last executing test programs: 6.044314691s ago: executing program 0 (id=1378): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) sysfs$auto(0x2, 0x45, 0x0) r0 = fsopen$auto(0x0, 0x1) close_range$auto(r0, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400006, 0xdc, 0x9b72, 0xffffffffffffffff, 0x8003) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, r1, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) dup$auto(0xffffffffffffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/module/zswap/parameters/enabled\x00', 0x8ea182, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0) r4 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r4, 0x400, 0x1) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video39\x00', 0x488b01, 0x0) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) execve$auto(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000000180)=""/250, 0xfa) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000100)={"fda256c4", 0x3, 0x2, 0x4, 0x9b4, 0x9, "0800aafc241cd010c7543bfbca2ce1", "0200", '\x00\x00 \x00', "2ff43123", ['\x00', "f8ff0b00fbf2ffff0000b401", "0004154db00b0004000400", "5fe10eedab02ea39549a4892"]}) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) 5.157982742s ago: executing program 0 (id=1376): mmap$auto(0x0, 0x2020006, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3, 0x1ff, 0x1001, 0x5, 0x717e, 0x0, 0x7, 0x200000000000003, 0xd, 0x2, 0x80003, 0x4, 0x1ffffffffffd, 0xb5, 0xfffffffffffffffe, 0x7, 0x10002, 0x7f, 0x2a2, 0x5, 0xa, 0x22000, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, [0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, 0x400, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8000000, 0x0, 0xffffffffffffffff, 0x3]}, 0x1fe, 0xd) r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r3, 0xfffffffffffffd03, &(0x7f00000001c0)) connect$auto(0x3, &(0x7f00000018c0)=@ethernet={0x1, @remote}, 0x8) mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_vdpa(&(0x7f0000000040), r2) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x800, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000440)=""/82, 0x52) ioctl$auto_TIOCSWINSZ2(r4, 0x5414, &(0x7f00000001c0)) ioctl$auto(0xffffffffffffffff, 0x80a86f3d, 0x38) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0x2ab42, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/tty/ptybd/dev\x00', 0x2440, 0x0) read$auto(r5, 0x0, 0x20) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r6, 0xc0045009, &(0x7f0000000040)) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) 4.128204751s ago: executing program 1 (id=1381): kexec_load$auto(0x8, 0x8, &(0x7f0000000300)={@buf=&(0x7f00000002c0)="3edf2cd778f3dfb939dff16550ffb45a1188a856d4b6d5ef260c6af7a59cb0114551f312cf16a3ae6e09b99b4f6fccc7c0", 0x4, 0x4, 0x9}, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/sctp/remaddr\x00', 0x101d00, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) r2 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x2082, 0x0) write$auto_drm_edid_fops_drm_debugfs(r2, &(0x7f0000000580)="b7a53caf1b305860206af11a0ec35e7e5c46caffe279de8e9945d6e37dfaf9058103dbe387321e23d5f21c271069baa482db442a5748c1fec17e92c29d2df967f9c1ce0bd79ec3d67c9f0aff55674e238d4b83e2372ae3a03950aaa641f736e6f9065e5b9af9e2de49f8a01693aa28b5e53dd7d970575e42c6720cff2f6f9bf902791bf83abd9acf9dc3968a36b1851ffc6497e410d51f340b92b74f972cd68de180f42bcfc5ac64a8977e242b9ca63c58d603fea4fad558f0071db6e24de9bda2b835957f69a06c0d0000000000000000d4b8db86be62388110e03ef34b1fadaffc761c3fa220dac9bf9e94d03a0fe70ca30710a7b237632954060b9ebd2707", 0x4e00) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) shmctl$auto_SHM_UNLOCK(0x0, 0xc, 0x0) sysfs$auto(0x5, 0x10000000000002f, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/neigh/wlan1/mcast_solicit\x00', 0x2000, 0x0) setrlimit$auto(0x0, &(0x7f0000000000)={0x0, 0x3ff}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) r7 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp1\x00', 0x84800, 0x0) write$auto_snd_pcm_oss_f_reg_pcm_oss(r7, &(0x7f0000000240)="71045fe4393806f43ee3d3c99fce77e61cd10263b88dafc12adbd02ac010d4a85521ed6bbd494e6e693f6924ddbb3c5c5ec5f593b9186a44a8c7090acb9e5e9b1ffe5dc6fcdbc3fa8130c34192601750e6a52a312334461d2226e4ebc96b1a57c6e90d29c29f04", 0x67) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) io_uring_register$auto_IORING_REGISTER_PERSONALITY(r0, 0x9, &(0x7f00000001c0)="7e9d22a2fb5b424c2be7a8bf6ac94877342774", 0x68) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002abd7000fcdbdf44000000050000000c0001800800010000000000000db09dd954530bc2bcc32f0e07fb68fad84e6bec73f01ac45dae848ac13bc4f207aeffd711f605400c12cfbd7d5d44f50400f6d497a318f520fd7caa61c4afdb31573cd5216793354b763750829b03a6f26e6c", @ANYRES32=r8, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(r3, 0x0, 0x2) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/jfs/TxAnchor\x00', 0x80000, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev_snmp6/team_slave_1\x00', 0x100, 0x0) 3.96343187s ago: executing program 0 (id=1384): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d000000000700", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d}) ioctl$auto_BLKTRACETEARDOWN(r0, 0x1276, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x5, 0x4, 0xc) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x1002, 0xc, 0x4, 0x200000eb0, 0x401, 0x705cf82a) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x1000000d, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x7, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x4000000002, 0x62, 0x80000000, 0x0, 0x6d3f, 0x8001, 0xa, 0xfffffffffffffffc]}, 0x0) r2 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) write$auto_console_fops_tty_io(r2, &(0x7f0000000340)="63e46100000000000000003c2cae6cbe0b1f4c13dc13b0bb94c70829c8a61424f02b520b16b55f0bb9c47da2799dc4a6cc836e0853177e1921f70f163dd2693761c90eb9c4eea0e24fad4d78827b004409eb354ec668c36f996717c25517b594075d1810f596b55976debc715e8280687afbcce0b5069660ea9bc113671ac9", 0x7f) getpid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r3, 0x0, 0xfffffdf1) linkat$auto(r3, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862) utimes$auto(&(0x7f00000000c0)=':,\x00', 0x0) sendmsg$auto_NL80211_CMD_ADD_NAN_FUNCTION(r3, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000000400)={0x190, r1, 0x2, 0x70bd28, 0x25dfdbfd, {}, [@NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0xd1}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0x6}, @NL80211_ATTR_MLO_LINKS={0x34, 0x138, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0xf7d}, @NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0x16}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_BSS_BASIC_RATES={0x8, 0x24, "79335204"}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_COLOR_CHANGE_COLOR={0x5, 0x130, 0x2}]}]}, @NL80211_ATTR_TX_RATES={0x4}, @NL80211_ATTR_RADAR_BACKGROUND={0x4}, @NL80211_ATTR_S1G_CAPABILITY_MASK={0x121, 0x129, "6065629b8c2bd36cd026b14804dc6862a60ad0f3f5dafe2c924db427abbf81f66c0d24f231ef4f8b5af68dc4b15a5751e9671df1d9a2786fb446ca2b73a3eb5c05793568905c10ff0cfd50220e096e616b799a9638aca98ffe529bb68b972957f48f8348b1a55535551e356f657c19dba229b03b46e94e09f13c0c5096aa5df1cc892eee21587672d2f93f2df9352fd3b96d13c44c09a74e03b95b2dd16448b3d2937d1ff6f4a16ee51f37db838248666253a1f23e24f28d9c8c7daf3df25463954e0997702b8c744b3172375c4550c1872e598a003f8f45402ae329dc2165096fe5ecba5e817b18761bd84b4630769aa11886aa9b8bd11f2b4b328506698b048cc7d6bc7bbf25a89b0f11cc0771bc79c768598b698cb3fb1cd97e6ab4"}, @NL80211_ATTR_STA_FLAGS={0xc, 0x11, 0x0, 0x1, [@typed={0x8, 0xb3, 0x0, 0x0, @fd=r0}]}]}, 0x190}, 0x1, 0x0, 0x0, 0x4000080}, 0x0) mprotect$auto(0x0, 0x8000000000000001, 0x8) ioctl$auto_BLKTRACETEARDOWN(r0, 0x1276, 0x0) 3.868009244s ago: executing program 1 (id=1385): syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) acct$auto(&(0x7f00000000c0)='/dev/vcs\x00') mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40005, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='0\n\xf48\x97\xff*\x8a\xeb+l\\\x9e@\\}\x04|\x03\xcb\x12\xfa\b\x1c\vr\xc0\\\x17\xcb\xb4Q\xe1)@J}\x7fw\xc7\xe58,.\xf6p\x8d\xa0\x1f\xe3\xc5\xff\r\xde\xaf\x84\xd6P\b\xdf\xfe\x1f\xa1\xb4\x89\xa0\xac\x9a\xb8\x88\xca\x00\x15\x9d`>\xcd\xcb\xbe#k\xaf\xe9\x9a0\xb6\xe2#\xc1u\xfa\xe1\x19\x92qH\x80\xb9\xa4a\xba%\xc7\xc5\xb8\v\x00\xa5\xdd\xa2\x8c\xacBY\x9b\"\x14*\xfd\x87\x84~\x94\xb5\xfd/\xe2\xadz9\xbe!7\xf9\x88F\xe9@L\x1cD\xc2ia*\x81\x10L\x8d\xde\xdf\xc5)$\x03,\xb5\x88\a\xfe\x8c\xea\x16|\x11x\xdaE\x1c\xce\xe1\xdb\xc1\x86\xd9!.\xfb\xb7\xd4%\\\x1eJ\x175\x9c\xc0\x83\x89k+\x1bKk\xc4\x8f\xb01\x9a\x94_r\xa5W\xe0\x16A', 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x141f02, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x1ff, r1, @relative_id=0x13, 0xe600}, 0xf) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r4, 0x0, 0x3}, 0xc) readv$auto(0x6, &(0x7f00000000c0)={0x0, 0x1}, 0x5) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r0, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x3, 0xfff, 0x9b72, 0xffffffffffffffff, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) 3.683741308s ago: executing program 2 (id=1386): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) sysfs$auto(0x2, 0x45, 0x0) r0 = fsopen$auto(0x0, 0x1) close_range$auto(r0, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400006, 0xdc, 0x9b72, 0xffffffffffffffff, 0x8003) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, r1, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) dup$auto(0xffffffffffffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/module/zswap/parameters/enabled\x00', 0x8ea182, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0) r4 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r4, 0x400, 0x1) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video39\x00', 0x488b01, 0x0) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) execve$auto(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000000180)=""/250, 0xfa) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000100)={"fda256c4", 0x3, 0x2, 0x4, 0x9b4, 0x9, "0800aafc241cd010c7543bfbca2ce1", "0200", '\x00\x00 \x00', "2ff43123", ['\x00', "f8ff0b00fbf2ffff0000b401", "0004154db00b0004000400", "5fe10eedab02ea39549a4892"]}) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) 3.438033472s ago: executing program 3 (id=1388): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) sysfs$auto(0x2, 0x45, 0x0) r0 = fsopen$auto(0x0, 0x1) close_range$auto(r0, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400006, 0xdc, 0x9b72, 0xffffffffffffffff, 0x8003) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, r1, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) dup$auto(0xffffffffffffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/module/zswap/parameters/enabled\x00', 0x8ea182, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0) r4 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r4, 0x400, 0x1) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video39\x00', 0x488b01, 0x0) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) execve$auto(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000000180)=""/250, 0xfa) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000100)={"fda256c4", 0x3, 0x2, 0x4, 0x9b4, 0x9, "0800aafc241cd010c7543bfbca2ce1", "0200", '\x00\x00 \x00', "2ff43123", ['\x00', "f8ff0b00fbf2ffff0000b401", "0004154db00b0004000400", "5fe10eedab02ea39549a4892"]}) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) 2.990357391s ago: executing program 1 (id=1389): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) ioctl$auto_BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000500)={0x40a, 0x3, 0x3ac, 0x8, {0x1, 0x4, 0xb, 0x3, 0x9, 0x4, 0x9, 0x2, 0xe, 0xa5, 0x1, 0x4, 0x0, 0xf, 0xff}}) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x2, 0x1, 0x0) bpf$auto_BPF_OBJ_GET_INFO_BY_FD(0xf, &(0x7f00000002c0)=@test={r1, 0x0, 0x856, 0x189, 0x8, 0x7fff, 0x7fff, 0x10000, 0xc91a, 0x7, 0x5, 0x3, 0x3, 0x3, 0x6}, 0x1) mmap$auto(0x0, 0xa00006, 0x400002, 0x40ebe, 0xffffffffffffffff, 0x300000000000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) sendmsg$auto_ETHTOOL_MSG_PSE_SET(0xffffffffffffffff, 0x0, 0x0) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x6c580, 0x0) write$auto(r3, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/105, 0x69) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0xa40, 0x0) ioctl$auto(r4, 0x5606, r4) socket(0xa, 0x5, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0x10, 0x2, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') 2.743972678s ago: executing program 2 (id=1390): r0 = prctl$auto_PR_SCHED_CORE_GET(0x3, 0x0, 0x0, 0x4, 0x3) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x40008c5) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/scsi/sg/allow_dio\x00', 0x101181, 0x0) write$auto(0x3, 0x0, 0x100082) r1 = socket$nl_generic(0x10, 0x3, 0x10) rseq$auto(0x0, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) clone$auto(0x7fff, 0xff, 0x0, 0x0, 0x7) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x800000000007, 0xd3e, 0x1, 0x948b, 0x3, 0xf1f, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) dup2$auto(0x5, 0x4) write$auto(0x6, 0x0, 0x100000001) splice$auto(0x4, 0x0, r2, 0x0, 0x10000, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000) r3 = syz_genetlink_get_family_id$auto_smbd_genl(0x0, r1) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r3, 0x200, 0x70bd2c, 0x25dfdbff, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20008800}, 0x20) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, 0x0, 0x14) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) r4 = socket(0x2, 0x3, 0xff) setsockopt$auto(r4, 0xff, 0x1, 0x0, 0x7) getpriority$auto_PRIO_USER(0x2, 0x0) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) write$auto(r5, 0x0, 0xfffffdef) 2.463345812s ago: executing program 0 (id=1391): kexec_load$auto(0x8, 0x8, &(0x7f0000000300)={@buf=&(0x7f00000002c0)="3edf2cd778f3dfb939dff16550ffb45a1188a856d4b6d5ef260c6af7a59cb0114551f312cf16a3ae6e09b99b4f6fccc7c0", 0x4, 0x4, 0x9}, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/sctp/remaddr\x00', 0x101d00, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) r2 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x2082, 0x0) write$auto_drm_edid_fops_drm_debugfs(r2, &(0x7f0000000580)="b7a53caf1b305860206af11a0ec35e7e5c46caffe279de8e9945d6e37dfaf9058103dbe387321e23d5f21c271069baa482db442a5748c1fec17e92c29d2df967f9c1ce0bd79ec3d67c9f0aff55674e238d4b83e2372ae3a03950aaa641f736e6f9065e5b9af9e2de49f8a01693aa28b5e53dd7d970575e42c6720cff2f6f9bf902791bf83abd9acf9dc3968a36b1851ffc6497e410d51f340b92b74f972cd68de180f42bcfc5ac64a8977e242b9ca63c58d603fea4fad558f0071db6e24de9bda2b835957f69a06c0d0000000000000000d4b8db86be62388110e03ef34b1fadaffc761c3fa220dac9bf9e94d03a0fe70ca30710a7b237632954060b9ebd2707", 0x4e00) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/netdevsim/unlink_device\x00', 0x10b081, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) shmctl$auto_SHM_UNLOCK(0x0, 0xc, 0x0) sysfs$auto(0x5, 0x10000000000002f, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/neigh/wlan1/mcast_solicit\x00', 0x2000, 0x0) setrlimit$auto(0x0, &(0x7f0000000000)={0x0, 0x3ff}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) r7 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp1\x00', 0x84800, 0x0) write$auto_snd_pcm_oss_f_reg_pcm_oss(r7, &(0x7f0000000240)="71045fe4393806f43ee3d3c99fce77e61cd10263b88dafc12adbd02ac010d4a85521ed6bbd494e6e693f6924ddbb3c5c5ec5f593b9186a44a8c7090acb9e5e9b1ffe5dc6fcdbc3fa8130c34192601750e6a52a312334461d2226e4ebc96b1a57c6e90d29c29f04", 0x67) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) io_uring_register$auto_IORING_REGISTER_PERSONALITY(r0, 0x9, &(0x7f00000001c0)="7e9d22a2fb5b424c2be7a8bf6ac94877342774", 0x68) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002abd7000fcdbdf44000000050000000c0001800800010000000000000db09dd954530bc2bcc32f0e07fb68fad84e6bec73f01ac45dae848ac13bc4f207aeffd711f605400c12cfbd7d5d44f50400f6d497a318f520fd7caa61c4afdb31573cd5216793354b763750829b03a6f26e6c", @ANYRES32=r8, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(r3, 0x0, 0x2) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/jfs/TxAnchor\x00', 0x80000, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev_snmp6/team_slave_1\x00', 0x100, 0x0) 2.366711912s ago: executing program 3 (id=1392): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/oom_adj\x00', 0x48503, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xa4e00, 0x0) socket(0xa, 0x801, 0x84) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace\x00', 0x2, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8c00, 0x0) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) close_range$auto(0x2, 0x8000, 0x0) r2 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0) ioctl$auto(r2, 0x3b8e, r1) read$auto(r0, 0x0, 0x1f40) mmap$auto(0x0, 0x7, 0xdf, 0x1000000eb2, 0x401, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x7) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, 0x0, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x20281, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) r5 = openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/available_tracers\x00', 0x4140, 0x0) epoll_pwait2$auto(r5, &(0x7f0000000080)={0x7fffffff, 0x3}, 0x7, &(0x7f00000000c0)={0xd7da, 0x5}, &(0x7f0000000100)={0x2}, 0x8) ioctl$auto(0x3, 0xae41, r4) 2.046500815s ago: executing program 0 (id=1393): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = fsopen$auto(0x0, 0x1) close_range$auto(r0, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400006, 0xdc, 0x9b72, 0xffffffffffffffff, 0x8003) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, r1, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) dup$auto(0xffffffffffffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/module/zswap/parameters/enabled\x00', 0x8ea182, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0) r4 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r4, 0x400, 0x1) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video39\x00', 0x488b01, 0x0) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) execve$auto(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000000180)=""/250, 0xfa) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000100)={"fda256c4", 0x3, 0x2, 0x4, 0x9b4, 0x9, "0800aafc241cd010c7543bfbca2ce1", "0200", '\x00\x00 \x00', "2ff43123", ['\x00', "f8ff0b00fbf2ffff0000b401", "0004154db00b0004000400", "5fe10eedab02ea39549a4892"]}) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) 2.034587907s ago: executing program 1 (id=1394): kexec_load$auto(0x8, 0x8, &(0x7f0000000300)={@buf=&(0x7f00000002c0)="3edf2cd778f3dfb939dff16550ffb45a1188a856d4b6d5ef260c6af7a59cb0114551f312cf16a3ae6e09b99b4f6fccc7c0", 0x4, 0x4, 0x9}, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/sctp/remaddr\x00', 0x101d00, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) r2 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x2082, 0x0) write$auto_drm_edid_fops_drm_debugfs(r2, &(0x7f0000000580)="b7a53caf1b305860206af11a0ec35e7e5c46caffe279de8e9945d6e37dfaf9058103dbe387321e23d5f21c271069baa482db442a5748c1fec17e92c29d2df967f9c1ce0bd79ec3d67c9f0aff55674e238d4b83e2372ae3a03950aaa641f736e6f9065e5b9af9e2de49f8a01693aa28b5e53dd7d970575e42c6720cff2f6f9bf902791bf83abd9acf9dc3968a36b1851ffc6497e410d51f340b92b74f972cd68de180f42bcfc5ac64a8977e242b9ca63c58d603fea4fad558f0071db6e24de9bda2b835957f69a06c0d0000000000000000d4b8db86be62388110e03ef34b1fadaffc761c3fa220dac9bf9e94d03a0fe70ca30710a7b237632954060b9ebd2707", 0x4e00) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) shmctl$auto_SHM_UNLOCK(0x0, 0xc, 0x0) sysfs$auto(0x5, 0x10000000000002f, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/neigh/wlan1/mcast_solicit\x00', 0x2000, 0x0) setrlimit$auto(0x0, &(0x7f0000000000)={0x0, 0x3ff}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) r7 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp1\x00', 0x84800, 0x0) write$auto_snd_pcm_oss_f_reg_pcm_oss(r7, &(0x7f0000000240)="71045fe4393806f43ee3d3c99fce77e61cd10263b88dafc12adbd02ac010d4a85521ed6bbd494e6e693f6924ddbb3c5c5ec5f593b9186a44a8c7090acb9e5e9b1ffe5dc6fcdbc3fa8130c34192601750e6a52a312334461d2226e4ebc96b1a57c6e90d29c29f04", 0x67) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) io_uring_register$auto_IORING_REGISTER_PERSONALITY(r0, 0x9, &(0x7f00000001c0)="7e9d22a2fb5b424c2be7a8bf6ac94877342774", 0x68) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002abd7000fcdbdf44000000050000000c0001800800010000000000000db09dd954530bc2bcc32f0e07fb68fad84e6bec73f01ac45dae848ac13bc4f207aeffd711f605400c12cfbd7d5d44f50400f6d497a318f520fd7caa61c4afdb31573cd5216793354b763750829b03a6f26e6c", @ANYRES32=r8, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(r3, 0x0, 0x2) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/jfs/TxAnchor\x00', 