last executing test programs:
4m55.841005837s ago: executing program 3 (id=2615):
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/nbd6/queue/iosched/prio_aging_expire\x00', 0x88282, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r0, r0, 0x0)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi2\x00', 0xa200, 0x0)
ioctl$auto(r1, 0xc0585611, r1)
4m55.530842311s ago: executing program 3 (id=2618):
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x0)
socket(0x2, 0x1, 0x84)
semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0)
setsockopt$auto(0x3, 0x1, 0x2, 0x0, 0x8)
listen$auto(0x3, 0x81)
listen$auto(0x3, 0x0)
4m55.291494421s ago: executing program 3 (id=2621):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
r0 = socket(0x15, 0x5, 0x0)
setsockopt$auto(r0, 0x114, 0x8, 0x0, 0x4)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
4m54.245883684s ago: executing program 3 (id=2624):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
mkdir$auto(0x0, 0x353)
4m53.847632608s ago: executing program 3 (id=2627):
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8000008, 0x1, 0x38a1, 0x3, 0x26, 0x940, 0x1ffde, 0x3, 0x6, 0x902c, 0x29, 0x400005, 0x3, 0x4, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0xfffffffe, 0x0, 0x0, 0x0, [0x3, 0x3, 0x200000000, 0x400000000, 0x0, 0x3903, 0x0, 0x4, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffeffffffffe, 0x4, 0x0, 0xceb, 0x0, 0xfffffffffffffffc, 0x0, 0x1, 0x96f, 0xffffffffffffffff, 0x2, 0x4001, 0x3, 0x0, 0xb548, 0x8, 0x1, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x3]}, 0xfffff7fffffffffa, 0x81)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
sendmmsg$auto(r1, 0x0, 0x40, 0x80000001)
madvise$auto(0x110c230000, 0x31ca, 0x9)
4m53.08843777s ago: executing program 3 (id=2631):
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x382, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000)
r0 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2)
syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58)
4m52.647307087s ago: executing program 32 (id=2631):
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x382, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000)
r0 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2)
syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58)
2m13.695224711s ago: executing program 4 (id=3449):
socket(0x1d, 0x2, 0x2)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
connect$auto(0x3, 0x0, 0x55)
socket(0x11, 0x3, 0x6)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
write$auto(0x3, 0x0, 0x5c8)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
write$auto(0x3, 0x0, 0x5c8)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
2m13.375485525s ago: executing program 4 (id=3450):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
mknod$auto(&(0x7f0000000300)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x1, 0x4)
lstat$auto(&(0x7f0000000200)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0x4008ae6a, 0x38)
2m12.694737612s ago: executing program 4 (id=3453):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x1)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x0, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xc018aec0, r0)
2m12.233339202s ago: executing program 4 (id=3456):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x1e, 0x1, 0x0)
socket(0x28, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2b, 0x1, 0x1)
pipe2$auto(0x0, 0x80)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x4)
2m10.893508015s ago: executing program 4 (id=3463):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
rename$auto(&(0x7f0000000480)='./file0\x00', 0x0)
2m9.92070779s ago: executing program 4 (id=3468):
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x123002, 0x0)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000440)="1800")
openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/attr/current\x00', 0x1, 0x0)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x27, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x11000000, 0x0, 0x7, 0x200000006d3c, 0x5, 0x10, 0xfffffffffffffffd]}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
1m54.817848913s ago: executing program 33 (id=3468):
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x123002, 0x0)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000440)="1800")
openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/attr/current\x00', 0x1, 0x0)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x27, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x11000000, 0x0, 0x7, 0x200000006d3c, 0x5, 0x10, 0xfffffffffffffffd]}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
8.918861047s ago: executing program 5 (id=3932):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYRES8], 0x24}, 0x1, 0x0, 0x0, 0x20040014}, 0x2600c880)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x2, 0x73)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket(0x2, 0x80002, 0x73)
bind$auto(0x3, &(0x7f0000000080), 0x6b)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0xe000)
read$auto(0x3, 0x0, 0xfdef)
8.188257977s ago: executing program 5 (id=3934):
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x10442, 0x0)
prctl$auto_PR_SET_SPECULATION_CTRL(0x35, 0xfffffffffffffffd, 0x0, 0x7ff, 0x5)
r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91)
read$auto(r1, 0x0, 0x1)
write$auto_proc_clear_refs_operations_internal(r0, 0x0, 0xffffff4b)
6.81699147s ago: executing program 1 (id=3938):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x4605, 0x0)
6.341236636s ago: executing program 1 (id=3939):
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
syz_open_procfs$namespace(0x0, 0x0)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
getdents64$auto(r2, 0x0, 0x327)
6.101875555s ago: executing program 5 (id=3942):
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
lsm_list_modules$auto(0x0, 0x0, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x201, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
4.463563973s ago: executing program 5 (id=3945):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
write$auto(0x3, 0x0, 0x100082)
r0 = creat$auto(0x0, 0x81)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vidtv.0/i2c-0/delete_device\x00', 0x1, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x6, 0x40000d, 0x0, 0x7f6c)
ioctl$auto_SNDRV_PCM_IOCTL_HWSYNC2(r0, 0x4122, 0x0)
madvise$auto(0x0, 0x330, 0x4)
write$auto(0x3, 0x0, 0x100082)
4.267313939s ago: executing program 1 (id=3946):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0x16, 0x4, 0x80000001, 0x8}, 0x6f4)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
4.229901877s ago: executing program 2 (id=3947):
socket(0x2, 0x80002, 0x73)
bind$auto(0x3, &(0x7f0000000080), 0x6b)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x7fffffff, 0x5)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x18, 0x5, 0x0)
socket(0xa, 0x2, 0x73)
socket(0x2, 0x80002, 0x73)
bind$auto(0x3, &(0x7f0000000080), 0x6b)
close_range$auto(0x2, 0x8, 0x0)
3.941719998s ago: executing program 2 (id=3957):
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x2, 0x6, 0x0)
unshare$auto(0x40000080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="810b25bd7080fbdbdf2501"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
ioctl$auto_USBDEVFS_DISCSIGNAL(r2, 0x8010550e, 0x0)
recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0)
3.586492573s ago: executing program 0 (id=3950):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x6, 0x0, 0x0, 0x9)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_proc_sessionid_operations_base(0xffffffffffffff9c, 0x0, 0x0, 0x0)
preadv$auto(0x40000000000003, 0x0, 0x6, 0x8, 0x5)
r0 = socket(0x2, 0x1, 0x0)
getsockopt$auto(r0, 0x0, 0x63, 0x0, &(0x7f00000000c0)=0x1e)
3.58245551s ago: executing program 1 (id=3959):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x80600, 0x0)
arch_prctl$auto(0x1021, 0x3)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
msgrcv$auto(0x0, 0x0, 0xff9, 0xfffffffffffffffc, 0xb4)
msgget$auto(0x4, 0x3)
3.113637084s ago: executing program 2 (id=3951):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x24000000}, 0x4000000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r1, 0x0, 0x1f40)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
2.075257766s ago: executing program 0 (id=3952):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
socket(0x11, 0x80003, 0x300)
socket(0x29, 0x5, 0x0)
open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/workqueue/nvme-reset-wq/cpumask\x00', 0x8802, 0x0)
write$auto(0x3, 0x0, 0xfdef)
r0 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91)
read$auto(r0, 0x0, 0x1)
write$auto(0x3, 0x0, 0xfdef)
2.026435718s ago: executing program 2 (id=3962):
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
io_uring_setup$auto(0x0, &(0x7f0000000140)={0x4, 0x2, 0x6, 0x6, 0x5, 0xef, 0xffffffffffffffff, [0x3, 0x10000, 0x101], {0x7ff, 0x3, 0xc, 0x6, 0x0, 0x0, 0xfc2, 0x6}, {0x7, 0x5, 0x6, 0x8b83, 0xc, 0x8000, 0x9, 0xc4e, 0x7}})
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
1.95060839s ago: executing program 5 (id=3963):
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/card1/pcm0c/sub3/xrun_injection\x00', 0x100, 0x0)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
read$auto(0x3, 0x0, 0x1f40)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r0, &(0x7f00000000c0)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x6, 0x0)
1.417571528s ago: executing program 1 (id=3953):
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x10442, 0x0)
prctl$auto_PR_SET_SPECULATION_CTRL(0x35, 0xfffffffffffffffd, 0x0, 0x7ff, 0x5)
r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91)
read$auto(r1, 0x0, 0x1)
write$auto_proc_clear_refs_operations_internal(r0, 0x0, 0xffffff4b)
1.315764292s ago: executing program 2 (id=3965):
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x2, 0x6, 0x0)
unshare$auto(0x40000080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="810b25bd7080fbdbdf2501"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
ioctl$auto_USBDEVFS_DISCSIGNAL(r2, 0x8010550e, 0x0)
recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0)
1.314087728s ago: executing program 0 (id=3954):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x84)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x54)
listen$auto(0x3, 0x81)
accept$auto(0x3, 0x0, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x29, 0x17000000, 0x0, 0x0, 0x0)
1.138696899s ago: executing program 1 (id=3955):
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
lsm_list_modules$auto(0x0, 0x0, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x201, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
871.14267ms ago: executing program 0 (id=3956):
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
syz_open_procfs$namespace(0x0, 0x0)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
getdents64$auto(r2, 0x0, 0x327)
217.888965ms ago: executing program 0 (id=3958):
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec30\x00', 0x80b01, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
socketpair$auto(0xfffffffa, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$auto(0x3, 0x80106f53, r0)
215.895222ms ago: executing program 2 (id=3960):
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r0 = socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
poll$auto(&(0x7f0000000480)={r0, 0x8000, 0xff81}, 0x7, 0x54b)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0x15, 0x5, 0x0)
getsockopt$auto(r1, 0x114, 0x271c, 0xfffffffffffffffc, 0x0)
write$auto(0x3, 0x0, 0xfdef)
86.817413ms ago: executing program 5 (id=3961):
r0 = pidfd_open$auto(0x1, 0x0)
waitid$auto_P_PIDFD(0x3, r0, 0x0, 0xc, 0x0)
mmap$auto(0xffffffffffffffff, 0x5, 0x20000000000df, 0x9b72, r0, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000000), r1)
r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r3, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
write$auto_mousedev_fops_mousedev(r2, &(0x7f00000000c0)="13", 0x1)
0s ago: executing program 0 (id=3964):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$auto(0x3, 0x40106f52, r0)
kernel console output (not intermixed with test programs):
90080 free_pcp:16624 free_cma:0
[ 558.699732][T13890] Node 0 active_anon:119452kB inactive_anon:4kB active_file:43300kB inactive_file:196324kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:107304kB dirty:1896kB writeback:0kB shmem:88028kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10352kB pagetables:3564kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 558.735171][T13890] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 558.768427][T13890] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 558.795808][T13890] lowmem_reserve[]: 0 2482 2483 2483 2483
[ 558.801646][T13890] Node 0 DMA32 free:1306640kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB active_anon:119404kB inactive_anon:4kB active_file:43300kB inactive_file:194760kB unevictable:1536kB writepending:1896kB present:3129332kB managed:2541688kB mlocked:0kB bounce:0kB free_pcp:1020kB local_pcp:1020kB free_cma:0kB
[ 558.833844][T13890] lowmem_reserve[]: 0 0 1 1 1
[ 558.838619][T13890] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1564kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[ 558.867228][T13890] lowmem_reserve[]: 0 0 0 0 0
[ 558.872024][T13890] Node 1 Normal free:3837832kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:65876kB local_pcp:65876kB free_cma:0kB
[ 558.901551][T13890] lowmem_reserve[]: 0 0 0 0 0
[ 558.906290][T13890] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 558.920507][T13890] Node 0 DMA32: 2*4kB (UE) 91*8kB (UME) 177*16kB (UME) 874*32kB (UME) 453*64kB (UME) 295*128kB (UME) 246*256kB (UME) 173*512kB (UM) 112*1024kB (UME) 40*2048kB (UME) 210*4096kB (UM) = 1306608kB
[ 558.941320][T13890] Node 0 Normal: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB
[ 558.953792][T13890] Node 1 Normal: 190*4kB (UME) 36*8kB (UME) 51*16kB (UME) 218*32kB (UME) 96*64kB (UME) 28*128kB (UME) 9*256kB (UM) 13*512kB (UME) 7*1024kB (UME) 5*2048kB (UME) 926*4096kB (M) = 3837832kB
[ 558.972483][T13890] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 558.982085][T13890] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 558.991464][T13890] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 559.001140][T13890] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 559.010548][T13890] 82316 total pagecache pages
[ 559.017808][T13890] 1 pages in swap cache
[ 559.022652][T13890] Free swap = 124992kB
[ 559.026830][T13890] Total swap = 124996kB
[ 559.031040][T13890] 2097051 pages RAM
[ 559.035087][T13890] 0 pages HighMem/MovableOnly
[ 559.039766][T13890] 429587 pages reserved
[ 559.045449][T13890] 0 pages cma reserved
[ 559.126975][T13906] netlink: 'syz.0.3037': attribute type 5 has an invalid length.
[ 559.145157][T13906] netlink: 314 bytes leftover after parsing attributes in process `syz.0.3037'.
[ 561.350257][T13937] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3041'.
[ 561.701817][T13941] sp0: Synchronizing with TNC
[ 563.438412][T13965] FAULT_INJECTION: forcing a failure.
[ 563.438412][T13965] name failslab, interval 1, probability 0, space 0, times 0
[ 563.498326][T13965] CPU: 1 UID: 0 PID: 13965 Comm: syz.0.3051 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 563.498360][T13965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 563.498376][T13965] Call Trace:
[ 563.498384][T13965]
[ 563.498392][T13965] dump_stack_lvl+0x16c/0x1f0
[ 563.498463][T13965] should_fail_ex+0x512/0x640
[ 563.498491][T13965] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 563.498544][T13965] should_failslab+0xc2/0x120
[ 563.498567][T13965] kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 563.498603][T13965] ? shmem_alloc_inode+0x25/0x50
[ 563.498635][T13965] ? __pfx_shmem_alloc_inode+0x10/0x10
[ 563.498659][T13965] shmem_alloc_inode+0x25/0x50
[ 563.498685][T13965] alloc_inode+0x61/0x240
[ 563.498711][T13965] new_inode+0x22/0x1c0
[ 563.498734][T13965] ? alloc_fd+0x471/0x7d0
[ 563.498767][T13965] shmem_get_inode+0x19a/0xfb0
[ 563.498803][T13965] __shmem_file_setup+0x16f/0x300
[ 563.498839][T13965] __do_sys_memfd_create+0x267/0x8a0
[ 563.498866][T13965] do_syscall_64+0xcd/0x260
[ 563.498902][T13965] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 563.498926][T13965] RIP: 0033:0x7f584818d169
[ 563.498944][T13965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 563.498965][T13965] RSP: 002b:00007f5848f45038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 563.498986][T13965] RAX: ffffffffffffffda RBX: 00007f58483a5fa0 RCX: 00007f584818d169
[ 563.499002][T13965] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 563.499015][T13965] RBP: 00007f584820e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 563.499028][T13965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 563.499042][T13965] R13: 0000000000000000 R14: 00007f58483a5fa0 R15: 00007ffc5d606098
[ 563.499069][T13965]
[ 565.287284][T13976] sp0: Synchronizing with TNC
[ 565.592706][T13982] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3058'.
[ 565.710164][T13987] netlink: 354 bytes leftover after parsing attributes in process `syz.2.3058'.
[ 566.779308][T14005] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3067'.
[ 566.827698][T14007] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3066'.
[ 567.072612][T14009] FAULT_INJECTION: forcing a failure.
[ 567.072612][T14009] name failslab, interval 1, probability 0, space 0, times 0
[ 567.147639][T14009] CPU: 1 UID: 0 PID: 14009 Comm: syz.1.3069 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 567.147673][T14009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 567.147687][T14009] Call Trace:
[ 567.147695][T14009]
[ 567.147704][T14009] dump_stack_lvl+0x16c/0x1f0
[ 567.147744][T14009] should_fail_ex+0x512/0x640
[ 567.147772][T14009] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 567.147813][T14009] should_failslab+0xc2/0x120
[ 567.147836][T14009] kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 567.147874][T14009] ? copy_process+0x4bd/0x91a0
[ 567.147914][T14009] copy_process+0x4bd/0x91a0
[ 567.147947][T14009] ? find_held_lock+0x2b/0x80
[ 567.147978][T14009] ? schedule+0x2d7/0x3a0
[ 567.148010][T14009] ? futex_wait_queue+0x24/0x220
[ 567.148032][T14009] ? schedule+0xf1/0x3a0
[ 567.148069][T14009] ? futex_wait_queue+0x14c/0x220
[ 567.148096][T14009] ? __pfx_copy_process+0x10/0x10
[ 567.148130][T14009] ? __pfx___futex_wait+0x10/0x10
[ 567.148159][T14009] ? __pfx_futex_wake_mark+0x10/0x10
[ 567.148197][T14009] kernel_clone+0xfc/0x960
[ 567.148234][T14009] ? __pfx_kernel_clone+0x10/0x10
[ 567.148288][T14009] __do_sys_clone+0xce/0x120
[ 567.148323][T14009] ? __pfx___do_sys_clone+0x10/0x10
[ 567.148357][T14009] ? do_seccomp+0x3ad/0x26d0
[ 567.148401][T14009] ? rcu_is_watching+0x12/0xc0
[ 567.148439][T14009] do_syscall_64+0xcd/0x260
[ 567.148476][T14009] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 567.148500][T14009] RIP: 0033:0x7f830b78d169
[ 567.148518][T14009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 567.148540][T14009] RSP: 002b:00007f830c519038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 567.148563][T14009] RAX: ffffffffffffffda RBX: 00007f830b9a5fa0 RCX: 00007f830b78d169
[ 567.148579][T14009] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[ 567.148593][T14009] RBP: 00007f830b80e2a0 R08: 0000000000000401 R09: 0000000000000000
[ 567.148608][T14009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 567.148622][T14009] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 567.148651][T14009]
[ 567.529279][T14017] netlink: 'syz.1.3073': attribute type 21 has an invalid length.
[ 567.537213][T14017] netlink: 326 bytes leftover after parsing attributes in process `syz.1.3073'.
[ 567.546280][T14017] IPv6: NLM_F_CREATE should be specified when creating new route
[ 568.390342][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 568.399895][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 571.097086][T14069] could not allocate digest TFM handle
[ 571.185097][T14071] could not allocate digest TFM handle
syzkaller
syzkaller login: [ 573.945373][T14120] FAULT_INJECTION: forcing a failure.
