last executing test programs: 4.964998691s ago: executing program 1 (id=2358): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_register$auto(0x2, 0x2, &(0x7f0000000040), 0x86) io_uring_register$auto(0x2, 0x6, 0x0, 0x1) 3.912894375s ago: executing program 1 (id=2362): socket(0x2, 0x2, 0x88) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3ff, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc4) 3.795812219s ago: executing program 1 (id=2363): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) writev$auto(0x8000, &(0x7f0000000040)={0x0, 0x1000000000004}, 0x2bc) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1) io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1) 3.556677993s ago: executing program 1 (id=2365): r0 = pidfd_open$auto(0x1, 0x0) clock_getres$auto(0xfffffffffffffffb, 0x0) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r1, &(0x7f0000000180), 0x0) setns(r0, 0x60020000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0xdef, 0x0) 3.369003494s ago: executing program 1 (id=2367): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x7e, 0x0) socket(0x2, 0x1, 0x106) fstatfs$auto(0x3, 0x0) ioctl$auto(0x3, 0x8912, 0x46) 3.053001345s ago: executing program 1 (id=2373): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f0000000180), 0x28400, 0x0) adjtimex$auto(&(0x7f0000000000)={0xfffffff0, 0x0, 0x7, 0x9c, 0xe1d, 0x3, 0x3, 0x0, 0xfffffffffffffff7, 0x4, 0x80000000004, {0x100000000, 0x2}, 0x8000000252, 0x5, 0x3, 0x1, 0x0, 0x4, 0x9, 0xc578, 0x4, 0x400, 0x7ff}) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x36a}, 0x6) 2.705835719s ago: executing program 2 (id=2376): ioperm$auto(0x3, 0xe, 0x2000000000000149) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) shutdown$auto(0x200000003, 0x2) unshare$auto(0x40000080) recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0) 2.256976821s ago: executing program 3 (id=2377): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x2, 0x0) io_uring_setup$auto(0x6, 0x0) read$auto_rb_simple_fops_trace(r0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x7, &(0x7f0000000000)={[0x732c, 0x8, 0x7, 0x3, 0x8, 0xe572, 0xa, 0xfffffffffffffffb, 0x5, 0x72, 0x8, 0x7, 0x1, 0x4, 0x3]}, &(0x7f0000000080)={[0x6, 0x8000000000000001, 0x2, 0x7fffffffffffffff, 0xdd6, 0x3, 0x2, 0x7, 0xa4, 0x7, 0x2, 0x401, 0x101, 0x7, 0xda5b, 0x1]}, 0x0, 0x0) 1.761892175s ago: executing program 0 (id=2380): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) mbind$auto(0x2000, 0x2091d2, 0x4, 0x0, 0x6, 0x2) 1.335959378s ago: executing program 0 (id=2381): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x0) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x4, 0xffffffffffffffff, 0x9b, 0x0, 0x5) 1.154148881s ago: executing program 0 (id=2382): socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000000028000) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 1.116942706s ago: executing program 3 (id=2383): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1, 0xb}, 0x800009}, 0x5, 0x20000000) recvmmsg$auto(0x3, 0x0, 0x4, 0x2, 0x0) select$auto(0x5, &(0x7f0000000200)={[0xeb, 0x3, 0x4, 0xd1, 0xb, 0x1001ff, 0x500000, 0x10000, 0x7fffffffffffffff, 0x3, 0x105, 0x10001, 0x0, 0x800, 0x2, 0x7]}, 0x0, 0x0, 0x0) 987.683243ms ago: executing program 2 (id=2384): r0 = socket(0x11, 0x3, 0x6) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000280), r1) sendmsg$auto_HWSIM_CMD_REGISTER(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)={0x14, r2, 0x1, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f00000003c0)='\a', 0x5ea}, 0x5, 0x0, 0x0, 0x1001}, 0x5}, 0x2, 0x100) 693.788874ms ago: executing program 0 (id=2385): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @loopback}, 0x55) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) getpeername$auto(0x3, 0x0, 0x0) 677.88074ms ago: executing program 2 (id=2386): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x801, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0x4, 0x0, 0x8, 0x800}, 0x1000}, 0xffffffff, 0x0, 0x0) 614.163137ms ago: executing program 3 (id=2387): mmap$auto(0x0, 0xb, 0xe2, 0xcb1, 0x401, 0x8040001008000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x33a00, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x6, 0x0) 537.146152ms ago: executing program 0 (id=2388): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x3ff, 0x0) mmap$auto(0x0, 0xbb0c, 0x329, 0x10011, 0x2, 0x8000) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) 446.052ms ago: executing program 2 (id=2389): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000040)='.\x00', 0x0, 0x161) socket(0xa, 0x3, 0x3a) getdents64$auto(0x0, 0x0, 0x18) ioctl$auto(0x1, 0x8941, 0x8) 426.632124ms ago: executing program 3 (id=2390): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/scsi/device_info\x00', 0x101000, 0x0) close_range$auto(0x2, 0x8000, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0) socket(0x2, 0x6, 0x0) listen$auto(0x3, 0x81) listen$auto(r0, 0x10001) 247.261238ms ago: executing program 2 (id=2391): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) mknod$auto(0x0, 0x1081, 0x3) open(0x0, 0xa240, 0x13a) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x1e, 0x0) 198.109485ms ago: executing program 3 (id=2392): mmap$auto(0x0, 0x2020009, 0xbe, 0xeb1, 0xfffffffffffffffa, 0x2000000000008000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x1) madvise$auto(0x0, 0x200007, 0x19) mlock$auto(0x5, 0xffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) 28.707554ms ago: executing program 3 (id=2393): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xc008ae67, 0x38) 23.882671ms ago: executing program 0 (id=2394): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x5, 0x2, 0x7, 0x0) r0 = socket(0xa, 0x801, 0x84) getsockopt$auto(r0, 0x84, 0x72, 0x0, &(0x7f0000000100)=0x22a) r1 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r1, 0x0, 0xe) 0s ago: executing program 2 (id=2395): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) process_vm_readv$auto(0x0, 0x0, 0x3, 0x0, 0x3, 0x9) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.189' (ED25519) to the list of known hosts. [ 66.110004][ T5828] cgroup: Unknown subsys name 'net' [ 66.297160][ T5828] cgroup: Unknown subsys name 'cpuset' [ 66.305356][ T5828] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 67.645036][ T5828] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 69.542948][ T5847] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.550582][ T5848] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 69.551433][ T5847] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 69.568138][ T5850] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 69.576314][ T5850] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.584047][ T5850] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 69.585297][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 69.592209][ T5850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 69.598265][ T5847] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.606307][ T5850] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 69.622540][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 69.624765][ T5850] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.630290][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 69.637433][ T5850] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.645121][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 69.651410][ T5850] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 69.658720][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 69.665829][ T5850] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 69.672241][ T5849] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 69.678978][ T5850] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 69.686058][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 69.692806][ T5850] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.713212][ T5849] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 69.722784][ T5849] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 70.089075][ T5840] chnl_net:caif_netlink_parms(): no params data found [ 70.149598][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 70.158264][ T5837] chnl_net:caif_netlink_parms(): no params data found [ 70.237859][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 70.318358][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.328175][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.335692][ T5840] bridge_slave_0: entered allmulticast mode [ 70.342258][ T5840] bridge_slave_0: entered promiscuous mode [ 70.373543][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.380776][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.388219][ T5840] bridge_slave_1: entered allmulticast mode [ 70.394688][ T5840] bridge_slave_1: entered promiscuous mode [ 70.407941][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.415394][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.422527][ T5837] bridge_slave_0: entered allmulticast mode [ 70.430020][ T5837] bridge_slave_0: entered promiscuous mode [ 70.438763][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.446227][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.453361][ T5837] bridge_slave_1: entered allmulticast mode [ 70.460186][ T5837] bridge_slave_1: entered promiscuous mode [ 70.500767][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.509356][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.516931][ T5838] bridge_slave_0: entered allmulticast mode [ 70.523398][ T5838] bridge_slave_0: entered promiscuous mode [ 70.530870][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.538110][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.545522][ T5838] bridge_slave_1: entered allmulticast mode [ 70.552021][ T5838] bridge_slave_1: entered promiscuous mode [ 70.584187][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.604139][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.616534][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.635154][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.642291][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.650187][ T5839] bridge_slave_0: entered allmulticast mode [ 70.657042][ T5839] bridge_slave_0: entered promiscuous mode [ 70.666230][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.697680][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.704966][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.712122][ T5839] bridge_slave_1: entered allmulticast mode [ 70.719179][ T5839] bridge_slave_1: entered promiscuous mode [ 70.743960][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.758136][ T5840] team0: Port device team_slave_0 added [ 70.771928][ T5837] team0: Port device team_slave_0 added [ 70.782299][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.792673][ T5840] team0: Port device team_slave_1 added [ 70.802302][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.813565][ T5837] team0: Port device team_slave_1 added [ 70.842804][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.869263][ T5838] team0: Port device team_slave_0 added [ 70.892463][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.899511][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.925787][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.939974][ T5838] team0: Port device team_slave_1 added [ 70.947602][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.954562][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.980659][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.994376][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.001410][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.027349][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.045126][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.052110][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.078128][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.118202][ T5839] team0: Port device team_slave_0 added [ 71.138758][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.146780][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.172781][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.187964][ T5839] team0: Port device team_slave_1 added [ 71.200584][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.207636][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.234225][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.258626][ T5840] hsr_slave_0: entered promiscuous mode [ 71.264610][ T5840] hsr_slave_1: entered promiscuous mode [ 71.322146][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 71.329720][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.360438][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.367205][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.368301][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 71.386289][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 71.393258][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 71.420504][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 71.436141][ T5837] hsr_slave_0: entered promiscuous mode [ 71.442248][ T5837] hsr_slave_1: entered promiscuous mode [ 71.448508][ T5837] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.456604][ T5837] Cannot create hsr debugfs directory [ 71.470242][ T5838] hsr_slave_0: entered promiscuous mode [ 71.476804][ T5838] hsr_slave_1: entered promiscuous mode [ 71.482633][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.490429][ T5838] Cannot create hsr debugfs directory [ 71.577320][ T5839] hsr_slave_0: entered promiscuous mode [ 71.583278][ T5839] hsr_slave_1: entered promiscuous mode [ 71.589880][ T5839] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 71.597833][ T5839] Cannot create hsr debugfs directory [ 71.755583][ T5843] Bluetooth: hci0: command tx timeout [ 71.755587][ T5849] Bluetooth: hci1: command tx timeout [ 71.764998][ T5843] Bluetooth: hci2: command tx timeout [ 71.817975][ T5840] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 71.840545][ T5840] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 71.847551][ T5843] Bluetooth: hci3: command tx timeout [ 71.855745][ T5840] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 71.874224][ T5840] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 71.894693][ T5838] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 71.908085][ T5838] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 71.921417][ T5838] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 71.930775][ T5838] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 72.011750][ T5837] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 72.022105][ T5837] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 72.049770][ T5837] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 72.068206][ T5837] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 72.122161][ T5839] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 72.132144][ T5839] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 72.141845][ T5839] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 72.162192][ T5839] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 72.179937][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.237029][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.271602][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.278776][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.296634][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.310959][ T66] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.318167][ T66] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.372052][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.401206][ T1108] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.408378][ T1108] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.443057][ T1108] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.450149][ T1108] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.481879][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.544039][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.563582][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.582614][ T5838] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 72.608817][ T53] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.615973][ T53] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.627690][ T53] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.634820][ T53] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.655898][ T5837] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.707323][ T1108] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.714492][ T1108] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.770837][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.778019][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.873204][ T5837] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 72.890398][ T5837] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 72.924420][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.992183][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.060020][ T5840] veth0_vlan: entered promiscuous mode [ 73.090198][ T5840] veth1_vlan: entered promiscuous mode [ 73.103499][ T5838] veth0_vlan: entered promiscuous mode [ 73.169981][ T5838] veth1_vlan: entered promiscuous mode [ 73.210617][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.222434][ T5840] veth0_macvtap: entered promiscuous mode [ 73.247619][ T5840] veth1_macvtap: entered promiscuous mode [ 73.261886][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.309297][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.332963][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.345789][ T5838] veth0_macvtap: entered promiscuous mode [ 73.354630][ T5838] veth1_macvtap: entered promiscuous mode [ 73.377240][ T5839] veth0_vlan: entered promiscuous mode [ 73.393194][ T5840] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.402657][ T5840] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.411656][ T5840] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.420618][ T5840] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.453941][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.465406][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.476898][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.487916][ T5839] veth1_vlan: entered promiscuous mode [ 73.502395][ T5837] veth0_vlan: entered promiscuous mode [ 73.510558][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.522256][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.534259][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.551067][ T5837] veth1_vlan: entered promiscuous mode [ 73.570573][ T5838] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.579717][ T5838] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.588878][ T5838] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.597842][ T5838] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.654586][ T5837] veth0_macvtap: entered promiscuous mode [ 73.697558][ T5839] veth0_macvtap: entered promiscuous mode [ 73.706514][ T5837] veth1_macvtap: entered promiscuous mode [ 73.740743][ T5839] veth1_macvtap: entered promiscuous mode [ 73.751805][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.769594][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.788590][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.799832][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.809913][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.820394][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.831703][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.841211][ T5843] Bluetooth: hci1: command tx timeout [ 73.847065][ T5849] Bluetooth: hci2: command tx timeout [ 73.848166][ T5843] Bluetooth: hci0: command tx timeout [ 73.881213][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.892002][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.902330][ T5837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.913077][ T5837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.923458][ T5843] Bluetooth: hci3: command tx timeout [ 73.926326][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.943751][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.954623][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.966670][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.978320][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.988800][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.000020][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.011815][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.031815][ T5837] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.040872][ T5837] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.049933][ T5837] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.058974][ T5837] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.071646][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.083790][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.093926][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.104818][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.114661][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.126611][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.138311][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.157200][ T1108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.166077][ T720] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.171292][ T1108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.173919][ T720] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.208515][ T5839] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.217421][ T5839] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.227728][ T5839] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.238875][ T5839] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.262778][ T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.271902][ T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.426406][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.434308][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.487335][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.495831][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.541298][ T5838] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 74.599777][ T720] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.615576][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.624284][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.626817][ T720] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.532417][ T5922] sock: sock_set_timeout: `syz.3.7' (pid 5922) tries to set negative timeout [ 75.916216][ T5850] Bluetooth: hci2: command tx timeout [ 75.922352][ T5849] Bluetooth: hci1: command tx timeout [ 75.928676][ T5843] Bluetooth: hci0: command tx timeout [ 75.987190][ T5930] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 76.005486][ T5843] Bluetooth: hci3: command tx timeout [ 76.327679][ T5934] netlink: 342 bytes leftover after parsing attributes in process `syz.3.14'. [ 76.356126][ T5934] Zero length message leads to an empty skb [ 78.004804][ T5843] Bluetooth: hci0: command tx timeout [ 78.012052][ T5843] Bluetooth: hci1: command tx timeout [ 78.018066][ T5843] Bluetooth: hci2: command tx timeout [ 78.084997][ T5849] Bluetooth: hci3: command tx timeout [ 80.250072][ T6021] netlink: 342 bytes leftover after parsing attributes in process `syz.0.49'. [ 80.535310][ T6029] netlink: 350 bytes leftover after parsing attributes in process `syz.2.51'. [ 82.177874][ T6066] tipc: Trying to set illegal importance in message [ 82.572417][ T6074] process 'syz.2.72' launched ':,' with NULL argv: empty string added [ 83.738809][ T6100] netlink: 294 bytes leftover after parsing attributes in process `syz.3.84'. [ 84.504408][ T6106] mmap: syz.2.85 (6106) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 84.948233][ T6127] netlink: 93 bytes leftover after parsing attributes in process `syz.3.95'. [ 85.198505][ T6137] syz.3.99 uses obsolete (PF_INET,SOCK_PACKET) [ 86.607464][ T6165] netlink: 28 bytes leftover after parsing attributes in process `syz.2.111'. [ 86.656269][ T6165] macvlan1: entered allmulticast mode [ 86.688498][ T6165] veth1_vlan: entered allmulticast mode [ 86.739652][ T1207] cfg80211: failed to load regulatory.db [ 87.925272][ T6192] netlink: 4 bytes leftover after parsing attributes in process `syz.3.122'. [ 88.186746][ T6199] netlink: 4 bytes leftover after parsing attributes in process `syz.3.126'. [ 88.821232][ T6219] netlink: 4 bytes leftover after parsing attributes in process `syz.1.133'. [ 88.862320][ T6219] netlink: 4 bytes leftover after parsing attributes in process `syz.1.133'. [ 89.034244][ T6223] netlink: 338 bytes leftover after parsing attributes in process `syz.1.135'. [ 89.283575][ T6225] netlink: 342 bytes leftover after parsing attributes in process `syz.0.136'. [ 90.574491][ T6216] kexec: Could not allocate control_code_buffer [ 90.968261][ T6271] netlink: 18 bytes leftover after parsing attributes in process `syz.3.157'. [ 91.756610][ T6280] batman_adv: Routing algorithm '0x00060000' is not supported [ 91.943547][ T6288] Invalid ELF header magic: != ELF [ 94.042735][ T6345] Console: switching to colour VGA+ 80x25 [ 94.324594][ T6350] hub 2-0:1.0: USB hub found [ 94.331839][ T6350] hub 2-0:1.0: 1 port detected [ 94.840271][ T6361] netlink: 342 bytes leftover after parsing attributes in process `syz.1.194'. [ 95.408419][ T6366] zswap: compressor not available [ 95.622554][ T6375] could not allocate digest TFM handle  [ 97.825749][ T6449] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 98.103887][ T6456] netlink: 28 bytes leftover after parsing attributes in process `syz.2.232'. [ 98.120417][ T6456] vxcan1: entered promiscuous mode [ 100.164136][ T1207] Process accounting resumed [ 101.430129][ T5849] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 101.430178][ T5849] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 101.454041][ T5849] Bluetooth: hci2: adv larger than maximum supported [ 101.454104][ T5849] Bluetooth: hci2: Unknown advertising packet type: 0x20 [ 101.461214][ T5849] Bluetooth: hci2: Unknown advertising packet type: 0x32 [ 101.468377][ T5849] Bluetooth: hci2: Unknown advertising packet type: 0x20 [ 101.475817][ T5849] Bluetooth: hci2: Unknown advertising packet type: 0x20 [ 101.482897][ T5849] Bluetooth: hci2: Unknown advertising packet type: 0x20 [ 101.490097][ T5849] Bluetooth: hci2: Unknown advertising packet type: 0x30 [ 102.410621][ T30] audit: type=1804 audit(1742403260.451:2): pid=6557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.275" name=2F6E6577726F6F742F36392F08 dev="tmpfs" ino=367 res=1 errno=0 [ 103.504213][ T6591] netlink: 24 bytes leftover after parsing attributes in process `syz.3.290'. [ 103.531496][ T6591] netlink: 23 bytes leftover after parsing attributes in process `syz.3.290'. [ 104.035272][ T6602] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek 260 [ 120.435693][ T5849] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 