0x80000, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev_snmp6/team_slave_1\x00', 0x100, 0x0) 1.909788534s ago: executing program 3 (id=1395): socket(0xa, 0x3, 0xff) socket(0x22, 0x4, 0x8) setsockopt$auto(0x400000000000003, 0x29, 0x16, 0x0, 0x20056b) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40000, 0x2) move_mount$auto(0xffffffffffffffff, 0x0, r0, 0x0, 0x3) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x2, 0x40009, 0xaeff, 0x9b7e, 0xffffffffffffffff, 0x28002) r3 = open(0x0, 0x595002, 0x408) write$auto(r3, 0x0, 0xfffffdf1) r4 = io_uring_setup$auto(0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) cachestat$auto(0xffffffffffffffff, 0x0, 0x0, 0x0) r5 = socket(0x15, 0x5, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x22002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) ioctl$auto(0x3, 0xc0205649, 0x38) close_range$auto(0x2, r3, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) mmap$auto(0x0, 0x0, 0x9eb5, 0x5f, r5, 0x7ff8) sendfile$auto(r1, r4, 0x0, 0x7ffff000) write$auto(r2, 0x0, 0xfdec) 1.859676672s ago: executing program 1 (id=1396): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) sysfs$auto(0x2, 0x45, 0x0) r0 = fsopen$auto(0x0, 0x1) close_range$auto(r0, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400006, 0xdc, 0x9b72, 0xffffffffffffffff, 0x8003) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, r1, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) dup$auto(0xffffffffffffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, 0x0, 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/module/zswap/parameters/enabled\x00', 0x8ea182, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0) r4 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r4, 0x400, 0x1) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video39\x00', 0x488b01, 0x0) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) execve$auto(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000000180)=""/250, 0xfa) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000100)={"fda256c4", 0x3, 0x2, 0x4, 0x9b4, 0x9, "0800aafc241cd010c7543bfbca2ce1", "0200", '\x00\x00 \x00', "2ff43123", ['\x00', "f8ff0b00fbf2ffff0000b401", "0004154db00b0004000400", "5fe10eedab02ea39549a4892"]}) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) 1.847168995s ago: executing program 2 (id=1397): socket(0xa, 0x2, 0x0) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x22, 0x2, 0x1) fstat$auto(r1, 0x0) ioctl$auto(0xffffffffffffffff, 0x3b87, 0x38) sendmmsg$auto(r0, 0x0, 0x7, 0x4008) io_uring_register$auto_IORING_REGISTER_RING_FDS(0xffffffffffffffff, 0x14, &(0x7f0000000000), 0x7) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r2 = socket(0x10, 0x2, 0x0) ioctl$auto(r2, 0x8946, 0x24) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.4/usb5/5-0:1.0/usb5-port1/power/pm_qos_no_power_off\x00', 0x20b42, 0x0) write$auto(r3, &(0x7f0000000200)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\xe0c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\xec\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x92z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe3\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x8) write$auto(0xca, &(0x7f00000000c0)='\x04>\x01\x01\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x96\b\'\x02\xb0\x93l\xeb\x87\r\b\x87\x14\xf8e6\x9c\f\xb6,NS\xa2(Q\xcc', 0x7f) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, 0x0, 0x20000010) statmount$auto(0x0, 0x0, 0x9, 0xd) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@raw=0xd3a7, 0xfffffffd, 0x3, 0x81, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d"}, 0x400005, 0x25, 0x4, @inferred, @reserved="630d530e55f2940f87c5580dd6d03d326858cba1428368e17dd0ceca88463efa0e31cd124fc844bc62fc6fce5ce6dcdea7d8b0aaa17e657c5969b5b494035f33865acc90360b98bd8e36c3b553f3c18172a2579ad612531a4dccc48e8770223069caf4694e9f7759a0d16ffa4780bc3f828dd4a8cc877abd7dc6ae56ff3f0cce", "7a9fc199a16a2311eacf2fc7ae1d8778dc610400000001000f00000000b6debe0eda71bdd709254592b67f9cb5adb17884a16f7ce8cb7c0eb32791702b8d7c2d"}) rt_sigqueueinfo$auto(0x0, 0x4, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}}) r4 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r4, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000080)={&(0x7f0000000200), 0xf}, 0x7, 0x0, 0x5, 0xe}, 0x5}, 0x1, 0x101) close_range$auto(0x2, 0x8, 0x0) 1.556273438s ago: executing program 3 (id=1398): syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) acct$auto(&(0x7f00000000c0)='/dev/vcs\x00') mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/module/kvm/parameters/nx_huge_pages_recovery_period_ms\x00', 0x149b01, 0x0) write$auto(r0, &(0x7f00000000c0)='0\n\xf48\x97\xff*\x8a\xeb+l\\\x9e@\\}\x04|\x03\xcb\x12\xfa\b\x1c\vr\xc0\\\x17\xcb\xb4Q\xe1)@J}\x7fw\xc7\xe58,.\xf6p\x8d\xa0\x1f\xe3\xc5\xff\r\xde\xaf\x84\xd6P\b\xdf\xfe\x1f\xa1\xb4\x89\xa0\xac\x9a\xb8\x88\xca\x00\x15\x9d`>\xcd\xcb\xbe#k\xaf\xe9\x9a0\xb6\xe2#\xc1u\xfa\xe1\x19\x92qH\x80\xb9\xa4a\xba%\xc7\xc5\xb8\v\x00\xa5\xdd\xa2\x8c\xacBY\x9b\"\x14*\xfd\x87\x84~\x94\xb5\xfd/\xe2\xadz9\xbe!7\xf9\x88F\xe9@L\x1cD\xc2ia*\x81\x10L\x8d\xde\xdf\xc5)$\x03,\xb5\x88\a\xfe\x8c\xea\x16|\x11x\xdaE\x1c\xce\xe1\xdb\xc1\x86\xd9!.\xfb\xb7\xd4%\\\x1eJ\x175\x9c\xc0\x83\x89k+\x1bKk\xc4\x8f\xb01\x9a\x94_r\xa5W\xe0\x16A', 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x141f02, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r1, 0x0) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x1ff, r2, @relative_id=0x13, 0xe600}, 0xf) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r5, 0x0, 0x3}, 0xc) readv$auto(0x6, &(0x7f00000000c0)={0x0, 0x1}, 0x5) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r1, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x3, 0xfff, 0x9b72, 0xffffffffffffffff, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) 1.463116921s ago: executing program 2 (id=1399): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) timer_create$auto(0x3, 0x0, &(0x7f0000000280)=0x6) timer_gettime$auto(0x0, &(0x7f0000001f80)={{0x9, 0x100000001}, {0x9f9a, 0x401}}) sched_setattr$auto(0x0, 0x0, 0x7b) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x200, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r1, 0x7cb, 0x0) mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r3, 0x0, 0x0) fanotify_mark$auto(0xffffffffffffffff, 0x9, 0x9, 0xffffffffffffffff, 0x0) r4 = open(0x0, 0x0, 0x408) getdents$auto(r4, 0x0, 0x400018) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) close_range$auto(0x2, 0x8, 0x0) 1.095105437s ago: executing program 0 (id=1400): syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) acct$auto(&(0x7f00000000c0)='/dev/vcs\x00') mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/module/kvm/parameters/nx_huge_pages_recovery_period_ms\x00', 0x149b01, 0x0) write$auto(r0, &(0x7f00000000c0)='0\n\xf48\x97\xff*\x8a\xeb+l\\\x9e@\\}\x04|\x03\xcb\x12\xfa\b\x1c\vr\xc0\\\x17\xcb\xb4Q\xe1)@J}\x7fw\xc7\xe58,.\xf6p\x8d\xa0\x1f\xe3\xc5\xff\r\xde\xaf\x84\xd6P\b\xdf\xfe\x1f\xa1\xb4\x89\xa0\xac\x9a\xb8\x88\xca\x00\x15\x9d`>\xcd\xcb\xbe#k\xaf\xe9\x9a0\xb6\xe2#\xc1u\xfa\xe1\x19\x92qH\x80\xb9\xa4a\xba%\xc7\xc5\xb8\v\x00\xa5\xdd\xa2\x8c\xacBY\x9b\"\x14*\xfd\x87\x84~\x94\xb5\xfd/\xe2\xadz9\xbe!7\xf9\x88F\xe9@L\x1cD\xc2ia*\x81\x10L\x8d\xde\xdf\xc5)$\x03,\xb5\x88\a\xfe\x8c\xea\x16|\x11x\xdaE\x1c\xce\xe1\xdb\xc1\x86\xd9!.\xfb\xb7\xd4%\\\x1eJ\x175\x9c\xc0\x83\x89k+\x1bKk\xc4\x8f\xb01\x9a\x94_r\xa5W\xe0\x16A', 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x141f02, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r1, 0x0) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x1ff, r2, @relative_id=0x13, 0xe600}, 0xf) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r5, 0x0, 0x3}, 0xc) readv$auto(0x6, &(0x7f00000000c0)={0x0, 0x1}, 0x5) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r1, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x3, 0xfff, 0x9b72, 0xffffffffffffffff, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) 869.209085ms ago: executing program 1 (id=1401): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x10bb41, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x2) r0 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000040), 0x424041, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) timer_create$auto(0x3, 0x0, 0x0) timer_create$auto(0x9, 0x0, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/timer_source\x00', 0x8002, 0x0) write$auto(r1, 0x0, 0x200c) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'macvlan1\x00', 0x0}) bpf$auto(0x2, &(0x7f0000000580)=@bpf_attr_3={0x21, 0x4, 0xc95d, 0x7, 0x3, 0x40, 0x200, 0x2, 0x2, "7d7bdfb5b2a58b72ecf54ffa2b424044", r2, 0x5, r0, 0x4, 0x9, 0xfffffff9, 0x9, 0x1000, 0xffff, 0x4, @attach_btf_obj_fd=r0, 0x7, 0x4, 0x81, 0x0, 0x2, r0, r1}, 0xffff99ea) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) lsetxattr$auto(0x0, 0x0, 0x0, 0xfffffffffffffffa, 0x3ff) ioctl$auto_BCH_IOCTL_DISK_RESIZE(r0, 0x4018bc0e, &(0x7f0000000080)={0x5, 0x0, 0x5, 0x1}) mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r3 = bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb5, 0x10, 0x7, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0xe5, 0x3}, 0x10) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd=0xffffffffffffffff, @target_ifindex=r5, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), r4) pread64$auto(r0, &(0x7f0000000540)='%!:{\x14.*\x00', 0x5, 0x1) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_PROTOCOL_FEATURES(r4, &(0x7f0000000500)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000640)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="00002bbd7000fedbdf255f0000000800c400040000000800a100020000000800db00", @ANYRES32=r6, @ANYBLOB="13001a0021b3026824b6c681394c98f3ef10e00004003701080089ddb680342c8b90f53d0b1b1d2856c0defbcc77deb04b0d2af2873a873797492441e66fa4d074917d0e4cfd2aa6fc290ee6c564fba9316e84e70f3b73f47e24aab8c906af6188bf5a8ff1d48453cf186cc3eb5d71dba6f89422cc4289807b8375bf1ff72c2cde483723821f78530db2a0c7a749228f53e25593b89b418b0e803655b6ab4665547c5b58d23df6392f", @ANYRES32=r8], 0x50}, 0x1, 0x0, 0x0, 0xc050}, 0x4084) prctl$auto(0x44, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r6) 451.533934ms ago: executing program 3 (id=1402): kexec_load$auto(0x8, 0x8, &(0x7f0000000300)={@buf=&(0x7f00000002c0)="3edf2cd778f3dfb939dff16550ffb45a1188a856d4b6d5ef260c6af7a59cb0114551f312cf16a3ae6e09b99b4f6fccc7c0", 0x4, 0x4, 0x9}, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/sctp/remaddr\x00', 0x101d00, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) r2 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x2082, 0x0) write$auto_drm_edid_fops_drm_debugfs(r2, &(0x7f0000000580)="b7a53caf1b305860206af11a0ec35e7e5c46caffe279de8e9945d6e37dfaf9058103dbe387321e23d5f21c271069baa482db442a5748c1fec17e92c29d2df967f9c1ce0bd79ec3d67c9f0aff55674e238d4b83e2372ae3a03950aaa641f736e6f9065e5b9af9e2de49f8a01693aa28b5e53dd7d970575e42c6720cff2f6f9bf902791bf83abd9acf9dc3968a36b1851ffc6497e410d51f340b92b74f972cd68de180f42bcfc5ac64a8977e242b9ca63c58d603fea4fad558f0071db6e24de9bda2b835957f69a06c0d0000000000000000d4b8db86be62388110e03ef34b1fadaffc761c3fa220dac9bf9e94d03a0fe70ca30710a7b237632954060b9ebd2707", 0x4e00) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/netdevsim/unlink_device\x00', 0x10b081, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) shmctl$auto_SHM_UNLOCK(0x0, 0xc, 0x0) sysfs$auto(0x5, 0x10000000000002f, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/neigh/wlan1/mcast_solicit\x00', 0x2000, 0x0) setrlimit$auto(0x0, &(0x7f0000000000)={0x0, 0x3ff}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) r7 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp1\x00', 0x84800, 0x0) write$auto_snd_pcm_oss_f_reg_pcm_oss(r7, &(0x7f0000000240)="71045fe4393806f43ee3d3c99fce77e61cd10263b88dafc12adbd02ac010d4a85521ed6bbd494e6e693f6924ddbb3c5c5ec5f593b9186a44a8c7090acb9e5e9b1ffe5dc6fcdbc3fa8130c34192601750e6a52a312334461d2226e4ebc96b1a57c6e90d29c29f04", 0x67) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) io_uring_register$auto_IORING_REGISTER_PERSONALITY(r0, 0x9, &(0x7f00000001c0)="7e9d22a2fb5b424c2be7a8bf6ac94877342774", 0x68) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002abd7000fcdbdf44000000050000000c0001800800010000000000000db09dd954530bc2bcc32f0e07fb68fad84e6bec73f01ac45dae848ac13bc4f207aeffd711f605400c12cfbd7d5d44f50400f6d497a318f520fd7caa61c4afdb31573cd5216793354b763750829b03a6f26e6c", @ANYRES32=r8, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(r3, 0x0, 0x2) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/jfs/TxAnchor\x00', 0x80000, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev_snmp6/team_slave_1\x00', 0x100, 0x0) 327.665489ms ago: executing program 2 (id=1403): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/oom_adj\x00', 0x48503, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xa4e00, 0x0) socket(0xa, 0x801, 0x84) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace\x00', 0x2, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8c00, 0x0) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) close_range$auto(0x2, 0x8000, 0x0) r2 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0) ioctl$auto(r2, 0x3b8e, r1) read$auto(r0, 0x0, 0x1f40) mmap$auto(0x0, 0x7, 0xdf, 0x1000000eb2, 0x401, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x7) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, 0x0, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x20281, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) r5 = openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/available_tracers\x00', 0x4140, 0x0) epoll_pwait2$auto(r5, &(0x7f0000000080)={0x7fffffff, 0x3}, 0x7, &(0x7f00000000c0)={0xd7da, 0x5}, &(0x7f0000000100)={0x2}, 0x8) ioctl$auto(0x3, 0xae41, r4) 198.40402ms ago: executing program 3 (id=1404): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim0/max_vfs\x00', 0x48002, 0x0) write$auto(r1, 0x0, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x2, 0x400000000000400, 0x9}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x205) symlink$auto(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00') rename$auto(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0/../file0\x00') mmap$auto(0x101, 0x2020009, 0x200000000003, 0x2000000000000eb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x10000002020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setreuid$auto(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(0x0, &(0x7f0000000000)={0x7b, 0x1, 0x4c}) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r2, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef) madvise$auto(0x0, 0xffffffffffff0005, 0x19) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) socket(0xa, 0x1, 0x84) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/est_nice\x00', 0x80000, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r3, 0x0, 0x0) openat$auto_rfcomm_sock_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x30002, 0x0) socket(0x2a, 0x80000, 0x4) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x8100, 0x0) socket(0x80000000000002d, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x101001, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_11={0x0, 0x84, 0x6, 0x3ba, 0xd5, 0x4, 0x3}, 0x6f3) 0s ago: executing program 2 (id=1405): kexec_load$auto(0x8, 0x8, &(0x7f0000000300)={@buf=&(0x7f00000002c0)="3edf2cd778f3dfb939dff16550ffb45a1188a856d4b6d5ef260c6af7a59cb0114551f312cf16a3ae6e09b99b4f6fccc7c0", 0x4, 0x4, 0x9}, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/sctp/remaddr\x00', 0x101d00, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) r2 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x2082, 0x0) write$auto_drm_edid_fops_drm_debugfs(r2, &(0x7f0000000580)="b7a53caf1b305860206af11a0ec35e7e5c46caffe279de8e9945d6e37dfaf9058103dbe387321e23d5f21c271069baa482db442a5748c1fec17e92c29d2df967f9c1ce0bd79ec3d67c9f0aff55674e238d4b83e2372ae3a03950aaa641f736e6f9065e5b9af9e2de49f8a01693aa28b5e53dd7d970575e42c6720cff2f6f9bf902791bf83abd9acf9dc3968a36b1851ffc6497e410d51f340b92b74f972cd68de180f42bcfc5ac64a8977e242b9ca63c58d603fea4fad558f0071db6e24de9bda2b835957f69a06c0d0000000000000000d4b8db86be62388110e03ef34b1fadaffc761c3fa220dac9bf9e94d03a0fe70ca30710a7b237632954060b9ebd2707", 0x4e00) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) shmctl$auto_SHM_UNLOCK(0x0, 0xc, 0x0) sysfs$auto(0x5, 0x10000000000002f, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/neigh/wlan1/mcast_solicit\x00', 0x2000, 0x0) setrlimit$auto(0x0, &(0x7f0000000000)={0x0, 0x3ff}) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) r7 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp1\x00', 0x84800, 0x0) write$auto_snd_pcm_oss_f_reg_pcm_oss(r7, &(0x7f0000000240)="71045fe4393806f43ee3d3c99fce77e61cd10263b88dafc12adbd02ac010d4a85521ed6bbd494e6e693f6924ddbb3c5c5ec5f593b9186a44a8c7090acb9e5e9b1ffe5dc6fcdbc3fa8130c34192601750e6a52a312334461d2226e4ebc96b1a57c6e90d29c29f04", 0x67) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) io_uring_register$auto_IORING_REGISTER_PERSONALITY(r0, 0x9, &(0x7f00000001c0)="7e9d22a2fb5b424c2be7a8bf6ac94877342774", 0x68) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002abd7000fcdbdf44000000050000000c0001800800010000000000000db09dd954530bc2bcc32f0e07fb68fad84e6bec73f01ac45dae848ac13bc4f207aeffd711f605400c12cfbd7d5d44f50400f6d497a318f520fd7caa61c4afdb31573cd5216793354b763750829b03a6f26e6c", @ANYRES32=r8, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(r3, 0x0, 0x2) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/jfs/TxAnchor\x00', 0x80000, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev_snmp6/team_slave_1\x00', 0x100, 0x0) kernel console output (not intermixed with test programs): : 00007f68f0c15fa0 RCX: 00007f68f099bf79 [ 142.063350][ T6812] RDX: 0000000000000000 RSI: 000000000000000a RDI: 000000000000000a [ 142.063365][ T6812] RBP: 00007f68f0a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 142.063382][ T6812] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000 [ 142.063398][ T6812] R13: 00007f68f0c16038 R14: 00007f68f0c15fa0 R15: 00007ffeec7775c8 [ 142.063435][ T6812] [ 142.965921][ T6828] tipc: Started in network mode [ 142.971123][ T6828] tipc: Node identity ee00, cluster identity 4711 [ 142.998988][ T6828] tipc: Node number set to 60928 [ 145.598784][ T6867] netlink: 8 bytes leftover after parsing attributes in process `syz.0.175'. [ 148.187613][ T6909] bridge_slave_1: left allmulticast mode [ 148.193459][ T6909] bridge_slave_1: left promiscuous mode [ 148.209815][ T6913] netlink: 28 bytes leftover after parsing attributes in process `syz.0.184'. [ 148.221471][ T6909] bridge0: port 2(bridge_slave_1) entered disabled state [ 148.232692][ T6913] ipvlan0: entered promiscuous mode [ 148.238173][ T6913] ipvlan0: entered allmulticast mode [ 148.254346][ T6913] veth0_vlan: entered allmulticast mode [ 149.487123][ T29] audit: type=1804 audit(1771052850.539:4): pid=6931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.190" name="/newroot/46/file0" dev="tmpfs" ino=256 res=1 errno=0 [ 149.547340][ T29] audit: type=1804 audit(1771052850.539:5): pid=6934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.190" name="/newroot/46/file0" dev="tmpfs" ino=256 res=1 errno=0 [ 150.760802][ T29] audit: type=1804 audit(1771052851.819:6): pid=6955 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.196" name="/newroot/sys/kernel/debug/tracing/options/irq-info" dev="tracefs" ino=3264 res=1 errno=0 [ 151.916725][ T6981] vhci_hcd vhci_hcd.0: invalid port number 16 [ 152.662170][ T6998] bond0: invalid ARP target specified [ 152.901706][ T7001] netlink: 338 bytes leftover after parsing attributes in process `syz.0.208'. [ 152.921023][ T7001] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 154.063068][ T7030] block nbd8: shutting down sockets [ 154.363731][ T29] audit: type=1804 audit(1771052855.419:7): pid=7040 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.225" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 154.704996][ T7046] netlink: 330 bytes leftover after parsing attributes in process `syz.2.218'. [ 156.752000][ T7074] bond0: invalid ARP target specified [ 156.762262][ T7079] vivid-009: ================= START STATUS ================= [ 156.801900][ T7079] vivid-009: Radio HW Seek Mode: Bounded [ 156.839633][ T7079] vivid-009: Radio Programmable HW Seek: false [ 156.881097][ T7079] vivid-009: RDS Rx I/O Mode: Block I/O [ 156.925480][ T7079] vivid-009: Generate RBDS Instead of RDS: false [ 156.977598][ T7079] vivid-009: RDS Reception: true [ 156.994299][ T7079] vivid-009: RDS Program Type: 0 inactive [ 157.011687][ T7079] vivid-009: RDS PS Name: inactive [ 157.021790][ T7079] vivid-009: RDS Radio Text: inactive [ 157.069490][ T7079] vivid-009: RDS Traffic Announcement: false inactive [ 157.103571][ T29] audit: type=1804 audit(1771052858.149:8): pid=7090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.227" name="/newroot/57/file0" dev="tmpfs" ino=321 res=1 errno=0 [ 157.150885][ T7079] vivid-009: RDS Traffic Program: false inactive [ 157.157390][ T7079] vivid-009: RDS Music: false inactive [ 157.163056][ T7079] vivid-009: ================== END STATUS ================== [ 157.179985][ T29] audit: type=1804 audit(1771052858.229:9): pid=7084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.227" name="/newroot/57/file0" dev="tmpfs" ino=321 res=1 errno=0 [ 158.534953][ T29] audit: type=1804 audit(1771052859.599:10): pid=7121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.236" name="/newroot/57/file0" dev="tmpfs" ino=315 res=1 errno=0 [ 158.768078][ T29] audit: type=1804 audit(1771052859.829:11): pid=7116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.236" name="/newroot/57/file0" dev="tmpfs" ino=315 res=1 errno=0 [ 159.018366][ T7133] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 159.367192][ T7132] nvme_fabrics: missing parameter 'transport=%s' [ 159.373763][ T7132] nvme_fabrics: missing parameter 'nqn=%s' [ 159.572046][ T7137] HfR: entered promiscuous mode [ 162.371843][ T7196] vhci_hcd vhci_hcd.0: invalid port number 16 [ 162.986554][ T29] audit: type=1804 audit(1771052864.039:12): pid=7207 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.252" name="/newroot/64/file0" dev="tmpfs" ino=350 res=1 errno=0 [ 163.051963][ T29] audit: type=1804 audit(1771052864.109:13): pid=7208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.252" name="/newroot/64/file0" dev="tmpfs" ino=350 res=1 errno=0 [ 163.163970][ T7215] FAULT_INJECTION: forcing a failure. [ 163.163970][ T7215] name failslab, interval 1, probability 0, space 0, times 0 [ 163.234411][ T7215] CPU: 0 UID: 0 PID: 7215 Comm: syz.3.258 Tainted: G L syzkaller #0 PREEMPT(full) [ 163.234455][ T7215] Tainted: [L]=SOFTLOCKUP [ 163.234465][ T7215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 163.234480][ T7215] Call Trace: [ 163.234489][ T7215] [ 163.234499][ T7215] dump_stack_lvl+0x100/0x190 [ 163.234546][ T7215] should_fail_ex.cold+0x5/0xa [ 163.234580][ T7215] should_failslab+0xc2/0x120 [ 163.234624][ T7215] __kmalloc_cache_noprof+0x7a/0x6f0 [ 163.234653][ T7215] ? trace_pid_list_alloc+0x232/0x480 [ 163.234698][ T7215] trace_pid_list_alloc+0x232/0x480 [ 163.234751][ T7215] trace_pid_write+0x110/0x460 [ 163.234791][ T7215] ? __pfx_trace_pid_write+0x10/0x10 [ 163.234851][ T7215] event_pid_write.isra.0+0x1e4/0x800 [ 163.234893][ T7215] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 163.234944][ T7215] vfs_write+0x2aa/0x1070 [ 163.234982][ T7215] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 163.235026][ T7215] ? __pfx_vfs_write+0x10/0x10 [ 163.235062][ T7215] ? __fget_files+0x215/0x3d0 [ 163.235106][ T7215] ? __fget_files+0x21f/0x3d0 [ 163.235152][ T7215] ksys_write+0x12a/0x250 [ 163.235186][ T7215] ? __pfx_ksys_write+0x10/0x10 [ 163.235220][ T7215] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 163.235257][ T7215] ? syscall_user_dispatch+0x76/0x130 [ 163.235302][ T7215] do_syscall_64+0x106/0xf80 [ 163.235332][ T7215] ? clear_bhb_loop+0x40/0x90 [ 163.235364][ T7215] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.235391][ T7215] RIP: 0033:0x7f68f099bf79 [ 163.235413][ T7215] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 163.235438][ T7215] RSP: 002b:00007f68f189b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 163.235465][ T7215] RAX: ffffffffffffffda RBX: 00007f68f0c15fa0 RCX: 00007f68f099bf79 [ 163.235482][ T7215] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 163.235498][ T7215] RBP: 00007f68f0a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 163.235514][ T7215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 163.235529][ T7215] R13: 00007f68f0c16038 R14: 00007f68f0c15fa0 R15: 00007ffeec7775c8 [ 163.235568][ T7215] [ 164.856667][ T29] audit: type=1800 audit(1771052865.919:14): pid=7243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.262" name="lu_gp_id" dev="configfs" ino=15856 res=0 errno=0 [ 165.732858][ T29] audit: type=1804 audit(1771052866.779:15): pid=7261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.269" name="/newroot/70/file0" dev="tmpfs" ino=381 res=1 errno=0 [ 165.808375][ T29] audit: type=1804 audit(1771052866.789:16): pid=7265 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.269" name="/newroot/70/file0" dev="tmpfs" ino=381 res=1 errno=0 [ 167.835824][ T7313] FAULT_INJECTION: forcing a failure. [ 167.835824][ T7313] name failslab, interval 1, probability 0, space 0, times 0 [ 167.916207][ T7313] CPU: 1 UID: 0 PID: 7313 Comm: syz.0.281 Tainted: G L syzkaller #0 PREEMPT(full) [ 167.916234][ T7313] Tainted: [L]=SOFTLOCKUP [ 167.916240][ T7313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 167.916248][ T7313] Call Trace: [ 167.916254][ T7313] [ 167.916260][ T7313] dump_stack_lvl+0x100/0x190 [ 167.916286][ T7313] should_fail_ex.cold+0x5/0xa [ 167.916304][ T7313] ? tomoyo_encode2+0xfb/0x3c0 [ 167.916319][ T7313] should_failslab+0xc2/0x120 [ 167.916343][ T7313] __kmalloc_noprof+0xe0/0x850 [ 167.916361][ T7313] ? rcu_is_watching+0x12/0xc0 [ 167.916385][ T7313] tomoyo_encode2+0xfb/0x3c0 [ 167.916404][ T7313] tomoyo_encode+0x29/0x50 [ 167.916419][ T7313] tomoyo_realpath_from_path+0x18c/0x690 [ 167.916449][ T7313] tomoyo_check_open_permission+0x2af/0x3c0 [ 167.916474][ T7313] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 167.916516][ T7313] ? lock_acquire+0x1cf/0x380 [ 167.916533][ T7313] ? find_held_lock+0x2b/0x80 [ 167.916560][ T7313] tomoyo_file_open+0x6b/0x90 [ 167.916579][ T7313] security_file_open+0xb5/0x1e0 [ 167.916595][ T7313] do_dentry_open+0x5aa/0x1660 [ 167.916622][ T7313] vfs_open+0x82/0x3f0 [ 167.916640][ T7313] dentry_open+0x71/0xd0 [ 167.916655][ T7313] ima_calc_file_hash+0x2ad/0x480 [ 167.916678][ T7313] ima_collect_measurement+0x887/0xa40 [ 167.916705][ T7313] ? __pfx_ima_collect_measurement+0x10/0x10 [ 167.916727][ T7313] ? lock_acquire+0x1cf/0x380 [ 167.916753][ T7313] ? process_measurement+0x5ab/0x2350 [ 167.916773][ T7313] ? is_bad_inode+0xd/0x40 [ 167.916790][ T7313] ? xattr_resolve_name+0x27d/0x3f0 [ 167.916813][ T7313] ? vfs_getxattr_alloc+0xec/0x350 [ 167.916837][ T7313] ? ima_get_hash_algo+0x22d/0x400 [ 167.916854][ T7313] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 167.916876][ T7313] ? process_measurement+0xdfe/0x2350 [ 167.916895][ T7313] process_measurement+0xdfe/0x2350 [ 167.916921][ T7313] ? __pfx_process_measurement+0x10/0x10 [ 167.916965][ T7313] ? mutex_init_lockep+0x110/0x150 [ 167.916983][ T7313] ? seq_open+0x116/0x170 [ 167.916999][ T7313] ? inode_to_bdi+0x9e/0x160 [ 167.917021][ T7313] ima_file_check+0xcc/0x120 [ 167.917041][ T7313] ? __pfx_ima_file_check+0x10/0x10 [ 167.917066][ T7313] security_file_post_open+0xc4/0x210 [ 167.917090][ T7313] path_openat+0x1418/0x31a0 [ 167.917121][ T7313] ? __pfx_path_openat+0x10/0x10 [ 167.917149][ T7313] do_file_open+0x20e/0x430 [ 167.917171][ T7313] ? __pfx_do_file_open+0x10/0x10 [ 167.917228][ T7313] ? alloc_fd+0x476/0x790 [ 167.917270][ T7313] ? do_getname+0x191/0x390 [ 167.917291][ T7313] do_sys_openat2+0x10d/0x1e0 [ 167.917307][ T7313] ? __pfx_do_sys_openat2+0x10/0x10 [ 167.917330][ T7313] __x64_sys_openat+0x12d/0x210 [ 167.917346][ T7313] ? __pfx___x64_sys_openat+0x10/0x10 [ 167.917369][ T7313] do_syscall_64+0x106/0xf80 [ 167.917385][ T7313] ? clear_bhb_loop+0x40/0x90 [ 167.917403][ T7313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.917418][ T7313] RIP: 0033:0x7f04b599bf79 [ 167.917439][ T7313] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 167.917454][ T7313] RSP: 002b:00007f04b6916028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 167.917469][ T7313] RAX: ffffffffffffffda RBX: 00007f04b5c15fa0 RCX: 00007f04b599bf79 [ 167.917480][ T7313] RDX: 0000000000020803 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 167.917489][ T7313] RBP: 00007f04b5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 167.917498][ T7313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 167.917507][ T7313] R13: 00007f04b5c16038 R14: 00007f04b5c15fa0 R15: 00007ffd5adecad8 [ 167.917527][ T7313] [ 168.284553][ T7313] ERROR: Out of memory at tomoyo_realpath_from_path. [ 174.429225][ T7451] mkiss: ax0: crc mode is auto. [ 174.442990][ T29] audit: type=1804 audit(1771052875.499:17): pid=7466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.301" name="/newroot/77/file0" dev="tmpfs" ino=426 res=1 errno=0 [ 174.502655][ T29] audit: type=1804 audit(1771052875.559:18): pid=7467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.301" name="/newroot/77/file0" dev="tmpfs" ino=426 res=1 errno=0 [ 178.055574][ T7521] FAULT_INJECTION: forcing a failure. [ 178.055574][ T7521] name failslab, interval 1, probability 0, space 0, times 0 [ 178.094338][ T7521] CPU: 1 UID: 0 PID: 7521 Comm: syz.2.310 Tainted: G L syzkaller #0 PREEMPT(full) [ 178.094385][ T7521] Tainted: [L]=SOFTLOCKUP [ 178.094395][ T7521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 178.094418][ T7521] Call Trace: [ 178.094427][ T7521] [ 178.094441][ T7521] dump_stack_lvl+0x100/0x190 [ 178.094496][ T7521] should_fail_ex.cold+0x5/0xa [ 178.094528][ T7521] should_failslab+0xc2/0x120 [ 178.094572][ T7521] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 178.094610][ T7521] ? __d_alloc+0x34/0xa80 [ 178.094652][ T7521] ? security_inode_alloc+0xcf/0x2c0 [ 178.094698][ T7521] __d_alloc+0x34/0xa80 [ 178.094738][ T7521] ? __ns_ref_active_get+0x9f/0x1b0 [ 178.094775][ T7521] path_from_stashed+0x427/0x750 [ 178.094815][ T7521] ? do_raw_spin_unlock+0x145/0x1e0 [ 178.094860][ T7521] ns_get_path+0x60/0x80 [ 178.094901][ T7521] proc_ns_get_link+0x121/0x230 [ 178.094930][ T7521] ? __pfx_proc_ns_get_link+0x10/0x10 [ 178.094962][ T7521] ? atime_needs_update+0x8b/0x6b0 [ 178.094999][ T7521] pick_link+0xd17/0x13c0 [ 178.095032][ T7521] ? __pfx_proc_ns_get_link+0x10/0x10 [ 178.095066][ T7521] step_into_slowpath+0x9ba/0xf90 [ 178.095116][ T7521] ? __pfx_step_into_slowpath+0x10/0x10 [ 178.095152][ T7521] ? find_held_lock+0x2b/0x80 [ 178.095207][ T7521] path_openat+0xf95/0x31a0 [ 178.095261][ T7521] ? __pfx_path_openat+0x10/0x10 [ 178.095316][ T7521] do_file_open+0x20e/0x430 [ 178.095359][ T7521] ? __pfx_do_file_open+0x10/0x10 [ 178.095427][ T7521] ? alloc_fd+0x476/0x790 [ 178.095469][ T7521] ? do_getname+0x191/0x390 [ 178.095501][ T7521] do_sys_openat2+0x10d/0x1e0 [ 178.095532][ T7521] ? __pfx_do_sys_openat2+0x10/0x10 [ 178.095566][ T7521] ? __fget_files+0x21f/0x3d0 [ 178.095611][ T7521] __x64_sys_openat+0x12d/0x210 [ 178.095643][ T7521] ? __pfx___x64_sys_openat+0x10/0x10 [ 178.095689][ T7521] do_syscall_64+0x106/0xf80 [ 178.095718][ T7521] ? clear_bhb_loop+0x40/0x90 [ 178.095752][ T7521] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.095780][ T7521] RIP: 0033:0x7f19ae15c84e [ 178.095815][ T7521] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 178.095840][ T7521] RSP: 002b:00007f19af105ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 178.095866][ T7521] RAX: ffffffffffffffda RBX: 00007f19af1066c0 RCX: 00007f19ae15c84e [ 178.095883][ T7521] RDX: 0000000000000002 RSI: 00007f19af105f90 RDI: ffffffffffffff9c [ 178.095900][ T7521] RBP: 00007f19ae2327e0 R08: 0000000000000000 R09: 0000000000000000 [ 178.095914][ T7521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 178.095929][ T7521] R13: 00007f19ae416038 R14: 00007f19ae415fa0 R15: 00007ffe1d892c18 [ 178.095963][ T7521] [ 179.800367][ T7546] Console: switching to colour VGA+ 80x25 [ 180.919312][ T7559] HfR: entered promiscuous mode [ 181.054547][ T29] audit: type=1804 audit(1771052882.109:19): pid=7564 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.318" name="/newroot/78/file0" dev="tmpfs" ino=424 res=1 errno=0 [ 181.152753][ T29] audit: type=1804 audit(1771052882.199:20): pid=7561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.318" name="/newroot/78/file0" dev="tmpfs" ino=424 res=1 errno=0 [ 181.809260][ T7569] can: request_module (can-proto-4) failed. [ 185.517485][ T29] audit: type=1800 audit(1771052886.569:21): pid=7634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.339" name="features" dev="configfs" ino=17032 res=0 errno=0 [ 185.557993][ T7634] sd 0:0:1:0: PR command failed: 1026 [ 185.567740][ T7634] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 185.574675][ T7634] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 186.524191][ T7646] HfR: entered promiscuous mode [ 187.325743][ T7666] capability: warning: `syz.2.334' uses 32-bit capabilities (legacy support in use) [ 188.375463][ T7685] mmap: syz.2.342 (7685) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 188.396849][ T7681] netlink: 4 bytes leftover after parsing attributes in process `syz.1.336'. [ 188.433486][ T7681] netlink: 354 bytes leftover after parsing attributes in process `syz.1.336'. [ 189.775300][ T7707] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 190.079235][ T29] audit: type=1804 audit(1771052891.129:22): pid=7713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.348" name="/newroot/91/file0" dev="tmpfs" ino=501 res=1 errno=0 [ 190.114306][ T29] audit: type=1804 audit(1771052891.139:23): pid=7716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.348" name="/newroot/91/file0" dev="tmpfs" ino=501 res=1 errno=0 [ 192.960900][ T5902] Process accounting resumed [ 194.245115][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.251400][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.303520][ T29] audit: type=1804 audit(1771052895.339:24): pid=7791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.363" name="/newroot/95/file0" dev="tmpfs" ino=523 res=1 errno=0 [ 194.338322][ T29] audit: type=1804 audit(1771052895.339:25): pid=7793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.363" name="/newroot/95/file0" dev="tmpfs" ino=523 res=1 errno=0 [ 197.369894][ T5902] Process accounting resumed [ 197.837673][ T29] audit: type=1804 audit(1771052898.889:26): pid=7863 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.377" name="/newroot/91/file0" dev="tmpfs" ino=492 res=1 errno=0 [ 198.045254][ T29] audit: type=1804 audit(1771052899.109:27): pid=7858 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.377" name="/newroot/91/file0" dev="tmpfs" ino=492 res=1 errno=0 [ 198.290136][ T7859] HfR: entered promiscuous mode [ 199.676424][ T7882] can: request_module (can-proto-4) failed. [ 200.658494][ T29] audit: type=1804 audit(1771052901.709:28): pid=7905 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.384" name="/newroot/94/file0" dev="tmpfs" ino=509 res=1 errno=0 [ 200.793325][ T29] audit: type=1804 audit(1771052901.759:29): pid=7906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.384" name="/newroot/94/file0" dev="tmpfs" ino=509 res=1 errno=0 [ 201.658406][ T7924] FAULT_INJECTION: forcing a failure. [ 201.658406][ T7924] name failslab, interval 1, probability 0, space 0, times 0 [ 201.695400][ T7924] CPU: 0 UID: 0 PID: 7924 Comm: syz.3.390 Tainted: G L syzkaller #0 PREEMPT(full) [ 201.695446][ T7924] Tainted: [L]=SOFTLOCKUP [ 201.695456][ T7924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 201.695473][ T7924] Call Trace: [ 201.695481][ T7924] [ 201.695491][ T7924] dump_stack_lvl+0x100/0x190 [ 201.695540][ T7924] should_fail_ex.cold+0x5/0xa [ 201.695573][ T7924] should_failslab+0xc2/0x120 [ 201.695629][ T7924] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 201.695665][ T7924] ? security_inode_alloc+0x3b/0x2c0 [ 201.695706][ T7924] ? lockdep_init_map_type+0x5c/0x250 [ 201.695746][ T7924] security_inode_alloc+0x3b/0x2c0 [ 201.695793][ T7924] inode_init_always_gfp+0xced/0x1040 [ 201.695839][ T7924] alloc_inode+0x8e/0x250 [ 201.695869][ T7924] path_from_stashed+0x25b/0x750 [ 201.695909][ T7924] ? do_raw_spin_unlock+0x145/0x1e0 [ 201.695953][ T7924] ns_get_path+0x60/0x80 [ 201.695993][ T7924] proc_ns_get_link+0x121/0x230 [ 201.696021][ T7924] ? __pfx_proc_ns_get_link+0x10/0x10 [ 201.696053][ T7924] ? atime_needs_update+0x8b/0x6b0 [ 201.696089][ T7924] pick_link+0xd17/0x13c0 [ 201.696121][ T7924] ? __pfx_proc_ns_get_link+0x10/0x10 [ 201.696152][ T7924] step_into_slowpath+0x9ba/0xf90 [ 201.696191][ T7924] ? __pfx_step_into_slowpath+0x10/0x10 [ 201.696225][ T7924] ? find_held_lock+0x2b/0x80 [ 201.696277][ T7924] path_openat+0xf95/0x31a0 [ 201.696329][ T7924] ? __pfx_path_openat+0x10/0x10 [ 201.696382][ T7924] do_file_open+0x20e/0x430 [ 201.696425][ T7924] ? __pfx_do_file_open+0x10/0x10 [ 201.696489][ T7924] ? alloc_fd+0x476/0x790 [ 201.696530][ T7924] ? do_getname+0x191/0x390 [ 201.696562][ T7924] do_sys_openat2+0x10d/0x1e0 [ 201.696607][ T7924] ? __pfx_do_sys_openat2+0x10/0x10 [ 201.696641][ T7924] ? __fget_files+0x21f/0x3d0 [ 201.696688][ T7924] __x64_sys_openat+0x12d/0x210 [ 201.696720][ T7924] ? __pfx___x64_sys_openat+0x10/0x10 [ 201.696765][ T7924] do_syscall_64+0x106/0xf80 [ 201.696794][ T7924] ? clear_bhb_loop+0x40/0x90 [ 201.696828][ T7924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.696857][ T7924] RIP: 0033:0x7f68f095c84e [ 201.696882][ T7924] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 201.696910][ T7924] RSP: 002b:00007f68f189aec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 201.696937][ T7924] RAX: ffffffffffffffda RBX: 00007f68f189b6c0 RCX: 00007f68f095c84e [ 201.696964][ T7924] RDX: 0000000000000002 RSI: 00007f68f189af90 RDI: ffffffffffffff9c [ 201.696982][ T7924] RBP: 00007f68f0a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 201.697004][ T7924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 201.697020][ T7924] R13: 00007f68f0c16038 R14: 00007f68f0c15fa0 R15: 00007ffeec7775c8 [ 201.697056][ T7924] [ 202.085920][ T7928] FAULT_INJECTION: forcing a failure. [ 202.085920][ T7928] name failslab, interval 1, probability 0, space 0, times 0 [ 202.098898][ T7928] CPU: 0 UID: 0 PID: 7928 Comm: syz.1.392 Tainted: G L syzkaller #0 PREEMPT(full) [ 202.098940][ T7928] Tainted: [L]=SOFTLOCKUP [ 202.098950][ T7928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 202.098965][ T7928] Call Trace: [ 202.098974][ T7928] [ 202.098985][ T7928] dump_stack_lvl+0x100/0x190 [ 202.099030][ T7928] should_fail_ex.cold+0x5/0xa [ 202.099061][ T7928] ? sk_prot_alloc+0x10b/0x2a0 [ 202.099095][ T7928] should_failslab+0xc2/0x120 [ 202.099138][ T7928] __kmalloc_noprof+0xe0/0x850 [ 202.099182][ T7928] sk_prot_alloc+0x10b/0x2a0 [ 202.099220][ T7928] sk_alloc+0x36/0xe80 [ 202.099266][ T7928] __netlink_create+0x5e/0x2c0 [ 202.099306][ T7928] ? __wake_up+0x3f/0x60 [ 202.099335][ T7928] netlink_create+0x293/0x610 [ 202.099362][ T7928] ? __pfx_genl_bind+0x10/0x10 [ 202.099394][ T7928] ? __pfx_genl_unbind+0x10/0x10 [ 202.099423][ T7928] ? __pfx_genl_release+0x10/0x10 [ 202.099460][ T7928] __sock_create+0x339/0x860 [ 202.099502][ T7928] __sys_socket+0x14d/0x260 [ 202.099550][ T7928] ? __pfx___sys_socket+0x10/0x10 [ 202.099601][ T7928] __x64_sys_socket+0x72/0xb0 [ 202.099639][ T7928] ? lockdep_hardirqs_on+0x78/0x100 [ 202.099668][ T7928] do_syscall_64+0x106/0xf80 [ 202.099697][ T7928] ? clear_bhb_loop+0x40/0x90 [ 202.099733][ T7928] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.099761][ T7928] RIP: 0033:0x7fb0d7f9bf79 [ 202.099785][ T7928] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 202.099811][ T7928] RSP: 002b:00007fb0d8ea5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 202.099837][ T7928] RAX: ffffffffffffffda RBX: 00007fb0d8215fa0 RCX: 00007fb0d7f9bf79 [ 202.099856][ T7928] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 202.099873][ T7928] RBP: 00007fb0d80327e0 R08: 0000000000000000 R09: 0000000000000000 [ 202.099889][ T7928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 202.099906][ T7928] R13: 00007fb0d8216038 R14: 00007fb0d8215fa0 R15: 00007ffc10f37a18 [ 202.099943][ T7928] [ 202.931524][ T29] audit: type=1804 audit(1771052903.989:30): pid=7947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.396" name="/newroot/95/file0" dev="tmpfs" ino=518 res=1 errno=0 [ 203.145025][ T29] audit: type=1804 audit(1771052904.209:31): pid=7953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.397" name="/newroot/98/file0" dev="tmpfs" ino=531 res=1 errno=0 [ 203.166671][ T29] audit: type=1804 audit(1771052904.229:32): pid=7944 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.396" name="/newroot/95/file0" dev="tmpfs" ino=518 res=1 errno=0 [ 203.192866][ T29] audit: type=1804 audit(1771052904.249:33): pid=7950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.397" name="/newroot/98/file0" dev="tmpfs" ino=531 res=1 errno=0 [ 204.531185][ T7974] FAULT_INJECTION: forcing a failure. [ 204.531185][ T7974] name failslab, interval 1, probability 0, space 0, times 0 [ 204.565608][ T7974] CPU: 1 UID: 0 PID: 7974 Comm: syz.1.404 Tainted: G L syzkaller #0 PREEMPT(full) [ 204.565656][ T7974] Tainted: [L]=SOFTLOCKUP [ 204.565666][ T7974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 204.565682][ T7974] Call Trace: [ 204.565692][ T7974] [ 204.565703][ T7974] dump_stack_lvl+0x100/0x190 [ 204.565750][ T7974] should_fail_ex.cold+0x5/0xa [ 204.565783][ T7974] should_failslab+0xc2/0x120 [ 204.565825][ T7974] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 204.565857][ T7974] ? security_inode_alloc+0x3b/0x2c0 [ 204.565898][ T7974] ? lockdep_init_map_type+0x5c/0x250 [ 204.565939][ T7974] security_inode_alloc+0x3b/0x2c0 [ 204.565982][ T7974] inode_init_always_gfp+0xced/0x1040 [ 204.566028][ T7974] alloc_inode+0x8e/0x250 [ 204.566058][ T7974] path_from_stashed+0x25b/0x750 [ 204.566097][ T7974] ? do_raw_spin_unlock+0x145/0x1e0 [ 204.566142][ T7974] ns_get_path+0x60/0x80 [ 204.566182][ T7974] proc_ns_get_link+0x121/0x230 [ 204.566210][ T7974] ? __pfx_proc_ns_get_link+0x10/0x10 [ 204.566243][ T7974] ? atime_needs_update+0x8b/0x6b0 [ 204.566280][ T7974] pick_link+0xd17/0x13c0 [ 204.566313][ T7974] ? __pfx_proc_ns_get_link+0x10/0x10 [ 204.566346][ T7974] step_into_slowpath+0x9ba/0xf90 [ 204.566389][ T7974] ? __pfx_step_into_slowpath+0x10/0x10 [ 204.566424][ T7974] ? find_held_lock+0x2b/0x80 [ 204.566477][ T7974] path_openat+0xf95/0x31a0 [ 204.566529][ T7974] ? __pfx_path_openat+0x10/0x10 [ 204.566597][ T7974] do_file_open+0x20e/0x430 [ 204.566640][ T7974] ? __pfx_do_file_open+0x10/0x10 [ 204.566707][ T7974] ? alloc_fd+0x476/0x790 [ 204.566748][ T7974] ? do_getname+0x191/0x390 [ 204.566780][ T7974] do_sys_openat2+0x10d/0x1e0 [ 204.566810][ T7974] ? __pfx_do_sys_openat2+0x10/0x10 [ 204.566844][ T7974] ? __fget_files+0x21f/0x3d0 [ 204.566888][ T7974] __x64_sys_openat+0x12d/0x210 [ 204.566920][ T7974] ? __pfx___x64_sys_openat+0x10/0x10 [ 204.566965][ T7974] do_syscall_64+0x106/0xf80 [ 204.566994][ T7974] ? clear_bhb_loop+0x40/0x90 [ 204.567030][ T7974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.567059][ T7974] RIP: 0033:0x7fb0d7f5c84e [ 204.567083][ T7974] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 204.567110][ T7974] RSP: 002b:00007fb0d8ea4ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 204.567137][ T7974] RAX: ffffffffffffffda RBX: 00007fb0d8ea56c0 RCX: 00007fb0d7f5c84e [ 204.567156][ T7974] RDX: 0000000000000002 RSI: 00007fb0d8ea4f90 RDI: ffffffffffffff9c [ 204.567174][ T7974] RBP: 00007fb0d80327e0 R08: 0000000000000000 R09: 0000000000000000 [ 204.567191][ T7974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 204.567207][ T7974] R13: 00007fb0d8216038 R14: 00007fb0d8215fa0 R15: 00007ffc10f37a18 [ 204.567245][ T7974] [ 205.850493][ T8000] FAULT_INJECTION: forcing a failure. [ 205.850493][ T8000] name failslab, interval 1, probability 0, space 0, times 0 [ 205.894712][ T8000] CPU: 0 UID: 0 PID: 8000 Comm: syz.2.411 Tainted: G L syzkaller #0 PREEMPT(full) [ 205.894757][ T8000] Tainted: [L]=SOFTLOCKUP [ 205.894770][ T8000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 205.894785][ T8000] Call Trace: [ 205.894793][ T8000] [ 205.894804][ T8000] dump_stack_lvl+0x100/0x190 [ 205.894849][ T8000] should_fail_ex.cold+0x5/0xa [ 205.894881][ T8000] should_failslab+0xc2/0x120 [ 205.894923][ T8000] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 205.894959][ T8000] ? seq_open+0x55/0x170 [ 205.894991][ T8000] ? __pfx_snd_info_seq_show+0x10/0x10 [ 205.895029][ T8000] seq_open+0x55/0x170 [ 205.895057][ T8000] ? __pfx_snd_info_seq_show+0x10/0x10 [ 205.895092][ T8000] single_open+0xfc/0x1d0 [ 205.895124][ T8000] snd_info_text_entry_open+0x284/0x2f0 [ 205.895163][ T8000] ? trace_kmem_cache_alloc+0xf3/0x120 [ 205.895201][ T8000] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 205.895248][ T8000] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 205.895279][ T8000] ? proc_reg_open+0x23f/0x5f0 [ 205.895311][ T8000] ? __pfx_snd_info_text_entry_open+0x10/0x10 [ 205.895350][ T8000] proc_reg_open+0x2ab/0x5f0 [ 205.895382][ T8000] do_dentry_open+0x6d8/0x1660 [ 205.895417][ T8000] ? __pfx_proc_reg_open+0x10/0x10 [ 205.895444][ T8000] vfs_open+0x82/0x3f0 [ 205.895462][ T8000] path_openat+0x208c/0x31a0 [ 205.895489][ T8000] ? __pfx_path_openat+0x10/0x10 [ 205.895516][ T8000] do_file_open+0x20e/0x430 [ 205.895538][ T8000] ? __pfx_do_file_open+0x10/0x10 [ 205.895572][ T8000] ? alloc_fd+0x476/0x790 [ 205.895594][ T8000] ? do_getname+0x191/0x390 [ 205.895610][ T8000] do_sys_openat2+0x10d/0x1e0 [ 205.895626][ T8000] ? __pfx_do_sys_openat2+0x10/0x10 [ 205.895643][ T8000] ? __sys_sendmsg+0x18f/0x220 [ 205.895662][ T8000] __x64_sys_openat+0x12d/0x210 [ 205.895678][ T8000] ? __pfx___x64_sys_openat+0x10/0x10 [ 205.895701][ T8000] do_syscall_64+0x106/0xf80 [ 205.895716][ T8000] ? clear_bhb_loop+0x40/0x90 [ 205.895734][ T8000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.895748][ T8000] RIP: 0033:0x7f19ae19bf79 [ 205.895763][ T8000] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 205.895777][ T8000] RSP: 002b:00007f19af106028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 205.895797][ T8000] RAX: ffffffffffffffda RBX: 00007f19ae415fa0 RCX: 00007f19ae19bf79 [ 205.895807][ T8000] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 205.895816][ T8000] RBP: 00007f19ae2327e0 R08: 0000000000000000 R09: 0000000000000000 [ 205.895825][ T8000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 205.895833][ T8000] R13: 00007f19ae416038 R14: 00007f19ae415fa0 R15: 00007ffe1d892c18 [ 205.895853][ T8000] [ 207.818391][ T8032] FAULT_INJECTION: forcing a failure. [ 207.818391][ T8032] name failslab, interval 1, probability 0, space 0, times 0 [ 207.887096][ T8032] CPU: 1 UID: 0 PID: 8032 Comm: syz.2.418 Tainted: G L syzkaller #0 PREEMPT(full) [ 207.887144][ T8032] Tainted: [L]=SOFTLOCKUP [ 207.887160][ T8032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 207.887176][ T8032] Call Trace: [ 207.887186][ T8032] [ 207.887197][ T8032] dump_stack_lvl+0x100/0x190 [ 207.887244][ T8032] should_fail_ex.cold+0x5/0xa [ 207.887279][ T8032] should_failslab+0xc2/0x120 [ 207.887320][ T8032] __kmalloc_node_noprof+0xe6/0x850 [ 207.887356][ T8032] ? alloc_slab_obj_exts+0x4e/0x1c0 [ 207.887394][ T8032] alloc_slab_obj_exts+0x4e/0x1c0 [ 207.887426][ T8032] __memcg_slab_post_alloc_hook+0x24a/0x9a0 [ 207.887477][ T8032] ? kasan_save_track+0x14/0x30 [ 207.887516][ T8032] kmem_cache_alloc_noprof+0x58a/0x6e0 [ 207.887551][ T8032] ? do_epoll_ctl+0x2434/0x36a0 [ 207.887599][ T8032] do_epoll_ctl+0x2434/0x36a0 [ 207.887653][ T8032] ? __pfx_do_epoll_ctl+0x10/0x10 [ 207.887691][ T8032] ? find_held_lock+0x2b/0x80 [ 207.887731][ T8032] ? __might_fault+0xc5/0x140 [ 207.887763][ T8032] ? __might_fault+0xc5/0x140 [ 207.887810][ T8032] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 207.887849][ T8032] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 207.887891][ T8032] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 207.887942][ T8032] do_syscall_64+0x106/0xf80 [ 207.887971][ T8032] ? clear_bhb_loop+0x40/0x90 [ 207.888007][ T8032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.888036][ T8032] RIP: 0033:0x7f19ae19bf79 [ 207.888061][ T8032] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 207.888092][ T8032] RSP: 002b:00007f19af0e5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 207.888120][ T8032] RAX: ffffffffffffffda RBX: 00007f19ae416090 RCX: 00007f19ae19bf79 [ 207.888139][ T8032] RDX: 0000000000000011 RSI: 0000000000000001 RDI: 0000000000000012 [ 207.888161][ T8032] RBP: 00007f19ae2327e0 R08: 0000000000000000 R09: 0000000000000000 [ 207.888178][ T8032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 207.888195][ T8032] R13: 00007f19ae416128 R14: 00007f19ae416090 R15: 00007ffe1d892c18 [ 207.888234][ T8032] [ 208.500932][ T8043] random: crng reseeded on system resumption [ 208.696936][ T8045] FAULT_INJECTION: forcing a failure. [ 208.696936][ T8045] name failslab, interval 1, probability 0, space 0, times 0 [ 208.749411][ T8045] CPU: 1 UID: 0 PID: 8045 Comm: syz.2.423 Tainted: G L syzkaller #0 PREEMPT(full) [ 208.749456][ T8045] Tainted: [L]=SOFTLOCKUP [ 208.749466][ T8045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 208.749481][ T8045] Call Trace: [ 208.749490][ T8045] [ 208.749501][ T8045] dump_stack_lvl+0x100/0x190 [ 208.749546][ T8045] should_fail_ex.cold+0x5/0xa [ 208.749567][ T8045] should_failslab+0xc2/0x120 [ 208.749589][ T8045] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 208.749609][ T8045] ? shmem_alloc_inode+0x25/0x50 [ 208.749633][ T8045] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 208.749656][ T8045] shmem_alloc_inode+0x25/0x50 [ 208.749677][ T8045] alloc_inode+0x68/0x250 [ 208.749693][ T8045] new_inode+0x22/0x1c0 [ 208.749710][ T8045] shmem_get_inode+0x197/0xf30 [ 208.749733][ T8045] shmem_mknod+0x1a2/0x3b0 [ 208.749764][ T8045] vfs_mknod+0x3a5/0x7f0 [ 208.749803][ T8045] filename_mknodat+0x5aa/0x7f0 [ 208.749843][ T8045] ? __pfx_filename_mknodat+0x10/0x10 [ 208.749866][ T8045] ? strncpy_from_user+0x19d/0x2d0 [ 208.749892][ T8045] ? do_getname+0x191/0x390 [ 208.749908][ T8045] __x64_sys_mknod+0x8f/0xc0 [ 208.749930][ T8045] do_syscall_64+0x106/0xf80 [ 208.749945][ T8045] ? clear_bhb_loop+0x40/0x90 [ 208.749963][ T8045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.749978][ T8045] RIP: 0033:0x7f19ae19bf79 [ 208.749992][ T8045] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 208.750006][ T8045] RSP: 002b:00007f19af106028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 208.750020][ T8045] RAX: ffffffffffffffda RBX: 00007f19ae415fa0 RCX: 00007f19ae19bf79 [ 208.750030][ T8045] RDX: 0000000000000009 RSI: 0000000000001081 RDI: 0000200000000580 [ 208.750038][ T8045] RBP: 00007f19ae2327e0 R08: 0000000000000000 R09: 0000000000000000 [ 208.750047][ T8045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 208.750055][ T8045] R13: 00007f19ae416038 R14: 00007f19ae415fa0 R15: 00007ffe1d892c18 [ 208.750074][ T8045] [ 209.378729][ T8049] FAULT_INJECTION: forcing a failure. [ 209.378729][ T8049] name failslab, interval 1, probability 0, space 0, times 0 [ 209.415209][ T8049] CPU: 1 UID: 0 PID: 8049 Comm: syz.2.423 Tainted: G L syzkaller #0 PREEMPT(full) [ 209.415235][ T8049] Tainted: [L]=SOFTLOCKUP [ 209.415241][ T8049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 209.415249][ T8049] Call Trace: [ 209.415254][ T8049] [ 209.415260][ T8049] dump_stack_lvl+0x100/0x190 [ 209.415287][ T8049] should_fail_ex.cold+0x5/0xa [ 209.415305][ T8049] ? kobject_get_path+0xcf/0x2c0 [ 209.415323][ T8049] should_failslab+0xc2/0x120 [ 209.415344][ T8049] __kmalloc_noprof+0xe0/0x850 [ 209.415367][ T8049] kobject_get_path+0xcf/0x2c0 [ 209.415388][ T8049] kobject_uevent_env+0x287/0x18b0 [ 209.415415][ T8049] nfs_netns_sysfs_setup+0x173/0x200 [ 209.415431][ T8049] nfs_net_init+0x10a/0x340 [ 209.415445][ T8049] ? __pfx_nfs_net_init+0x10/0x10 [ 209.415458][ T8049] ops_init+0x1e2/0x5f0 [ 209.415477][ T8049] setup_net+0x118/0x3a0 [ 209.415493][ T8049] ? __pfx_setup_net+0x10/0x10 [ 209.415507][ T8049] ? lockdep_init_map_type+0x5c/0x250 [ 209.415526][ T8049] ? mutex_init_lockep+0x110/0x150 [ 209.415547][ T8049] copy_net_ns+0x46f/0x7c0 [ 209.415566][ T8049] create_new_namespaces+0x3ea/0xac0 [ 209.415593][ T8049] copy_namespaces+0x468/0x5e0 [ 209.415608][ T8049] copy_process+0x3226/0x7a10 [ 209.415634][ T8049] ? __pfx_copy_process+0x10/0x10 [ 209.415659][ T8049] kernel_clone+0xfc/0x9a0 [ 209.415674][ T8049] ? __pfx_futex_wait+0x10/0x10 [ 209.415693][ T8049] ? __schedule+0x1000/0x60e0 [ 209.415707][ T8049] ? __pfx_kernel_clone+0x10/0x10 [ 209.415734][ T8049] __do_sys_clone+0xd9/0x120 [ 209.415750][ T8049] ? __pfx___do_sys_clone+0x10/0x10 [ 209.415796][ T8049] do_syscall_64+0x106/0xf80 [ 209.415812][ T8049] ? clear_bhb_loop+0x40/0x90 [ 209.415832][ T8049] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.415847][ T8049] RIP: 0033:0x7f19ae19bf79 [ 209.415860][ T8049] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 209.415874][ T8049] RSP: 002b:00007f19af0e4fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 209.415888][ T8049] RAX: ffffffffffffffda RBX: 00007f19ae416090 RCX: 00007f19ae19bf79 [ 209.415898][ T8049] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211 [ 209.415906][ T8049] RBP: 00007f19ae2327e0 R08: 0000000000000000 R09: 0000000000000000 [ 209.415915][ T8049] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 209.415923][ T8049] R13: 00007f19ae416128 R14: 00007f19ae416090 R15: 00007ffe1d892c18 [ 209.415942][ T8049] [ 211.694600][ T8121] ubi0: attaching mtd0 [ 211.701907][ T8121] ubi0: scanning is finished [ 211.739556][ T8121] ubi0: empty MTD device detected [ 212.248861][ T8121] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 212.314424][ T8121] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 212.324676][ T8121] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 212.574234][ T8121] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 212.628407][ T8121] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 212.714277][ T8121] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 212.745091][ T8121] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 594632812 [ 212.774331][ T8121] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 212.824216][ T8144] ubi0: background thread "ubi_bgt0d" started, PID 8144 [ 213.192731][ T8162] netlink: 28 bytes leftover after parsing attributes in process `syz.3.446'. [ 221.110281][ T8338] netlink: 8 bytes leftover after parsing attributes in process `syz.2.471'. [ 221.189201][ T8341] openvswitch: HfR: Dropping previously announced user features [ 221.368333][ T8347] ubi0: detaching mtd0 [ 221.484726][ T8347] ubi0: mtd0 is detached [ 223.439761][ T8388] [U] [ 223.442689][ T8388] [U] [ 223.445369][ T8388] [U] [ 223.448064][ T8388] [U] [ 223.450757][ T8388] [U] [ 223.562860][ T8388] [U] [ 223.565566][ T8388] [U] [ 223.568239][ T8388] [U] [ 223.570910][ T8388] [U] [ 223.679854][ T8388] [U] [ 223.682586][ T8388] [U] [ 223.685295][ T8388] [U] [ 223.688010][ T8388] [U] [ 223.700052][ T8394] netlink: 'syz.2.482': attribute type 11 has an invalid length. [ 223.708427][ T8388] [U] [ 223.711159][ T8388] [U] [ 223.713876][ T8388] [U] [ 223.716597][ T8388] [U] [ 223.761110][ T8394] netlink: 236 bytes leftover after parsing attributes in process `syz.2.482'. [ 223.806795][ T8388] [U] [ 223.809516][ T8388] [U] [ 223.812191][ T8388] [U] [ 223.814858][ T8388] [U] [ 223.872248][ T8388] [U] [ 223.874964][ T8388] [U] [ 223.877636][ T8388] [U] [ 223.880307][ T8388] [U] [ 224.023016][ T8388] [U] [ 224.856507][ T8417] input: f as /devices/virtual/input/input10 [ 224.929561][ T8417] zram: Removed device: zram0 [ 227.567017][ T8476] input: jJǸ-9%vJ86 as /devices/virtual/input/input11 [ 228.093649][ T8486] input: jJǸ-9%vJ86 as /devices/virtual/input/input12 [ 236.625068][ T8630] FAULT_INJECTION: forcing a failure. [ 236.625068][ T8630] name failslab, interval 1, probability 0, space 0, times 0 [ 236.678634][ T8630] CPU: 0 UID: 0 PID: 8630 Comm: syz.3.532 Tainted: G L syzkaller #0 PREEMPT(full) [ 236.678678][ T8630] Tainted: [L]=SOFTLOCKUP [ 236.678688][ T8630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 236.678720][ T8630] Call Trace: [ 236.678728][ T8630] [ 236.678739][ T8630] dump_stack_lvl+0x100/0x190 [ 236.678788][ T8630] should_fail_ex.cold+0x5/0xa [ 236.678820][ T8630] should_failslab+0xc2/0x120 [ 236.678869][ T8630] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 236.678905][ T8630] ? posix_lock_inode+0x5b2/0x2440 [ 236.678940][ T8630] ? lockdep_init_map_type+0x5c/0x250 [ 236.678982][ T8630] posix_lock_inode+0x5b2/0x2440 [ 236.679035][ T8630] ? __pfx_posix_lock_inode+0x10/0x10 [ 236.679074][ T8630] ? common_file_perm+0x1ab/0x4f0 [ 236.679106][ T8630] vfs_lock_file+0xfb/0x150 [ 236.679143][ T8630] fcntl_setlk+0x782/0xe40 [ 236.679185][ T8630] ? __pfx_fcntl_setlk+0x10/0x10 [ 236.679228][ T8630] ? __might_fault+0xc5/0x140 [ 236.679260][ T8630] ? __might_fault+0xc5/0x140 [ 236.679308][ T8630] do_fcntl+0xf39/0x1670 [ 236.679339][ T8630] ? __pfx_do_fcntl+0x10/0x10 [ 236.679366][ T8630] ? __fget_files+0x215/0x3d0 [ 236.679412][ T8630] ? tomoyo_file_fcntl+0x6c/0xc0 [ 236.679452][ T8630] __x64_sys_fcntl+0x163/0x200 [ 236.679486][ T8630] do_syscall_64+0x106/0xf80 [ 236.679516][ T8630] ? clear_bhb_loop+0x40/0x90 [ 236.679552][ T8630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.679580][ T8630] RIP: 0033:0x7f68f099bf79 [ 236.679605][ T8630] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 236.679631][ T8630] RSP: 002b:00007f68f189b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 236.679658][ T8630] RAX: ffffffffffffffda RBX: 00007f68f0c15fa0 RCX: 00007f68f099bf79 [ 236.679675][ T8630] RDX: 0000000000001298 RSI: 0000000000000026 RDI: 0000000000000003 [ 236.679690][ T8630] RBP: 00007f68f0a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 236.679704][ T8630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 236.679718][ T8630] R13: 00007f68f0c16038 R14: 00007f68f0c15fa0 R15: 00007ffeec7775c8 [ 236.679753][ T8630] [ 239.788108][ T8675] netlink: 8 bytes leftover after parsing attributes in process `syz.3.542'. [ 240.843183][ T8688] block nbd2: not configured, cannot reconfigure [ 243.486022][ T8743] input: f as /devices/virtual/input/input14 [ 248.627142][ T50] Bluetooth: hci1: unexpected event 0x04 length: 43 > 10 [ 248.627448][ T50] Bluetooth: hci1: connection err: -111 [ 249.406955][ T8857] alloc_netdev: Unable to allocate device with zero queues [ 252.784880][ T8899] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 252.814770][ T8899] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 253.029107][ T8899] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 253.036254][ T8899] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 253.590552][ T8923] zswap: compressor not available [ 253.706947][ T8857] netdevsim netdevsim100: probe with driver netdevsim failed with error -12 [ 254.045487][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 254.052290][ T8936] FAULT_INJECTION: forcing a failure. [ 254.052290][ T8936] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 254.159369][ T8936] CPU: 0 UID: 0 PID: 8936 Comm: syz.0.602 Tainted: G L syzkaller #0 PREEMPT(full) [ 254.159395][ T8936] Tainted: [L]=SOFTLOCKUP [ 254.159404][ T8936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 254.159417][ T8936] Call Trace: [ 254.159423][ T8936] [ 254.159429][ T8936] dump_stack_lvl+0x100/0x190 [ 254.159455][ T8936] should_fail_ex.cold+0x5/0xa [ 254.159470][ T8936] ? prepare_alloc_pages+0x16d/0x5f0 [ 254.159495][ T8936] should_fail_alloc_page+0xeb/0x140 [ 254.159517][ T8936] prepare_alloc_pages+0x1f0/0x5f0 [ 254.159544][ T8936] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 254.159571][ T8936] ? find_held_lock+0x2b/0x80 [ 254.159592][ T8936] ? is_bpf_text_address+0x8a/0x1a0 [ 254.159612][ T8936] ? is_bpf_text_address+0x8a/0x1a0 [ 254.159631][ T8936] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 254.159651][ T8936] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 254.159676][ T8936] ? is_bpf_text_address+0x94/0x1a0 [ 254.159695][ T8936] ? kernel_text_address+0x8d/0x100 [ 254.159715][ T8936] ? __kernel_text_address+0xd/0x30 [ 254.159734][ T8936] ? unwind_get_return_address+0x59/0xa0 [ 254.159757][ T8936] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 254.159779][ T8936] ? policy_nodemask+0xed/0x4f0 [ 254.159802][ T8936] alloc_pages_mpol+0x1fb/0x550 [ 254.159824][ T8936] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 254.159845][ T8936] ? kasan_save_stack+0x30/0x50 [ 254.159863][ T8936] ? kasan_save_track+0x14/0x30 [ 254.159880][ T8936] ? __kasan_kmalloc+0xaa/0xb0 [ 254.159897][ T8936] ? __get_vm_area_node+0x101/0x330 [ 254.159918][ T8936] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 254.159936][ T8936] alloc_pages_noprof+0x131/0x390 [ 254.159962][ T8936] get_free_pages_noprof+0x10/0xb0 [ 254.159982][ T8936] __kasan_populate_vmalloc+0xa0/0x210 [ 254.160005][ T8936] alloc_vmap_area+0x95d/0x2bd0 [ 254.160034][ T8936] ? __pfx_alloc_vmap_area+0x10/0x10 [ 254.160061][ T8936] __get_vm_area_node+0x1ca/0x330 [ 254.160087][ T8936] __vmalloc_node_range_noprof+0x213/0x1530 [ 254.160103][ T8936] ? n_tty_open+0x1a/0x170 [ 254.160124][ T8936] ? look_up_lock_class+0x64/0x120 [ 254.160143][ T8936] ? n_tty_open+0x1a/0x170 [ 254.160169][ T8936] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 254.160184][ T8936] ? __ldsem_down_write_nested+0xfd/0x830 [ 254.160212][ T8936] ? __ldsem_down_write_nested+0x10e/0x830 [ 254.160232][ T8936] ? is_console_locked+0x9/0x20 [ 254.160253][ T8936] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 254.160282][ T8936] ? n_tty_open+0x1a/0x170 [ 254.160315][ T8936] __vmalloc_node_noprof+0xad/0xf0 [ 254.160342][ T8936] ? n_tty_open+0x1a/0x170 [ 254.160379][ T8936] ? __pfx_n_tty_open+0x10/0x10 [ 254.160403][ T8936] n_tty_open+0x1a/0x170 [ 