last executing test programs:

9.437345048s ago: executing program 3 (id=1314):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x10004)
sync_file_range$auto(r0, 0xfffffffffffffff1, 0xa, 0x1)
getsockopt$auto(0xffffffffffffffff, 0x84, 0x71, 0x0, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r1 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB='\x00\x00\a\x00\x00'], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x80)
r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/vmallocinfo\x00', 0x502, 0x0)
pread64$auto(r2, &(0x7f0000000340)='/proc/Nes\x00'/22, 0x100000001, 0x100)
clone$auto(0xad8c, 0x6, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)
setsockopt$auto(0x3, 0x6, 0x15, 0x0, 0xfb3)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
ustat$auto(0x801, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty61\x00', 0x40200, 0x0)
ioctl$auto(0x3, 0x4b44, 0x10000000000402)
keyctl$auto(0xa, 0xfffffffffffffffd, 0x2, 0x628, 0xfffffffffffffffd)
rt_sigqueueinfo$auto(0x0, 0x800, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x3}}})
syz_genetlink_get_family_id$auto_macsec(&(0x7f00000005c0), 0xffffffffffffffff)

9.052397759s ago: executing program 1 (id=1315):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop8/io-timeout-fail\x00', 0x22100, 0x0)
mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(r1, 0xa, 0x0)
r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/security/tomoyo/exception_policy\x00', 0x40802, 0x0)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0)
write$auto(r3, 0x0, 0x0)
read$auto(r2, 0x0, 0xb4d3)
msgrcv$auto(0x1, &(0x7f0000000040)={0x6a, 0x9}, 0x1, 0xffffffffffff6c42, 0x9)
write$auto(r1, 0x0, 0x7ff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r5 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r4, 0x4b66, r5)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0)
ioctl$auto_KVM_GET_API_VERSION(r6, 0xae00, 0x0)
rt_sigqueueinfo$auto(0x0, 0x1, 0x0)
futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, 0x0, 0x0, 0x5)
futex$auto(&(0x7f0000000080)=0x1, 0x9, 0x1, 0x0, 0x0, 0xfffffffa)
futex$auto(&(0x7f0000000080)=0x3, 0x3, 0x8, 0x0, &(0x7f0000000100)=0x4, 0x440a48d3)
ptrace$auto_PTRACE_GETEVENTMSG(0x4201, 0x0, 0x101, 0xb)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000003480)=""/247, 0xf7)

8.004000652s ago: executing program 1 (id=1320):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
unshare$auto(0x8000000)
shmget$auto(0x0, 0x2, 0x8)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
socket(0x2, 0x1, 0x106)
socket(0x1f, 0x2, 0x106)
r0 = socket(0x2b, 0x807, 0x5)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/trace_pipe\x00', 0x0, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="2f212abd"], 0x14}}, 0x4000000)
r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/dev_snmp6/veth1\x00', 0x100, 0x0)
read$auto(r1, &(0x7f0000000000)='\x00', 0xea)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x80800, 0x0)
read$auto(r2, 0x0, 0x39b8)
madvise$auto(0x0, 0x2003f0, 0x15)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D3\x00', 0x2001, 0x0)
r4 = socket(0x1d, 0x2, 0x2)
connect$auto(0x3, &(0x7f0000000180), 0x54)
sendmsg$auto_NL80211_CMD_DISASSOCIATE(r4, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f00000007c0)={0x1d8, 0x0, 0x2, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_FILS_ERP_REALM={0x35, 0xfa, "9aea7b23492654c3fb73763d86a05bf478037c98e5f964298f4e214f6fe91851f6393096dbd10f454ac6616c21e3bdf581"}, @NL80211_ATTR_MAC_ADDRS={0xb5}, @NL80211_ATTR_SUPPORT_MESH_AUTH={0x4}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x2}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8}, @NL80211_ATTR_MLO_TTLM_DLINK={0x4}, @NL80211_ATTR_TX_RATES={0xb9}]}, 0x1d8}, 0x1, 0x0, 0x0, 0x24040000}, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000000)={[0x1ff, 0xd5b, 0xc, 0x37, 0x948a, 0x2, 0x15f4da0d, 0x1f, 0x2, 0x300000000000604, 0x40080000001, 0x7, 0x6d3c, 0xc, 0xc8c, 0xffffffffffffffff]}, 0x0)

7.690215626s ago: executing program 3 (id=1321):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vkms/graphics/fb0/state\x00', 0xc2481, 0x0)
write$auto(r0, 0x0, 0x81)
acct$auto(&(0x7f0000000000)='/dev/fb0\x00')
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), 0xffffffffffffffff)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0)
write$auto_console_fops_tty_io(r1, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)

6.27732623s ago: executing program 3 (id=1322):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0)
ppoll$auto(&(0x7f0000000040)={r0, 0x5, 0xf}, 0x4, 0x0, 0x0, 0x8)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x8000)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0xa, 0x1, 0x100)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
close_range$auto(0x2, 0x8, 0x0)

6.275546874s ago: executing program 1 (id=1324):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x9, &(0x7f0000000080)={0x0, 0x9}, 0x7, 0x0, 0x1, 0x4}, 0x4}, 0x10000, 0x300, 0x0)
sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
write$auto(0x3, 0x0, 0xffd8)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x8001, 0xa507}, 0x800}, 0x4, 0x4008)
socket(0x29, 0x2, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
socket(0x1d, 0x2, 0x2)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
write$auto(0x3, 0x0, 0xffd8)

5.349297885s ago: executing program 1 (id=1325):
mmap$auto(0x3, 0x2020009, 0x100000001, 0x15, 0xffffffffffffffff, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x701280, 0x0)
write$auto(0x1, 0x0, 0x80000000)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0)
sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(0xffffffffffffffff, 0x0, 0x20000001)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
kill$auto(0x0, 0x21)
madvise$auto(0x0, 0x200007, 0x8)
mmap$auto(0xfffffffffffffffb, 0x2, 0x100000021, 0x400009b75, 0xea8a, 0x8000)
setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0)
read$auto(r1, 0x0, 0x20)
sendmsg$auto_MAC802154_HWSIM_CMD_SET_EDGE(0xffffffffffffffff, 0x0, 0x40010)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2c, 0x801, 0x7)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6)

5.335658925s ago: executing program 0 (id=1327):
prctl$auto(0x1, 0x4, 0x4, 0x3, 0x4)
mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x4008081}, 0x10004010)
socket(0x2, 0x80802, 0x0)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_sec\x00', 0x0, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
connect$auto(0x3, &(0x7f0000000140), 0x55)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x10}, 0x3, 0x1)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
mmap$auto(0x0, 0x40000202000d, 0x3, 0xebd, 0xfffffffffffffffa, 0xb)
read$auto(0xffffffffffffffff, 0x0, 0x20)
socket(0x2, 0x6, 0x0)
shutdown$auto(0x200000003, 0x2)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x300, 0x0)

4.632538457s ago: executing program 3 (id=1328):
io_uring_setup$auto(0xa, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
socket(0xa, 0x5, 0x84)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0)
read$auto(r0, 0x0, 0x9)
close_range$auto(0x2, 0x8, 0x0)
socket(0x1e, 0x805, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0)
ioctl$auto(0x3, 0x40045532, 0x38)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x88c00, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x7, 0x15)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000)
write$auto(0x3, 0x0, 0x100082)

4.621125429s ago: executing program 2 (id=1336):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x11, 0x2, 0x73)
pipe2$auto(0x0, 0x0)
io_uring_setup$auto(0x6, 0x0)
open(0x0, 0x22240, 0x155)
prctl$auto(0x41555856, 0x6, 0x0, 0x0, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x1, 0x0)
openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x121080, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x12480, 0x0)
socket(0x2, 0x5, 0x0)
openat$auto_stat_fops_(0xffffffffffffff9c, 0x0, 0x202802, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xc2dc0, 0x0)
socket(0x11, 0x2, 0x14)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
write$auto(0x3, 0x0, 0x100082)

4.402101332s ago: executing program 0 (id=1329):
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0\x00', 0x2, 0x0)
memfd_create$auto(&(0x7f0000000240)='/dev/fb0\x00', 0x2)
socket(0xa, 0x3, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getsockopt$auto(0xffffffffffffffff, 0x114, 0x2713, 0xfffffffffffffffc, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x1, 0x0)
r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x640, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
ioctl$auto_MON_IOCG_STATS(r0, 0x80089203, 0x0)
setsockopt$auto(0x3, 0x10f, 0x8a, 0x0, 0x14)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8040, 0x0)
mmap$auto(0x0, 0x580f, 0xffb, 0x8000000008011, 0x3, 0x0)
madvise$auto(0x0, 0x2003ef, 0x15)
preadv$auto(0x40000000000003, 0x0, 0x6, 0x3f, 0x5)

3.862883595s ago: executing program 2 (id=1330):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty12\x00', 0x800, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
mmap$auto(0x1, 0x3ff, 0x4000000000df, 0xebe, 0x200000401, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x1, 0x100)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20b42, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f00000003c0)="80e08ca631b90e5e9a4997a0a2f075172c2529fea5d2b4b06119e7cc493e3c68f5e114fe74f6ec1d4e94daec10b05cb281b0922bcba475cea32ccf0eda11471e9c15d15fbcc3bebe4bc005053b7459c5ecbae956634304a2b3c20d024a0df7b468626e493968743cc5ed35ab320b6ffd85d87720f947e83e96c03fca21e0c585095bf40d010cd4fba6c371232889fd43cb084df47b56ff93efb0f707d371175d4dcd1c13802f7a4550e4ef765842dadd3e2bc2df160655b78b5a9438f2f8be466e2b3782469b16c9310ff6307403770f5c225820d582ab93c7ca472e799fe10d61abbfc87ea3846f44cb04eef9ed7c16b24835")
setsockopt$auto(r0, 0x7, 0x1000, 0x0, 0x56b)
syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x6, 0x1, 0x2, 0x40eb1, 0x401, 0x300000000004)
setsockopt$auto_SO_MAX_PACING_RATE(r1, 0x3, 0x2f, &(0x7f0000000300)='\xba\xf13\xa4o\xd3\xd2\xe0v\x95\xe6mAk\x90\xa1\xfd\xb0\xe1\xa6W\x85py\x91Q\xe7\xc9\x05\xce\x17\xe6<0e\x12\xe8/\x16\xf0\xd2\xe5\x06[\vFb\xd6\xc0sTv*\xa6\x97\xb4\xcf\xc8d^\xb1\x7f\xeeH\xd2\xa8\xeb\xad\xdfw\xad\x1e\xcf\x13\xd2\xbbh\xb7\xb1\xa2\x14\xbe=Q\xf3\xd6\x85\x8as\x04\x93\x8c3\n\x9e\xcc\xbdP\x89\xee\xa8\x82\x03\x97\xe6^\x85#\x11T\x8dE\xba\nF\xc2\xe2\x06k\xf0~\xa3\x86h\xc2\xb8\xcfk\x1f', 0x5)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty0\x00', 0x102, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(0x3, 0x4b67, 0x38)

3.854016668s ago: executing program 0 (id=1339):
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000)
fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f)
io_uring_setup$auto(0x8000, 0x0)
r0 = socket(0x11, 0x3, 0x6)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a})
sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, 0x0, 0x2e, 0x0, 0x7, 0x1083}, 0x5}, 0x2, 0x100)
unshare$auto(0x40000080)
unshare$auto(0x8000000)
shmget$auto(0x0, 0x2, 0x8)
socket(0x2, 0x1, 0x106)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, 0x0, 0x400, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x4000000)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x80900, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000)
ustat$auto(0x801, 0x0)
mincore$auto(0x1000, 0x8001, 0x0)
memfd_create$auto(0x0, 0x9)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000001500)='/proc/kpagecgroup\x00', 0x101000, 0x0)
readv$auto(0x3, 0x0, 0xd)

3.378930748s ago: executing program 0 (id=1331):
socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x25, 0x1, 0x0)
mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0)
mmap$auto(0x0, 0x16da, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x149041, 0x0)
read$auto(r0, 0x0, 0x7)
ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x5)
bpf$auto(0x0, &(0x7f0000000000)=@task_fd_query={0x7, 0x4, 0x200, 0x39, 0x8, 0xf, 0x1, 0x0, 0x2}, 0x6f4)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/fail-nth\x00', 0x22a800, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0xa}, 0x100000093f)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r1 = socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
poll$auto(&(0x7f0000000480)={r1, 0x8000, 0xff81}, 0x7, 0x54b)
move_pages$auto(0x0, 0xbc2, &(0x7f0000000280)=0x0, &(0x7f00000002c0)=0x8001, &(0x7f0000000300)=0x3, 0x5)
write$auto(0x3, 0x0, 0xfdef)

3.241659371s ago: executing program 1 (id=1332):
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000080), 0xffffffffffffffff)
openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x8202, 0x0)
ioctl$auto(0xc8, 0x800454db, 0xffffffffffffffff)
writev$auto(0xffffffffffffffff, &(0x7f0000004000)={0x0, 0x5}, 0x1)
mmap$auto(0x0, 0x20000000009, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto(r0, 0x89a0, 0x8)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x2, 0x0, 0x20000}, 0x4}, 0x1f8, 0xb07e)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
write$auto(r0, &(0x7f0000000140)=')-+\xa2\x00', 0x6)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
mmap$auto(0x0, 0xffffffff, 0xe0, 0x15, r0, 0x7)
r1 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
write$auto(r1, 0x0, 0xe)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x3c, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4040000)
r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0)
write$auto(r2, &(0x7f0000000000)='/dev/\xe9nput/event0\x00', 0x7fe)