[ 573.945373][T14120] name failslab, interval 1, probability 0, space 0, times 0
[ 574.032242][T14120] CPU: 1 UID: 0 PID: 14120 Comm: syz.2.3106 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 574.032275][T14120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 574.032290][T14120] Call Trace:
[ 574.032299][T14120]
[ 574.032308][T14120] dump_stack_lvl+0x16c/0x1f0
[ 574.032346][T14120] should_fail_ex+0x512/0x640
[ 574.032373][T14120] ? fs_reclaim_acquire+0xae/0x150
[ 574.032404][T14120] should_failslab+0xc2/0x120
[ 574.032434][T14120] __kmalloc_cache_noprof+0x6a/0x3e0
[ 574.032467][T14120] ? tomoyo_write_log2+0x33d/0xc10
[ 574.032502][T14120] tomoyo_write_log2+0x33d/0xc10
[ 574.032557][T14120] tomoyo_supervisor+0x15e/0x13b0
[ 574.032600][T14120] ? __pfx_tomoyo_supervisor+0x10/0x10
[ 574.032651][T14120] ? lockdep_hardirqs_on+0x7c/0x110
[ 574.032689][T14120] ? tomoyo_check_path_acl+0xad/0x210
[ 574.032717][T14120] ? tomoyo_check_acl+0x1f7/0x410
[ 574.032747][T14120] tomoyo_path_permission+0x270/0x3b0
[ 574.032777][T14120] tomoyo_check_open_permission+0x37b/0x3c0
[ 574.032808][T14120] ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 574.032867][T14120] ? do_raw_spin_lock+0x12c/0x2b0
[ 574.032903][T14120] tomoyo_file_open+0x6b/0x90
[ 574.032941][T14120] security_file_open+0x84/0x1e0
[ 574.032972][T14120] do_dentry_open+0x596/0x1c10
[ 574.033014][T14120] vfs_open+0x82/0x3f0
[ 574.033040][T14120] path_openat+0x1e5e/0x2d40
[ 574.033086][T14120] ? __pfx_path_openat+0x10/0x10
[ 574.033127][T14120] do_filp_open+0x20b/0x470
[ 574.033162][T14120] ? __pfx_do_filp_open+0x10/0x10
[ 574.033217][T14120] ? alloc_fd+0x471/0x7d0
[ 574.033257][T14120] do_sys_openat2+0x11b/0x1d0
[ 574.033281][T14120] ? __pfx_do_sys_openat2+0x10/0x10
[ 574.033317][T14120] __x64_sys_openat+0x174/0x210
[ 574.033342][T14120] ? __pfx___x64_sys_openat+0x10/0x10
[ 574.033369][T14120] ? rcu_is_watching+0x12/0xc0
[ 574.033406][T14120] do_syscall_64+0xcd/0x260
[ 574.033450][T14120] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 574.033475][T14120] RIP: 0033:0x7fc84558d169
[ 574.033494][T14120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 574.033517][T14120] RSP: 002b:00007fc84636a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 574.033540][T14120] RAX: ffffffffffffffda RBX: 00007fc8457a5fa0 RCX: 00007fc84558d169
[ 574.033555][T14120] RDX: 0000000000040000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 574.033571][T14120] RBP: 00007fc84560e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 574.033585][T14120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 574.033599][T14120] R13: 0000000000000000 R14: 00007fc8457a5fa0 R15: 00007ffe237af198
[ 574.033629][T14120]
[ 576.365854][T14135] mkiss: ax0: crc mode is auto.
[ 577.515883][T14144] netlink: 334 bytes leftover after parsing attributes in process `syz.1.3115'.
[ 578.516805][T14150] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3118'.
[ 579.012766][T14160] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3118'.
[ 580.185806][T14177] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3126'.
[ 580.272038][T14177] netlink: 354 bytes leftover after parsing attributes in process `syz.0.3126'.
[ 580.927271][T14187] FAULT_INJECTION: forcing a failure.
[ 580.927271][T14187] name failslab, interval 1, probability 0, space 0, times 0
[ 580.980594][T14187] CPU: 1 UID: 0 PID: 14187 Comm: syz.0.3129 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 580.980637][T14187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 580.980656][T14187] Call Trace:
[ 580.980666][T14187]
[ 580.980678][T14187] dump_stack_lvl+0x16c/0x1f0
[ 580.980716][T14187] should_fail_ex+0x512/0x640
[ 580.980744][T14187] ? fib4_rule_action+0x228/0x3c0
[ 580.980770][T14187] ? sctp_bind_addrs_to_raw+0x12c/0x3e0
[ 580.980803][T14187] should_failslab+0xc2/0x120
[ 580.980825][T14187] __kmalloc_noprof+0xd2/0x510
[ 580.980872][T14187] sctp_bind_addrs_to_raw+0x12c/0x3e0
[ 580.980908][T14187] ? __lock_acquire+0x5ca/0x1ba0
[ 580.980930][T14187] ? __pfx_sctp_bind_addrs_to_raw+0x10/0x10
[ 580.980975][T14187] sctp_make_init+0x148/0xdc0
[ 580.981011][T14187] ? is_bpf_text_address+0x8a/0x1a0
[ 580.981041][T14187] ? bpf_ksym_find+0x124/0x1c0
[ 580.981073][T14187] ? __pfx_sctp_make_init+0x10/0x10
[ 580.981107][T14187] ? kernel_text_address+0x8d/0x100
[ 580.981134][T14187] ? find_held_lock+0x2b/0x80
[ 580.981164][T14187] ? unwind_get_return_address+0x59/0xa0
[ 580.981196][T14187] ? arch_stack_walk+0xa6/0x100
[ 580.981232][T14187] ? sctp_sm_lookup_event+0x15b/0x570
[ 580.981263][T14187] ? __pfx_sctp_sm_lookup_event+0x10/0x10
[ 580.981300][T14187] sctp_sf_do_prm_asoc+0xbf/0x360
[ 580.981324][T14187] ? __pfx_sctp_pname+0x10/0x10
[ 580.981355][T14187] sctp_do_sm+0x17e/0x5c80
[ 580.981389][T14187] ? kasan_save_stack+0x42/0x60
[ 580.981422][T14187] ? kasan_save_stack+0x33/0x60
[ 580.981456][T14187] ? kasan_save_track+0x14/0x30
[ 580.981490][T14187] ? __pfx_sctp_do_sm+0x10/0x10
[ 580.981515][T14187] ? sctp_sendmsg+0xef5/0x1ee0
[ 580.981539][T14187] ? ____sys_sendmsg+0x973/0xc70
[ 580.981576][T14187] ? ___sys_sendmsg+0x134/0x1d0
[ 580.981604][T14187] ? __sys_sendmmsg+0x200/0x420
[ 580.981633][T14187] ? __x64_sys_sendmmsg+0x9c/0x100
[ 580.981663][T14187] ? do_syscall_64+0xcd/0x260
[ 580.981726][T14187] ? sk_leave_memory_pressure+0xdd/0x130
[ 580.981765][T14187] ? __sk_mem_raise_allocated+0x895/0x1700
[ 580.981809][T14187] sctp_primitive_ASSOCIATE+0x9c/0xd0
[ 580.981841][T14187] sctp_sendmsg_to_asoc+0xa50/0x1ad0
[ 580.981882][T14187] ? sctp_assoc_add_peer+0x252/0x1550
[ 580.981913][T14187] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[ 580.981954][T14187] ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 580.981993][T14187] sctp_sendmsg+0xef5/0x1ee0
[ 580.982018][T14187] ? __pfx___up_read+0x10/0x10
[ 580.982057][T14187] ? __pfx_sctp_sendmsg+0x10/0x10
[ 580.982085][T14187] ? __pfx___might_resched+0x10/0x10
[ 580.982132][T14187] ? __pfx_aa_sk_perm+0x10/0x10
[ 580.982165][T14187] ? __pfx_sctp_sendmsg+0x10/0x10
[ 580.982192][T14187] inet_sendmsg+0x119/0x140
[ 580.982216][T14187] ____sys_sendmsg+0x973/0xc70
[ 580.982258][T14187] ? __pfx_____sys_sendmsg+0x10/0x10
[ 580.982301][T14187] ? schedule+0x2d7/0x3a0
[ 580.982337][T14187] ___sys_sendmsg+0x134/0x1d0
[ 580.982370][T14187] ? __pfx____sys_sendmsg+0x10/0x10
[ 580.982415][T14187] ? find_held_lock+0x2b/0x80
[ 580.982464][T14187] __sys_sendmmsg+0x200/0x420
[ 580.982498][T14187] ? __pfx___sys_sendmmsg+0x10/0x10
[ 580.982538][T14187] ? __pfx_do_futex+0x10/0x10
[ 580.982587][T14187] ? xfd_validate_state+0x5d/0x180
[ 580.982615][T14187] ? rcu_is_watching+0x12/0xc0
[ 580.982649][T14187] __x64_sys_sendmmsg+0x9c/0x100
[ 580.982679][T14187] ? lockdep_hardirqs_on+0x7c/0x110
[ 580.982712][T14187] do_syscall_64+0xcd/0x260
[ 580.982748][T14187] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 580.982772][T14187] RIP: 0033:0x7f584818d169
[ 580.982791][T14187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 580.982814][T14187] RSP: 002b:00007f5848f45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 580.982836][T14187] RAX: ffffffffffffffda RBX: 00007f58483a5fa0 RCX: 00007f584818d169
[ 580.982852][T14187] RDX: 0000000000000005 RSI: 0000200000000100 RDI: 0000000000000005
[ 580.982866][T14187] RBP: 00007f584820e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 580.982881][T14187] R10: 000000007fffffff R11: 0000000000000246 R12: 0000000000000000
[ 580.982896][T14187] R13: 0000000000000000 R14: 00007f58483a5fa0 R15: 00007ffc5d606098
[ 580.982926][T14187]
[ 584.901084][T14225] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3143'.
[ 586.533948][T14247] netlink: 146 bytes leftover after parsing attributes in process `syz.0.3150'.
[ 588.004791][T14266] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(6)
[ 590.294912][T14300] FAULT_INJECTION: forcing a failure.
[ 590.294912][T14300] name failslab, interval 1, probability 0, space 0, times 0
[ 590.358869][T14300] CPU: 1 UID: 0 PID: 14300 Comm: syz.0.3167 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 590.358902][T14300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 590.358918][T14300] Call Trace:
[ 590.358925][T14300]
[ 590.358935][T14300] dump_stack_lvl+0x16c/0x1f0
[ 590.358974][T14300] should_fail_ex+0x512/0x640
[ 590.359001][T14300] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 590.359046][T14300] should_failslab+0xc2/0x120
[ 590.359069][T14300] __kmalloc_cache_noprof+0x6a/0x3e0
[ 590.359103][T14300] ? snd_card_file_add+0x52/0x330
[ 590.359144][T14300] snd_card_file_add+0x52/0x330
[ 590.359185][T14300] snd_pcm_oss_open+0x1cf/0x1400
[ 590.359226][T14300] ? lockdep_hardirqs_on+0x7c/0x110
[ 590.359262][T14300] ? find_held_lock+0x2b/0x80
[ 590.359296][T14300] ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 590.359336][T14300] ? __lock_acquire+0xaa4/0x1ba0
[ 590.359361][T14300] ? __lock_acquire+0xaa4/0x1ba0
[ 590.359388][T14300] ? do_raw_spin_lock+0x12c/0x2b0
[ 590.359417][T14300] ? soundcore_open+0x35a/0x580
[ 590.359450][T14300] ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 590.359490][T14300] soundcore_open+0x409/0x580
[ 590.359525][T14300] ? __pfx_soundcore_open+0x10/0x10
[ 590.359557][T14300] chrdev_open+0x231/0x6a0
[ 590.359593][T14300] ? __pfx_apparmor_file_open+0x10/0x10
[ 590.359624][T14300] ? __pfx_chrdev_open+0x10/0x10
[ 590.359663][T14300] ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 590.359703][T14300] do_dentry_open+0x741/0x1c10
[ 590.359738][T14300] ? __pfx_chrdev_open+0x10/0x10
[ 590.359781][T14300] vfs_open+0x82/0x3f0
[ 590.359808][T14300] path_openat+0x1e5e/0x2d40
[ 590.359853][T14300] ? __pfx_path_openat+0x10/0x10
[ 590.359901][T14300] do_filp_open+0x20b/0x470
[ 590.359935][T14300] ? __pfx_do_filp_open+0x10/0x10
[ 590.359989][T14300] ? alloc_fd+0x471/0x7d0
[ 590.360035][T14300] do_sys_openat2+0x11b/0x1d0
[ 590.360060][T14300] ? __pfx_do_sys_openat2+0x10/0x10
[ 590.360097][T14300] __x64_sys_openat+0x174/0x210
[ 590.360123][T14300] ? __pfx___x64_sys_openat+0x10/0x10
[ 590.360151][T14300] ? rcu_is_watching+0x12/0xc0
[ 590.360188][T14300] do_syscall_64+0xcd/0x260
[ 590.360225][T14300] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 590.360249][T14300] RIP: 0033:0x7f584818d169
[ 590.360268][T14300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 590.360291][T14300] RSP: 002b:00007f5848f45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 590.360313][T14300] RAX: ffffffffffffffda RBX: 00007f58483a5fa0 RCX: 00007f584818d169
[ 590.360329][T14300] RDX: 0000000000040000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 590.360345][T14300] RBP: 00007f584820e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 590.360359][T14300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 590.360373][T14300] R13: 0000000000000000 R14: 00007f58483a5fa0 R15: 00007ffc5d606098
[ 590.360402][T14300]
[ 593.399543][T14340] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3179'.
[ 593.683910][T14344] netlink: 346 bytes leftover after parsing attributes in process `syz.0.3181'.
[ 593.820031][T14345] FAULT_INJECTION: forcing a failure.
[ 593.820031][T14345] name failslab, interval 1, probability 0, space 0, times 0
[ 593.966071][T14345] CPU: 1 UID: 0 PID: 14345 Comm: syz.1.3180 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 593.966105][T14345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 593.966119][T14345] Call Trace:
[ 593.966127][T14345]
[ 593.966135][T14345] dump_stack_lvl+0x16c/0x1f0
[ 593.966174][T14345] should_fail_ex+0x512/0x640
[ 593.966202][T14345] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 593.966239][T14345] should_failslab+0xc2/0x120
[ 593.966261][T14345] __kmalloc_cache_noprof+0x6a/0x3e0
[ 593.966295][T14345] ? sctp_datamsg_from_user+0x8d/0x1320
[ 593.966331][T14345] sctp_datamsg_from_user+0x8d/0x1320
[ 593.966361][T14345] ? __sk_mem_raise_allocated+0x895/0x1700
[ 593.966404][T14345] ? sctp_primitive_ASSOCIATE+0x9c/0xd0
[ 593.966437][T14345] sctp_sendmsg_to_asoc+0xaff/0x1ad0
[ 593.966479][T14345] ? sctp_assoc_add_peer+0x252/0x1550
[ 593.966511][T14345] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[ 593.966558][T14345] ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 593.966597][T14345] sctp_sendmsg+0xef5/0x1ee0
[ 593.966622][T14345] ? __pfx___up_read+0x10/0x10
[ 593.966655][T14345] ? __pfx_sctp_sendmsg+0x10/0x10
[ 593.966682][T14345] ? __pfx___might_resched+0x10/0x10
[ 593.966741][T14345] ? __pfx_aa_sk_perm+0x10/0x10
[ 593.966772][T14345] ? __pfx_sctp_sendmsg+0x10/0x10
[ 593.966800][T14345] inet_sendmsg+0x119/0x140
[ 593.966824][T14345] ____sys_sendmsg+0x973/0xc70
[ 593.966866][T14345] ? __pfx_____sys_sendmsg+0x10/0x10
[ 593.966903][T14345] ? __pfx___schedule+0x10/0x10
[ 593.966946][T14345] ___sys_sendmsg+0x134/0x1d0
[ 593.966978][T14345] ? __pfx____sys_sendmsg+0x10/0x10
[ 593.967024][T14345] ? find_held_lock+0x2b/0x80
[ 593.967073][T14345] __sys_sendmmsg+0x200/0x420
[ 593.967108][T14345] ? __pfx___sys_sendmmsg+0x10/0x10
[ 593.967154][T14345] ? __pfx_do_futex+0x10/0x10
[ 593.967204][T14345] ? xfd_validate_state+0x5d/0x180
[ 593.967232][T14345] ? rcu_is_watching+0x12/0xc0
[ 593.967268][T14345] __x64_sys_sendmmsg+0x9c/0x100
[ 593.967298][T14345] ? lockdep_hardirqs_on+0x7c/0x110
[ 593.967331][T14345] do_syscall_64+0xcd/0x260
[ 593.967367][T14345] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 593.967392][T14345] RIP: 0033:0x7f830b78d169
[ 593.967410][T14345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 593.967433][T14345] RSP: 002b:00007f830c519038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 593.967455][T14345] RAX: ffffffffffffffda RBX: 00007f830b9a5fa0 RCX: 00007f830b78d169
[ 593.967471][T14345] RDX: 0000000000000005 RSI: 0000200000000100 RDI: 0000000000000005
[ 593.967485][T14345] RBP: 00007f830b80e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 593.967500][T14345] R10: 000000007fffffff R11: 0000000000000246 R12: 0000000000000000
[ 593.967514][T14345] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 593.967544][T14345]
[ 595.661222][ T5851] Bluetooth: hci2: unexpected event 0x04 length: 459 > 10
[ 597.550184][T14393] could not allocate digest TFM handle
[ 597.649538][T14399] could not allocate digest TFM handle
[ 597.745066][ T5851] Bluetooth: hci2: command 0x0406 tx timeout
[ 597.785163][T14408] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3202'.
[ 597.848410][T14408] : renamed from �
[ 597.914450][T14408] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3202'.
[ 600.832190][T14448] netlink: 346 bytes leftover after parsing attributes in process `syz.4.3216'.
[ 602.952250][T14471] input: j�J�Ǹ-9%vlQ J"1 as /devices/virtual/input/input8
[ 603.026105][ T5197] ERROR: Out of memory at tomoyo_memory_ok.
[ 603.105814][ T26] ERROR: Out of memory at tomoyo_memory_ok.
[ 604.823817][T14491] =======================================================
[ 604.823817][T14491] WARNING: The mand mount option has been deprecated and
[ 604.823817][T14491] and is ignored by this kernel. Remove the mand
[ 604.823817][T14491] option from the mount to silence this warning.
[ 604.823817][T14491] =======================================================
[ 605.611644][T14497] netlink: 'syz.2.3231': attribute type 4 has an invalid length.
[ 605.664720][T14497] netlink: 314 bytes leftover after parsing attributes in process `syz.2.3231'.
[ 608.275013][T14523] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3241'.
[ 608.322648][T14523] unsupported nlmsg_type 40
[ 608.380538][T14518] mkiss: ax0: crc mode is auto.
[ 610.171000][T14555] mkiss: ax0: crc mode is auto.
[ 611.429095][ T5852] Bluetooth: hci0: command 0x0406 tx timeout
[ 611.650670][T14579] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3261'.
[ 611.981200][T14581] zswap: compressor not available
[ 612.017030][T14589] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3265'.
[ 612.095222][T14589] veth0_macvtap: left promiscuous mode
[ 612.131312][T14591] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3266'.
[ 613.654294][T14624] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3280'.
[ 616.230555][T14670] mkiss: ax0: crc mode is auto.
[ 617.371973][T14689] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3306'.
[ 617.560297][T14692] FAULT_INJECTION: forcing a failure.
