last executing test programs: 5m26.850311468s ago: executing program 1 (id=912): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x40, 0x0, 0x0, 0x2) pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD(r0, 0x9, 0x0, 0x1) 5m26.58607238s ago: executing program 1 (id=913): set_mempolicy_home_node$auto(0x100000000000000, 0xa, 0x7, 0xfffffffffffffffb) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x20400, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x80080, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x5609, r1) 5m25.275603859s ago: executing program 1 (id=920): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) socketpair$auto(0x800001e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x51) setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8) setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8) 5m24.213896505s ago: executing program 1 (id=925): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 5m23.328352947s ago: executing program 1 (id=928): r0 = socket(0xa, 0x801, 0x84) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="040028"], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001bc0), r1) r2 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000004a80), r1) sendmsg$auto_NET_SHAPER_CMD_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fedbdf25020000000c000180080001006d08e2a3e3"], 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x200000c0) 5m21.996594187s ago: executing program 1 (id=933): mmap$auto(0x0, 0x2000b, 0x4000000000df, 0x10000000000eb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="000229bd0000fbdbdf35020000000800fbffffffffff0737010005000040"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="00211459a600fbdbdf250200000008000300000000001b"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000326bd7000fedbdf250200000800130001"], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 5m20.926116913s ago: executing program 32 (id=933): mmap$auto(0x0, 0x2000b, 0x4000000000df, 0x10000000000eb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="000229bd0000fbdbdf35020000000800fbffffffffff0737010005000040"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="00211459a600fbdbdf250200000008000300000000001b"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000326bd7000fedbdf250200000800130001"], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m41.54213178s ago: executing program 4 (id=1779): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'batadv0\x00', <r1=>0x0}) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="00022abd7000dbdbdf2523"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=r1, @ANYRES8=r1], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m41.164885207s ago: executing program 4 (id=1781): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x102, 0x0) write$auto(0x3, 0x0, 0x4fffffdf2) unshare$auto(0x40000080) setsockopt$auto(0xffffffffffffffff, 0x88, 0xa, 0x0, 0x80000e) ioctl$auto(r0, 0x4b71, 0x1) 2m39.040001145s ago: executing program 4 (id=1788): sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000800}, 0x80) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x6}, 0x5) close_range$auto(0x2, 0xa, 0x0) socket(0x2b, 0x1, 0x1) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmsg$auto_WG_CMD_GET_DEVICE(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x400c810}, 0x200448c0) bpf$auto(0xfffff011, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x4, 0xfab2, 0x468, 0x9, 0x2, 0x4, 0x2, 0x4, 0x200, 0x1fd, 0xb6, 0x4, 0x6, 0x3}, 0xa3) writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0x1}, 0x7e) 2m38.618219898s ago: executing program 4 (id=1790): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x20000}, 0x6) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd4/queue/scheduler\x00', 0x20140, 0x0) 2m37.859050396s ago: executing program 4 (id=1792): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 2m36.880058864s ago: executing program 4 (id=1795): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) ioctl$auto_UBI_IOCATT(0xffffffffffffffff, 0x40186f40, &(0x7f0000000000)={0x100000d, 0x4, 0x2000d, 0x3, 0x25, 0x2}) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, r0, 0x0) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x14, 0x0, 0x4) sendmmsg$auto(r0, &(0x7f0000000400)={{&(0x7f0000000000), 0x205aa, &(0x7f0000000100)={0x0, 0x4b}, 0x1, 0x0, 0x5, 0x1000}, 0x5}, 0x2, 0x100) 2m21.734934395s ago: executing program 33 (id=1795): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) ioctl$auto_UBI_IOCATT(0xffffffffffffffff, 0x40186f40, &(0x7f0000000000)={0x100000d, 0x4, 0x2000d, 0x3, 0x25, 0x2}) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, r0, 0x0) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x14, 0x0, 0x4) sendmmsg$auto(r0, &(0x7f0000000400)={{&(0x7f0000000000), 0x205aa, &(0x7f0000000100)={0x0, 0x4b}, 0x1, 0x0, 0x5, 0x1000}, 0x5}, 0x2, 0x100) 10.176456442s ago: executing program 2 (id=2412): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x7111}, 0x400000000008) close_range$auto(0x2, 0x8, 0x0) 9.910992579s ago: executing program 2 (id=2415): r0 = socket$nl_generic(0x10, 0x3, 0x10) set_mempolicy$auto(0x6, 0x0, 0x4) setsockopt$auto_SO_MARK(r0, 0xd, 0x24, 0x0, 0x6) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/wg0/route_localnet\x00', 0x480, 0x0) read$auto(0x3, 0x0, 0x80) r1 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/pp_hold\x00', 0xc0b02, 0x0) write$auto(r1, 0x0, 0xc70) 9.624630038s ago: executing program 2 (id=2419): r0 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x40084}, 0x1fe, 0x200d) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmsg$auto_IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000025bd7000ffdbdf252b00000006000a00ff0f000006000d0008000000850003000a0005"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x200000c0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) 9.193158148s ago: executing program 2 (id=2424): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x20) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x10001, 0x9) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x1007}, 0x3) execve$auto(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0) 8.454397104s ago: executing program 2 (id=2427): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x3) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22040, 0x75) socket(0x10, 0x2, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x101040, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe2400, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = socket(0xa, 0x1, 0x84) getsockopt$auto(r0, 0x0, 0x53, 0x0, &(0x7f0000000040)=0x28) 8.285705891s ago: executing program 2 (id=2428): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) mlockall$auto(0x7) migrate_pages$auto(0x0, 0x4, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) mmap$auto(0x3, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_MPP(r1, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f00000016c0)={0x113c, r2, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_MAC={0x2d, 0x6, "5cb4f02fccc0aa859814ae0a54f4164b1d64f35285cb26a5308b05b7f7947be05c82eedf45c4f2a41f"}, @NL80211_ATTR_MAX_HW_TIMESTAMP_PEERS={0x6, 0x143, 0xc40}, @NL80211_ATTR_RECEIVE_MULTICAST={0x4}, @NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0x2}, @NL80211_ATTR_VENDOR_DATA={0x1004, 0xc5, "3081768cc2542ac6aa5863cdba230898bdf10e98170594e3988f91f7e843630ac6884aea51669745b6712ec4060add9a293352ff7b301d3e6dcc6202af2705016dff644aeec227c38ba15b13b2648aff1ee6601901ccfb6120c5c89548dee7698d3621646249d258623185bceb2baea02a8cf89c212289edff353394af2b2253fec0acf3296c395db9ea7363750f3162c0fa0722d958d5150584a9c582c2fc37ead4624b47a71f39d62fbc2c5758e4ee54be89ed2fa33798789b1dbd41d8ed325e719aa0bdb905bab78344632b6201485346868434bc72ac7c72d52454949d82dc1270da226219618a60fe4e4ac11bab4a7a9c5cbfa262a8f7eaac600d7822e30068b4f2ff3049f60629455bb2ffa531dfa902659e2c3b08f442401234c4cbea1744539385838c76deadce8bbde109843479c1feffc9a75902b2be64e52ba0a654e8a32baade053f668e0828935e7b5aa1f870d34976378dd1b07ae98180b7b27e4b625610206d88bf3d9707339b11c9632e835456c3757c17dd723e67204ca8a83e1a159f5e7f07330c923b89cc3e75c9ce354aa49ac3874a900353353558a2db83f97b8265cbbab5af64e8be2749a29f6a8bda2c1a9b35d244eac324aa1af23a7c4be93db3233ed7af912e3849b934ae55ccad4fa73c1d8b397fd276610d018e3969712daafd0503a87e1b4b78fdc9184c83e632b889d62fb44d926910e799e3be253f57c7f53ecaabf2b6b068b42e9609a0bcf8298cfde735f606063798b9e0e9fef77bea499ffb46c80b38d9f457f0ce3ce80f65e00e65bdf3937e620087fb9139aad7c6844476dafd3622147c34f95e0cd78a07f96a051a1400c5299cabdc18843227743de1e6347e340d8a1875a48de3795ca504051850357f4a97a5d852ad19d5bbee092bee45a2784844bb76dbfb3e9545bc9cecd3950e41638fcdac752d19240dcb5e4e29a5a4b5b8c03476893c9cfa487dc7eb807e44adc6a691d6d8c1ceee24fe73fd675701d5eed34a447e33196d0cc7a122730b43405a5b9cb8f45b48f5198905f608ff9cf4e2a8c3cdfc955c42c902c0038aac6d01dd48afe79e7b97cb8e51f26005ebe0a5eb4dfe3c586dab55e38e5f6ed9e768348e9d9b129f30a95e76fee443812b9921690880ecff666d32b4ed96c612d06b1ca0d65bd16961a85e4b29c66a6f630c3d54990d4a0298eef94c396f7c2f223b0aaf45f77c9dae500c07d3fdff944a76c7006b5a7b54df7d235e627c31242647b2f8d9752fb9f72169fde81ce2b3e6dcf360541bda5214ac189e62470cdeacaa87a4e9eb0f5e7e26e8744afc027bdbbea1a0dee96fa5e501629b455930ffa38f26367073b3c1eb93ad1bb505862917857848d870f4055c1625b2997b8adbd99669f63b7bf2839948b9cb8bced42e0547cd0c99d166872aa5ec90dc114f860b53d2293a4a9f50f511dea895bd75b2ef942c2927eb4f522955c4e52987c5a5efae044f053f39b9a456e80806cc361d6a16a17d48d249676bddf806b31b6f7d00fd108376090e2569d79bddb2f39a6e90ecb7949da0741ded47db17d4fff61ebcf6754e3c33f10827d745c14277392722d8eb7263738d863d6a493694d1e4358a507dfe98243b6552d6f90ea8027878ec327f8ced3065fef5e031cedef781a0a67a5b5561dc176c8bbe83df22a6bee7dbe3cd9c201de56e6b56b0ef6db5011d90dc83cb3d89c687291828d7d8273f657dd89db04ee61741a565ef521fbb1dd65e97d00fedb0c2a21e31d113bbc569d07d52deaeb1b156edc12f8d756878a26a3d47aa5cda464693a14fb3b8ee2b3af52ac10c935eb1d3dbedf0595b6f813df4f79c5bd2bafdc41120177ac35927ee1da6c59dd79949be6cd31163afa929404260ab70fc1a01c7a4af61f7820ba9236f1af4e0b8474305a482aba19e9db57d46dc92c9ff44853eefb5b8d52d0a3404e2ff62e1c34d788b5fb47cbad420b05020905667880e7513be2f9ce1471ad8530fcfacb9857e8424a2d3858be6a56e1449e308d356e8be9ac7a7542b5a954866e5ace4cef463abdeaf5a850abc4e9fd6e022e69212949dba93be775d84ed6c494c9457ddee26b8dea5054d768b530a4b66ac2fd076267e9f0f620e63d86f016e04b351f8242bc802d64e37d0335bc8a3167b05f6c89ac110d513aaa3d8716af37e28dfe7884649eb2c9403eaf8111e2ade8451f77c061273bf6f9a0c0f61f5aa55796fe53443ae03212745c9143fe302c7b30fbcd9538ccc57b48cddee7e7e5846892eb80ace8089f14a9bf1d4935b302fc2ed1e1a03e694fbb56054375b13686ddb09bbf0ea93d76845799effb4cfd9f49004b1e60386322fb69d85c1a157cdbb3631d4b05b57dc7f9c28a295638956530ddf2f308e8daa8d796e633dda3fdda5359a9d70f65cdb880e826bff598b6723db21320b2854b40686a0464d3488c6f8b90d58f5852223f8fe07aef256d1a1d39d11567613611e317cfe5b1f8ecb8237982bbbbda78b7d95ef94dd41cff0a1157e0ea6590042348e95d216f3da19af7ff948a117e57f2f7b2bc49a108d7388835bacaa24110cd01444bddac31f5084a7b6210246621e5319255eed2cca7ecc09ec4a7ed3e405512252f85985d9a8b4801a92be6e8ba9798e874201456621e8958e338b925014142a40fe54dfffcd505bf0ce807dcbd7c281ec0fbcc4b89907600937db75eeafa4f880bf3df726a2ed7fba2edc4b2fc1f20541194d2feae2992e67a72eeeb222fc8be093aaae3e87f97048ed98767394312c391b0d00f35885b937ff9ae1f6354b9041e4af75345e6d6685bce58083b3b46983417467fd85a9564e2196676a98e05394df4fc8cba9e1717f5796d5fa3803f1b707e5008da21566406b82a37c415224e91aee728a36d54ef94d030905dff18e14a08f6592b0fad1658c5a35b4a013edf28949877cd6bf1ddb389ad1ddf0b2d561bb492ecd6bb630d7879828c4022eb62788365c2d3983805ae56fa99be7dc9f59232cb44e7dbf2f86115a582f9b7e8d392a1a73b05a9f107575bbd1db3b41a92e2bf665fe2aacd5ace74b878f3e96311cf81e1dba63ee81cfef6b1e24f2d0cc3d4ad37cdb296aa08f77082fd7fc19a7911e07ccad4328235d1fb2fc6f3b134727d1673d096eb6bb5d67089b5d0790e78d8e5369145bc560c2f3ef8575ce9d900adfe464450d53fe6a37a3e806b5e36a06090216bfcb41e08723d2f1be46177c7b3775b35221fdef50af872562a5c57d601a45bf3f6b484a00dddc78ff57c961a6551a48fdf159b06f2c582b5ebae6782f5bedc3ed58a8b4dfbe81e058d79811f5a07b9f591eaa5c2e31aeae32fb212fd3bddad8fa50a24f5c92453fb442971d4a05ca054dcf4f018e013f70eccf767172701707cefefdb978282840d85e16a951d33aa8e638ddfabc209acddeab50856709ee16b582d263f7ae2dada6e357bb900a24e99c876cdbcc4ec24f24761423c496cfad2590aa85334de593d8518ba0ea93646eed96d9b656e8b10211836654457bb1670b5ac9a68adee4d3721f897cf649520c021cbbcf989e69de341ac61d5048d70a07328d0e2d4683d3aaf9bb25835438edf859faa887b6128414bbd2f81026e6b33a4b9146dde825faba94d1fe996d1b3818c52480499bbed3ad4be80b4656cb4ea76b58df6d54acdbdf132369b9a4c2ea4997aff7d57625eb78382a2df1456946493b9029b3c507a9e635edd836b9bd687b0fb6e3bbde36c180066681383877543c221d484e910b444fdd5e8a1101d5a9b7c8d06345d25ddce0eb4c09329b5bb77ea655b93357f178bd9080b240b137bb826cb3a9ea8fd6f2b0d4997f44c66652231f07c7c03bf85e3701156d46f14b1e2ae5c030968da5142f56dec4cb040614c88ca64e2c11b98c3e522d94803ce0b091b72f768ed56574120851a57515670c6ff19e8bbe03bd8ed004e6036823c5b33471d31d8535765bcfc3a14c448b20e630207c57c739b381c02702fac97763ef22f106efade58382024b7b5e8cecd72f93dd26e773392034a14bdcf3eb2aba105cfa69c317103db391c27d2a72bbba82b68a77371ba767e43290b5a66566f8bb67462ae0d83aeb6a4eacb24df27b78fdd3c359b7c0975636194a680dd65381754696d38d75a6bc6afe35558de5fec5c302607caf21c6b2b5b479fc42aaae3ab4d6290384ebe2062374debf546f1b89310b24bc0f3c2fce8a3448f1e3840eccb322722095c900abe42dad7288dd5df8191c279e3858bece7d734600309705aded4da687636ec6df98388ed8949e6e529633641a2624bb830b576ac4e1af99ff0393dccc6ad98052e204e427ab9a38d0ea43def6066a6ac94eac5a648be0a8fa0d7c09d7d340793cc405277c47767bdf6f49ec9891cd92b8f6a28cc771a8dff8d94c4facbe86dc17544e67692c3cc235c143ea08960a9be3e7ad4ce8017eaba9b2dcb033feed2d2c7ca00588c5cc4b1a3306f98c07c9fe35a5fe20ab4bbb0eb390c2f743a3527f6a04810256ae63a2a228e09f7540e222829b7d229f0f31a8e90e5ab158522547b22beedfa6ed8714f584ef6653b74af28bec5861b7f60d2d830440c20877ed73f04f919ac92a1cfc6308d640bb6f27d544fbc18c388489b307b0e2ec8be40bb69bae69bf5032cbf3bd2c94a35fbbbb5f3f9c29b9401946d52ad403e60d05b5fbad33dff0ea08a816ec22239aa48da5d1de8ae31a526e9ce656fbd0030e8c94107ff9a58a1f2f90e6bcc29a235803e5f9067a1732bcfc83562b7027796226663206cbfef4323d860fec68caeada6ac1446ae859346bd1500176693316078ecb80f6b3ab4e992c8d9e91dad35808fb38a0aeeda4a2ff523d303b3c240de83aec4d8138f1797f3838923e476ee8dfb6dc73b30c505ef641d91eb2fe2349628d501fd5145efb4c12cbec2ba099d1e873f98d2ce5bca3860c5380cf5ccb1a472cf2355cda980bafaa72862a56c79a79c80e44a90a9afaa8a07d9d71aa9ea9ce3016e33f4331171a1e834f7709105f9cadabbd6c50276501fbe106a7945597274a9dc182b37be90daf34cf0735f9bff54a348486e17bd1d46f1774ca0e9543306d8d51b50c3756a230cc950073236e3c674b628ef23fa5bab7353dd409692287c6cac4923e08f0c75a6bd6ed5fd4429f87e1e93e5e35c3d6e2d685137f459754b4eb14266fcd81e0060921ebb9472a1d72f895cea20e10da79d487ac0ee4ab2c48747565b41420ea75ce1ca08429bc9eb5cca54324c5b8ea2717316c8a971aa66593f4c70173ba8b32040ee0f5e92cdf6c283407836146fdcbbd749f0750ccd0d6a02609ccea456952576db3d6565721102a27db5bfb44576bb82617ec4e0b3dcc4779492b0cf0a90b421fc6514914e9b052987fbd66d0264cc76d5ed1bb69b1c1f45de95a2fce53890fd68a97faa84e723d28aedb1532df1bddb8d448f80136e2bd25d3187c45fbf06b7b7da04e50b35743d24c77996fdb2ce3d345e25fae53471ee611f7b290d886aaf36968acc8dd42260961bbf749090d2f95abf045e24755838f1d1d4f20cc7ef8c2a8361ae925fa85ca9e0a891ff07dec601dbbbd56b7b183778e742d2d406a60914a46323cae11427aef7de7d01d6dccfa8dc7fe8ce205e8d3704218f7f57137039a3774728567a9fedc2136df8bdb337a78140bf1baabed1ee7b2d1fa738a694f4e736059c709774f13ad6fea98a78393aad7e43e920d5eab60ccd47a7c90fef66e85d52ec2193ffb86998a0231822af51de99baca13ad028addeb9b2e3"}, @NL80211_ATTR_NAN_FUNC={0xe0, 0xf0, 0x0, 0x1, [@generic="ab4f2143a5feb5daa709df3355b141d440a8990347e7c4dd52a2070f9ce271ca4527672f6d1224e5788edc251b491c80c93b82167d8eb38d5e7b5bdd5641fb5bfe048a36385db38bb98c5287bf00d4137a04a8bddca405f93edd36cba5b03a2d7cd9097198ef238fe3f2c3d13d7a4b57b34b3bd7d5602b50bc12ecd3402af9be02141269cd1ae8e475a8359bb369b90279d5d4b8f86dae2a8844ba5962099d13c4ef2632a605eed9ccf74a83dfcfc926717cd06da9a317e595fd1f33bf3e2963b240bcc1f6c2ab744712165d321e8ca13c7fdc0327ce596066c32318", @generic]}]}, 0x113c}}, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000340)={"e56607b03d9a9017e982674e4750a3b284d20f8421d6f7b17fc3a7e61deaa2ad", 0x8dd, 0xe27, 0xffff, 0xc, 0xc, 0xffffffffffffffff}) 5.7133006s ago: executing program 0 (id=2446): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80000008000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/rq_affinity\x00', 0xc2481, 0x0) write$auto(r0, 0x0, 0x9) 5.454423801s ago: executing program 0 (id=2448): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0xc4) stat$auto(0x0, &(0x7f0000000380)={0x3, 0x3, 0x6, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0xa, 0xff, 0x100, 0x401, 0x5f57, 0x80000000, 0xaa}) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, <r2=>0x5f, 0x0, 0x3}, 0x6f3) getsockopt$auto_SO_PASSCRED(r2, 0x1, 0x10, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x465043, 0x0) mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000) 3.731636789s ago: executing program 0 (id=2449): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0x14) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) r0 = socket(0xa, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/icmp/ratemask\x00', 0xa0202, 0x0) sendfile$auto(r0, r1, 0x0, 0xc) 3.501205447s ago: executing program 0 (id=2450): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x3f, 0x200000000065f, 0x1ffde, 0x7, 0x3, 0x2, 0x9, 0x3, 0x5, 0x4, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) connect$auto(0x3, &(0x7f0000000000), 0x55) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 3.410913336s ago: executing program 5 (id=2452): socket(0x29, 0x5, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) r0 = socket(0xa, 0x2, 0x3a) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/bdi/43:320/uevent\x00', 0x0, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) socket(0x11, 0x80003, 0x300) socket(0xa, 0x801, 0x106) setsockopt$auto(r0, 0x29, 0x4b, 0x0, 0x10000110) 3.269569172s ago: executing program 0 (id=2453): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) timerfd_create$auto_CLOCK_MONOTONIC(0x1, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) 3.143970102s ago: executing program 5 (id=2455): fcntl$auto(0x0, 0x40a, 0x100000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0) ioctl$auto(0x3, 0xc0303e03, r0) 1.948364395s ago: executing program 5 (id=2457): mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0xffffffffffffffff, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x3, 0x0) bind$auto(0x3, 0x0, 0x6b) connect$auto(0x3, 0x0, 0x6b) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0xa) read$auto(0x3, 0x0, 0x80) 1.631960963s ago: executing program 5 (id=2458): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@NFSD_A_SERVER_LEASETIME={0x8}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf250200000008000300000000001b0004"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd70001cdcdf250200000008000308"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.472707599s ago: executing program 3 (id=2459): socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x55) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) setsockopt$auto(0x3, 0x1, 0x28, 0x0, 0x808) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x9}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) 1.159042098s ago: executing program 5 (id=2460): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x2000000000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x10000000000048, 0x0) r0 = fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xc040aed4, r0) 1.149558942s ago: executing program 3 (id=2461): bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) semctl$auto(0x7, 0x2, 0x13, 0x1) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0xff00) 894.383347ms ago: executing program 3 (id=2462): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) getcwd$auto(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0xe6e) inotify_add_watch$auto(0x4, 0x0, 0x10000e6e) 727.439874ms ago: executing program 5 (id=2463): openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace\x00', 0x600, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x74c) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5ac, 0x0, 0x4, &(0x7f0000000080)="054269a63e3e7f35ea89a675dddc59c32aa84e72a424fa46", 0x5, 0x11}, 0x5}, 0x80000002, 0x100) getsockopt$auto(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x95) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) ioctl$auto_VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000000)={0x8, 0x0, [{0x3956dfa, 0x3, 0x301e}, {0x9, 0x4, 0x7}]}) 655.672314ms ago: executing program 3 (id=2464): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) open(0x0, 0x22240, 0x154) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 454.067741ms ago: executing program 3 (id=2465): socket(0xa, 0x3, 0x3c) socket(0x15, 0x5, 0x0) openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/lp_interval\x00', 0x8102, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x48041, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x20100, 0x0) open(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0x2000, 0xb5d1af1605322c72) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) bind$auto(0x3, 0x0, 0x6a) 234.266276ms ago: executing program 3 (id=2466): mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/video59\x00', 0x0, 0x0) openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2, 0x0) write$auto(0x3, 0x0, 0xfdef) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f000000c180), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(r1, &(0x7f000000ca40)={0x0, 0x0, &(0x7f000000ca00)={&(0x7f000000c1c0)={0x14, r2, 0x35712d2af9a9dbe3, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x841}, 0x4) 0s ago: executing program 0 (id=2467): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x3}, 0x7, 0xe, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0xffffffffffffffff, 0xc0205648, 0xffffffffffffffff) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) kernel console output (not intermixed with test programs): 9] class_attr_show+0x6f/0xa0 [ 409.539987][T10259] sysfs_kf_seq_show+0x213/0x3e0 [ 409.540035][T10259] seq_read_iter+0x506/0x12c0 [ 409.540197][T10259] kernfs_fop_read_iter+0x40f/0x5a0 [ 409.540273][T10259] ? rw_verify_area+0xcf/0x680 [ 409.540323][T10259] vfs_read+0x8c8/0xc70 [ 409.540356][T10259] ? __pfx___mutex_lock+0x10/0x10 [ 409.540398][T10259] ? __pfx_vfs_read+0x10/0x10 [ 409.540450][T10259] ksys_read+0x12a/0x240 [ 409.540478][T10259] ? __pfx_ksys_read+0x10/0x10 [ 409.540504][T10259] ? rcu_is_watching+0x12/0xc0 [ 409.540543][T10259] do_syscall_64+0xcd/0x230 [ 409.540586][T10259] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 409.540614][T10259] RIP: 0033:0x7f18b3b8e969 [ 409.540636][T10259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 409.540663][T10259] RSP: 002b:00007f18b4a22038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 409.540688][T10259] RAX: ffffffffffffffda RBX: 00007f18b3db5fa0 RCX: 00007f18b3b8e969 [ 409.540705][T10259] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000006 [ 409.540722][T10259] RBP: 00007f18b3c10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 409.540739][T10259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 409.540754][T10259] R13: 0000000000000000 R14: 00007f18b3db5fa0 R15: 00007fffcc759db8 [ 409.540789][T10259] </TASK> [ 411.292205][T10271] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 411.299064][T10271] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 413.048760][T10293] mkiss: ax0: crc mode is auto. [ 413.832780][ T5844] Bluetooth: hci0: unexpected event 0x08 length: 11 > 4 [ 413.833538][T10302] ima: policy update failed [ 413.882587][ T30] audit: type=1802 audit(6040412325.705:5): pid=10302 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1672" res=0 errno=0 [ 413.915934][T10295] Process accounting paused [ 415.239077][T10330] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1683'. [ 415.363998][T10332] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1684'. [ 415.678142][T10337] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1686'. [ 415.752517][T10337] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1686'. [ 416.912669][T10357] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1693'. [ 417.001182][T10358] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1693'. [ 417.236164][T10361] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1695'. [ 417.290780][T10361] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1695'. [ 417.372977][T10362] netlink: 190 bytes leftover after parsing attributes in process `syz.0.1695'. [ 417.713195][T10365] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1696'. [ 417.957254][ T5844] Bluetooth: hci2: unexpected event 0x04 length: 459 > 10 [ 418.120748][T10377] syz.0.1701(10377): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 419.186758][T10395] vhci_hcd: not connected 4 [ 419.281941][T10396] mkiss: ax0: crc mode is auto. [ 419.964842][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout [ 420.370764][ T30] audit: type=1800 audit(6040412332.191:6): pid=10412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1714" name="discovery_nqn" dev="configfs" ino=39695 res=0 errno=0 [ 421.919349][T10426] FAULT_INJECTION: forcing a failure. [ 421.919349][T10426] name failslab, interval 1, probability 0, space 0, times 0 [ 421.982264][T10426] CPU: 1 UID: 0 PID: 10426 Comm: syz.2.1720 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 421.982311][T10426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 421.982325][T10426] Call Trace: [ 421.982332][T10426] <TASK> [ 421.982341][T10426] dump_stack_lvl+0x16c/0x1f0 [ 421.982380][T10426] should_fail_ex+0x512/0x640 [ 421.982408][T10426] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 421.982437][T10426] should_failslab+0xc2/0x120 [ 421.982468][T10426] __kmalloc_cache_noprof+0x6a/0x3e0 [ 421.982492][T10426] ? __asan_memcpy+0x3c/0x60 [ 421.982514][T10426] ? sctp_transport_new+0xa8/0x7b0 [ 421.982544][T10426] sctp_transport_new+0xa8/0x7b0 [ 421.982573][T10426] sctp_assoc_add_peer+0x2e3/0x1550 [ 421.982604][T10426] sctp_connect_new_asoc+0x208/0x790 [ 421.982634][T10426] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 421.982662][T10426] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 421.982710][T10426] __sctp_connect+0x3f3/0xc60 [ 421.982738][T10426] ? do_raw_spin_lock+0x12c/0x2b0 [ 421.982761][T10426] ? __pfx___sctp_connect+0x10/0x10 [ 421.982789][T10426] ? __pfx_sctp_inet_connect+0x10/0x10 [ 421.982816][T10426] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 421.982852][T10426] ? __pfx_sctp_inet_connect+0x10/0x10 [ 421.982876][T10426] sctp_inet_connect+0x15f/0x200 [ 421.982903][T10426] __sys_connect_file+0x13e/0x1a0 [ 421.982934][T10426] __sys_connect+0x14d/0x170 [ 421.982960][T10426] ? __pfx___sys_connect+0x10/0x10 [ 421.982998][T10426] ? rcu_is_watching+0x12/0xc0 [ 421.983027][T10426] __x64_sys_connect+0x72/0xb0 [ 421.983053][T10426] ? lockdep_hardirqs_on+0x7c/0x110 [ 421.983085][T10426] do_syscall_64+0xcd/0x230 [ 421.983122][T10426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.983145][T10426] RIP: 0033:0x7fc3b8d8e969 [ 421.983163][T10426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.983186][T10426] RSP: 002b:00007fc3b9c49038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 421.983208][T10426] RAX: ffffffffffffffda RBX: 00007fc3b8fb5fa0 RCX: 00007fc3b8d8e969 [ 421.983224][T10426] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 421.983238][T10426] RBP: 00007fc3b8e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 421.983253][T10426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 421.983267][T10426] R13: 0000000000000000 R14: 00007fc3b8fb5fa0 R15: 00007ffca23b41b8 [ 421.983304][T10426] </TASK> [ 422.225767][ C1] vkms_vblank_simulate: vblank timer overrun [ 423.611493][ T5850] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 423.621249][T10442] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 423.630531][T10442] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 423.640734][T10442] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 423.648789][T10442] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 424.123653][T10447] KVM: debugfs: duplicate directory 10447-4 [ 424.136143][T10450] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1727'. [ 424.564596][T10456] netlink: 146 bytes leftover after parsing attributes in process `syz.2.1731'. [ 424.852234][ T52] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 425.102074][T10438] chnl_net:caif_netlink_parms(): no params data found [ 425.325350][ T52] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 425.682913][ T52] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 425.727425][T10442] Bluetooth: hci0: command tx timeout [ 426.042570][ T52] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 426.499025][T10438] bridge0: port 1(bridge_slave_0) entered blocking state [ 426.506193][T10438] bridge0: port 1(bridge_slave_0) entered disabled state [ 426.574817][T10438] bridge_slave_0: entered allmulticast mode [ 426.604919][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807ed57800: rx timeout, send abort [ 426.614663][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88807ed57800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 426.667727][T10438] bridge_slave_0: entered promiscuous mode [ 426.714470][T10438] bridge0: port 2(bridge_slave_1) entered blocking state [ 426.817565][T10438] bridge0: port 2(bridge_slave_1) entered disabled state [ 426.865716][T10438] bridge_slave_1: entered allmulticast mode [ 426.928977][T10438] bridge_slave_1: entered promiscuous mode [ 427.284716][T10438] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 427.381951][T10438] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 427.740151][T10438] team0: Port device team_slave_0 added [ 427.787182][T10438] team0: Port device team_slave_1 added [ 427.809045][T10442] Bluetooth: hci0: command tx timeout [ 428.263116][T10438] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 428.295051][T10512] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1742'. [ 428.320455][T10438] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 428.419155][T10438] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 428.535114][T10515] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1743'. [ 428.566244][T10518] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1743'. [ 428.611738][T10438] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 428.656950][T10438] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 428.779991][T10524] ima: policy update failed [ 428.785086][T10438] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 428.812766][ T30] audit: type=1802 audit(6040412340.617:7): pid=10524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1744" res=0 errno=0 [ 428.873100][ T52] bridge_slave_1: left allmulticast mode [ 428.893150][ T52] bridge0: port 2(bridge_slave_1) entered disabled state [ 428.979772][ T52] bridge_slave_0: left allmulticast mode [ 429.006875][ T52] bridge_slave_0: left promiscuous mode [ 429.048139][ T52] bridge0: port 1(bridge_slave_0) entered disabled state [ 429.092740][T10527] sctp: [Deprecated]: syz.4.1745 (pid 10527) Use of int in maxseg socket option. [ 429.092740][T10527] Use struct sctp_assoc_value instead [ 429.400820][T10530] netlink: 146 bytes leftover after parsing attributes in process `syz.4.1746'. [ 429.889855][T10442] Bluetooth: hci0: command tx timeout [ 430.034791][ T52] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 430.084415][ T52] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 430.110456][ T52] bond0 (unregistering): Released all slaves [ 430.155822][T10520] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1743'. [ 430.465797][T10438] hsr_slave_0: entered promiscuous mode [ 430.516737][T10438] hsr_slave_1: entered promiscuous mode [ 430.549973][T10438] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 430.557757][T10438] Cannot create hsr debugfs directory [ 431.353032][ T52] hsr_slave_0: left promiscuous mode [ 431.390339][ T52] hsr_slave_1: left promiscuous mode [ 431.425927][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 431.485696][ T52] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 431.573870][ T52] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 431.614639][ T52] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 431.800101][ T52] veth1_macvtap: left promiscuous mode [ 431.836581][ T52] veth0_macvtap: left promiscuous mode [ 431.877830][ T52] veth1_vlan: left promiscuous mode [ 431.970124][T10442] Bluetooth: hci0: command tx timeout [ 432.944856][T10580] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1761'. [ 433.354986][ T52] team0 (unregistering): Port device team_slave_1 removed [ 433.389351][ T52] team0 (unregistering): Port device team_slave_0 removed [ 433.906683][T10582] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1762'. [ 434.782027][T10598] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1768'. [ 434.899917][T10598] netlink: 13 bytes leftover after parsing attributes in process `syz.3.1768'. [ 435.803315][T10612] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1771'. [ 435.882427][T10612] unsupported nlmsg_type 40 [ 436.238394][T10438] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 436.271095][T10625] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1774'. [ 436.333948][T10625] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1774'. [ 436.402201][T10438] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 436.450685][T10438] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 436.520502][T10438] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 436.729282][T10633] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1776'. [ 436.801109][T10633] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1776'. [ 437.436543][T10438] 8021q: adding VLAN 0 to HW filter on device bond0 [ 437.566509][T10438] 8021q: adding VLAN 0 to HW filter on device team0 [ 437.708322][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 437.715585][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 437.829670][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 437.836865][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 439.233318][T10666] zswap: compressor not available [ 439.462059][T10438] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 440.031167][T10438] veth0_vlan: entered promiscuous mode [ 440.113612][T10442] Bluetooth: hci1: unexpected event 0x03 length: 18 > 11 [ 440.132853][T10438] veth1_vlan: entered promiscuous mode [ 440.503423][T10438] veth0_macvtap: entered promiscuous mode [ 440.590651][T10438] veth1_macvtap: entered promiscuous mode [ 440.681476][T10438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 440.725689][T10438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 440.777798][T10438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 440.837432][T10438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 440.891018][T10438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 440.949476][T10438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.045996][T10438] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 441.130698][T10438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 441.203937][T10438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.259375][T10438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 441.340008][T10438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.415344][T10438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 441.512214][T10438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.579467][T10438] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 441.652926][T10438] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 441.711059][T10438] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 441.852639][T10438] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 