last executing test programs: 6.655622968s ago: executing program 1 (id=614): r0 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy1/hw_conf\x00', 0xa82, 0x0) write$auto_debugfs_full_proxy_file_operations_internal(r0, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x2, 0x0) sendto$auto(0x3, 0x0, 0xfdef, 0x7, 0x0, 0x20) 6.482090515s ago: executing program 1 (id=617): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) ioctl$auto_BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000100)=0x1) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) timer_create$auto(0x803, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) epoll_create$auto(0x3e) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x0, 0xb, 0x0, 0x17) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) memfd_secret$auto(0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop11\x00', 0x40, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) fcntl$auto_F_SETLKW(r0, 0x7, 0xfffffffffffffe00) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyz7\x00', 0x48f41, 0x0) ioctl$auto(0x3, 0x402c542d, r1) write$auto(0x3, 0x0, 0xfffffdef) syz_clone3(&(0x7f0000000180)={0xa7102000, 0x0, 0x0, 0x0, {0x15}, 0x0, 0x0, 0x0, &(0x7f0000000100)}, 0x58) 6.254052786s ago: executing program 3 (id=618): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/oom_score\x00', 0x0, 0x0) (async) r0 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/oom_score\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020029, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000) setresuid$auto(0xffffffffffffffff, 0xee01, 0x8080) setfsuid$auto(0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/0000:00:00.0/enable\x00', 0x187042, 0x0) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/0000:00:00.0/enable\x00', 0x187042, 0x0) write$auto(r1, 0x0, 0x9) (async) write$auto(r1, 0x0, 0x9) semctl$auto_IPC_INFO(0x3, 0x3, 0x3, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/security/tomoyo/manager\x00', 0x82001, 0x0) (async) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/security/tomoyo/manager\x00', 0x82001, 0x0) socket(0x10, 0x5, 0x0) (async) r2 = socket(0x10, 0x5, 0x0) listen$auto(r2, 0x4) (async) listen$auto(r2, 0x4) poll$auto(&(0x7f0000000000)={r2, 0x1963, 0x81}, 0x5, 0x10001) ioctl$auto_PROCMAP_QUERY(r3, 0xc0686611, &(0x7f0000000040)={0x761f, 0x4, 0x8000000000000000, 0x7, 0xb5b, 0x270b, 0x1, 0x100000000, 0x5, 0x0, 0x7, 0x200, 0x40, 0x3, 0x5}) r4 = socket(0x25, 0x1, 0x2) setsockopt$auto(r4, 0x119, 0x80, 0xfffffffffffffffd, 0x10004) (async) setsockopt$auto(r4, 0x119, 0x80, 0xfffffffffffffffd, 0x10004) setsockopt$auto(r3, 0x113, 0x3, 0x0, 0x79ad226b) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/bus/netdevsim/new_device\x00', 0x149b01, 0x0) write$auto(r0, &(0x7f0000000000)='/sys/bus/netdevsim/new_device\x00', 0x792fe55c) writev$auto(r5, &(0x7f0000000200)={0x0, 0x9}, 0x7) (async) writev$auto(r5, &(0x7f0000000200)={0x0, 0x9}, 0x7) socket(0x23, 0x80805, 0x0) (async) socket(0x23, 0x80805, 0x0) fanotify_init$auto(0x5, 0x2000000000002) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4) 5.146203367s ago: executing program 3 (id=623): mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/vm/nr_hugepages_mempolicy\x00', 0x141241, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy1/net/wpan1/queues/tx-0/byte_queue_limits/stall_cnt\x00', 0x0, 0x0) sendmmsg$auto(r0, &(0x7f0000000300)={{&(0x7f00000000c0)="fb7c9e736ea4956b9e9dd2c4b2a28f858340cd6acc6ef3ec88b95322f5f9cd582a0fe063598bd7ef8d33b344112234abf8f38afe5eff5059a56cd1ffb09415607942589318fd", 0x5, &(0x7f0000000140)={&(0x7f0000000240)="9172d44d9c63445fc0f578f9881481531daf4590f6af8b29691fcac88d2720f273160b357b14a0d6e8d63b3db6dea0ec8e5a0abf653128bc7e62c85d3119074301e54ef719a2d0", 0x2}, 0x5, &(0x7f00000002c0), 0xfff, 0xe}, 0x5}, 0xe, 0x0) read$auto(r0, 0x0, 0x20) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/sleep_millisecs\x00', 0x181482, 0x0) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r2 = socket(0x2, 0x80802, 0x0) setsockopt$auto(r2, 0x11, 0x67, 0x0, 0x8) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/irq/13/effective_affinity\x00', 0x100, 0x0) read$auto(r3, &(0x7f0000000000)='/proc/scsi/sg/devices\x00', 0xc9e3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto_BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f00000002c0)={0x20000000000000, 0x8}) prctl$auto(0x1000000003b, 0x0, 0x4, 0x5, 0x7) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x88000, 0x0) io_cancel$auto(0x3, 0x0, 0x0) bpf$auto_BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)=@token_create={0x3, r0}, 0x3) 5.139170127s ago: executing program 1 (id=624): mmap$auto(0x100000000, 0x2000d, 0x1, 0xeb1, 0xffffffffffffffff, 0x100000000) sysfs$auto(0x2, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) semget$auto(0x0, 0x13c, 0x1ff) recvmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5, 0x0, 0x9, 0x0, 0x800000000005, 0x7ffffffd}, 0x8}, 0x3, 0x1, 0x0) semtimedop$auto(0x0, &(0x7f0000000140)={0x7, 0x81, 0x70}, 0x1f4, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0) socket(0xec76ec07a7dca0b6, 0xa, 0x9) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x2c402, 0x0) r2 = ioctl$auto_TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000180)=0x10) write$auto_dev_fops_plock(r2, &(0x7f0000000200)="ea579eafbef6a78ace20c66c3ed28a307811ba5a77e0d6f20eee070874ce267321ef2da8ccef77a2a57912658cfac38b23199ba898ef2c29ea039494e108e23fc3d3de801c6cdb8c585be1ec026d327ad05a0c7812805bb6d050f902f2e77e549ec276c282a2bb8c2847f2e7105018d493a4a1dc", 0x74) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttyu4\x00', 0x0, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x16, 0x21, 0x6, 0xfffffffffffffffe, 0x5) sendfile$auto(r3, r1, 0x0, 0x1fff5) close_range$auto(0x2, 0x8, 0x0) semctl$auto_GETNCNT(0x0, 0x4, 0xe, 0x4) rseq$auto(&(0x7f0000000100)={0x0, 0x4, 0x7, 0x50, 0x4, 0xffff, "e0de5d16006945729ce1b390"}, 0x32, 0x6, 0xd6) io_uring_setup$auto(0x4bf15e08, 0x0) bpf$auto(0x12, &(0x7f0000000040)=@enable_stats={0x1}, 0x26) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) unshare$auto(0x40000080) 5.029208202s ago: executing program 3 (id=625): move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) (async) socket(0xb, 0xa, 0x4) (async) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) (async) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000100)=@query={@target_ifindex, 0x2, 0xff, 0x9f9f, 0x5, @count=0x1, 0x0, 0x200, 0x7dc0, 0x8, 0x8}, 0xa3) (async) bpf$auto(0x1, 0x0, 0x4) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x4, 0x0, 0x4) (async) r2 = ioctl$auto_TUNSETVNETBE2(r1, 0x400454de, &(0x7f00000001c0)=0x59) read$auto_fb_fops_fb_chrdev(r2, &(0x7f0000000200)=""/119, 0x77) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r3, &(0x7f0000000080)={0x0, 0x1000}, 0x3) (async) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0x11, 0x80003, 0x300) socket(0x28, 0x1, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) ioctl$auto(0xffffffffffffffff, 0x64c5, 0xffffffffffffffff) sysfs$auto(0x2, 0x4d, 0x0) (async) setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0x9) (async) close_range$auto(0x2, 0x8, 0x0) gettid() (async) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@buf=0x0, 0x8ab0, 0x6c0000c000, 0xc000}, 0x4) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xe, 0x2, 0x6, 0x5, 0x208, 0xffffffffffffffff, [], {0xd74c, 0x6, 0x2, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0xff, 0x1, 0x10001, 0x7, 0x1, 0x40, 0x76c5, 0x400005, 0x100000005}}) (async) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, 0x0, 0x0) 4.170199429s ago: executing program 1 (id=627): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x5b) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x9, 0x40abe, r0, 0x4007) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0xa, 0xdf, 0x15, r0, 0x8400) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) bpf$auto(0x9, &(0x7f00000000c0)=@batch={0xffffffffffff3c77, 0x37, 0x2, 0x5, 0x9, 0x1, 0x6, 0x5852}, 0x18) msgctl$auto_IPC_RMID(0x4, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x40049409, 0x0) r4 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r4, 0x0, 0xfffffdf1) linkat$auto(r4, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) sysfs$auto(0x2, 0x23, 0x0) r5 = open(0x0, 0x22040, 0x75) r6 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000000)={0x0, 0xffffffffffffffa5, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x200400f0}, 0x20000800) sendmsg$auto_OVS_FLOW_CMD_SET(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1800000073dc98283b0aa95bdd7fca457f42895082971d17eaf8e87e88155b7896412064a383ecd35c3b9ce5bcd9378b62bef8e1870522d161040ebda8343992655120", @ANYRES16=r6, @ANYBLOB="20002dbd7000fddbdf250400000004000600"], 0x18}, 0x1, 0x0, 0x0, 0x4008005}, 0x4000000) utimes$auto(0x0, 0x0) mprotect$auto(0x0, 0x8000000000000001, 0x8) read$auto(r2, 0x0, 0xb4d3) 3.914590415s ago: executing program 3 (id=628): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r0 = openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0) r1 = openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy3/hwsim/ps\x00', 0x4080, 0x0) read$auto_hwsim_fops_ps_(r1, &(0x7f0000000040)=""/3, 0x3) read$auto(r0, 0x0, 0x1f42) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, 0x0, 0x20202, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) munmap$auto(0x200000008000, 0xffffffff) 3.275327614s ago: executing program 1 (id=630): r0 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) mmap$auto(0x6, 0x2020009, 0x4000000003, 0x800000800000eb2, r0, 0x2) madvise$auto(0x8, 0xffffffeffffefffe, 0xfffffff9) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = prctl$auto(0x5, 0x80000000, 0x0, 0x78, 0x8) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r1, &(0x7f0000000180)={0x0, 0xfffffffffffffffa}, 0x6, 0x6, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) syz_clone(0x21000000, 0x0, 0x0, 0x0, 0x0, 0x0) shmdt$auto(&(0x7f0000000000)='(\x00') mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x201, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0) socket(0x10, 0x3, 0xa) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x149942, 0x0) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/enable\x00', 0x400, 0x0) ioctl$auto_TIOCVHANGUP2(r3, 0x5437, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x2440, 0x0) read$auto(r4, 0x0, 0x20) select$auto(0x9, 0x0, 0x0, &(0x7f0000000040)={[0xfffffffffffffffd, 0x0, 0xa, 0x40007fff, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x20000000000003, 0x8000400, 0x7, 0x7, 0x2, 0x93, 0x400000001, 0x2]}, 0x0) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) sendmsg$auto_NFC_CMD_GET_TARGET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=ANY=[@ANYBLOB='l\x00@\x00', @ANYRES16=0x0, @ANYBLOB="440029bd7000fbdbdf250800000006001100418700004d001380b5746dc267a6e62618bf1cd8e430fa8f3d19ec8d9638b9bdfda9f3cf3fcdaeb8f260fa6629b6d1a01eb7185facfc06eafbbcaad4ca549a950e4ee6267b3cfdeb475b350a5b930988fe000000"], 0x6c}, 0x1, 0x0, 0x0, 0x80}, 0x0) ppoll$auto(0x0, 0x4007f, 0x0, &(0x7f00000001c0)={0x6}, 0x8) 3.166371855s ago: executing program 2 (id=632): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000001380), 0x0, 0x0) (async) io_uring_setup$auto(0xdd4, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0) (async) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async, rerun: 32) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x942, 0x0) (rerun: 32) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000700), r2) (async) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) (async) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) (async) r4 = socket(0xa, 0x1, 0x84) setsockopt$auto(r4, 0x0, 0x40, 0x0, 0x6f7250c4) (async, rerun: 64) r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) (async, rerun: 64) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x14, r5, 0x1, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x800) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x20000, 0x0) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r2, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000780)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010027bd7000fddbdf255c7c000008000300", @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x4080}, 0x20000000) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)={0x60, r3, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_EPCS={0x4}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x4}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x3}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x81}, @NL80211_ATTR_PMKR0_NAME={0x2f, 0x102, "fa8187b15d038e27ebbdee9403b42d163f0cf5825404a83da74b14a4b6c40b8ccb4e75f09e092da80167e3"}]}, 0x60}, 0x1, 0x0, 0x0, 0x50040010}, 0x801) r7 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x34, r7, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@IOAM6_ATTR_NS_ID={0x6, 0x1, 0x2}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0xfff}, @IOAM6_ATTR_NS_ID={0x6}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0xc0}]}, 0x34}, 0x1, 0x0, 0x0, 0x4c68aba9bfb7025e}, 0x8001) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x800000bc3, 0x800, 0x3, 0x3, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x6, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) read$auto(0x3, 0x0, 0x80) 2.730459945s ago: executing program 0 (id=633): mmap$auto(0x0, 0x5e, 0x1000000003, 0xfffffffffffff291, 0xfffffffffffffffa, 0x8000) set_mempolicy$auto(0x3, &(0x7f0000000040)=0x7, 0x3) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x1f1d02, 0x0) set_mempolicy$auto(0x4, &(0x7f0000000000), 0x100) mbind$auto(0x2000, 0x800000100000004, 0x100000000, 0x0, 0x1003, 0x2) 2.391189097s ago: executing program 0 (id=634): close_range$auto(0x2, 0x8000, 0x0) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000100)={'\x00', 0xffff, 0x6, 0x2, 0x9b4, 0x2, "7cbc697000", "05db3d47", "01030100", "2ff43123", ["f5404de9641f8bf1bad22a9f", "a1679d340ad98fad2453f86d", "b06f8ca10c66eebcbd6f17c8", "5fe10eedab2c4b353c392a92"]}) io_uring_register$auto(0x2, 0x2, &(0x7f0000000040), 0x86) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) ioctl$auto_VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000000)={0x8}) io_uring_register$auto(0x2, 0x6, 0x0, 0x1) 2.170785037s ago: executing program 0 (id=635): sendmsg$auto_GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x4040) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0xfffffffe, &(0x7f0000000100)={&(0x7f0000000080), 0x180}, 0x2, &(0x7f0000000340), 0x7, 0xa505}, 0x800}, 0x7, 0x6) 2.122520444s ago: executing program 2 (id=636): socket(0xa, 0x2, 0x0) stat$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x100, 0xad2c, 0xfffffffffffffffa, 0x2a, 0xee01, 0xee01, 0x0, 0x200, 0x9, 0x3, 0x100, 0x80000001, 0xe, 0x6, 0xfffffffffffffff9, 0xfff, 0x40}) r1 = getegid() setregid$auto(r1, r1) keyctl$auto(0x15f0, r0, 0x0, r1, 0xb) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) 2.11990343s ago: executing program 3 (id=637): r0 = socket(0x2, 0x3, 0xa) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bond0\x00'}) connect$auto(r0, &(0x7f0000000080)=@isdn={0x22, 0x7, 0x2, 0x81, 0x81}, 0x56) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/orangefs/dcache_timeout_msecs\x00', 0x8ea182, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000000)="42bf", 0x2) mmap$auto(0x0, 0x2020009, 0x40000003, 0xeb1, r1, 0x8000) timer_create$auto(0xfffffffc, 0x0, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0xf, 0x3, 0x8) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x10, 0xeb1, 0xfffffffffffffffa, 0x8000) rt_sigtimedwait$auto(0x0, 0x0, 0x0, 0x8) gettid() kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@buf=0x0, 0x8ab0, 0x6c0000c000, 0xc000}, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x85) madvise$auto(0x9, 0x2003f4, 0x4) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x7, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000001b40)='/dev/cuse\x00', 0x8640, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) preadv$auto(0x3, 0x0, 0x3, 0x2, 0x13) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x582, 0x0) 1.941141609s ago: executing program 0 (id=638): unshare$auto(0x40000080) r0 = socket(0xa, 0x5, 0x0) mmap$auto(0x4, 0xa020009, 0x3, 0xeb1, r0, 0x7ffe) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/mount_params\x00', 0x802, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000640)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\xff\x7f\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc:\xfa\x01\xd1\xa3\xb5\xc2B\xa5\xac:woR^a\xb9}\xe7\xbd\xe1\xf77.\xa3\xd8\xc2T\x95\x13\x91\xb6p\xf3\xb2w\xe6\xd7\x94DW\x97\x90a\xe6c\xfb\x88x\xd5L\xa9\xe4\x82\x04\xb1\x8b\r\xcaP\\\x1aVP\xc9\xa4`\xfd\v\x94\f\xc1\x0fQ\xc9\xdcL\x03\x9c\xbfk\xa6\xb1\xb0\xa1\xeeJ\xd8\xef\xc8t\x9d\x1e=J\x91W\xc6AuJ\xb9Q\xed\xd1\a\x05\x9d\x85\xb7b#r\xcd\xaf\xb7\x9f\xf7\xd2\xae\x0f\x98\xa9&\xb6~\xd4\xbd\xbbr\xb9\xc3\xacH!\xc1\x90K2\x05K@\xee\xac\xe8\xc7\t\xab\xbf\xa3\xedb\xd7\xb5\xd7\x83&\x95\xb2?