254.160424][ T8936] tty_ldisc_open+0xa2/0x120 [ 254.160440][ T8936] tty_ldisc_setup+0x40/0xf0 [ 254.160457][ T8936] tty_init_dev.part.0+0x1b5/0x470 [ 254.160479][ T8936] tty_open+0xa63/0xfa0 [ 254.160501][ T8936] ? __pfx_tty_open+0x10/0x10 [ 254.160518][ T8936] ? chrdev_open+0x10b/0x6a0 [ 254.160538][ T8936] ? chrdev_open+0x10b/0x6a0 [ 254.160561][ T8936] ? __pfx_tty_open+0x10/0x10 [ 254.160579][ T8936] chrdev_open+0x234/0x6a0 [ 254.160599][ T8936] ? __pfx_apparmor_file_open+0x10/0x10 [ 254.160620][ T8936] ? __pfx_chrdev_open+0x10/0x10 [ 254.160642][ T8936] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 254.160667][ T8936] do_dentry_open+0x6d8/0x1660 [ 254.160687][ T8936] ? __pfx_chrdev_open+0x10/0x10 [ 254.160713][ T8936] vfs_open+0x82/0x3f0 [ 254.160730][ T8936] path_openat+0x208c/0x31a0 [ 254.160757][ T8936] ? __pfx_path_openat+0x10/0x10 [ 254.160785][ T8936] do_file_open+0x20e/0x430 [ 254.160807][ T8936] ? __pfx_do_file_open+0x10/0x10 [ 254.160842][ T8936] ? alloc_fd+0x476/0x790 [ 254.160864][ T8936] ? do_getname+0x191/0x390 [ 254.160880][ T8936] do_sys_openat2+0x10d/0x1e0 [ 254.160895][ T8936] ? __pfx_do_sys_openat2+0x10/0x10 [ 254.160919][ T8936] __x64_sys_openat+0x12d/0x210 [ 254.160935][ T8936] ? __pfx___x64_sys_openat+0x10/0x10 [ 254.160961][ T8936] do_syscall_64+0x106/0xf80 [ 254.160976][ T8936] ? clear_bhb_loop+0x40/0x90 [ 254.160994][ T8936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.161009][ T8936] RIP: 0033:0x7f04b599bf79 [ 254.161023][ T8936] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 254.161037][ T8936] RSP: 002b:00007f04b6916028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 254.161058][ T8936] RAX: ffffffffffffffda RBX: 00007f04b5c15fa0 RCX: 00007f04b599bf79 [ 254.161068][ T8936] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 254.161077][ T8936] RBP: 00007f04b5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 254.161086][ T8936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 254.161094][ T8936] R13: 00007f04b5c16038 R14: 00007f04b5c15fa0 R15: 00007ffd5adecad8 [ 254.161115][ T8936] [ 254.315308][ T8936] syz.0.602: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 254.720152][ T8936] CPU: 1 UID: 0 PID: 8936 Comm: syz.0.602 Tainted: G L syzkaller #0 PREEMPT(full) [ 254.720192][ T8936] Tainted: [L]=SOFTLOCKUP [ 254.720202][ T8936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 254.720216][ T8936] Call Trace: [ 254.720225][ T8936] [ 254.720235][ T8936] dump_stack_lvl+0x100/0x190 [ 254.720288][ T8936] warn_alloc.cold+0x95/0x1c1 [ 254.720333][ T8936] ? __pfx_warn_alloc+0x10/0x10 [ 254.720365][ T8936] ? lockdep_hardirqs_on+0x78/0x100 [ 254.720400][ T8936] ? __get_vm_area_node+0x2c5/0x330 [ 254.720451][ T8936] ? __get_vm_area_node+0x208/0x330 [ 254.720500][ T8936] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 254.720532][ T8936] ? look_up_lock_class+0x64/0x120 [ 254.720567][ T8936] ? n_tty_open+0x1a/0x170 [ 254.720612][ T8936] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 254.720642][ T8936] ? __ldsem_down_write_nested+0xfd/0x830 [ 254.720680][ T8936] ? __ldsem_down_write_nested+0x10e/0x830 [ 254.720725][ T8936] ? is_console_locked+0x9/0x20 [ 254.720760][ T8936] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 254.720801][ T8936] ? n_tty_open+0x1a/0x170 [ 254.720835][ T8936] __vmalloc_node_noprof+0xad/0xf0 [ 254.720864][ T8936] ? n_tty_open+0x1a/0x170 [ 254.720904][ T8936] ? __pfx_n_tty_open+0x10/0x10 [ 254.720943][ T8936] n_tty_open+0x1a/0x170 [ 254.720983][ T8936] tty_ldisc_open+0xa2/0x120 [ 254.721013][ T8936] tty_ldisc_setup+0x40/0xf0 [ 254.721046][ T8936] tty_init_dev.part.0+0x1b5/0x470 [ 254.721087][ T8936] tty_open+0xa63/0xfa0 [ 254.721130][ T8936] ? __pfx_tty_open+0x10/0x10 [ 254.721163][ T8936] ? chrdev_open+0x10b/0x6a0 [ 254.721202][ T8936] ? chrdev_open+0x10b/0x6a0 [ 254.721247][ T8936] ? __pfx_tty_open+0x10/0x10 [ 254.721290][ T8936] chrdev_open+0x234/0x6a0 [ 254.721328][ T8936] ? __pfx_apparmor_file_open+0x10/0x10 [ 254.721368][ T8936] ? __pfx_chrdev_open+0x10/0x10 [ 254.721410][ T8936] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 254.721459][ T8936] do_dentry_open+0x6d8/0x1660 [ 254.721497][ T8936] ? __pfx_chrdev_open+0x10/0x10 [ 254.721546][ T8936] vfs_open+0x82/0x3f0 [ 254.721580][ T8936] path_openat+0x208c/0x31a0 [ 254.721634][ T8936] ? __pfx_path_openat+0x10/0x10 [ 254.721689][ T8936] do_file_open+0x20e/0x430 [ 254.721732][ T8936] ? __pfx_do_file_open+0x10/0x10 [ 254.721801][ T8936] ? alloc_fd+0x476/0x790 [ 254.721844][ T8936] ? do_getname+0x191/0x390 [ 254.721876][ T8936] do_sys_openat2+0x10d/0x1e0 [ 254.721906][ T8936] ? __pfx_do_sys_openat2+0x10/0x10 [ 254.721952][ T8936] __x64_sys_openat+0x12d/0x210 [ 254.721983][ T8936] ? __pfx___x64_sys_openat+0x10/0x10 [ 254.722029][ T8936] do_syscall_64+0x106/0xf80 [ 254.722058][ T8936] ? clear_bhb_loop+0x40/0x90 [ 254.722093][ T8936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.722121][ T8936] RIP: 0033:0x7f04b599bf79 [ 254.722145][ T8936] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 254.722171][ T8936] RSP: 002b:00007f04b6916028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 254.722197][ T8936] RAX: ffffffffffffffda RBX: 00007f04b5c15fa0 RCX: 00007f04b599bf79 [ 254.722216][ T8936] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 254.722234][ T8936] RBP: 00007f04b5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 254.722250][ T8936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 254.722272][ T8936] R13: 00007f04b5c16038 R14: 00007f04b5c15fa0 R15: 00007ffd5adecad8 [ 254.722312][ T8936] [ 254.722334][ T8936] Mem-Info: [ 254.932270][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 254.938357][ T8936] active_anon:32721 inactive_anon:0 isolated_anon:0 [ 254.938357][ T8936] active_file:15202 inactive_file:41513 isolated_file:0 [ 254.938357][ T8936] unevictable:768 dirty:876 writeback:0 [ 254.938357][ T8936] slab_reclaimable:11516 slab_unreclaimable:92271 [ 254.938357][ T8936] mapped:37918 shmem:23682 pagetables:1252 [ 254.938357][ T8936] sec_pagetables:0 bounce:0 [ 254.938357][ T8936] kernel_misc_reclaimable:0 [ 254.938357][ T8936] free:1290957 free_pcp:19895 free_cma:0 [ 255.044280][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 255.137300][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 255.184302][ T8936] Node 0 active_anon:132812kB inactive_anon:0kB active_file:60808kB inactive_file:165872kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:145388kB dirty:3500kB writeback:0kB shmem:94992kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:18432kB kernel_stack:11472kB pagetables:4632kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 255.253277][ T8936] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:180kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:176kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 255.324306][ T8936] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 255.432544][ T8936] lowmem_reserve[]: 0 2478 2479 2479 2479 [ 255.454296][ T8936] Node 0 DMA32 free:1205764kB boost:0kB min:34308kB low:42884kB high:51460kB reserved_highatomic:0KB free_highatomic:0KB active_anon:119588kB inactive_anon:0kB active_file:60808kB inactive_file:165872kB unevictable:1536kB writepending:3500kB zspages:0kB present:3129332kB managed:2537656kB mlocked:0kB bounce:0kB free_pcp:86776kB local_pcp:42984kB free_cma:0kB [ 255.526655][ T8936] lowmem_reserve[]: 0 0 1 1 1 [ 255.541939][ T8936] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1068kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 255.612761][ T8936] lowmem_reserve[]: 0 0 0 0 0 [ 255.622875][ T8936] Node 1 Normal free:3925148kB boost:0kB min:55580kB low:69472kB high:83364kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:180kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:11308kB local_pcp:5584kB free_cma:0kB [ 255.685279][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.691568][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.705086][ T8936] lowmem_reserve[]: 0 0 0 0 0 [ 255.709986][ T8936] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 255.723877][ T8936] Node 0 DMA32: 664*4kB (UE) 834*8kB (UE) 444*16kB (UE) 4*32kB (UM) 14*64kB (UE) 51*128kB (UME) 322*256kB (UME) 173*512kB (UME) 99*1024kB (UME) 2*2048kB (U) 218*4096kB (UM) = 1193392kB [ 255.765880][ T8936] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 255.816032][ T8936] Node 1 Normal: 9*4kB (UME) 16*8kB (UME) 12*16kB (UME) 9*32kB (UME) 16*64kB (UME) 11*128kB (UME) 5*256kB (UM) 6*512kB (UME) 4*1024kB (UM) 1*2048kB (E) 955*4096kB (UM) = 3925252kB [ 255.850671][ T8936] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 255.876360][ T8936] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 255.901309][ T8936] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 255.965216][ T8936] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 255.981070][ T8936] 77092 total pagecache pages [ 255.987141][ T8936] 26 pages in swap cache [ 255.994301][ T8936] Free swap = 124836kB [ 255.998678][ T8936] Total swap = 124996kB [ 256.002843][ T8936] 2097051 pages RAM [ 256.018300][ T8936] 0 pages HighMem/MovableOnly [ 256.028140][ T8936] 430755 pages reserved [ 256.032319][ T8936] 0 pages cma reserved [ 256.051050][ T8936] tty tty6: ldisc open failed (-12), clearing slot 5 [ 259.640481][ T9026] ptp ptp0: new virtual clock ptp1 [ 259.679072][ T9026] ptp ptp0: new virtual clock ptp2 [ 259.709525][ T9026] ptp ptp0: new virtual clock ptp3 [ 259.737193][ T9026] ptp ptp0: guarantee physical clock free running [ 259.987856][ T9024] binder: 9023:9024 ioctl c018620c 0 returned -1 [ 262.349365][ T29] audit: type=1800 audit(1771052963.409:34): pid=9054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.630" name="features" dev="configfs" ino=25096 res=0 errno=0 [ 265.065434][ T5833] Bluetooth: hci2: unexpected event 0x04 length: 43 > 10 [ 265.065487][ T5833] Bluetooth: hci2: connection err: -111 [ 265.527177][ T5833] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 266.162478][ T9139] FAULT_INJECTION: forcing a failure. [ 266.162478][ T9139] name failslab, interval 1, probability 0, space 0, times 0 [ 266.262766][ T9139] CPU: 1 UID: 0 PID: 9139 Comm: syz.1.646 Tainted: G L syzkaller #0 PREEMPT(full) [ 266.262804][ T9139] Tainted: [L]=SOFTLOCKUP [ 266.262812][ T9139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 266.262825][ T9139] Call Trace: [ 266.262834][ T9139] [ 266.262844][ T9139] dump_stack_lvl+0x100/0x190 [ 266.262888][ T9139] should_fail_ex.cold+0x5/0xa [ 266.262918][ T9139] should_failslab+0xc2/0x120 [ 266.262958][ T9139] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 266.262991][ T9139] ? alloc_empty_file+0x55/0x1c0 [ 266.263015][ T9139] ? __pfx_stack_trace_save+0x10/0x10 [ 266.263061][ T9139] alloc_empty_file+0x55/0x1c0 [ 266.263087][ T9139] path_openat+0xe8/0x31a0 [ 266.263125][ T9139] ? kasan_save_stack+0x3f/0x50 [ 266.263157][ T9139] ? kasan_save_stack+0x30/0x50 [ 266.263191][ T9139] ? kasan_save_track+0x14/0x30 [ 266.263225][ T9139] ? __kasan_slab_alloc+0x89/0x90 [ 266.263260][ T9139] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 266.263292][ T9139] ? do_getname+0x35/0x390 [ 266.263316][ T9139] ? do_sys_openat2+0xc5/0x1e0 [ 266.263347][ T9139] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.263382][ T9139] ? __pfx_path_openat+0x10/0x10 [ 266.263433][ T9139] do_file_open+0x20e/0x430 [ 266.263471][ T9139] ? __pfx_do_file_open+0x10/0x10 [ 266.263532][ T9139] ? alloc_fd+0x476/0x790 [ 266.263571][ T9139] ? do_getname+0x191/0x390 [ 266.263600][ T9139] do_sys_openat2+0x10d/0x1e0 [ 266.263627][ T9139] ? __pfx_do_sys_openat2+0x10/0x10 [ 266.263679][ T9139] __x64_sys_openat+0x12d/0x210 [ 266.263710][ T9139] ? __pfx___x64_sys_openat+0x10/0x10 [ 266.263753][ T9139] do_syscall_64+0x106/0xf80 [ 266.263780][ T9139] ? clear_bhb_loop+0x40/0x90 [ 266.263811][ T9139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.263838][ T9139] RIP: 0033:0x7fb0d7f9bf79 [ 266.263860][ T9139] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 266.263886][ T9139] RSP: 002b:00007fb0d8ea5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 266.263910][ T9139] RAX: ffffffffffffffda RBX: 00007fb0d8215fa0 RCX: 00007fb0d7f9bf79 [ 266.263927][ T9139] RDX: 0000000000608100 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 266.263945][ T9139] RBP: 00007fb0d80327e0 R08: 0000000000000000 R09: 0000000000000000 [ 266.263963][ T9139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 266.263979][ T9139] R13: 00007fb0d8216038 R14: 00007fb0d8215fa0 R15: 00007ffc10f37a18 [ 266.264015][ T9139] [ 266.673296][ T9145] ======================================================= [ 266.673296][ T9145] WARNING: The mand mount option has been deprecated and [ 266.673296][ T9145] and is ignored by this kernel. Remove the mand [ 266.673296][ T9145] option from the mount to silence this warning. [ 266.673296][ T9145] ======================================================= [ 271.416095][ T9228] Invalid ELF header magic: != ELF [ 273.282619][ T9258] zswap: compressor not available [ 273.522852][ T9270] netlink: 'syz.0.675': attribute type 1 has an invalid length. [ 273.568203][ T9270] netlink: 33 bytes leftover after parsing attributes in process `syz.0.675'. [ 273.717790][ T5833] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 273.978919][ T9270] FAULT_INJECTION: forcing a failure. [ 273.978919][ T9270] name failslab, interval 1, probability 0, space 0, times 0 [ 273.991903][ T9270] CPU: 0 UID: 0 PID: 9270 Comm: syz.0.675 Tainted: G L syzkaller #0 PREEMPT(full) [ 273.991946][ T9270] Tainted: [L]=SOFTLOCKUP [ 273.991956][ T9270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 273.991969][ T9270] Call Trace: [ 273.991975][ T9270] [ 273.991981][ T9270] dump_stack_lvl+0x100/0x190 [ 273.992007][ T9270] should_fail_ex.cold+0x5/0xa [ 273.992025][ T9270] should_failslab+0xc2/0x120 [ 273.992047][ T9270] __kmalloc_cache_noprof+0x7a/0x6f0 [ 273.992064][ T9270] ? file_f_owner_allocate+0x84/0x130 [ 273.992100][ T9270] file_f_owner_allocate+0x84/0x130 [ 273.992117][ T9270] do_fcntl+0x1025/0x1670 [ 273.992133][ T9270] ? __pfx_do_fcntl+0x10/0x10 [ 273.992148][ T9270] ? __fget_files+0x215/0x3d0 [ 273.992175][ T9270] ? tomoyo_file_fcntl+0x6c/0xc0 [ 273.992197][ T9270] __x64_sys_fcntl+0x163/0x200 [ 273.992214][ T9270] do_syscall_64+0x106/0xf80 [ 273.992230][ T9270] ? clear_bhb_loop+0x40/0x90 [ 273.992248][ T9270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.992263][ T9270] RIP: 0033:0x7f04b599bf79 [ 273.992276][ T9270] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 273.992290][ T9270] RSP: 002b:00007f04b6916028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 273.992304][ T9270] RAX: ffffffffffffffda RBX: 00007f04b5c15fa0 RCX: 00007f04b599bf79 [ 273.992314][ T9270] RDX: 0000000000000002 RSI: 000000000000000a RDI: 0000000000000005 [ 273.992322][ T9270] RBP: 00007f04b5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 273.992330][ T9270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.992338][ T9270] R13: 00007f04b5c16038 R14: 00007f04b5c15fa0 R15: 00007ffd5adecad8 [ 273.992357][ T9270] [ 275.656194][ T9311] can: request_module (can-proto-0) failed. [ 275.897842][ T9327] netlink: 'syz.2.691': attribute type 1 has an invalid length. [ 275.930682][ T9327] netlink: 33 bytes leftover after parsing attributes in process `syz.2.691'. [ 275.984616][ T9327] blktrace: Concurrent blktraces are not allowed on loop2 [ 276.177032][ T9327] FAULT_INJECTION: forcing a failure. [ 276.177032][ T9327] name fail_futex, interval 1, probability 0, space 0, times 1 [ 276.252925][ T9327] CPU: 0 UID: 0 PID: 9327 Comm: syz.2.691 Tainted: G L syzkaller #0 PREEMPT(full) [ 276.252971][ T9327] Tainted: [L]=SOFTLOCKUP [ 276.252980][ T9327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 276.252996][ T9327] Call Trace: [ 276.253005][ T9327] [ 276.253016][ T9327] dump_stack_lvl+0x100/0x190 [ 276.253064][ T9327] should_fail_ex.cold+0x5/0xa [ 276.253093][ T9327] ? kasan_save_stack+0x30/0x50 [ 276.253135][ T9327] get_futex_key+0x1d2/0x1620 [ 276.253172][ T9327] ? __pfx_get_futex_key+0x10/0x10 [ 276.253220][ T9327] futex_wake+0xea/0x530 [ 276.253261][ T9327] ? __pfx_futex_wake+0x10/0x10 [ 276.253316][ T9327] do_futex+0x32b/0x350 [ 276.253351][ T9327] ? __pfx_do_futex+0x10/0x10 [ 276.253384][ T9327] ? do_fcntl+0x811/0x1670 [ 276.253420][ T9327] __x64_sys_futex+0x34f/0x4d0 [ 276.253455][ T9327] ? __pfx___x64_sys_futex+0x10/0x10 [ 276.253485][ T9327] ? tomoyo_file_fcntl+0x6c/0xc0 [ 276.253517][ T9327] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 276.253547][ T9327] ? syscall_user_dispatch+0x76/0x130 [ 276.253582][ T9327] do_syscall_64+0x106/0xf80 [ 276.253607][ T9327] ? clear_bhb_loop+0x40/0x90 [ 276.253636][ T9327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.253660][ T9327] RIP: 0033:0x7f19ae19bf79 [ 276.253682][ T9327] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 276.253713][ T9327] RSP: 002b:00007f19af1060e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 276.253738][ T9327] RAX: ffffffffffffffda RBX: 00007f19ae415fa8 RCX: 00007f19ae19bf79 [ 276.253756][ T9327] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f19ae415fac [ 276.253771][ T9327] RBP: 00007f19ae415fa0 R08: 0000000000000000 R09: 0000000000000000 [ 276.253786][ T9327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 276.253801][ T9327] R13: 00007f19ae416038 R14: 00007ffe1d892b30 R15: 00007ffe1d892c18 [ 276.253833][ T9327] [ 276.740305][ T9334] FAULT_INJECTION: forcing a failure. [ 276.740305][ T9334] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 276.775271][ T9334] CPU: 1 UID: 0 PID: 9334 Comm: syz.2.692 Tainted: G L syzkaller #0 PREEMPT(full) [ 276.775311][ T9334] Tainted: [L]=SOFTLOCKUP [ 276.775321][ T9334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 276.775337][ T9334] Call Trace: [ 276.775346][ T9334] [ 276.775356][ T9334] dump_stack_lvl+0x100/0x190 [ 276.775401][ T9334] should_fail_ex.cold+0x5/0xa [ 276.775434][ T9334] ? prepare_alloc_pages+0x16d/0x5f0 [ 276.775482][ T9334] should_fail_alloc_page+0xeb/0x140 [ 276.775527][ T9334] prepare_alloc_pages+0x1f0/0x5f0 [ 276.775579][ T9334] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 276.775628][ T9334] ? find_held_lock+0x2b/0x80 [ 276.775668][ T9334] ? is_bpf_text_address+0x8a/0x1a0 [ 276.775706][ T9334] ? is_bpf_text_address+0x8a/0x1a0 [ 276.775745][ T9334] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 276.775782][ T9334] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 276.775828][ T9334] ? is_bpf_text_address+0x94/0x1a0 [ 276.775875][ T9334] ? kernel_text_address+0x8d/0x100 [ 276.775915][ T9334] ? __kernel_text_address+0xd/0x30 [ 276.775953][ T9334] ? unwind_get_return_address+0x59/0xa0 [ 276.775997][ T9334] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 276.776041][ T9334] ? policy_nodemask+0xed/0x4f0 [ 276.776085][ T9334] alloc_pages_mpol+0x1fb/0x550 [ 276.776129][ T9334] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 276.776169][ T9334] ? kasan_save_stack+0x30/0x50 [ 276.776204][ T9334] ? kasan_save_track+0x14/0x30 [ 276.776237][ T9334] ? __kasan_kmalloc+0xaa/0xb0 [ 276.776268][ T9334] ? __get_vm_area_node+0x101/0x330 [ 276.776311][ T9334] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 276.776348][ T9334] alloc_pages_noprof+0x131/0x390 [ 276.776388][ T9334] get_free_pages_noprof+0x10/0xb0 [ 276.776425][ T9334] __kasan_populate_vmalloc+0xa0/0x210 [ 276.776465][ T9334] alloc_vmap_area+0x95d/0x2bd0 [ 276.776519][ T9334] ? __pfx_alloc_vmap_area+0x10/0x10 [ 276.776572][ T9334] __get_vm_area_node+0x1ca/0x330 [ 276.776622][ T9334] __vmalloc_node_range_noprof+0x213/0x1530 [ 276.776652][ T9334] ? n_tty_open+0x1a/0x170 [ 276.776695][ T9334] ? look_up_lock_class+0x64/0x120 [ 276.776731][ T9334] ? n_tty_open+0x1a/0x170 [ 276.776781][ T9334] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 276.776812][ T9334] ? __ldsem_down_write_nested+0xfd/0x830 [ 276.776851][ T9334] ? __ldsem_down_write_nested+0x10e/0x830 [ 276.776899][ T9334] ? is_console_locked+0x9/0x20 [ 276.776935][ T9334] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 276.776980][ T9334] ? n_tty_open+0x1a/0x170 [ 276.777017][ T9334] __vmalloc_node_noprof+0xad/0xf0 [ 276.777047][ T9334] ? n_tty_open+0x1a/0x170 [ 276.777089][ T9334] ? __pfx_n_tty_open+0x10/0x10 [ 276.777129][ T9334] n_tty_open+0x1a/0x170 [ 276.777170][ T9334] tty_ldisc_open+0xa2/0x120 [ 276.777202][ T9334] tty_ldisc_setup+0x40/0xf0 [ 276.777238][ T9334] tty_init_dev.part.0+0x1b5/0x470 [ 276.777276][ T9334] tty_open+0xa63/0xfa0 [ 276.777318][ T9334] ? __pfx_tty_open+0x10/0x10 [ 276.777351][ T9334] ? chrdev_open+0x10b/0x6a0 [ 276.777389][ T9334] ? chrdev_open+0x10b/0x6a0 [ 276.777433][ T9334] ? __pfx_tty_open+0x10/0x10 [ 276.777468][ T9334] chrdev_open+0x234/0x6a0 [ 276.777508][ T9334] ? __pfx_apparmor_file_open+0x10/0x10 [ 276.777549][ T9334] ? __pfx_chrdev_open+0x10/0x10 [ 276.777590][ T9334] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 276.777638][ T9334] do_dentry_open+0x6d8/0x1660 [ 276.777677][ T9334] ? __pfx_chrdev_open+0x10/0x10 [ 276.777727][ T9334] vfs_open+0x82/0x3f0 [ 276.777761][ T9334] path_openat+0x208c/0x31a0 [ 276.777814][ T9334] ? __pfx_path_openat+0x10/0x10 [ 276.777879][ T9334] do_file_open+0x20e/0x430 [ 276.777925][ T9334] ? __pfx_do_file_open+0x10/0x10 [ 276.777993][ T9334] ? alloc_fd+0x476/0x790 [ 276.778034][ T9334] ? do_getname+0x191/0x390 [ 276.778067][ T9334] do_sys_openat2+0x10d/0x1e0 [ 276.778096][ T9334] ? __pfx_do_sys_openat2+0x10/0x10 [ 276.778141][ T9334] __x64_sys_openat+0x12d/0x210 [ 276.778173][ T9334] ? __pfx___x64_sys_openat+0x10/0x10 [ 276.778220][ T9334] do_syscall_64+0x106/0xf80 [ 276.778250][ T9334] ? clear_bhb_loop+0x40/0x90 [ 276.778285][ T9334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.778313][ T9334] RIP: 0033:0x7f19ae19bf79 [ 276.778337][ T9334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 276.778365][ T9334] RSP: 002b:00007f19af106028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 276.778392][ T9334] RAX: ffffffffffffffda RBX: 00007f19ae415fa0 RCX: 00007f19ae19bf79 [ 276.778412][ T9334] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 276.778432][ T9334] RBP: 00007f19ae2327e0 R08: 0000000000000000 R09: 0000000000000000 [ 276.778450][ T9334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 276.778467][ T9334] R13: 00007f19ae416038 R14: 00007f19ae415fa0 R15: 00007ffe1d892c18 [ 276.778508][ T9334] [ 276.778570][ T9334] syz.2.692: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 277.264358][ T9334] CPU: 1 UID: 0 PID: 9334 Comm: syz.2.692 Tainted: G L syzkaller #0 PREEMPT(full) [ 277.264399][ T9334] Tainted: [L]=SOFTLOCKUP [ 277.264409][ T9334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 277.264425][ T9334] Call Trace: [ 277.264434][ T9334] [ 277.264445][ T9334] dump_stack_lvl+0x100/0x190 [ 277.264495][ T9334] warn_alloc.cold+0x95/0x1c1 [ 277.264543][ T9334] ? __pfx_warn_alloc+0x10/0x10 [ 277.264575][ T9334] ? lockdep_hardirqs_on+0x78/0x100 [ 277.264611][ T9334] ? __get_vm_area_node+0x2c5/0x330 [ 277.264664][ T9334] ? __get_vm_area_node+0x208/0x330 [ 277.264715][ T9334] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 277.264748][ T9334] ? look_up_lock_class+0x64/0x120 [ 277.264783][ T9334] ? n_tty_open+0x1a/0x170 [ 277.264835][ T9334] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 277.264867][ T9334] ? __ldsem_down_write_nested+0xfd/0x830 [ 277.264907][ T9334] ? __ldsem_down_write_nested+0x10e/0x830 [ 277.264946][ T9334] ? is_console_locked+0x9/0x20 [ 277.264985][ T9334] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 277.265031][ T9334] ? n_tty_open+0x1a/0x170 [ 277.265074][ T9334] __vmalloc_node_noprof+0xad/0xf0 [ 277.265103][ T9334] ? n_tty_open+0x1a/0x170 [ 277.265143][ T9334] ? __pfx_n_tty_open+0x10/0x10 [ 277.265182][ T9334] n_tty_open+0x1a/0x170 [ 277.265222][ T9334] tty_ldisc_open+0xa2/0x120 [ 277.265254][ T9334] tty_ldisc_setup+0x40/0xf0 [ 277.265283][ T9334] tty_init_dev.part.0+0x1b5/0x470 [ 277.265322][ T9334] tty_open+0xa63/0xfa0 [ 277.265363][ T9334] ? __pfx_tty_open+0x10/0x10 [ 277.265393][ T9334] ? chrdev_open+0x10b/0x6a0 [ 277.265425][ T9334] ? chrdev_open+0x10b/0x6a0 [ 277.265466][ T9334] ? __pfx_tty_open+0x10/0x10 [ 277.265549][ T9334] chrdev_open+0x234/0x6a0 [ 277.265583][ T9334] ? __pfx_apparmor_file_open+0x10/0x10 [ 277.265619][ T9334] ? __pfx_chrdev_open+0x10/0x10 [ 277.265658][ T9334] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 277.265708][ T9334] do_dentry_open+0x6d8/0x1660 [ 277.265742][ T9334] ? __pfx_chrdev_open+0x10/0x10 [ 277.265791][ T9334] vfs_open+0x82/0x3f0 [ 277.265823][ T9334] path_openat+0x208c/0x31a0 [ 277.265874][ T9334] ? __pfx_path_openat+0x10/0x10 [ 277.265928][ T9334] do_file_open+0x20e/0x430 [ 277.265971][ T9334] ? __pfx_do_file_open+0x10/0x10 [ 277.266038][ T9334] ? alloc_fd+0x476/0x790 [ 277.266082][ T9334] ? do_getname+0x191/0x390 [ 277.266114][ T9334] do_sys_openat2+0x10d/0x1e0 [ 277.266144][ T9334] ? __pfx_do_sys_openat2+0x10/0x10 [ 277.266192][ T9334] __x64_sys_openat+0x12d/0x210 [ 277.266224][ T9334] ? __pfx___x64_sys_openat+0x10/0x10 [ 277.266271][ T9334] do_syscall_64+0x106/0xf80 [ 277.266299][ T9334] ? clear_bhb_loop+0x40/0x90 [ 277.266334][ T9334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.266363][ T9334] RIP: 0033:0x7f19ae19bf79 [ 277.266386][ T9334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 277.266414][ T9334] RSP: 002b:00007f19af106028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 277.266440][ T9334] RAX: ffffffffffffffda RBX: 00007f19ae415fa0 RCX: 00007f19ae19bf79 [ 277.266459][ T9334] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 277.266476][ T9334] RBP: 00007f19ae2327e0 R08: 0000000000000000 R09: 0000000000000000 [ 277.266499][ T9334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 277.266516][ T9334] R13: 00007f19ae416038 R14: 00007f19ae415fa0 R15: 00007ffe1d892c18 [ 277.266552][ T9334] [ 277.266649][ T9334] Mem-Info: [ 277.266662][ T9334] active_anon:10523 inactive_anon:0 isolated_anon:0 [ 277.266662][ T9334] active_file:16999 inactive_file:51603 isolated_file:0 [ 277.266662][ T9334] unevictable:768 dirty:452 writeback:0 [ 277.266662][ T9334] slab_reclaimable:11767 slab_unreclaimable:93260 [ 277.266662][ T9334] mapped:27985 shmem:1935 pagetables:1148 [ 277.266662][ T9334] sec_pagetables:0 bounce:0 [ 277.266662][ T9334] kernel_misc_reclaimable:0 [ 277.266662][ T9334] free:1299834 free_pcp:17130 free_cma:0 [ 277.266736][ T9334] Node 0 active_anon:42092kB inactive_anon:0kB active_file:67996kB inactive_file:206232kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111936kB dirty:1804kB writeback:0kB shmem:6204kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:16384kB kernel_stack:11680kB pagetables:4416kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 277.266812][ T9334] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:180kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:176kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 277.266878][ T9334] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 277.266956][ T9334] lowmem_reserve[]: 0 2478 2479 2479 2479 [ 277.267008][ T9334] Node 0 DMA32 free:1256524kB boost:0kB min:34308kB low:42884kB high:51460kB reserved_highatomic:0KB free_highatomic:0KB active_anon:42092kB inactive_anon:0kB active_file:67996kB inactive_file:206232kB unevictable:1536kB writepending:1804kB zspages:212kB present:3129332kB managed:2537656kB mlocked:0kB bounce:0kB free_pcp:59408kB local_pcp:33332kB free_cma:0kB [ 277.267084][ T9334] lowmem_reserve[]: 0 0 1 1 1 [ 277.267139][ T9334] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1068kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 277.267211][ T9334] lowmem_reserve[]: 0 0 0 0 0 [ 277.267266][ T9334] Node 1 Normal free:3927452kB boost:0kB min:55580kB low:69472kB high:83364kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:180kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:9108kB local_pcp:4104kB free_cma:0kB [ 277.267351][ T9334] lowmem_reserve[]: 0 0 0 0 0 [ 277.267407][ T9334] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 277.267583][ T9334] Node 0 DMA32: 1279*4kB (M) 1149*8kB (UME) 1476*16kB (UME) 645*32kB (UME) 379*64kB (UM) 307*128kB (UME) 307*256kB (UM) 180*512kB (UME) 93*1024kB (UME) 8*2048kB (UM) 208*4096kB (UM) = 1256452kB [ 277.267821][ T9334] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 277.267958][ T9334] Node 1 Normal: 15*4kB (UME) 22*8kB (UME) 15*16kB (UME) 10*32kB (UME) 18*64kB (UME) 12*128kB (UME) 8*256kB (UM) 8*512kB (UME) 4*1024kB (UM) 1*2048kB (E) 955*4096kB (UM) = 3927452kB [ 277.268925][ T9334] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 277.268947][ T9334] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 277.268969][ T9334] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 277.268991][ T9334] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 277.269011][ T9334] 70534 total pagecache pages [ 277.269021][ T9334] 1 pages in swap cache [ 277.269031][ T9334] Free swap = 118356kB [ 277.269041][ T9334] Total swap = 124996kB [ 277.269052][ T9334] 2097051 pages RAM [ 277.269061][ T9334] 0 pages HighMem/MovableOnly [ 277.269071][ T9334] 430755 pages reserved [ 277.269080][ T9334] 0 pages cma reserved [ 277.269095][ T9334] tty tty6: ldisc open failed (-12), clearing slot 5 [ 279.580807][ T9369] netlink: 'syz.3.702': attribute type 1 has an invalid length. [ 279.621412][ T9369] netlink: 33 bytes leftover after parsing attributes in process `syz.3.702'. [ 279.659312][ T9369] blktrace: Concurrent blktraces are not allowed on loop2 [ 279.911651][ T9369] FAULT_INJECTION: forcing a failure. [ 279.911651][ T9369] name failslab, interval 1, probability 0, space 0, times 0 [ 280.044399][ T9369] CPU: 0 UID: 0 PID: 9369 Comm: syz.3.702 Tainted: G L syzkaller #0 PREEMPT(full) [ 280.044444][ T9369] Tainted: [L]=SOFTLOCKUP [ 280.044453][ T9369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 280.044469][ T9369] Call Trace: [ 280.044478][ T9369] [ 280.044489][ T9369] dump_stack_lvl+0x100/0x190 [ 280.044534][ T9369] should_fail_ex.cold+0x5/0xa [ 280.044564][ T9369] should_failslab+0xc2/0x120 [ 280.044603][ T9369] __kmalloc_cache_noprof+0x7a/0x6f0 [ 280.044631][ T9369] ? file_f_owner_allocate+0x84/0x130 [ 280.044668][ T9369] file_f_owner_allocate+0x84/0x130 [ 280.044699][ T9369] do_fcntl+0x1025/0x1670 [ 280.044727][ T9369] ? __pfx_do_fcntl+0x10/0x10 [ 280.044752][ T9369] ? __fget_files+0x215/0x3d0 [ 280.044796][ T9369] ? tomoyo_file_fcntl+0x6c/0xc0 [ 280.044835][ T9369] __x64_sys_fcntl+0x163/0x200 [ 280.044868][ T9369] do_syscall_64+0x106/0xf80 [ 280.044895][ T9369] ? clear_bhb_loop+0x40/0x90 [ 280.044928][ T9369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.044955][ T9369] RIP: 0033:0x7f68f099bf79 [ 280.044978][ T9369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 280.045004][ T9369] RSP: 002b:00007f68f189b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 280.045031][ T9369] RAX: ffffffffffffffda RBX: 00007f68f0c15fa0 RCX: 00007f68f099bf79 [ 280.045047][ T9369] RDX: 0000000000000002 RSI: 000000000000000a RDI: 0000000000000005 [ 280.045063][ T9369] RBP: 00007f68f0a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 280.045080][ T9369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 280.045097][ T9369] R13: 00007f68f0c16038 R14: 00007f68f0c15fa0 R15: 00007ffeec7775c8 [ 280.045135][ T9369] [ 280.530983][ T50] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 280.879406][ T9398] FAULT_INJECTION: forcing a failure. [ 280.879406][ T9398] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 280.900361][ T9398] CPU: 0 UID: 0 PID: 9398 Comm: syz.1.707 Tainted: G L syzkaller #0 PREEMPT(full) [ 280.900403][ T9398] Tainted: [L]=SOFTLOCKUP [ 280.900413][ T9398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 280.900429][ T9398] Call Trace: [ 280.900438][ T9398] [ 280.900449][ T9398] dump_stack_lvl+0x100/0x190 [ 280.900491][ T9398] should_fail_ex.cold+0x5/0xa [ 280.900516][ T9398] ? prepare_alloc_pages+0x16d/0x5f0 [ 280.900561][ T9398] should_fail_alloc_page+0xeb/0x140 [ 280.900606][ T9398] prepare_alloc_pages+0x1f0/0x5f0 [ 280.900656][ T9398] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 280.900708][ T9398] ? find_held_lock+0x2b/0x80 [ 280.900750][ T9398] ? is_bpf_text_address+0x8a/0x1a0 [ 280.900790][ T9398] ? is_bpf_text_address+0x8a/0x1a0 [ 280.900828][ T9398] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 280.900866][ T9398] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 280.900912][ T9398] ? is_bpf_text_address+0x94/0x1a0 [ 280.900950][ T9398] ? kernel_text_address+0x8d/0x100 [ 280.900989][ T9398] ? __kernel_text_address+0xd/0x30 [ 280.901020][ T9398] ? unwind_get_return_address+0x59/0xa0 [ 280.901058][ T9398] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 280.901098][ T9398] ? policy_nodemask+0xed/0x4f0 [ 280.901142][ T9398] alloc_pages_mpol+0x1fb/0x550 [ 280.901183][ T9398] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 280.901229][ T9398] ? kasan_save_stack+0x30/0x50 [ 280.901264][ T9398] ? kasan_save_track+0x14/0x30 [ 280.901299][ T9398] ? __kasan_kmalloc+0xaa/0xb0 [ 280.901332][ T9398] ? __get_vm_area_node+0x101/0x330 [ 280.901382][ T9398] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 280.901418][ T9398] alloc_pages_noprof+0x131/0x390 [ 280.901459][ T9398] get_free_pages_noprof+0x10/0xb0 [ 280.901497][ T9398] __kasan_populate_vmalloc+0xa0/0x210 [ 280.901540][ T9398] alloc_vmap_area+0x95d/0x2bd0 [ 280.901598][ T9398] ? __pfx_alloc_vmap_area+0x10/0x10 [ 280.901649][ T9398] __get_vm_area_node+0x1ca/0x330 [ 280.901700][ T9398] __vmalloc_node_range_noprof+0x213/0x1530 [ 280.901732][ T9398] ? n_tty_open+0x1a/0x170 [ 280.901773][ T9398] ? look_up_lock_class+0x64/0x120 [ 280.901809][ T9398] ? n_tty_open+0x1a/0x170 [ 280.901861][ T9398] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 280.901893][ T9398] ? __ldsem_down_write_nested+0xfd/0x830 [ 280.901935][ T9398] ? __ldsem_down_write_nested+0x10e/0x830 [ 280.901974][ T9398] ? is_console_locked+0x9/0x20 [ 280.902012][ T9398] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 280.902058][ T9398] ? n_tty_open+0x1a/0x170 [ 280.902095][ T9398] __vmalloc_node_noprof+0xad/0xf0 [ 280.902123][ T9398] ? n_tty_open+0x1a/0x170 [ 280.902164][ T9398] ? __pfx_n_tty_open+0x10/0x10 [ 280.902203][ T9398] n_tty_open+0x1a/0x170 [ 280.902243][ T9398] tty_ldisc_open+0xa2/0x120 [ 280.902275][ T9398] tty_ldisc_setup+0x40/0xf0 [ 280.902307][ T9398] tty_init_dev.part.0+0x1b5/0x470 [ 280.902357][ T9398] tty_open+0xa63/0xfa0 [ 280.902402][ T9398] ? __pfx_tty_open+0x10/0x10 [ 280.902438][ T9398] ? chrdev_open+0x10b/0x6a0 [ 280.902477][ T9398] ? chrdev_open+0x10b/0x6a0 [ 280.902522][ T9398] ? __pfx_tty_open+0x10/0x10 [ 280.902559][ T9398] chrdev_open+0x234/0x6a0 [ 280.902599][ T9398] ? __pfx_apparmor_file_open+0x10/0x10 [ 280.902646][ T9398] ? __pfx_chrdev_open+0x10/0x10 [ 280.902690][ T9398] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 280.902740][ T9398] do_dentry_open+0x6d8/0x1660 [ 280.902780][ T9398] ? __pfx_chrdev_open+0x10/0x10 [ 280.902829][ T9398] vfs_open+0x82/0x3f0 [ 280.902863][ T9398] path_openat+0x208c/0x31a0 [ 280.902918][ T9398] ? __pfx_path_openat+0x10/0x10 [ 280.902971][ T9398] do_file_open+0x20e/0x430 [ 280.903016][ T9398] ? __pfx_do_file_open+0x10/0x10 [ 280.903092][ T9398] ? alloc_fd+0x476/0x790 [ 280.903137][ T9398] ? do_getname+0x191/0x390 [ 280.903170][ T9398] do_sys_openat2+0x10d/0x1e0 [ 280.903201][ T9398] ? __pfx_do_sys_openat2+0x10/0x10 [ 280.903246][ T9398] __x64_sys_openat+0x12d/0x210 [ 280.903278][ T9398] ? __pfx___x64_sys_openat+0x10/0x10 [ 280.903330][ T9398] do_syscall_64+0x106/0xf80 [ 280.903365][ T9398] ? clear_bhb_loop+0x40/0x90 [ 280.903403][ T9398] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.903432][ T9398] RIP: 0033:0x7fb0d7f9bf79 [ 280.903456][ T9398] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 280.903482][ T9398] RSP: 002b:00007fb0d8ea5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 280.903510][ T9398] RAX: ffffffffffffffda RBX: 00007fb0d8215fa0 RCX: 00007fb0d7f9bf79 [ 280.903529][ T9398] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 280.903548][ T9398] RBP: 00007fb0d80327e0 R08: 0000000000000000 R09: 0000000000000000 [ 280.903565][ T9398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 280.903581][ T9398] R13: 00007fb0d8216038 R14: 00007fb0d8215fa0 R15: 00007ffc10f37a18 [ 280.903621][ T9398] [ 281.489289][ T9398] tty tty6: ldisc open failed (-12), clearing slot 5 [ 281.992080][ T5833] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 282.000663][ T5833] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 282.205182][ T9426] blktrace: Concurrent blktraces are not allowed on loop2 [ 282.572585][ T50] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 282.580776][ T50] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 285.867970][ T5833] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 285.875424][ T5833] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 286.810819][ T5833] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 286.818355][ T5833] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 287.426607][ T9552] blktrace: Concurrent blktraces are not allowed on loop2 [ 287.488820][ T9554] ptp ptp0: guarantee physical clock free running [ 287.680630][ T50] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 287.689236][ T50] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 288.587558][ T50] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 288.595039][ T50] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 291.854035][ T9636] FAULT_INJECTION: forcing a failure. [ 291.854035][ T9636] name failslab, interval 1, probability 0, space 0, times 0 [ 291.870060][ T9636] CPU: 1 UID: 0 PID: 9636 Comm: syz.1.763 Tainted: G L syzkaller #0 PREEMPT(full) [ 291.870086][ T9636] Tainted: [L]=SOFTLOCKUP [ 291.870092][ T9636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 291.870101][ T9636] Call Trace: [ 291.870107][ T9636] [ 291.870113][ T9636] dump_stack_lvl+0x100/0x190 [ 291.870140][ T9636] should_fail_ex.cold+0x5/0xa [ 291.870159][ T9636] should_failslab+0xc2/0x120 [ 291.870184][ T9636] __kmalloc_cache_noprof+0x7a/0x6f0 [ 291.870200][ T9636] ? kvm_set_irq_routing+0x24f/0x960 [ 291.870222][ T9636] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 291.870248][ T9636] kvm_set_irq_routing+0x24f/0x960 [ 291.870274][ T9636] kvm_arch_vm_ioctl+0xf08/0x18d0 [ 291.870292][ T9636] ? unwind_get_return_address+0x59/0xa0 [ 291.870307][ T9636] ? arch_stack_walk+0xa6/0xf0 [ 291.870321][ T9636] ? __pfx_kvm_arch_vm_ioctl+0x10/0x10 [ 291.870343][ T9636] ? __lock_acquire+0x4a5/0x2630 [ 291.870363][ T9636] ? __lock_acquire+0x4a5/0x2630 [ 291.870384][ T9636] ? __lock_acquire+0x4a5/0x2630 [ 291.870405][ T9636] ? __lock_acquire+0x4a5/0x2630 [ 291.870435][ T9636] ? is_bpf_text_address+0x8a/0x1a0 [ 291.870462][ T9636] ? bpf_ksym_find+0x124/0x1c0 [ 291.870477][ T9636] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 291.870501][ T9636] ? is_bpf_text_address+0x94/0x1a0 [ 291.870520][ T9636] ? kernel_text_address+0x8d/0x100 [ 291.870542][ T9636] ? __kernel_text_address+0xd/0x30 [ 291.870561][ T9636] ? unwind_get_return_address+0x59/0xa0 [ 291.870578][ T9636] ? arch_stack_walk+0xa6/0xf0 [ 291.870600][ T9636] ? tomoyo_path_number_perm+0x46d/0x580 [ 291.870624][ T9636] ? stack_trace_save+0x8e/0xc0 [ 291.870645][ T9636] ? __pfx_stack_trace_save+0x10/0x10 [ 291.870670][ T9636] ? stack_depot_save_flags+0x27/0x9d0 [ 291.870686][ T9636] ? __lock_acquire+0x4a5/0x2630 [ 291.870707][ T9636] ? tomoyo_path_number_perm+0x46d/0x580 [ 291.870729][ T9636] ? kasan_save_stack+0x3f/0x50 [ 291.870747][ T9636] ? kasan_save_stack+0x30/0x50 [ 291.870765][ T9636] ? kasan_save_track+0x14/0x30 [ 291.870783][ T9636] ? kasan_save_free_info+0x3b/0x70 [ 291.870798][ T9636] ? __kasan_slab_free+0x5f/0x80 [ 291.870822][ T9636] kvm_vm_ioctl+0x1564/0x4080 [ 291.870848][ T9636] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 291.870874][ T9636] ? tomoyo_path_number_perm+0x46d/0x580 [ 291.870898][ T9636] ? kasan_quarantine_put+0x104/0x240 [ 291.870918][ T9636] ? lockdep_hardirqs_on+0x78/0x100 [ 291.870944][ T9636] ? find_held_lock+0x2b/0x80 [ 291.870968][ T9636] ? tomoyo_path_number_perm+0x28f/0x580 [ 291.870991][ T9636] ? tomoyo_path_number_perm+0x28f/0x580 [ 291.871020][ T9636] ? tomoyo_path_number_perm+0x188/0x580 [ 291.871049][ T9636] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 291.871071][ T9636] ? futex_wake+0x1ad/0x530 [ 291.871095][ T9636] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 291.871119][ T9636] ? do_vfs_ioctl+0x226/0x13e0 [ 291.871137][ T9636] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 291.871162][ T9636] ? find_held_lock+0x2b/0x80 [ 291.871185][ T9636] ? __fget_files+0x215/0x3d0 [ 291.871204][ T9636] ? hook_file_ioctl_common+0x146/0x410 [ 291.871231][ T9636] ? __fget_files+0x21f/0x3d0 [ 291.871256][ T9636] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 291.871275][ T9636] __x64_sys_ioctl+0x18e/0x210 [ 291.871293][ T9636] do_syscall_64+0x106/0xf80 [ 291.871309][ T9636] ? clear_bhb_loop+0x40/0x90 [ 291.871328][ T9636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.871344][ T9636] RIP: 0033:0x7fb0d7f9bf79 [ 291.871357][ T9636] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 291.871371][ T9636] RSP: 002b:00007fb0d8ea5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 291.871387][ T9636] RAX: ffffffffffffffda RBX: 00007fb0d8215fa0 RCX: 00007fb0d7f9bf79 [ 291.871398][ T9636] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003 [ 291.871408][ T9636] RBP: 