441.928638][T10438] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 441.995027][T10438] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.044997][T10438] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 442.542309][ T1166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 442.562882][T10727] FAULT_INJECTION: forcing a failure. [ 442.562882][T10727] name failslab, interval 1, probability 0, space 0, times 0 [ 442.607582][ T1166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 442.666856][T10727] CPU: 1 UID: 0 PID: 10727 Comm: syz.3.1796 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 442.666893][T10727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 442.666907][T10727] Call Trace: [ 442.666914][T10727] <TASK> [ 442.666923][T10727] dump_stack_lvl+0x16c/0x1f0 [ 442.666961][T10727] should_fail_ex+0x512/0x640 [ 442.666989][T10727] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 442.667020][T10727] should_failslab+0xc2/0x120 [ 442.667053][T10727] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 442.667082][T10727] ? new_userfaultfd+0x79/0x3d0 [ 442.667116][T10727] new_userfaultfd+0x79/0x3d0 [ 442.667146][T10727] __x64_sys_userfaultfd+0x4b/0xb0 [ 442.667179][T10727] do_syscall_64+0xcd/0x230 [ 442.667215][T10727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 442.667239][T10727] RIP: 0033:0x7f5bd9f8e969 [ 442.667256][T10727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 442.667280][T10727] RSP: 002b:00007f5bd7df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 442.667301][T10727] RAX: ffffffffffffffda RBX: 00007f5bda1b5fa0 RCX: 00007f5bd9f8e969 [ 442.667317][T10727] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 442.667339][T10727] RBP: 00007f5bda010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 442.667353][T10727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 442.667371][T10727] R13: 0000000000000000 R14: 00007f5bda1b5fa0 R15: 00007ffecef221e8 [ 442.667400][T10727] </TASK> [ 443.036518][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 443.045124][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 444.185561][T10746] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1715'. [ 444.825817][T10712] Process accounting resumed [ 445.101354][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.111119][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.641619][T10770] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1804'. [ 446.106662][T10775] mkiss: ax0: crc mode is auto. [ 446.451556][T10782] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1809'. [ 446.510898][T10782] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1809'. [ 446.551289][T10786] FAULT_INJECTION: forcing a failure. [ 446.551289][T10786] name failslab, interval 1, probability 0, space 0, times 0 [ 446.551452][T10786] CPU: 1 UID: 0 PID: 10786 Comm: syz.3.1810 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 446.551490][T10786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 446.551507][T10786] Call Trace: [ 446.551516][T10786] <TASK> [ 446.551526][T10786] dump_stack_lvl+0x16c/0x1f0 [ 446.551580][T10786] should_fail_ex+0x512/0x640 [ 446.551607][T10786] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 446.551638][T10786] should_failslab+0xc2/0x120 [ 446.551669][T10786] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 446.551697][T10786] ? __mpol_dup+0x74/0x380 [ 446.551741][T10786] __mpol_dup+0x74/0x380 [ 446.551773][T10786] ? __pfx___mpol_dup+0x10/0x10 [ 446.551804][T10786] ? trace_kmem_cache_alloc+0x28/0xc0 [ 446.551837][T10786] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 446.551863][T10786] ? current_cpuset_is_being_rebound+0xf6/0x370 [ 446.551889][T10786] ? sp_alloc+0x27/0x160 [ 446.551925][T10786] sp_alloc+0x4d/0x160 [ 446.551958][T10786] mpol_set_shared_policy+0xab/0x8c0 [ 446.551999][T10786] ? __pfx_shmem_set_policy+0x10/0x10 [ 446.552034][T10786] mbind_range+0x336/0x570 [ 446.552070][T10786] do_mbind+0x848/0xf30 [ 446.552112][T10786] ? __pfx_do_mbind+0x10/0x10 [ 446.552146][T10786] ? do_writev+0x218/0x330 [ 446.552180][T10786] ? __pfx_get_nodes+0x10/0x10 [ 446.552215][T10786] kernel_mbind+0x1e3/0x1f0 [ 446.552251][T10786] ? __pfx_kernel_mbind+0x10/0x10 [ 446.552283][T10786] ? rcu_is_watching+0x12/0xc0 [ 446.552315][T10786] do_syscall_64+0xcd/0x230 [ 446.552368][T10786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.552392][T10786] RIP: 0033:0x7f5bd9f8e969 [ 446.552410][T10786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.552433][T10786] RSP: 002b:00007f5bd7df6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 446.552455][T10786] RAX: ffffffffffffffda RBX: 00007f5bda1b5fa0 RCX: 00007f5bd9f8e969 [ 446.552482][T10786] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000002000 [ 446.552496][T10786] RBP: 00007f5bda010ab1 R08: 0000000000000006 R09: 0000000000000002 [ 446.552528][T10786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.552542][T10786] R13: 0000000000000000 R14: 00007f5bda1b5fa0 R15: 00007ffecef221e8 [ 446.552571][T10786] </TASK> [ 446.595459][T10787] netlink: 218 bytes leftover after parsing attributes in process `syz.0.1809'. [ 446.595869][T10782] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1809'. [ 446.596075][T10782] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1809'. [ 446.596308][T10782] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1809'. [ 451.127732][T10845] FAULT_INJECTION: forcing a failure. [ 451.127732][T10845] name failslab, interval 1, probability 0, space 0, times 0 [ 451.195216][T10845] CPU: 1 UID: 0 PID: 10845 Comm: syz.3.1833 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 451.195253][T10845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 451.195267][T10845] Call Trace: [ 451.195275][T10845] <TASK> [ 451.195284][T10845] dump_stack_lvl+0x16c/0x1f0 [ 451.195323][T10845] should_fail_ex+0x512/0x640 [ 451.195355][T10845] should_failslab+0xc2/0x120 [ 451.195386][T10845] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 451.195416][T10845] ? dst_alloc+0x99/0x1a0 [ 451.195447][T10845] dst_alloc+0x99/0x1a0 [ 451.195477][T10845] rt_dst_alloc+0x35/0x3a0 [ 451.195513][T10845] ip_route_output_key_hash_rcu+0x87a/0x28f0 [ 451.195548][T10845] ip_route_output_key_hash+0x137/0x2e0 [ 451.195582][T10845] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 451.195616][T10845] ? __pfx_crng_fast_key_erasure+0x10/0x10 [ 451.195650][T10845] ip_route_output_flow+0x27/0x150 [ 451.195677][T10845] sctp_v4_get_dst+0x41e/0x1340 [ 451.195713][T10845] ? crng_make_state+0x46e/0x6d0 [ 451.195743][T10845] ? lockdep_hardirqs_on+0x7c/0x110 [ 451.195775][T10845] ? crng_make_state+0x48e/0x6d0 [ 451.195807][T10845] ? __pfx_sctp_v4_get_dst+0x10/0x10 [ 451.195857][T10845] ? __pfx_sctp_generate_proto_unreach_event+0x10/0x10 [ 451.195889][T10845] ? lockdep_init_map_type+0x5c/0x280 [ 451.195928][T10845] ? sctp_transport_route+0x12f/0x350 [ 451.195954][T10845] sctp_transport_route+0x12f/0x350 [ 451.195985][T10845] sctp_assoc_add_peer+0x741/0x1550 [ 451.196016][T10845] sctp_connect_new_asoc+0x208/0x790 [ 451.196046][T10845] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 451.196074][T10845] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 451.196122][T10845] __sctp_connect+0x3f3/0xc60 [ 451.196162][T10845] ? do_raw_spin_lock+0x12c/0x2b0 [ 451.196184][T10845] ? __pfx___sctp_connect+0x10/0x10 [ 451.196215][T10845] ? __pfx_sctp_inet_connect+0x10/0x10 [ 451.196241][T10845] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 451.196276][T10845] ? __pfx_sctp_inet_connect+0x10/0x10 [ 451.196299][T10845] sctp_inet_connect+0x15f/0x200 [ 451.196326][T10845] __sys_connect_file+0x13e/0x1a0 [ 451.196355][T10845] __sys_connect+0x14d/0x170 [ 451.196380][T10845] ? __pfx___sys_connect+0x10/0x10 [ 451.196417][T10845] ? rcu_is_watching+0x12/0xc0 [ 451.196465][T10845] __x64_sys_connect+0x72/0xb0 [ 451.196490][T10845] ? lockdep_hardirqs_on+0x7c/0x110 [ 451.196522][T10845] do_syscall_64+0xcd/0x230 [ 451.196563][T10845] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 451.196587][T10845] RIP: 0033:0x7f5bd9f8e969 [ 451.196606][T10845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 451.196634][T10845] RSP: 002b:00007f5bd7df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 451.196662][T10845] RAX: ffffffffffffffda RBX: 00007f5bda1b5fa0 RCX: 00007f5bd9f8e969 [ 451.196678][T10845] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 451.196692][T10845] RBP: 00007f5bda010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 451.196706][T10845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 451.196720][T10845] R13: 0000000000000000 R14: 00007f5bda1b5fa0 R15: 00007ffecef221e8 [ 451.196750][T10845] </TASK> [ 452.761431][T10854] netlink: 146 bytes leftover after parsing attributes in process `syz.3.1836'. [ 455.237426][T10891] HfR: entered promiscuous mode [ 455.327178][T10892] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1848'. [ 455.423112][T10892] HfR: left promiscuous mode [ 455.663870][T10895] bond0: entered promiscuous mode [ 455.669168][T10895] bond0: entered allmulticast mode [ 455.811042][T10899] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1851'. [ 456.345237][T10908] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1855'. [ 456.567816][T10908] bond0: (slave bond_slave_1): Releasing backup interface [ 457.995215][T10927] netlink: 'syz.0.1863': attribute type 16 has an invalid length. [ 458.048210][T10927] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1863'. [ 458.092599][T10927] veth1_macvtap: left promiscuous mode [ 458.599491][ T63] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 458.658606][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 458.670524][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 458.681493][ T5844] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 458.691487][ T5844] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 458.703632][ T5844] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 458.859217][ T63] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 458.981966][ T63] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 459.136008][ T63] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 459.841783][ T63] bridge_slave_1: left allmulticast mode [ 459.859885][ T63] bridge_slave_1: left promiscuous mode [ 459.888140][ T63] bridge0: port 2(bridge_slave_1) entered disabled state [ 459.922924][ T63] bridge_slave_0: left allmulticast mode [ 459.948007][ T63] bridge_slave_0: left promiscuous mode [ 459.970305][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 460.500123][T10960] type: 4278190080 invalid [ 460.785250][ T5844] Bluetooth: hci1: command tx timeout [ 461.616045][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 461.663351][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 461.694615][ T63] bond0 (unregistering): Released all slaves [ 462.282887][T10935] chnl_net:caif_netlink_parms(): no params data found [ 462.883867][ T5844] Bluetooth: hci1: command tx timeout [ 463.460668][ T63] hsr_slave_0: left promiscuous mode [ 463.542868][ T63] hsr_slave_1: left promiscuous mode [ 463.584370][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 463.627392][ T63] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 463.731278][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 463.772466][ T63] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 463.918181][ T63] veth1_macvtap: left promiscuous mode [ 463.949553][ T5844] Bluetooth: hci3: unexpected event 0x07 length: 440 > 255 [ 463.961141][T11012] ima: policy update failed [ 463.984169][ T63] veth0_macvtap: left promiscuous mode [ 464.011202][ T63] veth1_vlan: left promiscuous mode [ 464.031960][ T30] audit: type=1802 audit(6040412375.830:8): pid=11012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1886" res=0 errno=0 [ 464.947917][ T5844] Bluetooth: hci1: command tx timeout [ 465.804739][ T63] team0 (unregistering): Port device team_slave_1 removed [ 465.967922][ T63] team0 (unregistering): Port device team_slave_0 removed [ 466.985004][T11046] netlink: 'syz.0.1895': attribute type 21 has an invalid length. [ 467.009904][T11046] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1895'. [ 467.027981][ T5844] Bluetooth: hci1: command tx timeout [ 467.039610][T11046] IPv6: NLM_F_CREATE should be specified when creating new route [ 467.119345][T10935] bridge0: port 1(bridge_slave_0) entered blocking state [ 467.147868][T10935] bridge0: port 1(bridge_slave_0) entered disabled state [ 467.156545][T10935] bridge_slave_0: entered allmulticast mode [ 467.232353][T10935] bridge_slave_0: entered promiscuous mode [ 467.352366][T10935] bridge0: port 2(bridge_slave_1) entered blocking state [ 467.383267][T10935] bridge0: port 2(bridge_slave_1) entered disabled state [ 467.423177][T10935] bridge_slave_1: entered allmulticast mode [ 467.472052][T10935] bridge_slave_1: entered promiscuous mode [ 467.707604][T10935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 467.775779][T10935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 468.141456][T10935] team0: Port device team_slave_0 added [ 468.206430][T10935] team0: Port device team_slave_1 added [ 468.456843][T10935] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 468.508338][T10935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 468.594187][T11067] FAULT_INJECTION: forcing a failure. [ 468.594187][T11067] name failslab, interval 1, probability 0, space 0, times 0 [ 468.697654][T10935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 468.747979][T11067] CPU: 1 UID: 0 PID: 11067 Comm: syz.0.1901 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 468.748015][T11067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 468.748030][T11067] Call Trace: [ 468.748038][T11067] <TASK> [ 468.748047][T11067] dump_stack_lvl+0x16c/0x1f0 [ 468.748087][T11067] should_fail_ex+0x512/0x640 [ 468.748116][T11067] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 468.748144][T11067] should_failslab+0xc2/0x120 [ 468.748175][T11067] __kmalloc_cache_noprof+0x6a/0x3e0 [ 468.748201][T11067] ? alloc_super+0x52/0xbd0 [ 468.748229][T11067] ? __pfx_test_keyed_super+0x10/0x10 [ 468.748263][T11067] alloc_super+0x52/0xbd0 [ 468.748283][T11067] ? sget_fc+0xd3/0xc20 [ 468.748307][T11067] ? __pfx_test_keyed_super+0x10/0x10 [ 468.748340][T11067] sget_fc+0x116/0xc20 [ 468.748364][T11067] ? __pfx_set_anon_super_fc+0x10/0x10 [ 468.748404][T11067] ? __pfx_nfsd_fill_super+0x10/0x10 [ 468.748427][T11067] get_tree_keyed+0x59/0x1d0 [ 468.748451][T11067] vfs_get_tree+0x8b/0x340 [ 468.748486][T11067] path_mount+0x14d4/0x1f30 [ 468.748514][T11067] ? kmem_cache_free+0x2d4/0x4d0 [ 468.748540][T11067] ? __pfx_path_mount+0x10/0x10 [ 468.748570][T11067] ? putname+0x154/0x1a0 [ 468.748602][T11067] __x64_sys_mount+0x28d/0x310 [ 468.748630][T11067] ? __pfx___x64_sys_mount+0x10/0x10 [ 468.748655][T11067] ? rcu_is_watching+0x12/0xc0 [ 468.748687][T11067] do_syscall_64+0xcd/0x230 [ 468.748723][T11067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.748747][T11067] RIP: 0033:0x7fb46998e969 [ 468.748765][T11067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 468.748789][T11067] RSP: 002b:00007fb46a848038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 468.748811][T11067] RAX: ffffffffffffffda RBX: 00007fb469bb5fa0 RCX: 00007fb46998e969 [ 468.748827][T11067] RDX: 00002000000005c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 468.748841][T11067] RBP: 00007fb469a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 468.748855][T11067] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 468.748869][T11067] R13: 0000000000000000 R14: 00007fb469bb5fa0 R15: 00007fff187bf848 [ 468.748898][T11067] </TASK> [ 469.022385][T10935] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 469.029557][T10935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 469.055492][T10935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 469.492635][T10935] hsr_slave_0: entered promiscuous mode [ 469.535302][T10935] hsr_slave_1: entered promiscuous mode [ 469.556602][T10935] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 469.596804][T11084] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1907'. [ 469.618826][T10935] Cannot create hsr debugfs directory [ 469.734296][T11088] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1908'. [ 469.982264][T11091] netlink: 'syz.2.1909': attribute type 4 has an invalid length. [ 469.993463][T11091] netlink: 314 bytes leftover after parsing attributes in process `syz.2.1909'. [ 470.043882][T11091] IPv6: NLM_F_CREATE should be specified when creating new route [ 470.077953][T11091] IPv6: NLM_F_REPLACE set, but no existing node found! [ 470.744924][T11101] random: crng reseeded on system resumption [ 471.043004][T10935] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 471.137027][T10935] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 471.437717][T10935] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 471.513289][T10935] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 472.124164][T10935] 8021q: adding VLAN 0 to HW filter on device bond0 [ 472.242004][T10935] 8021q: adding VLAN 0 to HW filter on device team0 [ 472.395658][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 472.402857][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 472.524038][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 472.531233][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 473.647179][T10935] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 474.011355][T11145] FAULT_INJECTION: forcing a failure. [ 474.011355][T11145] name failslab, interval 1, probability 0, space 0, times 0 [ 474.089020][T11145] CPU: 1 UID: 0 PID: 11145 Comm: syz.2.1920 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 474.089055][T11145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 474.089070][T11145] Call Trace: [ 474.089077][T11145] <TASK> [ 474.089086][T11145] dump_stack_lvl+0x16c/0x1f0 [ 474.089130][T11145] should_fail_ex+0x512/0x640 [ 474.089159][T11145] ? __kmalloc_noprof+0xbf/0x510 [ 474.089188][T11145] ? memcg_list_lru_alloc+0x4e9/0x740 [ 474.089218][T11145] should_failslab+0xc2/0x120 [ 474.089250][T11145] __kmalloc_noprof+0xd2/0x510 [ 474.089276][T11145] ? __lock_acquire+0x5ca/0x1ba0 [ 474.089314][T11145] memcg_list_lru_alloc+0x4e9/0x740 [ 474.089353][T11145] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 474.089392][T11145] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 474.089426][T11145] __memcg_slab_post_alloc_hook+0x131/0x940 [ 474.089465][T11145] ? kasan_save_track+0x14/0x30 [ 474.089495][T11145] kmem_cache_alloc_lru_noprof+0x30f/0x3b0 [ 474.089526][T11145] ? __d_alloc+0x31/0xaa0 [ 474.089553][T11145] ? __pfx_mqueue_fill_super+0x10/0x10 [ 474.089576][T11145] __d_alloc+0x31/0xaa0 [ 474.089600][T11145] ? mqueue_get_inode+0x285/0xdd0 [ 474.089650][T11145] ? __pfx_mqueue_fill_super+0x10/0x10 [ 474.089671][T11145] d_make_root+0x3e/0x90 [ 474.089696][T11145] mqueue_fill_super+0x13a/0x210 [ 474.089718][T11145] get_tree_nodev+0xda/0x190 [ 474.089742][T11145] mqueue_get_tree+0xf1/0x130 [ 474.089763][T11145] vfs_get_tree+0x8b/0x340 [ 474.089796][T11145] fc_mount+0x16/0xc0 [ 474.089827][T11145] mq_init_ns+0x426/0x620 [ 474.089854][T11145] copy_ipcs+0x383/0x610 [ 474.089878][T11145] ? copy_utsname+0xab/0x470 [ 474.089909][T11145] create_new_namespaces+0x20a/0xad0 [ 474.089937][T11145] ? security_capable+0x7e/0x260 [ 474.089963][T11145] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 474.089993][T11145] ksys_unshare+0x45b/0xa40 [ 474.090026][T11145] ? __pfx_ksys_unshare+0x10/0x10 [ 474.090057][T11145] ? xfd_validate_state+0x5d/0x180 [ 474.090081][T11145] ? rcu_is_watching+0x12/0xc0 [ 474.090110][T11145] __x64_sys_unshare+0x31/0x40 [ 474.090143][T11145] do_syscall_64+0xcd/0x230 [ 474.090178][T11145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 474.090200][T11145] RIP: 0033:0x7fc3b8d8e969 [ 474.090218][T11145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 474.090241][T11145] RSP: 002b:00007fc3b9c49038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 474.090262][T11145] RAX: ffffffffffffffda RBX: 00007fc3b8fb5fa0 RCX: 00007fc3b8d8e969 [ 474.090277][T11145] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 474.090291][T11145] RBP: 00007fc3b8e10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 474.090304][T11145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 474.090318][T11145] R13: 0000000000000000 R14: 00007fc3b8fb5fa0 R15: 00007ffca23b41b8 [ 474.090346][T11145] </TASK> [ 475.007969][T11154] Process accounting paused [ 475.608041][T10935] veth0_vlan: entered promiscuous mode [ 475.687979][T10935] veth1_vlan: entered promiscuous mode [ 475.808204][T10935] veth0_macvtap: entered promiscuous mode [ 475.884156][T10935] veth1_macvtap: entered promiscuous mode [ 476.049275][T10935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 476.132051][T10935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.195791][T10935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 476.292387][T10935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.355409][T10935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 476.448359][ T5844] Bluetooth: hci3: unexpected subevent 0x01 length: 122 > 18 [ 476.474028][T10935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.554138][T10935] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 476.635862][T10935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.737474][T10935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.790647][T10935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.867047][T10935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.928127][T10935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.950113][T11192] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1933'. [ 477.007821][T10935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.076872][T10935] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.134772][T10935] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.202843][T10935] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 477.293017][T10935] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.395468][T10935] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.438980][T10935] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.483673][T10935] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.642779][T11200] netlink: 158 bytes leftover after parsing attributes in process `syz.3.1936'. [ 477.692275][T11203] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1935'. [ 478.147266][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 478.192431][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.345188][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 478.396520][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.592916][T11211] netlink: 18 bytes leftover after parsing attributes in process `syz.0.1939'. [ 479.022807][T11221] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1940'. [ 479.497374][T11229] sp0: Synchronizing with TNC [ 480.630021][T11249] [U] [ 480.632862][T11249] [U] [ 480.635571][T11249] [U] [ 480.638281][T11249] [U] [ 480.691948][T11249] [U] [ 480.694789][T11249] [U] [ 480.697501][T11249] [U] [ 480.700212][T11249] [U] [ 480.746098][T11249] [U] [ 480.748849][T11249] [U] [ 480.751605][T11249] [U] [ 480.754315][T11249] [U] [ 480.802890][T11249] [U] [ 480.805652][T11249] [U] [ 480.808365][T11249] [U] [ 480.811073][T11249] [U] [ 480.848200][T11249] [U] [ 480.850954][T11249] [U] [ 480.853668][T11249] [U] [ 480.856395][T11249] [U] [ 480.917487][T11249] [U] [ 480.920242][T11249] [U] [ 480.922952][T11249] [U] [ 480.925669][T11249] [U] [ 481.006249][T11249] [U] [ 481.009004][T11249] [U] [ 481.011801][T11249] [U] [ 481.014507][T11249] [U] [ 481.085997][T11249] [U] [ 481.088748][T11249] [U] [ 481.091459][T11249] [U] [ 481.228012][T11248] [U] [ 482.034191][T11277] FAULT_INJECTION: forcing a failure. [ 482.034191][T11277] name failslab, interval 1, probability 0, space 0, times 0 [ 482.099684][T11277] CPU: 1 UID: 0 PID: 11277 Comm: syz.5.1951 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 482.099712][T11277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 482.099725][T11277] Call Trace: [ 482.099738][T11277] <TASK> [ 482.099746][T11277] dump_stack_lvl+0x16c/0x1f0 [ 482.099779][T11277] should_fail_ex+0x512/0x640 [ 482.099802][T11277] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 482.099825][T11277] should_failslab+0xc2/0x120 [ 482.099852][T11277] __kmalloc_cache_noprof+0x6a/0x3e0 [ 482.099873][T11277] ? subdev_open+0x7f/0x560 [ 482.099902][T11277] subdev_open+0x7f/0x560 [ 482.099929][T11277] v4l2_open+0x222/0x490 [ 482.099960][T11277] ? __pfx_v4l2_open+0x10/0x10 [ 482.099990][T11277] chrdev_open+0x231/0x6a0 [ 482.100012][T11277] ? __pfx_apparmor_file_open+0x10/0x10 [ 482.100039][T11277] ? __pfx_chrdev_open+0x10/0x10 [ 482.100064][T11277] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 482.100100][T11277] do_dentry_open+0x741/0x1c10 [ 482.100123][T11277] ? __pfx_chrdev_open+0x10/0x10 [ 482.100150][T11277] vfs_open+0x82/0x3f0 [ 482.100180][T11277] path_openat+0x1e5e/0x2d40 [ 482.100213][T11277] ? __pfx_path_openat+0x10/0x10 [ 482.100240][T11277] do_filp_open+0x20b/0x470 [ 482.100261][T11277] ? __pfx_do_filp_open+0x10/0x10 [ 482.100298][T11277] ? alloc_fd+0x471/0x7d0 [ 482.100323][T11277] do_sys_openat2+0x11b/0x1d0 [ 482.100351][T11277] ? __pfx_do_sys_openat2+0x10/0x10 [ 482.100377][T11277] ? __sock_release+0x20b/0x270 [ 482.100414][T11277] __x64_sys_openat+0x174/0x210 [ 482.100442][T11277] ? __pfx___x64_sys_openat+0x10/0x10 [ 482.100473][T11277] ? rcu_is_watching+0x12/0xc0 [ 482.100499][T11277] do_syscall_64+0xcd/0x230 [ 482.100530][T11277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.100550][T11277] RIP: 0033:0x7f8bde78e969 [ 482.100565][T11277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 482.100584][T11277] RSP: 002b:00007f8bdf683038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 482.100603][T11277] RAX: ffffffffffffffda RBX: 00007f8bde9b5fa0 RCX: 00007f8bde78e969 [ 482.100616][T11277] RDX: 0000000000060140 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 482.100629][T11277] RBP: 00007f8bde810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 482.100641][T11277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 482.100653][T11277] R13: 0000000000000000 R14: 00007f8bde9b5fa0 R15: 00007ffce0664088 [ 482.100677][T11277] </TASK> [ 482.518439][T11285] sp0: Synchronizing with TNC [ 483.057539][T11296] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1958'. [ 483.637002][T11305] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 483.725860][T11305] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 484.013248][T11313] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1962'. [ 484.108356][T11316] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1962'. [ 484.406560][T11311] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 484.488015][T11311] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 484.494592][T11311] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 484.679764][T11311] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 484.725937][T11311] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 484.832106][T11311] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 484.885142][T11311] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 484.920261][T11311] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 484.993786][T11311] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 485.060807][T11311] CPU0 is offline. [ 486.238064][T10442] Bluetooth: hci2: command 0x0c1a tx timeout [ 486.461619][ T1166] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.718354][T10442] Bluetooth: hci0: command 0x0c1a tx timeout [ 486.791756][ T1166] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.959084][T10442] Bluetooth: hci1: command 0x0c1a tx timeout [ 487.105448][ T1166] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.475887][ T1166] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.894404][ T1166] bridge_slave_1: left allmulticast mode [ 487.922349][ T1166] bridge_slave_1: left promiscuous mode [ 487.961559][ T1166] bridge0: port 2(bridge_slave_1) entered disabled state [ 488.013578][ T5844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 488.034099][ T5844] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 488.043294][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 488.056587][ T5844] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 488.065992][ T5844] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 488.099995][ T1166] bridge_slave_0: left allmulticast mode [ 488.136243][ T1166] bridge_slave_0: left promiscuous mode [ 488.159843][ T1166] bridge0: port 1(bridge_slave_0) entered disabled state [ 488.798478][ T5844] Bluetooth: hci0: command 0x0c1a tx timeout [ 488.854853][T11400] cifs: Unknown parameter 'no+ 1����`��r�sFn)��a�H��ā��h`����9k�A}���1\D@��.��Z�Cg^�' [ 489.038603][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout [ 489.496620][ T1166] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 489.535072][ T1166] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 489.574998][ T1166] bond0 (unregistering): Released all slaves [ 489.643213][T11393] FAULT_INJECTION: forcing a failure. [ 489.643213][T11393] name failslab, interval 1, probability 0, space 0, times 0 [ 489.700634][T11393] CPU: 1 UID: 0 PID: 11393 Comm: syz.5.1984 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 489.700665][T11393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 489.700677][T11393] Call Trace: [ 489.700684][T11393] <TASK> [ 489.700691][T11393] dump_stack_lvl+0x16c/0x1f0 [ 489.700731][T11393] should_fail_ex+0x512/0x640 [ 489.700754][T11393] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 489.700782][T11393] should_failslab+0xc2/0x120 [ 489.700809][T11393] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 489.700833][T11393] ? __kernfs_new_node+0xd2/0x8a0 [ 489.700857][T11393] __kernfs_new_node+0xd2/0x8a0 [ 489.700879][T11393] ? __pfx___kernfs_new_node+0x10/0x10 [ 489.700905][T11393] ? find_held_lock+0x2b/0x80 [ 489.700927][T11393] ? kernfs_root+0xee/0x2a0 [ 489.700951][T11393] kernfs_new_node+0x13c/0x1e0 [ 489.700979][T11393] __kernfs_create_file+0x53/0x350 [ 489.701010][T11393] sysfs_add_file_mode_ns+0x207/0x3c0 [ 489.701048][T11393] internal_create_group+0x578/0xf30 [ 489.701075][T11393] ? __pfx_internal_create_group+0x10/0x10 [ 489.701101][T11393] ? kernfs_create_link+0x1bd/0x240 [ 489.701132][T11393] internal_create_groups+0x9d/0x150 [ 489.701155][T11393] device_add+0xf30/0x1a70 [ 489.701181][T11393] ? __pfx_device_add+0x10/0x10 [ 489.701202][T11393] ? lockdep_init_map_type+0x5c/0x280 [ 489.701231][T11393] ? __init_waitqueue_head+0xca/0x150 [ 489.701256][T11393] netdev_register_kobject+0x182/0x3a0 [ 489.701292][T11393] register_netdevice+0x13dc/0x2270 [ 489.701327][T11393] ? __pfx_register_netdevice+0x10/0x10 [ 489.701364][T11393] slip_open+0xb86/0x1150 [ 489.701391][T11393] ? __pfx_slip_open+0x10/0x10 [ 489.701411][T11393] ? down_write+0x14d/0x200 [ 489.701444][T11393] ? __pfx_slip_open+0x10/0x10 [ 489.701464][T11393] tty_ldisc_open+0x9c/0x120 [ 489.701495][T11393] tty_set_ldisc+0x32b/0x780 [ 489.701527][T11393] tty_ioctl+0xc42/0x1610 [ 489.701547][T11393] ? __pfx_tty_ioctl+0x10/0x10 [ 489.701573][T11393] ? do_raw_spin_unlock+0x172/0x230 [ 489.701591][T11393] ? hook_file_ioctl_common+0x145/0x410 [ 489.701621][T11393] ? xfd_validate_state+0x5d/0x180 [ 489.701644][T11393] ? __pfx_tty_ioctl+0x10/0x10 [ 489.701663][T11393] __x64_sys_ioctl+0x190/0x200 [ 489.701695][T11393] do_syscall_64+0xcd/0x230 [ 489.701734][T11393] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 489.701754][T11393] RIP: 0033:0x7f8bde78e969 [ 489.701771][T11393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 489.701791][T11393] RSP: 002b:00007f8bdf683038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 489.701809][T11393] RAX: ffffffffffffffda RBX: 00007f8bde9b5fa0 RCX: 00007f8bde78e969 [ 489.701822][T11393] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000001 [ 489.701834][T11393] RBP: 00007f8bde810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 489.701846][T11393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 489.701858][T11393] R13: 0000000000000000 R14: 00007f8bde9b5fa0 R15: 00007ffce0664088 [ 489.701883][T11393] </TASK> [ 490.009803][T11393] Falling back ldisc for ttyS2. [ 490.455536][ T5844] Bluetooth: hci3: command tx timeout [ 490.897869][ T5844] Bluetooth: hci0: command 0x0c1a tx timeout [ 491.119468][ T5844] Bluetooth: hci1: command 0x0c1a tx timeout [ 491.137496][T11402] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1986'. [ 492.390235][T11428] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1992'. [ 492.481010][ T5844] Bluetooth: hci3: command tx timeout [ 492.938191][ T1166] hsr_slave_0: left promiscuous mode [ 492.956391][ T1166] hsr_slave_1: left promiscuous mode [ 492.986490][ T1166] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 493.033177][ T1166] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 493.064833][ T1166] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 493.084252][ T1166] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 493.115999][ T1166] veth0_macvtap: left promiscuous mode [ 493.141553][T11439] FAULT_INJECTION: forcing a failure. [ 493.141553][T11439] name failslab, interval 1, probability 0, space 0, times 0 [ 493.215576][T11439] CPU: 1 UID: 0 PID: 11439 Comm: syz.0.1994 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 493.215606][T11439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 493.215618][T11439] Call Trace: [ 493.215624][T11439] <TASK> [ 493.215632][T11439] dump_stack_lvl+0x16c/0x1f0 [ 493.215665][T11439] should_fail_ex+0x512/0x640 [ 493.215688][T11439] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 493.215711][T11439] should_failslab+0xc2/0x120 [ 493.215738][T11439] __kmalloc_cache_noprof+0x6a/0x3e0 [ 493.215758][T11439] ? lockdep_init_map_type+0x5c/0x280 [ 493.215790][T11439] ? dummy_hrtimer_create+0x45/0x170 [ 493.215816][T11439] dummy_hrtimer_create+0x45/0x170 [ 493.215839][T11439] ? __pfx_dummy_hrtimer_create+0x10/0x10 [ 493.215860][T11439] dummy_pcm_open+0xd1/0x5b0 [ 493.215880][T11439] snd_pcm_open_substream+0xa5d/0x17f0 [ 493.215906][T11439] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 493.215931][T11439] ? rcu_is_watching+0x12/0xc0 [ 493.215955][T11439] snd_pcm_open+0x29e/0x730 [ 493.215981][T11439] ? __pfx_snd_pcm_open+0x10/0x10 [ 493.216007][T11439] ? __pfx_default_wake_function+0x10/0x10 [ 493.216036][T11439] ? __pfx_snd_pcm_playback_open+0x10/0x10 [ 493.216076][T11439] snd_pcm_playback_open+0x86/0xe0 [ 493.216102][T11439] snd_open+0x1fe/0x450 [ 493.216134][T11439] ? __pfx_snd_open+0x10/0x10 [ 493.216164][T11439] chrdev_open+0x231/0x6a0 [ 493.216187][T11439] ? __pfx_apparmor_file_open+0x10/0x10 [ 493.216215][T11439] ? __pfx_chrdev_open+0x10/0x10 [ 493.216241][T11439] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 493.216279][T11439] do_dentry_open+0x741/0x1c10 [ 493.216303][T11439] ? __pfx_chrdev_open+0x10/0x10 [ 493.216332][T11439] vfs_open+0x82/0x3f0 [ 493.216364][T11439] path_openat+0x1e5e/0x2d40 [ 493.216413][T11439] ? __pfx_path_openat+0x10/0x10 [ 493.216441][T11439] do_filp_open+0x20b/0x470 [ 493.216462][T11439] ? __pfx_do_filp_open+0x10/0x10 [ 493.216502][T11439] ? alloc_fd+0x471/0x7d0 [ 493.216527][T11439] do_sys_openat2+0x11b/0x1d0 [ 493.216555][T11439] ? __pfx_do_sys_openat2+0x10/0x10 [ 493.216593][T11439] __x64_sys_openat+0x174/0x210 [ 493.216622][T11439] ? __pfx___x64_sys_openat+0x10/0x10 [ 493.216652][T11439] ? rcu_is_watching+0x12/0xc0 [ 493.216679][T11439] do_syscall_64+0xcd/0x230 [ 493.216711][T11439] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 493.216731][T11439] RIP: 0033:0x7fb46998e969 [ 493.216747][T11439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 493.216766][T11439] RSP: 002b:00007fb46a848038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 