2.650383862s ago: executing program 3 (id=1333):
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
epoll_create$auto(0x4)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
open(&(0x7f0000000800)='./file0\x00', 0x2a241, 0x154)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0)
r1 = gettid()
process_vm_writev$auto(r1, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x100000000000000)
waitid$auto_P_PGID(0x2, r1, 0x0, 0xc, &(0x7f0000000200)={{0x8, 0x1}, {0x6, 0x7}, 0x8000000000000000, 0x1, 0x10, 0x1, 0xd, 0x2, 0x8000000000000000, 0xdef, 0x4, 0xe6, 0xf, 0x3, 0x17cda4dd, 0x3ff})
socket(0x26, 0x1, 0x0)
syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, &(0x7f0000002800)={0x0, 0x0, &(0x7f00000027c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="09032abd7000fedbdf2519000000ec368213f06aa8a8b51b4ccc92e9ed13af5af1eee391f6d38af705a2fe4da72b344306304a51181ae2142ba447bf54f7299861c7caeccbc58d3ba7f1ddc08c20018ac1db9bb8d4ff9253be5b427d0209208b5699706a9a8e08c15b003bc0d1bf47f3be63c34c06deed199962dc786db00beafda6982e6bda659f80fe128bc7a00861d059f67700000000d423634ce0dfbf6f57afce6437bda09d3b0aa7beda3d68854510ba2e02536365c8be2bbe9a175b39ff07a2aa278d02f21e0bfd199dd5d7d3c38810d06008581aa1142ce846e84630b9dab0637d937f12e381"], 0x14}, 0x1, 0x0, 0x0, 0x48800}, 0x0)

2.518425096s ago: executing program 1 (id=1334):
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x240, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82800, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000340)='\xa3o\a`\f\f4\xc6\xe7\x8a\x16h\x80\xb5\xed\xe4\xec\xfe\xe50\xb9\xbb1/#\xdc\xdd\xed\xa2\x85\xa1\xd5\xf5\xfeG\xdcI\xe3c\xb8BS\x04Y\xc9N\x98\xc6I_E \xc8^T\x84Mh\xf4Y\xcc\xe4\x9al\x88\x8fX\xcb\xad\x1d*\xec\x1dG@H/N\xaa\x1b\xce\x8b\xff\xcfe\xac\xda\xb0\xbe;-y\x12\x13\x93\x1d\xb5>\x1c\x02Tv\x92\xc0\x1c\xaa\x8a8\x0e_Fv\x00\xdc\nfd\x16\xa6d\xa3z\xdf\xc7o+1\xf4Q\xf7i\xd6.\t\x10\x99\xc4\x06\xa3\xbf*\xbb\xe0H\xc9u+\x17\x93!\x1c\xc3\xcd\xc1y\xaf\xf1\xd1B\xaa[\x9d\xb6\xad\xe2\xff\x9b[{\xd1z\x18\xba\x7f\xb5\x10\xdd1\xf2\x9c\xb0=\xf09\r\xc3\x1b9\xbe\xa8\xe76[/<,\xe1\x90\xb3G}\x85E\xc6\x8ak4\xc3+\xf0\x9f\xe0F\x1b\xdb\x84\x17\xc0\x99\xf1\xb5,\x1f\x8a\xe7\x0f\xd7\xc2{>\xb9q\xc3\xa7\xaaF|\\4\x03Z\xecH\x99\xber\xab\xe6+>\x95\x86\x83\xfb\x16o\x98\xe0\xe9d\xa1z^}\xc7\x12\xe6b\xa2\xb1X\x062\x12\xec\x12.\xbb\x10\x11\xdb_Xo\xfc\xcd\x8av\x80\xf0!n\x8d\xee)\rm\xc5\xee\xd6\xde\xc7\xf8\xdf\xc1?\x82\xca\xb6X\xe3\xfc\xf8\x1a\xe7U\xd6\f\x8e\x98+\x99\x1dqtV\xb4\x05\xa4ge', 0x110000a3d9)
rseq$auto(0x0, 0x40, 0x80, 0x5)
mmap$auto(0x80000001, 0x3, 0xdf, 0xeb2, 0xffffffffffffff80, 0x8000)
socket(0x11, 0x80003, 0x300)
syz_genetlink_get_family_id$auto_vdpa(&(0x7f0000000100), 0xffffffffffffffff)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/net/arp_tables_names\x00', 0x82300, 0x0)
keyctl$auto(0x0, 0xffffffffffffffff, 0xd321, 0x4, 0x8)
getpgid(0x0)
rt_sigqueueinfo$auto(0x0, 0x5, 0x0)
keyctl$auto(0x9, 0x0, 0x0, 0x6, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x10001, 0x4, 0x1, 0x948b, 0xffffffffffffa551, 0x0, 0x4003, 0x3, 0x62, 0x8000001f, 0x7, 0xffffffffffffffff, 0xfffffffffffffffe, 0x2, 0x6]}, 0x0)
pipe$auto(0x0)
msgsnd$auto(0x0, 0x0, 0x10, 0x37ffffd)

2.501354504s ago: executing program 2 (id=1335):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x9, &(0x7f0000000080)={0x0, 0x9}, 0x7, 0x0, 0x1, 0x4}, 0x4}, 0x10000, 0x300, 0x0)
sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
write$auto(0x3, 0x0, 0xffd8)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x8001, 0xa507}, 0x800}, 0x4, 0x4008)
socket(0x29, 0x2, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
socket(0x1d, 0x2, 0x2)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
write$auto(0x3, 0x0, 0xffd8)

2.428731942s ago: executing program 0 (id=1337):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0)
ppoll$auto(&(0x7f0000000040)={r0, 0x5, 0xf}, 0x4, 0x0, 0x0, 0x8)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x8000)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0xa, 0x1, 0x100)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
close_range$auto(0x2, 0x8, 0x0)

1.160387113s ago: executing program 2 (id=1338):
r0 = socket(0x2, 0x1, 0x0)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)

778.717075ms ago: executing program 3 (id=1340):
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0x1, 0x2, 0xfffffffffffffffe]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x2b, 0x1, 0x1)
setsockopt$auto(r1, 0x0, 0x1, 0x0, 0x1e)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc45d, 0x80, 0x6, 0x3, 0x2, 0x3, 0x3, 0x62, 0x80000022, 0x7, 0x6d3e, 0x2000000004000009, 0x2, 0x6]}, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000)
socket(0xa, 0x5, 0x94)
mmap$auto(0xf87f, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)
ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000040)={0x6, &(0x7f00000000c0)="4da7cb3eea24f2f0249732a686a3fb7bcedb68bcbd4effc395251e9208da4511f08a562c55e57d550cd79cfefd8358c37e788769e2e3eb4af0a162e8bc6d660b1597c57cf01eea17b1f049c0e25deaa614a49429ecd111c4d1682686b6e9"})
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/sysname\x00', 0xaa102, 0x0)
close_range$auto(0x2, 0x8, 0x0)
getpgrp(0x0)
timerfd_create$auto(0xe, 0x0)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4)

679.586089ms ago: executing program 0 (id=1341):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
shmat$auto(0x59, &(0x7f0000000580)='(\x04', 0xfffffffd)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2, 0x1, 0x0)
epoll_create$auto(0x4)
sendmsg$auto_NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="200028bd7000fff2df277d03a52705001900770000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x1000009, 0x2, 0xfffffffffffffffe]}, 0x0)
sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c)
openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x101002, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000001c0)={0x40, r1, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_WOL_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @ETHTOOL_A_WOL_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x801}, 0x40)
openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/mounts\x00', 0x40800, 0x0)
r2 = pidfd_open$auto(0x1, 0x0)
setns(r2, 0x60020000)
umount2$auto(&(0x7f0000000000)='.\x00', 0x8)

593.105352ms ago: executing program 2 (id=1342):
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)

0s ago: executing program 2 (id=1343):
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/video44\x00', 0x8a240, 0x0)
statmount$auto(0x0, &(0x7f0000000440)={0x8, 0x1, 0x9, 0x3, 0x13, 0x8, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xd6, 0x9, 0x5, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x800000, 0x0, 0x0, 0x0, 0x0, 0x1c24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x2, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1]}, 0x1fa, 0x81)
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3fc, 0x4}, 0xf3, 0x0, 0x0, 0x8)
ioctl$auto(r0, 0x5646, 0x7)
execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x8)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_ADD_RXSC(0xffffffffffffffff, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x2c, r3, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x6}]}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa)
mlockall$auto(0x5)
setsockopt$auto(0x3, 0x6a, 0x7, 0xffffffffffffffff, 0x3)
close_range$auto(r1, 0x8, 0x2)
io_uring_setup$auto(0x6, 0x0)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)

kernel console output (not intermixed with test programs):






	

	

	
		

	


	

	

		
	
		
	

	

	



			








	

	















	







	




		
	
	













		









	








	




	





		








	

	



	
		
			
	

	
		




































































	
	




	

	
		
	

	
		






























	
				
	
	



	
	

	
		

	


	
	

		
	
		
	

	

	



			








	

	




	
	






	



	







		

		


	
	








































	


			
	





	







	




	






	


		


	


	
	


	






	




	





		








	
		

	


	
	

		
	
		
	

	

	



			








	





	





	












	
	


	






	




	





		








	

	
			

	
		

	


	
	

		
	
		
	

	

	



			








	





	









	




	

	
	


	



	
	


	


	

		

		
	


	


		
		
	
	


	

	
	
	

	
	
	
	

	
		

	


	
	






	




	





		







			

	
		

	


	
	

		
	
		
	

	

	



			








	




	




















	



	
	














	
	










	
	






	




	





		










	
		
		
	

	

	



			













	



	
	














	
	










	
	






	




	





		







		
		
	













	

	
		
	

	
		
	

	
		

	


	
	

		
	
		
	

	

	



			








	


		

	




			

		


		


	

		


















	


	
	








	





	





		











	

	
	

	
		

	
		

	


	

	

		
	
		
	

	

	



			








	

	






































































		
	
	








	


	



	



	



	
	
	








	






		













	
	






	













	
		








	

	




	


	
	







	




	





		












	

	
		
	

	
		
	
		
	
	
			
	
			




	
			




	
			




	
			




	
			




	
			




	
			




	
			





	

	
	

	
		

	


	
	

		
	
		
	

	

	



			








	




	











	

	

		











	

		










	
	










	
	






	




	





		








	

	

	
		

	


	
	

		
	
		
	

	

	



			








	




	





	

	


	
	









	




	





		








	

	

	
		

	


	
	

		
	
		
	

	

	



			








	




	






		



		



	


	



	





		


		
	
	

		
	
		
	
		
		

	
	
	












	
	

	








	




	




		








	

	

	

	
		

	


	

	

		
	
		
	

	

	



			








	

	






	
	












	



	



		
	
	









	


	



	


	
		









	
	






	













	
		






	









	
	








	




	





		







	
	




				
		
	

	
		

	


	
	

		
	
		
	

	

	



			








	




	






			

			
	
	






	




	





		








	
		

	


	
	

		
	
		
	

	

	



			








	

	
	


	




	
	
	
	









	
	
		
	
	
	
	
		






	
	










	
	






	




	





		








	

	

			
			

	










	













	






	
		
	
	

		

	
	

	
	
	






	




	




		






	

	

		
		


	

	
		

		
				
	


	
					



			





		

		
				
	


	
					



			



		

		
				
	


	
					



			




		

		
				
	


	
					



			


		


		



		



	