120.452521][ T5849] Bluetooth: hci1: adv larger than maximum supported [ 120.452580][ T5849] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 120.459756][ T5849] Bluetooth: hci1: Unknown advertising packet type: 0x34 [ 120.467713][ T5849] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 120.475698][ T5849] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 120.483697][ T5849] Bluetooth: hci1: Unknown advertising packet type: 0x20 [ 120.490964][ T5849] Bluetooth: hci1: Unknown advertising packet type: 0x30 [ 120.987258][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 121.002914][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 121.015389][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 121.733350][ T6950] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 122.286949][ T6962] netlink: 28 bytes leftover after parsing attributes in process `syz.1.431'. [ 123.897511][ T7000] syz.2.446 (7000): /proc/6999/oom_adj is deprecated, please use /proc/6999/oom_score_adj instead. [ 125.113926][ T7018] Invalid ELF header magic: != ELF [ 125.247382][ T7028] netlink: 28 bytes leftover after parsing attributes in process `syz.2.456'. [ 126.827257][ T7060] netlink: 28 bytes leftover after parsing attributes in process `syz.3.469'. [ 126.836806][ T7061] netlink: 346 bytes leftover after parsing attributes in process `syz.0.470'. [ 131.976265][ T7169] ======================================================= [ 131.976265][ T7169] WARNING: The mand mount option has been deprecated and [ 131.976265][ T7169] and is ignored by this kernel. Remove the mand [ 131.976265][ T7169] option from the mount to silence this warning. [ 131.976265][ T7169] ======================================================= [ 132.573816][ T7189] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 132.799953][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.811768][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.381115][ T7241] ubi0: attaching mtd0 [ 134.388992][ T7241] ubi0: scanning is finished [ 134.393659][ T7241] ubi0: empty MTD device detected [ 134.677502][ T7241] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 134.701263][ T7241] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 134.739694][ T7241] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 134.749372][ T7241] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 134.784932][ T7241] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 134.804980][ T7241] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 134.847872][ T7241] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 639095078 [ 134.875116][ T7241] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 134.919839][ T7246] ubi0: background thread "ubi_bgt0d" started, PID 7246 [ 135.635480][ T7266] nbd: socks must be embedded in a SOCK_ITEM attr [ 135.655519][ T7266] block nbd0: shutting down sockets [ 136.459653][ T7291] netlink: 28 bytes leftover after parsing attributes in process `syz.2.558'. [ 137.965139][ T7319] nbd: socks must be embedded in a SOCK_ITEM attr [ 137.965665][ T7319] block nbd0: shutting down sockets [ 138.173134][ T7327] sd 0:0:1:0: PR command failed: 1026 [ 138.184869][ T7327] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 138.212059][ T7327] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 143.156419][ T7448] netlink: 18 bytes leftover after parsing attributes in process `syz.0.622'. [ 146.326882][ T7521] netlink: 342 bytes leftover after parsing attributes in process `syz.3.652'. [ 146.396797][ T7523] netlink: 12 bytes leftover after parsing attributes in process `syz.1.653'. [ 146.422987][ T7523] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 147.965340][ T5849] Bluetooth: hci0: unexpected event 0x06 length: 11 > 3 [ 148.439127][ T7568] netlink: 18 bytes leftover after parsing attributes in process `syz.3.670'. [ 149.452063][ T7597] IPVS: length: 24 != 25769803800 [ 155.480003][ T7720] netlink: 4 bytes leftover after parsing attributes in process `syz.3.732'. [ 155.804731][ T7729] netlink: 4 bytes leftover after parsing attributes in process `syz.0.737'. [ 155.836298][ T7729] netlink: 4 bytes leftover after parsing attributes in process `syz.0.737'. [ 157.241774][ T7764] netlink: 28 bytes leftover after parsing attributes in process `syz.2.748'. [ 157.254192][ T7764] veth1_macvtap: left promiscuous mode [ 157.260063][ T7764] macsec0: entered allmulticast mode [ 159.975085][ T7828] netlink: 28 bytes leftover after parsing attributes in process `syz.0.775'. [ 159.995007][ T7828] veth1_macvtap: left promiscuous mode [ 160.000542][ T7828] macsec0: entered allmulticast mode syzkaller syzkaller login: [ 165.953011][ T7981] netlink: 338 bytes leftover after parsing attributes in process `syz.0.838'. [ 167.144226][ T8012] netlink: 346 bytes leftover after parsing attributes in process `syz.3.851'. [ 169.161524][ T8046] Loading of unsigned module is rejected [ 171.243263][ T8101] sd 0:0:1:0: PR command failed: 1026 [ 171.281191][ T8101] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 171.322900][ T8101] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 177.054889][ T8223] netlink: 28 bytes leftover after parsing attributes in process `syz.3.937'. [ 179.431065][ T8275] Device name cannot be null; rc = [-22] [ 181.085146][ T8306] kafs: addr_prefs: Too many elements in string [ 181.621804][ T8323] ima: policy update failed [ 181.642028][ T30] audit: type=1802 audit(1742403339.691:3): pid=8323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm=20 res=0 errno=0 [ 182.297426][ T8337] lo: entered promiscuous mode [ 182.325995][ T8336] lo: left promiscuous mode [ 184.511844][ T8370] lo: entered promiscuous mode [ 184.549994][ T8366] lo: left promiscuous mode [ 185.861222][ T8409] Device name cannot be null; rc = [-22] [ 186.148382][ T8414] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1017'. [ 186.174195][ T8414] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1017'. [ 187.176026][ T8433] ptrace attach of "./syz-executor exec"[5839] was attempted by ""[8433] [ 187.986614][ T8389] kexec: Could not allocate control_code_buffer [ 188.561399][ T8461] MTRR 1 not used [ 189.083946][ T8478] netlink: 214 bytes leftover after parsing attributes in process `syz.0.1043'. [ 189.286832][ T8484] snd_aloop snd_aloop.0: Parsing timer source 'a' failed with -22 [ 189.377327][ T8486] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1047'. [ 191.480763][ T5843] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 191.480812][ T5843] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 191.495926][ T5843] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 191.495963][ T5843] Bluetooth: hci2: adv larger than maximum supported [ 191.503035][ T5843] Bluetooth: hci2: adv larger than maximum supported [ 191.510820][ T5843] Bluetooth: hci2: adv larger than maximum supported [ 191.517733][ T5843] Bluetooth: hci2: Malformed LE Event: 0x0d [ 193.304641][ T8587] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1088'. [ 193.944331][ T8610] snd_aloop snd_aloop.0: Parsing timer source 'a' failed with -22 [ 193.973773][ T8610] snd_aloop snd_aloop.0: Parsing timer source 'a' failed with -22 [ 194.252699][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.264307][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.408011][ T8619] GUP no longer grows the stack in syz.3.1102 (8619): 14000-401000 (4000) [ 194.418091][ T8619] CPU: 0 UID: 0 PID: 8619 Comm: syz.3.1102 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 194.418130][ T8619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 194.418148][ T8619] Call Trace: [ 194.418156][ T8619] [ 194.418166][ T8619] dump_stack_lvl+0x16c/0x1f0 [ 194.418215][ T8619] gup_vma_lookup+0x1d2/0x220 [ 194.418258][ T8619] __get_user_pages+0x236/0x36f0 [ 194.418310][ T8619] ? hlock_class+0x4e/0x130 [ 194.418341][ T8619] ? __lock_acquire+0x15a9/0x3c40 [ 194.418381][ T8619] ? __pfx___get_user_pages+0x10/0x10 [ 194.418439][ T8619] __gup_longterm_locked+0x212/0x1870 [ 194.418483][ T8619] ? __pfx___lock_acquire+0x10/0x10 [ 194.418532][ T8619] ? __pfx___gup_longterm_locked+0x10/0x10 [ 194.418577][ T8619] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 194.418617][ T8619] ? rwsem_read_trylock+0x12d/0x250 [ 194.418664][ T8619] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 194.418710][ T8619] ? process_vm_rw_core.constprop.0+0x3ff/0x9c0 [ 194.418748][ T8619] pin_user_pages_remote+0xee/0x150 [ 194.418789][ T8619] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 194.418828][ T8619] ? down_read+0xc9/0x330 [ 194.418887][ T8619] process_vm_rw_core.constprop.0+0x42b/0x9c0 [ 194.418925][ T8619] ? futex_wait_queue+0x103/0x1f0 [ 194.418975][ T8619] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 194.419049][ T8619] process_vm_rw+0x301/0x360 [ 194.419082][ T8619] ? __pfx_process_vm_rw+0x10/0x10 [ 194.419165][ T8619] ? xfd_validate_state+0x5d/0x180 [ 194.419206][ T8619] ? rcu_is_watching+0x12/0xc0 [ 194.419243][ T8619] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 194.419275][ T8619] ? do_syscall_64+0x91/0x250 [ 194.419317][ T8619] ? lockdep_hardirqs_on+0x7c/0x110 [ 194.419355][ T8619] do_syscall_64+0xcd/0x250 [ 194.419400][ T8619] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.419439][ T8619] RIP: 0033:0x7f71c6b8d169 [ 194.419463][ T8619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 194.419490][ T8619] RSP: 002b:00007f71c791a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 194.419517][ T8619] RAX: ffffffffffffffda RBX: 00007f71c6da5fa0 RCX: 00007f71c6b8d169 [ 194.419536][ T8619] RDX: 0000000000000004 RSI: 0000400000000040 RDI: 0000000000000255 [ 194.419552][ T8619] RBP: 00007f71c6c0e2a0 R08: 0000000000000003 R09: 0000000000000000 [ 194.419569][ T8619] R10: 00004000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 194.419585][ T8619] R13: 0000000000000000 R14: 00007f71c6da5fa0 R15: 00007ffe6a5a55b8 [ 194.419623][ T8619] [ 196.315067][ T5848] Bluetooth: hci0: command 0x0406 tx timeout [ 196.321959][ T5846] Bluetooth: hci2: command 0x0406 tx timeout [ 196.328189][ T5846] Bluetooth: hci1: command 0x0406 tx timeout [ 196.334258][ T5846] Bluetooth: hci3: command 0x0406 tx timeout [ 198.355339][ T8695] Device name cannot be null; rc = [-22] [ 200.647226][ T8735] perf: Dynamic interrupt throttling disabled, can hang your system! [ 203.684400][ T8813] netlink: 350 bytes leftover after parsing attributes in process `syz.0.1185'. [ 205.481856][ T5149] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 205.481898][ T5149] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 205.500756][ T5149] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 205.500826][ T5149] Bluetooth: hci0: adv larger than maximum supported [ 205.509277][ T5149] Bluetooth: hci0: adv larger than maximum supported [ 205.516162][ T5149] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 205.516210][ T5149] Bluetooth: hci0: Malformed LE Event: 0x0d [ 207.352093][ T8896] dyndbg: bad flag-op 1, at start of 15 [ 207.389230][ T8896] dyndbg: flags parse failed [ 209.963973][ T5149] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 209.964017][ T5149] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 209.978983][ T5149] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 209.979020][ T5149] Bluetooth: hci1: adv larger than maximum supported [ 209.988381][ T5149] Bluetooth: hci1: adv larger than maximum supported [ 209.995208][ T5149] Bluetooth: hci1: adv larger than maximum supported [ 210.001955][ T5149] Bluetooth: hci1: Malformed LE Event: 0x0d [ 210.963140][ T8987] snd_aloop snd_aloop.0: Parsing timer source 'a' failed with -22 [ 212.164967][ T9015] netlink: 58 bytes leftover after parsing attributes in process `syz.3.1258'. [ 212.715328][ T5149] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 212.715373][ T5149] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 212.731671][ T5149] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 212.731712][ T5149] Bluetooth: hci0: adv larger than maximum supported [ 212.740241][ T5149] Bluetooth: hci0: adv larger than maximum supported [ 212.748257][ T5149] Bluetooth: hci0: adv larger than maximum supported [ 212.755525][ T5149] Bluetooth: hci0: Malformed LE Event: 0x0d [ 214.519337][ T9041] kexec: Could not allocate control_code_buffer [ 214.742440][ T9072] overlayfs: missing 'lowerdir' [ 215.059049][ T9081] netlink: 58 bytes leftover after parsing attributes in process `syz.0.1284'. [ 215.707922][ T5149] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 215.707965][ T5149] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 215.724094][ T5149] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 215.724159][ T5149] Bluetooth: hci3: adv larger than maximum supported [ 215.731933][ T5149] Bluetooth: hci3: adv larger than maximum supported [ 215.738978][ T5149] Bluetooth: hci3: adv larger than maximum supported [ 215.746005][ T5149] Bluetooth: hci3: Malformed LE Event: 0x0d [ 217.388162][ T5149] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 217.388202][ T5149] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 217.403238][ T5149] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 217.403277][ T5149] Bluetooth: hci0: adv larger than maximum supported [ 217.410571][ T5149] Bluetooth: hci0: Malformed LE Event: 0x0d [ 219.708550][ T9194] snd_aloop snd_aloop.0: Parsing timer source 'a' failed with -22 [ 219.885811][ T9197] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1330'. [ 220.356187][ T9217] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1338'. [ 222.568351][ T5149] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 222.568395][ T5149] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 222.584900][ T5149] bt_err_ratelimited: 2 callbacks suppressed [ 222.584921][ T5149] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 222.592184][ T5149] Bluetooth: hci3: adv larger than maximum supported [ 222.599877][ T5149] Bluetooth: hci3: adv larger than maximum supported [ 222.606754][ T5149] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 222.613477][ T5149] Bluetooth: hci3: Malformed LE Event: 0x0d [ 222.849714][ T9240] kexec: Could not allocate control_code_buffer [ 223.218845][ T5149] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 223.218894][ T5149] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 223.234086][ T5149] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 223.234126][ T5149] Bluetooth: hci0: adv larger than maximum supported [ 223.244992][ T5149] Bluetooth: hci0: adv larger than maximum supported [ 223.251835][ T5149] Bluetooth: hci0: adv larger than maximum supported [ 223.260699][ T5149] Bluetooth: hci0: Malformed LE Event: 0x0d [ 224.231329][ T9309] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 224.717466][ T9320] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1377'. [ 224.742671][ T9320] macsec0: entered promiscuous mode [ 224.760452][ T9320] macsec0: entered allmulticast mode [ 224.774919][ T9320] veth1_macvtap: entered allmulticast mode [ 226.529618][ T9317] kexec: Could not allocate control_code_buffer [ 229.775203][ T30] audit: type=1800 audit(1742403387.821:4): pid=9429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1417" name="lu_gp_id" dev="configfs" ino=18993 res=0 errno=0 [ 229.788627][ T9429] ALUA lu_gp_id: 393216 exceeds maximum: 0x0000ffff [ 231.714399][ T9486] netlink: 'syz.3.1442': attribute type 9 has an invalid length. [ 231.743787][ T9486] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1442'. [ 233.780781][ T9536] PM: Enabling pm_trace changes system date and time during resume. [ 233.780781][ T9536] PM: Correct system time has to be restored manually after resume. [ 233.999320][ T9507] kexec: Could not allocate control_code_buffer [ 235.170786][ T9576] netlink: 'syz.2.1479': attribute type 9 has an invalid length. [ 235.185268][ T9576] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1479'. [ 235.614806][ T9588] nbd1: detected capacity change from 0 to 68719476736 [ 235.630355][ T5852] block nbd1: Send control failed (result -22) [ 235.677192][ T5852] block nbd1: Request send failed, requeueing [ 235.708605][ T5149] block nbd1: Receive control failed (result -32) [ 235.710290][ T59] block nbd1: Dead connection, failed to find a fallback [ 235.735799][ T59] block nbd1: shutting down sockets [ 235.741455][ T59] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 235.751116][ T59] Buffer I/O error on dev nbd1, logical block 0, async page read [ 235.759392][ T5852] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 235.774864][ T5852] Buffer I/O error on dev nbd1, logical block 0, async page read [ 235.785522][ T5852] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 235.800895][ T5852] Buffer I/O error on dev nbd1, logical block 0, async page read [ 235.808918][ T5852] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 235.818048][ T5852] Buffer I/O error on dev nbd1, logical block 0, async page read [ 235.827571][ T5852] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 235.839245][ T5852] Buffer I/O error on dev nbd1, logical block 0, async page read [ 235.847251][ T5852] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 235.856405][ T5852] Buffer I/O error on dev nbd1, logical block 0, async page read [ 235.864364][ T5852] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 235.873558][ T5852] Buffer I/O error on dev nbd1, logical block 0, async page read [ 235.885789][ T5852] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 235.923367][ T5852] Buffer I/O error on dev nbd1, logical block 0, async page read [ 235.938674][ T5852] ldm_validate_partition_table(): Disk read failed. [ 235.974839][ T5852] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 236.006027][ T5852] Buffer I/O error on dev nbd1, logical block 0, async page read [ 236.014003][ T5852] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 236.032195][ T5852] Buffer I/O error on dev nbd1, logical block 0, async page read [ 236.041890][ T5852] Dev nbd1: unable to read RDB block 0 [ 236.102986][ T5852] nbd1: unable to read partition table [ 236.185696][ T5852] ldm_validate_partition_table(): Disk read failed. [ 236.192843][ T5852] Dev nbd1: unable to read RDB block 0 [ 236.219802][ T5852] nbd1: unable to read partition table [ 236.509812][ T9603] dyndbg: bad flag-op 1, at start of 15 [ 236.515673][ T9603] dyndbg: flags parse failed [ 237.281581][ T9624] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1498'. [ 238.880938][ T9668] zswap: compressor not available [ 240.677422][ T30] audit: type=1800 audit(1742403398.721:5): pid=9727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1540" name=22050820 dev="tmpfs" ino=1967 res=0 errno=0 [ 241.055450][ T9740] qrtr: Invalid version 0 [ 241.375572][ T9745] nbd2: detected capacity change from 0 to 68719476736 [ 241.409823][ T5852] block nbd2: Send control failed (result -22) [ 241.425799][ T5852] block nbd2: Request send failed, requeueing [ 241.457218][ T5149] block nbd2: Receive control failed (result -32) [ 241.457324][ T42] block nbd2: Dead connection, failed to find a fallback [ 241.471637][ T42] block nbd2: shutting down sockets [ 241.476954][ T42] blk_print_req_error: 24 callbacks suppressed [ 241.476974][ T42] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 241.492937][ T42] buffer_io_error: 23 callbacks suppressed [ 241.492955][ T42] Buffer I/O error on dev nbd2, logical block 0, async page read [ 241.509716][ T5852] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 241.585400][ T5852] Buffer I/O error on dev nbd2, logical block 0, async page read [ 241.601487][ T5852] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 241.613288][ T5852] Buffer I/O error on dev nbd2, logical block 0, async page read [ 241.629768][ T5852] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 241.649263][ T5852] Buffer I/O error on dev nbd2, logical block 0, async page read [ 241.665099][ T5852] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 241.674217][ T5852] Buffer I/O error on dev nbd2, logical block 0, async page read [ 241.704958][ T5852] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 241.714071][ T5852] Buffer I/O error on dev nbd2, logical block 0, async page read [ 241.737613][ T5852] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 241.769032][ T5852] Buffer I/O error on dev nbd2, logical block 0, async page read [ 241.807246][ T5852] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 241.819362][ T9763] MTRR 1 not used [ 241.825356][ T5852] Buffer I/O error on dev nbd2, logical block 0, async page read [ 241.845727][ T5852] ldm_validate_partition_table(): Disk read failed. [ 241.852486][ T5852] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 241.876164][ T5852] Buffer I/O error on dev nbd2, logical block 0, async page read [ 241.884123][ T5852] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 241.905160][ T5852] Buffer I/O error on dev nbd2, logical block 0, async page read [ 241.913276][ T5852] Dev nbd2: unable to read RDB block 0 [ 241.936176][ T5852] nbd2: unable to read partition table [ 241.976248][ T5852] ldm_validate_partition_table(): Disk read failed. [ 241.983417][ T5852] Dev nbd2: unable to read RDB block 0 [ 241.995456][ T5852] nbd2: unable to read partition table [ 242.157036][ T9768] nbd3: detected capacity change from 0 to 68719476736 [ 242.194436][ T5852] block nbd3: Send control failed (result -22) [ 242.224790][ T5852] block nbd3: Request send failed, requeueing [ 242.245154][ T59] block nbd3: Dead connection, failed to find a fallback [ 242.252302][ T59] block nbd3: shutting down sockets [ 242.261460][ T5852] ldm_validate_partition_table(): Disk read failed. [ 242.281425][ T5852] Dev nbd3: unable to read RDB block 0 [ 242.295475][ T5852] nbd3: unable to read partition table [ 242.327044][ T5852] ldm_validate_partition_table(): Disk read failed. [ 242.334174][ T5852] Dev nbd3: unable to read RDB block 0 [ 242.342656][ T5852] nbd3: unable to read partition table [ 242.623130][ T9770] zswap: compressor not available [ 244.486873][ T9819] sock: sock_timestamping_bind_phc: sock not bind to device [ 247.120860][ T5149] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11 [ 249.767251][ T9887] kexec: Could not allocate control_code_buffer [ 252.468348][ T9960] delete_channel: no stack [ 253.226105][ T9980] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1635'. [ 253.243131][ T9980] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.251678][ T9980] bridge0: port 1(bridge_slave_0) entered disabled state [ 253.271849][ T9980] bridge0: entered promiscuous mode [ 253.284960][ T9980] bridge0: entered allmulticast mode [ 255.543347][ T9988] kexec: Could not allocate control_code_buffer [ 255.678969][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.685415][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 259.422111][T10056] random: crng reseeded on system resumption [ 259.442995][T10056] FAULT_INJECTION: forcing a failure. [ 259.442995][T10056] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 259.475450][T10056] CPU: 1 UID: 0 PID: 10056 Comm: syz.2.1672 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 259.475492][T10056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 259.475510][T10056] Call Trace: [ 259.475518][T10056] [ 259.475529][T10056] dump_stack_lvl+0x16c/0x1f0 [ 259.475576][T10056] should_fail_ex+0x50a/0x650 [ 259.475603][T10056] ? __pfx___might_resched+0x10/0x10 [ 259.475654][T10056] should_fail_alloc_page+0xe7/0x130 [ 259.475685][T10056] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 259.475733][T10056] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 259.475782][T10056] ? mark_held_locks+0x9f/0xe0 [ 259.475823][T10056] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 259.475860][T10056] ? lockdep_hardirqs_on+0x7c/0x110 [ 259.475899][T10056] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 259.475946][T10056] ? stack_depot_save_flags+0x38f/0x9c0 [ 259.475975][T10056] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 259.476026][T10056] ? kasan_save_stack+0x42/0x60 [ 259.476065][T10056] ? kasan_save_stack+0x33/0x60 [ 259.476105][T10056] ? kasan_save_track+0x14/0x30 [ 259.476150][T10056] ? vfs_open+0x82/0x3f0 [ 259.476173][T10056] ? path_openat+0x1e88/0x2d80 [ 259.476212][T10056] ? do_filp_open+0x20c/0x470 [ 259.476249][T10056] ? do_sys_openat2+0x17a/0x1e0 [ 259.476277][T10056] ? __x64_sys_openat+0x175/0x210 [ 259.476306][T10056] ? do_syscall_64+0xcd/0x250 [ 259.476341][T10056] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.476381][T10056] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 259.476421][T10056] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 259.476468][T10056] ? policy_nodemask+0xea/0x4e0 [ 259.476500][T10056] alloc_pages_mpol+0x1fc/0x540 [ 259.476530][T10056] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 259.476571][T10056] alloc_pages_noprof+0x131/0x390 [ 259.476601][T10056] get_zeroed_page_noprof+0x14/0x50 [ 259.476635][T10056] get_image_page+0x18/0x190 [ 259.476667][T10056] alloc_rtree_node+0x3c/0xb0 [ 259.476699][T10056] memory_bm_create+0x517/0x810 [ 259.476747][T10056] create_basic_memory_bitmaps+0x111/0x680 [ 259.476791][T10056] snapshot_open+0x235/0x2b0 [ 259.476827][T10056] ? __pfx_snapshot_open+0x10/0x10 [ 259.476865][T10056] misc_open+0x35a/0x420 [ 259.476897][T10056] ? __pfx_misc_open+0x10/0x10 [ 259.476937][T10056] chrdev_open+0x237/0x6a0 [ 259.476984][T10056] ? __pfx_chrdev_open+0x10/0x10 [ 259.477032][T10056] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 259.477080][T10056] do_dentry_open+0x735/0x1c40 [ 259.477123][T10056] ? __pfx_chrdev_open+0x10/0x10 [ 259.477167][T10056] ? inode_permission+0xdd/0x5f0 [ 259.477202][T10056] vfs_open+0x82/0x3f0 [ 259.477229][T10056] ? may_open+0x1f2/0x400 [ 259.477265][T10056] path_openat+0x1e88/0x2d80 [ 259.477324][T10056] ? __pfx_path_openat+0x10/0x10 [ 259.477366][T10056] ? __pfx___lock_acquire+0x10/0x10 [ 259.477404][T10056] ? lock_acquire.part.0+0x11b/0x380 [ 259.477444][T10056] ? find_held_lock+0x2d/0x110 [ 259.477480][T10056] do_filp_open+0x20c/0x470 [ 259.477523][T10056] ? __pfx_do_filp_open+0x10/0x10 [ 259.477563][T10056] ? find_held_lock+0x2d/0x110 [ 259.477623][T10056] ? alloc_fd+0x41f/0x760 [ 259.477677][T10056] do_sys_openat2+0x17a/0x1e0 [ 259.477707][T10056] ? __pfx_do_sys_openat2+0x10/0x10 [ 259.477755][T10056] __x64_sys_openat+0x175/0x210 [ 259.477787][T10056] ? __pfx___x64_sys_openat+0x10/0x10 [ 259.477842][T10056] do_syscall_64+0xcd/0x250 [ 259.477888][T10056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.477935][T10056] RIP: 0033:0x7f9660f8d169 [ 259.477960][T10056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.477987][T10056] RSP: 002b:00007f9661e4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 259.478016][T10056] RAX: ffffffffffffffda RBX: 00007f96611a5fa0 RCX: 00007f9660f8d169 [ 259.478034][T10056] RDX: 0000000000180b01 RSI: 0000400000000000 RDI: ffffffffffffff9c [ 259.478053][T10056] RBP: 