493.216785][T11439] RAX: ffffffffffffffda RBX: 00007fb469bb5fa0 RCX: 00007fb46998e969 [ 493.216798][T11439] RDX: 000000000016b042 RSI: 0000200000005480 RDI: ffffffffffffff9c [ 493.216811][T11439] RBP: 00007fb469a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 493.216822][T11439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 493.216834][T11439] R13: 0000000000000000 R14: 00007fb469bb5fa0 R15: 00007fff187bf848 [ 493.216859][T11439] </TASK> [ 493.814201][T11445] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1997'. [ 494.366179][ T1166] team0 (unregistering): Port device team_slave_1 removed [ 494.476360][ T1166] team0 (unregistering): Port device team_slave_0 removed [ 494.561479][ T5844] Bluetooth: hci3: command tx timeout [ 495.144548][T11454] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2000'. [ 495.177345][T11455] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2000'. [ 495.549864][T11468] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 495.758718][T11387] chnl_net:caif_netlink_parms(): no params data found [ 496.644986][ T5844] Bluetooth: hci3: command tx timeout [ 496.848599][T11387] bridge0: port 1(bridge_slave_0) entered blocking state [ 496.905543][T11387] bridge0: port 1(bridge_slave_0) entered disabled state [ 496.922606][T11499] netlink: 'syz.5.2009': attribute type 4 has an invalid length. [ 496.974053][T11387] bridge_slave_0: entered allmulticast mode [ 496.981329][T11387] bridge_slave_0: entered promiscuous mode [ 497.039565][T11499] netlink: 314 bytes leftover after parsing attributes in process `syz.5.2009'. [ 497.056838][T11387] bridge0: port 2(bridge_slave_1) entered blocking state [ 497.093350][T11387] bridge0: port 2(bridge_slave_1) entered disabled state [ 497.130878][T11387] bridge_slave_1: entered allmulticast mode [ 497.177143][T11387] bridge_slave_1: entered promiscuous mode [ 497.419820][T11387] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 497.520379][T11506] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2011'. [ 497.555452][T11387] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 497.749883][T11387] team0: Port device team_slave_0 added [ 497.807233][T11387] team0: Port device team_slave_1 added [ 498.139930][T11387] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 498.167879][T11518] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2013'. [ 498.184195][T11387] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 498.316716][T11387] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 498.396693][T11387] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 498.435854][T11387] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 498.633084][T11387] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 499.198408][T11533] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2017'. [ 499.286225][T11387] hsr_slave_0: entered promiscuous mode [ 499.292488][T11387] hsr_slave_1: entered promiscuous mode [ 499.358788][T11387] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 499.403847][T11387] Cannot create hsr debugfs directory [ 499.411802][T11542] FAULT_INJECTION: forcing a failure. [ 499.411802][T11542] name failslab, interval 1, probability 0, space 0, times 0 [ 499.658320][T11542] CPU: 1 UID: 0 PID: 11542 Comm: syz.5.2019 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 499.658349][T11542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 499.658362][T11542] Call Trace: [ 499.658369][T11542] <TASK> [ 499.658380][T11542] dump_stack_lvl+0x16c/0x1f0 [ 499.658414][T11542] should_fail_ex+0x512/0x640 [ 499.658459][T11542] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 499.658491][T11542] should_failslab+0xc2/0x120 [ 499.658522][T11542] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 499.658549][T11542] ? __proc_create+0xc3/0x8c0 [ 499.658576][T11542] ? __proc_create+0x2ce/0x8c0 [ 499.658607][T11542] __proc_create+0x2ce/0x8c0 [ 499.658635][T11542] ? __pfx___proc_create+0x10/0x10 [ 499.658661][T11542] ? _raw_write_unlock+0x28/0x50 [ 499.658692][T11542] ? proc_register+0x314/0x5f0 [ 499.658728][T11542] _proc_mkdir+0xb9/0x200 [ 499.658757][T11542] ? __pfx__proc_mkdir+0x10/0x10 [ 499.658797][T11542] ? __pfx_netfilter_net_init+0x10/0x10 [ 499.658825][T11542] netfilter_net_init+0x37b/0x4b0 [ 499.658852][T11542] ? sysctl_net_init+0x27/0x30 [ 499.658886][T11542] ops_init+0x1df/0x5f0 [ 499.658923][T11542] setup_net+0x21e/0x850 [ 499.658959][T11542] ? __pfx_setup_net+0x10/0x10 [ 499.658991][T11542] ? lockdep_init_map_type+0x5c/0x280 [ 499.659024][T11542] ? __pfx_down_read_killable+0x10/0x10 [ 499.659050][T11542] ? debug_mutex_init+0x37/0x70 [ 499.659076][T11542] copy_net_ns+0x2a6/0x5f0 [ 499.659116][T11542] create_new_namespaces+0x3ea/0xad0 [ 499.659150][T11542] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 499.659182][T11542] ksys_unshare+0x45b/0xa40 [ 499.659217][T11542] ? __pfx_ksys_unshare+0x10/0x10 [ 499.659249][T11542] ? xfd_validate_state+0x5d/0x180 [ 499.659275][T11542] ? rcu_is_watching+0x12/0xc0 [ 499.659306][T11542] __x64_sys_unshare+0x31/0x40 [ 499.659340][T11542] do_syscall_64+0xcd/0x230 [ 499.659381][T11542] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 499.659404][T11542] RIP: 0033:0x7f8bde78e969 [ 499.659422][T11542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 499.659445][T11542] RSP: 002b:00007f8bdf683038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 499.659467][T11542] RAX: ffffffffffffffda RBX: 00007f8bde9b5fa0 RCX: 00007f8bde78e969 [ 499.659483][T11542] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 499.659497][T11542] RBP: 00007f8bde810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 499.659511][T11542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 499.659525][T11542] R13: 0000000000000000 R14: 00007f8bde9b5fa0 R15: 00007ffce0664088 [ 499.659555][T11542] </TASK> [ 500.213965][T11542] cannot create netfilter proc entry [ 502.636198][T11587] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2029'. [ 502.746218][T11587] netlink: 302 bytes leftover after parsing attributes in process `syz.3.2029'. [ 503.056095][T11596] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2030'. [ 503.069895][T11593] netlink: 'syz.5.2028': attribute type 19 has an invalid length. [ 503.134539][T11593] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2028'. [ 503.168680][T11596] netlink: 350 bytes leftover after parsing attributes in process `syz.0.2030'. [ 504.193088][T11387] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 504.330923][T11387] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 504.900306][T11387] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 504.975919][T11387] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 505.200379][T11631] netlink: 146 bytes leftover after parsing attributes in process `syz.3.2037'. [ 505.793698][T11387] 8021q: adding VLAN 0 to HW filter on device bond0 [ 505.920703][T11387] 8021q: adding VLAN 0 to HW filter on device team0 [ 506.042736][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 506.049919][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 506.154939][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 506.162112][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 506.439042][T11387] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 506.586286][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.592692][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.913868][T11655] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2044'. [ 507.351236][T11387] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 507.658440][T11387] veth0_vlan: entered promiscuous mode [ 507.759901][T11387] veth1_vlan: entered promiscuous mode [ 507.934083][T11387] veth0_macvtap: entered promiscuous mode [ 507.989947][T11387] veth1_macvtap: entered promiscuous mode [ 508.103431][T11387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 508.171234][T11387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.250978][T11387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 508.304136][T11387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.338558][T11387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 508.380954][T11387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.426538][T11387] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 508.490430][T11682] mkiss: ax0: crc mode is auto. [ 508.568803][T11387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 508.644831][T11387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.711856][T11387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 508.786611][T11387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.869220][T11387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 508.921811][T11387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 508.983184][T11387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 509.058632][T11387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 509.144073][T11387] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 509.432616][T11387] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 509.485442][T11387] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 509.534538][T11387] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 509.596701][T11387] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 510.128601][ T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 510.192530][ T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 510.356516][ T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 510.417209][ T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 511.700824][T11735] sp0: Synchronizing with TNC [ 511.742942][T11741] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2063'. [ 512.165141][ T5844] Bluetooth: hci3: unexpected event 0x05 length: 440 > 4 [ 512.479163][T11756] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2068'. [ 512.651975][T11755] ovs_: entered promiscuous mode [ 513.026155][T11766] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2069'. [ 513.251691][T11772] netlink: 338 bytes leftover after parsing attributes in process `syz.5.2069'. [ 513.436170][T11776] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2072'. [ 513.581631][T11780] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2072'. [ 515.564197][T11813] ovs_: entered promiscuous mode [ 516.805788][T11830] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2090'. [ 516.964848][T11830] net veth1_virt_wifi �: renamed from virt_wifi0 [ 519.924113][T11884] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2091'. [ 519.995548][T11884] netlink: 354 bytes leftover after parsing attributes in process `syz.2.2091'. [ 520.701741][T11896] netlink: 146 bytes leftover after parsing attributes in process `syz.5.2095'. [ 522.618465][T11928] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2101'. [ 522.717592][T11928] bridge0: port 2(bridge_slave_1) entered disabled state [ 523.100602][T11928] bridge_slave_1 (unregistering): left allmulticast mode [ 523.157920][T11928] bridge_slave_1 (unregistering): left promiscuous mode [ 523.208230][T11928] bridge0: port 2(bridge_slave_1) entered disabled state 1 [ 527.118652][T11977] netlink: 22 bytes leftover after parsing attributes in process `syz.2.2114'. [ 527.605317][T11979] FAULT_INJECTION: forcing a failure. [ 527.605317][T11979] name failslab, interval 1, probability 0, space 0, times 0 [ 527.826764][T11979] CPU: 1 UID: 0 PID: 11979 Comm: syz.3.2115 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 527.826794][T11979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 527.826807][T11979] Call Trace: [ 527.826813][T11979] <TASK> [ 527.826821][T11979] dump_stack_lvl+0x16c/0x1f0 [ 527.826855][T11979] should_fail_ex+0x512/0x640 [ 527.826878][T11979] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 527.826904][T11979] should_failslab+0xc2/0x120 [ 527.826931][T11979] __kmalloc_cache_noprof+0x6a/0x3e0 [ 527.826952][T11979] ? snd_seq_timer_new+0x42/0x190 [ 527.826983][T11979] snd_seq_timer_new+0x42/0x190 [ 527.827009][T11979] snd_seq_queue_alloc+0x177/0x550 [ 527.827035][T11979] snd_seq_ioctl_create_queue+0xa9/0x380 [ 527.827066][T11979] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 527.827100][T11979] alloc_seq_queue+0xda/0x180 [ 527.827131][T11979] ? __pfx_alloc_seq_queue+0x10/0x10 [ 527.827177][T11979] ? mark_held_locks+0x49/0x80 [ 527.827204][T11979] ? _raw_spin_unlock_irq+0x23/0x50 [ 527.827256][T11979] snd_seq_oss_open+0x38c/0xa20 [ 527.827315][T11979] odev_open+0x6f/0x90 [ 527.827347][T11979] ? __pfx_odev_open+0x10/0x10 [ 527.827379][T11979] soundcore_open+0x409/0x580 [ 527.827416][T11979] ? __pfx_soundcore_open+0x10/0x10 [ 527.827468][T11979] chrdev_open+0x231/0x6a0 [ 527.827494][T11979] ? __pfx_apparmor_file_open+0x10/0x10 [ 527.827526][T11979] ? __pfx_chrdev_open+0x10/0x10 [ 527.827556][T11979] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 527.827599][T11979] do_dentry_open+0x741/0x1c10 [ 527.827626][T11979] ? __pfx_chrdev_open+0x10/0x10 [ 527.827662][T11979] vfs_open+0x82/0x3f0 [ 527.827697][T11979] path_openat+0x1e5e/0x2d40 [ 527.827733][T11979] ? __pfx_path_openat+0x10/0x10 [ 527.827766][T11979] do_filp_open+0x20b/0x470 [ 527.827791][T11979] ? __pfx_do_filp_open+0x10/0x10 [ 527.827837][T11979] ? alloc_fd+0x471/0x7d0 [ 527.827867][T11979] do_sys_openat2+0x11b/0x1d0 [ 527.827900][T11979] ? __pfx_do_sys_openat2+0x10/0x10 [ 527.827945][T11979] __x64_sys_openat+0x174/0x210 [ 527.827979][T11979] ? __pfx___x64_sys_openat+0x10/0x10 [ 527.828015][T11979] ? rcu_is_watching+0x12/0xc0 [ 527.828047][T11979] do_syscall_64+0xcd/0x230 [ 527.828083][T11979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.828107][T11979] RIP: 0033:0x7f5bd9f8e969 [ 527.828126][T11979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 527.828149][T11979] RSP: 002b:00007f5bd7df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 527.828171][T11979] RAX: ffffffffffffffda RBX: 00007f5bda1b5fa0 RCX: 00007f5bd9f8e969 [ 527.828186][T11979] RDX: 00000000001c8300 RSI: 0000200000000540 RDI: ffffffffffffff9c [ 527.828202][T11979] RBP: 00007f5bda010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 527.828217][T11979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 527.828231][T11979] R13: 0000000000000000 R14: 00007f5bda1b5fa0 R15: 00007ffecef221e8 [ 527.828267][T11979] </TASK> [ 528.474130][T11987] FAULT_INJECTION: forcing a failure. [ 528.474130][T11987] name failslab, interval 1, probability 0, space 0, times 0 [ 528.558190][T11987] CPU: 1 UID: 0 PID: 11987 Comm: syz.5.2118 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 528.558220][T11987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 528.558232][T11987] Call Trace: [ 528.558239][T11987] <TASK> [ 528.558246][T11987] dump_stack_lvl+0x16c/0x1f0 [ 528.558278][T11987] should_fail_ex+0x512/0x640 [ 528.558302][T11987] ? __kmalloc_noprof+0xbf/0x510 [ 528.558328][T11987] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 528.558352][T11987] should_failslab+0xc2/0x120 [ 528.558378][T11987] __kmalloc_noprof+0xd2/0x510 [ 528.558410][T11987] apply_wqattrs_prepare+0xf8/0xbd0 [ 528.558462][T11987] apply_workqueue_attrs_locked+0x64/0xe0 [ 528.558492][T11987] __alloc_workqueue+0x1007/0x1810 [ 528.558535][T11987] alloc_workqueue+0xd2/0x200 [ 528.558566][T11987] ? __pfx_alloc_workqueue+0x10/0x10 [ 528.558596][T11987] ? __init_waitqueue_head+0xca/0x150 [ 528.558623][T11987] ? lockdep_init_map_type+0x5c/0x280 [ 528.558657][T11987] ? __alloc_disk_node+0x3fd/0x610 [ 528.558694][T11987] nbd_dev_add+0x526/0xbb0 [ 528.558730][T11987] ? __pfx_nbd_dev_add+0x10/0x10 [ 528.558762][T11987] ? nbd_genl_connect+0x98e/0x1c20 [ 528.558816][T11987] ? bpf_lsm_capable+0x9/0x10 [ 528.558843][T11987] ? __radix_tree_lookup+0x21f/0x2c0 [ 528.558880][T11987] nbd_genl_connect+0x8b0/0x1c20 [ 528.558922][T11987] ? __pfx_nbd_genl_connect+0x10/0x10 [ 528.558959][T11987] ? __nla_parse+0x40/0x60 [ 528.558996][T11987] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 528.559038][T11987] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 528.559086][T11987] genl_family_rcv_msg_doit+0x206/0x2f0 [ 528.559118][T11987] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 528.559159][T11987] ? genl_get_cmd+0x194/0x580 [ 528.559202][T11987] ? __local_bh_enable_ip+0xa4/0x120 [ 528.559234][T11987] ? __dev_queue_xmit+0x896/0x43e0 [ 528.559259][T11987] ? __radix_tree_lookup+0x21f/0x2c0 [ 528.559295][T11987] genl_rcv_msg+0x55c/0x800 [ 528.559320][T11987] ? __pfx_genl_rcv_msg+0x10/0x10 [ 528.559341][T11987] ? __pfx___dev_queue_xmit+0x10/0x10 [ 528.559367][T11987] ? __pfx_nbd_genl_connect+0x10/0x10 [ 528.559407][T11987] ? __lock_acquire+0xaa4/0x1ba0 [ 528.559445][T11987] netlink_rcv_skb+0x16a/0x440 [ 528.559478][T11987] ? __pfx_genl_rcv_msg+0x10/0x10 [ 528.559502][T11987] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 528.559552][T11987] ? __pfx_down_read+0x10/0x10 [ 528.559587][T11987] ? netlink_deliver_tap+0x1ae/0xd30 [ 528.559623][T11987] genl_rcv+0x28/0x40 [ 528.559666][T11987] netlink_unicast+0x53a/0x7f0 [ 528.559710][T11987] ? __pfx_netlink_unicast+0x10/0x10 [ 528.559737][T11987] ? __lock_acquire+0xaa4/0x1ba0 [ 528.559770][T11987] netlink_sendmsg+0x8d1/0xdd0 [ 528.559803][T11987] ? __pfx_netlink_sendmsg+0x10/0x10 [ 528.559842][T11987] ____sys_sendmsg+0xa95/0xc70 [ 528.559862][T11987] ? copy_msghdr_from_user+0x10a/0x160 [ 528.559888][T11987] ? __pfx_____sys_sendmsg+0x10/0x10 [ 528.559911][T11987] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 528.559944][T11987] ___sys_sendmsg+0x134/0x1d0 [ 528.559972][T11987] ? __pfx____sys_sendmsg+0x10/0x10 [ 528.560031][T11987] __sys_sendmsg+0x16d/0x220 [ 528.560057][T11987] ? __pfx___sys_sendmsg+0x10/0x10 [ 528.560083][T11987] ? __x64_sys_futex+0x1e0/0x4c0 [ 528.560118][T11987] ? rcu_is_watching+0x12/0xc0 [ 528.560146][T11987] do_syscall_64+0xcd/0x230 [ 528.560178][T11987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.560198][T11987] RIP: 0033:0x7f8bde78e969 [ 528.560214][T11987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 528.560233][T11987] RSP: 