syzkaller
syzkaller login: [  249.220487][ T8329] FAULT_INJECTION: forcing a failure.
[  249.220487][ T8329] name failslab, interval 1, probability 0, space 0, times 0
[  249.289779][ T8329] CPU: 1 UID: 0 PID: 8329 Comm: syz.2.825 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  249.289837][ T8329] Tainted: [U]=USER
[  249.289849][ T8329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  249.289868][ T8329] Call Trace:
[  249.289879][ T8329]  <TASK>
[  249.289892][ T8329]  dump_stack_lvl+0x16c/0x1f0
[  249.289955][ T8329]  should_fail_ex+0x512/0x640
[  249.290002][ T8329]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  249.290046][ T8329]  should_failslab+0xc2/0x120
[  249.290084][ T8329]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  249.290124][ T8329]  ? alloc_inode+0x61/0x240
[  249.290164][ T8329]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  249.290218][ T8329]  ? __pfx_rpc_alloc_inode+0x10/0x10
[  249.290256][ T8329]  alloc_inode+0x61/0x240
[  249.290295][ T8329]  new_inode+0x22/0x1c0
[  249.290339][ T8329]  __rpc_create_common+0x57/0x2f0
[  249.290391][ T8329]  rpc_mkpipe_dentry+0x12b/0x400
[  249.290440][ T8329]  rpc_fill_super+0x4b5/0x840
[  249.290485][ T8329]  ? sget_fc+0x808/0xc20
[  249.290545][ T8329]  ? __pfx_rpc_fill_super+0x10/0x10
[  249.290587][ T8329]  get_tree_keyed+0x10b/0x1d0
[  249.290640][ T8329]  vfs_get_tree+0x8b/0x340
[  249.290684][ T8329]  vfs_cmd_create+0xd7/0x2a0
[  249.290723][ T8329]  __do_sys_fsconfig+0x7b8/0xbe0
[  249.290762][ T8329]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  249.290797][ T8329]  ? xfd_validate_state+0x5d/0x180
[  249.290851][ T8329]  ? rcu_is_watching+0x12/0xc0
[  249.290894][ T8329]  do_syscall_64+0xcd/0x230
[  249.290952][ T8329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.290986][ T8329] RIP: 0033:0x7f413e58e969
[  249.291014][ T8329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.291047][ T8329] RSP: 002b:00007f413f3f1038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  249.291078][ T8329] RAX: ffffffffffffffda RBX: 00007f413e7b5fa0 RCX: 00007f413e58e969
[  249.291100][ T8329] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000005
[  249.291119][ T8329] RBP: 00007f413e610ab1 R08: 0000000000000000 R09: 0000000000000000
[  249.291139][ T8329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  249.291158][ T8329] R13: 0000000000000000 R14: 00007f413e7b5fa0 R15: 00007fff0f1ee218
[  249.291202][ T8329]  </TASK>
[  249.304910][ T8330] FAULT_INJECTION: forcing a failure.
[  249.304910][ T8330] name failslab, interval 1, probability 0, space 0, times 0
[  249.345914][ T8329] net/sunrpc/rpc_pipe.c: __rpc_create_common failed to allocate inode for dentry gssd
[  249.346328][ T8329] net/sunrpc/rpc_pipe.c: rpc_mkpipe_dentry() failed to create pipe clntXX/gssd (errno = -12)
[  249.410319][ T8330] CPU: 0 UID: 0 PID: 8330 Comm: syz.1.824 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  249.410378][ T8330] Tainted: [U]=USER
[  249.410390][ T8330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  249.410410][ T8330] Call Trace:
[  249.410421][ T8330]  <TASK>
[  249.410434][ T8330]  dump_stack_lvl+0x16c/0x1f0
[  249.410488][ T8330]  should_fail_ex+0x512/0x640
[  249.410541][ T8330]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  249.410606][ T8330]  should_failslab+0xc2/0x120
[  249.410649][ T8330]  __kmalloc_cache_noprof+0x6a/0x3e0
[  249.410715][ T8330]  ? drm_atomic_helper_setup_commit+0x73c/0x15d0
[  249.410754][ T8330]  ? drm_atomic_helper_setup_commit+0x8d7/0x15d0
[  249.410799][ T8330]  drm_atomic_helper_setup_commit+0x8d7/0x15d0
[  249.410858][ T8330]  drm_atomic_helper_commit+0xa9/0x380
[  249.410898][ T8330]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  249.410939][ T8330]  drm_atomic_commit+0x231/0x300
[  249.410987][ T8330]  ? __pfx_drm_atomic_commit+0x10/0x10
[  249.411032][ T8330]  ? __pfx___drm_printfn_info+0x10/0x10
[  249.411091][ T8330]  ? drm_client_rotation+0x4d9/0x6a0
[  249.411141][ T8330]  drm_client_modeset_commit_atomic+0x69d/0x7e0
[  249.411201][ T8330]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  249.411297][ T8330]  drm_client_modeset_commit_locked+0x14d/0x580
[  249.411349][ T8330]  drm_client_modeset_commit+0x4f/0x80
[  249.411394][ T8330]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  249.411436][ T8330]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  249.411490][ T8330]  drm_fbdev_client_restore+0x2c/0x40
[  249.411541][ T8330]  drm_client_dev_restore+0x1f3/0x2a0
[  249.411594][ T8330]  drm_release+0x2c4/0x360
[  249.411639][ T8330]  ? __pfx_drm_release+0x10/0x10
[  249.411677][ T8330]  __fput+0x3ff/0xb70
[  249.411736][ T8330]  task_work_run+0x14d/0x240
[  249.411794][ T8330]  ? __pfx_task_work_run+0x10/0x10
[  249.411847][ T8330]  ? __pfx___do_sys_close_range+0x10/0x10
[  249.411879][ T8330]  ? rcu_is_watching+0x12/0xc0
[  249.411921][ T8330]  syscall_exit_to_user_mode+0x27b/0x2a0
[  249.411974][ T8330]  do_syscall_64+0xda/0x230
[  249.412026][ T8330]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.412062][ T8330] RIP: 0033:0x7febc858e969
[  249.412089][ T8330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.412123][ T8330] RSP: 002b:00007febc945f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  249.412156][ T8330] RAX: 0000000000000000 RBX: 00007febc87b6080 RCX: 00007febc858e969
[  249.412178][ T8330] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  249.412198][ T8330] RBP: 00007febc8610ab1 R08: 0000000000000000 R09: 0000000000000000
[  249.412220][ T8330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  249.412241][ T8330] R13: 0000000000000000 R14: 00007febc87b6080 R15: 00007ffdd423e848
[  249.412287][ T8330]  </TASK>
[  249.511304][    C1] vkms_vblank_simulate: vblank timer overrun
[  250.717719][ T8357] netlink: 25 bytes leftover after parsing attributes in process `syz.1.833'.
[  251.852153][ T8384] FAULT_INJECTION: forcing a failure.
[  251.852153][ T8384] name failslab, interval 1, probability 0, space 0, times 0
[  251.870809][ T8384] CPU: 0 UID: 0 PID: 8384 Comm: syz.0.838 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  251.870863][ T8384] Tainted: [U]=USER
[  251.870873][ T8384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  251.870893][ T8384] Call Trace:
[  251.870904][ T8384]  <TASK>
[  251.870915][ T8384]  dump_stack_lvl+0x16c/0x1f0
[  251.870966][ T8384]  should_fail_ex+0x512/0x640
[  251.871012][ T8384]  ? fs_reclaim_acquire+0xae/0x150
[  251.871066][ T8384]  should_failslab+0xc2/0x120
[  251.871107][ T8384]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  251.871144][ T8384]  ? security_inode_alloc+0x3b/0x2b0
[  251.871186][ T8384]  security_inode_alloc+0x3b/0x2b0
[  251.871223][ T8384]  inode_init_always_gfp+0xce4/0x1030
[  251.871284][ T8384]  alloc_inode+0x86/0x240
[  251.871323][ T8384]  new_inode+0x22/0x1c0
[  251.871366][ T8384]  __rpc_create_common+0x57/0x2f0
[  251.871416][ T8384]  rpc_populate.constprop.0+0x20a/0x5d0
[  251.871481][ T8384]  rpc_fill_super+0x485/0x840
[  251.871531][ T8384]  ? sget_fc+0x808/0xc20
[  251.871590][ T8384]  ? __pfx_rpc_fill_super+0x10/0x10
[  251.871636][ T8384]  get_tree_keyed+0x10b/0x1d0
[  251.871690][ T8384]  vfs_get_tree+0x8b/0x340
[  251.871738][ T8384]  vfs_cmd_create+0xd7/0x2a0
[  251.871776][ T8384]  __do_sys_fsconfig+0x7b8/0xbe0
[  251.871817][ T8384]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  251.871854][ T8384]  ? xfd_validate_state+0x5d/0x180
[  251.871909][ T8384]  ? rcu_is_watching+0x12/0xc0
[  251.871952][ T8384]  do_syscall_64+0xcd/0x230
[  251.872001][ T8384]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.872034][ T8384] RIP: 0033:0x7f7c45d8e969
[  251.872061][ T8384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.872093][ T8384] RSP: 002b:00007f7c46b94038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  251.872125][ T8384] RAX: ffffffffffffffda RBX: 00007f7c45fb5fa0 RCX: 00007f7c45d8e969
[  251.872146][ T8384] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000005
[  251.872165][ T8384] RBP: 00007f7c45e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  251.872184][ T8384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  251.872205][ T8384] R13: 0000000000000000 R14: 00007f7c45fb5fa0 R15: 00007ffe585cde18
[  251.872248][ T8384]  </TASK>
[  251.872296][ T8384] net/sunrpc/rpc_pipe.c: __rpc_create_common failed to allocate inode for dentry info
[  252.214215][ T8384] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory clntXX
[  253.843914][    C1] vcan0: j1939_tp_rxtimer: 0xffff888025d66000: rx timeout, send abort
[  253.855875][    C1] vcan0: j1939_tp_rxtimer: 0xffff888025d65800: rx timeout, send abort
[  253.866144][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888025d66000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  253.885169][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888025d65800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  254.383137][ T8434] FAULT_INJECTION: forcing a failure.
[  254.383137][ T8434] name failslab, interval 1, probability 0, space 0, times 0
[  254.448538][ T8434] CPU: 0 UID: 0 PID: 8434 Comm: syz.3.850 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  254.448593][ T8434] Tainted: [U]=USER
[  254.448605][ T8434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  254.448625][ T8434] Call Trace:
[  254.448635][ T8434]  <TASK>
[  254.448718][ T8434]  dump_stack_lvl+0x16c/0x1f0
[  254.448777][ T8434]  should_fail_ex+0x512/0x640
[  254.448831][ T8434]  should_failslab+0xc2/0x120
[  254.448878][ T8434]  __kmalloc_cache_noprof+0x6a/0x3e0
[  254.448933][ T8434]  ? sctp_add_bind_addr+0xae/0x3f0
[  254.448979][ T8434]  sctp_add_bind_addr+0xae/0x3f0
[  254.449028][ T8434]  sctp_copy_local_addr_list+0x39d/0x5a0
[  254.449084][ T8434]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  254.449142][ T8434]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  254.449212][ T8434]  ? sctp_bind_addr_copy+0xe0/0x530
[  254.449255][ T8434]  sctp_bind_addr_copy+0xe0/0x530
[  254.449309][ T8434]  sctp_connect_new_asoc+0x1d7/0x790
[  254.449349][ T8434]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  254.449397][ T8434]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  254.449452][ T8434]  sctp_sendmsg+0x15f9/0x1ee0
[  254.449502][ T8434]  ? __pfx_sctp_sendmsg+0x10/0x10
[  254.449540][ T8434]  ? __pfx___might_resched+0x10/0x10
[  254.449595][ T8434]  ? __pfx_aa_sk_perm+0x10/0x10
[  254.449651][ T8434]  ? __pfx_sctp_sendmsg+0x10/0x10
[  254.449686][ T8434]  inet_sendmsg+0x119/0x140
[  254.449736][ T8434]  ____sys_sendmsg+0x973/0xc70
[  254.449788][ T8434]  ? __pfx_____sys_sendmsg+0x10/0x10
[  254.449833][ T8434]  ? __pfx___schedule+0x10/0x10
[  254.449879][ T8434]  ? trace_pid_list_is_set+0x100/0x150
[  254.449920][ T8434]  ? trace_ignore_this_task+0xc3/0x100
[  254.449973][ T8434]  ___sys_sendmsg+0x134/0x1d0
[  254.450009][ T8434]  ? __pfx____sys_sendmsg+0x10/0x10
[  254.450057][ T8434]  ? find_held_lock+0x2b/0x80
[  254.450106][ T8434]  __sys_sendmmsg+0x200/0x420
[  254.450141][ T8434]  ? __pfx___sys_sendmmsg+0x10/0x10
[  254.450179][ T8434]  ? __pfx_inet6_bind_sk+0x10/0x10
[  254.450220][ T8434]  ? __pfx_do_futex+0x10/0x10
[  254.450268][ T8434]  ? xfd_validate_state+0x5d/0x180
[  254.450315][ T8434]  ? rcu_is_watching+0x12/0xc0
[  254.450346][ T8434]  __x64_sys_sendmmsg+0x9c/0x100
[  254.450376][ T8434]  ? lockdep_hardirqs_on+0x7c/0x110
[  254.450417][ T8434]  do_syscall_64+0xcd/0x230
[  254.450458][ T8434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.450486][ T8434] RIP: 0033:0x7f9c23b8e969
[  254.450509][ T8434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.450543][ T8434] RSP: 002b:00007f9c24a8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  254.450573][ T8434] RAX: ffffffffffffffda RBX: 00007f9c23db5fa0 RCX: 00007f9c23b8e969
[  254.450595][ T8434] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000006
[  254.450612][ T8434] RBP: 00007f9c23c10ab1 R08: 0000000000000000 R09: 0000000000000000
[  254.450631][ T8434] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000
[  254.450650][ T8434] R13: 0000000000000000 R14: 00007f9c23db5fa0 R15: 00007ffdaa0a48d8
[  254.450693][ T8434]  </TASK>
[  257.445397][ T8498] netlink: 25 bytes leftover after parsing attributes in process `syz.2.862'.