00007f966100e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 259.478069][T10056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.478086][T10056] R13: 0000000000000000 R14: 00007f96611a5fa0 R15: 00007fffb45a9a18 [ 259.478125][T10056] [ 260.335589][ T5149] Bluetooth: hci1: unexpected event 0x03 length: 725 > 11 [ 260.918058][T10083] FAULT_INJECTION: forcing a failure. [ 260.918058][T10083] name failslab, interval 1, probability 0, space 0, times 1 [ 260.949306][T10083] CPU: 0 UID: 0 PID: 10083 Comm: syz.1.1675 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 260.949348][T10083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 260.949364][T10083] Call Trace: [ 260.949373][T10083] [ 260.949384][T10083] dump_stack_lvl+0x16c/0x1f0 [ 260.949432][T10083] should_fail_ex+0x50a/0x650 [ 260.949460][T10083] ? fs_reclaim_acquire+0xae/0x150 [ 260.949501][T10083] ? lsm_blob_alloc+0x68/0x90 [ 260.949544][T10083] should_failslab+0xc2/0x120 [ 260.949571][T10083] __kmalloc_noprof+0xcb/0x510 [ 260.949625][T10083] lsm_blob_alloc+0x68/0x90 [ 260.949670][T10083] security_sk_alloc+0x30/0x270 [ 260.949704][T10083] sk_prot_alloc+0x1c7/0x2a0 [ 260.949737][T10083] sk_alloc+0x36/0xc20 [ 260.949778][T10083] tap_open+0x2e8/0x1150 [ 260.949816][T10083] ? __pfx_tap_open+0x10/0x10 [ 260.949856][T10083] chrdev_open+0x237/0x6a0 [ 260.949898][T10083] ? __pfx_apparmor_file_open+0x10/0x10 [ 260.949936][T10083] ? __pfx_chrdev_open+0x10/0x10 [ 260.949983][T10083] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 260.950029][T10083] do_dentry_open+0x735/0x1c40 [ 260.950071][T10083] ? __pfx_chrdev_open+0x10/0x10 [ 260.950115][T10083] ? inode_permission+0xdd/0x5f0 [ 260.950149][T10083] vfs_open+0x82/0x3f0 [ 260.950175][T10083] ? may_open+0x1f2/0x400 [ 260.950211][T10083] path_openat+0x1e88/0x2d80 [ 260.950268][T10083] ? __pfx_path_openat+0x10/0x10 [ 260.950315][T10083] ? __pfx___lock_acquire+0x10/0x10 [ 260.950353][T10083] ? lock_acquire.part.0+0x11b/0x380 [ 260.950393][T10083] ? find_held_lock+0x2d/0x110 [ 260.950429][T10083] do_filp_open+0x20c/0x470 [ 260.950471][T10083] ? __pfx_do_filp_open+0x10/0x10 [ 260.950510][T10083] ? find_held_lock+0x2d/0x110 [ 260.950569][T10083] ? alloc_fd+0x41f/0x760 [ 260.950620][T10083] do_sys_openat2+0x17a/0x1e0 [ 260.950650][T10083] ? __pfx_do_sys_openat2+0x10/0x10 [ 260.950696][T10083] __x64_sys_openat+0x175/0x210 [ 260.950727][T10083] ? __pfx___x64_sys_openat+0x10/0x10 [ 260.950775][T10083] do_syscall_64+0xcd/0x250 [ 260.950829][T10083] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.950880][T10083] RIP: 0033:0x7f5d5cf8d169 [ 260.950903][T10083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.950930][T10083] RSP: 002b:00007f5d5dd1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 260.950958][T10083] RAX: ffffffffffffffda RBX: 00007f5d5d1a5fa0 RCX: 00007f5d5cf8d169 [ 260.950976][T10083] RDX: 0000000000082000 RSI: 0000400000000000 RDI: ffffffffffffff9c [ 260.950994][T10083] RBP: 00007f5d5d00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 260.951011][T10083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 260.951028][T10083] R13: 0000000000000000 R14: 00007f5d5d1a5fa0 R15: 00007ffd37edcb48 [ 260.951065][T10083] [ 261.701925][T10087] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1677'. [ 261.864984][T10096] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1681'. [ 262.106046][T10099] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1684'. [ 262.161414][T10103] netlink: 'syz.2.1685': attribute type 1 has an invalid length. [ 266.106569][T10206] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1711'. [ 266.704995][T10215] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1717'. [ 267.337686][T10223] netlink: 'syz.1.1721': attribute type 1 has an invalid length. [ 267.354799][T10223] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1721'. [ 270.154514][T10265] PM: Enabling pm_trace changes system date and time during resume. [ 270.154514][T10265] PM: Correct system time has to be restored manually after resume. [ 270.665329][T10271] nbd4: detected capacity change from 0 to 68719476736 [ 270.686784][ T5852] block nbd4: Send control failed (result -22) [ 270.724507][ T5852] block nbd4: Request send failed, requeueing [ 270.766517][ T5149] block nbd4: Receive control failed (result -32) [ 270.766577][ T59] block nbd4: Dead connection, failed to find a fallback [ 270.766601][ T59] block nbd4: shutting down sockets [ 270.785670][ T59] blk_print_req_error: 58 callbacks suppressed [ 270.785689][ T59] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.801092][ T59] buffer_io_error: 56 callbacks suppressed [ 270.801110][ T59] Buffer I/O error on dev nbd4, logical block 0, async page read [ 270.816054][ T5852] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.829657][ T5852] Buffer I/O error on dev nbd4, logical block 0, async page read [ 270.846142][ T5852] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.855353][ T5852] Buffer I/O error on dev nbd4, logical block 0, async page read [ 270.863259][ T5852] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.873122][ T5852] Buffer I/O error on dev nbd4, logical block 0, async page read [ 270.881409][ T5852] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.890679][ T5852] Buffer I/O error on dev nbd4, logical block 0, async page read [ 270.898808][ T5852] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.909019][ T5852] Buffer I/O error on dev nbd4, logical block 0, async page read [ 270.917173][ T5852] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.926488][ T5852] Buffer I/O error on dev nbd4, logical block 0, async page read [ 270.934404][ T5852] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.943597][ T5852] Buffer I/O error on dev nbd4, logical block 0, async page read [ 270.958071][ T5852] ldm_validate_partition_table(): Disk read failed. [ 270.965209][ T5852] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 270.974308][ T5852] Buffer I/O error on dev nbd4, logical block 0, async page read [ 270.983422][ T5852] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 271.003093][ T5852] Buffer I/O error on dev nbd4, logical block 0, async page read [ 271.025640][ T5852] Dev nbd4: unable to read RDB block 0 [ 271.031687][ T5852] nbd4: unable to read partition table [ 271.056456][ T5852] ldm_validate_partition_table(): Disk read failed. [ 271.095221][ T5852] Dev nbd4: unable to read RDB block 0 [ 271.105702][ T5852] nbd4: unable to read partition table [ 272.199740][T10304] program syz.3.1754 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 272.546768][T10310] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1755'. [ 273.625138][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 273.633636][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 274.258619][T10354] sctp: [Deprecated]: syz.1.1772 (pid 10354) Use of struct sctp_assoc_value in delayed_ack socket option. [ 274.258619][T10354] Use struct sctp_sack_info instead [ 274.857332][T10360] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1783'. [ 275.778800][ T30] audit: type=1800 audit(1742403433.831:6): pid=10384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1784" name="dbroot" dev="configfs" ino=23591 res=0 errno=0 [ 277.089443][T10404] FAULT_INJECTION: forcing a failure. [ 277.089443][T10404] name failslab, interval 1, probability 0, space 0, times 0 [ 277.102659][T10404] CPU: 1 UID: 0 PID: 10404 Comm: syz.1.1790 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 277.102697][T10404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 277.102713][T10404] Call Trace: [ 277.102721][T10404] [ 277.102732][T10404] dump_stack_lvl+0x16c/0x1f0 [ 277.102780][T10404] should_fail_ex+0x50a/0x650 [ 277.102806][T10404] ? fs_reclaim_acquire+0xae/0x150 [ 277.102842][T10404] ? sk_prot_alloc+0x1a8/0x2a0 [ 277.102870][T10404] should_failslab+0xc2/0x120 [ 277.102896][T10404] __kmalloc_noprof+0xcb/0x510 [ 277.102936][T10404] ? trace_cap_capable+0x1a2/0x210 [ 277.102974][T10404] sk_prot_alloc+0x1a8/0x2a0 [ 277.103009][T10404] sk_alloc+0x36/0xc20 [ 277.103052][T10404] pfkey_create+0x105/0x600 [ 277.103090][T10404] __sock_create+0x335/0x8d0 [ 277.103132][T10404] __sys_socket+0x14f/0x260 [ 277.103168][T10404] ? __pfx___sys_socket+0x10/0x10 [ 277.103205][T10404] ? rcu_is_watching+0x12/0xc0 [ 277.103243][T10404] __x64_sys_socket+0x72/0xb0 [ 277.103277][T10404] ? lockdep_hardirqs_on+0x7c/0x110 [ 277.103317][T10404] do_syscall_64+0xcd/0x250 [ 277.103361][T10404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.103396][T10404] RIP: 0033:0x7f5d5cf8d169 [ 277.103418][T10404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 277.103445][T10404] RSP: 002b:00007f5d5dd1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 277.103472][T10404] RAX: ffffffffffffffda RBX: 00007f5d5d1a5fa0 RCX: 00007f5d5cf8d169 [ 277.103491][T10404] RDX: 0000000000000002 RSI: 0000000000000003 RDI: 000000000000000f [ 277.103507][T10404] RBP: 00007f5d5d00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 277.103524][T10404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 277.103540][T10404] R13: 0000000000000000 R14: 00007f5d5d1a5fa0 R15: 00007ffd37edcb48 [ 277.103575][T10404] [ 277.926111][T10419] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1797'. [ 278.285324][T10432] ubi: mtd0 is already attached to ubi0 [ 279.159106][T10448] openvswitch: netlink: IP tunnel dst address not specified [ 279.186829][T10448] openvswitch: netlink: IP tunnel dst address not specified [ 279.917254][T10468] FAULT_INJECTION: forcing a failure. [ 279.917254][T10468] name failslab, interval 1, probability 0, space 0, times 0 [ 279.941949][T10468] CPU: 0 UID: 0 PID: 10468 Comm: syz.0.1816 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 279.941992][T10468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 279.942008][T10468] Call Trace: [ 279.942017][T10468] [ 279.942028][T10468] dump_stack_lvl+0x16c/0x1f0 [ 279.942077][T10468] should_fail_ex+0x50a/0x650 [ 279.942105][T10468] ? fs_reclaim_acquire+0xae/0x150 [ 279.942145][T10468] ? sample_init_net+0x56/0x270 [ 279.942184][T10468] should_failslab+0xc2/0x120 [ 279.942211][T10468] __kmalloc_cache_noprof+0x68/0x410 [ 279.942259][T10468] ? __pfx_sample_init_net+0x10/0x10 [ 279.942301][T10468] sample_init_net+0x56/0x270 [ 279.942343][T10468] ops_init+0x1df/0x5f0 [ 279.942376][T10468] setup_net+0x21f/0x860 [ 279.942408][T10468] ? __pfx_setup_net+0x10/0x10 [ 279.942433][T10468] ? down_read_killable+0xcc/0x380 [ 279.942477][T10468] ? __pfx_down_read_killable+0x10/0x10 [ 279.942520][T10468] ? __raw_spin_lock_init+0x3a/0x110 [ 279.942548][T10468] ? debug_mutex_init+0x37/0x70 [ 279.942582][T10468] copy_net_ns+0x2a6/0x5f0 [ 279.942618][T10468] create_new_namespaces+0x3ea/0xad0 [ 279.942674][T10468] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 279.942724][T10468] ksys_unshare+0x45d/0xa40 [ 279.942755][T10468] ? __pfx_ksys_unshare+0x10/0x10 [ 279.942783][T10468] ? xfd_validate_state+0x5d/0x180 [ 279.942837][T10468] __x64_sys_unshare+0x31/0x40 [ 279.942875][T10468] do_syscall_64+0xcd/0x250 [ 279.942921][T10468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 279.942961][T10468] RIP: 0033:0x7f28a358d169 [ 279.942984][T10468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 279.943011][T10468] RSP: 002b:00007f28a43ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 279.943046][T10468] RAX: ffffffffffffffda RBX: 00007f28a37a5fa0 RCX: 00007f28a358d169 [ 279.943065][T10468] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 279.943082][T10468] RBP: 00007f28a360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 279.943100][T10468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 279.943116][T10468] R13: 0000000000000000 R14: 00007f28a37a5fa0 R15: 00007fffe7092b88 [ 279.943154][T10468] [ 280.922742][T10484] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1825'. [ 282.411221][T10521] ptrace attach of "./syz-executor exec"[5837] was attempted by "./syz-executor exec"[10521] [ 282.672257][T10524] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1839'. [ 286.279297][T10571] FAULT_INJECTION: forcing a failure. [ 286.279297][T10571] name failslab, interval 1, probability 0, space 0, times 0 [ 286.344825][T10571] CPU: 1 UID: 0 PID: 10571 Comm: syz.3.1858 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 286.344866][T10571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 286.344884][T10571] Call Trace: [ 286.344892][T10571] [ 286.344903][T10571] dump_stack_lvl+0x16c/0x1f0 [ 286.344953][T10571] should_fail_ex+0x50a/0x650 [ 286.344981][T10571] ? fs_reclaim_acquire+0xae/0x150 [ 286.345021][T10571] ? snd_midi_event_new+0xa1/0x210 [ 286.345051][T10571] should_failslab+0xc2/0x120 [ 286.345079][T10571] __kmalloc_noprof+0xcb/0x510 [ 286.345129][T10571] snd_midi_event_new+0xa1/0x210 [ 286.345160][T10571] snd_virmidi_output_open+0x106/0x640 [ 286.345199][T10571] open_substream+0x478/0x9b0 [ 286.345240][T10571] rawmidi_open_priv+0x542/0x6e0 [ 286.345286][T10571] snd_rawmidi_open+0x4bf/0xbd0 [ 286.345334][T10571] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 286.345373][T10571] ? __pfx_lock_release+0x10/0x10 [ 286.345414][T10571] ? __pfx_default_wake_function+0x10/0x10 [ 286.345455][T10571] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 286.345482][T10571] ? lock_acquire+0x2f/0xb0 [ 286.345518][T10571] ? soundcore_open+0x8e/0x580 [ 286.345547][T10571] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 286.345590][T10571] soundcore_open+0x409/0x580 [ 286.345622][T10571] ? __pfx_soundcore_open+0x10/0x10 [ 286.345651][T10571] chrdev_open+0x237/0x6a0 [ 286.345696][T10571] ? __pfx_chrdev_open+0x10/0x10 [ 286.345743][T10571] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 286.345800][T10571] do_dentry_open+0x735/0x1c40 [ 286.345841][T10571] ? __pfx_chrdev_open+0x10/0x10 [ 286.345887][T10571] ? inode_permission+0xdd/0x5f0 [ 286.345922][T10571] vfs_open+0x82/0x3f0 [ 286.345949][T10571] ? may_open+0x1f2/0x400 [ 286.345987][T10571] path_openat+0x1e88/0x2d80 [ 286.346044][T10571] ? __pfx_path_openat+0x10/0x10 [ 286.346086][T10571] ? __pfx___lock_acquire+0x10/0x10 [ 286.346123][T10571] ? lock_acquire.part.0+0x11b/0x380 [ 286.346162][T10571] ? find_held_lock+0x2d/0x110 [ 286.346197][T10571] do_filp_open+0x20c/0x470 [ 286.346240][T10571] ? __pfx_do_filp_open+0x10/0x10 [ 286.346278][T10571] ? find_held_lock+0x2d/0x110 [ 286.346337][T10571] ? alloc_fd+0x41f/0x760 [ 286.346390][T10571] do_sys_openat2+0x17a/0x1e0 [ 286.346419][T10571] ? __pfx_do_sys_openat2+0x10/0x10 [ 286.346464][T10571] __x64_sys_openat+0x175/0x210 [ 286.346494][T10571] ? __pfx___x64_sys_openat+0x10/0x10 [ 286.346541][T10571] do_syscall_64+0xcd/0x250 [ 286.346586][T10571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.346626][T10571] RIP: 0033:0x7f71c6b8d169 [ 286.346649][T10571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 286.346675][T10571] RSP: 002b:00007f71c791a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 286.346703][T10571] RAX: ffffffffffffffda RBX: 00007f71c6da5fa0 RCX: 00007f71c6b8d169 [ 286.346721][T10571] RDX: 0000000000000241 RSI: 0000400000000040 RDI: ffffffffffffff9c [ 286.346739][T10571] RBP: 00007f71c6c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 286.346755][T10571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 286.346780][T10571] R13: 0000000000000000 R14: 00007f71c6da5fa0 R15: 00007ffe6a5a55b8 [ 286.346818][T10571] [ 287.856873][T10599] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1869'. [ 291.997108][T10695] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1905'. [ 292.084013][T10695] bond0: (slave bond_slave_1): Releasing backup interface [ 293.499934][T10736] ubi: mtd0 is already attached to ubi0 [ 294.516193][T10746] netlink: 'syz.3.1927': attribute type 1 has an invalid length. [ 294.544508][T10746] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1927'. [ 294.568239][T10746] netlink: 'syz.3.1927': attribute type 1 has an invalid length. [ 295.444892][T10776] ubi: mtd0 is already attached to ubi0 [ 296.643642][T10791] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1945'. [ 297.341535][T10807] ERROR: Out of memory at tomoyo_memory_ok. [ 298.832234][T10856] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1970'. [ 299.132522][T10862] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1981'. [ 300.251172][T10882] random: crng reseeded on system resumption [ 300.263762][T10882] FAULT_INJECTION: forcing a failure. [ 300.263762][T10882] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 300.294728][T10882] CPU: 0 UID: 0 PID: 10882 Comm: syz.3.1980 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 300.294787][T10882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 300.294803][T10882] Call Trace: [ 300.294811][T10882] [ 300.294823][T10882] dump_stack_lvl+0x16c/0x1f0 [ 300.294871][T10882] should_fail_ex+0x50a/0x650 [ 300.294898][T10882] ? __pfx___might_resched+0x10/0x10 [ 300.294945][T10882] should_fail_alloc_page+0xe7/0x130 [ 300.294976][T10882] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 300.295021][T10882] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 300.295077][T10882] ? stack_trace_save+0x95/0xd0 [ 300.295109][T10882] ? __pfx_stack_trace_save+0x10/0x10 [ 300.295138][T10882] ? hlock_class+0x4e/0x130 [ 300.295168][T10882] ? stack_depot_save_flags+0x28/0x9c0 [ 300.295197][T10882] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 300.295246][T10882] ? kasan_save_stack+0x42/0x60 [ 300.295285][T10882] ? kasan_save_stack+0x33/0x60 [ 300.295323][T10882] ? kasan_save_track+0x14/0x30 [ 300.295366][T10882] ? vfs_open+0x82/0x3f0 [ 300.295391][T10882] ? path_openat+0x1e88/0x2d80 [ 300.295429][T10882] ? do_filp_open+0x20c/0x470 [ 300.295467][T10882] ? do_sys_openat2+0x17a/0x1e0 [ 300.295492][T10882] ? __x64_sys_openat+0x175/0x210 [ 300.295520][T10882] ? do_syscall_64+0xcd/0x250 [ 300.295559][T10882] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.295611][T10882] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 300.295653][T10882] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 300.295699][T10882] ? policy_nodemask+0xea/0x4e0 [ 300.295731][T10882] alloc_pages_mpol+0x1fc/0x540 [ 300.295761][T10882] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 300.295800][T10882] alloc_pages_noprof+0x131/0x390 [ 300.295829][T10882] get_zeroed_page_noprof+0x14/0x50 [ 300.295861][T10882] get_image_page+0x18/0x190 [ 300.295891][T10882] alloc_rtree_node+0x3c/0xb0 [ 300.295922][T10882] memory_bm_create+0x517/0x810 [ 300.295970][T10882] create_basic_memory_bitmaps+0x111/0x680 [ 300.296012][T10882] snapshot_open+0x235/0x2b0 [ 300.296048][T10882] ? __pfx_snapshot_open+0x10/0x10 [ 300.296085][T10882] misc_open+0x35a/0x420 [ 300.296116][T10882] ? __pfx_misc_open+0x10/0x10 [ 300.296148][T10882] chrdev_open+0x237/0x6a0 [ 300.296186][T10882] ? __pfx_apparmor_file_open+0x10/0x10 [ 300.296219][T10882] ? __pfx_chrdev_open+0x10/0x10 [ 300.296264][T10882] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 300.296312][T10882] do_dentry_open+0x735/0x1c40 [ 300.296351][T10882] ? __pfx_chrdev_open+0x10/0x10 [ 300.296395][T10882] ? inode_permission+0xdd/0x5f0 [ 300.296430][T10882] vfs_open+0x82/0x3f0 [ 300.296456][T10882] ? may_open+0x1f2/0x400 [ 300.296492][T10882] path_openat+0x1e88/0x2d80 [ 300.296545][T10882] ? __pfx_path_openat+0x10/0x10 [ 300.296593][T10882] ? __pfx___lock_acquire+0x10/0x10 [ 300.296626][T10882] ? lock_acquire.part.0+0x11b/0x380 [ 300.296663][T10882] ? find_held_lock+0x2d/0x110 [ 300.296699][T10882] do_filp_open+0x20c/0x470 [ 300.296741][T10882] ? __pfx_do_filp_open+0x10/0x10 [ 300.296780][T10882] ? find_held_lock+0x2d/0x110 [ 300.296839][T10882] ? alloc_fd+0x41f/0x760 [ 300.296891][T10882] do_sys_openat2+0x17a/0x1e0 [ 300.296921][T10882] ? __pfx_do_sys_openat2+0x10/0x10 [ 300.296965][T10882] __x64_sys_openat+0x175/0x210 [ 300.296994][T10882] ? __pfx___x64_sys_openat+0x10/0x10 [ 300.297038][T10882] do_syscall_64+0xcd/0x250 [ 300.297081][T10882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.297121][T10882] RIP: 0033:0x7f71c6b8d169 [ 300.297144][T10882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 300.297171][T10882] RSP: 002b:00007f71c791a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 300.297199][T10882] RAX: ffffffffffffffda RBX: 00007f71c6da5fa0 RCX: 00007f71c6b8d169 [ 300.297218][T10882] RDX: 0000000000180b01 RSI: 0000400000000000 RDI: ffffffffffffff9c [ 300.297237][T10882] RBP: 00007f71c6c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 300.297254][T10882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 300.297271][T10882] R13: 0000000000000000 R14: 00007f71c6da5fa0 R15: 00007ffe6a5a55b8 [ 300.297310][T10882] [ 301.665745][T10923] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1992'. [ 303.444872][T10963] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2004'. [ 304.234040][T10986] FAULT_INJECTION: forcing a failure. [ 304.234040][T10986] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 304.248047][T10986] CPU: 0 UID: 0 PID: 10986 Comm: syz.0.2022 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 304.248085][T10986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 304.248101][T10986] Call Trace: [ 304.248110][T10986] [ 304.248121][T10986] dump_stack_lvl+0x16c/0x1f0 [ 304.248191][T10986] should_fail_ex+0x50a/0x650 [ 304.248217][T10986] ? __pfx___might_resched+0x10/0x10 [ 304.248268][T10986] should_fail_alloc_page+0xe7/0x130 [ 304.248297][T10986] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 304.248342][T10986] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 304.248390][T10986] ? mark_lock+0xb5/0xc60 [ 304.248437][T10986] ? hlock_class+0x4e/0x130 [ 304.248466][T10986] ? __lock_acquire+0xcc5/0x3c40 [ 304.248506][T10986] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 304.248576][T10986] ? __pfx___lock_acquire+0x10/0x10 [ 304.248625][T10986] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 304.248674][T10986] ? policy_nodemask+0xea/0x4e0 [ 304.248705][T10986] alloc_pages_mpol+0x1fc/0x540 [ 304.248734][T10986] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 304.248765][T10986] ? xas_load+0x49/0x5b0 [ 304.248804][T10986] ? filemap_get_entry+0xd0/0x3c0 [ 304.248848][T10986] folio_alloc_noprof+0x20/0x2d0 [ 304.248881][T10986] filemap_alloc_folio_noprof+0x39b/0x470 [ 304.248911][T10986] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 304.248947][T10986] __filemap_get_folio+0x5e9/0xc10 [ 304.248991][T10986] ioctx_alloc+0x763/0x2010 [ 304.249032][T10986] ? __might_fault+0x13b/0x190 [ 304.249067][T10986] ? __pfx_ioctx_alloc+0x10/0x10 [ 304.249100][T10986] ? lock_acquire+0x2f/0xb0 [ 304.249140][T10986] ? __might_fault+0xe3/0x190 [ 304.249175][T10986] __x64_sys_io_setup+0xc9/0x210 [ 304.249217][T10986] do_syscall_64+0xcd/0x250 [ 304.249263][T10986] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.249300][T10986] RIP: 0033:0x7f28a358d169 [ 304.249323][T10986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 304.249351][T10986] RSP: 002b:00007f28a43ed038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 304.249379][T10986] RAX: ffffffffffffffda RBX: 00007f28a37a5fa0 RCX: 00007f28a358d169 [ 304.249398][T10986] RDX: 0000000000000000 RSI: 0000400000000580 RDI: 000000000000ff3e [ 304.249415][T10986] RBP: 00007f28a360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 304.249431][T10986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 304.249447][T10986] R13: 0000000000000000 R14: 00007f28a37a5fa0 R15: 00007fffe7092b88 [ 304.249484][T10986] [ 306.501210][T11022] FAULT_INJECTION: forcing a failure. [ 306.501210][T11022] name failslab, interval 1, probability 0, space 0, times 0 [ 306.521263][T11022] CPU: 0 UID: 0 PID: 11022 Comm: syz.1.2030 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 306.521308][T11022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 306.521326][T11022] Call Trace: [ 306.521334][T11022] [ 306.521357][T11022] dump_stack_lvl+0x16c/0x1f0 [ 306.521409][T11022] should_fail_ex+0x50a/0x650 [ 306.521437][T11022] ? fs_reclaim_acquire+0xae/0x150 [ 306.521477][T11022] ? snd_pcm_attach_substream+0x414/0xd20 [ 306.521517][T11022] should_failslab+0xc2/0x120 [ 306.521544][T11022] __kmalloc_cache_noprof+0x68/0x410 [ 306.521581][T11022] ? snd_ctl_get_preferred_subdevice+0x16b/0x1e0 [ 306.521626][T11022] snd_pcm_attach_substream+0x414/0xd20 [ 306.521678][T11022] snd_pcm_open_substream+0x8e/0x17c0 [ 306.521723][T11022] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 306.521778][T11022] snd_pcm_oss_open+0x754/0x1400 [ 306.521827][T11022] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 306.521866][T11022] ? __pfx_default_wake_function+0x10/0x10 [ 306.521909][T11022] ? find_held_lock+0x2d/0x110 [ 306.521947][T11022] ? __pfx_lock_release+0x10/0x10 [ 306.521987][T11022] ? do_raw_spin_lock+0x12d/0x2c0 [ 306.522017][T11022] ? lock_acquire+0x2f/0xb0 [ 306.522053][T11022] ? soundcore_open+0x8e/0x580 [ 306.522083][T11022] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 306.522118][T11022] soundcore_open+0x409/0x580 [ 306.522150][T11022] ? __pfx_soundcore_open+0x10/0x10 [ 306.522179][T11022] chrdev_open+0x237/0x6a0 [ 306.522221][T11022] ? __pfx_apparmor_file_open+0x10/0x10 [ 306.522258][T11022] ? __pfx_chrdev_open+0x10/0x10 [ 306.522304][T11022] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 306.522359][T11022] do_dentry_open+0x735/0x1c40 [ 306.522400][T11022] ? __pfx_chrdev_open+0x10/0x10 [ 306.522445][T11022] ? inode_permission+0xdd/0x5f0 [ 306.522480][T11022] vfs_open+0x82/0x3f0 [ 306.522506][T11022] ? may_open+0x1f2/0x400 [ 306.522542][T11022] path_openat+0x1e88/0x2d80 [ 306.522595][T11022] ? __pfx_path_openat+0x10/0x10 [ 306.522634][T11022] ? __pfx___lock_acquire+0x10/0x10 [ 306.522678][T11022] ? lock_acquire.part.0+0x11b/0x380 [ 306.522716][T11022] ? find_held_lock+0x2d/0x110 [ 306.522749][T11022] do_filp_open+0x20c/0x470 [ 306.522789][T11022] ? __pfx_do_filp_open+0x10/0x10 [ 306.522828][T11022] ? find_held_lock+0x2d/0x110 [ 306.522888][T11022] ? alloc_fd+0x41f/0x760 [ 306.522941][T11022] do_sys_openat2+0x17a/0x1e0 [ 306.522972][T11022] ? __pfx_do_sys_openat2+0x10/0x10 [ 306.523019][T11022] __x64_sys_openat+0x175/0x210 [ 306.523052][T11022] ? __pfx___x64_sys_openat+0x10/0x10 [ 306.523101][T11022] do_syscall_64+0xcd/0x250 [ 306.523146][T11022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.523187][T11022] RIP: 0033:0x7f5d5cf8d169 [ 306.523211][T11022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 306.523238][T11022] RSP: 002b:00007f5d5dd1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 306.523266][T11022] RAX: ffffffffffffffda RBX: 00007f5d5d1a5fa0 RCX: 00007f5d5cf8d169 [ 306.523285][T11022] RDX: 0000000000080002 RSI: 00004000000000c0 RDI: ffffffffffffff9c [ 306.523302][T11022] RBP: 00007f5d5d00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 306.523319][T11022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 306.523336][T11022] R13: 0000000000000000 R14: 00007f5d5d1a5fa0 R15: 00007ffd37edcb48 [ 306.523381][T11022] [ 