[ 617.560297][T14692] name fail_futex, interval 1, probability 0, space 0, times 0
[ 617.638682][T14692] CPU: 1 UID: 0 PID: 14692 Comm: syz.1.3307 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 617.638716][T14692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 617.638730][T14692] Call Trace:
[ 617.638737][T14692]
[ 617.638746][T14692] dump_stack_lvl+0x16c/0x1f0
[ 617.638785][T14692] should_fail_ex+0x512/0x640
[ 617.638816][T14692] get_futex_key+0x49e/0x1000
[ 617.638853][T14692] ? __pfx_get_futex_key+0x10/0x10
[ 617.638896][T14692] futex_wake+0xe7/0x4e0
[ 617.638921][T14692] ? __pfx_futex_wake+0x10/0x10
[ 617.638946][T14692] ? kmem_cache_free+0x2d4/0x4d0
[ 617.638981][T14692] ? fd_install+0x225/0x750
[ 617.639014][T14692] ? putname+0x154/0x1a0
[ 617.639041][T14692] do_futex+0x1e3/0x350
[ 617.639076][T14692] ? __pfx_do_futex+0x10/0x10
[ 617.639118][T14692] __x64_sys_futex+0x1e0/0x4c0
[ 617.639158][T14692] ? __x64_sys_openat+0x174/0x210
[ 617.639184][T14692] ? __pfx___x64_sys_futex+0x10/0x10
[ 617.639220][T14692] ? rcu_is_watching+0x12/0xc0
[ 617.639258][T14692] do_syscall_64+0xcd/0x260
[ 617.639295][T14692] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 617.639319][T14692] RIP: 0033:0x7f830b78d169
[ 617.639337][T14692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 617.639360][T14692] RSP: 002b:00007f830c5190e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 617.639383][T14692] RAX: ffffffffffffffda RBX: 00007f830b9a5fa8 RCX: 00007f830b78d169
[ 617.639399][T14692] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f830b9a5fac
[ 617.639414][T14692] RBP: 00007f830b9a5fa0 R08: 00007f830c51a000 R09: 0000000000000000
[ 617.639429][T14692] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f830b9a5fac
[ 617.639444][T14692] R13: 0000000000000000 R14: 00007fff0e36a520 R15: 00007fff0e36a608
[ 617.639473][T14692]
[ 619.024731][T14714] sctp: [Deprecated]: syz.1.3317 (pid 14714) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 619.024731][T14714] Use struct sctp_sack_info instead
[ 621.550919][T14768] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3332'.
[ 624.017425][T14814] ERROR: Out of memory at tomoyo_memory_ok.
[ 624.088480][T14822] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3346'.
[ 625.411534][T14840] netlink: 'syz.4.3351': attribute type 33 has an invalid length.
[ 625.464158][T14840] netlink: 322 bytes leftover after parsing attributes in process `syz.4.3351'.
[ 625.560841][T14842] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3350'.
[ 625.589750][T14846] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3353'.
[ 628.720168][T14889] FAULT_INJECTION: forcing a failure.
[ 628.720168][T14889] name failslab, interval 1, probability 0, space 0, times 0
[ 628.758574][T14894] input: j�J�Ǹ-9%vlQ J86� as /devices/virtual/input/input9
[ 628.789591][T14889] CPU: 1 UID: 0 PID: 14889 Comm: syz.4.3370 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 628.789626][T14889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 628.789640][T14889] Call Trace:
[ 628.789648][T14889]
[ 628.789657][T14889] dump_stack_lvl+0x16c/0x1f0
[ 628.789697][T14889] should_fail_ex+0x512/0x640
[ 628.789734][T14889] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 628.789776][T14889] should_failslab+0xc2/0x120
[ 628.789798][T14889] kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 628.789838][T14889] ? __d_alloc+0x31/0xaa0
[ 628.789863][T14889] __d_alloc+0x31/0xaa0
[ 628.789890][T14889] d_alloc+0x4a/0x1e0
[ 628.789914][T14889] d_alloc_parallel+0xe3/0x12e0
[ 628.789953][T14889] ? __d_lookup+0x25c/0x4a0
[ 628.789983][T14889] ? __pfx_d_alloc_parallel+0x10/0x10
[ 628.790014][T14889] ? __d_lookup+0x266/0x4a0
[ 628.790042][T14889] ? lockdep_init_map_type+0x5c/0x280
[ 628.790068][T14889] ? lockdep_init_map_type+0x5c/0x280
[ 628.790097][T14889] proc_fill_cache+0x2e6/0x470
[ 628.790119][T14889] ? __pfx_proc_pident_instantiate+0x10/0x10
[ 628.790161][T14889] ? __pfx_proc_fill_cache+0x10/0x10
[ 628.790212][T14889] proc_pident_readdir+0x1bc/0x560
[ 628.790240][T14889] iterate_dir+0x293/0xb40
[ 628.790275][T14889] __x64_sys_getdents64+0x14d/0x2d0
[ 628.790306][T14889] ? __x64_sys_futex+0x1e0/0x4c0
[ 628.790339][T14889] ? __x64_sys_futex+0x1e9/0x4c0
[ 628.790374][T14889] ? __pfx___x64_sys_getdents64+0x10/0x10
[ 628.790406][T14889] ? xfd_validate_state+0x5d/0x180
[ 628.790431][T14889] ? __pfx_filldir64+0x10/0x10
[ 628.790460][T14889] ? rcu_is_watching+0x12/0xc0
[ 628.790499][T14889] do_syscall_64+0xcd/0x260
[ 628.790541][T14889] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 628.790565][T14889] RIP: 0033:0x7f2970b8d169
[ 628.790583][T14889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 628.790607][T14889] RSP: 002b:00007f2971a37038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[ 628.790628][T14889] RAX: ffffffffffffffda RBX: 00007f2970da5fa0 RCX: 00007f2970b8d169
[ 628.790644][T14889] RDX: 0000000000000327 RSI: 0000000000000000 RDI: 0000000000000005
[ 628.790658][T14889] RBP: 00007f2970c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 628.790673][T14889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 628.790686][T14889] R13: 0000000000000000 R14: 00007f2970da5fa0 R15: 00007ffec8bb23b8
[ 628.790716][T14889]
[ 629.435844][ T5197] ERROR: Out of memory at tomoyo_memory_ok.
[ 629.516015][ T26] ERROR: Out of memory at tomoyo_memory_ok.
[ 629.612228][T14901] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3371'.
[ 629.891647][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 629.906339][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 630.006529][T14907] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[ 630.364923][T14917] FAULT_INJECTION: forcing a failure.
[ 630.364923][T14917] name failslab, interval 1, probability 0, space 0, times 0
[ 630.447887][T14917] CPU: 1 UID: 0 PID: 14917 Comm: syz.1.3377 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 630.447921][T14917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 630.447936][T14917] Call Trace:
[ 630.447944][T14917]
[ 630.447953][T14917] dump_stack_lvl+0x16c/0x1f0
[ 630.447993][T14917] should_fail_ex+0x512/0x640
[ 630.448022][T14917] ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 630.448064][T14917] should_failslab+0xc2/0x120
[ 630.448087][T14917] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 630.448125][T14917] ? acpi_ut_create_integer_object+0x64/0x180
[ 630.448157][T14917] ? acpi_ds_init_aml_walk+0x2d3/0x590
[ 630.448183][T14917] acpi_ut_create_integer_object+0x64/0x180
[ 630.448214][T14917] acpi_ps_execute_method+0x516/0xb30
[ 630.448241][T14917] ? acpi_ut_acquire_mutex+0x125/0x1d0
[ 630.448273][T14917] acpi_ns_evaluate+0x76c/0xca0
[ 630.448299][T14917] ? kasan_save_track+0x14/0x30
[ 630.448338][T14917] acpi_evaluate_object+0x1fa/0xa90
[ 630.448375][T14917] ? do_syscall_64+0xcd/0x260
[ 630.448409][T14917] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 630.448435][T14917] ? __pfx_acpi_evaluate_object+0x10/0x10
[ 630.448473][T14917] ? __mutex_trylock_common+0xe9/0x250
[ 630.448501][T14917] acpi_evaluate_integer+0xdd/0x200
[ 630.448534][T14917] ? __pfx_acpi_evaluate_integer+0x10/0x10
[ 630.448588][T14917] ? __pfx_status_show+0x10/0x10
[ 630.448625][T14917] status_show+0xa0/0x120
[ 630.448663][T14917] ? __pfx_status_show+0x10/0x10
[ 630.448709][T14917] dev_attr_show+0x53/0xe0
[ 630.448735][T14917] ? __pfx_dev_attr_show+0x10/0x10
[ 630.448757][T14917] sysfs_kf_seq_show+0x213/0x3e0
[ 630.448797][T14917] seq_read_iter+0x506/0x12c0
[ 630.448844][T14917] kernfs_fop_read_iter+0x40f/0x5a0
[ 630.448873][T14917] ? rw_verify_area+0xcf/0x680
[ 630.448905][T14917] vfs_read+0x8c8/0xc70
[ 630.448942][T14917] ? __pfx___mutex_lock+0x10/0x10
[ 630.448977][T14917] ? __pfx_vfs_read+0x10/0x10
[ 630.449029][T14917] ksys_read+0x12a/0x240
[ 630.449062][T14917] ? __pfx_ksys_read+0x10/0x10
[ 630.449093][T14917] ? rcu_is_watching+0x12/0xc0
[ 630.449132][T14917] do_syscall_64+0xcd/0x260
[ 630.449168][T14917] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 630.449192][T14917] RIP: 0033:0x7f830b78d169
[ 630.449211][T14917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 630.449234][T14917] RSP: 002b:00007f830c519038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 630.449256][T14917] RAX: ffffffffffffffda RBX: 00007f830b9a5fa0 RCX: 00007f830b78d169
[ 630.449272][T14917] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000003
[ 630.449287][T14917] RBP: 00007f830b80e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 630.449301][T14917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 630.449316][T14917] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 630.449347][T14917]
[ 630.449370][T14917] ACPI Error:
[ 631.672240][T14931] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3382'.
[ 631.733341][T14930] input: f� as /devices/virtual/input/input10
[ 631.750140][T14917] Could not allocate an object descriptor (20240827/utobject-180)
[ 631.817341][T14917] ACPI Error: ffff888061f49000 walk still has a scope list (20240827/dswstate-694)
[ 631.850535][ T5197] ERROR: Out of memory at tomoyo_memory_ok.
[ 631.921102][ T26] ERROR: Out of memory at tomoyo_memory_ok.
[ 633.382709][T14964] netlink: 130 bytes leftover after parsing attributes in process `syz.4.3395'.
[ 634.783557][T14993] input: j�J�Ǹ-9%vlQ J86� as /devices/virtual/input/input11
[ 634.876896][ T5197] ERROR: Out of memory at tomoyo_memory_ok.
[ 635.563531][ T26] ERROR: Out of memory at tomoyo_memory_ok.
[ 636.405447][T15020] FAULT_INJECTION: forcing a failure.
[ 636.405447][T15020] name failslab, interval 1, probability 0, space 0, times 0
[ 636.451933][T15017] mkiss: ax0: crc mode is auto.
[ 636.508938][T15020] CPU: 1 UID: 0 PID: 15020 Comm: syz.1.3417 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 636.508972][T15020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 636.508987][T15020] Call Trace:
[ 636.508995][T15020]
[ 636.509005][T15020] dump_stack_lvl+0x16c/0x1f0
[ 636.509044][T15020] should_fail_ex+0x512/0x640
[ 636.509077][T15020] ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 636.509118][T15020] should_failslab+0xc2/0x120
[ 636.509141][T15020] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 636.509179][T15020] ? __pmd_alloc+0xc3/0x870
[ 636.509211][T15020] __pmd_alloc+0xc3/0x870
[ 636.509242][T15020] move_page_tables+0x2877/0x3f60
[ 636.509285][T15020] ? __pfx_copy_vma+0x10/0x10
[ 636.509321][T15020] ? finish_task_switch.isra.0+0x21c/0xc10
[ 636.509359][T15020] ? __pfx_move_page_tables+0x10/0x10
[ 636.509396][T15020] ? register_lock_class+0x41/0x4c0
[ 636.509431][T15020] ? lock_acquire+0x179/0x350
[ 636.509454][T15020] ? find_held_lock+0x2b/0x80
[ 636.509487][T15020] copy_vma_and_data+0x216/0x810
[ 636.509528][T15020] ? __pfx_copy_vma_and_data+0x10/0x10
[ 636.509572][T15020] ? __vma_enter_locked+0x163/0x3f0
[ 636.509614][T15020] ? find_held_lock+0x2b/0x80
[ 636.509644][T15020] ? move_vma+0x536/0x1740
[ 636.509679][T15020] ? __vm_enough_memory+0x184/0x3f0
[ 636.509714][T15020] move_vma+0x548/0x1740
[ 636.509755][T15020] ? __pfx_move_vma+0x10/0x10
[ 636.509796][T15020] ? mm_get_unmapped_area_vmflags+0x97/0xe0
[ 636.509826][T15020] ? cap_mmap_addr+0x4b/0x120
[ 636.509847][T15020] ? bpf_lsm_mmap_addr+0x9/0x10
[ 636.509878][T15020] ? security_mmap_addr+0x6c/0x1e0
[ 636.509909][T15020] ? __get_unmapped_area+0x26a/0x440
[ 636.509941][T15020] ? vrm_set_new_addr+0x208/0x290
[ 636.509986][T15020] __do_sys_mremap+0xe38/0x15d0
[ 636.510027][T15020] ? __pfx___do_sys_mremap+0x10/0x10
[ 636.510087][T15020] ? __x64_sys_futex+0x1e0/0x4c0
[ 636.510130][T15020] ? rcu_is_watching+0x12/0xc0
[ 636.510169][T15020] do_syscall_64+0xcd/0x260
[ 636.510208][T15020] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 636.510232][T15020] RIP: 0033:0x7f830b78d169
[ 636.510253][T15020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 636.510278][T15020] RSP: 002b:00007f830c519038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[ 636.510300][T15020] RAX: ffffffffffffffda RBX: 00007f830b9a5fa0 RCX: 00007f830b78d169
[ 636.510317][T15020] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000000000000000
[ 636.510331][T15020] RBP: 00007f830b80e2a0 R08: 0000000100000000 R09: 0000000000000000
[ 636.510347][T15020] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000
[ 636.510361][T15020] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 636.510391][T15020]
[ 637.382747][T15034] FAULT_INJECTION: forcing a failure.
[ 637.382747][T15034] name failslab, interval 1, probability 0, space 0, times 0
[ 637.465613][T15034] CPU: 1 UID: 0 PID: 15034 Comm: syz.1.3423 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 637.465647][T15034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 637.465662][T15034] Call Trace:
[ 637.465670][T15034]
[ 637.465678][T15034] dump_stack_lvl+0x16c/0x1f0
[ 637.465716][T15034] should_fail_ex+0x512/0x640
[ 637.465744][T15034] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 637.465781][T15034] should_failslab+0xc2/0x120
[ 637.465804][T15034] __kmalloc_cache_noprof+0x6a/0x3e0
[ 637.465836][T15034] ? ccid_get_builtin_ccids+0x79/0x200
[ 637.465878][T15034] ccid_get_builtin_ccids+0x79/0x200
[ 637.465918][T15034] dccp_feat_init+0x361/0x800
[ 637.465944][T15034] ? __pfx_dccp_feat_init+0x10/0x10
[ 637.465967][T15034] ? __pfx_dccp_keepalive_timer+0x10/0x10
[ 637.466001][T15034] ? lockdep_init_map_type+0x5c/0x280
[ 637.466026][T15034] ? do_init_timer+0xc9/0x110
[ 637.466065][T15034] ? __pfx_dccp_keepalive_timer+0x10/0x10
[ 637.466097][T15034] ? __pfx_dccp_delack_timer+0x10/0x10
[ 637.466133][T15034] dccp_init_sock+0x327/0x420
[ 637.466161][T15034] ? __pfx_dccp_v4_init_sock+0x10/0x10
[ 637.466189][T15034] dccp_v4_init_sock+0x1f/0xa0
[ 637.466213][T15034] ? __pfx_dccp_v4_init_sock+0x10/0x10
[ 637.466239][T15034] inet_create+0x936/0x1090
[ 637.466262][T15034] ? inet_create+0x93/0x1090
[ 637.466287][T15034] __sock_create+0x335/0x8d0
[ 637.466315][T15034] __sys_socket+0x14d/0x260
[ 637.466338][T15034] ? __pfx___sys_socket+0x10/0x10
[ 637.466361][T15034] ? rcu_is_watching+0x12/0xc0
[ 637.466397][T15034] __x64_sys_socket+0x72/0xb0
[ 637.466419][T15034] ? lockdep_hardirqs_on+0x7c/0x110
[ 637.466451][T15034] do_syscall_64+0xcd/0x260
[ 637.466488][T15034] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 637.466512][T15034] RIP: 0033:0x7f830b78d169
[ 637.466530][T15034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 637.466554][T15034] RSP: 002b:00007f830c519038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 637.466576][T15034] RAX: ffffffffffffffda RBX: 00007f830b9a5fa0 RCX: 00007f830b78d169
[ 637.466592][T15034] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002
[ 637.466606][T15034] RBP: 00007f830b80e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 637.466621][T15034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 637.466635][T15034] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 637.466667][T15034]
[ 637.799877][T15037] mkiss: ax0: crc mode is auto.
[ 637.946971][T15041] input: j�J�Ǹ-9%vlQ J86� as /devices/virtual/input/input12
[ 637.993427][ T5197] ERROR: Out of memory at tomoyo_memory_ok.
[ 638.668561][ T26] ERROR: Out of memory at tomoyo_memory_ok.
[ 638.770920][T15044] netlink: 146 bytes leftover after parsing attributes in process `syz.0.3426'.
[ 639.090557][T15054] FAULT_INJECTION: forcing a failure.