syzkaller
syzkaller login: [  260.532652][ T8532] netlink: 12 bytes leftover after parsing attributes in process `syz.0.881'.
[  260.624413][ T8533] netlink: 4 bytes leftover after parsing attributes in process `syz.0.881'.
[  260.701561][ T8532] HfR: entered promiscuous mode
[  260.948065][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  260.957307][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  261.330689][   T30] audit: type=1800 audit(6041338648.567:8): pid=8530 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.873" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0
[  262.174476][ T8523] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  262.230247][ T8537] netlink: 25 bytes leftover after parsing attributes in process `syz.3.874'.
[  263.123432][ T8553] netlink: 4 bytes leftover after parsing attributes in process `syz.1.877'.
[  263.200954][ T8553] netlink: 25 bytes leftover after parsing attributes in process `syz.1.877'.
[  263.785789][   T30] audit: type=1800 audit(6041338651.027:9): pid=8539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.883" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0
[  265.108221][ T8580] netlink: 28 bytes leftover after parsing attributes in process `syz.2.886'.
[  265.315809][ T8571] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input10
[  268.572277][ T8615] ima: policy update failed
[  268.578021][   T30] audit: type=1802 audit(6041338655.817:10): pid=8615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.894" res=0 errno=0
[  268.647985][ T8615] netlink: 25 bytes leftover after parsing attributes in process `syz.0.894'.
[  270.308618][ T8640] netlink: 8 bytes leftover after parsing attributes in process `syz.2.901'.
[  271.176323][ T8656] : renamed from gre0 (while UP)
[  271.347828][ T8658] binder: 8657:8658 ioctl 40046210 0 returned -14
[  272.056438][ T8672] FAULT_INJECTION: forcing a failure.
[  272.056438][ T8672] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  272.101019][ T8672] CPU: 1 UID: 0 PID: 8672 Comm: syz.0.911 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  272.101061][ T8672] Tainted: [U]=USER
[  272.101068][ T8672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  272.101083][ T8672] Call Trace:
[  272.101090][ T8672]  <TASK>
[  272.101100][ T8672]  dump_stack_lvl+0x16c/0x1f0
[  272.101139][ T8672]  should_fail_ex+0x512/0x640
[  272.101177][ T8672]  should_fail_alloc_page+0xe7/0x130
[  272.101210][ T8672]  prepare_alloc_pages+0x3c2/0x610
[  272.101252][ T8672]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  272.101281][ T8672]  ? lock_acquire+0x179/0x350
[  272.101319][ T8672]  ? do_raw_spin_lock+0x12c/0x2b0
[  272.101356][ T8672]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  272.101385][ T8672]  ? debug_check_no_obj_freed+0x31f/0x600
[  272.101422][ T8672]  ? __page_table_check_zero+0x323/0x5b0
[  272.101452][ T8672]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  272.101488][ T8672]  ? policy_nodemask+0xea/0x4e0
[  272.101519][ T8672]  alloc_pages_mpol+0x1fb/0x550
[  272.101549][ T8672]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  272.101580][ T8672]  ? _raw_spin_unlock+0x28/0x50
[  272.101616][ T8672]  ? __free_frozen_pages+0x734/0xff0
[  272.101658][ T8672]  alloc_pages_noprof+0x131/0x390
[  272.101688][ T8672]  rds_page_remainder_alloc+0x2b1/0xd90
[  272.101729][ T8672]  rds_message_copy_from_user+0x1cd/0xd90
[  272.101779][ T8672]  ? __pfx_rds_message_copy_from_user+0x10/0x10
[  272.101818][ T8672]  ? lockdep_init_map_type+0x5c/0x280
[  272.101852][ T8672]  ? __asan_memset+0x23/0x50
[  272.101890][ T8672]  ? sg_init_table+0x20/0x60
[  272.101920][ T8672]  rds_sendmsg+0x206a/0x31f0
[  272.101957][ T8672]  ? __pfx_rds_sendmsg+0x10/0x10
[  272.101985][ T8672]  ? aa_sk_perm+0x2f4/0xb10
[  272.102015][ T8672]  ? __pfx_aa_sk_perm+0x10/0x10
[  272.102052][ T8672]  ? ____sys_sendmsg+0xa95/0xc70
[  272.102085][ T8672]  ____sys_sendmsg+0xa95/0xc70
[  272.102122][ T8672]  ? __pfx_____sys_sendmsg+0x10/0x10
[  272.102161][ T8672]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  272.102197][ T8672]  ___sys_sendmsg+0x134/0x1d0
[  272.102225][ T8672]  ? __pfx____sys_sendmsg+0x10/0x10
[  272.102286][ T8672]  __sys_sendmsg+0x16d/0x220
[  272.102313][ T8672]  ? __pfx___sys_sendmsg+0x10/0x10
[  272.102339][ T8672]  ? __x64_sys_futex+0x1e0/0x4c0
[  272.102372][ T8672]  ? rcu_is_watching+0x12/0xc0
[  272.102402][ T8672]  do_syscall_64+0xcd/0x230
[  272.102437][ T8672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.102462][ T8672] RIP: 0033:0x7f7c45d8e969
[  272.102481][ T8672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.102505][ T8672] RSP: 002b:00007f7c46b94038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  272.102527][ T8672] RAX: ffffffffffffffda RBX: 00007f7c45fb5fa0 RCX: 00007f7c45d8e969
[  272.102543][ T8672] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000008
[  272.102557][ T8672] RBP: 00007f7c45e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  272.102572][ T8672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  272.102586][ T8672] R13: 0000000000000000 R14: 00007f7c45fb5fa0 R15: 00007ffe585cde18
[  272.102621][ T8672]  </TASK>
[  272.481802][    C1] vkms_vblank_simulate: vblank timer overrun
[  273.829393][ T8695] netlink: 4 bytes leftover after parsing attributes in process `syz.0.919'.
[  273.856287][ T8695] netlink: 13 bytes leftover after parsing attributes in process `syz.0.919'.
[  274.104836][ T8702] random: crng reseeded on system resumption
[  275.529390][ T8715] binder: 8714:8715 ioctl 40046210 0 returned -14
[  276.471821][ T8726] netlink: 4 bytes leftover after parsing attributes in process `syz.1.925'.
[  276.575139][ T8731] netlink: 25 bytes leftover after parsing attributes in process `syz.1.925'.
[  276.830777][ T8737] netlink: 4 bytes leftover after parsing attributes in process `syz.3.930'.
[  276.856230][ T8737] netlink: 13 bytes leftover after parsing attributes in process `syz.3.930'.
[  277.103242][ T8741] ima: policy update failed
[  277.109730][   T30] audit: type=1802 audit(6041338664.347:11): pid=8741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.939" res=0 errno=0
[  277.132525][ T8741] netlink: 25 bytes leftover after parsing attributes in process `syz.0.939'.
[  277.363837][ T8750] netlink: 4 bytes leftover after parsing attributes in process `syz.0.934'.
[  277.415083][ T8750] netlink: 354 bytes leftover after parsing attributes in process `syz.0.934'.
[  277.778923][ T8759] netlink: 25 bytes leftover after parsing attributes in process `syz.0.937'.
[  278.480761][ T8763] sd 0:0:1:0: PR command failed: 1026
[  278.487466][ T8763] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  278.599825][ T8763] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  279.396988][ T8778] ima: policy update failed
[  279.482884][ T8777] __nla_validate_parse: 2 callbacks suppressed
[  279.482912][ T8777] netlink: 25 bytes leftover after parsing attributes in process `syz.2.943'.
[  279.503321][   T30] audit: type=1802 audit(6041338666.737:12): pid=8778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.943" res=0 errno=0
[  279.896133][ T8790] binder: 8789:8790 ioctl 40046210 0 returned -14
[  281.177095][ T8808] [U] 	
[  281.180640][ T8808] [U] 
[  281.183927][ T8808] [U] 
[  281.187217][ T8808] [U] 
[  281.190508][ T8808] [U] 
[  281.282334][ T8805] [U] 
[  283.670221][ T8845] sd 0:0:1:0: PR command failed: 1026
[  283.905938][ T8845] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  283.970877][ T8845] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  285.050249][ T8865] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  285.656272][ T8877] FAULT_INJECTION: forcing a failure.
[  285.656272][ T8877] name failslab, interval 1, probability 0, space 0, times 0
[  285.717850][ T8877] CPU: 1 UID: 0 PID: 8877 Comm: syz.0.974 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  285.717909][ T8877] Tainted: [U]=USER
[  285.717920][ T8877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  285.717939][ T8877] Call Trace:
[  285.717950][ T8877]  <TASK>
[  285.717962][ T8877]  dump_stack_lvl+0x16c/0x1f0
[  285.718014][ T8877]  should_fail_ex+0x512/0x640
[  285.718060][ T8877]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  285.718110][ T8877]  should_failslab+0xc2/0x120
[  285.718149][ T8877]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  285.718184][ T8877]  ? rcu_is_watching+0x12/0xc0
[  285.718214][ T8877]  ? seq_open+0x55/0x170
[  285.718260][ T8877]  seq_open+0x55/0x170
[  285.718301][ T8877]  __seq_open_private+0x3e/0xd0
[  285.718346][ T8877]  seq_open_private+0x24/0x40
[  285.718391][ T8877]  mounts_open_common+0x312/0x700
[  285.718434][ T8877]  ? __pfx_show_vfsstat+0x10/0x10
[  285.718479][ T8877]  ? __pfx_mounts_open_common+0x10/0x10
[  285.718527][ T8877]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  285.718583][ T8877]  do_dentry_open+0x741/0x1c10
[  285.718618][ T8877]  ? __pfx_mountstats_open+0x10/0x10
[  285.718669][ T8877]  vfs_open+0x82/0x3f0
[  285.718716][ T8877]  path_openat+0x1e5e/0x2d40
[  285.718762][ T8877]  ? __pfx_path_openat+0x10/0x10
[  285.718810][ T8877]  do_filp_open+0x20b/0x470
[  285.718841][ T8877]  ? __pfx_do_filp_open+0x10/0x10
[  285.718888][ T8877]  ? __pfx_kfree_link+0x10/0x10
[  285.718944][ T8877]  ? alloc_fd+0x471/0x7d0
[  285.719008][ T8877]  do_sys_openat2+0x11b/0x1d0
[  285.719051][ T8877]  ? __pfx_do_sys_openat2+0x10/0x10
[  285.719120][ T8877]  __x64_sys_openat+0x174/0x210
[  285.719167][ T8877]  ? __pfx___x64_sys_openat+0x10/0x10
[  285.719213][ T8877]  ? rcu_is_watching+0x12/0xc0
[  285.719255][ T8877]  do_syscall_64+0xcd/0x230
[  285.719306][ T8877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.719339][ T8877] RIP: 0033:0x7f7c45d8e969
[  285.719366][ T8877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.719398][ T8877] RSP: 002b:00007f7c46b94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  285.719428][ T8877] RAX: ffffffffffffffda RBX: 00007f7c45fb5fa0 RCX: 00007f7c45d8e969
[  285.719450][ T8877] RDX: 0000000000000200 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  285.719471][ T8877] RBP: 00007f7c45e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  285.719491][ T8877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  285.719510][ T8877] R13: 0000000000000000 R14: 00007f7c45fb5fa0 R15: 00007ffe585cde18
[  285.719551][ T8877]  </TASK>
[  287.160829][ T8908] netlink: 25 bytes leftover after parsing attributes in process `syz.2.981'.
[  288.129153][ T8916] FAULT_INJECTION: forcing a failure.
[  288.129153][ T8916] name failslab, interval 1, probability 0, space 0, times 0
[  288.170070][ T8916] CPU: 0 UID: 0 PID: 8916 Comm: syz.2.985 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  288.170126][ T8916] Tainted: [U]=USER
[  288.170137][ T8916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  288.170156][ T8916] Call Trace:
[  288.170167][ T8916]  <TASK>
[  288.170179][ T8916]  dump_stack_lvl+0x16c/0x1f0
[  288.170230][ T8916]  should_fail_ex+0x512/0x640
[  288.170275][ T8916]  ? __kmalloc_noprof+0xbf/0x510
[  288.170314][ T8916]  ? ima_write_template_field_data+0x5d/0x1f0
[  288.170356][ T8916]  should_failslab+0xc2/0x120
[  288.170397][ T8916]  __kmalloc_noprof+0xd2/0x510
[  288.170448][ T8916]  ima_write_template_field_data+0x5d/0x1f0
[  288.170499][ T8916]  ima_eventname_init_common+0x1b8/0x260
[  288.170547][ T8916]  ? __pfx_ima_eventname_init_common+0x10/0x10
[  288.170594][ T8916]  ? trace_kmalloc+0x2b/0xd0
[  288.170636][ T8916]  ? __kmalloc_noprof+0x242/0x510
[  288.170679][ T8916]  ima_alloc_init_template+0x39d/0x720
[  288.170719][ T8916]  ima_add_violation+0x123/0x3d0
[  288.170754][ T8916]  ? __pfx_ima_add_violation+0x10/0x10
[  288.170786][ T8916]  ? ima_d_path+0x12b/0x2a0
[  288.170818][ T8916]  ? __pfx_ima_d_path+0x10/0x10
[  288.170871][ T8916]  ? lockdep_init_map_type+0x5c/0x280
[  288.170918][ T8916]  ? ima_inode_get+0x39e/0x580
[  288.170974][ T8916]  process_measurement+0x1783/0x23e0
[  288.171040][ T8916]  ? __pfx_process_measurement+0x10/0x10
[  288.171087][ T8916]  ? __lock_acquire+0x5ca/0x1ba0
[  288.171135][ T8916]  ? futex_wait_queue+0x24/0x220
[  288.171239][ T8916]  ima_file_mmap+0x1b1/0x1d0
[  288.171288][ T8916]  ? __pfx_ima_file_mmap+0x10/0x10
[  288.171349][ T8916]  security_mmap_file+0x88c/0x990
[  288.171395][ T8916]  vm_mmap_pgoff+0xec/0x450
[  288.171444][ T8916]  ? find_held_lock+0x2b/0x80
[  288.171473][ T8916]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  288.171528][ T8916]  ? __fget_files+0x20e/0x3c0
[  288.171589][ T8916]  ksys_mmap_pgoff+0x32c/0x5c0