002b:00007f8bdf683038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 528.560253][T11987] RAX: ffffffffffffffda RBX: 00007f8bde9b5fa0 RCX: 00007f8bde78e969 [ 528.560266][T11987] RDX: 0000000000008880 RSI: 0000200000001e00 RDI: 0000000000000006 [ 528.560279][T11987] RBP: 00007f8bde810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 528.560290][T11987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 528.560302][T11987] R13: 0000000000000000 R14: 00007f8bde9b5fa0 R15: 00007ffce0664088 [ 528.560328][T11987] </TASK> [ 529.601155][T11987] block (null): Could not allocate knbd recv work queue. [ 529.641832][T11987] nbd: failed to add new device [ 531.378822][T12005] [U] [ 531.381710][T12005] [U] [ 531.384428][T12005] [U] [ 531.387141][T12005] [U] [ 531.510327][T12005] [U] [ 531.513123][T12005] [U] [ 531.515873][T12005] [U] [ 531.518600][T12005] [U] [ 531.538260][T12007] netlink: 'syz.0.2127': attribute type 15 has an invalid length. [ 531.620516][T12007] netlink: 'syz.0.2127': attribute type 16 has an invalid length. [ 531.633429][T12005] [U] [ 531.636204][T12005] [U] [ 531.638968][T12005] [U] [ 531.641693][T12005] [U] [ 531.692160][T12007] netlink: 'syz.0.2127': attribute type 17 has an invalid length. [ 531.742354][T12005] [U] [ 531.745115][T12005] [U] [ 531.747824][T12005] [U] [ 531.750522][T12005] [U] [ 531.783563][T12007] netlink: 'syz.0.2127': attribute type 19 has an invalid length. [ 531.858813][T12007] netlink: 238 bytes leftover after parsing attributes in process `syz.0.2127'. [ 531.875483][T12005] [U] [ 531.878214][T12005] [U] [ 531.880912][T12005] [U] [ 531.883607][T12005] [U] [ 531.984144][T12005] [U] [ 531.986931][T12005] [U] [ 531.989826][T12005] [U] [ 531.992538][T12005] [U] [ 532.130236][T12005] [U] [ 532.132975][T12005] [U] [ 532.135667][T12005] [U] [ 532.138360][T12005] [U] [ 532.350261][T12005] [U] [ 532.673854][T12014] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2129'. [ 532.984421][T12018] mkiss: ax0: crc mode is auto. [ 534.591431][T12038] [U] [ 534.594274][T12038] [U] [ 534.596982][T12038] [U] [ 534.599701][T12038] [U] [ 534.757063][T12038] [U] [ 534.759821][T12038] [U] [ 534.762529][T12038] [U] [ 534.765238][T12038] [U] [ 534.907666][T12042] [U] [ 535.104159][T12046] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 538.196702][T12072] FAULT_INJECTION: forcing a failure. [ 538.196702][T12072] name failslab, interval 1, probability 0, space 0, times 0 [ 538.329082][T12072] CPU: 1 UID: 0 PID: 12072 Comm: syz.2.2148 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 538.329118][T12072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 538.329133][T12072] Call Trace: [ 538.329140][T12072] <TASK> [ 538.329149][T12072] dump_stack_lvl+0x16c/0x1f0 [ 538.329192][T12072] should_fail_ex+0x512/0x640 [ 538.329220][T12072] ? fs_reclaim_acquire+0xae/0x150 [ 538.329268][T12072] should_failslab+0xc2/0x120 [ 538.329299][T12072] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 538.329329][T12072] ? security_inode_alloc+0x3b/0x2b0 [ 538.329360][T12072] security_inode_alloc+0x3b/0x2b0 [ 538.329388][T12072] inode_init_always_gfp+0xce4/0x1030 [ 538.329417][T12072] alloc_inode+0x86/0x240 [ 538.329448][T12072] path_from_stashed+0x2be/0xb00 [ 538.329472][T12072] ? do_raw_spin_lock+0x12c/0x2b0 [ 538.329496][T12072] ? __pfx_path_from_stashed+0x10/0x10 [ 538.329523][T12072] ? do_raw_spin_unlock+0x172/0x230 [ 538.329568][T12072] ns_get_path+0x5f/0x80 [ 538.329590][T12072] proc_ns_get_link+0x121/0x260 [ 538.329613][T12072] ? __pfx_proc_ns_get_link+0x10/0x10 [ 538.329636][T12072] ? __pfx___might_resched+0x10/0x10 [ 538.329668][T12072] ? __pfx_proc_ns_get_link+0x10/0x10 [ 538.329691][T12072] step_into+0x1b22/0x2270 [ 538.329734][T12072] ? __pfx_step_into+0x10/0x10 [ 538.329770][T12072] ? find_held_lock+0x2b/0x80 [ 538.329802][T12072] path_openat+0x749/0x2d40 [ 538.329837][T12072] ? __pfx_path_openat+0x10/0x10 [ 538.329869][T12072] do_filp_open+0x20b/0x470 [ 538.329893][T12072] ? __pfx_do_filp_open+0x10/0x10 [ 538.329938][T12072] ? alloc_fd+0x471/0x7d0 [ 538.329967][T12072] do_sys_openat2+0x11b/0x1d0 [ 538.330000][T12072] ? __pfx_do_sys_openat2+0x10/0x10 [ 538.330044][T12072] __x64_sys_openat+0x174/0x210 [ 538.330078][T12072] ? __pfx___x64_sys_openat+0x10/0x10 [ 538.330114][T12072] ? rcu_is_watching+0x12/0xc0 [ 538.330146][T12072] do_syscall_64+0xcd/0x230 [ 538.330182][T12072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 538.330206][T12072] RIP: 0033:0x7f7f8098d2d0 [ 538.330225][T12072] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 538.330254][T12072] RSP: 002b:00007f7f81817f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 538.330276][T12072] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f7f8098d2d0 [ 538.330291][T12072] RDX: 0000000000000002 RSI: 00007f7f81817fa0 RDI: 00000000ffffff9c [ 538.330307][T12072] RBP: 00007f7f81817fa0 R08: 0000000000000000 R09: 0000000000000000 [ 538.330321][T12072] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 538.330335][T12072] R13: 0000000000000000 R14: 00007f7f80bb5fa0 R15: 00007fff834cc6f8 [ 538.330364][T12072] </TASK> [ 539.199679][T12080] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2151'. [ 540.016730][T12094] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2156'. [ 540.802558][ T5844] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 540.967493][T12109] FAULT_INJECTION: forcing a failure. [ 540.967493][T12109] name failslab, interval 1, probability 0, space 0, times 0 [ 541.034136][T12109] CPU: 1 UID: 0 PID: 12109 Comm: syz.2.2162 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 541.034166][T12109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 541.034178][T12109] Call Trace: [ 541.034185][T12109] <TASK> [ 541.034192][T12109] dump_stack_lvl+0x16c/0x1f0 [ 541.034225][T12109] should_fail_ex+0x512/0x640 [ 541.034252][T12109] ? vmci_handle_arr_create+0x67/0x140 [ 541.034278][T12109] should_failslab+0xc2/0x120 [ 541.034304][T12109] __kmalloc_noprof+0xd2/0x510 [ 541.034330][T12109] ? lockdep_init_map_type+0x5c/0x280 [ 541.034360][T12109] ? lockdep_init_map_type+0x5c/0x280 [ 541.034390][T12109] vmci_handle_arr_create+0x67/0x140 [ 541.034417][T12109] vmci_ctx_create+0x22a/0x740 [ 541.034439][T12109] vmci_host_unlocked_ioctl+0x1a94/0x2010 [ 541.034469][T12109] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 541.034514][T12109] ? find_held_lock+0x2b/0x80 [ 541.034532][T12109] ? hook_file_ioctl_common+0x145/0x410 [ 541.034560][T12109] ? __fget_files+0x20e/0x3c0 [ 541.034581][T12109] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 541.034610][T12109] __x64_sys_ioctl+0x190/0x200 [ 541.034640][T12109] do_syscall_64+0xcd/0x230 [ 541.034671][T12109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 541.034691][T12109] RIP: 0033:0x7f7f8098e969 [ 541.034706][T12109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 541.034742][T12109] RSP: 002b:00007f7f81818038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 541.034761][T12109] RAX: ffffffffffffffda RBX: 00007f7f80bb5fa0 RCX: 00007f7f8098e969 [ 541.034774][T12109] RDX: 0000000000000006 RSI: 00000000000007a0 RDI: 0000000000000003 [ 541.034786][T12109] RBP: 00007f7f80a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 541.034797][T12109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 541.034809][T12109] R13: 0000000000000000 R14: 00007f7f80bb5fa0 R15: 00007fff834cc6f8 [ 541.034834][T12109] </TASK> [ 541.762129][T12111] sp0: Synchronizing with TNC [ 541.785818][T12114] sp0: Found TNC [ 542.039379][T12116] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2165'. [ 545.081259][T12171] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2184'. [ 545.176165][T12173] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2184'. [ 545.268177][T12175] netlink: 'syz.2.2186': attribute type 64 has an invalid length. [ 545.300132][T12171] netlink: 286 bytes leftover after parsing attributes in process `syz.3.2184'. [ 545.341983][T12175] netlink: 74 bytes leftover after parsing attributes in process `syz.2.2186'. [ 546.180522][T12188] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 546.235139][T12188] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 546.983426][T12201] FAULT_INJECTION: forcing a failure. [ 546.983426][T12201] name failslab, interval 1, probability 0, space 0, times 0 [ 547.063964][T12201] CPU: 1 UID: 0 PID: 12201 Comm: syz.5.2195 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 547.063994][T12201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 547.064006][T12201] Call Trace: [ 547.064012][T12201] <TASK> [ 547.064020][T12201] dump_stack_lvl+0x16c/0x1f0 [ 547.064054][T12201] should_fail_ex+0x512/0x640 [ 547.064077][T12201] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 547.064101][T12201] should_failslab+0xc2/0x120 [ 547.064127][T12201] __kmalloc_cache_noprof+0x6a/0x3e0 [ 547.064147][T12201] ? __lock_acquire+0xaa4/0x1ba0 [ 547.064174][T12201] ? snd_timer_instance_new+0x47/0x2e0 [ 547.064210][T12201] snd_timer_instance_new+0x47/0x2e0 [ 547.064242][T12201] snd_seq_timer_open+0x1cc/0x5e0 [ 547.064270][T12201] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 547.064298][T12201] ? find_held_lock+0x2b/0x80 [ 547.064322][T12201] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 547.064348][T12201] ? lockdep_hardirqs_on+0x7c/0x110 [ 547.064376][T12201] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 547.064411][T12201] queue_use+0xe3/0x250 [ 547.064433][T12201] snd_seq_queue_alloc+0x2e5/0x550 [ 547.064459][T12201] snd_seq_ioctl_create_queue+0xa9/0x380 [ 547.064489][T12201] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 547.064524][T12201] alloc_seq_queue+0xda/0x180 [ 547.064555][T12201] ? __pfx_alloc_seq_queue+0x10/0x10 [ 547.064600][T12201] ? mark_held_locks+0x49/0x80 [ 547.064626][T12201] ? _raw_spin_unlock_irq+0x23/0x50 [ 547.064653][T12201] snd_seq_oss_open+0x38c/0xa20 [ 547.064689][T12201] odev_open+0x6f/0x90 [ 547.064716][T12201] ? __pfx_odev_open+0x10/0x10 [ 547.064745][T12201] soundcore_open+0x409/0x580 [ 547.064775][T12201] ? __pfx_soundcore_open+0x10/0x10 [ 547.064803][T12201] chrdev_open+0x231/0x6a0 [ 547.064825][T12201] ? __pfx_apparmor_file_open+0x10/0x10 [ 547.064852][T12201] ? __pfx_chrdev_open+0x10/0x10 [ 547.064877][T12201] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 547.064913][T12201] do_dentry_open+0x741/0x1c10 [ 547.064936][T12201] ? __pfx_chrdev_open+0x10/0x10 [ 547.064963][T12201] vfs_open+0x82/0x3f0 [ 547.064993][T12201] path_openat+0x1e5e/0x2d40 [ 547.065023][T12201] ? __pfx_path_openat+0x10/0x10 [ 547.065051][T12201] do_filp_open+0x20b/0x470 [ 547.065072][T12201] ? __pfx_do_filp_open+0x10/0x10 [ 547.065110][T12201] ? alloc_fd+0x471/0x7d0 [ 547.065136][T12201] do_sys_openat2+0x11b/0x1d0 [ 547.065163][T12201] ? __pfx_do_sys_openat2+0x10/0x10 [ 547.065201][T12201] __x64_sys_openat+0x174/0x210 [ 547.065230][T12201] ? __pfx___x64_sys_openat+0x10/0x10 [ 547.065261][T12201] ? rcu_is_watching+0x12/0xc0 [ 547.065288][T12201] do_syscall_64+0xcd/0x230 [ 547.065319][T12201] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.065339][T12201] RIP: 0033:0x7f8bde78e969 [ 547.065355][T12201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 547.065375][T12201] RSP: 002b:00007f8bdf683038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 547.065393][T12201] RAX: ffffffffffffffda RBX: 00007f8bde9b5fa0 RCX: 00007f8bde78e969 [ 547.065412][T12201] RDX: 00000000001c8300 RSI: 0000200000000540 RDI: ffffffffffffff9c [ 547.065425][T12201] RBP: 00007f8bde810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 547.065437][T12201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 547.065449][T12201] R13: 0000000000000000 R14: 00007f8bde9b5fa0 R15: 00007ffce0664088 [ 547.065475][T12201] </TASK> [ 548.147727][T12207] netlink: 'syz.0.2199': attribute type 4 has an invalid length. [ 548.214413][T12207] netlink: 314 bytes leftover after parsing attributes in process `syz.0.2199'. [ 548.407123][T12214] netlink: 334 bytes leftover after parsing attributes in process `syz.5.2202'. [ 550.669708][T12241] sp0: Synchronizing with TNC [ 552.521030][T12279] FAULT_INJECTION: forcing a failure. [ 552.521030][T12279] name failslab, interval 1, probability 0, space 0, times 0 [ 552.584651][T12279] CPU: 1 UID: 0 PID: 12279 Comm: syz.3.2228 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 552.584680][T12279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 552.584692][T12279] Call Trace: [ 552.584698][T12279] <TASK> [ 552.584705][T12279] dump_stack_lvl+0x16c/0x1f0 [ 552.584739][T12279] should_fail_ex+0x512/0x640 [ 552.584763][T12279] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 552.584787][T12279] should_failslab+0xc2/0x120 [ 552.584813][T12279] __kmalloc_cache_noprof+0x6a/0x3e0 [ 552.584834][T12279] ? vmci_ctx_create+0xbb/0x740 [ 552.584857][T12279] vmci_ctx_create+0xbb/0x740 [ 552.584885][T12279] vmci_host_unlocked_ioctl+0x1a94/0x2010 [ 552.584916][T12279] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 552.584962][T12279] ? find_held_lock+0x2b/0x80 [ 552.584983][T12279] ? hook_file_ioctl_common+0x145/0x410 [ 552.585011][T12279] ? __fget_files+0x20e/0x3c0 [ 552.585034][T12279] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 552.585063][T12279] __x64_sys_ioctl+0x190/0x200 [ 552.585095][T12279] do_syscall_64+0xcd/0x230 [ 552.585126][T12279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.585146][T12279] RIP: 0033:0x7f5bd9f8e969 [ 552.585161][T12279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 552.585181][T12279] RSP: 002b:00007f5bd7df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 552.585200][T12279] RAX: ffffffffffffffda RBX: 00007f5bda1b5fa0 RCX: 00007f5bd9f8e969 [ 552.585213][T12279] RDX: 0000000000000006 RSI: 00000000000007a0 RDI: 0000000000000003 [ 552.585225][T12279] RBP: 00007f5bda010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 552.585237][T12279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 552.585249][T12279] R13: 0000000000000000 R14: 00007f5bda1b5fa0 R15: 00007ffecef221e8 [ 552.585274][T12279] </TASK> [ 552.585281][T12279] Failed to allocate memory for VMCI context [ 553.933943][T12293] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2241'. [ 554.745608][T10442] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 555.087799][T12317] netlink: 244 bytes leftover after parsing attributes in process `syz.2.2242'. [ 555.381622][T12320] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2243'. [ 555.449854][T12320] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2243'. [ 555.513107][T12320] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2243'. [ 555.598360][T12325] netlink: 302 bytes leftover after parsing attributes in process `syz.2.2243'. [ 558.655958][T12366] FAULT_INJECTION: forcing a failure. [ 558.655958][T12366] name failslab, interval 1, probability 0, space 0, times 0 [ 558.752138][T12366] CPU: 1 UID: 0 PID: 12366 Comm: syz.2.2258 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 558.752169][T12366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 558.752182][T12366] Call Trace: [ 558.752188][T12366] <TASK> [ 558.752196][T12366] dump_stack_lvl+0x16c/0x1f0 [ 558.752231][T12366] should_fail_ex+0x512/0x640 [ 558.752256][T12366] ? __kmalloc_noprof+0xbf/0x510 [ 558.752283][T12366] ? __register_sysctl_table+0xb3/0x1900 [ 558.752308][T12366] should_failslab+0xc2/0x120 [ 558.752345][T12366] __kmalloc_noprof+0xd2/0x510 [ 558.752376][T12366] __register_sysctl_table+0xb3/0x1900 [ 558.752403][T12366] ? is_module_address+0x5f/0xf0 [ 558.752438][T12366] ? __pfx___register_sysctl_table+0x10/0x10 [ 558.752463][T12366] ? is_module_address+0x69/0xf0 [ 558.752491][T12366] ? register_net_sysctl_sz+0x228/0x3e0 [ 558.752525][T12366] ? __asan_memcpy+0x3c/0x60 [ 558.752549][T12366] xfrm4_net_init+0xf0/0x1c0 [ 558.752583][T12366] ? __pfx_xfrm4_net_init+0x10/0x10 [ 558.752615][T12366] ops_init+0x1df/0x5f0 [ 558.752648][T12366] setup_net+0x21e/0x850 [ 558.752681][T12366] ? __pfx_setup_net+0x10/0x10 [ 558.752709][T12366] ? lockdep_init_map_type+0x5c/0x280 [ 558.752740][T12366] ? __pfx_down_read_killable+0x10/0x10 [ 558.752782][T12366] ? debug_mutex_init+0x37/0x70 [ 558.752821][T12366] copy_net_ns+0x2a6/0x5f0 [ 558.752856][T12366] create_new_namespaces+0x3ea/0xad0 [ 558.752888][T12366] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 558.752916][T12366] ksys_unshare+0x45b/0xa40 [ 558.752948][T12366] ? __pfx_ksys_unshare+0x10/0x10 [ 558.752977][T12366] ? xfd_validate_state+0x5d/0x180 [ 558.753000][T12366] ? rcu_is_watching+0x12/0xc0 [ 558.753027][T12366] __x64_sys_unshare+0x31/0x40 [ 558.753057][T12366] do_syscall_64+0xcd/0x230 [ 558.753090][T12366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 558.753111][T12366] RIP: 0033:0x7f7f8098e969 [ 558.753127][T12366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 558.753148][T12366] RSP: 002b:00007f7f81818038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 558.753168][T12366] RAX: ffffffffffffffda RBX: 00007f7f80bb5fa0 RCX: 00007f7f8098e969 [ 558.753182][T12366] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 558.753197][T12366] RBP: 00007f7f80a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 558.753210][T12366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 558.753222][T12366] R13: 0000000000000000 R14: 00007f7f80bb5fa0 R15: 00007fff834cc6f8 [ 558.753248][T12366] </TASK> [ 559.005876][ C1] vkms_vblank_simulate: vblank timer overrun [ 559.579683][T12375] misc userio: The device must be registered before sending interrupts [ 559.882274][T12382] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2263'. [ 561.158037][T12406] Console: switching to colour VGA+ 80x25 [ 561.327948][T12406] Console: switching to colour frame buffer device 128x48 [ 562.568935][T12436] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2277'. [ 563.425255][T12453] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2284'. [ 563.932764][T12462] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2289'. [ 564.003712][T12462] netlink: 354 bytes leftover after