[ 639.090557][T15054] name failslab, interval 1, probability 0, space 0, times 0
[ 639.168321][T15054] CPU: 1 UID: 0 PID: 15054 Comm: syz.0.3431 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 639.168356][T15054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 639.168370][T15054] Call Trace:
[ 639.168378][T15054]
[ 639.168387][T15054] dump_stack_lvl+0x16c/0x1f0
[ 639.168426][T15054] should_fail_ex+0x512/0x640
[ 639.168454][T15054] ? fs_reclaim_acquire+0xae/0x150
[ 639.168486][T15054] should_failslab+0xc2/0x120
[ 639.168508][T15054] __kmalloc_cache_noprof+0x6a/0x3e0
[ 639.168542][T15054] ? tomoyo_init_log+0x197/0x2140
[ 639.168579][T15054] tomoyo_init_log+0x197/0x2140
[ 639.168610][T15054] ? format_decode+0x1ad/0xd40
[ 639.168638][T15054] ? __pfx_format_decode+0x10/0x10
[ 639.168691][T15054] ? __pfx_tomoyo_init_log+0x10/0x10
[ 639.168733][T15054] tomoyo_write_log2+0x2f7/0xc10
[ 639.168771][T15054] tomoyo_supervisor+0x15e/0x13b0
[ 639.168815][T15054] ? __pfx_tomoyo_supervisor+0x10/0x10
[ 639.168873][T15054] ? lockdep_hardirqs_on+0x7c/0x110
[ 639.168911][T15054] ? tomoyo_check_path_acl+0xad/0x210
[ 639.168940][T15054] ? tomoyo_check_acl+0x1f7/0x410
[ 639.168968][T15054] tomoyo_path_permission+0x270/0x3b0
[ 639.168999][T15054] tomoyo_check_open_permission+0x37b/0x3c0
[ 639.169030][T15054] ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 639.169090][T15054] ? do_raw_spin_lock+0x12c/0x2b0
[ 639.169125][T15054] tomoyo_file_open+0x6b/0x90
[ 639.169165][T15054] security_file_open+0x84/0x1e0
[ 639.169197][T15054] do_dentry_open+0x596/0x1c10
[ 639.169240][T15054] vfs_open+0x82/0x3f0
[ 639.169267][T15054] path_openat+0x1e5e/0x2d40
[ 639.169314][T15054] ? __pfx_path_openat+0x10/0x10
[ 639.169357][T15054] do_filp_open+0x20b/0x470
[ 639.169393][T15054] ? __pfx_do_filp_open+0x10/0x10
[ 639.169450][T15054] ? alloc_fd+0x471/0x7d0
[ 639.169491][T15054] do_sys_openat2+0x11b/0x1d0
[ 639.169516][T15054] ? __pfx_do_sys_openat2+0x10/0x10
[ 639.169552][T15054] __x64_sys_openat+0x174/0x210
[ 639.169579][T15054] ? __pfx___x64_sys_openat+0x10/0x10
[ 639.169606][T15054] ? rcu_is_watching+0x12/0xc0
[ 639.169644][T15054] do_syscall_64+0xcd/0x260
[ 639.169681][T15054] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 639.169705][T15054] RIP: 0033:0x7f584818d169
[ 639.169723][T15054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 639.169747][T15054] RSP: 002b:00007f5848f45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 639.169769][T15054] RAX: ffffffffffffffda RBX: 00007f58483a5fa0 RCX: 00007f584818d169
[ 639.169785][T15054] RDX: 0000000000022500 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 639.169800][T15054] RBP: 00007f584820e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 639.169815][T15054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 639.169834][T15054] R13: 0000000000000000 R14: 00007f58483a5fa0 R15: 00007ffc5d606098
[ 639.169864][T15054]
[ 639.498813][T15056] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13
[ 640.646445][T15068] mkiss: ax0: crc mode is auto.
[ 641.662085][T15087] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 641.907143][T15090] netlink: 326 bytes leftover after parsing attributes in process `syz.1.3442'.
[ 644.068420][T15118] FAULT_INJECTION: forcing a failure.
[ 644.068420][T15118] name failslab, interval 1, probability 0, space 0, times 0
[ 644.165691][T15118] CPU: 1 UID: 0 PID: 15118 Comm: syz.2.3452 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 644.165731][T15118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 644.165745][T15118] Call Trace:
[ 644.165753][T15118]
[ 644.165763][T15118] dump_stack_lvl+0x16c/0x1f0
[ 644.165802][T15118] should_fail_ex+0x512/0x640
[ 644.165830][T15118] ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 644.165870][T15118] should_failslab+0xc2/0x120
[ 644.165892][T15118] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 644.165930][T15118] ? locks_get_lock_context+0x243/0x410
[ 644.165959][T15118] locks_get_lock_context+0x243/0x410
[ 644.165986][T15118] posix_lock_inode+0xcc/0x2280
[ 644.166014][T15118] ? __pfx_aa_file_perm+0x10/0x10
[ 644.166058][T15118] ? __pfx_posix_lock_inode+0x10/0x10
[ 644.166096][T15118] vfs_lock_file+0xfb/0x150
[ 644.166127][T15118] fcntl_setlk+0x3ff/0xe20
[ 644.166161][T15118] ? __pfx_fcntl_setlk+0x10/0x10
[ 644.166191][T15118] ? lockdep_hardirqs_on+0x7c/0x110
[ 644.166236][T15118] ? rep_movs_alternative+0x30/0x90
[ 644.166266][T15118] do_fcntl+0xbd7/0x1590
[ 644.166291][T15118] ? __pfx_do_fcntl+0x10/0x10
[ 644.166322][T15118] ? tomoyo_file_fcntl+0x6c/0xc0
[ 644.166364][T15118] __x64_sys_fcntl+0x170/0x200
[ 644.166391][T15118] do_syscall_64+0xcd/0x260
[ 644.166438][T15118] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 644.166462][T15118] RIP: 0033:0x7fc84558d169
[ 644.166481][T15118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 644.166505][T15118] RSP: 002b:00007fc84636a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[ 644.166528][T15118] RAX: ffffffffffffffda RBX: 00007fc8457a5fa0 RCX: 00007fc84558d169
[ 644.166543][T15118] RDX: 000000000000a553 RSI: 0000000000000006 RDI: 0000000000000003
[ 644.166558][T15118] RBP: 00007fc84560e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 644.166572][T15118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 644.166586][T15118] R13: 0000000000000000 R14: 00007fc8457a5fa0 R15: 00007ffe237af198
[ 644.166615][T15118]
[ 646.360257][T15175] netlink: 322 bytes leftover after parsing attributes in process `syz.0.3465'.
[ 646.409692][T15174] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3466'.
[ 646.440013][T15175] bridge0: port 2(bridge_slave_1) entered disabled state
[ 646.447564][T15175] bridge0: port 1(bridge_slave_0) entered disabled state
[ 647.195758][T15189] sp0: Synchronizing with TNC
[ 647.385412][T15196] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3473'.
[ 647.450901][T15196] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3473'.
[ 647.543516][T15198] netlink: 210 bytes leftover after parsing attributes in process `syz.0.3473'.
[ 649.470773][T15221] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3488'.
[ 649.536725][T15221] netlink: 354 bytes leftover after parsing attributes in process `syz.0.3488'.
[ 649.986252][T15226] FAULT_INJECTION: forcing a failure.
[ 649.986252][T15226] name failslab, interval 1, probability 0, space 0, times 0
[ 650.139588][T15234] netlink: 'syz.0.3482': attribute type 5 has an invalid length.
[ 650.147542][T15226] CPU: 1 UID: 0 PID: 15226 Comm: syz.2.3480 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 650.147574][T15226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 650.147588][T15226] Call Trace:
[ 650.147597][T15226]
[ 650.147606][T15226] dump_stack_lvl+0x16c/0x1f0
[ 650.147646][T15226] should_fail_ex+0x512/0x640
[ 650.147673][T15226] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 650.147710][T15226] should_failslab+0xc2/0x120
[ 650.147743][T15226] __kmalloc_cache_noprof+0x6a/0x3e0
[ 650.147774][T15226] ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 650.147806][T15226] ? lockdep_hardirqs_on+0x7c/0x110
[ 650.147838][T15226] ? __request_module+0x2ad/0x690
[ 650.147887][T15226] __request_module+0x2ad/0x690
[ 650.147912][T15226] ? __pfx___request_module+0x10/0x10
[ 650.147951][T15226] ? find_held_lock+0x2b/0x80
[ 650.147989][T15226] inet6_create+0xc09/0x1300
[ 650.148021][T15226] ? inet6_create+0x7f/0x1300
[ 650.148053][T15226] __sock_create+0x335/0x8d0
[ 650.148081][T15226] __sys_socket+0x14d/0x260
[ 650.148104][T15226] ? __pfx___sys_socket+0x10/0x10
[ 650.148128][T15226] ? rcu_is_watching+0x12/0xc0
[ 650.148163][T15226] __x64_sys_socket+0x72/0xb0
[ 650.148184][T15226] ? lockdep_hardirqs_on+0x7c/0x110
[ 650.148215][T15226] do_syscall_64+0xcd/0x260
[ 650.148252][T15226] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 650.148276][T15226] RIP: 0033:0x7fc84558d169
[ 650.148294][T15226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 650.148318][T15226] RSP: 002b:00007fc84636a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 650.148340][T15226] RAX: ffffffffffffffda RBX: 00007fc8457a5fa0 RCX: 00007fc84558d169
[ 650.148355][T15226] RDX: 0000000000000001 RSI: 0000000000080000 RDI: 000000000000000a
[ 650.148375][T15226] RBP: 00007fc84560e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 650.148390][T15226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 650.148404][T15226] R13: 0000000000000000 R14: 00007fc8457a5fa0 R15: 00007ffe237af198
[ 650.148432][T15226]
[ 650.605781][T15234] netlink: 314 bytes leftover after parsing attributes in process `syz.0.3482'.
[ 653.077516][T15263] FAULT_INJECTION: forcing a failure.
[ 653.077516][T15263] name fail_futex, interval 1, probability 0, space 0, times 0
[ 653.160384][T15263] CPU: 1 UID: 0 PID: 15263 Comm: syz.1.3493 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 653.160419][T15263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 653.160433][T15263] Call Trace:
[ 653.160441][T15263]
[ 653.160450][T15263] dump_stack_lvl+0x16c/0x1f0
[ 653.160490][T15263] should_fail_ex+0x512/0x640
[ 653.160519][T15263] ? __pfx___futex_wait+0x10/0x10
[ 653.160545][T15263] get_futex_key+0x1c2/0x1000
[ 653.160581][T15263] ? __pfx_get_futex_key+0x10/0x10
[ 653.160631][T15263] futex_wake+0xe7/0x4e0
[ 653.160655][T15263] ? __pfx_futex_wake+0x10/0x10
[ 653.160680][T15263] ? kmem_cache_free+0x2d4/0x4d0
[ 653.160715][T15263] ? fd_install+0x225/0x750
[ 653.160747][T15263] ? putname+0x154/0x1a0
[ 653.160775][T15263] do_futex+0x1e3/0x350
[ 653.160810][T15263] ? __pfx_do_futex+0x10/0x10
[ 653.160846][T15263] ? ksys_semctl.constprop.0+0x152/0x2f0
[ 653.160876][T15263] __x64_sys_futex+0x1e0/0x4c0
[ 653.160914][T15263] ? __pfx___x64_sys_futex+0x10/0x10
[ 653.160951][T15263] ? rcu_is_watching+0x12/0xc0
[ 653.160988][T15263] do_syscall_64+0xcd/0x260
[ 653.161025][T15263] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 653.161049][T15263] RIP: 0033:0x7f830b78d169
[ 653.161068][T15263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 653.161091][T15263] RSP: 002b:00007f830c519038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 653.161113][T15263] RAX: ffffffffffffffda RBX: 00007f830b9a5fa0 RCX: 00007f830b78d169
[ 653.161129][T15263] RDX: 0000000000000008 RSI: 0000000000000001 RDI: 0000000000000000
[ 653.161142][T15263] RBP: 00007f830b80e2a0 R08: 0000000000000000 R09: 0000000000000066
[ 653.161157][T15263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 653.161172][T15263] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 653.161201][T15263]
[ 654.182118][T15274] netlink: 130 bytes leftover after parsing attributes in process `syz.1.3499'.
[ 654.455312][T15278] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3500'.
[ 654.548408][T15283] netlink: 11 bytes leftover after parsing attributes in process `syz.0.3500'.
[ 655.005063][T15289] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3504'.
[ 655.070920][T15289] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3504'.
[ 656.853483][T15316] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3515'.
[ 659.749818][T15367] FAULT_INJECTION: forcing a failure.
[ 659.749818][T15367] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 659.784714][T15367] CPU: 1 UID: 0 PID: 15367 Comm: syz.1.3536 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 659.784750][T15367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 659.784765][T15367] Call Trace:
[ 659.784775][T15367]
[ 659.784785][T15367] dump_stack_lvl+0x16c/0x1f0
[ 659.784827][T15367] should_fail_ex+0x512/0x640
[ 659.784860][T15367] core_sys_select+0x4b2/0xbe0
[ 659.784903][T15367] ? __pfx_core_sys_select+0x10/0x10
[ 659.784969][T15367] ? read_tsc+0x9/0x20
[ 659.785003][T15367] ? ktime_get_ts64+0x256/0x400
[ 659.785056][T15367] kern_select+0x15d/0x1e0
[ 659.785091][T15367] ? __pfx_kern_select+0x10/0x10
[ 659.785126][T15367] ? xfd_validate_state+0x5d/0x180
[ 659.785155][T15367] ? rcu_is_watching+0x12/0xc0
[ 659.785189][T15367] __x64_sys_select+0xbd/0x160
[ 659.785221][T15367] ? do_syscall_64+0x91/0x260
[ 659.785254][T15367] ? lockdep_hardirqs_on+0x7c/0x110
[ 659.785285][T15367] do_syscall_64+0xcd/0x260
[ 659.785322][T15367] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 659.785346][T15367] RIP: 0033:0x7f830b78d169
[ 659.785365][T15367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 659.785388][T15367] RSP: 002b:00007f830c519038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[ 659.785411][T15367] RAX: ffffffffffffffda RBX: 00007f830b9a5fa0 RCX: 00007f830b78d169
[ 659.785427][T15367] RDX: 0000200000000500 RSI: 0000200000000480 RDI: 0000000000000009
[ 659.785442][T15367] RBP: 00007f830b80e2a0 R08: 0000200000000600 R09: 0000000000000000
[ 659.785457][T15367] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000000
[ 659.785472][T15367] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 659.785501][T15367]
[ 662.268116][T15393] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3546'.
[ 662.362529][T15393] netlink: 354 bytes leftover after parsing attributes in process `syz.2.3546'.
[ 662.826838][T15398] netlink: 504 bytes leftover after parsing attributes in process `syz.2.3549'.
[ 662.899528][T15398] netlink: 504 bytes leftover after parsing attributes in process `syz.2.3549'.
[ 663.077204][ T5852] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 663.086716][T15405] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 663.095782][T15405] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 663.112989][T15405] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 663.120638][T15405] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 663.496411][T15411] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3553'.
[ 663.566838][ T53] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 663.809358][ T53] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 664.089600][ T53] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 664.284693][T15417] FAULT_INJECTION: forcing a failure.
[ 664.284693][T15417] name failslab, interval 1, probability 0, space 0, times 0
[ 664.358521][T15417] CPU: 1 UID: 0 PID: 15417 Comm: syz.0.3554 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 664.358556][T15417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 664.358571][T15417] Call Trace:
[ 664.358580][T15417]
[ 664.358590][T15417] dump_stack_lvl+0x16c/0x1f0
[ 664.358628][T15417] should_fail_ex+0x512/0x640
[ 664.358656][T15417] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 664.358691][T15417] should_failslab+0xc2/0x120
[ 664.358720][T15417] __kmalloc_cache_noprof+0x6a/0x3e0
[ 664.358753][T15417] ? kvm_dev_ioctl+0x1396/0x1ad0
[ 664.358789][T15417] kvm_dev_ioctl+0x1396/0x1ad0
[ 664.358828][T15417] ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 664.358869][T15417] ? __pfx_kvm_dev_ioctl+0x10/0x10
[ 664.358901][T15417] __x64_sys_ioctl+0x190/0x200
[ 664.358932][T15417] do_syscall_64+0xcd/0x260
[ 664.358967][T15417] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 664.358990][T15417] RIP: 0033:0x7f584818d169
[ 664.359008][T15417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 664.359031][T15417] RSP: 002b:00007f5848f45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 664.359053][T15417] RAX: ffffffffffffffda RBX: 00007f58483a5fa0 RCX: 00007f584818d169
[ 664.359069][T15417] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000007
[ 664.359083][T15417] RBP: 00007f584820e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 664.359098][T15417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 664.359112][T15417] R13: 0000000000000000 R14: 00007f58483a5fa0 R15: 00007ffc5d606098
[ 664.359141][T15417]
[ 664.524336][ C1] vkms_vblank_simulate: vblank timer overrun
[ 664.689509][ C1] sd 0:0:1:0: [sda] tag#3305 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[ 664.700010][ C1] sd 0:0:1:0: [sda] tag#3305 CDB: Read(6) 08 00 00 00 09 00 00 00 00 00 00 00
[ 664.781826][ T53] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 665.147874][ T30] audit: type=1806 audit(4294968838.923:11): xattr="0" res=-22
[ 665.233941][T15405] Bluetooth: hci0: command tx timeout
[ 665.497595][T15401] chnl_net:caif_netlink_parms(): no params data found
[ 665.611671][ T53] bridge_slave_1: left allmulticast mode
[ 665.641760][ T53] bridge_slave_1: left promiscuous mode
[ 665.685585][ T53] bridge0: port 2(bridge_slave_1) entered disabled state
[ 665.888352][ T53] bridge_slave_0: left allmulticast mode
[ 665.907803][ T53] bridge_slave_0: left promiscuous mode
[ 665.956774][ T53] bridge0: port 1(bridge_slave_0) entered disabled state
[ 667.294956][T15405] Bluetooth: hci0: command tx timeout
[ 668.002147][T15474] netlink: 'syz.0.3566': attribute type 64 has an invalid length.
[ 668.046619][T15474] netlink: 74 bytes leftover after parsing attributes in process `syz.0.3566'.
[ 668.222203][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 668.283236][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 668.329597][ T53] bond0 (unregistering): Released all slaves
[ 669.375282][T15405] Bluetooth: hci0: command tx timeout
[ 669.687841][T15401] bridge0: port 1(bridge_slave_0) entered blocking state
[ 669.755401][T15401] bridge0: port 1(bridge_slave_0) entered disabled state
[ 669.767799][T15484] sp0: Synchronizing with TNC
[ 669.785987][T15401] bridge_slave_0: entered allmulticast mode
[ 669.839785][T15401] bridge_slave_0: entered promiscuous mode
[ 669.889324][T15401] bridge0: port 2(bridge_slave_1) entered blocking state
[ 669.931747][T15401] bridge0: port 2(bridge_slave_1) entered disabled state
[ 669.977609][T15401] bridge_slave_1: entered allmulticast mode
[ 670.014482][T15401] bridge_slave_1: entered promiscuous mode
[ 670.508073][T15401] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 670.599297][T15401] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 671.395891][ T53] hsr_slave_0: left promiscuous mode
[ 671.440733][ T53] hsr_slave_1: left promiscuous mode
[ 671.456776][T15405] Bluetooth: hci0: command tx timeout
[ 671.478571][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 671.509457][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 671.580576][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 671.626651][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 671.764472][ T53] veth1_macvtap: left promiscuous mode
[ 671.800215][ T53] veth0_macvtap: left promiscuous mode
[ 672.175032][T15529] netlink: 186 bytes leftover after parsing attributes in process `syz.2.3579'.
[ 674.208037][ T53] team0 (unregistering): Port device team_slave_1 removed
[ 674.461454][ T53] team0 (unregistering): Port device team_slave_0 removed
[ 676.554394][T15401] team0: Port device team_slave_0 added
[ 676.628935][T15532] tipc: Started in network mode
[ 676.635557][T15532] tipc: Node identity ffffffff, cluster identity 4711
[ 676.683117][T15532] tipc: Node number set to 4294967295
[ 676.722985][T15401] team0: Port device team_slave_1 added
[ 677.273370][T15401] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 677.293189][T15401] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 677.401831][T15401] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 677.480565][T15401] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 677.499907][T15401] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 677.605773][T15401] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 678.063441][T15401] hsr_slave_0: entered promiscuous mode
[ 678.097479][T15401] hsr_slave_1: entered promiscuous mode
[ 678.147973][T15401] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 678.220529][T15401] Cannot create hsr debugfs directory
[ 679.635681][T15401] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 679.794692][T15401] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 679.942220][T15589] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3595'.