[  288.171635][ T8916]  ? rcu_is_watching+0x12/0xc0
[  288.171670][ T8916]  __x64_sys_mmap+0x125/0x190
[  288.171707][ T8916]  do_syscall_64+0xcd/0x230
[  288.171777][ T8916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.171810][ T8916] RIP: 0033:0x7f413e58e969
[  288.171844][ T8916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.171877][ T8916] RSP: 002b:00007f413f3f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  288.171910][ T8916] RAX: ffffffffffffffda RBX: 00007f413e7b5fa0 RCX: 00007f413e58e969
[  288.171931][ T8916] RDX: 00000000000003ff RSI: 0000000000000001 RDI: 000000000000f000
[  288.171951][ T8916] RBP: 00007f413e610ab1 R08: 0000000000000003 R09: 0000000000000000
[  288.171971][ T8916] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[  288.171991][ T8916] R13: 0000000000000000 R14: 00007f413e7b5fa0 R15: 00007fff0f1ee218
[  288.172034][ T8916]  </TASK>
[  288.229662][ T8914] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input12
[  288.237019][    C0] vkms_vblank_simulate: vblank timer overrun
[  288.526531][    C0] vkms_vblank_simulate: vblank timer overrun
[  288.533719][    C0] hrtimer: interrupt took 361663948 ns
[  288.633770][    C0] vkms_vblank_simulate: vblank timer overrun
[  288.640922][   T30] audit: type=1804 audit(6041338675.827:13): pid=8916 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.985" name="/newroot/217/file0" dev="tmpfs" ino=1139 res=0 errno=0
[  288.801576][   T30] audit: type=1800 audit(6041338675.827:14): pid=8916 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.985" name="file0" dev="tmpfs" ino=1139 res=0 errno=0
[  289.541702][ T8930] netlink: 342 bytes leftover after parsing attributes in process `syz.2.989'.
[  289.719160][ T8930] netlink: 342 bytes leftover after parsing attributes in process `syz.2.989'.
[  290.272363][ T8938] ima: policy update failed
[  290.278888][   T30] audit: type=1802 audit(6041338677.517:15): pid=8938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.992" res=0 errno=0
[  290.302583][ T8938] netlink: 25 bytes leftover after parsing attributes in process `syz.3.992'.
[  290.887685][ T8950] sp0: Synchronizing with TNC
[  290.954238][ T8952] ima: policy update failed
[  290.961528][   T30] audit: type=1802 audit(6041338678.207:16): pid=8952 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.997" res=0 errno=0
[  290.965239][ T8952] netlink: 25 bytes leftover after parsing attributes in process `syz.2.997'.
[  292.087097][ T8976] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  292.484410][ T8982] FAULT_INJECTION: forcing a failure.
[  292.484410][ T8982] name failslab, interval 1, probability 0, space 0, times 0
[  292.638058][ T8982] CPU: 1 UID: 0 PID: 8982 Comm: syz.3.1005 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  292.638118][ T8982] Tainted: [U]=USER
[  292.638130][ T8982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  292.638149][ T8982] Call Trace:
[  292.638161][ T8982]  <TASK>
[  292.638173][ T8982]  dump_stack_lvl+0x16c/0x1f0
[  292.638227][ T8982]  should_fail_ex+0x512/0x640
[  292.638274][ T8982]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  292.638317][ T8982]  should_failslab+0xc2/0x120
[  292.638368][ T8982]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  292.638404][ T8982]  ? rcu_is_watching+0x12/0xc0
[  292.638435][ T8982]  ? seq_open+0x55/0x170
[  292.638481][ T8982]  seq_open+0x55/0x170
[  292.638524][ T8982]  __seq_open_private+0x3e/0xd0
[  292.638574][ T8982]  seq_open_private+0x24/0x40
[  292.638621][ T8982]  mounts_open_common+0x312/0x700
[  292.638662][ T8982]  ? __pfx_show_vfsstat+0x10/0x10
[  292.638708][ T8982]  ? __pfx_mounts_open_common+0x10/0x10
[  292.638757][ T8982]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  292.638816][ T8982]  do_dentry_open+0x741/0x1c10
[  292.638851][ T8982]  ? __pfx_mountstats_open+0x10/0x10
[  292.638903][ T8982]  vfs_open+0x82/0x3f0
[  292.638950][ T8982]  path_openat+0x1e5e/0x2d40
[  292.638998][ T8982]  ? __pfx_path_openat+0x10/0x10
[  292.639042][ T8982]  do_filp_open+0x20b/0x470
[  292.639074][ T8982]  ? __pfx_do_filp_open+0x10/0x10
[  292.639122][ T8982]  ? __pfx_kfree_link+0x10/0x10
[  292.639178][ T8982]  ? alloc_fd+0x471/0x7d0
[  292.639242][ T8982]  do_sys_openat2+0x11b/0x1d0
[  292.639286][ T8982]  ? __pfx_do_sys_openat2+0x10/0x10
[  292.639353][ T8982]  __x64_sys_openat+0x174/0x210
[  292.639399][ T8982]  ? __pfx___x64_sys_openat+0x10/0x10
[  292.639449][ T8982]  ? rcu_is_watching+0x12/0xc0
[  292.639493][ T8982]  do_syscall_64+0xcd/0x230
[  292.639543][ T8982]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.639579][ T8982] RIP: 0033:0x7f9c23b8e969
[  292.639606][ T8982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  292.639638][ T8982] RSP: 002b:00007f9c24a8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  292.639669][ T8982] RAX: ffffffffffffffda RBX: 00007f9c23db5fa0 RCX: 00007f9c23b8e969
[  292.639691][ T8982] RDX: 0000000000000200 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  292.639712][ T8982] RBP: 00007f9c23c10ab1 R08: 0000000000000000 R09: 0000000000000000
[  292.639731][ T8982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  292.639751][ T8982] R13: 0000000000000000 R14: 00007f9c23db5fa0 R15: 00007ffdaa0a48d8
[  292.639794][ T8982]  </TASK>
[  293.350159][   T30] audit: type=1804 audit(6041338680.587:17): pid=8987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1006" name="/newroot/253/file0" dev="tmpfs" ino=1326 res=1 errno=0
[  293.401146][   T30] audit: type=1800 audit(6041338680.617:18): pid=8987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1006" name="file0" dev="tmpfs" ino=1326 res=0 errno=0
[  294.728988][ T9013] ERROR: Out of memory at tomoyo_memory_ok.
[  294.781580][ T9013] FAULT_INJECTION: forcing a failure.
[  294.781580][ T9013] name failslab, interval 1, probability 0, space 0, times 0
[  294.796924][ T9013] CPU: 1 UID: 0 PID: 9013 Comm: syz.0.1014 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  294.796975][ T9013] Tainted: [U]=USER
[  294.796985][ T9013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  294.797004][ T9013] Call Trace:
[  294.797014][ T9013]  <TASK>
[  294.797025][ T9013]  dump_stack_lvl+0x16c/0x1f0
[  294.797075][ T9013]  should_fail_ex+0x512/0x640
[  294.797121][ T9013]  ? fs_reclaim_acquire+0xae/0x150
[  294.797181][ T9013]  should_failslab+0xc2/0x120
[  294.797222][ T9013]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  294.797261][ T9013]  ? security_inode_alloc+0x3b/0x2b0
[  294.797301][ T9013]  security_inode_alloc+0x3b/0x2b0
[  294.797338][ T9013]  inode_init_always_gfp+0xce4/0x1030
[  294.797398][ T9013]  alloc_inode+0x86/0x240
[  294.797437][ T9013]  new_inode+0x22/0x1c0
[  294.797478][ T9013]  bdev_alloc+0x2b/0x420
[  294.797524][ T9013]  __alloc_disk_node+0x116/0x610
[  294.797576][ T9013]  __blk_mq_alloc_disk+0x89/0x120
[  294.797625][ T9013]  loop_add+0x496/0xb70
[  294.797667][ T9013]  ? do_vfs_ioctl+0x512/0x1990
[  294.797710][ T9013]  ? __pfx_loop_add+0x10/0x10
[  294.797750][ T9013]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  294.797821][ T9013]  ? find_held_lock+0x2b/0x80
[  294.797857][ T9013]  loop_control_ioctl+0x13c/0x630
[  294.797904][ T9013]  ? __pfx_loop_control_ioctl+0x10/0x10
[  294.797955][ T9013]  ? __pfx_loop_control_ioctl+0x10/0x10
[  294.798002][ T9013]  __x64_sys_ioctl+0x190/0x200
[  294.798051][ T9013]  do_syscall_64+0xcd/0x230
[  294.798097][ T9013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.798129][ T9013] RIP: 0033:0x7f7c45d8e969
[  294.798155][ T9013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.798195][ T9013] RSP: 002b:00007f7c46b94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  294.798225][ T9013] RAX: ffffffffffffffda RBX: 00007f7c45fb5fa0 RCX: 00007f7c45d8e969
[  294.798247][ T9013] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000006
[  294.798268][ T9013] RBP: 00007f7c45e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  294.798288][ T9013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  294.798307][ T9013] R13: 0000000000000000 R14: 00007f7c45fb5fa0 R15: 00007ffe585cde18
[  294.798348][ T9013]  </TASK>
[  295.096471][ T9009] zswap: compressor  not available
[  295.120811][ T9014] Setting dangerous option i915.mitigations - tainting kernel
[  295.640428][ T9028] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1025'.
[  295.899886][ T9032] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  296.173754][ T9045] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  302.578388][ T9119] ERROR: Out of memory at tomoyo_memory_ok.
[  303.569630][ T9130] FAULT_INJECTION: forcing a failure.
[  303.569630][ T9130] name failslab, interval 1, probability 0, space 0, times 0
[  303.674763][ T9130] CPU: 1 UID: 0 PID: 9130 Comm: syz.2.1044 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  303.674818][ T9130] Tainted: [U]=USER
[  303.674828][ T9130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  303.674847][ T9130] Call Trace:
[  303.674857][ T9130]  <TASK>
[  303.674869][ T9130]  dump_stack_lvl+0x16c/0x1f0
[  303.674921][ T9130]  should_fail_ex+0x512/0x640
[  303.674966][ T9130]  ? __kvmalloc_node_noprof+0x122/0x600
[  303.675004][ T9130]  should_failslab+0xc2/0x120
[  303.675044][ T9130]  __kvmalloc_node_noprof+0x135/0x600
[  303.675081][ T9130]  ? alloc_fdtable+0xee/0x2b0
[  303.675135][ T9130]  ? alloc_fdtable+0xee/0x2b0
[  303.675180][ T9130]  alloc_fdtable+0xee/0x2b0
[  303.675230][ T9130]  dup_fd+0x83b/0xb90
[  303.675300][ T9130]  ksys_unshare+0x831/0xa40
[  303.675347][ T9130]  ? __pfx_ksys_unshare+0x10/0x10
[  303.675389][ T9130]  ? xfd_validate_state+0x5d/0x180
[  303.675446][ T9130]  ? rcu_is_watching+0x12/0xc0
[  303.675485][ T9130]  __x64_sys_unshare+0x31/0x40
[  303.675528][ T9130]  do_syscall_64+0xcd/0x230
[  303.675578][ T9130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.675608][ T9130] RIP: 0033:0x7f413e58e969
[  303.675634][ T9130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.675666][ T9130] RSP: 002b:00007f413f3f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  303.675696][ T9130] RAX: ffffffffffffffda RBX: 00007f413e7b5fa0 RCX: 00007f413e58e969
[  303.675717][ T9130] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400
[  303.675736][ T9130] RBP: 00007f413e610ab1 R08: 0000000000000000 R09: 0000000000000000
[  303.675756][ T9130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  303.675776][ T9130] R13: 0000000000000000 R14: 00007f413e7b5fa0 R15: 00007fff0f1ee218
[  303.675817][ T9130]  </TASK>
[  304.138618][ T5863] Process accounting resumed
[  304.210235][ T9137] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1047'.
[  304.740235][ T9142] can: request_module (can-proto-0) failed.
[  305.029730][ T9155] kAFS: Invalid Command on /proc/fs/afs/cells file
[  305.897033][ T9160] ima: policy update failed
[  305.906496][ T9160] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1061'.
[  305.927702][   T30] audit: type=1802 audit(6041338693.147:19): pid=9160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1061" res=0 errno=0
[  306.068116][ T9166] ERROR: Out of memory at tomoyo_memory_ok.
[  307.917200][ T9183] can: request_module (can-proto-3) failed.
[  311.797585][ T9229] Invalid ELF header magic: != ELF
[  312.366309][ T9243] mkiss: ax0: crc mode is auto.
[  312.635133][    C1] vcan0: j1939_tp_rxtimer: 0xffff88807afb8000: rx timeout, send abort
[  312.645310][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88807afb8000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  312.714778][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805b5fa000: rx timeout, send abort
[  312.725217][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805b5fa000: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  313.419077][ T9245] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  313.436058][ T9245] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  313.444401][ T9245] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  313.454757][ T9245] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  313.961163][ T9268] zram: Added device: zram0
[  314.171549][ T9274] Invalid ELF header magic: != ELF
[  314.711040][ T5139] Bluetooth: hci0: command 0x0c1a tx timeout
[  315.502078][ T5139] Bluetooth: hci3: command 0x0c1a tx timeout
[  315.502106][ T5828] Bluetooth: hci2: command 0x0c1a tx timeout
[  315.509449][ T5139] Bluetooth: hci1: command 0x0c1a tx timeout
[  316.835753][ T9302] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  316.862441][ T9302] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  316.891161][ T9302] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  316.898663][ T9302] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  317.194910][ T9319] Invalid ELF header magic: != ELF