307.154048][T11033] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2041'. [ 307.181370][T11033] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2041'. [ 307.789067][T11040] sctp: [Deprecated]: syz.3.2035 (pid 11040) Use of struct sctp_assoc_value in delayed_ack socket option. [ 307.789067][T11040] Use struct sctp_sack_info instead [ 308.943170][T11077] netlink: 2 bytes leftover after parsing attributes in process `syz.1.2052'. [ 309.712911][T11100] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2062'. [ 310.847029][T11125] sd 0:0:1:0: device reset [ 311.453989][T11141] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2078'. [ 311.969681][T11149] zswap: compressor not available [ 313.984010][T11197] sd 0:0:1:0: device reset [ 314.789594][T11226] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2106'. [ 317.120062][ T1295] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.126696][ T1295] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.997849][T11318] netlink: 206 bytes leftover after parsing attributes in process `syz.3.2142'. [ 319.180883][T11321] FAULT_INJECTION: forcing a failure. [ 319.180883][T11321] name failslab, interval 1, probability 0, space 0, times 0 [ 319.235005][T11321] CPU: 0 UID: 0 PID: 11321 Comm: syz.2.2144 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 319.235057][T11321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 319.235073][T11321] Call Trace: [ 319.235081][T11321] [ 319.235092][T11321] dump_stack_lvl+0x16c/0x1f0 [ 319.235137][T11321] should_fail_ex+0x50a/0x650 [ 319.235164][T11321] ? fs_reclaim_acquire+0xae/0x150 [ 319.235198][T11321] ? security_inode_init_security+0x140/0x390 [ 319.235240][T11321] should_failslab+0xc2/0x120 [ 319.235265][T11321] __kmalloc_noprof+0xcb/0x510 [ 319.235312][T11321] security_inode_init_security+0x140/0x390 [ 319.235364][T11321] ? __pfx_shmem_initxattrs+0x10/0x10 [ 319.235403][T11321] ? __pfx_security_inode_init_security+0x10/0x10 [ 319.235451][T11321] ? shmem_get_inode+0x73a/0xf00 [ 319.235502][T11321] shmem_mknod+0x22e/0x450 [ 319.235551][T11321] shmem_mkdir+0x31/0x60 [ 319.235596][T11321] vfs_mkdir+0x57d/0x860 [ 319.235636][T11321] do_mkdirat+0x301/0x3a0 [ 319.235682][T11321] ? __pfx_do_mkdirat+0x10/0x10 [ 319.235729][T11321] ? getname_flags.part.0+0x1c5/0x550 [ 319.235767][T11321] __x64_sys_mkdir+0xef/0x140 [ 319.235812][T11321] do_syscall_64+0xcd/0x250 [ 319.235857][T11321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.235896][T11321] RIP: 0033:0x7f9660f8d169 [ 319.235921][T11321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.235947][T11321] RSP: 002b:00007f9661e4b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 319.235975][T11321] RAX: ffffffffffffffda RBX: 00007f96611a5fa0 RCX: 00007f9660f8d169 [ 319.235993][T11321] RDX: 0000000000000000 RSI: 0000000000008001 RDI: 0000000000000000 [ 319.236010][T11321] RBP: 00007f966100e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 319.236026][T11321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.236042][T11321] R13: 0000000000000000 R14: 00007f96611a5fa0 R15: 00007fffb45a9a18 [ 319.236081][T11321] [ 319.616040][T11330] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2148'. [ 319.650784][T11334] netlink: 'syz.0.2157': attribute type 35 has an invalid length. [ 320.024223][T11344] netlink: 'syz.1.2154': attribute type 3 has an invalid length. [ 320.240535][T11352] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2156'. [ 320.829010][T11369] netlink: 'syz.0.2163': attribute type 10 has an invalid length. [ 321.341581][T11384] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2170'. [ 322.061329][T11405] netlink: 'syz.1.2179': attribute type 4 has an invalid length. [ 323.641101][T11434] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2191'. [ 324.118214][T11443] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2194'. [ 325.274053][T11486] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2205'. [ 330.413948][T11590] FAULT_INJECTION: forcing a failure. [ 330.413948][T11590] name failslab, interval 1, probability 0, space 0, times 0 [ 330.435381][T11590] CPU: 0 UID: 0 PID: 11590 Comm: syz.1.2242 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 330.435423][T11590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 330.435440][T11590] Call Trace: [ 330.435448][T11590] [ 330.435459][T11590] dump_stack_lvl+0x16c/0x1f0 [ 330.435505][T11590] should_fail_ex+0x50a/0x650 [ 330.435531][T11590] ? fs_reclaim_acquire+0xae/0x150 [ 330.435569][T11590] should_failslab+0xc2/0x120 [ 330.435596][T11590] kmem_cache_alloc_node_noprof+0x72/0x3c0 [ 330.435633][T11590] ? __alloc_skb+0x2b1/0x380 [ 330.435680][T11590] __alloc_skb+0x2b1/0x380 [ 330.435718][T11590] ? __pfx___alloc_skb+0x10/0x10 [ 330.435760][T11590] ? __pfx___register_sysctl_table+0x10/0x10 [ 330.435799][T11590] ? is_module_address+0x2a/0x50 [ 330.435840][T11590] mpls_netconf_notify_devconf+0x4a/0x110 [ 330.435878][T11590] mpls_dev_sysctl_register+0x1ca/0x2a0 [ 330.435909][T11590] ? pcpu_alloc_noprof+0x126/0x1680 [ 330.435938][T11590] ? __pfx_mpls_dev_sysctl_register+0x10/0x10 [ 330.436003][T11590] mpls_dev_notify+0x4ac/0xa20 [ 330.436044][T11590] notifier_call_chain+0xb7/0x410 [ 330.436073][T11590] ? __pfx_mpls_dev_notify+0x10/0x10 [ 330.436112][T11590] call_netdevice_notifiers_info+0xbe/0x140 [ 330.436146][T11590] register_netdevice+0x17c2/0x1eb0 [ 330.436181][T11590] ? __pfx_register_netdevice+0x10/0x10 [ 330.436217][T11590] __ip_tunnel_create+0x4aa/0x690 [ 330.436251][T11590] ? __pfx___ip_tunnel_create+0x10/0x10 [ 330.436297][T11590] ip_tunnel_init_net+0x22a/0x790 [ 330.436340][T11590] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 330.436386][T11590] ? __kmalloc_noprof+0x23b/0x510 [ 330.436427][T11590] ? __pfx_ipgre_init_net+0x10/0x10 [ 330.436457][T11590] ops_init+0x1df/0x5f0 [ 330.436485][T11590] setup_net+0x21f/0x860 [ 330.436514][T11590] ? __pfx_setup_net+0x10/0x10 [ 330.436537][T11590] ? down_read_killable+0xcc/0x380 [ 330.436574][T11590] ? __pfx_down_read_killable+0x10/0x10 [ 330.436615][T11590] ? __raw_spin_lock_init+0x3a/0x110 [ 330.436642][T11590] ? debug_mutex_init+0x37/0x70 [ 330.436674][T11590] copy_net_ns+0x2a6/0x5f0 [ 330.436706][T11590] create_new_namespaces+0x3ea/0xad0 [ 330.436757][T11590] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 330.436803][T11590] ksys_unshare+0x45d/0xa40 [ 330.436831][T11590] ? __pfx_ksys_unshare+0x10/0x10 [ 330.436856][T11590] ? xfd_validate_state+0x5d/0x180 [ 330.436905][T11590] __x64_sys_unshare+0x31/0x40 [ 330.436933][T11590] do_syscall_64+0xcd/0x250 [ 330.436974][T11590] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.437022][T11590] RIP: 0033:0x7f5d5cf8d169 [ 330.437045][T11590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.437071][T11590] RSP: 002b:00007f5d5dd1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 330.437097][T11590] RAX: ffffffffffffffda RBX: 00007f5d5d1a5fa0 RCX: 00007f5d5cf8d169 [ 330.437114][T11590] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 330.437129][T11590] RBP: 00007f5d5d00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 330.437145][T11590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.437162][T11590] R13: 0000000000000000 R14: 00007f5d5d1a5fa0 R15: 00007ffd37edcb48 [ 330.437199][T11590] [ 330.829720][T11587] Process accounting resumed [ 331.079631][T11602] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2247'. [ 331.520762][T11618] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2254'. [ 331.561445][T11618] vxcan1: entered promiscuous mode [ 331.728495][T11624] ubi: mtd0 is already attached to ubi0 [ 332.031484][T11626] random: crng reseeded on system resumption [ 332.047547][T11626] FAULT_INJECTION: forcing a failure. [ 332.047547][T11626] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 332.066641][T11626] CPU: 1 UID: 0 PID: 11626 Comm: syz.1.2256 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 332.066681][T11626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 332.066697][T11626] Call Trace: [ 332.066707][T11626] [ 332.066717][T11626] dump_stack_lvl+0x16c/0x1f0 [ 332.066766][T11626] should_fail_ex+0x50a/0x650 [ 332.066793][T11626] ? __pfx___might_resched+0x10/0x10 [ 332.066844][T11626] should_fail_alloc_page+0xe7/0x130 [ 332.066875][T11626] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 332.066922][T11626] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 332.066978][T11626] ? stack_trace_save+0x95/0xd0 [ 332.067009][T11626] ? __pfx_stack_trace_save+0x10/0x10 [ 332.067039][T11626] ? hlock_class+0x4e/0x130 [ 332.067068][T11626] ? stack_depot_save_flags+0x28/0x9c0 [ 332.067099][T11626] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 332.067150][T11626] ? kasan_save_stack+0x42/0x60 [ 332.067190][T11626] ? kasan_save_stack+0x33/0x60 [ 332.067229][T11626] ? kasan_save_track+0x14/0x30 [ 332.067284][T11626] ? vfs_open+0x82/0x3f0 [ 332.067310][T11626] ? path_openat+0x1e88/0x2d80 [ 332.067348][T11626] ? do_filp_open+0x20c/0x470 [ 332.067386][T11626] ? do_sys_openat2+0x17a/0x1e0 [ 332.067413][T11626] ? __x64_sys_openat+0x175/0x210 [ 332.067442][T11626] ? do_syscall_64+0xcd/0x250 [ 332.067481][T11626] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.067524][T11626] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 332.067568][T11626] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 332.067615][T11626] ? policy_nodemask+0xea/0x4e0 [ 332.067652][T11626] alloc_pages_mpol+0x1fc/0x540 [ 332.067682][T11626] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 332.067722][T11626] alloc_pages_noprof+0x131/0x390 [ 332.067768][T11626] get_zeroed_page_noprof+0x14/0x50 [ 332.067801][T11626] get_image_page+0x18/0x190 [ 332.067832][T11626] alloc_rtree_node+0x3c/0xb0 [ 332.067863][T11626] memory_bm_create+0x517/0x810 [ 332.067911][T11626] create_basic_memory_bitmaps+0x111/0x680 [ 332.067954][T11626] snapshot_open+0x235/0x2b0 [ 332.067988][T11626] ? __pfx_snapshot_open+0x10/0x10 [ 332.068026][T11626] misc_open+0x35a/0x420 [ 332.068057][T11626] ? __pfx_misc_open+0x10/0x10 [ 332.068086][T11626] chrdev_open+0x237/0x6a0 [ 332.068128][T11626] ? __pfx_apparmor_file_open+0x10/0x10 [ 332.068165][T11626] ? __pfx_chrdev_open+0x10/0x10 [ 332.068213][T11626] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 332.068269][T11626] do_dentry_open+0x735/0x1c40 [ 332.068310][T11626] ? __pfx_chrdev_open+0x10/0x10 [ 332.068357][T11626] ? inode_permission+0xdd/0x5f0 [ 332.068393][T11626] vfs_open+0x82/0x3f0 [ 332.068420][T11626] ? may_open+0x1f2/0x400 [ 332.068457][T11626] path_openat+0x1e88/0x2d80 [ 332.068516][T11626] ? __pfx_path_openat+0x10/0x10 [ 332.068560][T11626] ? __pfx___lock_acquire+0x10/0x10 [ 332.068597][T11626] ? lock_acquire.part.0+0x11b/0x380 [ 332.068637][T11626] ? find_held_lock+0x2d/0x110 [ 332.068672][T11626] do_filp_open+0x20c/0x470 [ 332.068715][T11626] ? __pfx_do_filp_open+0x10/0x10 [ 332.068754][T11626] ? find_held_lock+0x2d/0x110 [ 332.068814][T11626] ? alloc_fd+0x41f/0x760 [ 332.068867][T11626] do_sys_openat2+0x17a/0x1e0 [ 332.068897][T11626] ? __pfx_do_sys_openat2+0x10/0x10 [ 332.068944][T11626] __x64_sys_openat+0x175/0x210 [ 332.068975][T11626] ? __pfx___x64_sys_openat+0x10/0x10 [ 332.069023][T11626] do_syscall_64+0xcd/0x250 [ 332.069068][T11626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.069107][T11626] RIP: 0033:0x7f5d5cf8d169 [ 332.069131][T11626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.069158][T11626] RSP: 002b:00007f5d5dd1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 332.069186][T11626] RAX: ffffffffffffffda RBX: 00007f5d5d1a5fa0 RCX: 00007f5d5cf8d169 [ 332.069205][T11626] RDX: 0000000000180b01 RSI: 0000400000000000 RDI: ffffffffffffff9c [ 332.069223][T11626] RBP: 00007f5d5d00e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 332.069247][T11626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 332.069264][T11626] R13: 0000000000000000 R14: 00007f5d5d1a5fa0 R15: 00007ffd37edcb48 [ 332.069303][T11626] [ 333.256588][T11641] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2265'. [ 333.287733][T11641] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2265'. [ 335.338005][T11675] netlink: 'syz.1.2277': attribute type 13 has an invalid length. [ 336.145958][T11684] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2281'. [ 337.289193][T11716] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2296'. [ 337.493746][T11718] program syz.1.2297 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 337.613934][T11726] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 337.720210][T11730] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2302'. [ 340.737859][T11799] netlink: 2 bytes leftover after parsing attributes in process `syz.2.2331'. [ 340.807579][T11801] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2333'. [ 341.438388][T11816] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2338'. [ 342.982611][T11854] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2359'. [ 343.798526][T11876] ERROR: Out of memory at tomoyo_memory_ok. [ 345.957919][ T5850] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 345.969133][ T5850] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 345.978178][ T5850] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 345.987228][ T5850] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 345.997329][ T5850] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 346.007180][ T5850] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 346.370901][T11914] chnl_net:caif_netlink_parms(): no