[ 680.426971][T15598] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3594'.
[ 680.688555][T15401] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 680.807490][T15401] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 681.486651][T15401] 8021q: adding VLAN 0 to HW filter on device bond0
[ 681.610838][T15401] 8021q: adding VLAN 0 to HW filter on device team0
[ 681.725097][T14172] bridge0: port 1(bridge_slave_0) entered blocking state
[ 681.732334][T14172] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 681.820475][T14172] bridge0: port 2(bridge_slave_1) entered blocking state
[ 681.828638][T14172] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 681.893734][T15618] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3601'.
[ 682.943024][T15401] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 683.573861][T15650] ERROR: Out of memory at tomoyo_memory_ok.
[ 684.545842][T15401] veth0_vlan: entered promiscuous mode
[ 684.661042][T15401] veth1_vlan: entered promiscuous mode
[ 684.830515][T15401] veth0_macvtap: entered promiscuous mode
[ 684.850543][ T30] audit: type=1326 audit(4294968858.664:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15665 comm="syz.2.3610" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc84558d169 code=0x0
[ 684.978593][T15401] veth1_macvtap: entered promiscuous mode
[ 685.122745][T15401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 685.174478][T15401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 685.202458][T15401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 685.285653][T15401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 685.317849][T15401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 685.346224][T15401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 685.373212][T15401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 685.411053][T15401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 685.470052][T15401] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 685.568159][T15401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 685.621006][T15401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 685.684043][T15401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 685.739214][T15401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 685.820394][T15401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 685.889197][T15401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 685.924253][T15401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 685.977711][T15401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 686.019205][T15401] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 686.151908][T15401] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 686.218956][T15401] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 686.276168][T15401] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 686.319644][T15401] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 687.395532][ T4523] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 687.403401][ T4523] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 688.147580][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 688.204638][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 690.431249][T15729] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3620'.
[ 691.313273][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 691.319682][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 692.332686][T15752] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3626'.
[ 692.769886][T15761] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3628'.
[ 693.778505][T15777] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 694.261478][T15785] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3636'.
[ 694.349228][T15785] bridge0: entered promiscuous mode
[ 695.435001][T15802] FAULT_INJECTION: forcing a failure.
[ 695.435001][T15802] name failslab, interval 1, probability 0, space 0, times 0
[ 695.596047][T15802] CPU: 1 UID: 0 PID: 15802 Comm: syz.1.3641 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 695.596080][T15802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 695.596094][T15802] Call Trace:
[ 695.596101][T15802]
[ 695.596110][T15802] dump_stack_lvl+0x16c/0x1f0
[ 695.596148][T15802] should_fail_ex+0x512/0x640
[ 695.596175][T15802] ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 695.596214][T15802] should_failslab+0xc2/0x120
[ 695.596235][T15802] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 695.596271][T15802] ? get_tree_nodev+0x86/0x190
[ 695.596302][T15802] ? alloc_vfsmnt+0x23/0x6f0
[ 695.596330][T15802] alloc_vfsmnt+0x23/0x6f0
[ 695.596356][T15802] vfs_create_mount+0x93/0x500
[ 695.596388][T15802] fc_mount+0x9a/0xc0
[ 695.596414][T15802] mq_init_ns+0x426/0x620
[ 695.596442][T15802] copy_ipcs+0x383/0x610
[ 695.596464][T15802] ? copy_utsname+0xab/0x470
[ 695.596487][T15802] create_new_namespaces+0x20a/0xad0
[ 695.596520][T15802] ? security_capable+0x7e/0x260
[ 695.596545][T15802] unshare_nsproxy_namespaces+0xc0/0x1f0
[ 695.596588][T15802] ksys_unshare+0x45b/0xa40
[ 695.596625][T15802] ? __pfx_ksys_unshare+0x10/0x10
[ 695.596660][T15802] ? xfd_validate_state+0x5d/0x180
[ 695.596687][T15802] ? rcu_is_watching+0x12/0xc0
[ 695.596722][T15802] __x64_sys_unshare+0x31/0x40
[ 695.596758][T15802] do_syscall_64+0xcd/0x260
[ 695.596794][T15802] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 695.596818][T15802] RIP: 0033:0x7f830b78d169
[ 695.596836][T15802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 695.596859][T15802] RSP: 002b:00007f830c519038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 695.596884][T15802] RAX: ffffffffffffffda RBX: 00007f830b9a5fa0 RCX: 00007f830b78d169
[ 695.596900][T15802] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400
[ 695.596914][T15802] RBP: 00007f830b80e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 695.596928][T15802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 695.596942][T15802] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 695.596974][T15802]
[ 696.008828][T15806] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 696.018427][T15806] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 696.508280][T15816] bond0: option all_slaves_active: invalid value (�)
[ 696.590880][T15817] bond0: option all_slaves_active: invalid value (�)
[ 697.956567][T15831] netlink: 186 bytes leftover after parsing attributes in process `syz.5.3648'.
[ 698.532597][T15840] FAULT_INJECTION: forcing a failure.
[ 698.532597][T15840] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 698.624862][T15840] CPU: 1 UID: 0 PID: 15840 Comm: syz.2.3651 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 698.624895][T15840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 698.624909][T15840] Call Trace:
[ 698.624917][T15840]
[ 698.624925][T15840] dump_stack_lvl+0x16c/0x1f0
[ 698.624963][T15840] should_fail_ex+0x512/0x640
[ 698.624994][T15840] copy_fpstate_to_sigframe+0x878/0xb10
[ 698.625023][T15840] ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[ 698.625052][T15840] ? collect_signal+0x263/0x540
[ 698.625079][T15840] get_sigframe+0x4a8/0x9c0
[ 698.625116][T15840] ? __pfx_get_sigframe+0x10/0x10
[ 698.625152][T15840] ? _raw_spin_unlock_irq+0x23/0x50
[ 698.625180][T15840] ? siginfo_layout+0x1d2/0x290
[ 698.625212][T15840] x64_setup_rt_frame+0x12e/0xcf0
[ 698.625250][T15840] ? kill_pid_info_type+0xea/0x2a0
[ 698.625285][T15840] ? __pfx_x64_setup_rt_frame+0x10/0x10
[ 698.625320][T15840] ? kill_pid_info_type+0x102/0x2a0
[ 698.625359][T15840] arch_do_signal_or_restart+0x5e6/0x7d0
[ 698.625394][T15840] ? __task_pid_nr_ns+0x186/0x500
[ 698.625435][T15840] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 698.625489][T15840] syscall_exit_to_user_mode+0x150/0x2a0
[ 698.625524][T15840] do_syscall_64+0xda/0x260
[ 698.625572][T15840] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 698.625595][T15840] RIP: 0033:0x7fc84558d169
[ 698.625612][T15840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 698.625636][T15840] RSP: 002b:00007fc84636a038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[ 698.625657][T15840] RAX: 0000000000000000 RBX: 00007fc8457a5fa0 RCX: 00007fc84558d169
[ 698.625672][T15840] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 000000000000088f
[ 698.625686][T15840] RBP: 00007fc84560e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 698.625700][T15840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 698.625714][T15840] R13: 0000000000000000 R14: 00007fc8457a5fa0 R15: 00007ffe237af198
[ 698.625747][T15840]
[ 699.227282][T15844] mtrr: base(0xfffff20000000100000) is not aligned on a size(0xfffff2ff000) boundary
[ 702.199606][T15891] netlink: 342 bytes leftover after parsing attributes in process `syz.5.3662'.
[ 702.240968][T15887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3661'.
[ 705.614075][T15937] FAULT_INJECTION: forcing a failure.
[ 705.614075][T15937] name failslab, interval 1, probability 0, space 0, times 0
[ 705.991055][T15937] CPU: 1 UID: 0 PID: 15937 Comm: syz.0.3671 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 705.991094][T15937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 705.991109][T15937] Call Trace:
[ 705.991116][T15937]
[ 705.991125][T15937] dump_stack_lvl+0x16c/0x1f0
[ 705.991165][T15937] should_fail_ex+0x512/0x640
[ 705.991193][T15937] ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[ 705.991237][T15937] should_failslab+0xc2/0x120
[ 705.991260][T15937] __kmalloc_node_track_caller_noprof+0xd6/0x510
[ 705.991303][T15937] ? __mutex_lock+0x1ca/0xb90
[ 705.991336][T15937] ? argv_split+0x35/0x440
[ 705.991369][T15937] kstrndup+0x6d/0x160
[ 705.991392][T15937] ? __pfx___trace_eprobe_create+0x10/0x10
[ 705.991421][T15937] argv_split+0x35/0x440
[ 705.991451][T15937] ? __pfx___trace_eprobe_create+0x10/0x10
[ 705.991481][T15937] trace_probe_create+0x7d/0x100
[ 705.991520][T15937] ? __pfx_trace_probe_create+0x10/0x10
[ 705.991567][T15937] create_dyn_event+0xeb/0x1c0
[ 705.991600][T15937] trace_parse_run_command+0x1a6/0x3e0
[ 705.991622][T15937] ? __pfx_create_dyn_event+0x10/0x10
[ 705.991658][T15937] vfs_write+0x25c/0x1180
[ 705.991689][T15937] ? __pfx_dyn_event_write+0x10/0x10
[ 705.991724][T15937] ? __pfx___mutex_lock+0x10/0x10
[ 705.991758][T15937] ? __pfx_vfs_write+0x10/0x10
[ 705.991800][T15937] ? __fget_files+0x20e/0x3c0
[ 705.991844][T15937] ksys_write+0x12a/0x240
[ 705.991877][T15937] ? __pfx_ksys_write+0x10/0x10
[ 705.991909][T15937] ? rcu_is_watching+0x12/0xc0
[ 705.991947][T15937] do_syscall_64+0xcd/0x260
[ 705.991988][T15937] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 705.992012][T15937] RIP: 0033:0x7f584818d169
[ 705.992035][T15937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 705.992059][T15937] RSP: 002b:00007f5848f45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 705.992087][T15937] RAX: ffffffffffffffda RBX: 00007f58483a5fa0 RCX: 00007f584818d169
[ 705.992104][T15937] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[ 705.992118][T15937] RBP: 00007f584820e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 705.992133][T15937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 705.992147][T15937] R13: 0000000000000000 R14: 00007f58483a5fa0 R15: 00007ffc5d606098
[ 705.992178][T15937]
[ 706.225522][ C1] vkms_vblank_simulate: vblank timer overrun
[ 708.359648][T15405] Bluetooth: hci0: ISO packet for unknown connection handle 0
[ 710.203320][T15994] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3687'.
[ 711.303184][T16018] netlink: 'syz.5.3692': attribute type 29 has an invalid length.
[ 712.255660][T16030] ima: policy update failed
[ 712.364496][ T30] audit: type=1802 audit(4294968886.160:13): pid=16030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.3694" res=0 errno=0
[ 712.400222][T16030] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3694'.
[ 712.546144][T16033] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3694'.
[ 712.906333][T16032] FAULT_INJECTION: forcing a failure.
[ 712.906333][T16032] name failslab, interval 1, probability 0, space 0, times 0
[ 712.981345][T16032] CPU: 1 UID: 0 PID: 16032 Comm: syz.2.3695 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 712.981379][T16032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 712.981393][T16032] Call Trace:
[ 712.981401][T16032]
[ 712.981410][T16032] dump_stack_lvl+0x16c/0x1f0
[ 712.981448][T16032] should_fail_ex+0x512/0x640
[ 712.981482][T16032] ? __kmalloc_noprof+0xbf/0x510
[ 712.981520][T16032] ? vkms_crtc_atomic_check+0x3c5/0x880
[ 712.981553][T16032] should_failslab+0xc2/0x120
[ 712.981575][T16032] __kmalloc_noprof+0xd2/0x510
[ 712.981609][T16032] ? drm_atomic_add_affected_planes+0x32b/0x3f0
[ 712.981642][T16032] vkms_crtc_atomic_check+0x3c5/0x880
[ 712.981682][T16032] ? __pfx_vkms_crtc_atomic_check+0x10/0x10
[ 712.981714][T16032] drm_atomic_helper_check_planes+0x4da/0x900
[ 712.981756][T16032] drm_atomic_helper_check+0xae/0x190
[ 712.981792][T16032] vkms_atomic_check+0x1d9/0x250
[ 712.981819][T16032] ? __pfx_vkms_atomic_check+0x10/0x10
[ 712.981848][T16032] drm_atomic_check_only+0x19c7/0x3130
[ 712.981888][T16032] drm_atomic_commit+0x136/0x300
[ 712.981913][T16032] ? __pfx_drm_atomic_commit+0x10/0x10
[ 712.981937][T16032] ? __pfx___drm_printfn_info+0x10/0x10
[ 712.981970][T16032] ? drm_client_rotation+0x4d9/0x6a0
[ 712.981996][T16032] drm_client_modeset_commit_atomic+0x69d/0x7e0
[ 712.982029][T16032] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[ 712.982085][T16032] drm_client_modeset_commit_locked+0x14d/0x580
[ 712.982113][T16032] drm_client_modeset_commit+0x4f/0x80
[ 712.982137][T16032] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[ 712.982174][T16032] ? __pfx_drm_fbdev_client_restore+0x10/0x10
[ 712.982204][T16032] drm_fbdev_client_restore+0x2c/0x40
[ 712.982231][T16032] drm_client_dev_restore+0x1f3/0x2a0
[ 712.982276][T16032] drm_release+0x2c4/0x360
[ 712.982314][T16032] ? __pfx_drm_release+0x10/0x10
[ 712.982364][T16032] __fput+0x3ff/0xb70
[ 712.982395][T16032] task_work_run+0x14d/0x240
[ 712.982424][T16032] ? __pfx_task_work_run+0x10/0x10
[ 712.982450][T16032] ? __pfx___do_sys_close_range+0x10/0x10
[ 712.982491][T16032] ? rcu_is_watching+0x12/0xc0
[ 712.982525][T16032] syscall_exit_to_user_mode+0x27b/0x2a0
[ 712.982561][T16032] do_syscall_64+0xda/0x260
[ 712.982597][T16032] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 712.982620][T16032] RIP: 0033:0x7fc84558d169
[ 712.982639][T16032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 712.982662][T16032] RSP: 002b:00007fc84636a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 712.982683][T16032] RAX: 0000000000000000 RBX: 00007fc8457a5fa0 RCX: 00007fc84558d169
[ 712.982698][T16032] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 712.982712][T16032] RBP: 00007fc84560e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 712.982726][T16032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 712.982740][T16032] R13: 0000000000000000 R14: 00007fc8457a5fa0 R15: 00007ffe237af198
[ 712.982771][T16032]
[ 714.215317][T16058] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3701'.
[ 715.094171][T16071] FAULT_INJECTION: forcing a failure.
[ 715.094171][T16071] name failslab, interval 1, probability 0, space 0, times 0
[ 715.226576][T16071] CPU: 1 UID: 0 PID: 16071 Comm: syz.1.3704 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 715.226611][T16071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 715.226627][T16071] Call Trace:
[ 715.226634][T16071]
[ 715.226643][T16071] dump_stack_lvl+0x16c/0x1f0
[ 715.226687][T16071] should_fail_ex+0x512/0x640
[ 715.226714][T16071] ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 715.226753][T16071] should_failslab+0xc2/0x120
[ 715.226774][T16071] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 715.226810][T16071] ? __kernfs_new_node+0xd2/0x8a0
[ 715.226852][T16071] __kernfs_new_node+0xd2/0x8a0
[ 715.226889][T16071] ? kernfs_add_one+0x14e/0x840
[ 715.226912][T16071] ? __pfx___kernfs_new_node+0x10/0x10
[ 715.226956][T16071] ? find_held_lock+0x2b/0x80
[ 715.226987][T16071] ? kernfs_root+0xee/0x2a0
[ 715.227028][T16071] kernfs_new_node+0x13c/0x1e0
[ 715.227058][T16071] kernfs_create_link+0xcc/0x240
[ 715.227091][T16071] sysfs_do_create_link_sd+0x90/0x140
[ 715.227129][T16071] sysfs_create_link+0x61/0xc0
[ 715.227165][T16071] device_add+0x50a/0x1a70
[ 715.227192][T16071] ? __pfx_device_add+0x10/0x10
[ 715.227216][T16071] ? lockdep_init_map_type+0x5c/0x280
[ 715.227239][T16071] ? __init_waitqueue_head+0xca/0x150
[ 715.227273][T16071] netdev_register_kobject+0x182/0x3a0
[ 715.227313][T16071] register_netdevice+0x13dc/0x2270
[ 715.227362][T16071] ? __pfx_register_netdevice+0x10/0x10
[ 715.227407][T16071] internal_dev_create+0x2d3/0x520
[ 715.227450][T16071] ovs_vport_add+0x144/0x4d0
[ 715.227488][T16071] new_vport+0x16/0x1d0
[ 715.227517][T16071] ovs_dp_cmd_new+0x6ba/0xe60
[ 715.227556][T16071] ? __pfx_ovs_dp_cmd_new+0x10/0x10
[ 715.227595][T16071] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 715.227637][T16071] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 715.227685][T16071] genl_family_rcv_msg_doit+0x206/0x2f0
[ 715.227727][T16071] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 715.227767][T16071] ? trace_cap_capable+0x18d/0x200
[ 715.227798][T16071] ? bpf_lsm_capable+0x9/0x10
[ 715.227833][T16071] ? security_capable+0x7e/0x260
[ 715.227856][T16071] ? ns_capable+0xd7/0x110
[ 715.227889][T16071] genl_rcv_msg+0x55c/0x800
[ 715.227919][T16071] ? __pfx_genl_rcv_msg+0x10/0x10
[ 715.227942][T16071] ? __pfx_ovs_dp_cmd_new+0x10/0x10
[ 715.227976][T16071] ? __lock_acquire+0xaa4/0x1ba0
[ 715.228003][T16071] netlink_rcv_skb+0x16a/0x440
[ 715.228039][T16071] ? __pfx_genl_rcv_msg+0x10/0x10
[ 715.228063][T16071] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 715.228113][T16071] ? __pfx_down_read+0x10/0x10
[ 715.228153][T16071] ? netlink_deliver_tap+0x1ae/0xd30
[ 715.228190][T16071] genl_rcv+0x28/0x40
[ 715.228225][T16071] netlink_unicast+0x53a/0x7f0
[ 715.228264][T16071] ? __pfx_netlink_unicast+0x10/0x10
[ 715.228297][T16071] ? __lock_acquire+0xaa4/0x1ba0
[ 715.228326][T16071] netlink_sendmsg+0x8d1/0xdd0
[ 715.228371][T16071] ? __pfx_netlink_sendmsg+0x10/0x10
[ 715.228417][T16071] ____sys_sendmsg+0xa95/0xc70
[ 715.228456][T16071] ? copy_msghdr_from_user+0x10a/0x160
[ 715.228486][T16071] ? __pfx_____sys_sendmsg+0x10/0x10
[ 715.228539][T16071] ___sys_sendmsg+0x134/0x1d0
[ 715.228571][T16071] ? __pfx____sys_sendmsg+0x10/0x10
[ 715.228639][T16071] __sys_sendmsg+0x16d/0x220
[ 715.228669][T16071] ? __pfx___sys_sendmsg+0x10/0x10
[ 715.228699][T16071] ? __x64_sys_futex+0x1e0/0x4c0
[ 715.228740][T16071] ? rcu_is_watching+0x12/0xc0
[ 715.228777][T16071] do_syscall_64+0xcd/0x260
[ 715.228814][T16071] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 715.228837][T16071] RIP: 0033:0x7f830b78d169
[ 715.228856][T16071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 715.228881][T16071] RSP: 002b:00007f830c519038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 715.228904][T16071] RAX: ffffffffffffffda RBX: 00007f830b9a5fa0 RCX: 00007f830b78d169
[ 715.228920][T16071] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000005
[ 715.228935][T16071] RBP: 00007f830b80e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 715.228950][T16071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 715.228965][T16071] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 715.228996][T16071]
[ 717.877604][T16100] FAULT_INJECTION: forcing a failure.