[  318.150595][ T5828] Bluetooth: hci0: command 0x0c1a tx timeout
[  318.943737][ T5828] Bluetooth: hci3: command 0x0c1a tx timeout
[  318.943761][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  318.951829][ T5139] Bluetooth: hci1: command 0x0c1a tx timeout
[  319.674284][ T9357] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1103'.
[  319.763006][ T9357] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1103'.
[  319.829490][ T9357] netlink: 290 bytes leftover after parsing attributes in process `syz.1.1103'.
[  319.853950][ T9357] veth0_macvtap: left promiscuous mode
[  320.342309][    C0] vcan0: j1939_tp_rxtimer: 0xffff888079c8d800: rx timeout, send abort
[  320.352622][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888079c8d800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  320.405866][    C1] vcan0: j1939_tp_rxtimer: 0xffff888028b71400: rx timeout, send abort
[  320.418371][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888028b71400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  320.725329][ T5828] Bluetooth: hci0: unexpected event 0x04 length: 459 > 10
[  320.725664][ T5828] Bluetooth: hci0: connection err: -111
[  320.834739][ T9372] mmap: syz.0.1107 (9372) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  322.496337][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  322.506357][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  323.502078][ T9413] FAULT_INJECTION: forcing a failure.
[  323.502078][ T9413] name fail_futex, interval 1, probability 0, space 0, times 0
[  323.517882][ T9413] CPU: 0 UID: 0 PID: 9413 Comm: syz.1.1118 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  323.517932][ T9413] Tainted: [U]=USER
[  323.517942][ T9413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  323.517961][ T9413] Call Trace:
[  323.517972][ T9413]  <TASK>
[  323.517984][ T9413]  dump_stack_lvl+0x16c/0x1f0
[  323.518035][ T9413]  should_fail_ex+0x512/0x640
[  323.518084][ T9413]  get_futex_key+0x49e/0x1000
[  323.518119][ T9413]  ? __pfx_get_futex_key+0x10/0x10
[  323.518163][ T9413]  futex_wake+0xe7/0x4e0
[  323.518208][ T9413]  ? __pfx_futex_wake+0x10/0x10
[  323.518256][ T9413]  ? kmem_cache_free+0x2d4/0x4d0
[  323.518289][ T9413]  ? fd_install+0x225/0x750
[  323.518337][ T9413]  ? putname+0x154/0x1a0
[  323.518381][ T9413]  do_futex+0x1e3/0x350
[  323.518418][ T9413]  ? __pfx_do_futex+0x10/0x10
[  323.518457][ T9413]  ? __pfx___might_resched+0x10/0x10
[  323.518499][ T9413]  __x64_sys_futex+0x1e0/0x4c0
[  323.518538][ T9413]  ? __x64_sys_openat+0x174/0x210
[  323.518591][ T9413]  ? __pfx___x64_sys_futex+0x10/0x10
[  323.518631][ T9413]  ? rcu_is_watching+0x12/0xc0
[  323.518674][ T9413]  do_syscall_64+0xcd/0x230
[  323.518725][ T9413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.518759][ T9413] RIP: 0033:0x7febc858e969
[  323.518785][ T9413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.518818][ T9413] RSP: 002b:00007febc94800e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  323.518848][ T9413] RAX: ffffffffffffffda RBX: 00007febc87b5fa8 RCX: 00007febc858e969
[  323.518870][ T9413] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007febc87b5fac
[  323.518890][ T9413] RBP: 00007febc87b5fa0 R08: 00007febc9481000 R09: 0000000000000000
[  323.518911][ T9413] R10: 0000000000000008 R11: 0000000000000246 R12: 00007febc87b5fac
[  323.518931][ T9413] R13: 0000000000000000 R14: 00007ffdd423e760 R15: 00007ffdd423e848
[  323.518973][ T9413]  </TASK>
[  324.326439][ T9425] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  325.506448][ T5828] Bluetooth: hci3: unexpected event 0x04 length: 459 > 10
[  325.506542][ T5828] Bluetooth: hci3: connection err: -111
[  326.160668][ T9439] bond0: no command found in slaves file - use +ifname or -ifname
[  327.489189][ T9458] can: request_module (can-proto-3) failed.
[  327.605058][ T9466] mkiss: ax0: crc mode is auto.
[  328.716176][ T9475] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1131'.
[  328.793585][ T9479] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1131'.
[  329.874943][ T5828] Bluetooth: hci2: unexpected event 0x20 length: 123 > 7
[  331.080590][ T9493] can0: slcan on pty233.
[  331.212523][ T9492] can0 (unregistered): slcan off pty233.
[  332.113480][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807afbb000: rx timeout, send abort
[  332.195646][ T9536] FAULT_INJECTION: forcing a failure.
[  332.195646][ T9536] name failslab, interval 1, probability 0, space 0, times 0
[  332.231765][ T9536] CPU: 1 UID: 0 PID: 9536 Comm: syz.0.1144 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  332.231819][ T9536] Tainted: [U]=USER
[  332.231830][ T9536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  332.231848][ T9536] Call Trace:
[  332.231857][ T9536]  <TASK>
[  332.231869][ T9536]  dump_stack_lvl+0x16c/0x1f0
[  332.231916][ T9536]  should_fail_ex+0x512/0x640
[  332.231957][ T9536]  ? __kmalloc_noprof+0xbf/0x510
[  332.231993][ T9536]  ? vkms_crtc_atomic_check+0x3c5/0x880
[  332.232023][ T9536]  should_failslab+0xc2/0x120
[  332.232061][ T9536]  __kmalloc_noprof+0xd2/0x510
[  332.232094][ T9536]  ? drm_atomic_add_affected_planes+0x32b/0x3f0
[  332.232146][ T9536]  vkms_crtc_atomic_check+0x3c5/0x880
[  332.232185][ T9536]  ? __pfx_vkms_crtc_atomic_check+0x10/0x10
[  332.232212][ T9536]  drm_atomic_helper_check_planes+0x4da/0x900
[  332.232275][ T9536]  drm_atomic_helper_check+0xae/0x190
[  332.232309][ T9536]  vkms_atomic_check+0x1d9/0x250
[  332.232353][ T9536]  ? __pfx_vkms_atomic_check+0x10/0x10
[  332.232400][ T9536]  drm_atomic_check_only+0x19c7/0x3130
[  332.232463][ T9536]  drm_atomic_commit+0x136/0x300
[  332.232502][ T9536]  ? __pfx_drm_atomic_commit+0x10/0x10
[  332.232539][ T9536]  ? __pfx___drm_printfn_info+0x10/0x10
[  332.232587][ T9536]  ? drm_client_rotation+0x4d9/0x6a0
[  332.232628][ T9536]  drm_client_modeset_commit_atomic+0x69d/0x7e0
[  332.232691][ T9536]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  332.232771][ T9536]  drm_client_modeset_commit_locked+0x14d/0x580
[  332.232816][ T9536]  drm_client_modeset_commit+0x4f/0x80
[  332.232856][ T9536]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  332.232892][ T9536]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  332.232939][ T9536]  drm_fbdev_client_restore+0x2c/0x40
[  332.232983][ T9536]  drm_client_dev_restore+0x1f3/0x2a0
[  332.233028][ T9536]  drm_release+0x2c4/0x360
[  332.233065][ T9536]  ? __pfx_drm_release+0x10/0x10
[  332.233097][ T9536]  __fput+0x3ff/0xb70
[  332.233144][ T9536]  task_work_run+0x14d/0x240
[  332.233191][ T9536]  ? __pfx_task_work_run+0x10/0x10
[  332.233238][ T9536]  ? __pfx___do_sys_close_range+0x10/0x10
[  332.233266][ T9536]  ? rcu_is_watching+0x12/0xc0
[  332.233301][ T9536]  syscall_exit_to_user_mode+0x27b/0x2a0
[  332.233346][ T9536]  do_syscall_64+0xda/0x230
[  332.233395][ T9536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.233427][ T9536] RIP: 0033:0x7f7c45d8e969
[  332.233452][ T9536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.233481][ T9536] RSP: 002b:00007f7c46b73038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  332.233510][ T9536] RAX: 0000000000000000 RBX: 00007f7c45fb6080 RCX: 00007f7c45d8e969
[  332.233530][ T9536] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  332.233547][ T9536] RBP: 00007f7c45e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  332.233566][ T9536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  332.233584][ T9536] R13: 0000000000000000 R14: 00007f7c45fb6080 R15: 00007ffe585cde18
[  332.233623][ T9536]  </TASK>
[  332.604356][    C1] vkms_vblank_simulate: vblank timer overrun
[  332.623436][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807afbb000: abort rx timeout. Force session deactivation
[  333.491668][ T9554] netlink: 206 bytes leftover after parsing attributes in process `syz.1.1149'.
[  334.579809][ T9572] ERROR: Out of memory at tomoyo_memory_ok.
[  334.999476][    C1] vcan0: j1939_tp_rxtimer: 0xffff888035300400: rx timeout, send abort
[  335.103875][ T9585] FAULT_INJECTION: forcing a failure.
[  335.103875][ T9585] name failslab, interval 1, probability 0, space 0, times 0
[  335.136323][ T9585] CPU: 1 UID: 0 PID: 9585 Comm: syz.3.1154 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  335.136376][ T9585] Tainted: [U]=USER
[  335.136386][ T9585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  335.136405][ T9585] Call Trace:
[  335.136415][ T9585]  <TASK>
[  335.136427][ T9585]  dump_stack_lvl+0x16c/0x1f0
[  335.136478][ T9585]  should_fail_ex+0x512/0x640
[  335.136524][ T9585]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  335.136566][ T9585]  should_failslab+0xc2/0x120
[  335.136605][ T9585]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  335.136642][ T9585]  ? ktime_get_coarse_real_ts64_mg+0x26c/0x320
[  335.136686][ T9585]  ? __d_alloc+0x31/0xaa0
[  335.136725][ T9585]  __d_alloc+0x31/0xaa0
[  335.136756][ T9585]  ? look_up_lock_class+0x59/0x150
[  335.136802][ T9585]  d_alloc_pseudo+0x1c/0xc0
[  335.136845][ T9585]  alloc_file_pseudo+0xcf/0x230
[  335.136891][ T9585]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  335.136931][ T9585]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  335.136996][ T9585]  create_pipe_files+0x364/0x930
[  335.137037][ T9585]  do_pipe2+0xaf/0x1c0
[  335.137070][ T9585]  ? __pfx_do_pipe2+0x10/0x10
[  335.137119][ T9585]  __x64_sys_pipe+0x33/0x50
[  335.137154][ T9585]  do_syscall_64+0xcd/0x230
[  335.137203][ T9585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.137244][ T9585] RIP: 0033:0x7f9c23b8e969
[  335.137270][ T9585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.137303][ T9585] RSP: 002b:00007f9c24a8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016
[  335.137333][ T9585] RAX: ffffffffffffffda RBX: 00007f9c23db5fa0 RCX: 00007f9c23b8e969
[  335.137354][ T9585] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000200
[  335.137374][ T9585] RBP: 00007f9c23c10ab1 R08: 0000000000000000 R09: 0000000000000000
[  335.137393][ T9585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  335.137413][ T9585] R13: 0000000000000000 R14: 00007f9c23db5fa0 R15: 00007ffdaa0a48d8
[  335.137455][ T9585]  </TASK>
[  335.384797][    C1] vkms_vblank_simulate: vblank timer overrun
[  335.509500][    C1] vcan0: j1939_tp_rxtimer: 0xffff888035300400: abort rx timeout. Force session deactivation
[  335.750467][ T9599] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1158'.
[  337.121345][    C1] vcan0: j1939_xtp_rx_dat: no tx connection found
[  337.807984][ T9624] FAULT_INJECTION: forcing a failure.
[  337.807984][ T9624] name failslab, interval 1, probability 0, space 0, times 0
[  337.859457][ T9624] CPU: 0 UID: 0 PID: 9624 Comm: syz.2.1164 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  337.859516][ T9624] Tainted: [U]=USER
[  337.859527][ T9624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  337.859548][ T9624] Call Trace:
[  337.859561][ T9624]  <TASK>
[  337.859575][ T9624]  dump_stack_lvl+0x16c/0x1f0
[  337.859627][ T9624]  should_fail_ex+0x512/0x640
[  337.859673][ T9624]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  337.859719][ T9624]  should_failslab+0xc2/0x120
[  337.859760][ T9624]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  337.859797][ T9624]  ? ktime_get_coarse_real_ts64_mg+0x26c/0x320
[  337.859840][ T9624]  ? __d_alloc+0x31/0xaa0
[  337.859880][ T9624]  __d_alloc+0x31/0xaa0
[  337.859910][ T9624]  ? look_up_lock_class+0x59/0x150
[  337.859972][ T9624]  d_alloc_pseudo+0x1c/0xc0
[  337.860015][ T9624]  alloc_file_pseudo+0xcf/0x230
[  337.860062][ T9624]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  337.860103][ T9624]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  337.860168][ T9624]  create_pipe_files+0x364/0x930
[  337.860208][ T9624]  do_pipe2+0xaf/0x1c0
[  337.860242][ T9624]  ? __pfx_do_pipe2+0x10/0x10
[  337.860291][ T9624]  __x64_sys_pipe+0x33/0x50
[  337.860325][ T9624]  do_syscall_64+0xcd/0x230
[  337.860374][ T9624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.860408][ T9624] RIP: 0033:0x7f413e58e969
[  337.860435][ T9624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.860473][ T9624] RSP: 002b:00007f413f3f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016
[  337.860503][ T9624] RAX: ffffffffffffffda RBX: 00007f413e7b5fa0 RCX: 00007f413e58e969
[  337.860522][ T9624] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000200