parsing attributes in process `syz.5.2289'. [ 565.149645][T12485] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2297'. [ 565.386043][T12492] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2300'. [ 565.768088][T12499] FAULT_INJECTION: forcing a failure. [ 565.768088][T12499] name failslab, interval 1, probability 0, space 0, times 0 [ 565.818775][T12499] CPU: 1 UID: 0 PID: 12499 Comm: syz.0.2302 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 565.818809][T12499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 565.818826][T12499] Call Trace: [ 565.818833][T12499] <TASK> [ 565.818842][T12499] dump_stack_lvl+0x16c/0x1f0 [ 565.818880][T12499] should_fail_ex+0x512/0x640 [ 565.818908][T12499] ? __kmalloc_noprof+0xbf/0x510 [ 565.818937][T12499] ? __register_sysctl_table+0xb3/0x1900 [ 565.818965][T12499] should_failslab+0xc2/0x120 [ 565.818996][T12499] __kmalloc_noprof+0xd2/0x510 [ 565.819030][T12499] __register_sysctl_table+0xb3/0x1900 [ 565.819058][T12499] ? is_module_address+0x5f/0xf0 [ 565.819096][T12499] ? __pfx___register_sysctl_table+0x10/0x10 [ 565.819123][T12499] ? is_module_address+0x69/0xf0 [ 565.819155][T12499] ? register_net_sysctl_sz+0x228/0x3e0 [ 565.819194][T12499] ? __asan_memcpy+0x3c/0x60 [ 565.819220][T12499] xfrm4_net_init+0xf0/0x1c0 [ 565.819259][T12499] ? __pfx_xfrm4_net_init+0x10/0x10 [ 565.819295][T12499] ops_init+0x1df/0x5f0 [ 565.819332][T12499] setup_net+0x21e/0x850 [ 565.819368][T12499] ? __pfx_setup_net+0x10/0x10 [ 565.819400][T12499] ? lockdep_init_map_type+0x5c/0x280 [ 565.819434][T12499] ? __pfx_down_read_killable+0x10/0x10 [ 565.819459][T12499] ? debug_mutex_init+0x37/0x70 [ 565.819486][T12499] copy_net_ns+0x2a6/0x5f0 [ 565.819525][T12499] create_new_namespaces+0x3ea/0xad0 [ 565.819560][T12499] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 565.819602][T12499] ksys_unshare+0x45b/0xa40 [ 565.819637][T12499] ? __pfx_ksys_unshare+0x10/0x10 [ 565.819677][T12499] ? xfd_validate_state+0x5d/0x180 [ 565.819702][T12499] ? rcu_is_watching+0x12/0xc0 [ 565.819742][T12499] __x64_sys_unshare+0x31/0x40 [ 565.819784][T12499] do_syscall_64+0xcd/0x230 [ 565.819815][T12499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 565.819834][T12499] RIP: 0033:0x7fb46998e969 [ 565.819849][T12499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 565.819869][T12499] RSP: 002b:00007fb46a848038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 565.819887][T12499] RAX: ffffffffffffffda RBX: 00007fb469bb5fa0 RCX: 00007fb46998e969 [ 565.819900][T12499] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 565.819912][T12499] RBP: 00007fb469a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 565.819924][T12499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 565.819935][T12499] R13: 0000000000000000 R14: 00007fb469bb5fa0 R15: 00007fff187bf848 [ 565.819961][T12499] </TASK> [ 566.078968][ C1] vkms_vblank_simulate: vblank timer overrun [ 566.751081][T12515] openvswitch: netlink: IP tunnel dst address not specified [ 567.607797][T12525] FAULT_INJECTION: forcing a failure. [ 567.607797][T12525] name failslab, interval 1, probability 0, space 0, times 0 [ 567.687750][T12525] CPU: 1 UID: 0 PID: 12525 Comm: syz.2.2312 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 567.687786][T12525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 567.687799][T12525] Call Trace: [ 567.687806][T12525] <TASK> [ 567.687813][T12525] dump_stack_lvl+0x16c/0x1f0 [ 567.687846][T12525] should_fail_ex+0x512/0x640 [ 567.687870][T12525] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 567.687894][T12525] should_failslab+0xc2/0x120 [ 567.687921][T12525] __kmalloc_cache_noprof+0x6a/0x3e0 [ 567.687942][T12525] ? snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 567.687964][T12525] ? kasan_save_track+0x14/0x30 [ 567.687989][T12525] snd_pcm_oss_change_params_locked+0x247/0x3b40 [ 567.688012][T12525] ? rcu_is_watching+0x12/0xc0 [ 567.688035][T12525] ? __mutex_lock+0x1ca/0xb90 [ 567.688065][T12525] ? __lock_acquire+0xaa4/0x1ba0 [ 567.688092][T12525] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 567.688115][T12525] ? __pfx___mutex_lock+0x10/0x10 [ 567.688143][T12525] ? __lock_acquire+0xaa4/0x1ba0 [ 567.688185][T12525] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 567.688207][T12525] snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 567.688228][T12525] ? lockdep_hardirqs_on+0x7c/0x110 [ 567.688258][T12525] snd_pcm_oss_poll+0x549/0xaf0 [ 567.688280][T12525] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 567.688298][T12525] ? __fget_files+0x20e/0x3c0 [ 567.688322][T12525] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 567.688341][T12525] do_select+0xd67/0x17d0 [ 567.688377][T12525] ? __pfx_do_select+0x10/0x10 [ 567.688412][T12525] ? find_held_lock+0x2b/0x80 [ 567.688433][T12525] ? finish_task_switch.isra.0+0x21c/0xc10 [ 567.688460][T12525] ? __pfx_pollwake+0x10/0x10 [ 567.688523][T12525] ? __pfx_pollwake+0x10/0x10 [ 567.688599][T12525] ? find_held_lock+0x2b/0x80 [ 567.688622][T12525] ? __might_fault+0xe3/0x190 [ 567.688650][T12525] ? __might_fault+0xe3/0x190 [ 567.688676][T12525] ? __might_fault+0x13b/0x190 [ 567.688714][T12525] ? core_sys_select+0x440/0xbe0 [ 567.688735][T12525] core_sys_select+0x440/0xbe0 [ 567.688763][T12525] ? __pfx_core_sys_select+0x10/0x10 [ 567.688816][T12525] ? read_tsc+0x9/0x20 [ 567.688846][T12525] ? ktime_get_ts64+0x256/0x400 [ 567.688883][T12525] kern_select+0x15d/0x1e0 [ 567.688905][T12525] ? __pfx_kern_select+0x10/0x10 [ 567.688927][T12525] ? xfd_validate_state+0x5d/0x180 [ 567.688958][T12525] ? rcu_is_watching+0x12/0xc0 [ 567.688986][T12525] __x64_sys_select+0xbd/0x160 [ 567.689007][T12525] ? do_syscall_64+0x91/0x230 [ 567.689040][T12525] ? lockdep_hardirqs_on+0x7c/0x110 [ 567.689072][T12525] do_syscall_64+0xcd/0x230 [ 567.689108][T12525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 567.689132][T12525] RIP: 0033:0x7f7f8098e969 [ 567.689149][T12525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 567.689173][T12525] RSP: 002b:00007f7f81818038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 567.689194][T12525] RAX: ffffffffffffffda RBX: 00007f7f80bb5fa0 RCX: 00007f7f8098e969 [ 567.689210][T12525] RDX: 0000200000000500 RSI: 0000200000000480 RDI: 0000000000000009 [ 567.689226][T12525] RBP: 00007f7f80a10ab1 R08: 0000200000000600 R09: 0000000000000000 [ 567.689240][T12525] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000000 [ 567.689254][T12525] R13: 0000000000000000 R14: 00007f7f80bb5fa0 R15: 00007fff834cc6f8 [ 567.689284][T12525] </TASK> [ 568.563689][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.574815][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 569.354956][T12542] Console: switching to colour VGA+ 80x25 [ 569.628432][T12542] Console: switching to colour frame buffer device 128x48 [ 569.858603][T12547] FAULT_INJECTION: forcing a failure. [ 569.858603][T12547] name failslab, interval 1, probability 0, space 0, times 0 [ 569.904307][T12549] FAULT_INJECTION: forcing a failure. [ 569.904307][T12549] name failslab, interval 1, probability 0, space 0, times 0 [ 569.931353][T12547] CPU: 1 UID: 0 PID: 12547 Comm: syz.2.2320 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 569.931381][T12547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 569.931394][T12547] Call Trace: [ 569.931400][T12547] <TASK> [ 569.931407][T12547] dump_stack_lvl+0x16c/0x1f0 [ 569.931440][T12547] should_fail_ex+0x512/0x640 [ 569.931464][T12547] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 569.931487][T12547] should_failslab+0xc2/0x120 [ 569.931514][T12547] __kmalloc_cache_noprof+0x6a/0x3e0 [ 569.931535][T12547] ? do_signalfd4+0x172/0x420 [ 569.931558][T12547] do_signalfd4+0x172/0x420 [ 569.931579][T12547] __x64_sys_signalfd+0x120/0x1a0 [ 569.931599][T12547] ? __pfx___x64_sys_signalfd+0x10/0x10 [ 569.931618][T12547] ? rcu_is_watching+0x12/0xc0 [ 569.931645][T12547] do_syscall_64+0xcd/0x230 [ 569.931676][T12547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.931696][T12547] RIP: 0033:0x7f7f8098e969 [ 569.931711][T12547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 569.931730][T12547] RSP: 002b:00007f7f81818038 EFLAGS: 00000246 ORIG_RAX: 000000000000011a [ 569.931748][T12547] RAX: ffffffffffffffda RBX: 00007f7f80bb5fa0 RCX: 00007f7f8098e969 [ 569.931761][T12547] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 00000000ffffffff [ 569.931773][T12547] RBP: 00007f7f80a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 569.931785][T12547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 569.931796][T12547] R13: 0000000000000000 R14: 00007f7f80bb5fa0 R15: 00007fff834cc6f8 [ 569.931821][T12547] </TASK> [ 570.094774][ C1] vkms_vblank_simulate: vblank timer overrun [ 570.294396][T12549] CPU: 1 UID: 0 PID: 12549 Comm: syz.5.2319 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 570.294430][T12549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 570.294443][T12549] Call Trace: [ 570.294450][T12549] <TASK> [ 570.294458][T12549] dump_stack_lvl+0x16c/0x1f0 [ 570.294494][T12549] should_fail_ex+0x512/0x640 [ 570.294519][T12549] ? __kmalloc_noprof+0xbf/0x510 [ 570.294547][T12549] ? __register_sysctl_table+0xb3/0x1900 [ 570.294582][T12549] should_failslab+0xc2/0x120 [ 570.294609][T12549] __kmalloc_noprof+0xd2/0x510 [ 570.294638][T12549] __register_sysctl_table+0xb3/0x1900 [ 570.294662][T12549] ? is_module_address+0x5f/0xf0 [ 570.294694][T12549] ? __pfx___register_sysctl_table+0x10/0x10 [ 570.294718][T12549] ? is_module_address+0x69/0xf0 [ 570.294745][T12549] ? register_net_sysctl_sz+0x228/0x3e0 [ 570.294777][T12549] ? __asan_memcpy+0x3c/0x60 [ 570.294799][T12549] xfrm4_net_init+0xf0/0x1c0 [ 570.294831][T12549] ? __pfx_xfrm4_net_init+0x10/0x10 [ 570.294861][T12549] ops_init+0x1df/0x5f0 [ 570.294892][T12549] setup_net+0x21e/0x850 [ 570.294923][T12549] ? __pfx_setup_net+0x10/0x10 [ 570.294949][T12549] ? lockdep_init_map_type+0x5c/0x280 [ 570.294978][T12549] ? __pfx_down_read_killable+0x10/0x10 [ 570.294999][T12549] ? debug_mutex_init+0x37/0x70 [ 570.295022][T12549] copy_net_ns+0x2a6/0x5f0 [ 570.295055][T12549] create_new_namespaces+0x3ea/0xad0 [ 570.295085][T12549] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 570.295111][T12549] ksys_unshare+0x45b/0xa40 [ 570.295141][T12549] ? __pfx_ksys_unshare+0x10/0x10 [ 570.295168][T12549] ? xfd_validate_state+0x5d/0x180 [ 570.295190][T12549] ? rcu_is_watching+0x12/0xc0 [ 570.295215][T12549] __x64_sys_unshare+0x31/0x40 [ 570.295252][T12549] do_syscall_64+0xcd/0x230 [ 570.295284][T12549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 570.295304][T12549] RIP: 0033:0x7f8bde78e969 [ 570.295320][T12549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 570.295340][T12549] RSP: 002b:00007f8bdf683038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 570.295358][T12549] RAX: ffffffffffffffda RBX: 00007f8bde9b5fa0 RCX: 00007f8bde78e969 [ 570.295372][T12549] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 570.295384][T12549] RBP: 00007f8bde810ab1 R08: 0000000000000000 R09: 0000000000000000 [ 570.295396][T12549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 570.295408][T12549] R13: 0000000000000000 R14: 00007f8bde9b5fa0 R15: 00007ffce0664088 [ 570.295433][T12549] </TASK> [ 570.551487][ C1] vkms_vblank_simulate: vblank timer overrun [ 572.583187][T12561] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2325'. [ 573.121674][T12567] input: jJǸ-���9�%v����l��Q� J86�� as /devices/virtual/input/input14 [ 573.596446][T12575] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2330'. [ 575.677069][T12589] Console: switching to colour VGA+ 80x25 [ 575.808878][T12589] Console: switching to colour frame buffer device 128x48 [ 577.176748][T12620] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2342'. [ 577.285014][T12620] geneve1: entered allmulticast mode [ 579.811982][T12679] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2359'. [ 579.848442][T12679] : renamed from bond_slave_1 (while UP) [ 581.551014][ C1] sd 0:0:1:0: [sda] tag#155 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 581.561397][ C1] sd 0:0:1:0: [sda] tag#155 CDB: Read(6) 08 00 00 00 09 00 00 00 00 00 00 00 [ 582.246994][T12711] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2373'. [ 582.994621][T12729] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2378'. [ 585.100400][T12757] netlink: 'syz.0.2387': attribute type 29 has an invalid length. [ 585.738215][T12771] FAULT_INJECTION: forcing a failure. [ 585.738215][T12771] name failslab, interval 1, probability 0, space 0, times 0 [ 585.787391][T12776] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2397'. [ 585.826378][T12771] CPU: 1 UID: 0 PID: 12771 Comm: syz.3.2395 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 585.826412][T12771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 585.826425][T12771] Call Trace: [ 585.826432][T12771] <TASK> [ 585.826440][T12771] dump_stack_lvl+0x16c/0x1f0 [ 585.826478][T12771] should_fail_ex+0x512/0x640 [ 585.826523][T12771] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 585.826551][T12771] should_failslab+0xc2/0x120 [ 585.826581][T12771] __kmalloc_cache_noprof+0x6a/0x3e0 [ 585.826606][T12771] ? do_signalfd4+0x172/0x420 [ 585.826632][T12771] do_signalfd4+0x172/0x420 [ 585.826656][T12771] __x64_sys_signalfd+0x120/0x1a0 [ 585.826680][T12771] ? __pfx___x64_sys_signalfd+0x10/0x10 [ 585.826702][T12771] ? rcu_is_watching+0x12/0xc0 [ 585.826734][T12771] do_syscall_64+0xcd/0x230 [ 585.826774][T12771] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 585.826797][T12771] RIP: 0033:0x7f5bd9f8e969 [ 585.826816][T12771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 585.826844][T12771] RSP: 002b:00007f5bd7df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000011a [ 585.826866][T12771] RAX: ffffffffffffffda RBX: 00007f5bda1b5fa0 RCX: 00007f5bd9f8e969 [ 585.826882][T12771] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 00000000ffffffff [ 585.826895][T12771] RBP: 00007f5bda010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 585.826910][T12771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 585.826924][T12771] R13: 0000000000000000 R14: 00007f5bda1b5fa0 R15: 00007ffecef221e8 [ 585.826952][T12771] </TASK> [ 586.781768][T12787] FAULT_INJECTION: forcing a failure. [ 586.781768][T12787] name failslab, interval 1, probability 0, space 0, times 0 [ 586.885947][T12787] CPU: 1 UID: 0 PID: 12787 Comm: syz.0.2401 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 586.885977][T12787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 586.885989][T12787] Call Trace: [ 586.885995][T12787] <TASK> [ 586.886002][T12787] dump_stack_lvl+0x16c/0x1f0 [ 586.886035][T12787] should_fail_ex+0x512/0x640 [ 586.886059][T12787] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 586.886087][T12787] should_failslab+0xc2/0x120 [ 586.886114][T12787] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 586.886139][T12787] ? anon_vma_fork+0x200/0x620 [ 586.886166][T12787] anon_vma_fork+0x200/0x620 [ 586.886190][T12787] copy_process+0x88be/0x91a0 [ 586.886236][T12787] ? __pfx_copy_process+0x10/0x10 [ 586.886261][T12787] ? __pfx___futex_wait+0x10/0x10 [ 586.886312][T12787] kernel_clone+0xfc/0x960 [ 586.886340][T12787] ? __pfx_kernel_clone+0x10/0x10 [ 586.886382][T12787] __do_sys_clone+0xce/0x120 [ 586.886409][T12787] ? __pfx___do_sys_clone+0x10/0x10 [ 586.886436][T12787] ? ksys_unshare+0x687/0xa40 [ 586.886476][T12787] ? rcu_is_watching+0x12/0xc0 [ 586.886503][T12787] do_syscall_64+0xcd/0x230 [ 586.886534][T12787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 586.886557][T12787] RIP: 0033:0x7fb46998e969 [ 586.886572][T12787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 586.886591][T12787] RSP: 002b:00007fb46a847fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 586.886610][T12787] RAX: ffffffffffffffda RBX: 00007fb469bb5fa0 RCX: 00007fb46998e969 [ 586.886624][T12787] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 586.886635][T12787] RBP: 00007fb469a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 586.886647][T12787] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 586.886658][T12787] R13: 0000000000000000 R14: 00007fb469bb5fa0 R15: 00007fff187bf848 [ 586.886684][T12787] </TASK> [ 587.414883][T12799] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2404'. [ 587.512247][T12799] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 587.519586][T12799] IPv6: NLM_F_CREATE should be set when creating new route [ 587.526803][T12799] IPv6: NLM_F_CREATE should be set when creating new route [ 587.656611][T12802] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2404'. [ 588.516184][T12813] netlink: 'syz.3.2409': attribute type 16 has an invalid length. [ 588.561822][T12813] netlink: 50 bytes leftover after parsing attributes in process `syz.3.2409'. [ 589.374643][T12833] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2419'. [ 589.455516][T12833] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2419'. [ 589.523395][T12838] netlink: 126 bytes leftover after parsing attributes in process `syz.2.2419'. [ 589.822080][T12844] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2423'. [ 589.870205][T12846] FAULT_INJECTION: forcing a failure. [ 589.870205][T12846] name failslab, interval 1, probability 0, space 0, times 0 [ 589.946743][T12846] CPU: 1 UID: 0 PID: 12846 Comm: syz.2.2424 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 589.946771][T12846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 589.946784][T12846] Call Trace: [ 589.946808][T12846] <TASK> [ 589.946815][T12846] dump_stack_lvl+0x16c/0x1f0 [ 589.946851][T12846] should_fail_ex+0x512/0x640 [ 589.946876][T12846] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 589.946904][T12846] should_failslab+0xc2/0x120 [ 589.946944][T12846] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 589.946968][T12846] ? mas_alloc_nodes+0x18b/0x8b0 [ 589.946998][T12846] mas_alloc_nodes+0x18b/0x8b0 [ 589.947027][T12846] mas_node_count_gfp+0x105/0x130 [ 