[ 717.877604][T16100] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 717.935863][T16100] CPU: 1 UID: 0 PID: 16100 Comm: syz.2.3709 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 717.935897][T16100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 717.935912][T16100] Call Trace:
[ 717.935919][T16100]
[ 717.935928][T16100] dump_stack_lvl+0x16c/0x1f0
[ 717.935968][T16100] should_fail_ex+0x512/0x640
[ 717.936000][T16100] _copy_to_user+0x32/0xd0
[ 717.936033][T16100] snd_pcm_oss_read2+0x294/0x410
[ 717.936065][T16100] ? __pfx_snd_pcm_oss_read2+0x10/0x10
[ 717.936088][T16100] ? snd_pcm_kernel_ioctl+0x267/0x2e0
[ 717.936118][T16100] ? snd_pcm_oss_prepare+0x11e/0x220
[ 717.936160][T16100] snd_pcm_oss_read+0x5d3/0x760
[ 717.936188][T16100] ? __pfx_snd_pcm_oss_read+0x10/0x10
[ 717.936215][T16100] vfs_read+0x1de/0xc70
[ 717.936254][T16100] ? __pfx_vfs_read+0x10/0x10
[ 717.936283][T16100] ? find_held_lock+0x2b/0x80
[ 717.936315][T16100] ? __fget_files+0x204/0x3c0
[ 717.936354][T16100] ? __fget_files+0x20e/0x3c0
[ 717.936397][T16100] ksys_read+0x12a/0x240
[ 717.936429][T16100] ? __pfx_ksys_read+0x10/0x10
[ 717.936460][T16100] ? rcu_is_watching+0x12/0xc0
[ 717.936498][T16100] do_syscall_64+0xcd/0x260
[ 717.936536][T16100] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 717.936560][T16100] RIP: 0033:0x7fc84558d169
[ 717.936579][T16100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 717.936608][T16100] RSP: 002b:00007fc84636a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 717.936631][T16100] RAX: ffffffffffffffda RBX: 00007fc8457a5fa0 RCX: 00007fc84558d169
[ 717.936648][T16100] RDX: 000000000cefbce6 RSI: 0000000000000000 RDI: 0000000000000005
[ 717.936663][T16100] RBP: 00007fc84560e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 717.936678][T16100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 717.936692][T16100] R13: 0000000000000000 R14: 00007fc8457a5fa0 R15: 00007ffe237af198
[ 717.936722][T16100]
[ 719.956398][T16145] mkiss: ax0: crc mode is auto.
[ 720.956851][T16169] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3725'.
[ 722.451881][T16191] GUP no longer grows the stack in syz.2.3728 (16191): 14000-401000 (4000)
[ 722.576380][T16191] CPU: 1 UID: 0 PID: 16191 Comm: syz.2.3728 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 722.576413][T16191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 722.576429][T16191] Call Trace:
[ 722.576436][T16191]
[ 722.576444][T16191] dump_stack_lvl+0x16c/0x1f0
[ 722.576502][T16191] gup_vma_lookup+0x1d2/0x220
[ 722.576531][T16191] __get_user_pages+0x234/0x36f0
[ 722.576570][T16191] ? process_vm_rw_core.constprop.0+0x1d8/0x9a0
[ 722.576594][T16191] ? look_up_lock_class+0x59/0x150
[ 722.576626][T16191] ? __pfx___get_user_pages+0x10/0x10
[ 722.576656][T16191] ? process_vm_rw+0x2ff/0x360
[ 722.576675][T16191] ? __x64_sys_process_vm_readv+0xe2/0x1c0
[ 722.576697][T16191] ? do_syscall_64+0xcd/0x260
[ 722.576747][T16191] __gup_longterm_locked+0x20d/0x1850
[ 722.576787][T16191] ? __pfx___gup_longterm_locked+0x10/0x10
[ 722.576833][T16191] pin_user_pages_remote+0xed/0x140
[ 722.576866][T16191] ? __pfx_pin_user_pages_remote+0x10/0x10
[ 722.576897][T16191] ? mm_access+0x22d/0x2e0
[ 722.576942][T16191] process_vm_rw_core.constprop.0+0x41b/0x9a0
[ 722.576971][T16191] ? futex_wait_queue+0x14c/0x220
[ 722.576992][T16191] ? futex_unqueue+0xba/0x140
[ 722.577030][T16191] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[ 722.577057][T16191] ? iovec_from_user+0xbb/0x140
[ 722.577101][T16191] ? iovec_from_user+0xbb/0x140
[ 722.577134][T16191] process_vm_rw+0x2ff/0x360
[ 722.577158][T16191] ? __pfx_process_vm_rw+0x10/0x10
[ 722.577187][T16191] ? do_writev+0x218/0x330
[ 722.577243][T16191] ? xfd_validate_state+0x5d/0x180
[ 722.577276][T16191] __x64_sys_process_vm_readv+0xe2/0x1c0
[ 722.577299][T16191] ? do_syscall_64+0x91/0x260
[ 722.577333][T16191] ? lockdep_hardirqs_on+0x7c/0x110
[ 722.577365][T16191] do_syscall_64+0xcd/0x260
[ 722.577402][T16191] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 722.577428][T16191] RIP: 0033:0x7fc84558d169
[ 722.577447][T16191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 722.577470][T16191] RSP: 002b:00007fc846349038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[ 722.577492][T16191] RAX: ffffffffffffffda RBX: 00007fc8457a6080 RCX: 00007fc84558d169
[ 722.577509][T16191] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 00000000000008c0
[ 722.577526][T16191] RBP: 00007fc84560e2a0 R08: 0000000000000003 R09: 0000000000000000
[ 722.577542][T16191] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[ 722.577556][T16191] R13: 0000000000000000 R14: 00007fc8457a6080 R15: 00007ffe237af198
[ 722.577586][T16191]
[ 723.084635][T16201] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3733'.
[ 723.095585][T16201] netlink: 242 bytes leftover after parsing attributes in process `syz.2.3733'.
[ 727.977728][T16295] FAULT_INJECTION: forcing a failure.
[ 727.977728][T16295] name failslab, interval 1, probability 0, space 0, times 0
[ 728.075827][T16295] CPU: 1 UID: 0 PID: 16295 Comm: syz.1.3760 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 728.075860][T16295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 728.075875][T16295] Call Trace:
[ 728.075882][T16295]
[ 728.075891][T16295] dump_stack_lvl+0x16c/0x1f0
[ 728.075929][T16295] should_fail_ex+0x512/0x640
[ 728.075957][T16295] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 728.075993][T16295] ? __pfx_debugfs_u8_get+0x10/0x10
[ 728.076027][T16295] should_failslab+0xc2/0x120
[ 728.076049][T16295] __kmalloc_cache_noprof+0x6a/0x3e0
[ 728.076080][T16295] ? __debugfs_file_get+0x1fe/0x840
[ 728.076105][T16295] ? simple_attr_open+0x57/0x1c0
[ 728.076140][T16295] ? __pfx_debugfs_u8_set+0x10/0x10
[ 728.076179][T16295] ? __pfx_debugfs_u8_get+0x10/0x10
[ 728.076213][T16295] simple_attr_open+0x57/0x1c0
[ 728.076244][T16295] ? __pfx_fops_u8_open+0x10/0x10
[ 728.076281][T16295] open_proxy_open+0x26f/0x3e0
[ 728.076312][T16295] do_dentry_open+0x741/0x1c10
[ 728.076347][T16295] ? __pfx_open_proxy_open+0x10/0x10
[ 728.076381][T16295] vfs_open+0x82/0x3f0
[ 728.076408][T16295] path_openat+0x1e5e/0x2d40
[ 728.076454][T16295] ? __pfx_path_openat+0x10/0x10
[ 728.076497][T16295] do_filp_open+0x20b/0x470
[ 728.076533][T16295] ? __pfx_do_filp_open+0x10/0x10
[ 728.076588][T16295] ? alloc_fd+0x471/0x7d0
[ 728.076630][T16295] do_sys_openat2+0x11b/0x1d0
[ 728.076655][T16295] ? __pfx_do_sys_openat2+0x10/0x10
[ 728.076691][T16295] __x64_sys_openat+0x174/0x210
[ 728.076717][T16295] ? __pfx___x64_sys_openat+0x10/0x10
[ 728.076745][T16295] ? rcu_is_watching+0x12/0xc0
[ 728.076783][T16295] do_syscall_64+0xcd/0x260
[ 728.076820][T16295] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 728.076849][T16295] RIP: 0033:0x7f830b78d169
[ 728.076868][T16295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 728.076892][T16295] RSP: 002b:00007f830c519038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 728.076915][T16295] RAX: ffffffffffffffda RBX: 00007f830b9a5fa0 RCX: 00007f830b78d169
[ 728.076932][T16295] RDX: 0000000000000080 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 728.076947][T16295] RBP: 00007f830b80e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 728.076963][T16295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 728.076977][T16295] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 728.077007][T16295]
[ 728.323706][ C1] vkms_vblank_simulate: vblank timer overrun
[ 728.759544][T16307] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3763'.
[ 728.802655][T16307] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3763'.
[ 728.853067][T16307] netlink: 286 bytes leftover after parsing attributes in process `syz.1.3763'.
[ 730.270123][T16333] FAULT_INJECTION: forcing a failure.
[ 730.270123][T16333] name failslab, interval 1, probability 0, space 0, times 0
[ 730.345263][T16333] CPU: 1 UID: 0 PID: 16333 Comm: syz.5.3774 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 730.345297][T16333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 730.345311][T16333] Call Trace:
[ 730.345319][T16333]
[ 730.345328][T16333] dump_stack_lvl+0x16c/0x1f0
[ 730.345368][T16333] should_fail_ex+0x512/0x640
[ 730.345395][T16333] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 730.345431][T16333] should_failslab+0xc2/0x120
[ 730.345457][T16333] __kmalloc_cache_noprof+0x6a/0x3e0
[ 730.345490][T16333] ? resv_map_alloc+0x46/0x400
[ 730.345517][T16333] resv_map_alloc+0x46/0x400
[ 730.345542][T16333] hugetlbfs_get_inode+0x33f/0x730
[ 730.345576][T16333] hugetlb_file_setup+0x15b/0x620
[ 730.345608][T16333] ksys_mmap_pgoff+0x189/0x5c0
[ 730.345637][T16333] ? rcu_is_watching+0x12/0xc0
[ 730.345670][T16333] __x64_sys_mmap+0x125/0x190
[ 730.345702][T16333] do_syscall_64+0xcd/0x260
[ 730.345739][T16333] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 730.345763][T16333] RIP: 0033:0x7efe40b8d169
[ 730.345781][T16333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 730.345804][T16333] RSP: 002b:00007efe41ad1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 730.345826][T16333] RAX: ffffffffffffffda RBX: 00007efe40da5fa0 RCX: 00007efe40b8d169
[ 730.345843][T16333] RDX: 0000000000000002 RSI: 0000000000a00006 RDI: 0000000000000000
[ 730.345857][T16333] RBP: 00007efe40c0e2a0 R08: 0000000000000602 R09: 0000300000000000
[ 730.345872][T16333] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000
[ 730.345886][T16333] R13: 0000000000000000 R14: 00007efe40da5fa0 R15: 00007fffa0f94458
[ 730.345916][T16333]
[ 730.516415][ C1] vkms_vblank_simulate: vblank timer overrun
[ 731.588038][T15405] Bluetooth: hci1: unexpected event 0x09 length: 11 > 3
[ 734.122193][T16381] netlink: 'syz.5.3789': attribute type 4 has an invalid length.
[ 734.168907][T16389] netlink: 'syz.1.3791': attribute type 32 has an invalid length.
[ 734.202307][T16389] netlink: 'syz.1.3791': attribute type 32 has an invalid length.
[ 734.233017][T16381] netlink: 314 bytes leftover after parsing attributes in process `syz.5.3789'.
[ 734.289733][T16381] IPv6: NLM_F_CREATE should be specified when creating new route
[ 736.891167][T16429] netlink: 138 bytes leftover after parsing attributes in process `syz.5.3801'.
[ 736.956827][T16429] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 737.000257][T16432] FAULT_INJECTION: forcing a failure.
[ 737.000257][T16432] name failslab, interval 1, probability 0, space 0, times 0
[ 737.209880][T16432] CPU: 1 UID: 0 PID: 16432 Comm: syz.1.3802 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 737.209914][T16432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 737.209928][T16432] Call Trace:
[ 737.209936][T16432]
[ 737.209945][T16432] dump_stack_lvl+0x16c/0x1f0
[ 737.209982][T16432] should_fail_ex+0x512/0x640
[ 737.210009][T16432] ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 737.210050][T16432] should_failslab+0xc2/0x120
[ 737.210071][T16432] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 737.210108][T16432] ? ptlock_alloc+0x1f/0x70
[ 737.210163][T16432] ptlock_alloc+0x1f/0x70
[ 737.210195][T16432] pte_alloc_one+0x6d/0x380
[ 737.210227][T16432] __pte_alloc+0x6d/0x3c0
[ 737.210251][T16432] ? __pfx___pte_alloc+0x10/0x10
[ 737.210275][T16432] ? __pfx___might_resched+0x10/0x10
[ 737.210309][T16432] ? copy_page_range+0x1943/0x5ec0
[ 737.210343][T16432] copy_page_range+0x39a7/0x5ec0
[ 737.210414][T16432] ? __pfx_copy_page_range+0x10/0x10
[ 737.210455][T16432] ? __pfx___might_resched+0x10/0x10
[ 737.210488][T16432] ? __pfx_mas_store+0x10/0x10
[ 737.210525][T16432] ? __vma_enter_locked+0x163/0x3f0
[ 737.210567][T16432] ? copy_process+0x85dd/0x91a0
[ 737.210602][T16432] ? down_write+0x14d/0x200
[ 737.210643][T16432] ? up_write+0x1b2/0x520
[ 737.210672][T16432] copy_process+0x862b/0x91a0
[ 737.210728][T16432] ? __pfx_copy_process+0x10/0x10
[ 737.210766][T16432] ? try_to_wake_up+0xa2f/0x1680
[ 737.210802][T16432] ? plist_check_head+0xa3/0x150
[ 737.210827][T16432] ? find_held_lock+0x2b/0x80
[ 737.210861][T16432] ? wake_up_q+0xb0/0x160
[ 737.210888][T16432] ? do_raw_spin_unlock+0x172/0x230
[ 737.210920][T16432] kernel_clone+0xfc/0x960
[ 737.210954][T16432] ? __pfx_futex_wake+0x10/0x10
[ 737.210976][T16432] ? __pfx_kernel_clone+0x10/0x10
[ 737.211029][T16432] __do_sys_clone+0xce/0x120
[ 737.211064][T16432] ? __pfx___do_sys_clone+0x10/0x10
[ 737.211115][T16432] ? rcu_is_watching+0x12/0xc0
[ 737.211154][T16432] do_syscall_64+0xcd/0x260
[ 737.211191][T16432] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 737.211216][T16432] RIP: 0033:0x7f830b78d169
[ 737.211235][T16432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 737.211259][T16432] RSP: 002b:00007f830c518fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 737.211281][T16432] RAX: ffffffffffffffda RBX: 00007f830b9a5fa0 RCX: 00007f830b78d169
[ 737.211297][T16432] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040100000
[ 737.211311][T16432] RBP: 00007f830b80e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 737.211326][T16432] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 737.211351][T16432] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 737.211380][T16432]
[ 740.458780][T16472] netlink: 54 bytes leftover after parsing attributes in process `syz.5.3815'.
[ 740.976242][T16482] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3819'.
[ 741.586948][T16488] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 741.640700][T16488] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 741.698223][T16488] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 741.756899][T16488] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 741.870078][T16488] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 741.965139][T16488] CPU0 is offline.
[ 742.484492][T16499] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3825'.
[ 742.610738][T16501] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3824'.
[ 742.751215][T16503] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3827'.
[ 742.803308][T16505] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3824'.
[ 743.573845][T15405] Bluetooth: hci1: command 0x0406 tx timeout
[ 743.653365][T15405] Bluetooth: hci3: command 0x0406 tx timeout
[ 743.732967][T15405] Bluetooth: hci0: command 0x0c1a tx timeout
[ 745.407339][T16539] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3839'.
[ 745.818476][T15405] Bluetooth: hci0: command 0x0c1a tx timeout
[ 746.096919][T16543] page: refcount:22 mapcount:0 mapping:0000000000000000 index:0xffff88807a006000 pfn:0x7a000
[ 746.216571][T16543] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 746.323619][T16547] could not allocate digest TFM handle
[ 746.393699][T16543] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 746.486270][T16543] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[ 746.553890][T16543] raw: ffff88807a006000 0000000000000000 00000016ffffffff 0000000000000000
[ 746.576851][T16543] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[ 746.732221][T16543] head: ffff88807a006000 0000000000000000 00000016ffffffff 0000000000000000
[ 746.803112][T16543] head: 00fff00000000003 ffffea0001e80001 00000000ffffffff 00000000ffffffff
[ 746.905121][T16543] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 746.949978][T16543] page dumped because: unmovable page
[ 746.999537][T16543] page_owner tracks the page as allocated
[ 747.053916][T16543] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 4523, tgid 4523 (kworker/u8:8), ts 312477561559, free_ts 312474177465
[ 747.155448][T16543] post_alloc_hook+0x181/0x1b0
[ 747.160285][T16543] get_page_from_freelist+0x1193/0x39b0
[ 747.228879][T16543] __alloc_frozen_pages_noprof+0x263/0x23a0
[ 747.254814][T16543] alloc_pages_mpol+0x1fb/0x550
[ 747.259748][T16543] alloc_pages_noprof+0x131/0x390
[ 747.309763][T16543] skb_page_frag_refill+0x186/0x5a0
[ 747.344133][T16543] try_fill_recv+0x79c/0x2690
[ 747.358900][T16543] virtnet_poll+0x1e23/0x3c00
[ 747.379270][T16543] __napi_poll.constprop.0+0xb7/0x550
[ 747.418604][T16543] net_rx_action+0xa97/0x1010
[ 747.464214][T16543] handle_softirqs+0x216/0x8e0
[ 747.472559][T16543] __irq_exit_rcu+0x109/0x170
[ 747.505386][T16543] irq_exit_rcu+0x9/0x30
[ 747.519791][T16543] common_interrupt+0xbf/0xe0
[ 747.548054][T16543] asm_common_interrupt+0x26/0x40
[ 747.553139][T16543] page last free pid 5838 tgid 5838 stack trace:
[ 747.607856][T16543] __free_frozen_pages+0x69d/0xff0
[ 747.633426][T16543] __put_partials+0x16d/0x1c0
[ 747.666172][T16543] qlist_free_all+0x4e/0x120
[ 747.704529][T16543] kasan_quarantine_reduce+0x195/0x1e0
[ 747.710135][T16543] __kasan_slab_alloc+0x69/0x90
[ 747.759553][T16543] kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 747.781389][T16543] getname_flags.part.0+0x48/0x540
[ 747.810766][T16543] getname_flags+0x93/0xf0
[ 747.835497][T16543] __x64_sys_mkdirat+0x76/0xb0
[ 747.860807][T16543] do_syscall_64+0xcd/0x260
[ 747.889289][T16543] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 747.895674][T15405] Bluetooth: hci0: command 0x0c1a tx timeout
[ 749.786794][T16590] netlink: 130 bytes leftover after parsing attributes in process `syz.5.3857'.
