T9989] ================================================================== [ 344.111394][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.119902][ T9984] FAULT_INJECTION: forcing a failure. [ 344.119902][ T9984] name failslab, interval 1, probability 0, space 0, times 0 [ 344.151725][ T9984] CPU: 1 UID: 0 PID: 9984 Comm: syz.1.1548 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 344.151762][ T9984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 344.151777][ T9984] Call Trace: [ 344.151784][ T9984] [ 344.151793][ T9984] dump_stack_lvl+0x16c/0x1f0 [ 344.151830][ T9984] should_fail_ex+0x512/0x640 [ 344.151863][ T9984] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 344.151892][ T9984] should_failslab+0xc2/0x120 [ 344.151921][ T9984] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 344.151948][ T9984] ? security_file_alloc+0x34/0x2b0 [ 344.151984][ T9984] security_file_alloc+0x34/0x2b0 [ 344.152014][ T9984] init_file+0x93/0x4c0 [ 344.152052][ T9984] alloc_empty_file+0x73/0x1e0 [ 344.152082][ T9984] path_openat+0xe0/0x2d40 [ 344.152102][ T9984] ? __x64_sys_openat+0x174/0x210 [ 344.152134][ T9984] ? do_syscall_64+0xcd/0x230 [ 344.152165][ T9984] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.152200][ T9984] ? __pfx_path_openat+0x10/0x10 [ 344.152229][ T9984] do_filp_open+0x20b/0x470 [ 344.152252][ T9984] ? __pfx_do_filp_open+0x10/0x10 [ 344.152297][ T9984] ? alloc_fd+0x471/0x7d0 [ 344.152341][ T9984] do_sys_openat2+0x11b/0x1d0 [ 344.152372][ T9984] ? __pfx_do_sys_openat2+0x10/0x10 [ 344.152415][ T9984] __x64_sys_openat+0x174/0x210 [ 344.152447][ T9984] ? __pfx___x64_sys_openat+0x10/0x10 [ 344.152481][ T9984] ? rcu_is_watching+0x12/0xc0 [ 344.152511][ T9984] do_syscall_64+0xcd/0x230 [ 344.152545][ T9984] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.152568][ T9984] RIP: 0033:0x7f8fc778d2d0 [ 344.152586][ T9984] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 344.152610][ T9984] RSP: 002b:00007f8fc8642f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 344.152631][ T9984] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8fc778d2d0 [ 344.152646][ T9984] RDX: 0000000000000000 RSI: 00007f8fc8642fa0 RDI: 00000000ffffff9c [ 344.152661][ T9984] RBP: 00007f8fc8642fa0 R08: 0000000000000000 R09: 0000000000000000 [ 344.152676][ T9984] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 344.152690][ T9984] R13: 0000000000000000 R14: 00007f8fc79b5fa0 R15: 00007ffc6c2610d8 [ 344.152719][ T9984] [ 344.376518][ C1] vkms_vblank_simulate: vblank timer overrun SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 346.564816][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.698300][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.814668][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 346.935263][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 347.346572][ T12] bridge_slave_1: left allmulticast mode [ 347.352465][ T12] bridge_slave_1: left promiscuous mode [ 347.418567][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 347.510944][ T12] bridge_slave_0: left allmulticast mode [ 347.546695][ T12] bridge_slave_0: left promiscuous mode [ 347.552468][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 348.058019][ T9989] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 348.065252][ T9989] CPU: 1 UID: 0 PID: 9989 Comm: syz.3.1549 Not tainted 6.15.0-rc4-syzkaller-00051-g7a13c14ee59d #0 PREEMPT(full) [ 348.077325][ T9989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025 [ 348.087473][ T9989] Call Trace: [ 348.090757][ T9989] [ 348.093710][ T9989] dump_stack_lvl+0x3d/0x1f0 [ 348.098322][ T9989] panic+0x71c/0x800 [ 348.102234][ T9989] ? __pfx_panic+0x10/0x10 [ 348.106667][ T9989] ? mark_held_locks+0x49/0x80 [ 348.111447][ T9989] ? preempt_schedule_thunk+0x16/0x30 [ 348.116842][ T9989] ? dvb_device_open+0x36a/0x3b0 [ 348.121800][ T9989] ? preempt_schedule_common+0x44/0xc0 [ 348.127278][ T9989] ? dvb_device_open+0x36a/0x3b0 [ 348.132231][ T9989] check_panic_on_warn+0xab/0xb0 [ 348.137192][ T9989] end_report+0x107/0x170 [ 348.141536][ T9989] kasan_report+0xee/0x110 [ 348.145976][ T9989] ? dvb_device_open+0x36a/0x3b0 [ 348.150933][ T9989] ? __pfx_dvb_device_open+0x10/0x10 [ 348.156234][ T9989] dvb_device_open+0x36a/0x3b0 [ 348.161015][ T9989] ? __pfx_dvb_device_open+0x10/0x10 [ 348.166316][ T9989] chrdev_open+0x231/0x6a0 [ 348.170740][ T9989] ? __pfx_apparmor_file_open+0x10/0x10 [ 348.176302][ T9989] ? __pfx_chrdev_open+0x10/0x10 [ 348.181251][ T9989] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 348.188038][ T9989] do_dentry_open+0x741/0x1c10 [ 348.192814][ T9989] ? __pfx_chrdev_open+0x10/0x10 [ 348.197767][ T9989] vfs_open+0x82/0x3f0 [ 348.201852][ T9989] path_openat+0x1e5e/0x2d40 [ 348.206472][ T9989] ? __pfx_path_openat+0x10/0x10 [ 348.211423][ T9989] do_filp_open+0x20b/0x470 [ 348.215934][ T9989] ? __pfx_do_filp_open+0x10/0x10 [ 348.220975][ T9989] ? alloc_fd+0x471/0x7d0 [ 348.225352][ T9989] do_sys_openat2+0x11b/0x1d0 [ 348.230045][ T9989] ? __pfx_do_sys_openat2+0x10/0x10 [ 348.235257][ T9989] ? __pfx_do_sys_openat2+0x10/0x10 [ 348.240474][ T9989] __x64_sys_openat+0x174/0x210 [ 348.245337][ T9989] ? __pfx___x64_sys_openat+0x10/0x10 [ 348.250739][ T9989] ? rcu_is_watching+0x12/0xc0 [ 348.255524][ T9989] do_syscall_64+0xcd/0x230 [ 348.260061][ T9989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.265981][ T9989] RIP: 0033:0x7fd62998e969 [ 348.270410][ T9989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.290035][ T9989] RSP: 002b:00007fd62a785038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 348.298462][ T9989] RAX: ffffffffffffffda RBX: 00007fd629bb5fa0 RCX: 00007fd62998e969 [ 348.306440][ T9989] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 348.314422][ T9989] RBP: 00007fd629a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 348.322400][ T9989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 348.330466][ T9989] R13: 0000000000000000 R14: 00007fd629bb5fa0 R15: 00007ffd60701d08 [ 348.338454][ T9989] [ 348.341559][ T9989] Kernel Offset: disabled [ 348.345903][ T9989] Rebooting in 86400 seconds..