[  337.860540][ T9624] RBP: 00007f413e610ab1 R08: 0000000000000000 R09: 0000000000000000
[  337.860559][ T9624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  337.860577][ T9624] R13: 0000000000000000 R14: 00007f413e7b5fa0 R15: 00007fff0f1ee218
[  337.860616][ T9624]  </TASK>
[  337.879165][    C1] vcan0: j1939_tp_rxtimer: 0xffff888029cca400: rx timeout, send abort
[  338.616079][    C1] vcan0: j1939_tp_rxtimer: 0xffff888029cca400: abort rx timeout. Force session deactivation
[  339.759299][ T9633] kAFS: No cell specified
[  340.022688][ T9650] bond0: no command found in slaves file - use +ifname or -ifname
[  340.756126][ T9663] FAULT_INJECTION: forcing a failure.
[  340.756126][ T9663] name failslab, interval 1, probability 0, space 0, times 0
[  340.895181][ T9663] CPU: 1 UID: 0 PID: 9663 Comm: syz.0.1174 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  340.895238][ T9663] Tainted: [U]=USER
[  340.895249][ T9663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  340.895268][ T9663] Call Trace:
[  340.895279][ T9663]  <TASK>
[  340.895291][ T9663]  dump_stack_lvl+0x16c/0x1f0
[  340.895345][ T9663]  should_fail_ex+0x512/0x640
[  340.895391][ T9663]  ? __kmalloc_noprof+0xbf/0x510
[  340.895431][ T9663]  ? snd_pcm_plugin_build+0x434/0x650
[  340.895483][ T9663]  should_failslab+0xc2/0x120
[  340.895523][ T9663]  __kmalloc_noprof+0xd2/0x510
[  340.895580][ T9663]  snd_pcm_plugin_build+0x434/0x650
[  340.895635][ T9663]  snd_pcm_plugin_build_rate+0x27c/0x760
[  340.895674][ T9663]  ? __pfx_snd_pcm_plugin_build_rate+0x10/0x10
[  340.895722][ T9663]  snd_pcm_plug_format_plugins+0x866/0x1430
[  340.895782][ T9663]  ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10
[  340.895841][ T9663]  ? _raw_spin_unlock_irq+0x23/0x50
[  340.895895][ T9663]  snd_pcm_oss_change_params_locked+0x2eeb/0x3b40
[  340.895965][ T9663]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  340.896051][ T9663]  snd_pcm_oss_get_active_substream+0x168/0x1d0
[  340.896109][ T9663]  snd_pcm_oss_ioctl+0x21e9/0x37a0
[  340.896160][ T9663]  ? hook_file_ioctl_common+0x145/0x410
[  340.896198][ T9663]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  340.896253][ T9663]  ? __fget_files+0x20e/0x3c0
[  340.896312][ T9663]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  340.896364][ T9663]  __x64_sys_ioctl+0x190/0x200
[  340.896413][ T9663]  do_syscall_64+0xcd/0x230
[  340.896462][ T9663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.896496][ T9663] RIP: 0033:0x7f7c45d8e969
[  340.896523][ T9663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.896569][ T9663] RSP: 002b:00007f7c46b94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  340.896601][ T9663] RAX: ffffffffffffffda RBX: 00007f7c45fb5fa0 RCX: 00007f7c45d8e969
[  340.896623][ T9663] RDX: 0000200000000040 RSI: 00000000c0045002 RDI: 0000000000000006
[  340.896644][ T9663] RBP: 00007f7c45e10ab1 R08: 0000000000000000 R09: 0000000000000000
[  340.896664][ T9663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  340.896684][ T9663] R13: 0000000000000000 R14: 00007f7c45fb5fa0 R15: 00007ffe585cde18
[  340.896728][ T9663]  </TASK>
[  342.223115][ T9679] FAULT_INJECTION: forcing a failure.
[  342.223115][ T9679] name failslab, interval 1, probability 0, space 0, times 0
[  342.240037][ T9679] CPU: 1 UID: 0 PID: 9679 Comm: syz.1.1177 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  342.240092][ T9679] Tainted: [U]=USER
[  342.240104][ T9679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  342.240123][ T9679] Call Trace:
[  342.240134][ T9679]  <TASK>
[  342.240146][ T9679]  dump_stack_lvl+0x16c/0x1f0
[  342.240200][ T9679]  should_fail_ex+0x512/0x640
[  342.240248][ T9679]  ? __kmalloc_noprof+0xbf/0x510
[  342.240287][ T9679]  ? vkms_crtc_atomic_check+0x3c5/0x880
[  342.240319][ T9679]  should_failslab+0xc2/0x120
[  342.240359][ T9679]  __kmalloc_noprof+0xd2/0x510
[  342.240395][ T9679]  ? drm_atomic_add_affected_planes+0x32b/0x3f0
[  342.240451][ T9679]  vkms_crtc_atomic_check+0x3c5/0x880
[  342.240500][ T9679]  ? __pfx_vkms_crtc_atomic_check+0x10/0x10
[  342.240531][ T9679]  drm_atomic_helper_check_planes+0x4da/0x900
[  342.240598][ T9679]  drm_atomic_helper_check+0xae/0x190
[  342.240633][ T9679]  vkms_atomic_check+0x1d9/0x250
[  342.240688][ T9679]  ? __pfx_vkms_atomic_check+0x10/0x10
[  342.240740][ T9679]  drm_atomic_check_only+0x19c7/0x3130
[  342.240806][ T9679]  drm_atomic_commit+0x136/0x300
[  342.240850][ T9679]  ? __pfx_drm_atomic_commit+0x10/0x10
[  342.240893][ T9679]  ? __pfx___drm_printfn_info+0x10/0x10
[  342.240946][ T9679]  ? drm_client_rotation+0x4d9/0x6a0
[  342.240991][ T9679]  drm_client_modeset_commit_atomic+0x69d/0x7e0
[  342.241047][ T9679]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  342.241138][ T9679]  drm_client_modeset_commit_locked+0x14d/0x580
[  342.241187][ T9679]  drm_client_modeset_commit+0x4f/0x80
[  342.241229][ T9679]  __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[  342.241268][ T9679]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  342.241319][ T9679]  drm_fbdev_client_restore+0x2c/0x40
[  342.241366][ T9679]  drm_client_dev_restore+0x1f3/0x2a0
[  342.241414][ T9679]  drm_release+0x2c4/0x360
[  342.241454][ T9679]  ? __pfx_drm_release+0x10/0x10
[  342.241488][ T9679]  __fput+0x3ff/0xb70
[  342.241537][ T9679]  task_work_run+0x14d/0x240
[  342.241590][ T9679]  ? __pfx_task_work_run+0x10/0x10
[  342.241641][ T9679]  ? __pfx___do_sys_close_range+0x10/0x10
[  342.241680][ T9679]  ? rcu_is_watching+0x12/0xc0
[  342.241720][ T9679]  syscall_exit_to_user_mode+0x27b/0x2a0
[  342.241768][ T9679]  do_syscall_64+0xda/0x230
[  342.241818][ T9679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.241851][ T9679] RIP: 0033:0x7febc858e969
[  342.241877][ T9679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.241909][ T9679] RSP: 002b:00007febc945f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  342.241940][ T9679] RAX: 0000000000000000 RBX: 00007febc87b6080 RCX: 00007febc858e969
[  342.241961][ T9679] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  342.241981][ T9679] RBP: 00007febc8610ab1 R08: 0000000000000000 R09: 0000000000000000
[  342.242001][ T9679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  342.242020][ T9679] R13: 0000000000000000 R14: 00007febc87b6080 R15: 00007ffdd423e848
[  342.242064][ T9679]  </TASK>
[  343.972416][ T9691] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1181'.
[  344.023222][ T9691] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1181'.
[  344.888970][ T9702] ubi0: attaching mtd0
[  344.899436][ T9702] ubi0: scanning is finished
[  344.920800][ T9702] ubi0: empty MTD device detected
[  344.927031][ T9702] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record
[  345.071648][ T9708] Invalid ELF header magic: != ELF
[  345.086926][ T9704] Invalid ELF header magic: != ELF
[  345.542588][ T9702] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  346.547086][ T9723] netlink: 206 bytes leftover after parsing attributes in process `syz.2.1187'.
[  349.715904][ T9766] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  350.059265][ T9771] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1200'.
[  350.304097][ T9779] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(8)
[  352.257613][   T30] audit: type=1326 audit(4294967305.940:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9800 comm="syz.2.1208" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f413e58e969 code=0x0
[  353.053675][ T9804] FAULT_INJECTION: forcing a failure.
[  353.053675][ T9804] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  353.104318][ T9804] CPU: 1 UID: 0 PID: 9804 Comm: syz.2.1208 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  353.104374][ T9804] Tainted: [U]=USER
[  353.104386][ T9804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  353.104404][ T9804] Call Trace:
[  353.104414][ T9804]  <TASK>
[  353.104436][ T9804]  dump_stack_lvl+0x16c/0x1f0
[  353.104486][ T9804]  should_fail_ex+0x512/0x640
[  353.104538][ T9804]  should_fail_alloc_page+0xe7/0x130
[  353.104583][ T9804]  prepare_alloc_pages+0x3c2/0x610
[  353.104644][ T9804]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  353.104695][ T9804]  ? stack_trace_save+0x8e/0xc0
[  353.104729][ T9804]  ? __pfx_stack_trace_save+0x10/0x10
[  353.104766][ T9804]  ? stack_depot_save_flags+0x28/0xa50
[  353.104818][ T9804]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  353.104859][ T9804]  ? kasan_save_stack+0x42/0x60
[  353.104891][ T9804]  ? kasan_save_stack+0x33/0x60
[  353.104919][ T9804]  ? kasan_record_aux_stack+0xb8/0xd0
[  353.104962][ T9804]  ? __call_rcu_common.constprop.0+0x9a/0x9f0
[  353.105006][ T9804]  ? put_task_struct_rcu_user+0x75/0xc0
[  353.105054][ T9804]  ? linear_transfer+0x6d9/0x9c0
[  353.105081][ T9804]  ? snd_pcm_plug_read_transfer+0x24f/0x300
[  353.105129][ T9804]  ? snd_pcm_oss_read2+0x1e4/0x410
[  353.105173][ T9804]  ? snd_pcm_oss_read+0x5d3/0x760
[  353.105216][ T9804]  ? vfs_read+0x1de/0xc70
[  353.105241][ T9804]  ? ksys_read+0x12a/0x240
[  353.105267][ T9804]  ? do_syscall_64+0xcd/0x230
[  353.105310][ T9804]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.105365][ T9804]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  353.105413][ T9804]  ? policy_nodemask+0xea/0x4e0
[  353.105462][ T9804]  alloc_pages_mpol+0x1fb/0x550
[  353.105502][ T9804]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  353.105543][ T9804]  ? __lock_acquire+0x5ca/0x1ba0
[  353.105589][ T9804]  folio_alloc_mpol_noprof+0x36/0x2f0
[  353.105638][ T9804]  vma_alloc_folio_noprof+0xed/0x1e0
[  353.105682][ T9804]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  353.105741][ T9804]  do_pte_missing+0x223d/0x3fb0
[  353.105786][ T9804]  __handle_mm_fault+0x103d/0x2a40
[  353.105830][ T9804]  ? __pfx___handle_mm_fault+0x10/0x10
[  353.105886][ T9804]  ? find_vma+0xbf/0x140
[  353.105928][ T9804]  ? __pfx_find_vma+0x10/0x10
[  353.105978][ T9804]  handle_mm_fault+0x3fe/0xad0
[  353.106018][ T9804]  do_user_addr_fault+0x7a6/0x1370
[  353.106057][ T9804]  ? rcu_is_watching+0x12/0xc0
[  353.106091][ T9804]  exc_page_fault+0x5c/0xc0
[  353.106135][ T9804]  asm_exc_page_fault+0x26/0x30
[  353.106166][ T9804] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  353.106202][ T9804] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  353.106233][ T9804] RSP: 0000:ffffc90002fc7bc0 EFLAGS: 00050206
[  353.106259][ T9804] RAX: 0000000000000001 RBX: 0000000000004000 RCX: 0000000000003f64
[  353.106279][ T9804] RDX: 0000000000000000 RSI: ffff88805d53c09c RDI: 000000000000c000
[  353.106298][ T9804] RBP: 000000000000bf64 R08: 0000000000000000 R09: ffffed100baa7fff
[  353.106317][ T9804] R10: ffff88805d53ffff R11: 0000000000000000 R12: ffff88805d53c000
[  353.106336][ T9804] R13: 000000000000ff64 R14: 00007ffffffff000 R15: 0000000000000000
[  353.106377][ T9804]  _copy_to_user+0xbb/0xd0
[  353.106451][ T9804]  snd_pcm_oss_read2+0x294/0x410
[  353.106500][ T9804]  ? __pfx_snd_pcm_oss_read2+0x10/0x10
[  353.106561][ T9804]  snd_pcm_oss_read+0x5d3/0x760
[  353.106615][ T9804]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  353.106663][ T9804]  vfs_read+0x1de/0xc70
[  353.106702][ T9804]  ? __pfx_vfs_read+0x10/0x10
[  353.106727][ T9804]  ? find_held_lock+0x2b/0x80
[  353.106757][ T9804]  ? __fget_files+0x204/0x3c0
[  353.106810][ T9804]  ? __fget_files+0x20e/0x3c0
[  353.106871][ T9804]  ksys_read+0x12a/0x240
[  353.106902][ T9804]  ? __pfx_ksys_read+0x10/0x10
[  353.106928][ T9804]  ? rcu_is_watching+0x12/0xc0
[  353.106968][ T9804]  do_syscall_64+0xcd/0x230
[  353.107012][ T9804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.107045][ T9804] RIP: 0033:0x7f413e58e969
[  353.107069][ T9804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.107096][ T9804] RSP: 002b:00007f413f3af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  353.107125][ T9804] RAX: ffffffffffffffda RBX: 00007f413e7b6160 RCX: 00007f413e58e969
[  353.107147][ T9804] RDX: 000000000cefbce6 RSI: 0000000000000000 RDI: 0000000000000008
[  353.107166][ T9804] RBP: 00007f413e610ab1 R08: 0000000000000000 R09: 0000000000000000
[  353.107186][ T9804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  353.107205][ T9804] R13: 0000000000000000 R14: 00007f413e7b6160 R15: 00007fff0f1ee218
[  353.107247][ T9804]  </TASK>
[  353.728490][ T9811] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint
[  354.845713][ T9824] kAFS: No cell specified
[  355.986389][ T9838] FAULT_INJECTION: forcing a failure.
[  355.986389][ T9838] name failslab, interval 1, probability 0, space 0, times 0