[ 752.433312][T16625] FAULT_INJECTION: forcing a failure.
[ 752.433312][T16625] name failslab, interval 1, probability 0, space 0, times 0
[ 752.590798][T16625] CPU: 1 UID: 0 PID: 16625 Comm: syz.1.3868 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 752.590845][T16625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 752.590860][T16625] Call Trace:
[ 752.590869][T16625]
[ 752.590879][T16625] dump_stack_lvl+0x16c/0x1f0
[ 752.590918][T16625] should_fail_ex+0x512/0x640
[ 752.590946][T16625] ? fs_reclaim_acquire+0xae/0x150
[ 752.590978][T16625] should_failslab+0xc2/0x120
[ 752.591000][T16625] __kmalloc_cache_noprof+0x6a/0x3e0
[ 752.591034][T16625] ? tomoyo_find_next_domain+0x145/0x20b0
[ 752.591059][T16625] ? kasan_save_track+0x14/0x30
[ 752.591103][T16625] tomoyo_find_next_domain+0x145/0x20b0
[ 752.591130][T16625] ? __pfx___kernel_read+0x10/0x10
[ 752.591170][T16625] ? __pfx_tomoyo_find_next_domain+0x10/0x10
[ 752.591206][T16625] tomoyo_bprm_check_security+0x12e/0x1d0
[ 752.591245][T16625] ? tomoyo_bprm_check_security+0x120/0x1d0
[ 752.591285][T16625] security_bprm_check+0x1b9/0x1e0
[ 752.591309][T16625] bprm_execve+0x810/0x1650
[ 752.591347][T16625] ? __pfx_bprm_execve+0x10/0x10
[ 752.591376][T16625] ? __asan_memcpy+0x3c/0x60
[ 752.591407][T16625] ? copy_string_kernel+0x404/0x4a0
[ 752.591444][T16625] do_execveat_common.isra.0+0x4a5/0x610
[ 752.591484][T16625] __x64_sys_execve+0x8e/0xb0
[ 752.591518][T16625] do_syscall_64+0xcd/0x260
[ 752.591555][T16625] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 752.591579][T16625] RIP: 0033:0x7f830b78d169
[ 752.591598][T16625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 752.591620][T16625] RSP: 002b:00007f830c519038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[ 752.591643][T16625] RAX: ffffffffffffffda RBX: 00007f830b9a5fa0 RCX: 00007f830b78d169
[ 752.591659][T16625] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[ 752.591674][T16625] RBP: 00007f830b80e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 752.591689][T16625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 752.591704][T16625] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 752.591734][T16625]
[ 753.163016][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 753.172333][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 754.389019][T16644] random: crng reseeded on system resumption
[ 757.019318][T16670] openvswitch: netlink: IP tunnel dst address not specified
[ 757.755177][T16677] mkiss: ax0: crc mode is auto.
[ 757.940656][T16680] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3888'.
[ 760.967742][T16724] netlink: 342 bytes leftover after parsing attributes in process `syz.5.3906'.
[ 761.008149][T16724] netlink: 142 bytes leftover after parsing attributes in process `syz.5.3906'.
[ 761.069216][T16725] netlink: 218 bytes leftover after parsing attributes in process `syz.5.3906'.
[ 761.792591][T16734] netlink: 'syz.2.3908': attribute type 15 has an invalid length.
[ 761.883229][T16734] netlink: 'syz.2.3908': attribute type 16 has an invalid length.
[ 761.918156][T16735] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3907'.
[ 761.997497][T16734] netlink: 'syz.2.3908': attribute type 17 has an invalid length.
[ 762.098492][T16734] netlink: 'syz.2.3908': attribute type 19 has an invalid length.
[ 762.217294][T16734] netlink: 238 bytes leftover after parsing attributes in process `syz.2.3908'.
[ 762.328964][T16743] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3912'.
[ 762.392730][T16743] netlink: 354 bytes leftover after parsing attributes in process `syz.5.3912'.
[ 762.903100][T16748] mkiss: ax0: crc mode is auto.
[ 763.436929][T15405] Bluetooth: hci0: unexpected event 0x05 length: 440 > 4
[ 764.670214][T16778] FAULT_INJECTION: forcing a failure.
[ 764.670214][T16778] name failslab, interval 1, probability 0, space 0, times 0
[ 764.797777][T16778] CPU: 1 UID: 0 PID: 16778 Comm: syz.1.3925 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 764.797811][T16778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 764.797826][T16778] Call Trace:
[ 764.797835][T16778]
[ 764.797844][T16778] dump_stack_lvl+0x16c/0x1f0
[ 764.797902][T16778] should_fail_ex+0x512/0x640
[ 764.797930][T16778] ? fs_reclaim_acquire+0xae/0x150
[ 764.797964][T16778] should_failslab+0xc2/0x120
[ 764.797986][T16778] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 764.798025][T16778] ? security_inode_alloc+0x3b/0x2b0
[ 764.798064][T16778] security_inode_alloc+0x3b/0x2b0
[ 764.798091][T16778] inode_init_always_gfp+0xce4/0x1030
[ 764.798133][T16778] alloc_inode+0x86/0x240
[ 764.798160][T16778] path_from_stashed+0x2be/0xb00
[ 764.798199][T16778] ? do_raw_spin_lock+0x12c/0x2b0
[ 764.798229][T16778] ? __pfx_path_from_stashed+0x10/0x10
[ 764.798269][T16778] ? do_raw_spin_unlock+0x172/0x230
[ 764.798302][T16778] ns_get_path+0x5f/0x80
[ 764.798337][T16778] proc_ns_get_link+0x121/0x260
[ 764.798375][T16778] ? __pfx_proc_ns_get_link+0x10/0x10
[ 764.798413][T16778] ? __pfx___might_resched+0x10/0x10
[ 764.798452][T16778] ? __pfx_proc_ns_get_link+0x10/0x10
[ 764.798491][T16778] step_into+0x1b22/0x2270
[ 764.798528][T16778] ? __pfx_step_into+0x10/0x10
[ 764.798559][T16778] ? find_held_lock+0x2b/0x80
[ 764.798599][T16778] path_openat+0x749/0x2d40
[ 764.798644][T16778] ? __pfx_path_openat+0x10/0x10
[ 764.798688][T16778] do_filp_open+0x20b/0x470
[ 764.798724][T16778] ? __pfx_do_filp_open+0x10/0x10
[ 764.798780][T16778] ? alloc_fd+0x471/0x7d0
[ 764.798822][T16778] do_sys_openat2+0x11b/0x1d0
[ 764.798848][T16778] ? __pfx_do_sys_openat2+0x10/0x10
[ 764.798884][T16778] __x64_sys_openat+0x174/0x210
[ 764.798911][T16778] ? __pfx___x64_sys_openat+0x10/0x10
[ 764.798939][T16778] ? rcu_is_watching+0x12/0xc0
[ 764.798977][T16778] do_syscall_64+0xcd/0x260
[ 764.799015][T16778] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 764.799087][T16778] RIP: 0033:0x7f830b78bad0
[ 764.799107][T16778] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 764.799131][T16778] RSP: 002b:00007f830c518f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 764.799155][T16778] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f830b78bad0
[ 764.799172][T16778] RDX: 0000000000000002 RSI: 00007f830c518fa0 RDI: 00000000ffffff9c
[ 764.799188][T16778] RBP: 00007f830c518fa0 R08: 0000000000000000 R09: 0000000000000000
[ 764.799204][T16778] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 764.799219][T16778] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 764.799249][T16778]
[ 765.689363][T16789] FAULT_INJECTION: forcing a failure.
[ 765.689363][T16789] name failslab, interval 1, probability 0, space 0, times 0
[ 765.748592][T16789] CPU: 1 UID: 0 PID: 16789 Comm: syz.2.3928 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 765.748626][T16789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 765.748641][T16789] Call Trace:
[ 765.748649][T16789]
[ 765.748659][T16789] dump_stack_lvl+0x16c/0x1f0
[ 765.748698][T16789] should_fail_ex+0x512/0x640
[ 765.748725][T16789] ? fs_reclaim_acquire+0xae/0x150
[ 765.748757][T16789] should_failslab+0xc2/0x120
[ 765.748780][T16789] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 765.748817][T16789] ? security_inode_alloc+0x3b/0x2b0
[ 765.748847][T16789] security_inode_alloc+0x3b/0x2b0
[ 765.748874][T16789] inode_init_always_gfp+0xce4/0x1030
[ 765.748915][T16789] alloc_inode+0x86/0x240
[ 765.748941][T16789] new_inode+0x22/0x1c0
[ 765.748971][T16789] ? __d_lookup+0x266/0x4a0
[ 765.749001][T16789] proc_pid_make_inode+0x22/0x160
[ 765.749060][T16789] proc_pident_instantiate+0x85/0x320
[ 765.749104][T16789] proc_fill_cache+0x35e/0x470
[ 765.749126][T16789] ? __pfx_proc_pident_instantiate+0x10/0x10
[ 765.749168][T16789] ? __pfx_proc_fill_cache+0x10/0x10
[ 765.749222][T16789] proc_pident_readdir+0x1bc/0x560
[ 765.749252][T16789] iterate_dir+0x293/0xb40
[ 765.749287][T16789] __x64_sys_getdents64+0x14d/0x2d0
[ 765.749319][T16789] ? __x64_sys_futex+0x1e0/0x4c0
[ 765.749353][T16789] ? __x64_sys_futex+0x1e9/0x4c0
[ 765.749388][T16789] ? __pfx___x64_sys_getdents64+0x10/0x10
[ 765.749420][T16789] ? xfd_validate_state+0x5d/0x180
[ 765.749446][T16789] ? __pfx_filldir64+0x10/0x10
[ 765.749476][T16789] ? rcu_is_watching+0x12/0xc0
[ 765.749515][T16789] do_syscall_64+0xcd/0x260
[ 765.749553][T16789] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 765.749578][T16789] RIP: 0033:0x7fc84558d169
[ 765.749598][T16789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 765.749621][T16789] RSP: 002b:00007fc84636a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[ 765.749644][T16789] RAX: ffffffffffffffda RBX: 00007fc8457a5fa0 RCX: 00007fc84558d169
[ 765.749661][T16789] RDX: 0000000000000327 RSI: 0000000000000000 RDI: 0000000000000005
[ 765.749676][T16789] RBP: 00007fc84560e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 765.749691][T16789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 765.749706][T16789] R13: 0000000000000000 R14: 00007fc8457a5fa0 R15: 00007ffe237af198
[ 765.749737][T16789]
[ 767.061752][T16799] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3927'.
[ 769.747801][T16829] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3938'.
[ 769.801307][T16829] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3938'.
[ 770.209658][T16835] FAULT_INJECTION: forcing a failure.
[ 770.209658][T16835] name failslab, interval 1, probability 0, space 0, times 0
[ 770.317735][T16835] CPU: 1 UID: 0 PID: 16835 Comm: syz.1.3939 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 770.317769][T16835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 770.317784][T16835] Call Trace:
[ 770.317792][T16835]
[ 770.317801][T16835] dump_stack_lvl+0x16c/0x1f0
[ 770.317839][T16835] should_fail_ex+0x512/0x640
[ 770.317866][T16835] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 770.317907][T16835] should_failslab+0xc2/0x120
[ 770.317929][T16835] kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 770.317966][T16835] ? proc_alloc_inode+0x25/0x200
[ 770.317990][T16835] ? __pfx_proc_alloc_inode+0x10/0x10
[ 770.318010][T16835] proc_alloc_inode+0x25/0x200
[ 770.318031][T16835] alloc_inode+0x61/0x240
[ 770.318057][T16835] new_inode+0x22/0x1c0
[ 770.318081][T16835] ? __d_lookup+0x266/0x4a0
[ 770.318112][T16835] proc_pid_make_inode+0x22/0x160
[ 770.318151][T16835] proc_pident_instantiate+0x85/0x320
[ 770.318192][T16835] proc_fill_cache+0x35e/0x470
[ 770.318213][T16835] ? __pfx_proc_pident_instantiate+0x10/0x10
[ 770.318253][T16835] ? __pfx_proc_fill_cache+0x10/0x10
[ 770.318304][T16835] proc_pident_readdir+0x1bc/0x560
[ 770.318332][T16835] iterate_dir+0x293/0xb40
[ 770.318367][T16835] __x64_sys_getdents64+0x14d/0x2d0
[ 770.318397][T16835] ? __x64_sys_futex+0x1e0/0x4c0
[ 770.318431][T16835] ? __x64_sys_futex+0x1e9/0x4c0
[ 770.318465][T16835] ? __pfx___x64_sys_getdents64+0x10/0x10
[ 770.318496][T16835] ? xfd_validate_state+0x5d/0x180
[ 770.318521][T16835] ? __pfx_filldir64+0x10/0x10
[ 770.318558][T16835] ? rcu_is_watching+0x12/0xc0
[ 770.318596][T16835] do_syscall_64+0xcd/0x260
[ 770.318633][T16835] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 770.318657][T16835] RIP: 0033:0x7f830b78d169
[ 770.318676][T16835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 770.318699][T16835] RSP: 002b:00007f830c519038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[ 770.318721][T16835] RAX: ffffffffffffffda RBX: 00007f830b9a5fa0 RCX: 00007f830b78d169
[ 770.318737][T16835] RDX: 0000000000000327 RSI: 0000000000000000 RDI: 0000000000000005
[ 770.318751][T16835] RBP: 00007f830b80e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 770.318765][T16835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 770.318780][T16835] R13: 0000000000000000 R14: 00007f830b9a5fa0 R15: 00007fff0e36a608
[ 770.318809][T16835]
[ 771.423873][T16847] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3943'.
[ 772.617622][T16866] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3957'.
[ 773.445408][T16878] FAULT_INJECTION: forcing a failure.
[ 773.445408][T16878] name failslab, interval 1, probability 0, space 0, times 0
[ 773.510669][T16878] CPU: 1 UID: 0 PID: 16878 Comm: syz.2.3951 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 773.510704][T16878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 773.510720][T16878] Call Trace:
[ 773.510728][T16878]
[ 773.510738][T16878] dump_stack_lvl+0x16c/0x1f0
[ 773.510776][T16878] should_fail_ex+0x512/0x640
[ 773.510804][T16878] ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 773.510846][T16878] should_failslab+0xc2/0x120
[ 773.510869][T16878] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 773.510908][T16878] ? mas_alloc_nodes+0x18b/0x8b0
[ 773.510943][T16878] mas_alloc_nodes+0x18b/0x8b0
[ 773.510980][T16878] mas_node_count_gfp+0x105/0x130
[ 773.511013][T16878] mas_preallocate+0x53e/0xcd0
[ 773.511041][T16878] ? __pfx_mas_preallocate+0x10/0x10
[ 773.511075][T16878] ? __pfx___might_resched+0x10/0x10
[ 773.511114][T16878] vma_link+0x135/0x6a0
[ 773.511150][T16878] ? anon_vma_clone+0x3fe/0x5c0
[ 773.511187][T16878] ? __pfx_vma_link+0x10/0x10
[ 773.511231][T16878] ? anon_vma_clone+0x405/0x5c0
[ 773.511273][T16878] copy_vma+0x68a/0xa50
[ 773.511314][T16878] ? __pfx_copy_vma+0x10/0x10
[ 773.511349][T16878] ? finish_task_switch.isra.0+0x221/0xc10
[ 773.511382][T16878] ? lockdep_hardirqs_on+0x7c/0x110
[ 773.511421][T16878] ? register_lock_class+0x41/0x4c0
[ 773.511444][T16878] ? __schedule+0x1186/0x5de0
[ 773.511493][T16878] copy_vma_and_data+0x1cf/0x810
[ 773.511535][T16878] ? __pfx_copy_vma_and_data+0x10/0x10
[ 773.511599][T16878] ? __vma_enter_locked+0x163/0x3f0
[ 773.511640][T16878] ? find_held_lock+0x2b/0x80
[ 773.511671][T16878] ? move_vma+0x536/0x1740
[ 773.511706][T16878] ? __vm_enough_memory+0x184/0x3f0
[ 773.511739][T16878] move_vma+0x548/0x1740
[ 773.511780][T16878] ? __pfx_move_vma+0x10/0x10
[ 773.511819][T16878] ? mm_get_unmapped_area_vmflags+0x97/0xe0
[ 773.511848][T16878] ? cap_mmap_addr+0x4b/0x120
[ 773.511870][T16878] ? bpf_lsm_mmap_addr+0x9/0x10
[ 773.511898][T16878] ? security_mmap_addr+0x6c/0x1e0
[ 773.511929][T16878] ? __get_unmapped_area+0x26a/0x440
[ 773.511960][T16878] ? vrm_set_new_addr+0x208/0x290
[ 773.511999][T16878] __do_sys_mremap+0xe38/0x15d0
[ 773.512039][T16878] ? __pfx___do_sys_mremap+0x10/0x10
[ 773.512092][T16878] ? __x64_sys_futex+0x1e0/0x4c0
[ 773.512133][T16878] ? rcu_is_watching+0x12/0xc0
[ 773.512170][T16878] do_syscall_64+0xcd/0x260
[ 773.512206][T16878] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 773.512230][T16878] RIP: 0033:0x7fc84558d169
[ 773.512250][T16878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 773.512273][T16878] RSP: 002b:00007fc84636a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[ 773.512296][T16878] RAX: ffffffffffffffda RBX: 00007fc8457a5fa0 RCX: 00007fc84558d169
[ 773.512311][T16878] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000000000000000
[ 773.512326][T16878] RBP: 00007fc84560e2a0 R08: 0000000100000000 R09: 0000000000000000
[ 773.512341][T16878] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000
[ 773.512356][T16878] R13: 0000000000000000 R14: 00007fc8457a5fa0 R15: 00007ffe237af198
[ 773.512385][T16878]
[ 774.439130][T16883] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3962'.
[ 774.570839][T16885] FAULT_INJECTION: forcing a failure.