00007fb0d80327e0 R08: 0000000000000000 R09: 0000000000000000 [ 291.871419][ T9636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 291.871427][ T9636] R13: 00007fb0d8216038 R14: 00007fb0d8215fa0 R15: 00007ffc10f37a18 [ 291.871449][ T9636] [ 295.359653][ T9690] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 295.510864][ T29] audit: type=1800 audit(1771052996.569:35): pid=9672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.770" name="features" dev="configfs" ino=29054 res=0 errno=0 [ 298.221070][ T9717] ptp ptp0: guarantee physical clock free running [ 298.246463][ T5833] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 298.254201][ T5833] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 302.236476][ T29] audit: type=1800 audit(1771053003.299:36): pid=9773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.787" name="features" dev="configfs" ino=29354 res=0 errno=0 [ 304.290868][ T9826] ptp ptp0: guarantee physical clock free running [ 304.705777][ T9834] ptp ptp0: guarantee physical clock free running [ 304.902986][ T9837] ptp ptp0: guarantee physical clock free running [ 305.336232][ T5833] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 306.003667][ T5833] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 306.014018][ T5833] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 306.221027][ T50] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 306.228503][ T50] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 308.146859][ T5833] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 308.158469][ T5833] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 308.363773][ T9931] misc userio: No port type given on /dev/userio [ 308.590050][ T9932] FAULT_INJECTION: forcing a failure. [ 308.590050][ T9932] name failslab, interval 1, probability 0, space 0, times 0 [ 308.631492][ T9932] CPU: 0 UID: 0 PID: 9932 Comm: syz.1.818 Tainted: G L syzkaller #0 PREEMPT(full) [ 308.631542][ T9932] Tainted: [L]=SOFTLOCKUP [ 308.631552][ T9932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 308.631568][ T9932] Call Trace: [ 308.631577][ T9932] [ 308.631588][ T9932] dump_stack_lvl+0x100/0x190 [ 308.631636][ T9932] should_fail_ex.cold+0x5/0xa [ 308.631669][ T9932] should_failslab+0xc2/0x120 [ 308.631716][ T9932] __kmalloc_cache_noprof+0x7a/0x6f0 [ 308.631748][ T9932] ? loop_add+0xb9/0xb60 [ 308.631784][ T9932] loop_add+0xb9/0xb60 [ 308.631815][ T9932] ? __pfx_loop_add+0x10/0x10 [ 308.631868][ T9932] ? find_held_lock+0x2b/0x80 [ 308.631909][ T9932] ? __fget_files+0x215/0x3d0 [ 308.631951][ T9932] loop_control_ioctl+0xae/0x620 [ 308.631986][ T9932] ? __pfx_loop_control_ioctl+0x10/0x10 [ 308.632025][ T9932] ? __pfx_loop_control_ioctl+0x10/0x10 [ 308.632060][ T9932] __x64_sys_ioctl+0x18e/0x210 [ 308.632095][ T9932] do_syscall_64+0x106/0xf80 [ 308.632125][ T9932] ? clear_bhb_loop+0x40/0x90 [ 308.632169][ T9932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.632198][ T9932] RIP: 0033:0x7fb0d7f9bf79 [ 308.632221][ T9932] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 308.632248][ T9932] RSP: 002b:00007fb0d8e42028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 308.632275][ T9932] RAX: ffffffffffffffda RBX: 00007fb0d8216270 RCX: 00007fb0d7f9bf79 [ 308.632295][ T9932] RDX: 0000000000000000 RSI: 0000000000004c80 RDI: 0000000000000002 [ 308.632311][ T9932] RBP: 00007fb0d80327e0 R08: 0000000000000000 R09: 0000000000000000 [ 308.632328][ T9932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 308.632344][ T9932] R13: 00007fb0d8216308 R14: 00007fb0d8216270 R15: 00007ffc10f37a18 [ 308.632382][ T9932] [ 310.057124][ T9952] ptp ptp0: guarantee physical clock free running [ 310.711693][ T5833] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 310.719309][ T5833] Bluetooth: hci0: Invalid handle: 0x3a4a > 0x0eff [ 313.204343][ T5833] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 313.211775][ T5833] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 315.501616][ T50] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 315.511823][ T50] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 316.493322][T10092] __vm_enough_memory: pid: 10092, comm: syz.1.852, bytes: 4398046511104 not enough memory for the allocation [ 317.047101][ T5833] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 317.056695][ T5833] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 317.120076][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.126851][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.823306][T10126] can: request_module (can-proto-0) failed. [ 319.877557][ T5833] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 319.885151][ T5833] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 320.954905][T10180] usb usb15: usbfs: interface 0 claimed by hub while 'syz.0.872' sets config #0 [ 321.465700][ T5833] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 321.473132][ T5833] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 324.801599][T10252] netlink: 8 bytes leftover after parsing attributes in process `syz.3.889'. [ 325.306795][T10259] ptp ptp0: guarantee physical clock free running [ 325.335940][ T5833] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 325.347109][ T5833] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 328.335155][T10318] ptp ptp0: guarantee physical clock free running [ 329.809955][ T5833] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 329.817592][ T5833] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 331.453215][T10373] Invalid ELF header magic: != ELF [ 333.685320][T10417] ptp ptp0: guarantee physical clock free running [ 334.124930][ T5833] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 334.132373][ T5833] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 335.156748][ T5833] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 335.164314][ T5833] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 335.546581][T10463] ptp ptp0: guarantee physical clock free running [ 335.847669][T10472] Invalid ELF header magic: != ELF [ 337.918916][ T50] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 337.928647][ T50] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 338.848173][ T50] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 338.859152][ T50] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 339.240209][T10536] ptp ptp0: guarantee physical clock free running [ 339.407537][ T5833] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 339.415341][ T5833] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 339.982610][T10556] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 340.124402][T10557] vhci_hcd vhci_hcd.2: invalid port number 252 [ 340.130578][T10557] vhci_hcd vhci_hcd.2: default hub control req: 040f v0772 i00fc l2 [ 340.480043][T10565] FAULT_INJECTION: forcing a failure. [ 340.480043][T10565] name failslab, interval 1, probability 0, space 0, times 0 [ 340.545273][T10565] CPU: 0 UID: 0 PID: 10565 Comm: syz.0.955 Tainted: G L syzkaller #0 PREEMPT(full) [ 340.545321][T10565] Tainted: [L]=SOFTLOCKUP [ 340.545332][T10565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 340.545348][T10565] Call Trace: [ 340.545358][T10565] [ 340.545370][T10565] dump_stack_lvl+0x100/0x190 [ 340.545420][T10565] should_fail_ex.cold+0x5/0xa [ 340.545456][T10565] should_failslab+0xc2/0x120 [ 340.545499][T10565] __kmalloc_cache_noprof+0x7a/0x6f0 [ 340.545529][T10565] ? vidtv_psi_nit_table_init+0x5b/0x5f0 [ 340.545567][T10565] vidtv_psi_nit_table_init+0x5b/0x5f0 [ 340.545596][T10565] ? kasan_save_track+0x14/0x30 [ 340.545637][T10565] vidtv_channel_si_init+0xcd0/0x18d0 [ 340.545682][T10565] vidtv_mux_init+0x526/0xbf0 [ 340.545719][T10565] vidtv_start_feed+0x33e/0x4c0 [ 340.545759][T10565] ? __pfx_vidtv_start_feed+0x10/0x10 [ 340.545799][T10565] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 340.545847][T10565] ? mark_held_locks+0x40/0x70 [ 340.545887][T10565] ? __pfx_vidtv_start_feed+0x10/0x10 [ 340.545926][T10565] dmx_ts_feed_start_filtering+0xf6/0x220 [ 340.545982][T10565] dvb_dmxdev_start_feed+0x273/0x3f0 [ 340.546025][T10565] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 340.546069][T10565] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 340.546113][T10565] dvb_demux_do_ioctl+0xe64/0x1200 [ 340.546164][T10565] dvb_usercopy+0x167/0x340 [ 340.546198][T10565] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 340.546235][T10565] ? __pfx_dvb_usercopy+0x10/0x10 [ 340.546284][T10565] ? __fget_files+0x21f/0x3d0 [ 340.546333][T10565] dvb_demux_ioctl+0x29/0x40 [ 340.546366][T10565] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 340.546402][T10565] __x64_sys_ioctl+0x18e/0x210 [ 340.546440][T10565] do_syscall_64+0x106/0xf80 [ 340.546469][T10565] ? clear_bhb_loop+0x40/0x90 [ 340.546506][T10565] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.546535][T10565] RIP: 0033:0x7f04b599bf79 [ 340.546560][T10565] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 340.546587][T10565] RSP: 002b:00007f04b68f5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 340.546616][T10565] RAX: ffffffffffffffda RBX: 00007f04b5c16090 RCX: 00007f04b599bf79 [ 340.546635][T10565] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 340.546653][T10565] RBP: 00007f04b5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 340.546671][T10565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 340.546688][T10565] R13: 00007f04b5c16128 R14: 00007f04b5c16090 R15: 00007ffd5adecad8 [ 340.546726][T10565] [ 341.142444][ T5833] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 341.149938][ T5833] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 341.185337][T10569] ptp ptp0: guarantee physical clock free running [ 341.526498][T10581] ptp ptp0: guarantee physical clock free running [ 343.223076][T10603] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 343.777536][T10599] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 344.906142][T10623] ptp ptp0: guarantee physical clock free running [ 345.171002][ T50] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 345.178482][ T50] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 345.925621][T10649] ptp ptp0: guarantee physical clock free running [ 345.976824][T10653] netlink: 8 bytes leftover after parsing attributes in process `syz.0.974'. [ 346.422627][ T5833] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 346.431268][ T5833] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 346.761112][T10668] ptp ptp0: guarantee physical clock free running [ 348.087268][T10691] ptp ptp0: guarantee physical clock free running [ 349.540271][T10722] netlink: 28 bytes leftover after parsing attributes in process `syz.2.991'. [ 349.590828][T10722] bridge0: port 2(bridge_slave_1) entered disabled state [ 349.661638][T10722] bridge_slave_1 (unregistering): left allmulticast mode [ 349.745316][T10722] bridge_slave_1 (unregistering): left promiscuous mode [ 349.760178][T10722] bridge0: port 2(bridge_slave_1) entered disabled state [ 349.947021][T10726] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input17 [ 350.527293][T10745] ptp ptp0: guarantee physical clock free running [ 351.668836][T10762] ptp ptp0: guarantee physical clock free running [ 352.610186][T10777] ptp ptp0: guarantee physical clock free running [ 352.783581][ T29] audit: type=1800 audit(1771053053.839:37): pid=10786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1006" name="members" dev="configfs" ino=33684 res=0 errno=0 [ 352.819949][T10784] ptp ptp0: guarantee physical clock free running [ 353.011299][T10792] ptp ptp0: guarantee physical clock free running [ 353.325465][T10744] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 353.332900][T10744] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 353.966072][T10820] ptp ptp0: guarantee physical clock free running [ 354.509596][T10826] hub 1-0:1.0: USB hub found [ 354.581603][T10826] hub 1-0:1.0: 1 port detected [ 354.593832][T10833] ptp ptp0: guarantee physical clock free running [ 355.119489][T10843] ptp ptp0: guarantee physical clock free running [ 355.928581][T10807] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 355.936231][T10807] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 356.381326][T10869] ptp ptp0: guarantee physical clock free running [ 357.282747][T10883] ptp ptp0: guarantee physical clock free running [ 357.567625][T10887] ptp ptp0: guarantee physical clock free running [ 358.432602][T10735] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 358.440121][T10735] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 359.292814][T10807] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 359.532476][T10807] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 359.532513][T10807] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 359.548611][T10807] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 359.548641][T10807] Bluetooth: hci0: adv larger than maximum supported [ 359.558396][T10807] Bluetooth: hci0: Unknown advertising packet type: 0x5f [ 359.565280][T10807] Bluetooth: hci0: Malformed LE Event: 0x0d [ 359.834846][T10936] ptp ptp0: guarantee physical clock free running [ 361.576350][T10967] ptp ptp0: guarantee physical clock free running [ 361.939138][T10972] ptp ptp0: guarantee physical clock free running [ 363.082210][T10988] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1049'. [ 363.136959][T10988] hsr_slave_0: left promiscuous mode [ 363.224069][T10992] NFSD: Failed to start, no listeners configured. [ 363.261579][T10988] hsr_slave_1: left promiscuous mode [ 364.178633][T10807] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 364.188005][T10807] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 364.698883][T11019] ptp ptp0: guarantee physical clock free running [ 364.882874][T11023] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input18 [ 365.526461][T10735] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 365.757487][T10735] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 365.765042][T10735] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 365.773887][T10807] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 365.773920][T10807] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 365.924522][T10807] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 365.924558][T10807] Bluetooth: hci1: adv larger than maximum supported [ 365.936317][T10807] Bluetooth: hci1: Unknown advertising packet type: 0x5f [ 365.945089][T10807] Bluetooth: hci1: Malformed LE Event: 0x0d [ 366.136360][T11049] can: request_module (can-proto-0) failed. [ 366.361743][T10807] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 366.369163][T10807] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 366.645738][T11069] ptp ptp0: guarantee physical clock free running [ 366.727642][T11068] ptp ptp0: guarantee physical clock free running [ 367.787459][T11084] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1070'. [ 367.865825][T11085] blktrace: Concurrent blktraces are not allowed on nbd8 [ 368.135023][T11089] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input19 [ 369.012646][T10807] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 369.133737][T10807] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 369.133760][T10807] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 369.148816][T10807] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 369.148847][T10807] Bluetooth: hci3: adv larger than maximum supported [ 369.155960][T10807] Bluetooth: hci3: Unknown advertising packet type: 0x5f [ 369.163358][T10807] Bluetooth: hci3: Malformed LE Event: 0x0d [ 369.631388][T11109] ptp ptp0: guarantee physical clock free running [ 370.308854][T11126] ptp ptp0: guarantee physical clock free running [ 370.566564][T10807] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 370.577911][T10807] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 372.153678][T10807] Bluetooth: hci2: unexpected event for opcode 0x7c89 [ 372.300642][T10807] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 372.300677][T10807] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 372.316226][T10807] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 372.316256][T10807] Bluetooth: hci2: adv larger than maximum supported [ 372.323403][T10807] Bluetooth: hci2: Unknown advertising packet type: 0x5f [ 372.330544][T10807] Bluetooth: hci2: Malformed LE Event: 0x0d [ 372.416883][T11167] ptp ptp0: guarantee physical clock free running [ 372.882853][T11184] ptp ptp0: guarantee physical clock free running [ 373.170515][T10807] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 373.178087][T10807] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 375.297857][T10807] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 375.305523][T10807] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 375.739467][T11236] ptp ptp0: guarantee physical clock free running [ 375.971189][T10807] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 375.978820][T10807] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 377.390635][T11265] ptp ptp0: guarantee physical clock free running [ 377.960266][T11274] ptp ptp0: guarantee physical clock free running [ 378.080778][T11277] ptp ptp0: guarantee physical clock free running [ 378.166410][T11269] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 378.314007][T11281] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input21 [ 378.336125][T10807] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 378.343548][T10807] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 378.468880][T11272] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 378.565910][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.572239][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.883081][T10807] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 379.893029][T10807] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 380.852168][T11326] ptp ptp0: guarantee physical clock free running [ 381.236976][T11338] ptp ptp0: guarantee physical clock free running [ 385.271156][T10744] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 385.279931][T10744] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 385.905292][T11426] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input23 [ 386.797511][T10807] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 386.805442][T10807] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 388.123980][T10807] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 388.133028][T10807] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 388.292140][T10744] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 388.300009][T10744] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 389.024006][T11490] ptp ptp0: guarantee physical clock free running [ 389.596353][T11502] ptp ptp0: guarantee physical clock free running [ 393.839500][T11579] ptp ptp0: guarantee physical clock free running [ 393.848214][T10807] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 393.858765][T10807] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 398.246003][T10807] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 398.253480][T10807] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 398.576807][T11686] ptp ptp0: guarantee physical clock free running [ 398.946541][T10807] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 398.953994][T10807] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 400.710232][T11735] __vm_enough_memory: pid: 11735, comm: syz.2.1212, bytes: 4398046511104 not enough memory for the allocation [ 401.104891][T11742] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1214'. [ 401.688993][T11747] ptp ptp0: guarantee physical clock free running [ 403.093799][T10807] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 403.101859][T10807] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 404.152273][T11801] __vm_enough_memory: pid: 11801, comm: syz.0.1226, bytes: 4398046511104 not enough memory for the allocation [ 404.892563][T11808] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 406.655668][T11837] ptp ptp0: guarantee physical clock free running [ 406.723400][T10807] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 406.730988][T10807] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 407.835899][T10744] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 407.843299][T10744] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 408.180709][T11866] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1241'. [ 409.619672][T10807] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 409.627307][T10807] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 410.353390][T11915] ptp ptp0: guarantee physical clock free running [ 411.488768][T11943] ptp ptp0: guarantee physical clock free running [ 412.097265][T11957] ptp ptp0: guarantee physical clock free running [ 412.945129][T11970] Invalid ELF header magic: != ELF [ 415.574458][T12015] ptp ptp0: guarantee physical clock free running [ 417.493813][T12045] ptp ptp0: guarantee physical clock free running [ 417.632231][T10807] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 417.640180][T10807] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 417.841320][T12060] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 417.852578][T12060] CPU: 0 UID: 0 PID: 12060 Comm: syz.2.1282 Tainted: G L syzkaller #0 PREEMPT(full) [ 417.852623][T12060] Tainted: [L]=SOFTLOCKUP [ 417.852633][T12060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 417.852651][T12060] Call Trace: [ 417.852659][T12060] [ 417.852677][T12060] dump_stack_lvl+0x100/0x190 [ 417.852724][T12060] sysfs_warn_dup.cold+0x1c/0x28 [ 417.852764][T12060] sysfs_do_create_link_sd+0x113/0x140 [ 417.852797][T12060] sysfs_create_link+0x61/0xc0 [ 417.852826][T12060] device_add+0x675/0x1950 [ 417.852858][T12060] ? __pfx_device_add+0x10/0x10 [ 417.852885][T12060] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 417.852930][T12060] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 417.852970][T12060] wiphy_register+0x1e5b/0x2d30 [ 417.853004][T12060] ? __rtnl_unlock+0xb9/0xf0 [ 417.853037][T12060] ? netdev_run_todo+0x770/0x12c0 [ 417.853076][T12060] ? __pfx_wiphy_register+0x10/0x10 [ 417.853113][T12060] ? __asan_memset+0x23/0x50 [ 417.853147][T12060] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 417.853197][T12060] ieee80211_register_hw+0x2cfd/0x4140 [ 417.853246][T12060] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 417.853277][T12060] ? __pfx___debug_object_init+0x10/0x10 [ 417.853319][T12060] ? find_held_lock+0x2b/0x80 [ 417.853357][T12060] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 417.853395][T12060] ? __hrtimer_setup+0x178/0x280 [ 417.853430][T12060] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 417.853487][T12060] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 417.853532][T12060] hwsim_new_radio_nl+0xc1f/0x1340 [ 417.853569][T12060] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 417.853614][T12060] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 417.853648][T12060] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 417.853695][T12060] genl_family_rcv_msg_doit+0x214/0x300 [ 417.853732][T12060] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 417.853766][T12060] ? genl_get_cmd+0x3ef/0x720 [ 417.853806][T12060] ? bpf_lsm_capable+0x9/0x10 [ 417.853841][T12060] ? security_capable+0x80/0x260 [ 417.853876][T12060] ? ns_capable+0xd2/0xf0 [ 417.853916][T12060] genl_rcv_msg+0x560/0x800 [ 417.853952][T12060] ? __pfx_genl_rcv_msg+0x10/0x10 [ 417.853985][T12060] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 417.854031][T12060] netlink_rcv_skb+0x159/0x420 [ 417.854064][T12060] ? __pfx_genl_rcv_msg+0x10/0x10 [ 417.854101][T12060] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 417.854146][T12060] ? netlink_deliver_tap+0x1ae/0xcc0 [ 417.854179][T12060] genl_rcv+0x28/0x40 [ 417.854207][T12060] netlink_unicast+0x5aa/0x870 [ 417.854240][T12060] ? __pfx_netlink_unicast+0x10/0x10 [ 417.854268][T12060] ? __pfx___might_resched+0x10/0x10 [ 417.854301][T12060] ? __lock_acquire+0x4a5/0x2630 [ 417.854339][T12060] netlink_sendmsg+0x8b0/0xda0 [ 417.854374][T12060] ? __pfx_netlink_sendmsg+0x10/0x10 [ 417.854400][T12060] ? __import_iovec+0x1d2/0x640 [ 417.854428][T12060] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 417.854468][T12060] ____sys_sendmsg+0xa54/0xc30 [ 417.854505][T12060] ? __pfx_____sys_sendmsg+0x10/0x10 [ 417.854544][T12060] ? __pfx_futex_wake_mark+0x10/0x10 [ 417.854584][T12060] ___sys_sendmsg+0x190/0x1e0 [ 417.854620][T12060] ? __pfx____sys_sendmsg+0x10/0x10 [ 417.854701][T12060] __sys_sendmsg+0x170/0x220 [ 417.854728][T12060] ? __pfx___sys_sendmsg+0x10/0x10 [ 417.854754][T12060] ? __x64_sys_futex+0x34f/0x4d0 [ 417.854803][T12060] do_syscall_64+0x106/0xf80 [ 417.854830][T12060] ? clear_bhb_loop+0x40/0x90 [ 417.854861][T12060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.854887][T12060] RIP: 0033:0x7f19ae19bf79 [ 417.854908][T12060] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 417.854933][T12060] RSP: 002b:00007f19af106028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 417.854957][T12060] RAX: ffffffffffffffda RBX: 00007f19ae415fa0 RCX: 00007f19ae19bf79 [ 417.854974][T12060] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 417.854990][T12060] RBP: 00007f19ae2327e0 R08: 0000000000000000 R09: 0000000000000000 [ 417.855006][T12060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.855021][T12060] R13: 00007f19ae416038 R14: 00007f19ae415fa0 R15: 00007ffe1d892c18 [ 417.855056][T12060] [ 420.038493][T12100] ptp ptp0: guarantee physical clock free running [ 420.351122][T10807] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 420.360577][T10807] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 420.492899][T12112] ptp ptp0: guarantee physical clock free running [ 422.872227][T12154] ptp ptp0: guarantee physical clock free running [ 423.290016][T10807] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 423.297503][T10807] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 425.921234][T10744] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 425.928904][T10744] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 427.585877][T12239] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 427.745143][T12229] Invalid ELF header magic: != ELF [ 427.873100][T12239] vhci_hcd vhci_hcd.2: invalid port number 252 [ 427.881876][T12239] vhci_hcd vhci_hcd.2: default hub control req: 040f v0772 i00fc l2 [ 428.683006][T12258] Invalid ELF header magic: != ELF [ 429.457484][T12266] ptp ptp0: guarantee physical clock free running [ 430.673795][T12253] rtc_cmos 00:00: Alarms can be up to one day in the future [ 430.842600][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 430.851559][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 430.861836][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 430.883055][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 430.890584][ T24] rtc rtc0: __rtc_set_alarm: err=-22 [ 432.263089][T10807] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 432.270696][T10807] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 433.491043][T12321] ptp ptp0: guarantee physical clock free running [ 433.496345][T12324] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1339'. [ 433.507162][T12324] hsr_slave_0: left promiscuous mode [ 433.513418][T12324] hsr_slave_1: left promiscuous mode [ 433.589612][T12325] NFSD: Failed to start, no listeners configured. [ 433.740770][T12331] ptp ptp0: guarantee physical clock free running [ 433.877053][T12333] Invalid ELF header magic: != ELF [ 434.949055][T12351] ptp ptp0: guarantee physical clock free running [ 435.489458][T12363] ptp ptp0: guarantee physical clock free running [ 436.161265][T12373] ptp ptp0: guarantee physical clock free running [ 436.658067][T12382] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 436.786021][T12384] vhci_hcd vhci_hcd.2: invalid port number 252 [ 436.792469][T12384] vhci_hcd vhci_hcd.2: default hub control req: 040f v0772 i00fc l2 [ 437.737968][T12394] ptp ptp0: guarantee physical clock free running [ 438.687595][T12411] ptp ptp0: guarantee physical clock free running [ 439.090867][T12421] ptp ptp0: guarantee physical clock free running [ 440.007505][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.013871][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.159850][T12439] ptp ptp0: guarantee physical clock free running [ 440.246774][T12438] ptp ptp0: guarantee physical clock free running [ 440.356320][T12442] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 440.500819][T12448] vhci_hcd vhci_hcd.2: invalid port number 252 [ 440.523288][T12448] vhci_hcd vhci_hcd.2: default hub control req: 040f v0772 i00fc l2 [ 440.611111][T12451] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1370'. [ 440.622015][T12451] hsr_slave_0: left promiscuous mode [ 440.637941][T12451] hsr_slave_1: left promiscuous mode [ 440.776487][T12461] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1371'. [ 440.791627][T12456] NFSD: Failed to start, no listeners configured. [ 441.078400][T12465] ptp ptp0: guarantee physical clock free running [ 441.361168][T10807] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 441.368832][T10807] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 442.469391][T12494] ptp ptp0: guarantee physical clock free running [ 442.521287][T12496] ptp ptp0: guarantee physical clock free running [ 442.741426][T12500] ptp ptp0: guarantee physical clock free running [ 443.738862][T12526] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 443.761653][T12526] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 443.796605][T12526] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 443.803782][T12526] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 443.970102][T12526] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 443.977282][T12526] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 444.189723][T12526] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 444.241670][T12526] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 444.372104][T12538] ptp ptp0: guarantee physical clock free running [ 444.573854][T12544] ptp ptp0: guarantee physical clock free running [ 444.876979][T10744] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 445.764788][T10807] Bluetooth: hci0: command 0x0c1a tx timeout [ 445.844561][T10807] Bluetooth: hci1: command 0x0c1a tx timeout [ 446.004500][T10807] Bluetooth: hci2: command 0x0c1a tx timeout [ 446.234136][T10807] Bluetooth: hci3: command 0x0c1a tx timeout [ 446.249689][T12581] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 446.259908][T12581] ptp ptp0: guarantee physical clock free running [ 446.646477][T12588] ================================================================== [ 446.646493][T12588] BUG: KASAN: slab-out-of-bounds in do_con_write+0x3874/0x8550 [ 446.646519][T12588] Write of size 2 at addr ffff888022723a70 by task syz.3.1404/12588 [ 446.646532][T12588] [ 446.646542][T12588] CPU: 0 UID: 0 PID: 12588 Comm: syz.3.1404 Tainted: G L syzkaller #0 PREEMPT(full) [ 446.646563][T12588] Tainted: [L]=SOFTLOCKUP [ 446.646569][T12588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 446.646578][T12588] Call Trace: [ 446.646583][T12588] [ 446.646589][T12588] dump_stack_lvl+0x100/0x190 [ 446.646609][T12588] print_report+0x156/0x4c9 [ 446.646630][T12588] ? __virt_addr_valid+0x81/0x620 [ 446.646648][T12588] ? __phys_addr+0xe8/0x180 [ 446.646665][T12588] ? do_con_write+0x3874/0x8550 [ 446.646683][T12588] kasan_report+0xdf/0x1e0 [ 446.646705][T12588] ? do_con_write+0x3874/0x8550 [ 446.646724][T12588] do_con_write+0x3874/0x8550 [ 446.646747][T12588] ? __pfx_do_con_write+0x10/0x10 [ 446.646765][T12588] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 446.646783][T12588] ? mark_held_locks+0x40/0x70 [ 446.646801][T12588] con_write+0x23/0xb0 [ 446.646819][T12588] n_tty_write+0x44f/0x12d0 [ 446.646844][T12588] ? __pfx_n_tty_write+0x10/0x10 [ 446.646864][T12588] ? trace_kmalloc+0x101/0x130 [ 446.646884][T12588] ? __pfx_woken_wake_function+0x10/0x10 [ 446.646905][T12588] ? rcu_is_watching+0x12/0xc0 [ 446.646924][T12588] ? file_tty_write.isra.0+0x694/0x890 [ 446.646941][T12588] ? kfree+0x2ec/0x6b0 [ 446.646956][T12588] ? __pfx_n_tty_write+0x10/0x10 [ 446.646977][T12588] file_tty_write.isra.0+0x4d2/0x890 [ 446.646997][T12588] redirected_tty_write+0xd4/0x120 [ 446.647014][T12588] vfs_write+0x6ac/0x1070 [ 446.647033][T12588] ? __pfx_redirected_tty_write+0x10/0x10 [ 446.647052][T12588] ? __pfx_vfs_write+0x10/0x10 [ 446.647069][T12588] ? find_held_lock+0x2b/0x80 [ 446.647095][T12588] ksys_write+0x12a/0x250 [ 446.647114][T12588] ? __pfx_ksys_write+0x10/0x10 [ 446.647135][T12588] do_syscall_64+0x106/0xf80 [ 446.647149][T12588] ? clear_bhb_loop+0x40/0x90 [ 446.647165][T12588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.647180][T12588] RIP: 0033:0x7f68f099bf79 [ 446.647193][T12588] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 446.647209][T12588] RSP: 002b:00007f68f1859028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 446.647223][T12588] RAX: ffffffffffffffda RBX: 00007f68f0c16180 RCX: 00007f68f099bf79 [ 446.647233][T12588] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000006 [ 446.647242][T12588] RBP: 00007f68f0a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 446.647251][T12588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.647260][T12588] R13: 00007f68f0c16218 R14: 00007f68f0c16180 R15: 00007ffeec7775c8 [ 446.647275][T12588] [ 446.647280][T12588] [ 446.647284][T12588] Allocated by task 5815: [ 446.647295][T12588] kasan_save_stack+0x30/0x50 [ 446.647314][T12588] kasan_save_track+0x14/0x30 [ 446.647332][T12588] __kasan_kmalloc+0xaa/0xb0 [ 446.647349][T12588] __kmalloc_noprof+0x301/0x850 [ 446.647373][T12588] tomoyo_realpath_from_path+0xb6/0x690 [ 446.647390][T12588] tomoyo_path2_perm+0x366/0x700 [ 446.647411][T12588] tomoyo_path_rename+0xfc/0x1a0 [ 446.647428][T12588] security_path_rename+0x18e/0x3c0 [ 446.647446][T12588] filename_renameat2+0x731/0xa60 [ 446.647459][T12588] __x64_sys_rename+0x81/0xb0 [ 446.647472][T12588] do_syscall_64+0x106/0xf80 [ 446.647486][T12588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.647499][T12588] [ 446.647503][T12588] Freed by task 5815: [ 446.647509][T12588] kasan_save_stack+0x30/0x50 [ 446.647526][T12588] kasan_save_track+0x14/0x30 [ 446.647543][T12588] kasan_save_free_info+0x3b/0x70 [ 446.647557][T12588] __kasan_slab_free+0x5f/0x80 [ 446.647575][T12588] kfree+0x1f6/0x6b0 [ 446.647587][T12588] tomoyo_realpath_from_path+0x19c/0x690 [ 446.647603][T12588] tomoyo_path2_perm+0x366/0x700 [ 446.647623][T12588] tomoyo_path_rename+0xfc/0x1a0 [ 446.647639][T12588] security_path_rename+0x18e/0x3c0 [ 446.647653][T12588] filename_renameat2+0x731/0xa60 [ 446.647666][T12588] __x64_sys_rename+0x81/0xb0 [ 446.647678][T12588] do_syscall_64+0x106/0xf80 [ 446.647692][T12588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.647705][T12588] [ 446.647708][T12588] The buggy address belongs to the object at ffff888022722000 [ 446.647708][T12588] which belongs to the cache kmalloc-4k of size 4096 [ 446.647720][T12588] The buggy address is located 2672 bytes to the right of [ 446.647720][T12588] allocated 4096-byte region [ffff888022722000, ffff888022723000) [ 446.647735][T12588] [ 446.647739][T12588] The buggy address belongs to the physical page: [ 446.647749][T12588] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x22720 [ 446.647762][T12588] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 446.647775][T12588] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 446.647789][T12588] page_type: f5(slab) [ 446.647802][T12588] raw: 00fff00000000040 ffff88813fe37140 dead000000000100 dead000000000122 [ 446.647819][T12588] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 446.647833][T12588] head: 00fff00000000040 ffff88813fe37140 dead000000000100 dead000000000122 [ 446.647846][T12588] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 446.647859][T12588] head: 00fff00000000003 ffffea000089c801 00000000ffffffff 00000000ffffffff [ 446.647872][T12588] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 446.647880][T12588] page dumped because: kasan: bad access detected [ 446.647894][T12588] page_owner tracks the page as allocated [ 446.647898][T12588] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5193, tgid 5193 (udevadm), ts 27779442158, free_ts 27772553095 [ 446.647924][T12588] post_alloc_hook+0x153/0x170 [ 446.647941][T12588] get_page_from_freelist+0x111d/0x3140 [ 446.647958][T12588] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 446.647975][T12588] new_slab+0xa6/0x6e0 [ 446.647988][T12588] refill_objects+0x26b/0x400 [ 446.648003][T12588] __pcs_replace_empty_main+0x19f/0x600 [ 446.648019][T12588] __kmalloc_cache_noprof+0x493/0x6f0 [ 446.648033][T12588] kobject_uevent_env+0x263/0x18b0 [ 446.648052][T12588] kobject_synth_uevent+0x6f0/0x7d0 [ 446.648070][T12588] uevent_store+0x46/0x90 [ 446.648084][T12588] drv_attr_store+0x74/0xb0 [ 446.648097][T12588] sysfs_kf_write+0xf2/0x150 [ 446.648116][T12588] kernfs_fop_write_iter+0x3e0/0x5f0 [ 446.648133][T12588] vfs_write+0x6ac/0x1070 [ 446.648151][T12588] ksys_write+0x12a/0x250 [ 446.648169][T12588] do_syscall_64+0x106/0xf80 [ 446.648182][T12588] page last free pid 5193 tgid 5193 stack trace: [ 446.648190][T12588] __free_frozen_pages+0x7ca/0x10a0 [ 446.648203][T12588] qlist_free_all+0x47/0xe0 [ 446.648219][T12588] kasan_quarantine_reduce+0x1a0/0x1f0 [ 446.648236][T12588] __kasan_slab_alloc+0x69/0x90 [ 446.648254][T12588] kmem_cache_alloc_noprof+0x241/0x6e0 [ 446.648270][T12588] seq_open+0x55/0x170 [ 446.648284][T12588] kernfs_fop_open+0x590/0xd50 [ 446.648301][T12588] do_dentry_open+0x6d8/0x1660 [ 446.648319][T12588] vfs_open+0x82/0x3f0 [ 446.648331][T12588] path_openat+0x208c/0x31a0 [ 446.648350][T12588] do_file_open+0x20e/0x430 [ 446.648374][T12588] do_sys_openat2+0x10d/0x1e0 [ 446.648388][T12588] __x64_sys_openat+0x12d/0x210 [ 446.648403][T12588] do_syscall_64+0x106/0xf80 [ 446.648417][T12588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.648432][T12588] [ 446.648436][T12588] Memory state around the buggy address: [ 446.648443][T12588] ffff888022723900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 446.648453][T12588] ffff888022723980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 446.648464][T12588] >ffff888022723a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 446.648471][T12588] ^ [ 446.648480][T12588] ffff888022723a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 446.648490][T12588] ffff888022723b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 446.648498][T12588] ================================================================== [ 446.648512][T12588] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 446.648524][T12588] CPU: 0 UID: 0 PID: 12588 Comm: syz.3.1404 Tainted: G L syzkaller #0 PREEMPT(full) [ 446.648545][T12588] Tainted: [L]=SOFTLOCKUP [ 446.648551][T12588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 446.648559][T12588] Call Trace: [ 446.648565][T12588] [ 446.648571][T12588] dump_stack_lvl+0x100/0x190 [ 446.648591][T12588] vpanic+0x552/0x970 [ 446.648605][T12588] ? __pfx_vpanic+0x10/0x10 [ 446.648620][T12588] ? __pfx_vprintk_emit+0x10/0x10 [ 446.648643][T12588] ? do_con_write+0x3874/0x8550 [ 446.648662][T12588] panic+0xd1/0xe0 [ 446.648674][T12588] ? __pfx_panic+0x10/0x10 [ 446.648690][T12588] ? do_con_write+0x3874/0x8550 [ 446.648709][T12588] check_panic_on_warn.cold+0x19/0x34 [ 446.648724][T12588] end_report.part.0+0x3a/0x90 [ 446.648744][T12588] kasan_report.cold+0xe/0x18 [ 446.648764][T12588] ? do_con_write+0x3874/0x8550 [ 446.648784][T12588] do_con_write+0x3874/0x8550 [ 446.648807][T12588] ? __pfx_do_con_write+0x10/0x10 [ 446.648825][T12588] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 446.648844][T12588] ? mark_held_locks+0x40/0x70 [ 446.648862][T12588] con_write+0x23/0xb0 [ 446.648879][T12588] n_tty_write+0x44f/0x12d0 [ 446.648905][T12588] ? __pfx_n_tty_write+0x10/0x10 [ 446.648925][T12588] ? trace_kmalloc+0x101/0x130 [ 446.648946][T12588] ? __pfx_woken_wake_function+0x10/0x10 [ 446.648967][T12588] ? rcu_is_watching+0x12/0xc0 [ 446.648986][T12588] ? file_tty_write.isra.0+0x694/0x890 [ 446.649004][T12588] ? kfree+0x2ec/0x6b0 [ 446.649018][T12588] ? __pfx_n_tty_write+0x10/0x10 [ 446.649040][T12588] file_tty_write.isra.0+0x4d2/0x890 [ 446.649060][T12588] redirected_tty_write+0xd4/0x120 [ 446.649078][T12588] vfs_write+0x6ac/0x1070 [ 446.649097][T12588] ? __pfx_redirected_tty_write+0x10/0x10 [ 446.649116][T12588] ? __pfx_vfs_write+0x10/0x10 [ 446.649134][T12588] ? find_held_lock+0x2b/0x80 [ 446.649160][T12588] ksys_write+0x12a/0x250 [ 446.649179][T12588] ? __pfx_ksys_write+0x10/0x10 [ 446.649200][T12588] do_syscall_64+0x106/0xf80 [ 446.649215][T12588] ? clear_bhb_loop+0x40/0x90 [ 446.649231][T12588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.649246][T12588] RIP: 0033:0x7f68f099bf79 [ 446.649258][T12588] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 446.649273][T12588] RSP: 002b:00007f68f1859028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 446.649287][T12588] RAX: ffffffffffffffda RBX: 00007f68f0c16180 RCX: 00007f68f099bf79 [ 446.649298][T12588] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000006 [ 446.649307][T12588] RBP: 00007f68f0a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 446.649316][T12588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.649325][T12588] R13: 00007f68f0c16218 R14: 00007f68f0c16180 R15: 00007ffeec7775c8 [ 446.649340][T12588] [ 446.649708][T12588] Kernel Offset: disabled