589.947072][T12846] mas_preallocate+0x53e/0xcd0 [ 589.947097][T12846] ? __pfx_mas_preallocate+0x10/0x10 [ 589.947126][T12846] ? mt_find+0x757/0xa30 [ 589.947161][T12846] vma_link+0x135/0x6a0 [ 589.947189][T12846] ? __pfx_vma_link+0x10/0x10 [ 589.947229][T12846] insert_vm_struct+0x196/0x3e0 [ 589.947251][T12846] ? __pfx_insert_vm_struct+0x10/0x10 [ 589.947275][T12846] ? lockdep_init_map_type+0x5c/0x280 [ 589.947308][T12846] alloc_bprm+0x76d/0xdd0 [ 589.947332][T12846] do_execveat_common.isra.0+0x1ce/0x610 [ 589.947358][T12846] __x64_sys_execve+0x8e/0xb0 [ 589.947380][T12846] do_syscall_64+0xcd/0x230 [ 589.947412][T12846] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.947439][T12846] RIP: 0033:0x7f7f8098e969 [ 589.947456][T12846] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 589.947478][T12846] RSP: 002b:00007f7f81818038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 589.947498][T12846] RAX: ffffffffffffffda RBX: 00007f7f80bb5fa0 RCX: 00007f7f8098e969 [ 589.947513][T12846] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000001c0 [ 589.947526][T12846] RBP: 00007f7f80a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 589.947550][T12846] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 589.947563][T12846] R13: 0000000000000000 R14: 00007f7f80bb5fa0 R15: 00007fff834cc6f8 [ 589.947587][T12846] </TASK> [ 590.955574][T12860] netlink: 306 bytes leftover after parsing attributes in process `syz.0.2430'. [ 590.987523][T12860] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2430'. [ 591.025642][T12860] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2430'. [ 591.306103][T12865] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2432'. [ 591.359196][T12865] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2432'. [ 592.035583][T12879] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2437'. [ 592.791468][T12891] netlink: 'syz.0.2443': attribute type 32 has an invalid length. [ 593.507331][T12901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78800 [ 593.556418][T12903] FAULT_INJECTION: forcing a failure. [ 593.556418][T12903] name failslab, interval 1, probability 0, space 0, times 0 [ 593.584642][T12901] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 593.642150][T12903] CPU: 1 UID: 0 PID: 12903 Comm: syz.0.2448 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 593.642178][T12903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 593.642190][T12903] Call Trace: [ 593.642197][T12903] <TASK> [ 593.642204][T12903] dump_stack_lvl+0x16c/0x1f0 [ 593.642236][T12903] should_fail_ex+0x512/0x640 [ 593.642259][T12903] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 593.642287][T12903] should_failslab+0xc2/0x120 [ 593.642313][T12903] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 593.642339][T12903] ? ptlock_alloc+0x1f/0x70 [ 593.642363][T12903] ptlock_alloc+0x1f/0x70 [ 593.642383][T12903] pte_alloc_one+0x6d/0x380 [ 593.642408][T12903] __pte_alloc+0x6d/0x3c0 [ 593.642436][T12903] ? __pfx___pte_alloc+0x10/0x10 [ 593.642470][T12903] do_pte_missing+0x2925/0x3fb0 [ 593.642492][T12903] ? mtree_range_walk+0x718/0xc00 [ 593.642519][T12903] ? find_held_lock+0x2b/0x80 [ 593.642542][T12903] __handle_mm_fault+0x103d/0x2a40 [ 593.642571][T12903] ? __pfx___handle_mm_fault+0x10/0x10 [ 593.642614][T12903] handle_mm_fault+0x3fe/0xad0 [ 593.642640][T12903] __get_user_pages+0x771/0x36f0 [ 593.642665][T12903] ? __pfx_mt_find+0x10/0x10 [ 593.642696][T12903] ? __pfx___get_user_pages+0x10/0x10 [ 593.642724][T12903] populate_vma_page_range+0x278/0x3a0 [ 593.642747][T12903] ? __pfx_populate_vma_page_range+0x10/0x10 [ 593.642767][T12903] ? __pfx_find_vma_intersection+0x10/0x10 [ 593.642800][T12903] ? do_mmap+0x69c/0x11b0 [ 593.642833][T12903] __mm_populate+0x1d8/0x380 [ 593.642854][T12903] ? __pfx___mm_populate+0x10/0x10 [ 593.642876][T12903] ? up_write+0x1b2/0x520 [ 593.642908][T12903] vm_mmap_pgoff+0x362/0x450 [ 593.642941][T12903] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 593.642977][T12903] ? __x64_sys_futex+0x1e0/0x4c0 [ 593.642999][T12903] ? __x64_sys_futex+0x1e9/0x4c0 [ 593.643025][T12903] ksys_mmap_pgoff+0x7d/0x5c0 [ 593.643056][T12903] ? rcu_is_watching+0x12/0xc0 [ 593.643078][T12903] __x64_sys_mmap+0x125/0x190 [ 593.643103][T12903] do_syscall_64+0xcd/0x230 [ 593.643138][T12903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.643159][T12903] RIP: 0033:0x7fb46998e969 [ 593.643175][T12903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 593.643195][T12903] RSP: 002b:00007fb46a848038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 593.643213][T12903] RAX: ffffffffffffffda RBX: 00007fb469bb5fa0 RCX: 00007fb46998e969 [ 593.643226][T12903] RDX: 00800000000000df RSI: 0000000000400005 RDI: 0000000000000000 [ 593.643239][T12903] RBP: 00007fb469a10ab1 R08: 0000000000000002 R09: 0000000000008000 [ 593.643251][T12903] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 593.643262][T12903] R13: 0000000000000000 R14: 00007fb469bb5fa0 R15: 00007fff187bf848 [ 593.643287][T12903] </TASK> [ 594.240972][T12901] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 594.283557][T12901] page_type: f5(slab) [ 594.308314][T12901] raw: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001 [ 594.352387][T12901] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 594.431091][T12901] head: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001 [ 594.536310][T12904] could not allocate digest TFM handle [ 594.563543][T12901] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 594.601314][T12901] head: 00fff00000000003 ffffea0001e20001 00000000ffffffff 00000000ffffffff [ 594.637377][T12901] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 594.677776][T12901] page dumped because: unmovable page [ 594.701198][T12901] page_owner tracks the page as allocated [ 594.725347][T12901] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5212, tgid 5212 (udevd), ts 309806705673, free_ts 309736317458 [ 594.804491][T12901] post_alloc_hook+0x181/0x1b0 [ 594.822508][T12901] get_page_from_freelist+0x135c/0x3920 [ 594.828165][T12901] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 594.851526][T12901] alloc_pages_mpol+0x1fb/0x550 [ 594.856416][T12901] new_slab+0x244/0x340 [ 594.871593][T12901] ___slab_alloc+0xd9c/0x1940 [ 594.876332][T12901] __slab_alloc.constprop.0+0x56/0xb0 [ 594.904372][T12901] __kmalloc_noprof+0x2f2/0x510 [ 594.909741][T12901] tomoyo_realpath_from_path+0xc2/0x6e0 [ 594.921418][T12901] tomoyo_path_perm+0x274/0x460 [ 594.926300][T12901] security_inode_getattr+0x116/0x290 [ 594.951784][T12901] vfs_statx+0x11d/0x3e0 [ 594.956091][T12901] vfs_fstatat+0x7b/0xf0 [ 594.960381][T12901] __do_sys_newfstatat+0xa1/0x130 [ 594.981555][T12901] do_syscall_64+0xcd/0x230 [ 595.005752][T12901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.013343][T12901] page last free pid 5829 tgid 5829 stack trace: [ 595.031500][T12901] __free_frozen_pages+0x69d/0xff0 [ 595.043935][T12901] __folio_put+0x329/0x450 [ 595.051614][T12901] skb_release_data+0x618/0x960 [ 595.068707][T12901] __kfree_skb+0x4f/0x70 [ 595.078822][T12901] tcp_ack+0x19b2/0x5c90 [ 595.085927][T12901] tcp_rcv_established+0xcf0/0x2180 [ 595.106838][T12901] tcp_v4_do_rcv+0x5ca/0xa90 [ 595.131442][T12901] __release_sock+0x31b/0x400 [ 595.136152][T12901] release_sock+0x5a/0x220 [ 595.203576][T12901] tcp_sendmsg+0x38/0x50 [ 595.207871][T12901] inet_sendmsg+0xb9/0x140 [ 595.231542][T12901] sock_write_iter+0x4aa/0x5b0 [ 595.243563][T12901] vfs_write+0x5ba/0x1180 [ 595.259918][T12901] ksys_write+0x205/0x240 [ 595.278294][T12901] do_syscall_64+0xcd/0x230 [ 595.298068][T12901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.836636][T12922] FAULT_INJECTION: forcing a failure. [ 595.836636][T12922] name failslab, interval 1, probability 0, space 0, times 0 [ 595.902018][T12922] CPU: 1 UID: 0 PID: 12922 Comm: syz.3.2454 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 595.902048][T12922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 595.902061][T12922] Call Trace: [ 595.902068][T12922] <TASK> [ 595.902076][T12922] dump_stack_lvl+0x16c/0x1f0 [ 595.902110][T12922] should_fail_ex+0x512/0x640 [ 595.902135][T12922] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 595.902164][T12922] should_failslab+0xc2/0x120 [ 595.902192][T12922] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 595.902217][T12922] ? acpi_evaluate_integer+0xdd/0x200 [ 595.902245][T12922] ? status_show+0xa0/0x120 [ 595.902262][T12922] ? dev_attr_show+0x53/0xe0 [ 595.902282][T12922] ? acpi_ps_alloc_op+0x25f/0x310 [ 595.902307][T12922] acpi_ps_alloc_op+0x25f/0x310 [ 595.902326][T12922] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 595.902359][T12922] acpi_ps_create_op+0x3dc/0xc20 [ 595.902395][T12922] ? __pfx_acpi_ps_create_op+0x10/0x10 [ 595.902439][T12922] acpi_ps_parse_loop+0xdd8/0x1d00 [ 595.902479][T12922] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 595.902512][T12922] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 595.902538][T12922] ? acpi_ut_create_thread_state+0x63/0x170 [ 595.902576][T12922] acpi_ps_parse_aml+0x3c1/0xcb0 [ 595.902614][T12922] acpi_ps_execute_method+0x55a/0xb30 [ 595.902639][T12922] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 595.902667][T12922] acpi_ns_evaluate+0x76c/0xca0 [ 595.902692][T12922] ? kasan_save_track+0x14/0x30 [ 595.902719][T12922] acpi_evaluate_object+0x1fa/0xa90 [ 595.902753][T12922] ? do_syscall_64+0xcd/0x230 [ 595.902782][T12922] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.902804][T12922] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 595.902837][T12922] ? __mutex_trylock_common+0xe9/0x250 [ 595.902872][T12922] acpi_evaluate_integer+0xdd/0x200 [ 595.902908][T12922] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 595.902950][T12922] ? __pfx_status_show+0x10/0x10 [ 595.902980][T12922] status_show+0xa0/0x120 [ 595.902998][T12922] ? __pfx_status_show+0x10/0x10 [ 595.903042][T12922] dev_attr_show+0x53/0xe0 [ 595.903065][T12922] ? __pfx_dev_attr_show+0x10/0x10 [ 595.903088][T12922] sysfs_kf_seq_show+0x213/0x3e0 [ 595.903137][T12922] seq_read_iter+0x506/0x12c0 [ 595.903178][T12922] kernfs_fop_read_iter+0x40f/0x5a0 [ 595.903205][T12922] ? rw_verify_area+0xcf/0x680 [ 595.903238][T12922] vfs_read+0x8c8/0xc70 [ 595.903261][T12922] ? __pfx___mutex_lock+0x10/0x10 [ 595.903291][T12922] ? __pfx_vfs_read+0x10/0x10 [ 595.903327][T12922] ksys_read+0x12a/0x240 [ 595.903347][T12922] ? __pfx_ksys_read+0x10/0x10 [ 595.903365][T12922] ? rcu_is_watching+0x12/0xc0 [ 595.903393][T12922] do_syscall_64+0xcd/0x230 [ 595.903423][T12922] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.903443][T12922] RIP: 0033:0x7f5bd9f8e969 [ 595.903458][T12922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 595.903477][T12922] RSP: 002b:00007f5bd7df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 595.903496][T12922] RAX: ffffffffffffffda RBX: 00007f5bda1b5fa0 RCX: 00007f5bd9f8e969 [ 595.903509][T12922] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000003 [ 595.903521][T12922] RBP: 00007f5bda010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 595.903534][T12922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 595.903545][T12922] R13: 0000000000000000 R14: 00007f5bda1b5fa0 R15: 00007ffecef221e8 [ 595.903572][T12922] </TASK> [ 596.252655][T12922] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20240827/psparse-529) [ 597.369443][T12934] netlink: 'syz.5.2458': attribute type 4 has an invalid length. [ 597.403836][T12934] netlink: 314 bytes leftover after parsing attributes in process `syz.5.2458'. [ 597.452835][T12934] IPv6: NLM_F_CREATE should be specified when creating new route [ 597.486520][T12934] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 597.493820][T12934] IPv6: NLM_F_CREATE should be set when creating new route [ 598.893876][T12953] ------------[ cut here ]------------ [ 598.899542][T12953] WARNING: CPU: 1 PID: 12953 at kernel/trace/trace.c:2431 tracing_start_tr.part.0+0x1fc/0x2a0 [ 598.909857][T12953] Modules linked in: [ 598.913911][T12953] CPU: 1 UID: 0 PID: 12953 Comm: syz.3.2466 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 598.925974][T12953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 598.936027][T12953] RIP: 0010:tracing_start_tr.part.0+0x1fc/0x2a0 [ 598.942389][T12953] Code: 00 0f 85 97 00 00 00 48 83 3d 6f c5 62 0c 00 74 78 e8 48 56 fb ff 4c 89 ff e8 30 61 b2 09 90 e9 d9 fe ff ff e8 35 56 fb ff 90 <0f> 0b 90 c7 83 94 00 00 00 00 00 00 00 e9 c1 fe ff ff e8 fd d8 5f [ 598.961998][T12953] RSP: 0018:ffffc9000aacfbe8 EFLAGS: 00010083 [ 598.968066][T12953] RAX: 0000000000022476 RBX: ffffffff8e443240 RCX: ffffc9000be9a000 [ 598.976034][T12953] RDX: 0000000000080000 RSI: ffffffff81bf53bb RDI: 0000000000000005 [ 598.984091][T12953] RBP: 00000000ffffffff R08: 0000000000000005 R09: 0000000000000000 [ 598.992237][T12953] R10: 00000000ffffffff R11: 0000000000000000 R12: 1ffff92001559f7e [ 599.000210][T12953] R13: 0000000000000287 R14: ffffffff8e443320 R15: ffffffff8e443260 [ 599.008180][T12953] FS: 00007f5bd7df66c0(0000) GS:ffff888124abf000(0000) knlGS:0000000000000000 [ 599.017112][T12953] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 599.023697][T12953] CR2: 00007fcf921bbd34 CR3: 0000000039544000 CR4: 00000000003526f0 [ 599.031765][T12953] Call Trace: [ 599.035161][T12953] <TASK> [ 599.038108][T12953] ? __pfx_tracing_start_tr.part.0+0x10/0x10 [ 599.044159][T12953] buffer_subbuf_size_write+0x226/0x280 [ 599.049740][T12953] ? __pfx_buffer_subbuf_size_write+0x10/0x10 [ 599.055870][T12953] vfs_write+0x25c/0x1180 [ 599.060215][T12953] ? __pfx_buffer_subbuf_size_write+0x10/0x10 [ 599.066305][T12953] ? __pfx___mutex_lock+0x10/0x10 [ 599.071369][T12953] ? __pfx_vfs_write+0x10/0x10 [ 599.076151][T12953] ? __fget_files+0x20e/0x3c0 [ 599.080856][T12953] ksys_write+0x12a/0x240 [ 599.085201][T12953] ? __pfx_ksys_write+0x10/0x10 [ 599.090083][T12953] ? rcu_is_watching+0x12/0xc0 [ 599.094859][T12953] do_syscall_64+0xcd/0x230 [ 599.099379][T12953] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 599.105284][T12953] RIP: 0033:0x7f5bd9f8e969 [ 599.109713][T12953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 599.129360][T12953] RSP: 002b:00007f5bd7df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 599.137870][T12953] RAX: ffffffffffffffda RBX: 00007f5bda1b5fa0 RCX: 00007f5bd9f8e969 [ 599.145837][T12953] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 599.153801][T12953] RBP: 00007f5bda010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 599.161766][T12953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 599.169736][T12953] R13: 0000000000000000 R14: 00007f5bda1b5fa0 R15: 00007ffecef221e8 [ 599.177733][T12953] </TASK> [ 599.180752][T12953] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 599.188025][T12953] CPU: 1 UID: 0 PID: 12953 Comm: syz.3.2466 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) [ 599.200085][T12953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 599.210134][T12953] Call Trace: [ 599.213411][T12953] <TASK> [ 599.216354][T12953] dump_stack_lvl+0x3d/0x1f0 [ 599.220960][T12953] panic+0x71c/0x800 [ 599.224873][T12953] ? __pfx_panic+0x10/0x10 [ 599.229321][T12953] ? show_trace_log_lvl+0x29b/0x3e0 [ 599.234542][T12953] ? tracing_start_tr.part.0+0x1fc/0x2a0 [ 599.240182][T12953] check_panic_on_warn+0xab/0xb0 [ 599.245157][T12953] __warn+0xf6/0x3c0 [ 599.249062][T12953] ? tracing_start_tr.part.0+0x1fc/0x2a0 [ 599.254709][T12953] report_bug+0x3c3/0x580 [ 599.259052][T12953] ? tracing_start_tr.part.0+0x1fc/0x2a0 [ 599.264694][T12953] handle_bug+0x184/0x210 [ 599.269026][T12953] exc_invalid_op+0x17/0x50 [ 599.273535][T12953] asm_exc_invalid_op+0x1a/0x20 [ 599.278479][T12953] RIP: 0010:tracing_start_tr.part.0+0x1fc/0x2a0 [ 599.284744][T12953] Code: 00 0f 85 97 00 00 00 48 83 3d 6f c5 62 0c 00 74 78 e8 48 56 fb ff 4c 89 ff e8 30 61 b2 09 90 e9 d9 fe ff ff e8 35 56 fb ff 90 <0f> 0b 90 c7 83 94 00 00 00 00 00 00 00 e9 c1 fe ff ff e8 fd d8 5f [ 599.304380][T12953] RSP: 0018:ffffc9000aacfbe8 EFLAGS: 00010083 [ 599.310463][T12953] RAX: 0000000000022476 RBX: ffffffff8e443240 RCX: ffffc9000be9a000 [ 599.318436][T12953] RDX: 0000000000080000 RSI: ffffffff81bf53bb RDI: 0000000000000005 [ 599.326429][T12953] RBP: 00000000ffffffff R08: 0000000000000005 R09: 0000000000000000 [ 599.334400][T12953] R10: 00000000ffffffff R11: 0000000000000000 R12: 1ffff92001559f7e [ 599.342384][T12953] R13: 0000000000000287 R14: ffffffff8e443320 R15: ffffffff8e443260 [ 599.350363][T12953] ? tracing_start_tr.part.0+0x1fb/0x2a0 [ 599.356010][T12953] ? tracing_start_tr.part.0+0x1fb/0x2a0 [ 599.361644][T12953] ? __pfx_tracing_start_tr.part.0+0x10/0x10 [ 599.367645][T12953] buffer_subbuf_size_write+0x226/0x280 [ 599.373216][T12953] ? __pfx_buffer_subbuf_size_write+0x10/0x10 [ 599.379318][T12953] vfs_write+0x25c/0x1180 [ 599.383665][T12953] ? __pfx_buffer_subbuf_size_write+0x10/0x10 [ 599.389743][T12953] ? __pfx___mutex_lock+0x10/0x10 [ 599.394780][T12953] ? __pfx_vfs_write+0x10/0x10 [ 599.399565][T12953] ? __fget_files+0x20e/0x3c0 [ 599.404269][T12953] ksys_write+0x12a/0x240 [ 599.408606][T12953] ? __pfx_ksys_write+0x10/0x10 [ 599.413462][T12953] ? rcu_is_watching+0x12/0xc0 [ 599.418236][T12953] do_syscall_64+0xcd/0x230 [ 599.422780][T12953] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 599.428684][T12953] RIP: 0033:0x7f5bd9f8e969 [ 599.433107][T12953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 599.452720][T12953] RSP: 002b:00007f5bd7df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 599.461140][T12953] RAX: ffffffffffffffda RBX: 00007f5bda1b5fa0 RCX: 00007f5bd9f8e969 [ 599.469113][T12953] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 599.477090][T12953] RBP: 00007f5bda010ab1 R08: 0000000000000000 R09: 0000000000000000 [ 599.485063][T12953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 599.493037][T12953] R13: 0000000000000000 R14: 00007f5bda1b5fa0 R15: 00007ffecef221e8 [ 599.501018][T12953] </TASK> [ 599.504101][T12953] Kernel Offset: disabled [ 599.508425][T12953] Rebooting in 86400 seconds..