[ 774.570839][T16885] name failslab, interval 1, probability 0, space 0, times 0
[ 774.606088][T16885] CPU: 1 UID: 0 PID: 16885 Comm: syz.5.3963 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 774.606124][T16885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 774.606140][T16885] Call Trace:
[ 774.606148][T16885]
[ 774.606158][T16885] dump_stack_lvl+0x16c/0x1f0
[ 774.606197][T16885] should_fail_ex+0x512/0x640
[ 774.606225][T16885] ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[ 774.606277][T16885] should_failslab+0xc2/0x120
[ 774.606300][T16885] __kmalloc_node_track_caller_noprof+0xd6/0x510
[ 774.606344][T16885] ? dccp_feat_clone_sp_val+0x96/0x130
[ 774.606389][T16885] kmemdup_noprof+0x29/0x60
[ 774.606413][T16885] dccp_feat_clone_sp_val+0x96/0x130
[ 774.606452][T16885] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 774.606480][T16885] __feat_register_sp+0x331/0x5a0
[ 774.606523][T16885] ? __pfx___feat_register_sp+0x10/0x10
[ 774.606565][T16885] ? __debug_object_init+0x2de/0x3d0
[ 774.606600][T16885] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 774.606637][T16885] dccp_feat_init+0x2e5/0x800
[ 774.606664][T16885] ? __pfx_dccp_feat_init+0x10/0x10
[ 774.606688][T16885] ? __pfx_dccp_keepalive_timer+0x10/0x10
[ 774.606723][T16885] ? lockdep_init_map_type+0x5c/0x280
[ 774.606747][T16885] ? do_init_timer+0xc9/0x110
[ 774.606780][T16885] ? __pfx_dccp_keepalive_timer+0x10/0x10
[ 774.606813][T16885] ? __pfx_dccp_delack_timer+0x10/0x10
[ 774.606850][T16885] dccp_init_sock+0x327/0x420
[ 774.606880][T16885] ? __pfx_dccp_v4_init_sock+0x10/0x10
[ 774.606908][T16885] dccp_v4_init_sock+0x1f/0xa0
[ 774.606934][T16885] ? __pfx_dccp_v4_init_sock+0x10/0x10
[ 774.606961][T16885] inet_create+0x936/0x1090
[ 774.606984][T16885] ? inet_create+0x93/0x1090
[ 774.607011][T16885] __sock_create+0x335/0x8d0
[ 774.607040][T16885] __sys_socket+0x14d/0x260
[ 774.607064][T16885] ? __pfx___sys_socket+0x10/0x10
[ 774.607090][T16885] ? rcu_is_watching+0x12/0xc0
[ 774.607127][T16885] __x64_sys_socket+0x72/0xb0
[ 774.607150][T16885] ? lockdep_hardirqs_on+0x7c/0x110
[ 774.607185][T16885] do_syscall_64+0xcd/0x260
[ 774.607224][T16885] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 774.607249][T16885] RIP: 0033:0x7efe40b8d169
[ 774.607274][T16885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 774.607298][T16885] RSP: 002b:00007efe41ad1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 774.607321][T16885] RAX: ffffffffffffffda RBX: 00007efe40da5fa0 RCX: 00007efe40b8d169
[ 774.607337][T16885] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000002
[ 774.607353][T16885] RBP: 00007efe40c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 774.607368][T16885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 774.607384][T16885] R13: 0000000000000000 R14: 00007efe40da5fa0 R15: 00007fffa0f94458
[ 774.607414][T16885]
[ 775.377381][T16895] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3965'.
[ 775.683376][T16899] FAULT_INJECTION: forcing a failure.
[ 775.683376][T16899] name failslab, interval 1, probability 0, space 0, times 0
[ 775.755047][T16899] CPU: 1 UID: 0 PID: 16899 Comm: syz.0.3956 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 775.755081][T16899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 775.755097][T16899] Call Trace:
[ 775.755106][T16899]
[ 775.755116][T16899] dump_stack_lvl+0x16c/0x1f0
[ 775.755175][T16899] should_fail_ex+0x512/0x640
[ 775.755203][T16899] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 775.755245][T16899] should_failslab+0xc2/0x120
[ 775.755268][T16899] kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 775.755306][T16899] ? __d_alloc+0x31/0xaa0
[ 775.755331][T16899] __d_alloc+0x31/0xaa0
[ 775.755357][T16899] d_alloc+0x4a/0x1e0
[ 775.755380][T16899] d_alloc_parallel+0xe3/0x12e0
[ 775.755419][T16899] ? __d_lookup+0x25c/0x4a0
[ 775.755449][T16899] ? __pfx_d_alloc_parallel+0x10/0x10
[ 775.755479][T16899] ? __d_lookup+0x266/0x4a0
[ 775.755507][T16899] ? lockdep_init_map_type+0x5c/0x280
[ 775.755532][T16899] ? lockdep_init_map_type+0x5c/0x280
[ 775.755560][T16899] proc_fill_cache+0x2e6/0x470
[ 775.755582][T16899] ? __pfx_proc_pident_instantiate+0x10/0x10
[ 775.755629][T16899] ? __pfx_proc_fill_cache+0x10/0x10
[ 775.755680][T16899] proc_pident_readdir+0x1bc/0x560
[ 775.755709][T16899] iterate_dir+0x293/0xb40
[ 775.755743][T16899] __x64_sys_getdents64+0x14d/0x2d0
[ 775.755773][T16899] ? __x64_sys_futex+0x1e0/0x4c0
[ 775.755807][T16899] ? __x64_sys_futex+0x1e9/0x4c0
[ 775.755841][T16899] ? __pfx___x64_sys_getdents64+0x10/0x10
[ 775.755873][T16899] ? xfd_validate_state+0x5d/0x180
[ 775.755898][T16899] ? __pfx_filldir64+0x10/0x10
[ 775.755927][T16899] ? rcu_is_watching+0x12/0xc0
[ 775.755964][T16899] do_syscall_64+0xcd/0x260
[ 775.756002][T16899] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 775.756027][T16899] RIP: 0033:0x7f584818d169
[ 775.756046][T16899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 775.756075][T16899] RSP: 002b:00007f5848f45038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[ 775.756098][T16899] RAX: ffffffffffffffda RBX: 00007f58483a5fa0 RCX: 00007f584818d169
[ 775.756114][T16899] RDX: 0000000000000327 RSI: 0000000000000000 RDI: 0000000000000005
[ 775.756128][T16899] RBP: 00007f584820e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 775.756148][T16899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 775.756162][T16899] R13: 0000000000000000 R14: 00007f58483a5fa0 R15: 00007ffc5d606098
[ 775.756193][T16899]
[ 776.240134][T16904] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[ 776.326424][T16910] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15
[ 776.455574][T16913] ==================================================================
[ 776.463685][T16913] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0
[ 776.471423][T16913] Read of size 8 at addr ffff88802a6ca418 by task syz.0.3964/16913
[ 776.479321][T16913]
[ 776.481651][T16913] CPU: 1 UID: 0 PID: 16913 Comm: syz.0.3964 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 776.481680][T16913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 776.481695][T16913] Call Trace:
[ 776.481705][T16913]
[ 776.481715][T16913] dump_stack_lvl+0x116/0x1f0
[ 776.481753][T16913] print_report+0xc3/0x670
[ 776.481790][T16913] ? __virt_addr_valid+0x5e/0x590
[ 776.481826][T16913] ? __phys_addr+0xc6/0x150
[ 776.481861][T16913] ? dvb_device_open+0x36a/0x3b0
[ 776.481883][T16913] kasan_report+0xe0/0x110
[ 776.481904][T16913] ? dvb_device_open+0x36a/0x3b0
[ 776.481929][T16913] ? __pfx_dvb_device_open+0x10/0x10
[ 776.481952][T16913] dvb_device_open+0x36a/0x3b0
[ 776.481974][T16913] ? __pfx_dvb_device_open+0x10/0x10
[ 776.481998][T16913] chrdev_open+0x231/0x6a0
[ 776.482033][T16913] ? __pfx_apparmor_file_open+0x10/0x10
[ 776.482064][T16913] ? __pfx_chrdev_open+0x10/0x10
[ 776.482107][T16913] ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 776.482145][T16913] do_dentry_open+0x741/0x1c10
[ 776.482179][T16913] ? __pfx_chrdev_open+0x10/0x10
[ 776.482236][T16913] vfs_open+0x82/0x3f0
[ 776.482260][T16913] path_openat+0x1e5e/0x2d40
[ 776.482300][T16913] ? __pfx_path_openat+0x10/0x10
[ 776.482337][T16913] do_filp_open+0x20b/0x470
[ 776.482371][T16913] ? __pfx_do_filp_open+0x10/0x10
[ 776.482416][T16913] ? alloc_fd+0x471/0x7d0
[ 776.482452][T16913] do_sys_openat2+0x11b/0x1d0
[ 776.482477][T16913] ? __pfx_do_sys_openat2+0x10/0x10
[ 776.482502][T16913] ? __pfx_do_sys_openat2+0x10/0x10
[ 776.482528][T16913] ? __pfx___might_resched+0x10/0x10
[ 776.482566][T16913] __x64_sys_openat+0x174/0x210
[ 776.482593][T16913] ? __pfx___x64_sys_openat+0x10/0x10
[ 776.482619][T16913] ? rcu_is_watching+0x12/0xc0
[ 776.482654][T16913] do_syscall_64+0xcd/0x260
[ 776.482690][T16913] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 776.482715][T16913] RIP: 0033:0x7f584818d169
[ 776.482735][T16913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 776.482759][T16913] RSP: 002b:00007f5848f45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 776.482782][T16913] RAX: ffffffffffffffda RBX: 00007f58483a5fa0 RCX: 00007f584818d169
[ 776.482799][T16913] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 776.482816][T16913] RBP: 00007f584820e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 776.482831][T16913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 776.482847][T16913] R13: 0000000000000000 R14: 00007f58483a5fa0 R15: 00007ffc5d606098
[ 776.482871][T16913]
[ 776.482879][T16913]
[ 776.739699][T16913] Allocated by task 1:
[ 776.743776][T16913] kasan_save_stack+0x33/0x60
[ 776.748579][T16913] kasan_save_track+0x14/0x30
[ 776.753280][T16913] __kasan_kmalloc+0xaa/0xb0
[ 776.757892][T16913] dvb_register_device+0x1e4/0x2370
[ 776.763102][T16913] dvb_register_frontend+0x5a6/0x880
[ 776.768412][T16913] vidtv_bridge_probe+0x459/0xa90
[ 776.773508][T16913] platform_probe+0xff/0x1f0
[ 776.778127][T16913] really_probe+0x23e/0xa90
[ 776.782656][T16913] __driver_probe_device+0x1de/0x440
[ 776.787968][T16913] driver_probe_device+0x4c/0x1b0
[ 776.793041][T16913] __driver_attach+0x283/0x580
[ 776.797822][T16913] bus_for_each_dev+0x13b/0x1d0
[ 776.802684][T16913] bus_add_driver+0x2e9/0x690
[ 776.807444][T16913] driver_register+0x15c/0x4b0
[ 776.812231][T16913] vidtv_bridge_init+0x45/0x80
[ 776.817011][T16913] do_one_initcall+0x120/0x6e0
[ 776.821826][T16913] kernel_init_freeable+0x5c2/0x900
[ 776.827067][T16913] kernel_init+0x1c/0x2b0
[ 776.831438][T16913] ret_from_fork+0x45/0x80
[ 776.835864][T16913] ret_from_fork_asm+0x1a/0x30
[ 776.840664][T16913]
[ 776.842988][T16913] Freed by task 16904:
[ 776.847073][T16913] kasan_save_stack+0x33/0x60
[ 776.851766][T16913] kasan_save_track+0x14/0x30
[ 776.856460][T16913] kasan_save_free_info+0x3b/0x60
[ 776.861492][T16913] __kasan_slab_free+0x51/0x70
[ 776.866291][T16913] kfree+0x2b6/0x4d0
[ 776.870199][T16913] dvb_device_put.part.0+0x60/0x90
[ 776.875331][T16913] dvb_device_open+0x2a4/0x3b0
[ 776.880101][T16913] chrdev_open+0x231/0x6a0
[ 776.884570][T16913] do_dentry_open+0x741/0x1c10
[ 776.889348][T16913] vfs_open+0x82/0x3f0
[ 776.893422][T16913] path_openat+0x1e5e/0x2d40
[ 776.898096][T16913] do_filp_open+0x20b/0x470
[ 776.902640][T16913] do_sys_openat2+0x11b/0x1d0
[ 776.907326][T16913] __x64_sys_openat+0x174/0x210
[ 776.912201][T16913] do_syscall_64+0xcd/0x260
[ 776.916882][T16913] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 776.922796][T16913]
[ 776.925128][T16913] The buggy address belongs to the object at ffff88802a6ca400
[ 776.925128][T16913] which belongs to the cache kmalloc-256 of size 256
[ 776.939213][T16913] The buggy address is located 24 bytes inside of
[ 776.939213][T16913] freed 256-byte region [ffff88802a6ca400, ffff88802a6ca500)
[ 776.952939][T16913]
[ 776.955263][T16913] The buggy address belongs to the physical page:
[ 776.961674][T16913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2a6ca
[ 776.970441][T16913] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 776.978948][T16913] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 776.986516][T16913] page_type: f5(slab)
[ 776.990520][T16913] raw: 00fff00000000040 ffff88801b441b40 dead000000000122 0000000000000000
[ 776.999118][T16913] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 777.007712][T16913] head: 00fff00000000040 ffff88801b441b40 dead000000000122 0000000000000000
[ 777.016396][T16913] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 777.025116][T16913] head: 00fff00000000001 ffffea0000a9b281 00000000ffffffff 00000000ffffffff
[ 777.033928][T16913] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 777.042612][T16913] page dumped because: kasan: bad access detected
[ 777.049038][T16913] page_owner tracks the page as allocated
[ 777.054775][T16913] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 24957890873, free_ts 0
[ 777.074608][T16913] post_alloc_hook+0x181/0x1b0
[ 777.079415][T16913] get_page_from_freelist+0x1193/0x39b0
[ 777.084981][T16913] __alloc_frozen_pages_noprof+0x263/0x23a0
[ 777.090932][T16913] alloc_pages_mpol+0x1fb/0x550
[ 777.095795][T16913] new_slab+0x23c/0x330
[ 777.099970][T16913] ___slab_alloc+0xd9c/0x1940
[ 777.104674][T16913] __slab_alloc.constprop.0+0x56/0xb0
[ 777.110066][T16913] __kmalloc_cache_noprof+0xfb/0x3e0
[ 777.115371][T16913] bus_add_driver+0x92/0x690
[ 777.119998][T16913] driver_register+0x15c/0x4b0
[ 777.125043][T16913] i2c_register_driver+0xd9/0x1c0
[ 777.130115][T16913] do_one_initcall+0x120/0x6e0
[ 777.134916][T16913] kernel_init_freeable+0x5c2/0x900
[ 777.140132][T16913] kernel_init+0x1c/0x2b0
[ 777.144467][T16913] ret_from_fork+0x45/0x80
[ 777.148891][T16913] ret_from_fork_asm+0x1a/0x30
[ 777.153715][T16913] page_owner free stack trace missing
[ 777.159086][T16913]
[ 777.161418][T16913] Memory state around the buggy address:
[ 777.167050][T16913] ffff88802a6ca300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 777.175114][T16913] ffff88802a6ca380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 777.183198][T16913] >ffff88802a6ca400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 777.191279][T16913] ^
[ 777.196163][T16913] ffff88802a6ca480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 777.204248][T16913] ffff88802a6ca500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 777.212309][T16913] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 777.329419][ T5197] ERROR: Out of memory at tomoyo_memory_ok.
[ 778.322169][ T26] ERROR: Out of memory at tomoyo_memory_ok.
[ 778.791574][T16913] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 778.798852][T16913] CPU: 1 UID: 0 PID: 16913 Comm: syz.0.3964 Not tainted 6.15.0-rc1-syzkaller #0 PREEMPT(full)
[ 778.809194][T16913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 778.819359][T16913] Call Trace:
[ 778.822691][T16913]
[ 778.825665][T16913] dump_stack_lvl+0x3d/0x1f0
[ 778.830304][T16913] panic+0x71c/0x800
[ 778.834221][T16913] ? __pfx_panic+0x10/0x10
[ 778.838677][T16913] ? mark_held_locks+0x49/0x80
[ 778.843488][T16913] ? preempt_schedule_thunk+0x16/0x30
[ 778.848962][T16913] ? dvb_device_open+0x36a/0x3b0
[ 778.853912][T16913] ? preempt_schedule_common+0x44/0xc0
[ 778.859413][T16913] ? dvb_device_open+0x36a/0x3b0
[ 778.864362][T16913] check_panic_on_warn+0xab/0xb0
[ 778.869310][T16913] end_report+0x107/0x170
[ 778.873668][T16913] kasan_report+0xee/0x110
[ 778.878097][T16913] ? dvb_device_open+0x36a/0x3b0
[ 778.883082][T16913] ? __pfx_dvb_device_open+0x10/0x10
[ 778.888401][T16913] dvb_device_open+0x36a/0x3b0
[ 778.893192][T16913] ? __pfx_dvb_device_open+0x10/0x10
[ 778.898606][T16913] chrdev_open+0x231/0x6a0
[ 778.903053][T16913] ? __pfx_apparmor_file_open+0x10/0x10
[ 778.908653][T16913] ? __pfx_chrdev_open+0x10/0x10
[ 778.913643][T16913] ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[ 778.920480][T16913] do_dentry_open+0x741/0x1c10
[ 778.925275][T16913] ? __pfx_chrdev_open+0x10/0x10
[ 778.930257][T16913] vfs_open+0x82/0x3f0
[ 778.934344][T16913] path_openat+0x1e5e/0x2d40
[ 778.938963][T16913] ? __pfx_path_openat+0x10/0x10
[ 778.943929][T16913] do_filp_open+0x20b/0x470
[ 778.948466][T16913] ? __pfx_do_filp_open+0x10/0x10
[ 778.953528][T16913] ? alloc_fd+0x471/0x7d0
[ 778.957903][T16913] do_sys_openat2+0x11b/0x1d0
[ 778.962609][T16913] ? __pfx_do_sys_openat2+0x10/0x10
[ 778.967822][T16913] ? __pfx_do_sys_openat2+0x10/0x10
[ 778.973155][T16913] ? __pfx___might_resched+0x10/0x10
[ 778.978492][T16913] __x64_sys_openat+0x174/0x210
[ 778.983398][T16913] ? __pfx___x64_sys_openat+0x10/0x10
[ 778.988812][T16913] ? rcu_is_watching+0x12/0xc0
[ 778.993604][T16913] do_syscall_64+0xcd/0x260
[ 778.998139][T16913] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 779.004060][T16913] RIP: 0033:0x7f584818d169
[ 779.008488][T16913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 779.028127][T16913] RSP: 002b:00007f5848f45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 779.036569][T16913] RAX: ffffffffffffffda RBX: 00007f58483a5fa0 RCX: 00007f584818d169
[ 779.044552][T16913] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 779.052560][T16913] RBP: 00007f584820e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 779.060539][T16913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 779.068533][T16913] R13: 0000000000000000 R14: 00007f58483a5fa0 R15: 00007ffc5d606098
[ 779.076522][T16913]
[ 779.079607][T16913] Kernel Offset: disabled
[ 779.083956][T16913] Rebooting in 86400 seconds..