\x0e\x85\xaaIGu\xd6$\xeb\xb6\xdd\a\x121\a\xac\x1bx#\x87\xa9\x10\x9b\xf8YD\x04ZL\xca\x99]\x8f[\x90[\xa8\xbf\x98\xa6\xe50(zC\xe84*w\x13\x96\xd5\xd0\x877\x12\xbc\xa1\xd0h@|\xf9\xfa\x9b\x17\x94\xb9\xe7\xf3\x15\x05\x91\xe8\x98p\x7f:\xd7s\xd9wo\x82\xda\xec\x91\xb7\xd9;H\x8a\b\x00\x00\x00\x00\x00\x00\x00\x8aZ\x94\x14$X7\xaeW6=^I\x9fQ\r5c\x81\xca]\x97m\x89o\x8f\xd8}P>I\xd0\xb3\x88C\xd7', 0x100000a3d9) close_range$auto(0x2, r2, 0x401) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r3 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x80000, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x25, 0x800007, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x1, 0x0) r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) ioctl$auto(r5, 0x802c550a, 0x1) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r4, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0xe0db2389416c468a}, 0xc040810) close_range$auto(0x2, 0x8, 0x0) poll$auto(&(0x7f0000000180)={r3, 0xfff7, 0x9816}, 0x7f, 0x9) ioctl$auto_VHOST_SET_OWNER(r6, 0xaf01, 0x0) r7 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, r1, 0x300000000000) ioctl$auto_UBI_IOCDET(r7, 0x40046f41, 0x0) migrate_pages$auto(0x0, 0xa, &(0x7f00000000c0)=0x52a6, &(0x7f0000000140)=0x2) ioctl$auto_VHOST_SET_LOG_FD2(r3, 0x4004af07, &(0x7f00000003c0)) userfaultfd$auto(0x6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) prctl$auto_PR_GET_CHILD_SUBREAPER(0x25, 0x8, 0xfffffffffffffffa, 0x9, 0xfffffffffffffbff) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.5/usb6/idVendor\x00', 0x80000, 0x0) splice$auto(r8, &(0x7f0000000040)=0x7, r7, &(0x7f0000000080)=0x4, 0x26c4, 0x895) 1.940034103s ago: executing program 2 (id=639): mmap$auto(0x5, 0x20009, 0x4000000000df, 0xeb5, 0x401, 0x7ffe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x2c201, 0x0) (async) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/orangefs/dcache_timeout_msecs\x00', 0x8ea182, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)="42bf", 0x2) (async) r1 = openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000b80)='/sys/kernel/debug/dri/vkms/Writeback-1/force\x00', 0x202, 0x0) readv$auto(r1, &(0x7f00000000c0)={&(0x7f0000000000)="7fdf050d89c0575355055578d7ef6ca46bbfa0cd1e1fd71ce052ebde96b8b46168ec83bdcbf584deaef0445cc7830cca8d5793c1219981f7f6c25ecbad916851c9aa52c3d2306d79a36405dc4edaafc3b8ea464d8d6889cc2cf75f2f4d0f6b50878dc0e7a8676c3ce52d1413ecdfdc70b6536cce328d83a7bdbd0b404a75862871fb40c41082221d75c5165f66d4550969f4650cd8b4a433ec606c8111bae04ef2619a0ef3138cda7b1289c38f", 0x6}, 0x2) (async) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) fchdir$auto(0xffffffffffffffff) mmap$auto(0x0, 0x400005, 0x100000df, 0x9b72, 0x2, 0x8000) (async) mremap$auto(0x0, 0x7, 0x4, 0x6, 0x100000000) (async) syz_clone(0x20011, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x200007, 0x19) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x10000, 0x7, 0xdf, 0x9b72, 0x2, 0x8000) (async) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x200000001000000, 0xfffff7fffffffff7, 0x3ee) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) bpf$auto(0x6, 0xffffffffffffffff, 0x0) (async) mmap$auto(0x0, 0x400008, 0xe4, 0x9b72, r2, 0x400) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x9000, 0x8002, 0x2) mprotect$auto(0x0, 0x806121, 0x6) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20443, 0x0) r3 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r3, 0x0) (async) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0x100, 0x0) (async) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2100, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8c00, 0x0) 1.55410065s ago: executing program 2 (id=640): mmap$auto(0xffffffffffffffff, 0x28007, 0x4000000000db, 0x12, 0xffffffffffffffff, 0x404) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800) io_uring_setup$auto(0x8, &(0x7f0000000240)={0x0, 0x3, 0x9, 0x10001, 0xc, 0xc05, 0xffffffffffffffff, [0x7fd, 0x1001, 0x8], {0x9, 0x1, 0x6, 0x0, 0x420, 0x1001, 0x3fdc, 0x3, 0x5}, {0x2, 0xfff, 0x54ed, 0x0, 0x501, 0xff, 0x7, 0xa, 0x3}}) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) socket(0x18, 0x3, 0x2) r1 = socket(0x2a, 0x2, 0x6) connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) socket(0x2, 0x2, 0x0) io_uring_setup$auto(0x5b, &(0x7f0000000080)={0x7fffffff, 0xe, 0x2, 0x6, 0x5, 0x8, 0xffffffffffffffff, [], {0xd74c, 0x10000, 0x1, 0x29f, 0x100, 0xfff, 0x101, 0x6, 0x2}, {0x200fb, 0x1, 0x10001, 0x7, 0x1, 0x40, 0x176c5, 0x400005, 0x100000005}}) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x5, 0x2, 0x4000000000000d]}, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5) mmap$auto(0x0, 0x20007, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x6fc, 0x40009, 0x10df, 0x9b72, 0x7, 0xfffffffffffffffc) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x25, 0x1, 0x3) eventfd$auto(0x3) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) socket(0x2, 0x1, 0x106) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd8/mq/0/nr_reserved_tags\x00', 0x4000c0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x7c3142, 0x0) socketpair$auto(0x1a, 0x1, 0x8000000000000000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) 1.188148017s ago: executing program 2 (id=641): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) mmap$auto(0x1, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) epoll_create$auto(0xfc) close_range$auto(0x2, 0x8, 0x0) r1 = io_uring_setup$auto(0xa, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x28c01, 0x0) close_range$auto(0x2, r1, 0x2f) socket(0x2, 0x80002, 0x73) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/system/node/node0/hugepages/hugepages-1048576kB/nr_hugepages\x00', 0xe8202, 0x0) write$auto(r2, &(0x7f0000000080)='9\x00;T\x16\b\x06\x00\x00\x00', 0x10) openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x28740, 0x0) openat$auto_sc_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x88080, 0x0) memfd_create$auto(0x0, 0xe) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r2, 0x8000) ioctl$auto_BLKRRPART(0xffffffffffffffff, 0x125f, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x0, 0x17, 0xfffffffffffffffa, 0x7ffd) close_range$auto(0x0, 0xffffffffffffffff, 0x2) syslog$auto(0x9, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x15\xa6\xf4#+\xfa\xd7\x01\xb9j<\xff\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x7) ioctl$auto_IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/fail-nth\x00', 0x22a02, 0x0) write$auto(r3, &(0x7f0000000180)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7\xe6\x04\x8c\x83k', 0xb) fsmount$auto(r3, 0x5, 0xe) mremap$auto(0x8000000f9be00000, 0x4, 0x3, 0x3, 0x2) close_range$auto(0x0, 0xfffffffffffff001, 0x2) syz_open_procfs$namespace(0x0, 0x0) pwrite64$auto(0xc8, 0x0, 0xffffffffb8406ad3, 0x3) 920.814379ms ago: executing program 2 (id=642): seccomp$auto(0x3, 0x0, &(0x7f0000000500)) (async) mmap$auto(0x20000, 0x40008, 0xdf, 0x9b76, 0x7, 0x9) madvise$auto(0x9, 0x0, 0x5) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0x80047) (async) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) bind$auto(0x3, 0x0, 0x6a) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) (async) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) (async) mmap$auto(0x6, 0x800000002020009, 0x6, 0xeb6, r0, 0x8400) (async) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) (async) llistxattr$auto(&(0x7f0000000040)='}[,&*}\x00', 0x0, 0x7) (async) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async) mount$auto(0x0, &(0x7f0000000180)='}[,&*}\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) (async) getcwd$auto(0x0, 0xffffffffffffffff) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x104) (async) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket(0x2, 0x80002, 0x73) (async) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async) open(0x0, 0x22040, 0x75) (async) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) 441.989901ms ago: executing program 0 (id=643): socket(0xa, 0x3, 0x3a) (async) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r0, 0x8000) (async) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = socket(0x2, 0x1, 0x0) setsockopt$auto(r2, 0x6, 0xe, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/veth0_virt_wifi/base_reachable_time\x00', 0x9) (async) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x6) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0xffffffff, 0x5, 0xe) eventfd$auto(0x3) (async) r3 = eventfd$auto(0x0) r4 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r4, @new_map_fd=r1, 0x4, @old_prog_fd=r3}, 0xa3) (async) mlockall$auto(0x7) (async) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) 436.063263ms ago: executing program 3 (id=644): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async) unshare$auto(0x40000080) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) (async) madvise$auto(0x0, 0x20499d, 0x9) r0 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r0, 0x29, 0x40, 0x0, 0x110) (async) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket(0x29, 0x2, 0x0) (async) r1 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0) write$auto(r1, 0x0, 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) (async) r2 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, 0x0, 0x42000, 0x0) read$auto_proc_pid_smaps_operations_internal(r2, &(0x7f00000002c0)=""/190, 0xfffffe39) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001880), r3) sendmsg$auto_NET_SHAPER_CMD_GET2(r3, &(0x7f0000001a80)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f00000019c0)={0x14, r4, 0x301, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x8000) (async, rerun: 32) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32) getpeername$auto(r0, &(0x7f0000000000)=@l2tp={0x2, 0x0, @local, 0x1}, &(0x7f0000000080)=0x3) (async, rerun: 64) r5 = socket(0x2, 0x1, 0x0) (rerun: 64) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) (async) sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) (async, rerun: 32) r6 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) splice$auto(r6, 0x0, r6, 0xfffffffffffffffe, 0x5, 0x1) (async, rerun: 32) setsockopt$auto(0x3, 0x1, 0x9, 0x0, 0x46) (async, rerun: 32) write$auto(0x3, 0x0, 0x8) (async) read$auto(0x3, 0x0, 0x7fffffff) 110.292459ms ago: executing program 0 (id=645): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x5, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x805, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@tipc=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x20) 0s ago: executing program 1 (id=646): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) timer_gettime$auto(0x0, &(0x7f0000001f80)={{0x9, 0x100000001}, {0x9f9a, 0x401}}) sched_setattr$auto(0x0, 0x0, 0x7b) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) shmctl$auto_SHM_INFO(0x0, 0xe, &(0x7f0000000480)={{0xfffffffa, 0x0, 0xffffffffffffffff, 0x1, 0x42, 0x1, 0x68}, 0x8000804, 0x5, 0xbac1, 0xff, @raw, @raw=0x7fff, 0xc, 0x0, &(0x7f00000003c0)="1d73c01159ae372017f2ee5a68f5bb4256df848b19b969c57cb4e53cc43186a9111fe06127f0e3b40c102204c8f6d2c8461e92ca26d482f57685cee54fce61852267850e1368d8033eaaeeb36b9fa4a710e2e5", &(0x7f0000000440)="00df133d3b7387445c43d4d4113778abfc8db8fa92d8ba1d934b4622f3ea6fd931"}) r4 = getpgid(0xffffffffffffffff) sendmsg$auto_TIPC_NL_MEDIA_GET(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="ac020000", @ANYRES16=0x0, @ANYBLOB="100029bd7000fddbdf250b000000b80002809600da8008005a00", @ANYRES32=r2, @ANYBLOB="04006780f9025594d0f50dcb84356127bdb74da569974a7205561a682588e36860d645f9f19e686635f5a0384a08c23e6d9d90e5ac95fce5ebdd9c9f5055eb0bef7ec261b08e3ed1df4e09ee90e00f9b3f62a22560b88b3ae90d9947fb5a0ffc13dc30f1bd23e41001130086000c9a523d95ad812bf6e78f1ec477af00040029800400c4808f0400b780000008000700", @ANYRES32=r0, @ANYBLOB="0800bf00", @ANYRES32=r3, @ANYBLOB="0c000d000800000000000000df010380c703ca3c9970e918e1726eefae2e86f65d097167fdc56a656bf41f0dae996e27b79ea45e0bec53cc8b9354612c7d4efda51ac1ab2816af07c0b56b106028697a4a24b9562e47febb12533ef79d2739060a7d0a424466a988c72d6c3e010a8004006900ec575d69db35b1153a48fc5e6b61010c040ecdd4ff82260cfe7d0dd4f690f9c95bf3c384244c4daf5f03beef7e994d177b49a12e33e1f7c4292a4b0994c457d9f4820c07e627deabbf68464933dbacd24d1e824172a21c2441f972a3d82f780a737e5635a1b64b1f6770c96b9047ce810e6807115eaf4339fed66dd49df8c43c44d79903677eab13cce79750c7d5f467e4f2bd3b21499b9e1fe828bb51f48ab896bd006c185884ee91813c6af32ef889b7a36af191a28ec25b77c4b152084f04f65275d67918564e87156d3665109ea4a3cb948a8a1a71c210396ad3991659808951f0aed2fd2b03835833607a6d3b350133b681d2b206f50bfa386755af6fa7e01c14ff9cba5fc04ea5485c8b9c39708bdc956ef133e89e1bccb8775d180800b300"/418, @ANYRES32=r4, @ANYBLOB="00004000ab8004003a800c000500010000000000000007f50583c6dcf86edd3cc5750400a2800c002f0001000100000000000c00130002000000000000000400238000"], 0x2ac}, 0x1, 0x0, 0x0, 0x20004080}, 0x20000000) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x0) lsm_get_self_attr$auto(0x64, &(0x7f0000000080)={0x0, 0x1, 0x7fffffffffffffff}, &(0x7f0000002440)=0x1f9, 0x0) ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r1, 0x7cb, 0x0) r5 = openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, &(0x7f0000000180), 0x4100, 0x0) writev$auto(r5, &(0x7f00000001c0)={&(0x7f0000000280)="960a371e0f2b36272b5782725b13a24c6473d26738b4ee9645dfd0a513cb46ac7043774bb27005a5d258a84c00e5d1ddf00e21f0592b72dd467c6417c11dc1759beff265bcfd2a39f29c63b7032f73bf875e4e5b74eef3cdfddbcb708e16bb9608d6f144a6b7e3744d2ef9effb696d9a4619f32c316ea22adaf20b19635dc9b2fffab85d00b8bf733ffe04907b5b7c9d998edd372a456a7928da3df9cf640dffabcfca1cbbdf68d7ef45b7190a947eff7b86d1fb54da5a5a7fbad670932c1d837c9a08", 0x2}, 0x26) mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r6, 0x0, 0x0) r7 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x187040, 0x0) ioctl$auto_FS_IOC_SETFLAGS(r7, 0x40086602, 0xfffffffffffffffd) mmap$auto(0x0, 0xe97f, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) kernel console output (not intermixed with test programs): 6 [ 125.801676][ T6592] Call Trace: [ 125.801685][ T6592] [ 125.801695][ T6592] dump_stack_lvl+0x100/0x190 [ 125.801738][ T6592] should_fail_ex.cold+0x5/0xa [ 125.801769][ T6592] should_failslab+0xc2/0x120 [ 125.801799][ T6592] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 125.801838][ T6592] ? alloc_vfsmnt+0x23/0x6a0 [ 125.801866][ T6592] ? find_held_lock+0x2b/0x80 [ 125.801893][ T6592] ? clone_mnt+0x19a/0x930 [ 125.801916][ T6592] alloc_vfsmnt+0x23/0x6a0 [ 125.801935][ T6592] clone_mnt+0x4b/0x930 [ 125.801954][ T6592] ? is_subdir+0x1a8/0x3e0 [ 125.801973][ T6592] copy_tree+0x329/0xbf0 [ 125.802000][ T6592] copy_mnt_ns+0x2bd/0xc30 [ 125.802018][ T6592] ? create_new_namespaces+0x30/0xac0 [ 125.802034][ T6592] ? rcu_is_watching+0x12/0xc0 [ 125.802057][ T6592] create_new_namespaces+0xd3/0xac0 [ 125.802072][ T6592] ? bpf_lsm_capable+0x9/0x10 [ 125.802087][ T6592] ? security_capable+0x80/0x260 [ 125.802111][ T6592] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 125.802128][ T6592] ksys_unshare+0x473/0xad0 [ 125.802147][ T6592] ? __pfx_ksys_unshare+0x10/0x10 [ 125.802171][ T6592] __x64_sys_unshare+0x31/0x40 [ 125.802189][ T6592] do_syscall_64+0x106/0xf80 [ 125.802208][ T6592] ? clear_bhb_loop+0x40/0x90 [ 125.802226][ T6592] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.802241][ T6592] RIP: 0033:0x7fc9b079c799 [ 125.802255][ T6592] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 125.802269][ T6592] RSP: 002b:00007fc9b16da028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 125.802283][ T6592] RAX: ffffffffffffffda RBX: 00007fc9b0a16270 RCX: 00007fc9b079c799 [ 125.802292][ T6592] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 125.802301][ T6592] RBP: 00007fc9b0832c99 R08: 0000000000000000 R09: 0000000000000000 [ 125.802309][ T6592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 125.802317][ T6592] R13: 00007fc9b0a16308 R14: 00007fc9b0a16270 R15: 00007ffd6fb03018 [ 125.802337][ T6592] [ 126.902596][ T6584] kexec: Could not allocate control_code_buffer [ 127.044555][ T6616] FAULT_INJECTION: forcing a failure. [ 127.044555][ T6616] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 127.103055][ T6616] CPU: 0 UID: 0 PID: 6616 Comm: syz.3.163 Not tainted syzkaller #0 PREEMPT(full) [ 127.103089][ T6616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 127.103102][ T6616] Call Trace: [ 127.103110][ T6616] [ 127.103118][ T6616] dump_stack_lvl+0x100/0x190 [ 127.103158][ T6616] should_fail_ex.cold+0x5/0xa [ 127.103183][ T6616] ? prepare_alloc_pages+0x16d/0x5f0 [ 127.103214][ T6616] should_fail_alloc_page+0xeb/0x140 [ 127.103243][ T6616] prepare_alloc_pages+0x1f0/0x5f0 [ 127.103270][ T6616] ? kernel_text_address+0x8d/0x100 [ 127.103309][ T6616] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 127.103358][ T6616] ? copy_splice_read+0x1a3/0xb90 [ 127.103395][ T6616] ? stack_trace_save+0x8e/0xc0 [ 127.103420][ T6616] ? __pfx_stack_trace_save+0x10/0x10 [ 127.103447][ T6616] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 127.103488][ T6616] ? copy_splice_read+0x1a3/0xb90 [ 127.103521][ T6616] ? kasan_save_stack+0x3f/0x50 [ 127.103555][ T6616] ? kasan_save_stack+0x30/0x50 [ 127.103588][ T6616] ? kasan_save_track+0x14/0x30 [ 127.103622][ T6616] ? __kasan_kmalloc+0xaa/0xb0 [ 127.103655][ T6616] ? __kmalloc_noprof+0x301/0x850 [ 127.103688][ T6616] ? copy_splice_read+0x1a3/0xb90 [ 127.103720][ T6616] ? do_splice_read+0x285/0x370 [ 127.103757][ T6616] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.103802][ T6616] alloc_pages_bulk_noprof+0x782/0x1490 [ 127.103861][ T6616] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 127.103907][ T6616] ? __kmalloc_noprof+0x320/0x850 [ 127.103948][ T6616] copy_splice_read+0x1e1/0xb90 [ 127.103993][ T6616] ? __pfx_copy_splice_read+0x10/0x10 [ 127.104034][ T6616] ? look_up_lock_class+0x55/0x120 [ 127.104074][ T6616] ? lockdep_init_map_type+0x5c/0x250 [ 127.104108][ T6616] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 127.104146][ T6616] ? __pfx_copy_splice_read+0x10/0x10 [ 127.104183][ T6616] do_splice_read+0x285/0x370 [ 127.104225][ T6616] splice_direct_to_actor+0x2a1/0xa30 [ 127.104253][ T6616] ? __pfx_direct_splice_actor+0x10/0x10 [ 127.104297][ T6616] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 127.104333][ T6616] do_splice_direct+0x174/0x240 [ 127.104359][ T6616] ? __pfx_do_splice_direct+0x10/0x10 [ 127.104384][ T6616] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 127.104427][ T6616] ? rw_verify_area+0xce/0x6d0 [ 127.104463][ T6616] do_sendfile+0xadc/0xe20 [ 127.104507][ T6616] ? __pfx_do_sendfile+0x10/0x10 [ 127.104543][ T6616] ? __fget_files+0x21f/0x3d0 [ 127.104575][ T6616] __x64_sys_sendfile64+0x1d8/0x220 [ 127.104601][ T6616] ? ksys_write+0x1ac/0x250 [ 127.104624][ T6616] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 127.104662][ T6616] do_syscall_64+0x106/0xf80 [ 127.104693][ T6616] ? clear_bhb_loop+0x40/0x90 [ 127.104723][ T6616] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.104749][ T6616] RIP: 0033:0x7f035f19c799 [ 127.104770][ T6616] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 127.104793][ T6616] RSP: 002b:00007f035ff98028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 127.104823][ T6616] RAX: ffffffffffffffda RBX: 00007f035f415fa0 RCX: 00007f035f19c799 [ 127.104840][ T6616] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 127.104853][ T6616] RBP: 00007f035ff98090 R08: 0000000000000000 R09: 0000000000000000 [ 127.104868][ T6616] R10: 0000000000000443 R11: 0000000000000246 R12: 0000000000000001 [ 127.104883][ T6616] R13: 00007f035f416038 R14: 00007f035f415fa0 R15: 00007ffef0dc6158 [ 127.104918][ T6616] [ 127.879724][ T6634] FAULT_INJECTION: forcing a failure. [ 127.879724][ T6634] name fail_futex, interval 1, probability 0, space 0, times 0 [ 127.902754][ T6634] CPU: 0 UID: 0 PID: 6634 Comm: syz.1.166 Not tainted syzkaller #0 PREEMPT(full) [ 127.902792][ T6634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 127.902808][ T6634] Call Trace: [ 127.902817][ T6634] [ 127.902826][ T6634] dump_stack_lvl+0x100/0x190 [ 127.902874][ T6634] should_fail_ex.cold+0x5/0xa [ 127.902908][ T6634] get_futex_key+0x1d2/0x1620 [ 127.902946][ T6634] ? __pfx_get_futex_key+0x10/0x10 [ 127.902992][ T6634] futex_wake+0xea/0x530 [ 127.903035][ T6634] ? __pfx_futex_wake+0x10/0x10 [ 127.903078][ T6634] ? putname+0xb1/0x110 [ 127.903106][ T6634] ? kmem_cache_free+0x124/0x6a0 [ 127.903148][ T6634] do_futex+0x32b/0x350 [ 127.903182][ T6634] ? __pfx_do_futex+0x10/0x10 [ 127.903221][ T6634] ? __pfx_do_sys_openat2+0x10/0x10 [ 127.903260][ T6634] ? __fget_files+0x21f/0x3d0 [ 127.903291][ T6634] __x64_sys_futex+0x34f/0x4d0 [ 127.903329][ T6634] ? __x64_sys_openat+0x12d/0x210 [ 127.903364][ T6634] ? __pfx___x64_sys_futex+0x10/0x10 [ 127.903414][ T6634] do_syscall_64+0x106/0xf80 [ 127.903448][ T6634] ? clear_bhb_loop+0x40/0x90 [ 127.903482][ T6634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.903510][ T6634] RIP: 0033:0x7f84e559c799 [ 127.903532][ T6634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 127.903558][ T6634] RSP: 002b:00007f84e64760e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 127.903584][ T6634] RAX: ffffffffffffffda RBX: 00007f84e5815fa8 RCX: 00007f84e559c799 [ 127.903603][ T6634] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f84e5815fac [ 127.903620][ T6634] RBP: 00007f84e5815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 127.903637][ T6634] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 127.903653][ T6634] R13: 00007f84e5816038 R14: 00007ffeb8b065c0 R15: 00007ffeb8b066a8 [ 127.903690][ T6634] [ 128.142366][ T6622] FAULT_INJECTION: forcing a failure. [ 128.142366][ T6622] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 128.155674][ T6622] CPU: 0 UID: 0 PID: 6622 Comm: syz.2.165 Not tainted syzkaller #0 PREEMPT(full) [ 128.155706][ T6622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 128.155727][ T6622] Call Trace: [ 128.155734][ T6622] [ 128.155744][ T6622] dump_stack_lvl+0x100/0x190 [ 128.155786][ T6622] should_fail_ex.cold+0x5/0xa [ 128.155817][ T6622] _copy_from_user+0x2e/0xd0 [ 128.155846][ T6622] get_timespec64+0x8b/0x1b0 [ 128.155874][ T6622] ? __pfx_get_timespec64+0x10/0x10 [ 128.155904][ T6622] ? common_nsleep+0xa1/0xd0 [ 128.155937][ T6622] __x64_sys_clock_nanosleep+0x1ce/0x480 [ 128.155974][ T6622] ? xfd_validate_state+0x129/0x190 [ 128.156009][ T6622] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 128.156059][ T6622] do_syscall_64+0x106/0xf80 [ 128.156091][ T6622] ? clear_bhb_loop+0x40/0x90 [ 128.156122][ T6622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.156148][ T6622] RIP: 0033:0x7fc9b075cfce [ 128.156169][ T6622] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 128.156193][ T6622] RSP: 002b:00007ffd6fb030f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6 [ 128.156216][ T6622] RAX: ffffffffffffffda RBX: 0000555560a9a500 RCX: 00007fc9b075cfce [ 128.156233][ T6622] RDX: 00007ffd6fb03150 RSI: 0000000000000000 RDI: 0000000000000000 [ 128.156249][ T6622] RBP: 00007fc9b0a17da0 R08: 0000000000000000 R09: 0000000000000000 [ 128.156264][ T6622] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000001f5bf [ 128.156279][ T6622] R13: 00007fc9b0a1609c R14: 000000000001f47a R15: 00007fc9b0a16090 [ 128.156314][ T6622] [ 128.560997][ T6646] ubi0: attaching mtd0 [ 128.604074][ T6646] ubi0: scanning is finished [ 128.630707][ T6646] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 128.902940][ T6646] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 128.968139][ T29] audit: type=1326 audit(2147484693.256:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6661 comm="syz.0.171" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fae4399c799 code=0x0 [ 129.011802][ T6657] netlink: 342 bytes leftover after parsing attributes in process `syz.1.168'. [ 129.368425][ T6678] FAULT_INJECTION: forcing a failure. [ 129.368425][ T6678] name failslab, interval 1, probability 0, space 0, times 0 [ 129.477636][ T6678] CPU: 1 UID: 0 PID: 6678 Comm: syz.3.173 Not tainted syzkaller #0 PREEMPT(full) [ 129.477668][ T6678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 129.477682][ T6678] Call Trace: [ 129.477690][ T6678] [ 129.477699][ T6678] dump_stack_lvl+0x100/0x190 [ 129.477738][ T6678] should_fail_ex.cold+0x5/0xa [ 129.477766][ T6678] should_failslab+0xc2/0x120 [ 129.477793][ T6678] __kvmalloc_node_noprof+0xfa/0xa00 [ 129.477829][ T6678] ? seq_read_iter+0x819/0x1270 [ 129.477874][ T6678] seq_read_iter+0x819/0x1270 [ 129.477911][ T6678] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 129.477960][ T6678] kernfs_fop_read_iter+0x46c/0x610 [ 129.477996][ T6678] copy_splice_read+0x4ba/0xb90 [ 129.478044][ T6678] ? __pfx_copy_splice_read+0x10/0x10 [ 129.478093][ T6678] ? look_up_lock_class+0x55/0x120 [ 129.478134][ T6678] ? lockdep_init_map_type+0x5c/0x250 [ 129.478169][ T6678] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 129.478208][ T6678] ? __pfx_copy_splice_read+0x10/0x10 [ 129.478246][ T6678] do_splice_read+0x285/0x370 [ 129.478288][ T6678] splice_direct_to_actor+0x2a1/0xa30 [ 129.478317][ T6678] ? __pfx_direct_splice_actor+0x10/0x10 [ 129.478362][ T6678] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 129.478400][ T6678] do_splice_direct+0x174/0x240 [ 129.478427][ T6678] ? __pfx_do_splice_direct+0x10/0x10 [ 129.478453][ T6678] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 129.478498][ T6678] ? rw_verify_area+0xce/0x6d0 [ 129.478536][ T6678] do_sendfile+0xadc/0xe20 [ 129.478580][ T6678] ? __pfx_do_sendfile+0x10/0x10 [ 129.478616][ T6678] ? __fget_files+0x21f/0x3d0 [ 129.478650][ T6678] __x64_sys_sendfile64+0x1d8/0x220 [ 129.478676][ T6678] ? ksys_write+0x1ac/0x250 [ 129.478698][ T6678] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 129.478738][ T6678] do_syscall_64+0x106/0xf80 [ 129.478769][ T6678] ? clear_bhb_loop+0x40/0x90 [ 129.478799][ T6678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.478824][ T6678] RIP: 0033:0x7f035f19c799 [ 129.478845][ T6678] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 129.478869][ T6678] RSP: 002b:00007f035ff98028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 129.478893][ T6678] RAX: ffffffffffffffda RBX: 00007f035f415fa0 RCX: 00007f035f19c799 [ 129.478909][ T6678] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 129.478924][ T6678] RBP: 00007f035ff98090 R08: 0000000000000000 R09: 0000000000000000 [ 129.478939][ T6678] R10: 0000000000000443 R11: 0000000000000246 R12: 0000000000000001 [ 129.478954][ T6678] R13: 00007f035f416038 R14: 00007f035f415fa0 R15: 00007ffef0dc6158 [ 129.478991][ T6678] [ 130.320870][ T6662] kexec: Could not allocate control_code_buffer [ 130.394423][ T6700] FAULT_INJECTION: forcing a failure. [ 130.394423][ T6700] name failslab, interval 1, probability 0, space 0, times 0 [ 130.425969][ T6700] CPU: 1 UID: 0 PID: 6700 Comm: syz.3.177 Not tainted syzkaller #0 PREEMPT(full) [ 130.426016][ T6700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 130.426032][ T6700] Call Trace: [ 130.426041][ T6700] [ 130.426051][ T6700] dump_stack_lvl+0x100/0x190 [ 130.426099][ T6700] should_fail_ex.cold+0x5/0xa [ 130.426133][ T6700] should_failslab+0xc2/0x120 [ 130.426163][ T6700] __kmalloc_cache_noprof+0x7a/0x6f0 [ 130.426200][ T6700] ? snd_seq_pool_new+0x44/0x230 [ 130.426238][ T6700] ? __pfx_snd_seq_open+0x10/0x10 [ 130.426280][ T6700] snd_seq_pool_new+0x44/0x230 [ 130.426313][ T6700] seq_create_client1+0x66/0x640 [ 130.426358][ T6700] ? __pfx_snd_seq_open+0x10/0x10 [ 130.426399][ T6700] snd_seq_open+0x59/0x590 [ 130.426441][ T6700] ? __pfx_snd_seq_open+0x10/0x10 [ 130.426480][ T6700] snd_open+0x22d/0x4c0 [ 130.426509][ T6700] ? __pfx_snd_open+0x10/0x10 [ 130.426536][ T6700] chrdev_open+0x234/0x6a0 [ 130.426563][ T6700] ? __pfx_apparmor_file_open+0x10/0x10 [ 130.426606][ T6700] ? __pfx_chrdev_open+0x10/0x10 [ 130.426637][ T6700] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 130.426675][ T6700] do_dentry_open+0x6d8/0x1660 [ 130.426703][ T6700] ? __pfx_chrdev_open+0x10/0x10 [ 130.426741][ T6700] vfs_open+0x82/0x3f0 [ 130.426780][ T6700] path_openat+0x208c/0x31a0 [ 130.426822][ T6700] ? __pfx_path_openat+0x10/0x10 [ 130.426865][ T6700] do_file_open+0x20e/0x430 [ 130.426897][ T6700] ? __pfx_do_file_open+0x10/0x10 [ 130.426957][ T6700] ? alloc_fd+0x476/0x790 [ 130.426993][ T6700] ? do_getname+0x191/0x390 [ 130.427031][ T6700] do_sys_openat2+0x10d/0x1e0 [ 130.427066][ T6700] ? __pfx_do_sys_openat2+0x10/0x10 [ 130.427102][ T6700] ? __fget_files+0x21f/0x3d0 [ 130.427132][ T6700] __x64_sys_openat+0x12d/0x210 [ 130.427165][ T6700] ? __pfx___x64_sys_openat+0x10/0x10 [ 130.427213][ T6700] do_syscall_64+0x106/0xf80 [ 130.427249][ T6700] ? clear_bhb_loop+0x40/0x90 [ 130.427282][ T6700] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.427310][ T6700] RIP: 0033:0x7f035f19c799 [ 130.427333][ T6700] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 130.427358][ T6700] RSP: 002b:00007f035ff98028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 130.427384][ T6700] RAX: ffffffffffffffda RBX: 00007f035f415fa0 RCX: 00007f035f19c799 [ 130.427401][ T6700] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c [ 130.427418][ T6700] RBP: 00007f035f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 130.427433][ T6700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 130.427447][ T6700] R13: 00007f035f416038 R14: 00007f035f415fa0 R15: 00007ffef0dc6158 [ 130.427483][ T6700] [ 132.214517][ T6759] FAULT_INJECTION: forcing a failure. [ 132.214517][ T6759] name failslab, interval 1, probability 0, space 0, times 0 [ 132.242006][ T6759] CPU: 1 UID: 0 PID: 6759 Comm: syz.0.184 Not tainted syzkaller #0 PREEMPT(full) [ 132.242037][ T6759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 132.242052][ T6759] Call Trace: [ 132.242060][ T6759] [ 132.242068][ T6759] dump_stack_lvl+0x100/0x190 [ 132.242110][ T6759] should_fail_ex.cold+0x5/0xa [ 132.242138][ T6759] ? iter_file_splice_write+0x1d8/0x10a0 [ 132.242160][ T6759] should_failslab+0xc2/0x120 [ 132.242186][ T6759] __kmalloc_noprof+0xe0/0x850 [ 132.242228][ T6759] iter_file_splice_write+0x1d8/0x10a0 [ 132.242251][ T6759] ? lockdep_hardirqs_on+0x78/0x100 [ 132.242289][ T6759] ? copy_splice_read+0x734/0xb90 [ 132.242323][ T6759] ? kfree+0x1f6/0x6b0 [ 132.242362][ T6759] ? __pfx_iter_file_splice_write+0x10/0x10 [ 132.242388][ T6759] ? __lock_acquire+0x4a5/0x2630 [ 132.242423][ T6759] ? __pfx_copy_splice_read+0x10/0x10 [ 132.242478][ T6759] ? __pfx_iter_file_splice_write+0x10/0x10 [ 132.242505][ T6759] direct_splice_actor+0x192/0x6c0 [ 132.242546][ T6759] splice_direct_to_actor+0x345/0xa30 [ 132.242573][ T6759] ? __pfx_direct_splice_actor+0x10/0x10 [ 132.242617][ T6759] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 132.242653][ T6759] do_splice_direct+0x174/0x240 [ 132.242679][ T6759] ? __pfx_do_splice_direct+0x10/0x10 [ 132.242705][ T6759] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 132.242749][ T6759] ? rw_verify_area+0xce/0x6d0 [ 132.242787][ T6759] do_sendfile+0xadc/0xe20 [ 132.242837][ T6759] ? __pfx_do_sendfile+0x10/0x10 [ 132.242873][ T6759] ? __fget_files+0x21f/0x3d0 [ 132.242908][ T6759] __x64_sys_sendfile64+0x1d8/0x220 [ 132.242935][ T6759] ? ksys_write+0x1ac/0x250 [ 132.242958][ T6759] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 132.242998][ T6759] do_syscall_64+0x106/0xf80 [ 132.243032][ T6759] ? clear_bhb_loop+0x40/0x90 [ 132.243064][ T6759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.243090][ T6759] RIP: 0033:0x7fae4399c799 [ 132.243111][ T6759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 132.243135][ T6759] RSP: 002b:00007fae44906028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 132.243159][ T6759] RAX: ffffffffffffffda RBX: 00007fae43c15fa0 RCX: 00007fae4399c799 [ 132.243175][ T6759] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 132.243190][ T6759] RBP: 00007fae44906090 R08: 0000000000000000 R09: 0000000000000000 [ 132.243203][ T6759] R10: 0000000000000443 R11: 0000000000000246 R12: 0000000000000001 [ 132.243217][ T6759] R13: 00007fae43c16038 R14: 00007fae43c15fa0 R15: 00007ffd3e50cfd8 [ 132.243250][ T6759] [ 132.798472][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.805057][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.835076][ T29] audit: type=1326 audit(2147484697.114:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6767 comm="syz.2.187" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc9b079c799 code=0x0 [ 132.906462][ T6777] FAULT_INJECTION: forcing a failure. [ 132.906462][ T6777] name fail_futex, interval 1, probability 0, space 0, times 0 [ 133.038283][ T6777] CPU: 1 UID: 0 PID: 6777 Comm: syz.1.189 Not tainted syzkaller #0 PREEMPT(full) [ 133.038322][ T6777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 133.038338][ T6777] Call Trace: [ 133.038347][ T6777] [ 133.038359][ T6777] dump_stack_lvl+0x100/0x190 [ 133.038410][ T6777] should_fail_ex.cold+0x5/0xa [ 133.038443][ T6777] get_futex_key+0x1d2/0x1620 [ 133.038481][ T6777] ? __pfx_get_futex_key+0x10/0x10 [ 133.038526][ T6777] futex_wake+0xea/0x530 [ 133.038568][ T6777] ? __pfx_futex_wake+0x10/0x10 [ 133.038612][ T6777] ? putname+0xb1/0x110 [ 133.038639][ T6777] ? kmem_cache_free+0x124/0x6a0 [ 133.038684][ T6777] do_futex+0x32b/0x350 [ 133.038718][ T6777] ? __pfx_do_futex+0x10/0x10 [ 133.038750][ T6777] ? __pfx_do_sys_openat2+0x10/0x10 [ 133.038787][ T6777] ? __fget_files+0x21f/0x3d0 [ 133.038817][ T6777] __x64_sys_futex+0x34f/0x4d0 [ 133.038853][ T6777] ? __x64_sys_openat+0x12d/0x210 [ 133.038888][ T6777] ? __pfx___x64_sys_futex+0x10/0x10 [ 133.038936][ T6777] do_syscall_64+0x106/0xf80 [ 133.038972][ T6777] ? clear_bhb_loop+0x40/0x90 [ 133.039006][ T6777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.039034][ T6777] RIP: 0033:0x7f84e559c799 [ 133.039057][ T6777] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 133.039083][ T6777] RSP: 002b:00007f84e64760e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 133.039110][ T6777] RAX: ffffffffffffffda RBX: 00007f84e5815fa8 RCX: 00007f84e559c799 [ 133.039128][ T6777] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f84e5815fac [ 133.039146][ T6777] RBP: 00007f84e5815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 133.039162][ T6777] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 133.039178][ T6777] R13: 00007f84e5816038 R14: 00007ffeb8b065c0 R15: 00007ffeb8b066a8 [ 133.039215][ T6777] [ 134.173646][ T6811] FAULT_INJECTION: forcing a failure. [ 134.173646][ T6811] name failslab, interval 1, probability 0, space 0, times 0 [ 134.217496][ T6811] CPU: 0 UID: 0 PID: 6811 Comm: syz.0.194 Not tainted syzkaller #0 PREEMPT(full) [ 134.217530][ T6811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 134.217543][ T6811] Call Trace: [ 134.217551][ T6811] [ 134.217560][ T6811] dump_stack_lvl+0x100/0x190 [ 134.217601][ T6811] should_fail_ex.cold+0x5/0xa [ 134.217629][ T6811] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 134.217655][ T6811] should_failslab+0xc2/0x120 [ 134.217681][ T6811] __kmalloc_noprof+0xe0/0x850 [ 134.217715][ T6811] ? trace_kmalloc+0x101/0x130 [ 134.217746][ T6811] kernfs_fop_write_iter+0x26a/0x5f0 [ 134.217777][ T6811] iter_file_splice_write+0x830/0x10a0 [ 134.217823][ T6811] ? __pfx_iter_file_splice_write+0x10/0x10 [ 134.217855][ T6811] ? __pfx_copy_splice_read+0x10/0x10 [ 134.217911][ T6811] ? __pfx_iter_file_splice_write+0x10/0x10 [ 134.217939][ T6811] direct_splice_actor+0x192/0x6c0 [ 134.217979][ T6811] splice_direct_to_actor+0x345/0xa30 [ 134.218006][ T6811] ? __pfx_direct_splice_actor+0x10/0x10 [ 134.218050][ T6811] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 134.218092][ T6811] do_splice_direct+0x174/0x240 [ 134.218118][ T6811] ? __pfx_do_splice_direct+0x10/0x10 [ 134.218143][ T6811] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 134.218184][ T6811] ? rw_verify_area+0xce/0x6d0 [ 134.218221][ T6811] do_sendfile+0xadc/0xe20 [ 134.218265][ T6811] ? __pfx_do_sendfile+0x10/0x10 [ 134.218301][ T6811] ? __fget_files+0x21f/0x3d0 [ 134.218335][ T6811] __x64_sys_sendfile64+0x1d8/0x220 [ 134.218363][ T6811] ? ksys_write+0x1ac/0x250 [ 134.218386][ T6811] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 134.218426][ T6811] do_syscall_64+0x106/0xf80 [ 134.218459][ T6811] ? clear_bhb_loop+0x40/0x90 [ 134.218491][ T6811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.218520][ T6811] RIP: 0033:0x7fae4399c799 [ 134.218542][ T6811] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 134.218566][ T6811] RSP: 002b:00007fae44906028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 134.218590][ T6811] RAX: ffffffffffffffda RBX: 00007fae43c15fa0 RCX: 00007fae4399c799 [ 134.218607][ T6811] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 134.218622][ T6811] RBP: 00007fae44906090 R08: 0000000000000000 R09: 0000000000000000 [ 134.218637][ T6811] R10: 0000000000000443 R11: 0000000000000246 R12: 0000000000000001 [ 134.218652][ T6811] R13: 00007fae43c16038 R14: 00007fae43c15fa0 R15: 00007ffd3e50cfd8 [ 134.218689][ T6811] [ 134.570430][ T6768] kexec: Could not allocate control_code_buffer [ 134.748473][ T6822] FAULT_INJECTION: forcing a failure. [ 134.748473][ T6822] name failslab, interval 1, probability 0, space 0, times 0 [ 134.772069][ T6822] CPU: 0 UID: 0 PID: 6822 Comm: syz.0.198 Not tainted syzkaller #0 PREEMPT(full) [ 134.772090][ T6822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 134.772100][ T6822] Call Trace: [ 134.772105][ T6822] [ 134.772111][ T6822] dump_stack_lvl+0x100/0x190 [ 134.772136][ T6822] should_fail_ex.cold+0x5/0xa [ 134.772154][ T6822] should_failslab+0xc2/0x120 [ 134.772170][ T6822] __kmalloc_cache_noprof+0x7a/0x6f0 [ 134.772188][ T6822] ? snd_seq_pool_new+0x44/0x230 [ 134.772208][ T6822] ? __pfx_snd_seq_open+0x10/0x10 [ 134.772230][ T6822] snd_seq_pool_new+0x44/0x230 [ 134.772247][ T6822] seq_create_client1+0x66/0x640 [ 134.772271][ T6822] ? __pfx_snd_seq_open+0x10/0x10 [ 134.772292][ T6822] snd_seq_open+0x59/0x590 [ 134.772313][ T6822] ? __pfx_snd_seq_open+0x10/0x10 [ 134.772333][ T6822] snd_open+0x22d/0x4c0 [ 134.772348][ T6822] ? __pfx_snd_open+0x10/0x10 [ 134.772362][ T6822] chrdev_open+0x234/0x6a0 [ 134.772376][ T6822] ? __pfx_apparmor_file_open+0x10/0x10 [ 134.772399][ T6822] ? __pfx_chrdev_open+0x10/0x10 [ 134.772414][ T6822] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 134.772433][ T6822] do_dentry_open+0x6d8/0x1660 [ 134.772447][ T6822] ? __pfx_chrdev_open+0x10/0x10 [ 134.772467][ T6822] vfs_open+0x82/0x3f0 [ 134.772487][ T6822] path_openat+0x208c/0x31a0 [ 134.772508][ T6822] ? __pfx_path_openat+0x10/0x10 [ 134.772529][ T6822] do_file_open+0x20e/0x430 [ 134.772546][ T6822] ? __pfx_do_file_open+0x10/0x10 [ 134.772577][ T6822] ? alloc_fd+0x476/0x790 [ 134.772593][ T6822] ? do_getname+0x191/0x390 [ 134.772612][ T6822] do_sys_openat2+0x10d/0x1e0 [ 134.772630][ T6822] ? __pfx_do_sys_openat2+0x10/0x10 [ 134.772650][ T6822] ? __fget_files+0x21f/0x3d0 [ 134.772667][ T6822] __x64_sys_openat+0x12d/0x210 [ 134.772685][ T6822] ? __pfx___x64_sys_openat+0x10/0x10 [ 134.772711][ T6822] do_syscall_64+0x106/0xf80 [ 134.772730][ T6822] ? clear_bhb_loop+0x40/0x90 [ 134.772749][ T6822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.772764][ T6822] RIP: 0033:0x7fae4399c799 [ 134.772777][ T6822] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 134.772790][ T6822] RSP: 002b:00007fae44906028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 134.772804][ T6822] RAX: ffffffffffffffda RBX: 00007fae43c15fa0 RCX: 00007fae4399c799 [ 134.772814][ T6822] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c [ 134.772822][ T6822] RBP: 00007fae43a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 134.772831][ T6822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 134.772839][ T6822] R13: 00007fae43c16038 R14: 00007fae43c15fa0 R15: 00007ffd3e50cfd8 [ 134.772858][ T6822] [ 135.192841][ T6815] tipc: Started in network mode [ 135.210676][ T6815] tipc: Node identity ffffffff, cluster identity 4711 [ 135.220502][ T6815] tipc: Node number set to 4294967295 [ 135.633370][ T6838] netlink: 12 bytes leftover after parsing attributes in process `syz.2.201'. [ 136.317995][ T6856] bond0: option lp_interval: invalid value () [ 136.325600][ T6856] bond0: option lp_interval: allowed values 1 - 2147483647 [ 136.597667][ T29] audit: type=1326 audit(2147484700.852:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6862 comm="syz.1.206" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f84e559c799 code=0x0 [ 136.909006][ T6869] FAULT_INJECTION: forcing a failure. [ 136.909006][ T6869] name fail_futex, interval 1, probability 0, space 0, times 0 [ 136.922106][ T6869] CPU: 0 UID: 0 PID: 6869 Comm: syz.2.207 Not tainted syzkaller #0 PREEMPT(full) [ 136.922144][ T6869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 136.922161][ T6869] Call Trace: [ 136.922170][ T6869] [ 136.922181][ T6869] dump_stack_lvl+0x100/0x190 [ 136.922229][ T6869] should_fail_ex.cold+0x5/0xa [ 136.922263][ T6869] get_futex_key+0x1d2/0x1620 [ 136.922301][ T6869] ? __pfx_get_futex_key+0x10/0x10 [ 136.922355][ T6869] futex_wake+0xea/0x530 [ 136.922401][ T6869] ? __pfx_futex_wake+0x10/0x10 [ 136.922445][ T6869] ? putname+0xb1/0x110 [ 136.922473][ T6869] ? kmem_cache_free+0x124/0x6a0 [ 136.922516][ T6869] do_futex+0x32b/0x350 [ 136.922552][ T6869] ? __pfx_do_futex+0x10/0x10 [ 136.922583][ T6869] ? __pfx_do_sys_openat2+0x10/0x10 [ 136.922622][ T6869] ? __fget_files+0x21f/0x3d0 [ 136.922651][ T6869] __x64_sys_futex+0x34f/0x4d0 [ 136.922687][ T6869] ? __x64_sys_openat+0x12d/0x210 [ 136.922723][ T6869] ? __pfx___x64_sys_futex+0x10/0x10 [ 136.922772][ T6869] do_syscall_64+0x106/0xf80 [ 136.922809][ T6869] ? clear_bhb_loop+0x40/0x90 [ 136.922843][ T6869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.922871][ T6869] RIP: 0033:0x7fc9b079c799 [ 136.922894][ T6869] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 136.922923][ T6869] RSP: 002b:00007fc9b173d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 136.922947][ T6869] RAX: ffffffffffffffda RBX: 00007fc9b0a15fa8 RCX: 00007fc9b079c799 [ 136.922964][ T6869] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc9b0a15fac [ 136.922979][ T6869] RBP: 00007fc9b0a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 136.922994][ T6869] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 136.923009][ T6869] R13: 00007fc9b0a16038 R14: 00007ffd6fb02f30 R15: 00007ffd6fb03018 [ 136.923045][ T6869] [ 137.627874][ T6875] FAULT_INJECTION: forcing a failure. [ 137.627874][ T6875] name failslab, interval 1, probability 0, space 0, times 0 [ 137.663509][ T6864] kexec: Could not allocate control_code_buffer [ 137.683496][ T6875] CPU: 0 UID: 0 PID: 6875 Comm: syz.2.209 Not tainted syzkaller #0 PREEMPT(full) [ 137.683529][ T6875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 137.683541][ T6875] Call Trace: [ 137.683549][ T6875] [ 137.683558][ T6875] dump_stack_lvl+0x100/0x190 [ 137.683601][ T6875] should_fail_ex.cold+0x5/0xa [ 137.683631][ T6875] ? copy_splice_read+0x1a3/0xb90 [ 137.683668][ T6875] should_failslab+0xc2/0x120 [ 137.683694][ T6875] __kmalloc_noprof+0xe0/0x850 [ 137.683737][ T6875] copy_splice_read+0x1a3/0xb90 [ 137.683774][ T6875] ? __pfx_iter_file_splice_write+0x10/0x10 [ 137.683806][ T6875] ? __pfx_copy_splice_read+0x10/0x10 [ 137.683854][ T6875] ? find_held_lock+0x2b/0x80 [ 137.683885][ T6875] ? __pfx_copy_splice_read+0x10/0x10 [ 137.683921][ T6875] do_splice_read+0x285/0x370 [ 137.683963][ T6875] splice_direct_to_actor+0x2a1/0xa30 [ 137.683991][ T6875] ? __pfx_direct_splice_actor+0x10/0x10 [ 137.684035][ T6875] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 137.684071][ T6875] do_splice_direct+0x174/0x240 [ 137.684098][ T6875] ? __pfx_do_splice_direct+0x10/0x10 [ 137.684124][ T6875] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 137.684167][ T6875] ? rw_verify_area+0xce/0x6d0 [ 137.684205][ T6875] do_sendfile+0xadc/0xe20 [ 137.684247][ T6875] ? __pfx_do_sendfile+0x10/0x10 [ 137.684284][ T6875] ? __fget_files+0x21f/0x3d0 [ 137.684351][ T6875] __x64_sys_sendfile64+0x1d8/0x220 [ 137.684378][ T6875] ? ksys_write+0x1ac/0x250 [ 137.684400][ T6875] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 137.684440][ T6875] do_syscall_64+0x106/0xf80 [ 137.684472][ T6875] ? clear_bhb_loop+0x40/0x90 [ 137.684503][ T6875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.684529][ T6875] RIP: 0033:0x7fc9b079c799 [ 137.684550][ T6875] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 137.684573][ T6875] RSP: 002b:00007fc9b173d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 137.684597][ T6875] RAX: ffffffffffffffda RBX: 00007fc9b0a15fa0 RCX: 00007fc9b079c799 [ 137.684613][ T6875] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 137.684628][ T6875] RBP: 00007fc9b173d090 R08: 0000000000000000 R09: 0000000000000000 [ 137.684642][ T6875] R10: 0000000000000443 R11: 0000000000000246 R12: 0000000000000001 [ 137.684657][ T6875] R13: 00007fc9b0a16038 R14: 00007fc9b0a15fa0 R15: 00007ffd6fb03018 [ 137.684691][ T6875] [ 138.644159][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 138.962572][ T6890] netlink: 334 bytes leftover after parsing attributes in process `syz.3.212'. [ 139.441031][ T6907] can: request_module (can-proto-4) failed. [ 139.548124][ T29] audit: type=1326 audit(2147484703.821:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.0.216" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fae4399c799 code=0x0 [ 139.912518][ T6905] kvm: kvm [6901]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000085) [ 139.932658][ T6904] kvm: kvm [6901]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000085) [ 139.941782][ T6922] netlink: 12 bytes leftover after parsing attributes in process `syz.3.217'. [ 140.739269][ T6912] kexec: Could not allocate control_code_buffer [ 140.815554][ T29] audit: type=1326 audit(2147484705.090:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6933 comm="syz.3.219" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f035f19c799 code=0x0 [ 142.304312][ T6935] kexec: Could not allocate control_code_buffer [ 142.808386][ T6957] tipc: Started in network mode [ 142.813309][ T6957] tipc: Node identity ffffffff, cluster identity 4711 [ 142.830341][ T6957] tipc: Node number set to 4294967295 [ 143.260121][ T29] audit: type=1326 audit(2147484707.529:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6978 comm="syz.3.230" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f035f19c799 code=0x0 [ 144.116373][ T29] audit: type=1326 audit(2147484708.388:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6993 comm="syz.1.233" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f84e559c799 code=0x0 [ 144.504842][ T6979] kexec: Could not allocate control_code_buffer [ 144.893630][ T6997] delete_channel: no stack [ 145.047564][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 145.376214][ T7016] FAULT_INJECTION: forcing a failure. [ 145.376214][ T7016] name failslab, interval 1, probability 0, space 0, times 0 [ 145.407294][ T7016] CPU: 0 UID: 0 PID: 7016 Comm: syz.1.239 Not tainted syzkaller #0 PREEMPT(full) [ 145.407332][ T7016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 145.407348][ T7016] Call Trace: [ 145.407357][ T7016] [ 145.407369][ T7016] dump_stack_lvl+0x100/0x190 [ 145.407417][ T7016] should_fail_ex.cold+0x5/0xa [ 145.407450][ T7016] should_failslab+0xc2/0x120 [ 145.407482][ T7016] __kmalloc_cache_noprof+0x7a/0x6f0 [ 145.407519][ T7016] ? snd_seq_pool_new+0x44/0x230 [ 145.407565][ T7016] ? __pfx_snd_seq_open+0x10/0x10 [ 145.407612][ T7016] snd_seq_pool_new+0x44/0x230 [ 145.407646][ T7016] seq_create_client1+0x66/0x640 [ 145.407691][ T7016] ? __pfx_snd_seq_open+0x10/0x10 [ 145.407732][ T7016] snd_seq_open+0x59/0x590 [ 145.407773][ T7016] ? __pfx_snd_seq_open+0x10/0x10 [ 145.407812][ T7016] snd_open+0x22d/0x4c0 [ 145.407841][ T7016] ? __pfx_snd_open+0x10/0x10 [ 145.407868][ T7016] chrdev_open+0x234/0x6a0 [ 145.407895][ T7016] ? __pfx_apparmor_file_open+0x10/0x10 [ 145.407938][ T7016] ? __pfx_chrdev_open+0x10/0x10 [ 145.407968][ T7016] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 145.408006][ T7016] do_dentry_open+0x6d8/0x1660 [ 145.408033][ T7016] ? __pfx_chrdev_open+0x10/0x10 [ 145.408069][ T7016] vfs_open+0x82/0x3f0 [ 145.408108][ T7016] path_openat+0x208c/0x31a0 [ 145.408149][ T7016] ? __pfx_path_openat+0x10/0x10 [ 145.408193][ T7016] do_file_open+0x20e/0x430 [ 145.408224][ T7016] ? __pfx_do_file_open+0x10/0x10 [ 145.408281][ T7016] ? alloc_fd+0x476/0x790 [ 145.408312][ T7016] ? do_getname+0x191/0x390 [ 145.408350][ T7016] do_sys_openat2+0x10d/0x1e0 [ 145.408385][ T7016] ? __pfx_do_sys_openat2+0x10/0x10 [ 145.408424][ T7016] ? __fget_files+0x21f/0x3d0 [ 145.408458][ T7016] __x64_sys_openat+0x12d/0x210 [ 145.408494][ T7016] ? __pfx___x64_sys_openat+0x10/0x10 [ 145.408555][ T7016] do_syscall_64+0x106/0xf80 [ 145.408592][ T7016] ? clear_bhb_loop+0x40/0x90 [ 145.408626][ T7016] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.408654][ T7016] RIP: 0033:0x7f84e559c799 [ 145.408677][ T7016] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 145.408703][ T7016] RSP: 002b:00007f84e6476028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 145.408729][ T7016] RAX: ffffffffffffffda RBX: 00007f84e5815fa0 RCX: 00007f84e559c799 [ 145.408748][ T7016] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c [ 145.408766][ T7016] RBP: 00007f84e5632c99 R08: 0000000000000000 R09: 0000000000000000 [ 145.408783][ T7016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 145.408799][ T7016] R13: 00007f84e5816038 R14: 00007f84e5815fa0 R15: 00007ffeb8b066a8 [ 145.408838][ T7016] [ 145.888396][ T7011] tipc: Started in network mode [ 145.893299][ T7011] tipc: Node identity ffffffff, cluster identity 4711 [ 145.980567][ T7011] tipc: Node number set to 4294967295 [ 146.131535][ T7021] futex_wake_op: syz.2.241 tries to shift op by -2048; fix this program [ 147.543539][ T29] audit: type=1326 audit(2147484711.827:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7042 comm="syz.2.246" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc9b079c799 code=0x0 [ 148.978217][ T7043] kexec: Could not allocate control_code_buffer [ 149.246175][ T7065] syz.2.251 uses obsolete (PF_INET,SOCK_PACKET) [ 149.650713][ T7062] FAULT_INJECTION: forcing a failure. [ 149.650713][ T7062] name fail_futex, interval 1, probability 0, space 0, times 0 [ 149.689477][ T7062] CPU: 1 UID: 0 PID: 7062 Comm: syz.2.251 Not tainted syzkaller #0 PREEMPT(full) [ 149.689510][ T7062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 149.689523][ T7062] Call Trace: [ 149.689531][ T7062] [ 149.689539][ T7062] dump_stack_lvl+0x100/0x190 [ 149.689580][ T7062] should_fail_ex.cold+0x5/0xa [ 149.689609][ T7062] get_futex_key+0x1d2/0x1620 [ 149.689644][ T7062] ? __pfx_get_futex_key+0x10/0x10 [ 149.689669][ T7062] ? lock_acquire+0x1cf/0x380 [ 149.689710][ T7062] futex_wake+0xea/0x530 [ 149.689749][ T7062] ? __pfx_futex_wake+0x10/0x10 [ 149.689784][ T7062] ? exit_mm_release+0x19/0x30 [ 149.689826][ T7062] do_futex+0x32b/0x350 [ 149.689856][ T7062] ? __pfx_do_futex+0x10/0x10 [ 149.689884][ T7062] ? __might_fault+0xc5/0x140 [ 149.689927][ T7062] mm_release+0x24a/0x2f0 [ 149.689954][ T7062] do_exit+0x704/0x2b60 [ 149.689989][ T7062] ? __pfx_do_exit+0x10/0x10 [ 149.690013][ T7062] ? do_raw_spin_lock+0x128/0x260 [ 149.690031][ T7062] ? find_held_lock+0x2b/0x80 [ 149.690050][ T7062] ? get_signal+0x7e0/0x21e0 [ 149.690066][ T7062] do_group_exit+0xd5/0x2a0 [ 149.690084][ T7062] get_signal+0x1ec7/0x21e0 [ 149.690105][ T7062] ? __pfx_get_signal+0x10/0x10 [ 149.690119][ T7062] ? do_futex+0x192/0x350 [ 149.690138][ T7062] arch_do_signal_or_restart+0x91/0x770 [ 149.690156][ T7062] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 149.690177][ T7062] ? __pfx___x64_sys_futex+0x10/0x10 [ 149.690198][ T7062] exit_to_user_mode_loop+0x86/0x4a0 [ 149.690218][ T7062] do_syscall_64+0x668/0xf80 [ 149.690236][ T7062] ? clear_bhb_loop+0x40/0x90 [ 149.690252][ T7062] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.690266][ T7062] RIP: 0033:0x7fc9b079c799 [ 149.690278][ T7062] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 149.690291][ T7062] RSP: 002b:00007fc9b173d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 149.690308][ T7062] RAX: fffffffffffffe00 RBX: 00007fc9b0a15fa8 RCX: 00007fc9b079c799 [ 149.690317][ T7062] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc9b0a15fa8 [ 149.690325][ T7062] RBP: 00007fc9b0a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 149.690333][ T7062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 149.690341][ T7062] R13: 00007fc9b0a16038 R14: 00007ffd6fb02f30 R15: 00007ffd6fb03018 [ 149.690359][ T7062] [ 151.282081][ T29] audit: type=1326 audit(2147484715.565:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7108 comm="syz.0.260" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fae4399c799 code=0x0 [ 151.690141][ T7121] FAULT_INJECTION: forcing a failure. [ 151.690141][ T7121] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 151.780808][ T7121] CPU: 0 UID: 0 PID: 7121 Comm: syz.1.263 Not tainted syzkaller #0 PREEMPT(full) [ 151.780832][ T7121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 151.780846][ T7121] Call Trace: [ 151.780851][ T7121] [ 151.780857][ T7121] dump_stack_lvl+0x100/0x190 [ 151.780885][ T7121] should_fail_ex.cold+0x5/0xa [ 151.780900][ T7121] ? prepare_alloc_pages+0x16d/0x5f0 [ 151.780918][ T7121] should_fail_alloc_page+0xeb/0x140 [ 151.780936][ T7121] prepare_alloc_pages+0x1f0/0x5f0 [ 151.780956][ T7121] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 151.780983][ T7121] ? kasan_save_stack+0x3f/0x50 [ 151.781003][ T7121] ? kasan_save_stack+0x30/0x50 [ 151.781023][ T7121] ? kasan_save_track+0x14/0x30 [ 151.781042][ T7121] ? __kasan_slab_alloc+0x89/0x90 [ 151.781054][ T7121] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 151.781075][ T7121] ? ptlock_alloc+0x1f/0x70 [ 151.781091][ T7121] ? pte_alloc_one+0x82/0x3d0 [ 151.781109][ T7121] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 151.781135][ T7121] ? __lock_acquire+0x4a5/0x2630 [ 151.781157][ T7121] ? __lock_acquire+0x4a5/0x2630 [ 151.781176][ T7121] ? __lock_acquire+0x4a5/0x2630 [ 151.781191][ T7121] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 151.781216][ T7121] ? policy_nodemask+0xed/0x4f0 [ 151.781233][ T7121] alloc_pages_mpol+0x1fb/0x550 [ 151.781249][ T7121] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 151.781262][ T7121] ? page_table_check_set+0x49a/0xa10 [ 151.781290][ T7121] alloc_pages_noprof+0x131/0x390 [ 151.781306][ T7121] pte_alloc_one+0x1c/0x3d0 [ 151.781322][ T7121] __pte_alloc+0x6d/0x3e0 [ 151.781345][ T7121] ? __pfx___pte_alloc+0x10/0x10 [ 151.781360][ T7121] ? __pfx___might_resched+0x10/0x10 [ 151.781381][ T7121] ? copy_page_range+0x1e9d/0x6570 [ 151.781404][ T7121] copy_page_range+0x3e51/0x6570 [ 151.781444][ T7121] ? __pfx_copy_page_range+0x10/0x10 [ 151.781471][ T7121] ? __pfx___might_resched+0x10/0x10 [ 151.781499][ T7121] ? up_write+0x290/0x4f0 [ 151.781520][ T7121] dup_mmap+0xd25/0x2180 [ 151.781545][ T7121] ? __pfx_dup_mmap+0x10/0x10 [ 151.781559][ T7121] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 151.781583][ T7121] ? __lock_acquire+0x4a5/0x2630 [ 151.781601][ T7121] ? find_held_lock+0x2b/0x80 [ 151.781614][ T7121] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 151.781646][ T7121] copy_process+0x73d7/0x7a10 [ 151.781673][ T7121] ? __pfx_copy_process+0x10/0x10 [ 151.781690][ T7121] ? find_held_lock+0x2b/0x80 [ 151.781711][ T7121] kernel_clone+0xfc/0x9a0 [ 151.781726][ T7121] ? __pfx_futex_wait+0x10/0x10 [ 151.781749][ T7121] ? __pfx_kernel_clone+0x10/0x10 [ 151.781776][ T7121] __do_sys_clone+0xd9/0x120 [ 151.781792][ T7121] ? __pfx___do_sys_clone+0x10/0x10 [ 151.781808][ T7121] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 151.781847][ T7121] do_syscall_64+0x106/0xf80 [ 151.781867][ T7121] ? clear_bhb_loop+0x40/0x90 [ 151.781884][ T7121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.781899][ T7121] RIP: 0033:0x7f84e559c799 [ 151.781912][ T7121] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 151.781926][ T7121] RSP: 002b:00007f84e6475fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 151.781941][ T7121] RAX: ffffffffffffffda RBX: 00007f84e5815fa0 RCX: 00007f84e559c799 [ 151.781951][ T7121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 151.781959][ T7121] RBP: 00007f84e5632c99 R08: 0000000000000000 R09: 0000000000000000 [ 151.781968][ T7121] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 151.781976][ T7121] R13: 00007f84e5816038 R14: 00007f84e5815fa0 R15: 00007ffeb8b066a8 [ 151.781996][ T7121] [ 152.726301][ T7109] kexec: Could not allocate control_code_buffer [ 152.778956][ T7140] [U] -1 [ 152.782006][ T7140] [U] [ 152.784718][ T7140] [U] [ 152.787426][ T7140] [U] [ 152.790130][ T7140] [U] [ 152.830390][ T7140] [U] [ 152.833134][ T7140] [U] [ 152.835834][ T7140] [U] [ 152.838528][ T7140] [U] [ 152.902987][ T7140] [U] [ 152.905731][ T7140] [U] [ 152.908439][ T7140] [U] [ 152.911149][ T7140] [U] [ 152.933642][ T7140] [U] [ 152.936395][ T7140] [U] [ 152.939107][ T7140] [U] [ 152.941813][ T7140] [U] [ 152.944950][ T7140] [U] [ 152.947669][ T7140] [U] [ 152.950378][ T7140] [U] [ 152.953085][ T7140] [U] [ 152.957012][ T7140] [U] [ 152.959730][ T7140] [U] [ 152.962441][ T7140] [U] [ 152.965147][ T7140] [U] [ 152.973275][ T7140] [U] [ 152.975990][ T7140] [U] [ 152.978709][ T7140] [U] [ 152.981408][ T7140] [U] [ 153.011226][ T7140] [U] [ 153.013956][ T7140] [U] [ 153.016664][ T7140] [U] [ 153.019372][ T7140] [U] [ 153.036399][ T7140] [U] [ 153.039133][ T7140] [U] [ 153.041834][ T7140] [U] [ 153.044529][ T7140] [U] [ 153.070838][ T7140] [U] [ 153.073579][ T7140] [U] [ 153.076289][ T7140] [U] [ 153.078998][ T7140] [U] [ 153.103585][ T7140] [U] [ 153.106330][ T7140] [U] [ 153.109045][ T7140] [U] [ 153.111761][ T7140] [U] [ 153.145906][ T7140] [U] [ 153.148651][ T7140] [U] [ 153.151362][ T7140] [U] [ 153.154067][ T7140] [U] [ 153.174479][ T7140] [U] [ 153.177221][ T7140] [U] [ 153.179934][ T7140] [U] [ 153.182645][ T7140] [U] [ 153.221983][ T7140] [U] [ 153.224735][ T7140] [U] [ 153.227440][ T7140] [U] [ 153.230152][ T7140] [U] [ 153.255944][ T7140] [U] [ 153.258705][ T7140] [U] [ 153.261423][ T7140] [U] [ 153.264131][ T7140] [U] [ 153.281103][ T7140] [U] [ 153.283837][ T7140] [U] [ 153.286551][ T7140] [U] [ 153.289256][ T7140] [U] [ 153.303179][ T7140] [U] [ 153.305911][ T7140] [U] [ 153.308619][ T7140] [U] [ 153.311332][ T7140] [U] [ 153.344700][ T7140] [U] [ 153.347446][ T7140] [U] [ 153.350157][ T7140] [U] [ 153.353041][ T7140] [U] [ 153.391586][ T7140] [U] [ 153.394331][ T7140] [U] [ 153.397040][ T7140] [U] [ 153.399747][ T7140] [U] [ 153.426273][ T7140] [U] [ 153.429014][ T7140] [U] [ 153.431727][ T7140] [U] [ 153.434435][ T7140] [U] [ 153.453741][ T7140] [U] [ 153.456487][ T7140] [U] [ 153.459193][ T7140] [U] [ 153.461899][ T7140] [U] [ 153.481560][ T7140] [U] [ 153.484306][ T7140] [U] [ 153.487012][ T7140] [U] [ 153.489713][ T7140] [U] [ 153.519223][ T7140] [U] [ 153.521966][ T7140] [U] [ 153.524667][ T7140] [U] [ 153.527366][ T7140] [U] [ 153.591501][ T7140] [U] [ 153.594249][ T7140] [U] [ 153.596962][ T7140] [U] [ 153.599671][ T7140] [U] [ 153.662892][ T7140] [U] [ 154.096854][ T29] audit: type=1326 audit(2147484718.373:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7170 comm="syz.0.276" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fae4399c799 code=0x0 [ 155.217396][ T7174] kexec: Could not allocate control_code_buffer [ 155.413744][ T7188] futex_wake_op: syz.3.278 tries to shift op by -2048; fix this program [ 155.958798][ T7187] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 155.980224][ T7187] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 156.019701][ T7187] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 156.044425][ T7187] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 156.058297][ T7187] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 156.091473][ T7187] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 156.119048][ T7187] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 156.131705][ T7187] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 156.144962][ T7187] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 156.163939][ T7187] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 156.177078][ T7187] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 156.225662][ T7187] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 156.539467][ T7228] ovs_: entered promiscuous mode [ 157.203990][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 158.083574][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 158.163615][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 158.254599][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout [ 158.874244][ T7291] netlink: 223 bytes leftover after parsing attributes in process `syz.3.300'. [ 158.924162][ T7292] netlink: 223 bytes leftover after parsing attributes in process `syz.3.300'. [ 158.960070][ T7291] FAULT_INJECTION: forcing a failure. [ 158.960070][ T7291] name fail_futex, interval 1, probability 0, space 0, times 0 [ 158.999590][ T7291] CPU: 0 UID: 0 PID: 7291 Comm: syz.3.300 Not tainted syzkaller #0 PREEMPT(full) [ 158.999623][ T7291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 