params data found [ 346.473663][T11924] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2379'. [ 346.506683][T11924] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2379'. [ 346.724530][T11914] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.751276][T11914] bridge0: port 1(bridge_slave_0) entered disabled state [ 346.764217][T11914] bridge_slave_0: entered allmulticast mode [ 346.775176][T11930] FAULT_INJECTION: forcing a failure. [ 346.775176][T11930] name failslab, interval 1, probability 0, space 0, times 0 [ 346.803211][T11914] bridge_slave_0: entered promiscuous mode [ 346.821452][T11930] CPU: 1 UID: 0 PID: 11930 Comm: syz.0.2380 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 346.821490][T11930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 346.821506][T11930] Call Trace: [ 346.821515][T11930] [ 346.821526][T11930] dump_stack_lvl+0x16c/0x1f0 [ 346.821574][T11930] should_fail_ex+0x50a/0x650 [ 346.821601][T11930] ? fs_reclaim_acquire+0xae/0x150 [ 346.821642][T11930] should_failslab+0xc2/0x120 [ 346.821669][T11930] kmem_cache_alloc_noprof+0x6e/0x3d0 [ 346.821714][T11930] ? __mpol_dup+0x75/0x380 [ 346.821750][T11930] __mpol_dup+0x75/0x380 [ 346.821781][T11930] ? __pfx___mpol_dup+0x10/0x10 [ 346.821808][T11930] ? mas_walk+0x6a6/0x910 [ 346.821850][T11930] mbind_range+0x2bc/0x530 [ 346.821887][T11930] do_mbind+0x818/0xed0 [ 346.821928][T11930] ? __pfx_do_mbind+0x10/0x10 [ 346.821983][T11930] ? __pfx_get_nodes+0x10/0x10 [ 346.822045][T11930] kernel_mbind+0x1e8/0x200 [ 346.822081][T11930] ? __pfx_kernel_mbind+0x10/0x10 [ 346.822124][T11930] do_syscall_64+0xcd/0x250 [ 346.822163][T11930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.822201][T11930] RIP: 0033:0x7f28a358d169 [ 346.822224][T11930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.822250][T11930] RSP: 002b:00007f28a43ed038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 346.822277][T11930] RAX: ffffffffffffffda RBX: 00007f28a37a5fa0 RCX: 00007f28a358d169 [ 346.822296][T11930] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000002000 [ 346.822312][T11930] RBP: 00007f28a360e2a0 R08: 0000000000000006 R09: 0000000000000002 [ 346.822328][T11930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 346.822344][T11930] R13: 0000000000000000 R14: 00007f28a37a5fa0 R15: 00007fffe7092b88 [ 346.822378][T11930] [ 347.029978][T11914] bridge0: port 2(bridge_slave_1) entered blocking state [ 347.037349][T11914] bridge0: port 2(bridge_slave_1) entered disabled state [ 347.044636][T11914] bridge_slave_1: entered allmulticast mode [ 347.051816][T11914] bridge_slave_1: entered promiscuous mode [ 347.327214][T11914] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 347.347794][T11914] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 347.459520][T11914] team0: Port device team_slave_0 added [ 347.474161][T11914] team0: Port device team_slave_1 added [ 347.558773][T11914] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 347.595741][T11914] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 347.623483][T11938] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 347.633677][T11914] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 347.636013][T11914] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 347.659030][T11914] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 347.764705][T11914] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 347.949672][T11914] hsr_slave_0: entered promiscuous mode [ 348.012013][T11914] hsr_slave_1: entered promiscuous mode [ 348.022213][T11914] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 348.030761][T11914] Cannot create hsr debugfs directory [ 348.075277][ T5850] Bluetooth: hci4: command tx timeout [ 348.294432][T11914] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.409704][T11914] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 348.627238][T11966] ================================================================== [ 348.635381][T11966] BUG: KASAN: slab-use-after-free in force_devcd_write+0x317/0x330 [ 348.643325][T11966] Read of size 8 at addr ffff88803585f800 by task syz.0.2394/11966 [ 348.651230][T11966] [ 348.653569][T11966] CPU: 1 UID: 0 PID: 11966 Comm: syz.0.2394 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 348.653594][T11966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 348.653608][T11966] Call Trace: [ 348.653615][T11966] [ 348.653623][T11966] dump_stack_lvl+0x116/0x1f0 [ 348.653659][T11966] print_report+0xc3/0x670 [ 348.653678][T11966] ? __virt_addr_valid+0x5e/0x590 [ 348.653701][T11966] ? __phys_addr+0xc6/0x150 [ 348.653724][T11966] kasan_report+0xd9/0x110 [ 348.653744][T11966] ? force_devcd_write+0x317/0x330 [ 348.653775][T11966] ? force_devcd_write+0x317/0x330 [ 348.653808][T11966] force_devcd_write+0x317/0x330 [ 348.653838][T11966] ? __pfx_force_devcd_write+0x10/0x10 [ 348.653867][T11966] ? __debugfs_file_get+0x1ff/0x850 [ 348.653895][T11966] ? __pfx___debugfs_file_get+0x10/0x10 [ 348.653922][T11966] ? rcu_is_watching+0x12/0xc0 [ 348.653946][T11966] ? trace_lock_acquire+0x14e/0x1f0 [ 348.653979][T11966] full_proxy_write+0x13c/0x200 [ 348.654007][T11966] ? __pfx_full_proxy_write+0x10/0x10 [ 348.654034][T11966] vfs_write+0x24c/0x1150 [ 348.654063][T11966] ? __fget_files+0x1fc/0x3a0 [ 348.654093][T11966] ? __pfx___mutex_lock+0x10/0x10 [ 348.654124][T11966] ? __pfx_vfs_write+0x10/0x10 [ 348.654155][T11966] ? __fget_files+0x206/0x3a0 [ 348.654188][T11966] ksys_write+0x12b/0x250 [ 348.654215][T11966] ? __pfx_ksys_write+0x10/0x10 [ 348.654247][T11966] do_syscall_64+0xcd/0x250 [ 348.654279][T11966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.654309][T11966] RIP: 0033:0x7f28a358d169 [ 348.654326][T11966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.654346][T11966] RSP: 002b:00007f28a43ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 348.654366][T11966] RAX: ffffffffffffffda RBX: 00007f28a37a5fa0 RCX: 00007f28a358d169 [ 348.654380][T11966] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003 [ 348.654393][T11966] RBP: 00007f28a360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 348.654406][T11966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 348.654418][T11966] R13: 0000000000000000 R14: 00007f28a37a5fa0 R15: 00007fffe7092b88 [ 348.654437][T11966] [ 348.654444][T11966] [ 348.876865][T11966] Allocated by task 5837: [ 348.881202][T11966] kasan_save_stack+0x33/0x60 [ 348.885905][T11966] kasan_save_track+0x14/0x30 [ 348.890625][T11966] __kasan_kmalloc+0xaa/0xb0 [ 348.895241][T11966] vhci_open+0x4c/0x430 [ 348.899420][T11966] misc_open+0x35a/0x420 [ 348.903678][T11966] chrdev_open+0x237/0x6a0 [ 348.908204][T11966] do_dentry_open+0x735/0x1c40 [ 348.913040][T11966] vfs_open+0x82/0x3f0 [ 348.917146][T11966] path_openat+0x1e88/0x2d80 [ 348.921772][T11966] do_filp_open+0x20c/0x470 [ 348.926301][T11966] do_sys_openat2+0x17a/0x1e0 [ 348.931001][T11966] __x64_sys_openat+0x175/0x210 [ 348.935869][T11966] do_syscall_64+0xcd/0x250 [ 348.940393][T11966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.946310][T11966] [ 348.948642][T11966] Freed by task 5837: [ 348.952625][T11966] kasan_save_stack+0x33/0x60 [ 348.957411][T11966] kasan_save_track+0x14/0x30 [ 348.962112][T11966] kasan_save_free_info+0x3b/0x60 [ 348.967154][T11966] __kasan_slab_free+0x51/0x70 [ 348.971945][T11966] kfree+0x2c4/0x4d0 [ 348.975858][T11966] vhci_release+0xbb/0xf0 [ 348.980203][T11966] __fput+0x3ff/0xb70 [ 348.984198][T11966] task_work_run+0x14e/0x250 [ 348.988810][T11966] do_exit+0xad8/0x2db0 [ 348.992977][T11966] do_group_exit+0xd3/0x2a0 [ 348.997496][T11966] __x64_sys_exit_group+0x3e/0x50 [ 349.002533][T11966] x64_sys_call+0x151f/0x1720 [ 349.007221][T11966] do_syscall_64+0xcd/0x250 [ 349.011746][T11966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.017659][T11966] [ 349.019993][T11966] The buggy address belongs to the object at ffff88803585f800 [ 349.019993][T11966] which belongs to the cache kmalloc-1k of size 1024 [ 349.034056][T11966] The buggy address is located 0 bytes inside of [ 349.034056][T11966] freed 1024-byte region [ffff88803585f800, ffff88803585fc00) [ 349.047775][T11966] [ 349.050104][T11966] The buggy address belongs to the physical page: [ 349.056518][T11966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888035858000 pfn:0x35858 [ 349.066596][T11966] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 349.075104][T11966] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 349.083616][T11966] page_type: f5(slab) [ 349.087614][T11966] raw: 00fff00000000240 ffff88801b041dc0 ffffea0001493a10 ffffea0000a17e10 [ 349.096211][T11966] raw: ffff888035858000 000000000010000f 00000000f5000000 0000000000000000 [ 349.104844][T11966] head: 00fff00000000240 ffff88801b041dc0 ffffea0001493a10 ffffea0000a17e10 [ 349.113544][T11966] head: ffff888035858000 000000000010000f 00000000f5000000 0000000000000000 [ 349.122237][T11966] head: 00fff00000000003 ffffea0000d61601 ffffffffffffffff 0000000000000000 [ 349.130923][T11966] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 349.139620][T11966] page dumped because: kasan: bad access detected [ 349.146060][T11966] page_owner tracks the page as allocated [ 349.151818][T11966] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 22155674230, free_ts 0 [ 349.171551][T11966] post_alloc_hook+0x181/0x1b0 [ 349.176343][T11966] get_page_from_freelist+0xfce/0x2f80 [ 349.181821][T11966] __alloc_frozen_pages_noprof+0x221/0x2470 [ 349.187742][T11966] alloc_pages_mpol+0x1fc/0x540 [ 349.192602][T11966] new_slab+0x23d/0x330 [ 349.196780][T11966] ___slab_alloc+0xc5d/0x1720 [ 349.201475][T11966] __slab_alloc.constprop.0+0x56/0xb0 [ 349.206863][T11966] __kmalloc_node_track_caller_noprof+0x2f1/0x510 [ 349.213300][T11966] kmemdup_noprof+0x29/0x60 [ 349.217820][T11966] ima_queue_key+0x76/0x4e0 [ 349.222346][T11966] ima_post_key_create_or_update+0x9f/0x120 [ 349.228261][T11966] security_key_post_create_or_update+0x1e3/0x1f0 [ 349.234690][T11966] __key_create_or_update+0x798/0xe10 [ 349.240088][T11966] key_create_or_update+0x42/0x60 [ 349.245135][T11966] x509_load_certificate_list+0x1dd/0x280 [ 349.250872][T11966] regulatory_init_db+0x11c/0x440 [ 349.255915][T11966] page_owner free stack trace missing [ 349.261284][T11966] [ 349.263616][T11966] Memory state around the buggy address: [ 349.269250][T11966] ffff88803585f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 349.277320][T11966] ffff88803585f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 349.285397][T11966] >ffff88803585f800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 349.293464][T11966] ^ [ 349.297539][T11966] ffff88803585f880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 349.305625][T11966] ffff88803585f900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 349.313720][T11966] ================================================================== SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 349.340069][T11914] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.472061][T11914] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 349.533863][T11966] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 349.541141][T11966] CPU: 1 UID: 0 PID: 11966 Comm: syz.0.2394 Not tainted 6.14.0-rc7-syzkaller-00069-g81e4f8d68c66 #0 [ 349.552301][T11966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 349.562402][T11966] Call Trace: [ 349.565714][T11966] [ 349.568688][T11966] dump_stack_lvl+0x3d/0x1f0 [ 349.573341][T11966] panic+0x71d/0x800 [ 349.577271][T11966] ? __pfx_panic+0x10/0x10 [ 349.581705][T11966] ? preempt_schedule_thunk+0x1a/0x30 [ 349.587109][T11966] ? preempt_schedule_common+0x44/0xc0 [ 349.592594][T11966] check_panic_on_warn+0xab/0xb0 [ 349.597549][T11966] end_report+0x117/0x180 [ 349.601894][T11966] kasan_report+0xe9/0x110 [ 349.606322][T11966] ? force_devcd_write+0x317/0x330 [ 349.611457][T11966] ? force_devcd_write+0x317/0x330 [ 349.616595][T11966] force_devcd_write+0x317/0x330 [ 349.621553][T11966] ? __pfx_force_devcd_write+0x10/0x10 [ 349.627048][T11966] ? __debugfs_file_get+0x1ff/0x850 [ 349.632272][T11966] ? __pfx___debugfs_file_get+0x10/0x10 [ 349.637842][T11966] ? rcu_is_watching+0x12/0xc0 [ 349.642620][T11966] ? trace_lock_acquire+0x14e/0x1f0 [ 349.647842][T11966] full_proxy_write+0x13c/0x200 [ 349.652716][T11966] ? __pfx_full_proxy_write+0x10/0x10 [ 349.658120][T11966] vfs_write+0x24c/0x1150 [ 349.662530][T11966] ? __fget_files+0x1fc/0x3a0 [ 349.667234][T11966] ? __pfx___mutex_lock+0x10/0x10 [ 349.672302][T11966] ? __pfx_vfs_write+0x10/0x10 [ 349.677092][T11966] ? __fget_files+0x206/0x3a0 [ 349.681801][T11966] ksys_write+0x12b/0x250 [ 349.686151][T11966] ? __pfx_ksys_write+0x10/0x10 [ 349.691028][T11966] do_syscall_64+0xcd/0x250 [ 349.695557][T11966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.701472][T11966] RIP: 0033:0x7f28a358d169 [ 349.705899][T11966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.725521][T11966] RSP: 002b:00007f28a43ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 349.733950][T11966] RAX: ffffffffffffffda RBX: 00007f28a37a5fa0 RCX: 00007f28a358d169 [ 349.741934][T11966] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000003 [ 349.749914][T11966] RBP: 00007f28a360e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 349.757895][T11966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 349.765878][T11966] R13: 0000000000000000 R14: 00007f28a37a5fa0 R15: 00007fffe7092b88 [ 349.773869][T11966] [ 349.777179][T11966] Kernel Offset: disabled [ 349.781499][T11966] Rebooting in 86400 seconds..