[  356.009635][ T9838] CPU: 0 UID: 0 PID: 9838 Comm: syz.2.1216 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  356.009677][ T9838] Tainted: [U]=USER
[  356.009684][ T9838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  356.009699][ T9838] Call Trace:
[  356.009706][ T9838]  <TASK>
[  356.009715][ T9838]  dump_stack_lvl+0x16c/0x1f0
[  356.009753][ T9838]  should_fail_ex+0x512/0x640
[  356.009788][ T9838]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  356.009823][ T9838]  should_failslab+0xc2/0x120
[  356.009852][ T9838]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  356.009883][ T9838]  ? vrf_netns_init+0x107/0x1f0
[  356.009925][ T9838]  kmemdup_noprof+0x29/0x60
[  356.009955][ T9838]  vrf_netns_init+0x107/0x1f0
[  356.009993][ T9838]  ? __pfx_vrf_netns_init+0x10/0x10
[  356.010029][ T9838]  ops_init+0x1df/0x5f0
[  356.010061][ T9838]  setup_net+0x21e/0x850
[  356.010092][ T9838]  ? __pfx_setup_net+0x10/0x10
[  356.010120][ T9838]  ? lockdep_init_map_type+0x5c/0x280
[  356.010155][ T9838]  ? __pfx_down_read_killable+0x10/0x10
[  356.010196][ T9838]  ? debug_mutex_init+0x37/0x70
[  356.010238][ T9838]  copy_net_ns+0x2a6/0x5f0
[  356.010272][ T9838]  create_new_namespaces+0x3ea/0xad0
[  356.010306][ T9838]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  356.010336][ T9838]  ksys_unshare+0x45b/0xa40
[  356.010376][ T9838]  ? __pfx_ksys_unshare+0x10/0x10
[  356.010407][ T9838]  ? xfd_validate_state+0x5d/0x180
[  356.010449][ T9838]  ? rcu_is_watching+0x12/0xc0
[  356.010479][ T9838]  __x64_sys_unshare+0x31/0x40
[  356.010524][ T9838]  do_syscall_64+0xcd/0x230
[  356.010571][ T9838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.010602][ T9838] RIP: 0033:0x7f413e58e969
[  356.010627][ T9838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  356.010659][ T9838] RSP: 002b:00007f413f3d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  356.010689][ T9838] RAX: ffffffffffffffda RBX: 00007f413e7b6080 RCX: 00007f413e58e969
[  356.010709][ T9838] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  356.010729][ T9838] RBP: 00007f413e610ab1 R08: 0000000000000000 R09: 0000000000000000
[  356.010747][ T9838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  356.010766][ T9838] R13: 0000000000000000 R14: 00007f413e7b6080 R15: 00007fff0f1ee218
[  356.010807][ T9838]  </TASK>
[  359.756385][ T9890] can: request_module (can-proto-3) failed.
[  359.767011][ T9887] can: request_module (can-proto-3) failed.
[  361.346900][ T9901] ptrace attach of "./syz-executor exec"[5836] was attempted by "./syz-executor exec"[9901]
[  365.311113][ T9956] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1239'.
[  365.443330][ T9948] can0: slcan on ttyS2.
[  365.653783][ T9947] can0 (unregistered): slcan off ttyS2.
[  365.742827][ T9957] binder: 9954:9957 ioctl 41045508 1 returned -22
[  365.828870][ T9960] binder: 9954:9960 ioctl 40081271 38 returned -22
[  369.102143][T10032] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1251'.
[  369.836065][T10038] can0: slcan on ttyS2.
[  370.141520][T10037] can0 (unregistered): slcan off ttyS2.
[  372.159225][T10071] ima: policy update failed
[  372.204776][   T30] audit: type=1802 audit(4294967325.890:21): pid=10071 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1261" res=0 errno=0
[  372.243468][T10071] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1261'.
[  375.360690][T10102] can: request_module (can-proto-3) failed.
[  375.665532][T10107] FAULT_INJECTION: forcing a failure.
[  375.665532][T10107] name failslab, interval 1, probability 0, space 0, times 0
[  375.689770][T10107] CPU: 0 UID: 0 PID: 10107 Comm: syz.3.1268 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  375.689826][T10107] Tainted: [U]=USER
[  375.689837][T10107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  375.689858][T10107] Call Trace:
[  375.689870][T10107]  <TASK>
[  375.689884][T10107]  dump_stack_lvl+0x16c/0x1f0
[  375.689936][T10107]  should_fail_ex+0x512/0x640
[  375.689981][T10107]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  375.690039][T10107]  should_failslab+0xc2/0x120
[  375.690080][T10107]  __kmalloc_cache_noprof+0x6a/0x3e0
[  375.690137][T10107]  ? snd_pcm_oss_change_params_locked+0x211/0x3b40
[  375.690202][T10107]  snd_pcm_oss_change_params_locked+0x211/0x3b40
[  375.690258][T10107]  ? __pfx___might_resched+0x10/0x10
[  375.690298][T10107]  ? rcu_is_watching+0x12/0xc0
[  375.690325][T10107]  ? trace_contention_end+0xdd/0x130
[  375.690369][T10107]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  375.690418][T10107]  ? __pfx___futex_wait+0x10/0x10
[  375.690460][T10107]  ? snd_pcm_oss_read+0x379/0x760
[  375.690537][T10107]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  375.690588][T10107]  snd_pcm_oss_read+0x39b/0x760
[  375.690638][T10107]  ? security_file_permission+0x71/0x210
[  375.690684][T10107]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  375.690736][T10107]  vfs_read+0x1de/0xc70
[  375.690776][T10107]  ? __pfx_vfs_read+0x10/0x10
[  375.690802][T10107]  ? find_held_lock+0x2b/0x80
[  375.690834][T10107]  ? __fget_files+0x204/0x3c0
[  375.690891][T10107]  ? __fget_files+0x20e/0x3c0
[  375.690954][T10107]  ksys_read+0x12a/0x240
[  375.690983][T10107]  ? __pfx_ksys_read+0x10/0x10
[  375.691010][T10107]  ? rcu_is_watching+0x12/0xc0
[  375.691051][T10107]  do_syscall_64+0xcd/0x230
[  375.691100][T10107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.691134][T10107] RIP: 0033:0x7f9c23b8e969
[  375.691162][T10107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  375.691203][T10107] RSP: 002b:00007f9c24a8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  375.691233][T10107] RAX: ffffffffffffffda RBX: 00007f9c23db5fa0 RCX: 00007f9c23b8e969
[  375.691255][T10107] RDX: 000000000cefbce6 RSI: 0000000000000000 RDI: 000000000000000a
[  375.691275][T10107] RBP: 00007f9c23c10ab1 R08: 0000000000000000 R09: 0000000000000000
[  375.691295][T10107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  375.691314][T10107] R13: 0000000000000000 R14: 00007f9c23db5fa0 R15: 00007ffdaa0a48d8
[  375.691357][T10107]  </TASK>
[  377.429099][T10118] ERROR: Out of memory at tomoyo_memory_ok.
[  378.239579][T10143] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(8)
[  378.660813][T10151] can: request_module (can-proto-3) failed.
[  381.463674][T10172] can: request_module (can-proto-3) failed.
[  383.846742][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  383.854548][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  384.061102][T10206] netlink: 'syz.3.1288': attribute type 1 has an invalid length.
[  390.777855][T10286] Invalid ELF header magic: != ELF
[  391.000365][T10307] block2mtd: error: cannot open device /sys/
[  391.170730][   T30] audit: type=1804 audit(4294967344.840:22): pid=10286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1297" name="/newroot/sys/kernel/tracing/events/vmalloc/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  392.101712][T10321] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(8)
[  395.040031][T10350] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1311'.
[  395.220983][T10350] veth0_macvtap: left promiscuous mode
[  395.363872][T10350] macvtap0: entered promiscuous mode
[  395.396098][T10350] macvtap0: entered allmulticast mode
[  396.754569][T10382] netlink: 'syz.2.1317': attribute type 1 has an invalid length.
[  399.157188][T10408] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1323'.
[  405.505511][ T5828] ==================================================================
[  405.515235][ T5828] BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240
[  405.524739][ T5828] Read of size 140 at addr ffffc900043a3000 by task kworker/u9:2/5828
[  405.534566][ T5828] 
[  405.537379][ T5828] CPU: 1 UID: 0 PID: 5828 Comm: kworker/u9:2 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  405.537415][ T5828] Tainted: [U]=USER
[  405.537423][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  405.537439][ T5828] Workqueue: hci0 hci_devcd_timeout
[  405.537474][ T5828] Call Trace:
[  405.537483][ T5828]  <TASK>
[  405.537492][ T5828]  dump_stack_lvl+0x116/0x1f0
[  405.537525][ T5828]  print_report+0xc3/0x670
[  405.537552][ T5828]  ? __virt_addr_valid+0x5e/0x590
[  405.537584][ T5828]  ? hci_devcd_dump+0x142/0x240
[  405.537612][ T5828]  kasan_report+0xe0/0x110
[  405.537640][ T5828]  ? hci_devcd_dump+0x142/0x240
[  405.537672][ T5828]  kasan_check_range+0xef/0x1a0
[  405.537705][ T5828]  __asan_memcpy+0x23/0x60
[  405.537742][ T5828]  hci_devcd_dump+0x142/0x240
[  405.537772][ T5828]  hci_devcd_timeout+0xb5/0x2e0
[  405.537801][ T5828]  ? rcu_is_watching+0x12/0xc0
[  405.537825][ T5828]  process_one_work+0x9cc/0x1b70
[  405.537868][ T5828]  ? __pfx_process_one_work+0x10/0x10
[  405.537908][ T5828]  ? assign_work+0x1a0/0x250
[  405.537942][ T5828]  worker_thread+0x6c8/0xf10
[  405.537982][ T5828]  ? __kthread_parkme+0x19e/0x250
[  405.538011][ T5828]  ? __pfx_worker_thread+0x10/0x10
[  405.538046][ T5828]  kthread+0x3c2/0x780
[  405.538079][ T5828]  ? __pfx_kthread+0x10/0x10
[  405.538119][ T5828]  ? __pfx_kthread+0x10/0x10
[  405.538161][ T5828]  ? __pfx_kthread+0x10/0x10
[  405.538201][ T5828]  ? __pfx_kthread+0x10/0x10
[  405.538247][ T5828]  ? rcu_is_watching+0x12/0xc0
[  405.538268][ T5828]  ? __pfx_kthread+0x10/0x10
[  405.538301][ T5828]  ret_from_fork+0x45/0x80
[  405.538337][ T5828]  ? __pfx_kthread+0x10/0x10
[  405.538369][ T5828]  ret_from_fork_asm+0x1a/0x30
[  405.538410][ T5828]  </TASK>
[  405.538417][ T5828] 
[  405.744864][ T5828] The buggy address ffffc900043a3000 belongs to a vmalloc virtual mapping
[  405.755096][ T5828] Memory state around the buggy address:
[  405.761974][ T5828]  ffffc900043a2f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  405.771673][ T5828]  ffffc900043a2f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  405.781390][ T5828] >ffffc900043a3000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  405.791102][ T5828]                    ^
[  405.795984][ T5828]  ffffc900043a3080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  405.805794][ T5828]  ffffc900043a3100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  405.815574][ T5828] ==================================================================
[  405.828090][ T5828] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  405.836786][ T5828] CPU: 1 UID: 0 PID: 5828 Comm: kworker/u9:2 Tainted: G     U              6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[  405.853807][ T5828] Tainted: [U]=USER
[  405.858397][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  405.870602][ T5828] Workqueue: hci0 hci_devcd_timeout
[  405.876905][ T5828] Call Trace:
[  405.880880][ T5828]  <TASK>
[  405.884421][ T5828]  dump_stack_lvl+0x3d/0x1f0
[  405.889985][ T5828]  panic+0x71c/0x800
[  405.894713][ T5828]  ? __pfx_panic+0x10/0x10
[  405.900061][ T5828]  ? irqentry_exit+0x3b/0x90
[  405.905661][ T5828]  ? lockdep_hardirqs_on+0x7c/0x110
[  405.911948][ T5828]  ? preempt_schedule_thunk+0x16/0x30
[  405.918463][ T5828]  ? hci_devcd_dump+0x142/0x240
[  405.924360][ T5828]  ? preempt_schedule_common+0x44/0xc0
[  405.930972][ T5828]  ? check_panic_on_warn+0x1f/0xb0
[  405.937260][ T5828]  ? hci_devcd_dump+0x142/0x240
[  405.943207][ T5828]  check_panic_on_warn+0xab/0xb0
[  405.949171][ T5828]  end_report+0x107/0x170
[  405.954378][ T5828]  kasan_report+0xee/0x110
[  405.959727][ T5828]  ? hci_devcd_dump+0x142/0x240
[  405.965594][ T5828]  kasan_check_range+0xef/0x1a0
[  405.971448][ T5828]  __asan_memcpy+0x23/0x60
[  405.976773][ T5828]  hci_devcd_dump+0x142/0x240
[  405.982413][ T5828]  hci_devcd_timeout+0xb5/0x2e0
[  405.988711][ T5828]  ? rcu_is_watching+0x12/0xc0
[  405.994435][ T5828]  process_one_work+0x9cc/0x1b70
[  406.000390][ T5828]  ? __pfx_process_one_work+0x10/0x10
[  406.006865][ T5828]  ? assign_work+0x1a0/0x250
[  406.012390][ T5828]  worker_thread+0x6c8/0xf10
[  406.017929][ T5828]  ? __kthread_parkme+0x19e/0x250
[  406.023974][ T5828]  ? __pfx_worker_thread+0x10/0x10
[  406.030237][ T5828]  kthread+0x3c2/0x780
[  406.035153][ T5828]  ? __pfx_kthread+0x10/0x10
[  406.041016][ T5828]  ? __pfx_kthread+0x10/0x10
[  406.046555][ T5828]  ? __pfx_kthread+0x10/0x10
[  406.052092][ T5828]  ? __pfx_kthread+0x10/0x10
[  406.057716][ T5828]  ? rcu_is_watching+0x12/0xc0
[  406.063443][ T5828]  ? __pfx_kthread+0x10/0x10
[  406.068978][ T5828]  ret_from_fork+0x45/0x80
[  406.074302][ T5828]  ? __pfx_kthread+0x10/0x10
[  406.079825][ T5828]  ret_from_fork_asm+0x1a/0x30
[  406.085682][ T5828]  </TASK>
[  406.089563][ T5828] Kernel Offset: disabled
[  406.094750][ T5828] Rebooting in 86400 seconds..