158.999637][ T7291] Call Trace: [ 158.999645][ T7291] [ 158.999653][ T7291] dump_stack_lvl+0x100/0x190 [ 158.999695][ T7291] should_fail_ex.cold+0x5/0xa [ 158.999725][ T7291] get_futex_key+0x1d2/0x1620 [ 158.999759][ T7291] ? __pfx_get_futex_key+0x10/0x10 [ 158.999792][ T7291] ? __pfx____sys_sendmsg+0x10/0x10 [ 158.999827][ T7291] futex_wake+0xea/0x530 [ 158.999866][ T7291] ? __pfx_futex_wake+0x10/0x10 [ 158.999916][ T7291] do_futex+0x32b/0x350 [ 158.999948][ T7291] ? __pfx_do_futex+0x10/0x10 [ 158.999978][ T7291] ? fput+0x79/0x100 [ 159.000006][ T7291] ? __sys_sendmsg+0x18f/0x220 [ 159.000043][ T7291] __x64_sys_futex+0x34f/0x4d0 [ 159.000079][ T7291] ? __pfx___x64_sys_futex+0x10/0x10 [ 159.000124][ T7291] do_syscall_64+0x106/0xf80 [ 159.000163][ T7291] ? clear_bhb_loop+0x40/0x90 [ 159.000194][ T7291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.000220][ T7291] RIP: 0033:0x7f035f19c799 [ 159.000241][ T7291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 159.000264][ T7291] RSP: 002b:00007f035ff980e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 159.000287][ T7291] RAX: ffffffffffffffda RBX: 00007f035f415fa8 RCX: 00007f035f19c799 [ 159.000304][ T7291] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f035f415fac [ 159.000319][ T7291] RBP: 00007f035f415fa0 R08: 0000000000000000 R09: 0000000000000000 [ 159.000334][ T7291] R10: 0000000000000014 R11: 0000000000000246 R12: 0000000000000000 [ 159.000357][ T7291] R13: 00007f035f416038 R14: 00007ffef0dc6070 R15: 00007ffef0dc6158 [ 159.000391][ T7291] [ 159.298565][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 160.164629][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 160.244718][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 160.331530][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout [ 160.862909][ T7349] Invalid ELF header magic: != ELF [ 161.365865][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 161.666135][ T29] audit: type=1326 audit(2147484725.929:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7364 comm="syz.1.317" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f84e559c799 code=0x0 [ 162.176432][ T29] audit: type=1326 audit(2147484726.449:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7373 comm="syz.3.319" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f035f19c799 code=0x0 [ 162.247618][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 162.325813][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 162.335218][ T29] audit: type=1326 audit(2147484726.599:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7375 comm="syz.2.320" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc9b079c799 code=0x0 [ 162.408172][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout [ 163.011723][ T7365] kexec: Could not allocate control_code_buffer [ 163.081839][ T7389] misc userio: Invalid payload size [ 163.238303][ T7396] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(6.0.2), cmd(8) [ 163.387910][ T7401] HfR: entered promiscuous mode [ 163.433956][ T7399] netlink: 32 bytes leftover after parsing attributes in process `syz.2.325'. [ 164.129356][ T7415] bridge_slave_1: left allmulticast mode [ 164.135059][ T7415] bridge_slave_1: left promiscuous mode [ 164.143704][ T7415] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.389256][ T29] audit: type=1326 audit(2147484728.658:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7419 comm="syz.1.331" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f84e559c799 code=0x0 [ 164.429004][ T7417] FAULT_INJECTION: forcing a failure. [ 164.429004][ T7417] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 164.457851][ T7417] CPU: 0 UID: 0 PID: 7417 Comm: syz.2.330 Not tainted syzkaller #0 PREEMPT(full) [ 164.457872][ T7417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 164.457880][ T7417] Call Trace: [ 164.457885][ T7417] [ 164.457891][ T7417] dump_stack_lvl+0x100/0x190 [ 164.457916][ T7417] should_fail_ex.cold+0x5/0xa [ 164.457932][ T7417] _copy_from_user+0x2e/0xd0 [ 164.457949][ T7417] copy_msghdr_from_user+0x9f/0x4f0 [ 164.457966][ T7417] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 164.457984][ T7417] ? __pfx___schedule+0x10/0x10 [ 164.458005][ T7417] ___sys_sendmsg+0x106/0x1e0 [ 164.458021][ T7417] ? __pfx____sys_sendmsg+0x10/0x10 [ 164.458044][ T7417] ? find_held_lock+0x2b/0x80 [ 164.458068][ T7417] __sys_sendmmsg+0x205/0x430 [ 164.458089][ T7417] ? __pfx___sys_sendmmsg+0x10/0x10 [ 164.458107][ T7417] ? find_held_lock+0x2b/0x80 [ 164.458129][ T7417] ? __pfx_do_futex+0x10/0x10 [ 164.458154][ T7417] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 164.458169][ T7417] ? xfd_validate_state+0x129/0x190 [ 164.458192][ T7417] __x64_sys_sendmmsg+0x9c/0x100 [ 164.458211][ T7417] ? lockdep_hardirqs_on+0x78/0x100 [ 164.458229][ T7417] do_syscall_64+0x106/0xf80 [ 164.458246][ T7417] ? clear_bhb_loop+0x40/0x90 [ 164.458273][ T7417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.458299][ T7417] RIP: 0033:0x7fc9b079c799 [ 164.458319][ T7417] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 164.458342][ T7417] RSP: 002b:00007fc9b173d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 164.458358][ T7417] RAX: ffffffffffffffda RBX: 00007fc9b0a15fa0 RCX: 00007fc9b079c799 [ 164.458367][ T7417] RDX: 0000000000000005 RSI: 00002000000000c0 RDI: 0000000000000004 [ 164.458375][ T7417] RBP: 00007fc9b0832c99 R08: 0000000000000000 R09: 0000000000000000 [ 164.458383][ T7417] R10: 000000001997b23d R11: 0000000000000246 R12: 0000000000000000 [ 164.458391][ T7417] R13: 00007fc9b0a16038 R14: 00007fc9b0a15fa0 R15: 00007ffd6fb03018 [ 164.458409][ T7417] [ 165.316096][ T29] audit: type=1326 audit(2147484729.578:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.3.333" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f035f19c799 code=0x0 [ 165.455592][ T7441] misc userio: Invalid payload size [ 165.590377][ T7421] kexec: Could not allocate control_code_buffer [ 165.795977][ T29] audit: type=1326 audit(2147484730.067:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7445 comm="syz.1.334" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f84e559c799 code=0x0 [ 166.952483][ T29] audit: type=1800 audit(2147484731.187:31): pid=7470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=15451 res=0 errno=0 [ 167.069411][ T7470] could not allocate digest TFM handle [ 167.263576][ T7457] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 167.263796][ T7457] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 167.264036][ T7457] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 167.272356][ T7457] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 167.383116][ T7446] kexec: Could not allocate control_code_buffer [ 168.070005][ T7487] i2c i2c-0: new_device: Missing parameters [ 168.488812][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 168.676446][ T29] audit: type=1326 audit(2147484732.946:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7508 comm="syz.3.350" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f035f19c799 code=0x0 [ 169.289685][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 169.290820][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 169.295825][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout [ 170.083906][ T7509] kexec: Could not allocate control_code_buffer [ 170.417371][ T7544] misc userio: Invalid payload size [ 170.657062][ T7562] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 171.050242][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 171.583734][ T29] audit: type=1326 audit(2147484735.855:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7577 comm="syz.1.364" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f84e559c799 code=0x0 [ 171.673027][ T29] audit: type=1326 audit(2147484735.934:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7582 comm="syz.0.366" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fae4399c799 code=0x0 [ 172.599120][ T29] audit: type=1326 audit(2147484736.864:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7592 comm="syz.0.368" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fae4399c799 code=0x0 [ 172.719279][ T7578] kexec: Could not allocate control_code_buffer [ 172.816260][ T7600] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 173.290182][ T7604] misc userio: Invalid payload size [ 173.458769][ T7615] FAULT_INJECTION: forcing a failure. [ 173.458769][ T7615] name failslab, interval 1, probability 0, space 0, times 0 [ 173.520607][ T7615] CPU: 1 UID: 0 PID: 7615 Comm: syz.1.373 Not tainted syzkaller #0 PREEMPT(full) [ 173.520643][ T7615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 173.520659][ T7615] Call Trace: [ 173.520668][ T7615] [ 173.520677][ T7615] dump_stack_lvl+0x100/0x190 [ 173.520719][ T7615] should_fail_ex.cold+0x5/0xa [ 173.520751][ T7615] should_failslab+0xc2/0x120 [ 173.520777][ T7615] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 173.520815][ T7615] ? __alloc_skb+0x140/0x710 [ 173.520856][ T7615] __alloc_skb+0x140/0x710 [ 173.520887][ T7615] ? __alloc_skb+0x5b7/0x710 [ 173.520921][ T7615] ? __pfx___alloc_skb+0x10/0x10 [ 173.520958][ T7615] ? __pfx___register_sysctl_table+0x10/0x10 [ 173.520998][ T7615] ? is_module_address+0x69/0xf0 [ 173.521036][ T7615] inet_netconf_notify_devconf+0x9d/0x170 [ 173.521082][ T7615] __devinet_sysctl_register+0x227/0x360 [ 173.521124][ T7615] ? trace_kmalloc+0x101/0x130 [ 173.521163][ T7615] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 173.521216][ T7615] ? __asan_memcpy+0x3c/0x60 [ 173.521253][ T7615] devinet_init_net+0x334/0x8d0 [ 173.521296][ T7615] ? __pfx_devinet_init_net+0x10/0x10 [ 173.521337][ T7615] ops_init+0x1e2/0x5f0 [ 173.521379][ T7615] setup_net+0x118/0x3a0 [ 173.521418][ T7615] ? __pfx_setup_net+0x10/0x10 [ 173.521453][ T7615] ? lockdep_init_map_type+0x5c/0x250 [ 173.521489][ T7615] ? mutex_init_lockep+0x110/0x150 [ 173.521531][ T7615] copy_net_ns+0x46f/0x7c0 [ 173.521576][ T7615] create_new_namespaces+0x3ea/0xac0 [ 173.521614][ T7615] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 173.521646][ T7615] ksys_unshare+0x473/0xad0 [ 173.521680][ T7615] ? __pfx_ksys_unshare+0x10/0x10 [ 173.521725][ T7615] __x64_sys_unshare+0x31/0x40 [ 173.521758][ T7615] do_syscall_64+0x106/0xf80 [ 173.521795][ T7615] ? clear_bhb_loop+0x40/0x90 [ 173.521830][ T7615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.521858][ T7615] RIP: 0033:0x7f84e559c799 [ 173.521881][ T7615] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 173.521906][ T7615] RSP: 002b:00007f84e6434028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 173.521932][ T7615] RAX: ffffffffffffffda RBX: 00007f84e5816180 RCX: 00007f84e559c799 [ 173.521950][ T7615] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 173.521967][ T7615] RBP: 00007f84e5632c99 R08: 0000000000000000 R09: 0000000000000000 [ 173.521983][ T7615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.521999][ T7615] R13: 00007f84e5816218 R14: 00007f84e5816180 R15: 00007ffeb8b066a8 [ 173.522036][ T7615] [ 173.825347][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 174.660999][ T29] audit: type=1326 audit(2147503082.927:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7632 comm="syz.3.378" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f035f19c799 code=0x0 [ 174.883619][ T29] audit: type=1800 audit(2147503083.157:37): pid=7641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.379" name="dbroot" dev="configfs" ino=16063 res=0 errno=0 [ 176.068014][ T29] audit: type=1326 audit(2147503084.336:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7645 comm="syz.2.380" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc9b079c799 code=0x0 [ 176.103631][ T7633] kexec: Could not allocate control_code_buffer [ 176.995601][ T29] audit: type=1800 audit(2147503085.266:39): pid=7663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.383" name="features" dev="configfs" ino=16097 res=0 errno=0 [ 177.017540][ T7663] aoe: invalid device specification [ 177.017577][ T7664] aoe: invalid device specification [ 177.063090][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 177.279018][ T7668] netlink: 342 bytes leftover after parsing attributes in process `syz.2.385'. [ 177.361484][ T7670] netlink: 8 bytes leftover after parsing attributes in process `syz.3.384'. [ 177.956480][ T7684] FAULT_INJECTION: forcing a failure. [ 177.956480][ T7684] name failslab, interval 1, probability 0, space 0, times 0 [ 177.983523][ T7684] CPU: 1 UID: 0 PID: 7684 Comm: syz.1.387 Not tainted syzkaller #0 PREEMPT(full) [ 177.983558][ T7684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 177.983576][ T7684] Call Trace: [ 177.983586][ T7684] [ 177.983597][ T7684] dump_stack_lvl+0x100/0x190 [ 177.983646][ T7684] should_fail_ex.cold+0x5/0xa [ 177.983688][ T7684] should_failslab+0xc2/0x120 [ 177.983719][ T7684] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 177.983760][ T7684] ? security_inode_alloc+0x3b/0x2c0 [ 177.983788][ T7684] ? lockdep_init_map_type+0x5c/0x250 [ 177.983831][ T7684] security_inode_alloc+0x3b/0x2c0 [ 177.983863][ T7684] inode_init_always_gfp+0xced/0x1040 [ 177.983898][ T7684] alloc_inode+0x8e/0x250 [ 177.983935][ T7684] new_inode+0x22/0x1c0 [ 177.983974][ T7684] shmem_get_inode+0x212/0x1040 [ 177.984015][ T7684] ? __pfx_shmem_get_inode+0x10/0x10 [ 177.984050][ T7684] ? d_add+0x443/0x850 [ 177.984086][ T7684] ? do_raw_spin_unlock+0x145/0x1e0 [ 177.984133][ T7684] shmem_mknod+0x20c/0x470 [ 177.984172][ T7684] ? __pfx_shmem_mknod+0x10/0x10 [ 177.984203][ T7684] ? bpf_lsm_inode_create+0x9/0x10 [ 177.984249][ T7684] ? __pfx_shmem_create+0x10/0x10 [ 177.984285][ T7684] lookup_open.isra.0+0xc47/0x11b0 [ 177.984334][ T7684] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 177.984382][ T7684] ? __pfx___might_resched+0x10/0x10 [ 177.984420][ T7684] ? mnt_get_write_access+0x52/0x2f0 [ 177.984465][ T7684] ? __pfx_down_write+0x10/0x10 [ 177.984505][ T7684] ? mnt_get_write_access+0x1e9/0x2f0 [ 177.984549][ T7684] path_openat+0x2291/0x31a0 [ 177.984592][ T7684] ? __pfx_path_openat+0x10/0x10 [ 177.984636][ T7684] do_file_open+0x20e/0x430 [ 177.984668][ T7684] ? __pfx_do_file_open+0x10/0x10 [ 177.984733][ T7684] ? alloc_fd+0x476/0x790 [ 177.984764][ T7684] ? do_getname+0x191/0x390 [ 177.984802][ T7684] do_sys_openat2+0x10d/0x1e0 [ 177.984839][ T7684] ? __pfx_do_sys_openat2+0x10/0x10 [ 177.984880][ T7684] ? __fget_files+0x21f/0x3d0 [ 177.984916][ T7684] __x64_sys_openat+0x12d/0x210 [ 177.984954][ T7684] ? __pfx___x64_sys_openat+0x10/0x10 [ 177.985007][ T7684] do_syscall_64+0x106/0xf80 [ 177.985044][ T7684] ? clear_bhb_loop+0x40/0x90 [ 177.985079][ T7684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.985108][ T7684] RIP: 0033:0x7f84e559c799 [ 177.985133][ T7684] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 177.985161][ T7684] RSP: 002b:00007f84e6476028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 177.985188][ T7684] RAX: ffffffffffffffda RBX: 00007f84e5815fa0 RCX: 00007f84e559c799 [ 177.985207][ T7684] RDX: 00000000000a2741 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 177.985225][ T7684] RBP: 00007f84e5632c99 R08: 0000000000000000 R09: 0000000000000000 [ 177.985242][ T7684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 177.985259][ T7684] R13: 00007f84e5816038 R14: 00007f84e5815fa0 R15: 00007ffeb8b066a8 [ 177.985298][ T7684] [ 178.644723][ T7677] misc userio: Invalid payload size [ 179.095577][ T29] audit: type=1326 audit(2147503087.364:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7689 comm="syz.2.390" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc9b079c799 code=0x0 [ 180.434808][ T7691] kexec: Could not allocate control_code_buffer [ 180.649980][ T29] audit: type=1326 audit(2147503088.914:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7709 comm="syz.3.393" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f035f19c799 code=0x0 [ 180.655172][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 180.903570][ T7720] netlink: 342 bytes leftover after parsing attributes in process `syz.2.396'. [ 181.713984][ T7713] kexec: Could not allocate control_code_buffer [ 181.777932][ T7743] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 182.556354][ T7763] netlink: 342 bytes leftover after parsing attributes in process `syz.1.408'. [ 184.361296][ T7779] FAULT_INJECTION: forcing a failure. [ 184.361296][ T7779] name failslab, interval 1, probability 0, space 0, times 0 [ 184.377897][ T7779] CPU: 0 UID: 0 PID: 7779 Comm: syz.1.411 Not tainted syzkaller #0 PREEMPT(full) [ 184.377937][ T7779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 184.377953][ T7779] Call Trace: [ 184.377962][ T7779] [ 184.377973][ T7779] dump_stack_lvl+0x100/0x190 [ 184.378019][ T7779] should_fail_ex.cold+0x5/0xa [ 184.378053][ T7779] should_failslab+0xc2/0x120 [ 184.378083][ T7779] __kmalloc_cache_noprof+0x7a/0x6f0 [ 184.378119][ T7779] ? snd_seq_pool_new+0x44/0x230 [ 184.378159][ T7779] ? __pfx_snd_seq_open+0x10/0x10 [ 184.378203][ T7779] snd_seq_pool_new+0x44/0x230 [ 184.378236][ T7779] seq_create_client1+0x66/0x640 [ 184.378282][ T7779] ? __pfx_snd_seq_open+0x10/0x10 [ 184.378324][ T7779] snd_seq_open+0x59/0x590 [ 184.378367][ T7779] ? __pfx_snd_seq_open+0x10/0x10 [ 184.378407][ T7779] snd_open+0x22d/0x4c0 [ 184.378437][ T7779] ? __pfx_snd_open+0x10/0x10 [ 184.378465][ T7779] chrdev_open+0x234/0x6a0 [ 184.378493][ T7779] ? __pfx_apparmor_file_open+0x10/0x10 [ 184.378537][ T7779] ? __pfx_chrdev_open+0x10/0x10 [ 184.378569][ T7779] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 184.378617][ T7779] do_dentry_open+0x6d8/0x1660 [ 184.378647][ T7779] ? __pfx_chrdev_open+0x10/0x10 [ 184.378685][ T7779] vfs_open+0x82/0x3f0 [ 184.378725][ T7779] path_openat+0x208c/0x31a0 [ 184.378767][ T7779] ? __pfx_path_openat+0x10/0x10 [ 184.378811][ T7779] do_file_open+0x20e/0x430 [ 184.378844][ T7779] ? __pfx_do_file_open+0x10/0x10 [ 184.378902][ T7779] ? alloc_fd+0x476/0x790 [ 184.378934][ T7779] ? do_getname+0x191/0x390 [ 184.378972][ T7779] do_sys_openat2+0x10d/0x1e0 [ 184.379008][ T7779] ? __pfx_do_sys_openat2+0x10/0x10 [ 184.379047][ T7779] ? __fget_files+0x21f/0x3d0 [ 184.379081][ T7779] __x64_sys_openat+0x12d/0x210 [ 184.379119][ T7779] ? __pfx___x64_sys_openat+0x10/0x10 [ 184.379171][ T7779] do_syscall_64+0x106/0xf80 [ 184.379208][ T7779] ? clear_bhb_loop+0x40/0x90 [ 184.379244][ T7779] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.379273][ T7779] RIP: 0033:0x7f84e559c799 [ 184.379297][ T7779] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 184.379323][ T7779] RSP: 002b:00007f84e6476028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 184.379351][ T7779] RAX: ffffffffffffffda RBX: 00007f84e5815fa0 RCX: 00007f84e559c799 [ 184.379371][ T7779] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c [ 184.379389][ T7779] RBP: 00007f84e5632c99 R08: 0000000000000000 R09: 0000000000000000 [ 184.379406][ T7779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 184.379422][ T7779] R13: 00007f84e5816038 R14: 00007f84e5815fa0 R15: 00007ffeb8b066a8 [ 184.379460][ T7779] [ 185.101973][ T29] audit: type=1326 audit(2147503093.361:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7784 comm="syz.0.414" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fae4399c799 code=0x0 [ 185.457551][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 185.729990][ T7803] FAULT_INJECTION: forcing a failure. [ 185.729990][ T7803] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 185.778600][ T7803] CPU: 1 UID: 0 PID: 7803 Comm: syz.2.419 Not tainted syzkaller #0 PREEMPT(full) [ 185.778640][ T7803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 185.778657][ T7803] Call Trace: [ 185.778666][ T7803] [ 185.778676][ T7803] dump_stack_lvl+0x100/0x190 [ 185.778722][ T7803] should_fail_ex.cold+0x5/0xa [ 185.778753][ T7803] strncpy_from_user+0x3b/0x2d0 [ 185.778786][ T7803] do_getname+0x78/0x390 [ 185.778823][ T7803] do_sys_openat2+0xc5/0x1e0 [ 185.778856][ T7803] ? __pfx_do_sys_openat2+0x10/0x10 [ 185.778891][ T7803] ? __sys_connect+0xe4/0x170 [ 185.778931][ T7803] __x64_sys_openat+0x12d/0x210 [ 185.778967][ T7803] ? __pfx___x64_sys_openat+0x10/0x10 [ 185.779013][ T7803] do_syscall_64+0x106/0xf80 [ 185.779048][ T7803] ? clear_bhb_loop+0x40/0x90 [ 185.779082][ T7803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.779109][ T7803] RIP: 0033:0x7fc9b079c799 [ 185.779132][ T7803] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 185.779158][ T7803] RSP: 002b:00007fc9b173d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 185.779184][ T7803] RAX: ffffffffffffffda RBX: 00007fc9b0a15fa0 RCX: 00007fc9b079c799 [ 185.779202][ T7803] RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 185.779219][ T7803] RBP: 00007fc9b0832c99 R08: 0000000000000000 R09: 0000000000000000 [ 185.779235][ T7803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 185.779251][ T7803] R13: 00007fc9b0a16038 R14: 00007fc9b0a15fa0 R15: 00007ffd6fb03018 [ 185.779287][ T7803] [ 186.384530][ T7814] FAULT_INJECTION: forcing a failure. [ 186.384530][ T7814] name failslab, interval 1, probability 0, space 0, times 0 [ 186.436154][ T7814] CPU: 1 UID: 0 PID: 7814 Comm: syz.1.422 Not tainted syzkaller #0 PREEMPT(full) [ 186.436197][ T7814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 186.436212][ T7814] Call Trace: [ 186.436222][ T7814] [ 186.436233][ T7814] dump_stack_lvl+0x100/0x190 [ 186.436280][ T7814] should_fail_ex.cold+0x5/0xa [ 186.436314][ T7814] should_failslab+0xc2/0x120 [ 186.436344][ T7814] __kmalloc_cache_noprof+0x7a/0x6f0 [ 186.436382][ T7814] ? seq_create_client1+0x4d/0x640 [ 186.436432][ T7814] ? __pfx_snd_seq_open+0x10/0x10 [ 186.436474][ T7814] seq_create_client1+0x4d/0x640 [ 186.436518][ T7814] ? __pfx_snd_seq_open+0x10/0x10 [ 186.436559][ T7814] snd_seq_open+0x59/0x590 [ 186.436602][ T7814] ? __pfx_snd_seq_open+0x10/0x10 [ 186.436642][ T7814] snd_open+0x22d/0x4c0 [ 186.436673][ T7814] ? __pfx_snd_open+0x10/0x10 [ 186.436699][ T7814] chrdev_open+0x234/0x6a0 [ 186.436725][ T7814] ? __pfx_apparmor_file_open+0x10/0x10 [ 186.436771][ T7814] ? __pfx_chrdev_open+0x10/0x10 [ 186.436804][ T7814] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 186.436854][ T7814] do_dentry_open+0x6d8/0x1660 [ 186.436884][ T7814] ? __pfx_chrdev_open+0x10/0x10 [ 186.436923][ T7814] vfs_open+0x82/0x3f0 [ 186.436963][ T7814] path_openat+0x208c/0x31a0 [ 186.437006][ T7814] ? __pfx_path_openat+0x10/0x10 [ 186.437050][ T7814] do_file_open+0x20e/0x430 [ 186.437083][ T7814] ? __pfx_do_file_open+0x10/0x10 [ 186.437141][ T7814] ? alloc_fd+0x476/0x790 [ 186.437171][ T7814] ? do_getname+0x191/0x390 [ 186.437207][ T7814] do_sys_openat2+0x10d/0x1e0 [ 186.437241][ T7814] ? __pfx_do_sys_openat2+0x10/0x10 [ 186.437280][ T7814] ? __fget_files+0x21f/0x3d0 [ 186.437312][ T7814] __x64_sys_openat+0x12d/0x210 [ 186.437349][ T7814] ? __pfx___x64_sys_openat+0x10/0x10 [ 186.437397][ T7814] do_syscall_64+0x106/0xf80 [ 186.437434][ T7814] ? clear_bhb_loop+0x40/0x90 [ 186.437469][ T7814] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.437497][ T7814] RIP: 0033:0x7f84e559c799 [ 186.437520][ T7814] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 186.437547][ T7814] RSP: 002b:00007f84e6476028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 186.437576][ T7814] RAX: ffffffffffffffda RBX: 00007f84e5815fa0 RCX: 00007f84e559c799 [ 186.437593][ T7814] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c [ 186.437611][ T7814] RBP: 00007f84e5632c99 R08: 0000000000000000 R09: 0000000000000000 [ 186.437628][ T7814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.437645][ T7814] R13: 00007f84e5816038 R14: 00007f84e5815fa0 R15: 00007ffeb8b066a8 [ 186.437684][ T7814] [ 186.742055][ T7786] kexec: Could not allocate control_code_buffer [ 186.780394][ T7821] FAULT_INJECTION: forcing a failure. [ 186.780394][ T7821] name failslab, interval 1, probability 0, space 0, times 0 [ 186.817960][ T7821] CPU: 0 UID: 0 PID: 7821 Comm: syz.2.423 Not tainted syzkaller #0 PREEMPT(full) [ 186.818003][ T7821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 186.818020][ T7821] Call Trace: [ 186.818029][ T7821] [ 186.818040][ T7821] dump_stack_lvl+0x100/0x190 [ 186.818083][ T7821] should_fail_ex.cold+0x5/0xa [ 186.818112][ T7821] ? tomoyo_encode2+0xfb/0x3c0 [ 186.818141][ T7821] should_failslab+0xc2/0x120 [ 186.818166][ T7821] __kmalloc_noprof+0xe0/0x850 [ 186.818201][ T7821] ? d_absolute_path+0x136/0x1b0 [ 186.818239][ T7821] tomoyo_encode2+0xfb/0x3c0 [ 186.818275][ T7821] tomoyo_encode+0x29/0x50 [ 186.818303][ T7821] tomoyo_realpath_from_path+0x18c/0x690 [ 186.818342][ T7821] tomoyo_check_open_permission+0x2af/0x3c0 [ 186.818370][ T7821] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 186.818430][ T7821] ? do_raw_spin_lock+0x128/0x260 [ 186.818466][ T7821] ? path_get+0x61/0x80 [ 186.818495][ T7821] tomoyo_file_open+0x6b/0x90 [ 186.818530][ T7821] security_file_open+0xb5/0x1e0 [ 186.818560][ T7821] do_dentry_open+0x5aa/0x1660 [ 186.818587][ T7821] ? security_inode_permission+0xbf/0x250 [ 186.818618][ T7821] vfs_open+0x82/0x3f0 [ 186.818651][ T7821] path_openat+0x208c/0x31a0 [ 186.818687][ T7821] ? __pfx_path_openat+0x10/0x10 [ 186.818724][ T7821] do_file_open+0x20e/0x430 [ 186.818751][ T7821] ? __pfx_do_file_open+0x10/0x10 [ 186.818799][ T7821] ? alloc_fd+0x476/0x790 [ 186.818833][ T7821] ? do_getname+0x191/0x390 [ 186.818867][ T7821] do_sys_openat2+0x10d/0x1e0 [ 186.818898][ T7821] ? __pfx_do_sys_openat2+0x10/0x10 [ 186.818932][ T7821] ? __fget_files+0x21f/0x3d0 [ 186.818962][ T7821] __x64_sys_openat+0x12d/0x210 [ 186.818995][ T7821] ? __pfx___x64_sys_openat+0x10/0x10 [ 186.819040][ T7821] do_syscall_64+0x106/0xf80 [ 186.819072][ T7821] ? clear_bhb_loop+0x40/0x90 [ 186.819101][ T7821] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.819126][ T7821] RIP: 0033:0x7fc9b079c799 [ 186.819147][ T7821] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 186.819170][ T7821] RSP: 002b:00007fc9b173d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 186.819194][ T7821] RAX: ffffffffffffffda RBX: 00007fc9b0a15fa0 RCX: 00007fc9b079c799 [ 186.819211][ T7821] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 186.819226][ T7821] RBP: 00007fc9b0832c99 R08: 0000000000000000 R09: 0000000000000000 [ 186.819241][ T7821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.819255][ T7821] R13: 00007fc9b0a16038 R14: 00007fc9b0a15fa0 R15: 00007ffd6fb03018 [ 186.819290][ T7821] [ 186.819321][ T7821] ERROR: Out of memory at tomoyo_realpath_from_path. [ 187.491126][ T29] audit: type=1800 audit(2147503095.750:43): pid=7834 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.428" name="dbroot" dev="configfs" ino=16865 res=0 errno=0 [ 187.508141][ T7836] FAULT_INJECTION: forcing a failure. [ 187.508141][ T7836] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 187.525534][ T7836] CPU: 1 UID: 0 PID: 7836 Comm: syz.2.429 Not tainted syzkaller #0 PREEMPT(full) [ 187.525568][ T7836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 187.525582][ T7836] Call Trace: [ 187.525590][ T7836] [ 187.525599][ T7836] dump_stack_lvl+0x100/0x190 [ 187.525640][ T7836] should_fail_ex.cold+0x5/0xa [ 187.525671][ T7836] strncpy_from_user+0x3b/0x2d0 [ 187.525703][ T7836] do_getname+0x78/0x390 [ 187.525737][ T7836] do_sys_openat2+0xc5/0x1e0 [ 187.525770][ T7836] ? __pfx_do_sys_openat2+0x10/0x10 [ 187.525799][ T7836] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 187.525839][ T7836] ? __fget_files+0x21f/0x3d0 [ 187.525869][ T7836] __x64_sys_openat+0x12d/0x210 [ 187.525902][ T7836] ? __pfx___x64_sys_openat+0x10/0x10 [ 187.525932][ T7836] ? ksys_write+0x1ac/0x250 [ 187.525968][ T7836] do_syscall_64+0x106/0xf80 [ 187.526000][ T7836] ? clear_bhb_loop+0x40/0x90 [ 187.526031][ T7836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 187.526057][ T7836] RIP: 0033:0x7fc9b079c799 [ 187.526078][ T7836] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 187.526102][ T7836] RSP: 002b:00007fc9b173d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 187.526126][ T7836] RAX: ffffffffffffffda RBX: 00007fc9b0a15fa0 RCX: 00007fc9b079c799 [ 187.526143][ T7836] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c [ 187.526159][ T7836] RBP: 00007fc9b173d090 R08: 0000000000000000 R09: 0000000000000000 [ 187.526175][ T7836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 187.526189][ T7836] R13: 00007fc9b0a16038 R14: 00007fc9b0a15fa0 R15: 00007ffd6fb03018 [ 187.526225][ T7836] [ 188.295975][ T5837] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 188.388781][ T7849] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 189.158327][ T7857] FAULT_INJECTION: forcing a failure. [ 189.158327][ T7857] name failslab, interval 1, probability 0, space 0, times 0 [ 189.158354][ T7857] CPU: 1 UID: 0 PID: 7857 Comm: syz.2.435 Not tainted syzkaller #0 PREEMPT(full) [ 189.158371][ T7857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 189.158379][ T7857] Call Trace: [ 189.158384][ T7857] [ 189.158389][ T7857] dump_stack_lvl+0x100/0x190 [ 189.158415][ T7857] should_fail_ex.cold+0x5/0xa [ 189.158432][ T7857] should_failslab+0xc2/0x120 [ 189.158448][ T7857] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 189.158469][ T7857] ? __d_alloc+0x34/0xa80 [ 189.158490][ T7857] __d_alloc+0x34/0xa80 [ 189.158503][ T7857] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 189.158523][ T7857] ? security_inode_alloc+0x3b/0x2c0 [ 189.158539][ T7857] d_alloc_pseudo+0x1c/0xc0 [ 189.158559][ T7857] alloc_file_pseudo+0xcf/0x230 [ 189.158578][ T7857] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 189.158595][ T7857] ? inode_init_always_gfp+0xd0e/0x1040 [ 189.158615][ T7857] sock_alloc_file+0x50/0x210 [ 189.158637][ T7857] do_accept+0x242/0x530 [ 189.158653][ T7857] ? 0xffffffff81000000 [ 189.158664][ T7857] ? do_raw_spin_lock+0x128/0x260 [ 189.158685][ T7857] ? __pfx_do_accept+0x10/0x10 [ 189.158712][ T7857] ? 0xffffffff81000000 [ 189.158722][ T7857] __sys_accept4+0x108/0x200 [ 189.158739][ T7857] ? __pfx___sys_accept4+0x10/0x10 [ 189.158761][ T7857] __x64_sys_accept+0x74/0xb0 [ 189.158777][ T7857] ? lockdep_hardirqs_on+0x78/0x100 [ 189.158796][ T7857] do_syscall_64+0x106/0xf80 [ 189.158815][ T7857] ? clear_bhb_loop+0x40/0x90 [ 189.158833][ T7857] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.158848][ T7857] RIP: 0033:0x7fc9b079c799 [ 189.158860][ T7857] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 189.158874][ T7857] RSP: 002b:00007fc9b173d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002b [ 189.158889][ T7857] RAX: ffffffffffffffda RBX: 00007fc9b0a15fa0 RCX: 00007fc9b079c799 [ 189.158898][ T7857] RDX: ffffffff81000000 RSI: ffffffffffffffff RDI: 0000000000000003 [ 189.158907][ T7857] RBP: 00007fc9b0832c99 R08: 0000000000000000 R09: 0000000000000000 [ 189.158916][ T7857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 189.158924][ T7857] R13: 00007fc9b0a16038 R14: 00007fc9b0a15fa0 R15: 00007ffd6fb03018 [ 189.158938][ T7857] ? 0xffffffff81000000 [ 189.158952][ T7857] [ 190.348014][ T7881] FAULT_INJECTION: forcing a failure. [ 190.348014][ T7881] name failslab, interval 1, probability 0, space 0, times 0 [ 190.376867][ T7881] CPU: 0 UID: 0 PID: 7881 Comm: syz.0.440 Not tainted syzkaller #0 PREEMPT(full) [ 190.376888][ T7881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 190.376897][ T7881] Call Trace: [ 190.376902][ T7881] [ 190.376907][ T7881] dump_stack_lvl+0x100/0x190 [ 190.376932][ T7881] should_fail_ex.cold+0x5/0xa [ 190.376949][ T7881] should_failslab+0xc2/0x120 [ 190.376963][ T7881] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 190.376983][ T7881] ? alloc_empty_file+0x55/0x1c0 [ 190.377000][ T7881] ? __pfx_stack_trace_save+0x10/0x10 [ 190.377016][ T7881] alloc_empty_file+0x55/0x1c0 [ 190.377036][ T7881] path_openat+0xe8/0x31a0 [ 190.377049][ T7881] ? kasan_save_stack+0x3f/0x50 [ 190.377069][ T7881] ? kasan_save_stack+0x30/0x50 [ 190.377087][ T7881] ? kasan_save_track+0x14/0x30 [ 190.377106][ T7881] ? __kasan_slab_alloc+0x89/0x90 [ 190.377118][ T7881] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 190.377136][ T7881] ? do_getname+0x35/0x390 [ 190.377151][ T7881] ? do_sys_openat2+0xc5/0x1e0 [ 190.377168][ T7881] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.377185][ T7881] ? __pfx_path_openat+0x10/0x10 [ 190.377205][ T7881] do_file_open+0x20e/0x430 [ 190.377221][ T7881] ? __pfx_do_file_open+0x10/0x10 [ 190.377247][ T7881] ? alloc_fd+0x476/0x790 [ 190.377263][ T7881] ? do_getname+0x191/0x390 [ 190.377280][ T7881] do_sys_openat2+0x10d/0x1e0 [ 190.377298][ T7881] ? __pfx_do_sys_openat2+0x10/0x10 [ 190.377314][ T7881] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 190.377336][ T7881] ? __fget_files+0x21f/0x3d0 [ 190.377352][ T7881] __x64_sys_openat+0x12d/0x210 [ 190.377370][ T7881] ? __pfx___x64_sys_openat+0x10/0x10 [ 190.377386][ T7881] ? ksys_write+0x1ac/0x250 [ 190.377405][ T7881] do_syscall_64+0x106/0xf80 [ 190.377422][ T7881] ? clear_bhb_loop+0x40/0x90 [ 190.377438][ T7881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.377452][ T7881] RIP: 0033:0x7fae4399c799 [ 190.377465][ T7881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 190.377478][ T7881] RSP: 002b:00007fae44906028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 190.377492][ T7881] RAX: ffffffffffffffda RBX: 00007fae43c15fa0 RCX: 00007fae4399c799 [ 190.377501][ T7881] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c [ 190.377510][ T7881] RBP: 00007fae44906090 R08: 0000000000000000 R09: 0000000000000000 [ 190.377518][ T7881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 190.377533][ T7881] R13: 00007fae43c16038 R14: 00007fae43c15fa0 R15: 00007ffd3e50cfd8 [ 190.377551][ T7881] [ 192.140731][ T29] audit: type=1800 audit(2147503100.388:44): pid=7909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.448" name="trace_marker" dev="tracefs" ino=3067 res=0 errno=0 [ 192.251535][ T7911] FAULT_INJECTION: forcing a failure. [ 192.251535][ T7911] name failslab, interval 1, probability 0, space 0, times 0 [ 192.319620][ T7911] CPU: 1 UID: 0 PID: 7911 Comm: syz.0.449 Not tainted syzkaller #0 PREEMPT(full) [ 192.319655][ T7911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 192.319669][ T7911] Call Trace: [ 192.319677][ T7911] [ 192.319687][ T7911] dump_stack_lvl+0x100/0x190 [ 192.319729][ T7911] should_fail_ex.cold+0x5/0xa [ 192.319758][ T7911] should_failslab+0xc2/0x120 [ 192.319785][ T7911] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 192.319819][ T7911] ? security_file_alloc+0x34/0x2c0 [ 192.319849][ T7911] ? trace_kmem_cache_alloc+0xf3/0x120 [ 192.319883][ T7911] security_file_alloc+0x34/0x2c0 [ 192.319913][ T7911] init_file+0x95/0x480 [ 192.319942][ T7911] alloc_empty_file+0x73/0x1c0 [ 192.319974][ T7911] path_openat+0xe8/0x31a0 [ 192.319998][ T7911] ? kasan_save_stack+0x3f/0x50 [ 192.320033][ T7911] ? kasan_save_stack+0x30/0x50 [ 192.320067][ T7911] ? kasan_save_track+0x14/0x30 [ 192.320101][ T7911] ? __kasan_slab_alloc+0x89/0x90 [ 192.320123][ T7911] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 192.320158][ T7911] ? do_getname+0x35/0x390 [ 192.320185][ T7911] ? do_sys_openat2+0xc5/0x1e0 [ 192.320215][ T7911] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.320247][ T7911] ? __pfx_path_openat+0x10/0x10 [ 192.320294][ T7911] do_file_open+0x20e/0x430 [ 192.320324][ T7911] ? __pfx_do_file_open+0x10/0x10 [ 192.320376][ T7911] ? alloc_fd+0x476/0x790 [ 192.320406][ T7911] ? do_getname+0x191/0x390 [ 192.320439][ T7911] do_sys_openat2+0x10d/0x1e0 [ 192.320470][ T7911] ? __pfx_do_sys_openat2+0x10/0x10 [ 192.320502][ T7911] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 192.320544][ T7911] ? __fget_files+0x21f/0x3d0 [ 192.320575][ T7911] __x64_sys_openat+0x12d/0x210 [ 192.320607][ T7911] ? __pfx___x64_sys_openat+0x10/0x10 [ 192.320634][ T7911] ? ksys_write+0x1ac/0x250 [ 192.320666][ T7911] do_syscall_64+0x106/0xf80 [ 192.320697][ T7911] ? clear_bhb_loop+0x40/0x90 [ 192.320727][ T7911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.320752][ T7911] RIP: 0033:0x7fae4399c799 [ 192.320773][ T7911] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 192.320797][ T7911] RSP: 002b:00007fae44906028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 192.320821][ T7911] RAX: ffffffffffffffda RBX: 00007fae43c15fa0 RCX: 00007fae4399c799 [ 192.320838][ T7911] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c [ 192.320855][ T7911] RBP: 00007fae44906090 R08: 0000000000000000 R09: 0000000000000000 [ 192.320871][ T7911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 192.320886][ T7911] R13: 00007fae43c16038 R14: 00007fae43c15fa0 R15: 00007ffd3e50cfd8 [ 192.320921][ T7911] [ 193.797313][ T7935] FAULT_INJECTION: forcing a failure. [ 193.797313][ T7935] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 193.812457][ T29] audit: type=1800 audit(2147503102.077:45): pid=7934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.454" name="dbroot" dev="configfs" ino=17320 res=0 errno=0 [ 193.835471][ T7935] CPU: 0 UID: 0 PID: 7935 Comm: syz.1.455 Not tainted syzkaller #0 PREEMPT(full) [ 193.835507][ T7935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 193.835529][ T7935] Call Trace: [ 193.835538][ T7935] [ 193.835548][ T7935] dump_stack_lvl+0x100/0x190 [ 193.835590][ T7935] should_fail_ex.cold+0x5/0xa [ 193.835628][ T7935] _copy_from_iter+0x1f4/0x1690 [ 193.835667][ T7935] ? rcu_is_watching+0x12/0xc0 [ 193.835707][ T7935] ? __pfx__copy_from_iter+0x10/0x10 [ 193.835735][ T7935] ? trace_kmalloc+0x101/0x130 [ 193.835759][ T7935] ? __kmalloc_large_node_noprof+0x5d/0x70 [ 193.835792][ T7935] ? __kvmalloc_node_noprof+0x6af/0xa00 [ 193.835827][ T7935] ? proc_sys_call_handler+0x2c7/0x5a0 [ 193.835863][ T7935] ? proc_sys_call_handler+0x169/0x5a0 [ 193.835914][ T7935] proc_sys_call_handler+0x3ed/0x5a0 [ 193.835955][ T7935] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 193.836009][ T7935] vfs_write+0x6ac/0x1070 [ 193.836048][ T7935] ? __pfx_proc_sys_write+0x10/0x10 [ 193.836088][ T7935] ? __pfx_vfs_write+0x10/0x10 [ 193.836147][ T7935] ksys_write+0x12a/0x250 [ 193.836171][ T7935] ? __pfx_ksys_write+0x10/0x10 [ 193.836210][ T7935] do_syscall_64+0x106/0xf80 [ 193.836243][ T7935] ? clear_bhb_loop+0x40/0x90 [ 193.836274][ T7935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.836301][ T7935] RIP: 0033:0x7f84e559c799 [ 193.836322][ T7935] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 193.836347][ T7935] RSP: 002b:00007f84e6476028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 193.836371][ T7935] RAX: ffffffffffffffda RBX: 00007f84e5815fa0 RCX: 00007f84e559c799 [ 193.836388][ T7935] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 193.836403][ T7935] RBP: 00007f84e6476090 R08: 0000000000000000 R09: 0000000000000000 [ 193.836417][ T7935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 193.836432][ T7935] R13: 00007f84e5816038 R14: 00007f84e5815fa0 R15: 00007ffeb8b066a8 [ 193.836472][ T7935] [ 194.267453][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.268168][ T29] audit: type=1804 audit(2147503102.427:46): pid=7939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.456" name=2F6E6577726F6F742F3132312F22050820 dev="tmpfs" ino=642 res=1 errno=0 [ 194.274345][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.296585][ T29] audit: type=1800 audit(2147503102.427:47): pid=7939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.456" name=22050820 dev="tmpfs" ino=642 res=0 errno=0 [ 194.358335][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 194.888784][ T7951] netlink: 334 bytes leftover after parsing attributes in process `syz.2.460'. [ 195.566355][ T7965] FAULT_INJECTION: forcing a failure. [ 195.566355][ T7965] name failslab, interval 1, probability 0, space 0, times 0 [ 195.594404][ T7965] CPU: 1 UID: 0 PID: 7965 Comm: syz.2.464 Not tainted syzkaller #0 PREEMPT(full) [ 195.594441][ T7965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 195.594456][ T7965] Call Trace: [ 195.594465][ T7965] [ 195.594471][ T7965] dump_stack_lvl+0x100/0x190 [ 195.594503][ T7965] should_fail_ex.cold+0x5/0xa [ 195.594521][ T7965] should_failslab+0xc2/0x120 [ 195.594537][ T7965] __kmalloc_cache_noprof+0x7a/0x6f0 [ 195.594563][ T7965] ? seq_create_client1+0x4d/0x640 [ 195.594590][ T7965] ? __pfx_snd_seq_open+0x10/0x10 [ 195.594612][ T7965] seq_create_client1+0x4d/0x640 [ 195.594637][ T7965] ? __pfx_snd_seq_open+0x10/0x10 [ 195.594659][ T7965] snd_seq_open+0x59/0x590 [ 195.594681][ T7965] ? __pfx_snd_seq_open+0x10/0x10 [ 195.594701][ T7965] snd_open+0x22d/0x4c0 [ 195.594717][ T7965] ? __pfx_snd_open+0x10/0x10 [ 195.594731][ T7965] chrdev_open+0x234/0x6a0 [ 195.594746][ T7965] ? __pfx_apparmor_file_open+0x10/0x10 [ 195.594768][ T7965] ? __pfx_chrdev_open+0x10/0x10 [ 195.594784][ T7965] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 195.594804][ T7965] do_dentry_open+0x6d8/0x1660 [ 195.594818][ T7965] ? __pfx_chrdev_open+0x10/0x10 [ 195.594838][ T7965] vfs_open+0x82/0x3f0 [ 195.594858][ T7965] path_openat+0x208c/0x31a0 [ 195.594879][ T7965] ? __pfx_path_openat+0x10/0x10 [ 195.594901][ T7965] do_file_open+0x20e/0x430 [ 195.594917][ T7965] ? __pfx_do_file_open+0x10/0x10 [ 195.594946][ T7965] ? alloc_fd+0x476/0x790 [ 195.594962][ T7965] ? do_getname+0x191/0x390 [ 195.594982][ T7965] do_sys_openat2+0x10d/0x1e0 [ 195.595000][ T7965] ? __pfx_do_sys_openat2+0x10/0x10 [ 195.595020][ T7965] ? __fget_files+0x21f/0x3d0 [ 195.595037][ T7965] __x64_sys_openat+0x12d/0x210 [ 195.595059][ T7965] ? __pfx___x64_sys_openat+0x10/0x10 [ 195.595086][ T7965] do_syscall_64+0x106/0xf80 [ 195.595105][ T7965] ? clear_bhb_loop+0x40/0x90 [ 195.595122][ T7965] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.595137][ T7965] RIP: 0033:0x7fc9b079c799 [ 195.595151][ T7965] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 195.595169][ T7965] RSP: 002b:00007fc9b173d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 195.595184][ T7965] RAX: ffffffffffffffda RBX: 00007fc9b0a15fa0 RCX: 00007fc9b079c799 [ 195.595195][ T7965] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c [ 195.595204][ T7965] RBP: 00007fc9b0832c99 R08: 0000000000000000 R09: 0000000000000000 [ 195.595213][ T7965] R10: 000000000000ff0f R11: 0000000000000246 R12: 0000000000000000 [ 195.595222][ T7965] R13: 00007fc9b0a16038 R14: 00007fc9b0a15fa0 R15: 00007ffd6fb03018 [ 195.595242][ T7965] [ 196.023418][ T7968] FAULT_INJECTION: forcing a failure. [ 196.023418][ T7968] name failslab, interval 1, probability 0, space 0, times 0 [ 196.066819][ T7968] CPU: 0 UID: 0 PID: 7968 Comm: syz.2.466 Not tainted syzkaller #0 PREEMPT(full) [ 196.066843][ T7968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 196.066852][ T7968] Call Trace: [ 196.066858][ T7968] [ 196.066865][ T7968] dump_stack_lvl+0x100/0x190 [ 196.066893][ T7968] should_fail_ex.cold+0x5/0xa [ 196.066913][ T7968] should_failslab+0xc2/0x120 [ 196.066928][ T7968] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 196.066950][ T7968] ? alloc_inode+0x68/0x250 [ 196.066969][ T7968] ? simple_start_creating+0xb0/0x110 [ 196.066992][ T7968] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 196.067020][ T7968] alloc_inode+0x68/0x250 [ 196.067038][ T7968] new_inode+0x22/0x1c0 [ 196.067065][ T7968] __debugfs_create_file+0x105/0x4f0 [ 196.067083][ T7968] debugfs_create_file_full+0x41/0x60 [ 196.067101][ T7968] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 196.067121][ T7968] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 196.067138][ T7968] ? rcu_is_watching+0x12/0xc0 [ 196.067176][ T7968] ? lockdep_init_map_type+0x5c/0x250 [ 196.067197][ T7968] preinit_net.part.0+0x24e/0x8f0 [ 196.067220][ T7968] copy_net_ns+0x339/0x7c0 [ 196.067243][ T7968] create_new_namespaces+0x3ea/0xac0 [ 196.067263][ T7968] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 196.067281][ T7968] ksys_unshare+0x473/0xad0 [ 196.067300][ T7968] ? __pfx_ksys_unshare+0x10/0x10 [ 196.067331][ T7968] __x64_sys_unshare+0x31/0x40 [ 196.067349][ T7968] do_syscall_64+0x106/0xf80 [ 196.067378][ T7968] ? clear_bhb_loop+0x40/0x90 [ 196.067397][ T7968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.067413][ T7968] RIP: 0033:0x7fc9b079c799 [ 196.067427][ T7968] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 196.067442][ T7968] RSP: 002b:00007fc9b173d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 196.067457][ T7968] RAX: ffffffffffffffda RBX: 00007fc9b0a15fa0 RCX: 00007fc9b079c799 [ 196.067467][ T7968] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 196.067476][ T7968] RBP: 00007fc9b0832c99 R08: 0000000000000000 R09: 0000000000000000 [ 196.067489][ T7968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 196.067497][ T7968] R13: 00007fc9b0a16038 R14: 00007fc9b0a15fa0 R15: 00007ffd6fb03018 [ 196.067516][ T7968] [ 196.067524][ T7968] debugfs: out of free dentries, can not create file 'net_refcnt@ffff88803533cf00' [ 198.344895][ T7991] netlink: 334 bytes leftover after parsing attributes in process `syz.2.472'. [ 199.160601][ T29] audit: type=1326 audit(2147503107.404:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8016 comm="syz.0.476" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fae4399c799 code=0x0 [ 199.749549][ T8030] netlink: 28 bytes leftover after parsing attributes in process `syz.3.478'. [ 199.759239][ T8030] ipvlan0: entered promiscuous mode [ 199.764628][ T8030] ipvlan0: entered allmulticast mode [ 199.771085][ T8030] veth0_vlan: entered allmulticast mode [ 200.462043][ T8017] kexec: Could not allocate control_code_buffer [ 200.905126][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 201.306694][ T8040] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 201.336304][ T29] audit: type=1800 audit(2147503109.593:49): pid=8049 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.480" name="dbroot" dev="configfs" ino=18249 res=0 errno=0 [ 201.358940][ T8040] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 203.314888][ T8102] FAULT_INJECTION: forcing a failure. [ 203.314888][ T8102] name failslab, interval 1, probability 0, space 0, times 0 [ 203.338215][ T8102] CPU: 0 UID: 0 PID: 8102 Comm: syz.2.496 Not tainted syzkaller #0 PREEMPT(full) [ 203.338265][ T8102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 203.338282][ T8102] Call Trace: [ 203.338292][ T8102] [ 203.338303][ T8102] dump_stack_lvl+0x100/0x190 [ 203.338351][ T8102] should_fail_ex.cold+0x5/0xa [ 203.338386][ T8102] should_failslab+0xc2/0x120 [ 203.338416][ T8102] __kmalloc_cache_noprof+0x7a/0x6f0 [ 203.338451][ T8102] ? snd_seq_pool_new+0x44/0x230 [ 203.338490][ T8102] ? __pfx_snd_seq_open+0x10/0x10 [ 203.338531][ T8102] snd_seq_pool_new+0x44/0x230 [ 203.338565][ T8102] seq_create_client1+0x66/0x640 [ 203.338610][ T8102] ? __pfx_snd_seq_open+0x10/0x10 [ 203.338652][ T8102] snd_seq_open+0x59/0x590 [ 203.338694][ T8102] ? __pfx_snd_seq_open+0x10/0x10 [ 203.338732][ T8102] snd_open+0x22d/0x4c0 [ 203.338762][ T8102] ? __pfx_snd_open+0x10/0x10 [ 203.338790][ T8102] chrdev_open+0x234/0x6a0 [ 203.338817][ T8102] ? __pfx_apparmor_file_open+0x10/0x10 [ 203.338861][ T8102] ? __pfx_chrdev_open+0x10/0x10 [ 203.338892][ T8102] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 203.338931][ T8102] do_dentry_open+0x6d8/0x1660 [ 203.338958][ T8102] ? __pfx_chrdev_open+0x10/0x10 [ 203.338996][ T8102] vfs_open+0x82/0x3f0 [ 203.339035][ T8102] path_openat+0x208c/0x31a0 [ 203.339077][ T8102] ? __pfx_path_openat+0x10/0x10 [ 203.339121][ T8102] do_file_open+0x20e/0x430 [ 203.339153][ T8102] ? __pfx_do_file_open+0x10/0x10 [ 203.339214][ T8102] ? alloc_fd+0x476/0x790 [ 203.339253][ T8102] ? do_getname+0x191/0x390 [ 203.339292][ T8102] do_sys_openat2+0x10d/0x1e0 [ 203.339329][ T8102] ? __pfx_do_sys_openat2+0x10/0x10 [ 203.339369][ T8102] ? __fget_files+0x21f/0x3d0 [ 203.339403][ T8102] __x64_sys_openat+0x12d/0x210 [ 203.339440][ T8102] ? __pfx___x64_sys_openat+0x10/0x10 [ 203.339492][ T8102] do_syscall_64+0x106/0xf80 [ 203.339529][ T8102] ? clear_bhb_loop+0x40/0x90 [ 203.339564][ T8102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.339594][ T8102] RIP: 0033:0x7fc9b079c799 [ 203.339618][ T8102] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 203.339646][ T8102] RSP: 002b:00007fc9b173d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 203.339675][ T8102] RAX: ffffffffffffffda RBX: 00007fc9b0a15fa0 RCX: 00007fc9b079c799 [ 203.339694][ T8102] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c [ 203.339713][ T8102] RBP: 00007fc9b0832c99 R08: 0000000000000000 R09: 0000000000000000 [ 203.339730][ T8102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 203.339746][ T8102] R13: 00007fc9b0a16038 R14: 00007fc9b0a15fa0 R15: 00007ffd6fb03018 [ 203.339786][ T8102] [ 205.614274][ T8129] netlink: 334 bytes leftover after parsing attributes in process `syz.1.501'. [ 206.222296][ T8135] FAULT_INJECTION: forcing a failure. [ 206.222296][ T8135] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 206.249466][ T8135] CPU: 1 UID: 0 PID: 8135 Comm: syz.1.503 Tainted: G L syzkaller #0 PREEMPT(full) [ 206.249509][ T8135] Tainted: [L]=SOFTLOCKUP [ 206.249520][ T8135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 206.249537][ T8135] Call Trace: [ 206.249546][ T8135] [ 206.249557][ T8135] dump_stack_lvl+0x100/0x190 [ 206.249605][ T8135] should_fail_ex.cold+0x5/0xa [ 206.249639][ T8135] strncpy_from_user+0x3b/0x2d0 [ 206.249676][ T8135] do_getname+0x78/0x390 [ 206.249714][ T8135] path_listxattrat+0x2db/0x370 [ 206.249759][ T8135] ? __pfx_path_listxattrat+0x10/0x10 [ 206.249812][ T8135] do_syscall_64+0x106/0xf80 [ 206.249848][ T8135] ? clear_bhb_loop+0x40/0x90 [ 206.249881][ T8135] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.249909][ T8135] RIP: 0033:0x7f84e559c799 [ 206.249932][ T8135] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 206.249960][ T8135] RSP: 002b:00007f84e6455028 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3 [ 206.249987][ T8135] RAX: ffffffffffffffda RBX: 00007f84e5816090 RCX: 00007f84e559c799 [ 206.250005][ T8135] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000200000000040 [ 206.250023][ T8135] RBP: 00007f84e5632c99 R08: 0000000000000000 R09: 0000000000000000 [ 206.250040][ T8135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 206.250057][ T8135] R13: 00007f84e5816128 R14: 00007f84e5816090 R15: 00007ffeb8b066a8 [ 206.250094][ T8135] [ 207.030568][ T8150] FAULT_INJECTION: forcing a failure. [ 207.030568][ T8150] name failslab, interval 1, probability 0, space 0, times 0 [ 207.058282][ T8150] CPU: 0 UID: 0 PID: 8150 Comm: syz.3.507 Tainted: G L syzkaller #0 PREEMPT(full) [ 207.058330][ T8150] Tainted: [L]=SOFTLOCKUP [ 207.058341][ T8150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 207.058358][ T8150] Call Trace: [ 207.058368][ T8150] [ 207.058378][ T8150] dump_stack_lvl+0x100/0x190 [ 207.058428][ T8150] should_fail_ex.cold+0x5/0xa [ 207.058462][ T8150] should_failslab+0xc2/0x120 [ 207.058492][ T8150] __kmalloc_cache_noprof+0x7a/0x6f0 [ 207.058529][ T8150] ? snd_seq_pool_new+0x44/0x230 [ 207.058567][ T8150] ? __pfx_snd_seq_open+0x10/0x10 [ 207.058609][ T8150] snd_seq_pool_new+0x44/0x230 [ 207.058642][ T8150] seq_create_client1+0x66/0x640 [ 207.058688][ T8150] ? __pfx_snd_seq_open+0x10/0x10 [ 207.058730][ T8150] snd_seq_open+0x59/0x590 [ 207.058773][ T8150] ? __pfx_snd_seq_open+0x10/0x10 [ 207.058813][ T8150] snd_open+0x22d/0x4c0 [ 207.058843][ T8150] ? __pfx_snd_open+0x10/0x10 [ 207.058878][ T8150] chrdev_open+0x234/0x6a0 [ 207.058905][ T8150] ? __pfx_apparmor_file_open+0x10/0x10 [ 207.058950][ T8150] ? __pfx_chrdev_open+0x10/0x10 [ 207.058981][ T8150] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 207.059020][ T8150] do_dentry_open+0x6d8/0x1660 [ 207.059047][ T8150] ? __pfx_chrdev_open+0x10/0x10 [ 207.059085][ T8150] vfs_open+0x82/0x3f0 [ 207.059124][ T8150] path_openat+0x208c/0x31a0 [ 207.059166][ T8150] ? __pfx_path_openat+0x10/0x10 [ 207.059210][ T8150] do_file_open+0x20e/0x430 [ 207.059243][ T8150] ? __pfx_do_file_open+0x10/0x10 [ 207.059300][ T8150] ? alloc_fd+0x476/0x790 [ 207.059332][ T8150] ? do_getname+0x191/0x390 [ 207.059369][ T8150] do_sys_openat2+0x10d/0x1e0 [ 207.059405][ T8150] ? __pfx_do_sys_openat2+0x10/0x10 [ 207.059444][ T8150] ? __fget_files+0x21f/0x3d0 [ 207.059479][ T8150] __x64_sys_openat+0x12d/0x210 [ 207.059515][ T8150] ? __pfx___x64_sys_openat+0x10/0x10 [ 207.059568][ T8150] do_syscall_64+0x106/0xf80 [ 207.059605][ T8150] ? clear_bhb_loop+0x40/0x90 [ 207.059640][ T8150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.059669][ T8150] RIP: 0033:0x7f035f19c799 [ 207.059694][ T8150] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 207.059722][ T8150] RSP: 002b:00007f035ff98028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 207.059750][ T8150] RAX: ffffffffffffffda RBX: 00007f035f415fa0 RCX: 00007f035f19c799 [ 207.059769][ T8150] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c [ 207.059788][ T8150] RBP: 00007f035f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 207.059805][ T8150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 207.059823][ T8150] R13: 00007f035f416038 R14: 00007f035f415fa0 R15: 00007ffef0dc6158 [ 207.059870][ T8150] [ 207.153253][ T8153] netlink: 28 bytes leftover after parsing attributes in process `syz.0.509'. [ 207.308391][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 207.673493][ T8153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 207.745182][ T8153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 207.755594][ T8153] bond0 (unregistering): Released all slaves [ 208.362901][ T8185] futex_wake_op: syz.2.515 tries to shift op by -2048; fix this program [ 208.406704][ T8185] futex_wake_op: syz.2.515 tries to shift op by -2048; fix this program [ 208.444093][ T8185] 0x000000000001-0x000000020000 : "" [ 208.482156][ T8185] ftl_cs: FTL header corrupt! [ 208.549682][ T8189] bond0: invalid ARP target specified [ 208.586835][ T8189] FAULT_INJECTION: forcing a failure. [ 208.586835][ T8189] name fail_futex, interval 1, probability 0, space 0, times 0 [ 208.625839][ T8189] CPU: 1 UID: 0 PID: 8189 Comm: syz.1.516 Tainted: G L syzkaller #0 PREEMPT(full) [ 208.625889][ T8189] Tainted: [L]=SOFTLOCKUP [ 208.625899][ T8189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 208.625916][ T8189] Call Trace: [ 208.625925][ T8189] [ 208.625935][ T8189] dump_stack_lvl+0x100/0x190 [ 208.625982][ T8189] should_fail_ex.cold+0x5/0xa [ 208.626016][ T8189] get_futex_key+0x1d2/0x1620 [ 208.626055][ T8189] ? __pfx_get_futex_key+0x10/0x10 [ 208.626102][ T8189] futex_wait_setup+0x83/0x510 [ 208.626152][ T8189] __futex_wait+0x19f/0x300 [ 208.626204][ T8189] ? __pfx___futex_wait+0x10/0x10 [ 208.626251][ T8189] ? __pfx_futex_wake_mark+0x10/0x10 [ 208.626298][ T8189] ? find_held_lock+0x2b/0x80 [ 208.626323][ T8189] ? futex_wake+0x456/0x530 [ 208.626371][ T8189] futex_wait+0xed/0x380 [ 208.626411][ T8189] ? __pfx_futex_wait+0x10/0x10 [ 208.626459][ T8189] ? putname+0xb1/0x110 [ 208.626485][ T8189] ? kmem_cache_free+0x124/0x6a0 [ 208.626529][ T8189] do_futex+0x1ef/0x350 [ 208.626568][ T8189] ? __pfx_do_futex+0x10/0x10 [ 208.626600][ T8189] ? __pfx_do_sys_openat2+0x10/0x10 [ 208.626639][ T8189] ? __sys_sendmsg+0x18f/0x220 [ 208.626680][ T8189] __x64_sys_futex+0x34f/0x4d0 [ 208.626718][ T8189] ? __x64_sys_openat+0x12d/0x210 [ 208.626755][ T8189] ? __pfx___x64_sys_futex+0x10/0x10 [ 208.626807][ T8189] do_syscall_64+0x106/0xf80 [ 208.626844][ T8189] ? clear_bhb_loop+0x40/0x90 [ 208.626879][ T8189] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 208.626908][ T8189] RIP: 0033:0x7f84e559c799 [ 208.626931][ T8189] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 208.626958][ T8189] RSP: 002b:00007f84e64760e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 208.626986][ T8189] RAX: ffffffffffffffda RBX: 00007f84e5815fa8 RCX: 00007f84e559c799 [ 208.627005][ T8189] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f84e5815fa8 [ 208.627022][ T8189] RBP: 00007f84e5815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 208.627040][ T8189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 208.627056][ T8189] R13: 00007f84e5816038 R14: 00007ffeb8b065c0 R15: 00007ffeb8b066a8 [ 208.627094][ T8189] [ 209.466617][ T8193] Invalid ELF header magic: != ELF [ 210.176032][ T8241] FAULT_INJECTION: forcing a failure. [ 210.176032][ T8241] name failslab, interval 1, probability 0, space 0, times 0 [ 210.189508][ T8241] CPU: 0 UID: 0 PID: 8241 Comm: syz.1.527 Tainted: G L syzkaller #0 PREEMPT(full) [ 210.189532][ T8241] Tainted: [L]=SOFTLOCKUP [ 210.189542][ T8241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 210.189554][ T8241] Call Trace: [ 210.189562][ T8241] [ 210.189570][ T8241] dump_stack_lvl+0x100/0x190 [ 210.189608][ T8241] should_fail_ex.cold+0x5/0xa [ 210.189626][ T8241] should_failslab+0xc2/0x120 [ 210.189641][ T8241] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 210.189693][ T8241] ? alloc_empty_file+0x55/0x1c0 [ 210.189709][ T8241] ? __pfx_stack_trace_save+0x10/0x10 [ 210.189726][ T8241] alloc_empty_file+0x55/0x1c0 [ 210.189743][ T8241] path_openat+0xe8/0x31a0 [ 210.189756][ T8241] ? kasan_save_stack+0x3f/0x50 [ 210.189776][ T8241] ? kasan_save_stack+0x30/0x50 [ 210.189794][ T8241] ? kasan_save_track+0x14/0x30 [ 210.189813][ T8241] ? __kasan_slab_alloc+0x89/0x90 [ 210.189825][ T8241] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 210.189843][ T8241] ? do_getname+0x35/0x390 [ 210.189858][ T8241] ? do_sys_openat2+0xc5/0x1e0 [ 210.189875][ T8241] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.189892][ T8241] ? __pfx_path_openat+0x10/0x10 [ 210.189912][ T8241] do_file_open+0x20e/0x430 [ 210.189927][ T8241] ? __pfx_do_file_open+0x10/0x10 [ 210.189959][ T8241] ? alloc_fd+0x476/0x790 [ 210.189975][ T8241] ? do_getname+0x191/0x390 [ 210.189993][ T8241] do_sys_openat2+0x10d/0x1e0 [ 210.190009][ T8241] ? __pfx_do_sys_openat2+0x10/0x10 [ 210.190033][ T8241] __x64_sys_openat+0x12d/0x210 [ 210.190051][ T8241] ? __pfx___x64_sys_openat+0x10/0x10 [ 210.190075][ T8241] do_syscall_64+0x106/0xf80 [ 210.190093][ T8241] ? clear_bhb_loop+0x40/0x90 [ 210.190110][ T8241] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.190124][ T8241] RIP: 0033:0x7f84e555cfce [ 210.190137][ T8241] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 210.190150][ T8241] RSP: 002b:00007f84e6475ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 210.190164][ T8241] RAX: ffffffffffffffda RBX: 00007f84e64766c0 RCX: 00007f84e555cfce [ 210.190173][ T8241] RDX: 0000000000000000 RSI: 00007f84e6475f90 RDI: ffffffffffffff9c [ 210.190181][ T8241] RBP: 00007f84e5632c99 R08: 0000000000000000 R09: 0000000000000000 [ 210.190190][ T8241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 210.190198][ T8241] R13: 00007f84e5816038 R14: 00007f84e5815fa0 R15: 00007ffeb8b066a8 [ 210.190216][ T8241] [ 210.942438][ T8248] netlink: 302 bytes leftover after parsing attributes in process `syz.1.528'. [ 211.904706][ T8270] FAULT_INJECTION: forcing a failure. [ 211.904706][ T8270] name failslab, interval 1, probability 0, space 0, times 0 [ 211.945363][ T8270] CPU: 1 UID: 0 PID: 8270 Comm: syz.1.532 Tainted: G L syzkaller #0 PREEMPT(full) [ 211.945392][ T8270] Tainted: [L]=SOFTLOCKUP [ 211.945397][ T8270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 211.945406][ T8270] Call Trace: [ 211.945412][ T8270] [ 211.945418][ T8270] dump_stack_lvl+0x100/0x190 [ 211.945445][ T8270] should_fail_ex.cold+0x5/0xa [ 211.945464][ T8270] should_failslab+0xc2/0x120 [ 211.945480][ T8270] __kmalloc_cache_noprof+0x7a/0x6f0 [ 211.945500][ T8270] ? seq_create_client1+0x4d/0x640 [ 211.945525][ T8270] ? __pfx_snd_seq_open+0x10/0x10 [ 211.945546][ T8270] seq_create_client1+0x4d/0x640 [ 211.945570][ T8270] ? __pfx_snd_seq_open+0x10/0x10 [ 211.945592][ T8270] snd_seq_open+0x59/0x590 [ 211.945614][ T8270] ? __pfx_snd_seq_open+0x10/0x10 [ 211.945634][ T8270] snd_open+0x22d/0x4c0 [ 211.945650][ T8270] ? __pfx_snd_open+0x10/0x10 [ 211.945664][ T8270] chrdev_open+0x234/0x6a0 [ 211.945679][ T8270] ? __pfx_apparmor_file_open+0x10/0x10 [ 211.945702][ T8270] ? __pfx_chrdev_open+0x10/0x10 [ 211.945718][ T8270] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 211.945738][ T8270] do_dentry_open+0x6d8/0x1660 [ 211.945752][ T8270] ? __pfx_chrdev_open+0x10/0x10 [ 211.945772][ T8270] vfs_open+0x82/0x3f0 [ 211.945793][ T8270] path_openat+0x208c/0x31a0 [ 211.945814][ T8270] ? __pfx_path_openat+0x10/0x10 [ 211.945836][ T8270] do_file_open+0x20e/0x430 [ 211.945852][ T8270] ? __pfx_do_file_open+0x10/0x10 [ 211.945881][ T8270] ? alloc_fd+0x476/0x790 [ 211.945896][ T8270] ? do_getname+0x191/0x390 [ 211.945916][ T8270] do_sys_openat2+0x10d/0x1e0 [ 211.945934][ T8270] ? __pfx_do_sys_openat2+0x10/0x10 [ 211.945954][ T8270] ? __fget_files+0x21f/0x3d0 [ 211.945971][ T8270] __x64_sys_openat+0x12d/0x210 [ 211.945990][ T8270] ? __pfx___x64_sys_openat+0x10/0x10 [ 211.946016][ T8270] do_syscall_64+0x106/0xf80 [ 211.946036][ T8270] ? clear_bhb_loop+0x40/0x90 [ 211.946053][ T8270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.946068][ T8270] RIP: 0033:0x7f84e559c799 [ 211.946082][ T8270] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 211.946096][ T8270] RSP: 002b:00007f84e6455028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 211.946110][ T8270] RAX: ffffffffffffffda RBX: 00007f84e5816090 RCX: 00007f84e559c799 [ 211.946120][ T8270] RDX: 00000000000a2741 RSI: 00002000000011c0 RDI: ffffffffffffff9c [ 211.946129][ T8270] RBP: 00007f84e5632c99 R08: 0000000000000000 R09: 0000000000000000 [ 211.946138][ T8270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 211.946146][ T8270] R13: 00007f84e5816128 R14: 00007f84e5816090 R15: 00007ffeb8b066a8 [ 211.946166][ T8270] [ 212.359307][ T8274] FAULT_INJECTION: forcing a failure. [ 212.359307][ T8274] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 212.401887][ T8274] CPU: 0 UID: 0 PID: 8274 Comm: syz.0.535 Tainted: G L syzkaller #0 PREEMPT(full) [ 212.401926][ T8274] Tainted: [L]=SOFTLOCKUP [ 212.401935][ T8274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 212.401949][ T8274] Call Trace: [ 212.401956][ T8274] [ 212.401965][ T8274] dump_stack_lvl+0x100/0x190 [ 212.402005][ T8274] should_fail_ex.cold+0x5/0xa [ 212.402036][ T8274] _copy_to_user+0x32/0xd0 [ 212.402068][ T8274] simple_read_from_buffer+0xcb/0x170 [ 212.402108][ T8274] proc_fail_nth_read+0x1af/0x230 [ 212.402140][ T8274] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 212.402172][ T8274] ? rw_verify_area+0xce/0x6d0 [ 212.402203][ T8274] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 212.402222][ T8274] vfs_read+0x1e4/0xb30 [ 212.402245][ T8274] ? __pfx_vfs_read+0x10/0x10 [ 212.402265][ T8274] ? __fget_files+0x215/0x3d0 [ 212.402281][ T8274] ? __fget_files+0x21f/0x3d0 [ 212.402299][ T8274] ksys_read+0x12a/0x250 [ 212.402322][ T8274] ? __pfx_ksys_read+0x10/0x10 [ 212.402348][ T8274] do_syscall_64+0x106/0xf80 [ 212.402366][ T8274] ? clear_bhb_loop+0x40/0x90 [ 212.402384][ T8274] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.402398][ T8274] RIP: 0033:0x7fae4395cfce [ 212.402410][ T8274] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 212.402424][ T8274] RSP: 002b:00007fae44905fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 212.402437][ T8274] RAX: ffffffffffffffda RBX: 00007fae449066c0 RCX: 00007fae4395cfce [ 212.402447][ T8274] RDX: 000000000000000f RSI: 00007fae449060a0 RDI: 0000000000000005 [ 212.402455][ T8274] RBP: 00007fae44906090 R08: 0000000000000000 R09: 0000000000000000 [ 212.402463][ T8274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 212.402471][ T8274] R13: 00007fae43c16038 R14: 00007fae43c15fa0 R15: 00007ffd3e50cfd8 [ 212.402490][ T8274] [ 212.929392][ T8291] smpboot: CPU 1 is now offline [ 212.996772][ T8284] nfs4: Unknown parameter '' [ 213.593589][ T8296] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 213.618104][ T8296] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 213.640375][ T8296] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 213.660275][ T8296] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 214.557636][ T8334] FAULT_INJECTION: forcing a failure. [ 214.557636][ T8334] name failslab, interval 1, probability 0, space 0, times 0 [ 214.603240][ T8328] zswap: compressor not available [ 214.645597][ T8334] CPU: 0 UID: 0 PID: 8334 Comm: syz.3.548 Tainted: G L syzkaller #0 PREEMPT(full) [ 214.645623][ T8334] Tainted: [L]=SOFTLOCKUP [ 214.645628][ T8334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 214.645637][ T8334] Call Trace: [ 214.645642][ T8334] [ 214.645649][ T8334] dump_stack_lvl+0x100/0x190 [ 214.645676][ T8334] should_fail_ex.cold+0x5/0xa [ 214.645693][ T8334] ? iter_file_splice_write+0x1d8/0x10a0 [ 214.645708][ T8334] should_failslab+0xc2/0x120 [ 214.645723][ T8334] __kmalloc_noprof+0xe0/0x850 [ 214.645745][ T8334] ? __pfx___might_resched+0x10/0x10 [ 214.645769][ T8334] iter_file_splice_write+0x1d8/0x10a0 [ 214.645793][ T8334] ? __pfx_iter_file_splice_write+0x10/0x10 [ 214.645808][ T8334] ? __lock_acquire+0x4a5/0x2630 [ 214.645827][ T8334] ? shmem_file_splice_read+0x724/0xdd0 [ 214.645861][ T8334] ? __pfx_iter_file_splice_write+0x10/0x10 [ 214.645877][ T8334] direct_splice_actor+0x192/0x6c0 [ 214.645902][ T8334] splice_direct_to_actor+0x345/0xa30 [ 214.645917][ T8334] ? __pfx_direct_splice_actor+0x10/0x10 [ 214.645944][ T8334] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 214.645964][ T8334] do_splice_direct+0x174/0x240 [ 214.645979][ T8334] ? __pfx_do_splice_direct+0x10/0x10 [ 214.645994][ T8334] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 214.646019][ T8334] ? rw_verify_area+0xce/0x6d0 [ 214.646040][ T8334] do_sendfile+0xadc/0xe20 [ 214.646065][ T8334] ? __pfx_do_sendfile+0x10/0x10 [ 214.646093][ T8334] __x64_sys_sendfile64+0x154/0x220 [ 214.646110][ T8334] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 214.646136][ T8334] do_syscall_64+0x106/0xf80 [ 214.646155][ T8334] ? clear_bhb_loop+0x40/0x90 [ 214.646174][ T8334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.646190][ T8334] RIP: 0033:0x7f035f19c799 [ 214.646202][ T8334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 214.646218][ T8334] RSP: 002b:00007f035ff98028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 214.646232][ T8334] RAX: ffffffffffffffda RBX: 00007f035f415fa0 RCX: 00007f035f19c799 [ 214.646242][ T8334] RDX: 0000200000000000 RSI: 000000000000000c RDI: 000000000000000c [ 214.646251][ T8334] RBP: 00007f035f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 214.646260][ T8334] R10: 0000000000000b5d R11: 0000000000000246 R12: 0000000000000000 [ 214.646269][ T8334] R13: 00007f035f416038 R14: 00007f035f415fa0 R15: 00007ffef0dc6158 [ 214.646289][ T8334] [ 215.159468][ T8331] zswap: compressor not available [ 215.492293][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout [ 215.683856][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 215.764596][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout [ 215.770622][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 217.893692][ T8392] netlink: 28 bytes leftover after parsing attributes in process `syz.1.557'. [ 217.959330][ T8392] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 218.003781][ T8392] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 218.033118][ T8392] bond0 (unregistering): Released all slaves [ 218.730845][ T8413] netlink: 25 bytes leftover after parsing attributes in process `syz.1.563'. [ 219.001045][ T8388] kexec: Could not allocate control_code_buffer [ 221.038716][ T8474] Invalid ELF header magic: != ELF [ 222.052592][ T8493] zswap: compressor not available [ 222.276501][ T8498] zswap: compressor not available [ 222.461828][ T8513] binder: 8512:8513 ioctl c018620c 0 returned -1 [ 222.926073][ T8515] zswap: compressor not available [ 223.810702][ T8548] netlink: 8 bytes leftover after parsing attributes in process `syz.2.592'. [ 224.040330][ T5829] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 224.564282][ T8542] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 224.584810][ T8542] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 224.623634][ T8542] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 224.664619][ T8542] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 225.025258][ T8569] netlink: 186 bytes leftover after parsing attributes in process `syz.1.597'. [ 226.037584][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout [ 226.598189][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout [ 226.678137][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout [ 226.684236][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout [ 227.265024][ T8610] capability: warning: `syz.3.605' uses 32-bit capabilities (legacy support in use) [ 227.699542][ T8623] netlink: 20 bytes leftover after parsing attributes in process `syz.1.609'. [ 228.064630][ T8636] device-mapper: ioctl: device name cannot contain '/' [ 228.119859][ T8638] FAULT_INJECTION: forcing a failure. [ 228.119859][ T8638] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 228.337490][ T8638] CPU: 0 UID: 0 PID: 8638 Comm: syz.2.612 Tainted: G L syzkaller #0 PREEMPT(full) [ 228.337515][ T8638] Tainted: [L]=SOFTLOCKUP [ 228.337519][ T8638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 228.337528][ T8638] Call Trace: [ 228.337533][ T8638] [ 228.337538][ T8638] dump_stack_lvl+0x100/0x190 [ 228.337565][ T8638] should_fail_ex.cold+0x5/0xa [ 228.337582][ T8638] _copy_from_user+0x2e/0xd0 [ 228.337599][ T8638] dma_heap_ioctl+0x16d/0x5e0 [ 228.337621][ T8638] ? __pfx_dma_heap_ioctl+0x10/0x10 [ 228.337640][ T8638] ? find_held_lock+0x2b/0x80 [ 228.337662][ T8638] ? __pfx_dma_heap_ioctl+0x10/0x10 [ 228.337682][ T8638] __x64_sys_ioctl+0x18e/0x210 [ 228.337703][ T8638] do_syscall_64+0x106/0xf80 [ 228.337722][ T8638] ? clear_bhb_loop+0x40/0x90 [ 228.337744][ T8638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.337759][ T8638] RIP: 0033:0x7fc9b079c799 [ 228.337770][ T8638] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 228.337784][ T8638] RSP: 002b:00007fc9b173d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 228.337798][ T8638] RAX: ffffffffffffffda RBX: 00007fc9b0a15fa0 RCX: 00007fc9b079c799 [ 228.337807][ T8638] RDX: 0000200000000140 RSI: ffffffffffdffe00 RDI: 0000000000000008 [ 228.337816][ T8638] RBP: 00007fc9b0832c99 R08: 0000000000000000 R09: 0000000000000000 [ 228.337824][ T8638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 228.337832][ T8638] R13: 00007fc9b0a16038 R14: 00007fc9b0a15fa0 R15: 00007ffd6fb03018 [ 228.337850][ T8638] [ 229.417003][ T8659] Invalid ELF header magic: != ELF [ 230.021769][ T8675] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 230.118371][ T8676] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 230.901178][ T8697] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 230.901178][ T8697] The task syz.1.624 (8697) triggered the difference, watch for misbehavior. [ 230.923502][ T5829] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 232.323084][ T8691] kexec: Could not allocate control_code_buffer [ 233.814245][ T8761] netlink: 342 bytes leftover after parsing attributes in process `syz.0.635'. [ 235.338251][ T8763] kexec: Could not allocate control_code_buffer [ 235.947613][ T8797] ================================================================== [ 235.947627][ T8797] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60 [ 235.947656][ T8797] Write of size 8 at addr ffffc90004d19980 by task syz.3.644/8797 [ 235.947668][ T8797] [ 235.947678][ T8797] CPU: 0 UID: 0 PID: 8797 Comm: syz.3.644 Tainted: G L syzkaller #0 PREEMPT(full) [ 235.947697][ T8797] Tainted: [L]=SOFTLOCKUP [ 235.947702][ T8797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 235.947717][ T8797] Call Trace: [ 235.947722][ T8797] [ 235.947727][ T8797] dump_stack_lvl+0x100/0x190 [ 235.947747][ T8797] print_report+0x156/0x4c9 [ 235.947766][ T8797] ? _raw_spin_lock_irqsave+0x52/0x60 [ 235.947783][ T8797] ? __virt_addr_valid+0x81/0x620 [ 235.947804][ T8797] ? sys_imageblit+0x19fb/0x1d60 [ 235.947821][ T8797] kasan_report+0xdf/0x1e0 [ 235.947835][ T8797] ? sys_imageblit+0x19fb/0x1d60 [ 235.947855][ T8797] sys_imageblit+0x19fb/0x1d60 [ 235.947875][ T8797] ? __pfx_sys_imageblit+0x10/0x10 [ 235.947896][ T8797] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 235.947919][ T8797] soft_cursor+0x524/0xa10 [ 235.947936][ T8797] bit_cursor+0xe58/0x16f0 [ 235.947953][ T8797] ? __pfx_bit_cursor+0x10/0x10 [ 235.947970][ T8797] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 235.947992][ T8797] ? get_color+0x1da/0x450 [ 235.948012][ T8797] ? __pfx_bit_cursor+0x10/0x10 [ 235.948026][ T8797] fbcon_cursor+0x43c/0x5e0 [ 235.948040][ T8797] hide_cursor+0x87/0x230 [ 235.948055][ T8797] putconsxy+0x1f/0x3c0 [ 235.948074][ T8797] vcs_write+0xba9/0xd60 [ 235.948089][ T8797] ? __bpf_trace_sched_exit_tp+0x30/0xc0 [ 235.948111][ T8797] ? __pfx_vcs_write+0x10/0x10 [ 235.948125][ T8797] ? apparmor_file_permission+0x13f/0x1c0 [ 235.948140][ T8797] ? bpf_lsm_file_permission+0x9/0x10 [ 235.948161][ T8797] ? security_file_permission+0x76/0x210 [ 235.948177][ T8797] ? rw_verify_area+0xce/0x6d0 [ 235.948196][ T8797] vfs_write+0x2aa/0x1070 [ 235.948216][ T8797] ? __pfx_vcs_write+0x10/0x10 [ 235.948231][ T8797] ? __pfx_vfs_write+0x10/0x10 [ 235.948250][ T8797] ? find_held_lock+0x2b/0x80 [ 235.948262][ T8797] ? __fget_files+0x215/0x3d0 [ 235.948275][ T8797] ? __fget_files+0x215/0x3d0 [ 235.948288][ T8797] ? __fget_files+0x21f/0x3d0 [ 235.948302][ T8797] ksys_write+0x12a/0x250 [ 235.948313][ T8797] ? __pfx_ksys_write+0x10/0x10 [ 235.948327][ T8797] do_syscall_64+0x106/0xf80 [ 235.948345][ T8797] ? clear_bhb_loop+0x40/0x90 [ 235.948360][ T8797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.948375][ T8797] RIP: 0033:0x7f035f19c799 [ 235.948387][ T8797] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 235.948400][ T8797] RSP: 002b:00007f035d3d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 235.948418][ T8797] RAX: ffffffffffffffda RBX: 00007f035f416270 RCX: 00007f035f19c799 [ 235.948427][ T8797] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000005 [ 235.948435][ T8797] RBP: 00007f035f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 235.948444][ T8797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.948452][ T8797] R13: 00007f035f416308 R14: 00007f035f416270 R15: 00007ffef0dc6158 [ 235.948471][ T8797] [ 235.948476][ T8797] [ 235.948480][ T8797] The buggy address belongs to a vmalloc virtual mapping [ 235.948491][ T8797] Memory state around the buggy address: [ 235.948498][ T8797] ffffc90004d19880: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 235.948511][ T8797] ffffc90004d19900: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 235.948520][ T8797] >ffffc90004d19980: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 235.948527][ T8797] ^ [ 235.948534][ T8797] ffffc90004d19a00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 235.948543][ T8797] ffffc90004d19a80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 235.948551][ T8797] ================================================================== [ 235.967089][ T8797] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 235.967107][ T8797] CPU: 0 UID: 0 PID: 8797 Comm: syz.3.644 Tainted: G L syzkaller #0 PREEMPT(full) [ 235.967127][ T8797] Tainted: [L]=SOFTLOCKUP [ 235.967132][ T8797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 235.967141][ T8797] Call Trace: [ 235.967146][ T8797] [ 235.967151][ T8797] dump_stack_lvl+0x100/0x190 [ 235.967175][ T8797] vpanic+0x552/0x970 [ 235.967189][ T8797] ? __pfx_vpanic+0x10/0x10 [ 235.967204][ T8797] ? sys_imageblit+0x19fb/0x1d60 [ 235.967223][ T8797] panic+0xd1/0xe0 [ 235.967235][ T8797] ? __pfx_panic+0x10/0x10 [ 235.967248][ T8797] ? sys_imageblit+0x19fb/0x1d60 [ 235.967269][ T8797] ? preempt_schedule_common+0x42/0xc0 [ 235.967290][ T8797] ? check_panic_on_warn+0x1f/0x90 [ 235.967309][ T8797] check_panic_on_warn.cold+0x19/0x34 [ 235.967323][ T8797] end_report.part.0+0x3a/0x90 [ 235.967346][ T8797] kasan_report.cold+0xe/0x18 [ 235.967364][ T8797] ? sys_imageblit+0x19fb/0x1d60 [ 235.967384][ T8797] sys_imageblit+0x19fb/0x1d60 [ 235.967404][ T8797] ? __pfx_sys_imageblit+0x10/0x10 [ 235.967425][ T8797] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 235.967456][ T8797] soft_cursor+0x524/0xa10 [ 235.967486][ T8797] bit_cursor+0xe58/0x16f0 [ 235.967504][ T8797] ? __pfx_bit_cursor+0x10/0x10 [ 235.967521][ T8797] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 235.967544][ T8797] ? get_color+0x1da/0x450 [ 235.967568][ T8797] ? __pfx_bit_cursor+0x10/0x10 [ 235.967586][ T8797] fbcon_cursor+0x43c/0x5e0 [ 235.967600][ T8797] hide_cursor+0x87/0x230 [ 235.967617][ T8797] putconsxy+0x1f/0x3c0 [ 235.967635][ T8797] vcs_write+0xba9/0xd60 [ 235.967651][ T8797] ? __bpf_trace_sched_exit_tp+0x30/0xc0 [ 235.967673][ T8797] ? __pfx_vcs_write+0x10/0x10 [ 235.967687][ T8797] ? apparmor_file_permission+0x13f/0x1c0 [ 235.967703][ T8797] ? bpf_lsm_file_permission+0x9/0x10 [ 235.967724][ T8797] ? security_file_permission+0x76/0x210 [ 235.967740][ T8797] ? rw_verify_area+0xce/0x6d0 [ 235.967759][ T8797] vfs_write+0x2aa/0x1070 [ 235.967780][ T8797] ? __pfx_vcs_write+0x10/0x10 [ 235.967795][ T8797] ? __pfx_vfs_write+0x10/0x10 [ 235.967814][ T8797] ? find_held_lock+0x2b/0x80 [ 235.967826][ T8797] ? __fget_files+0x215/0x3d0 [ 235.967839][ T8797] ? __fget_files+0x215/0x3d0 [ 235.967852][ T8797] ? __fget_files+0x21f/0x3d0 [ 235.967866][ T8797] ksys_write+0x12a/0x250 [ 235.967878][ T8797] ? __pfx_ksys_write+0x10/0x10 [ 235.967893][ T8797] do_syscall_64+0x106/0xf80 [ 235.967911][ T8797] ? clear_bhb_loop+0x40/0x90 [ 235.967926][ T8797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.967940][ T8797] RIP: 0033:0x7f035f19c799 [ 235.967952][ T8797] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 235.967966][ T8797] RSP: 002b:00007f035d3d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 235.967981][ T8797] RAX: ffffffffffffffda RBX: 00007f035f416270 RCX: 00007f035f19c799 [ 235.967993][ T8797] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000005 [ 235.968002][ T8797] RBP: 00007f035f232c99 R08: 0000000000000000 R09: 0000000000000000 [ 235.968010][ T8797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.968019][ T8797] R13: 00007f035f416308 R14: 00007f035f416270 R15: 00007ffef0dc6158 [ 235.968033][ T8797] [ 235.968107][ T8797] Kernel Offset: disabled