last executing test programs: 8m14.983122491s ago: executing program 1 (id=1394): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x100e42, 0x0) write$auto_sg_fops_sg(r0, &(0x7f0000000600)="bf5b1a8c24f50000dbcbc7a996801b0000000000001afff6578d2f6d520f687f316ba7327b581cd8d52363b9e47455d8ef568fa10f6f3a63b497a8c48d4d9ac64832fd1cf0975ac776f4f18eb6992b7e8e347377dc4dbe0a1f7e2a99ee429d61186c64e33c37f792d22e5a1641e3dabdeeeca46791e5eb43aed57ae587d4c21ceaeaf007087d2e1e045b1c04a1b03c1659f5561e2fa9be1ea6b1d252e21e5e", 0x9f) 8m14.005841074s ago: executing program 1 (id=1406): r0 = socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) statx$auto(r1, 0x0, 0x401006, 0x4015, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000480)={0x0, 0x49}, 0x4, 0x0, 0x5, 0x11}, 0x5}, 0x2, 0x100) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r2 = socket(0x11, 0x80003, 0x300) r3 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) lseek$auto(r3, 0x0, 0x3) setsockopt$auto(r2, 0x107, 0x12, 0x0, 0x4) r4 = ioctl$auto_TUNSETOWNER(r1, 0x400454cc, &(0x7f0000000040)=0x7) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="b537004f9e63e0e01fe7251c000000bf5da8093b449f92777bd8821b794457a5a1110c8fe40000534436b4998ef8fc78b185fd5a7f4aff86", @ANYRES16=r6, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00ab29dc931f0e02b7745be74fb8e8255f614f85f94bc5ef8facda4b1cb3e135ef23203752a9a06f5adc02fe10fd6059eb5ec860fbb39453d7ba92bd5a73e0e45ce2d585cccf203901d41ed36536bffcadc5fa27dbe72d209b4c922ee03aba35fb65731b21d405c9def0", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) r7 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(r0, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0xc) recvmmsg$auto(r7, 0x0, 0x4, 0x6586, 0x0) timer_create$auto(0xfffffffa, &(0x7f0000000100)={@sival_ptr=&(0x7f0000000300)="d99d4c7e9f545e86ba63b264bc42b060fd71d107f2780e43e4fb0145338c4520d683ad2a859211c3e69e52bb29c8093d2f8124c0012f066cd32f167ee958c2a5a4183ca9353dd1fca0e8b301e56d94736aef0fa7a360a95696af0c09ac57a7f539a8cbc882ccf1e6347f1c99846a5a654bd42dc35ff033206b01d9e2f59496168b2d641f2b5278ac701a7a11bf90ae59c2ed0e5a6ef33fa4e5642cc1e87d4c5c5147589f0797b57d277ffa62ad7d3f95939eedb7c0538e58c57918cefb7ef684222ab0c85abd8c3a7112", @inferred, 0x1, @_sigev_thread={0x0, 0x0}}, &(0x7f0000000140)=0x6) timer_settime$auto(0x0, 0x2, &(0x7f00000000c0)={{0xf, 0x10007}, {0x0, 0x401}}, 0x0) sendmsg$auto_NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x8}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x91}, 0x10) sendmsg$auto_NL80211_CMD_SET_REKEY_OFFLOAD(r4, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000540)={&(0x7f0000000680)=ANY=[@ANYBLOB="dc000000", @ANYRES16=r6, @ANYBLOB="08002dbd7000fe47df254f00000004001601040050011e00940034740e0b0a799237c44fb7a3c84ef7cc9741cdb740f7bf8037c800000600f7001e05000004000b0005001e007f00000008004b00070000008200be009fe82cd3fba62caa3ef4bdd0cc1ac8d46aa9e64587d6c43003797fdb51b7f8093d4bc22924fd6630846fbb5ca6c9ee341240b6a25f906f5ddf9490ac389d5f3ef94ee699d8b2c4644f566462a1bffb8f68ccf195a6000000002c9c4f5aa42301b8a21459ef05a62b3f7814e64c9c9165aee9d7b7867028d9edacf61ab3230000"], 0xdc}, 0x1, 0x0, 0x0, 0x21}, 0x4004000) pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) setsockopt$auto(r4, 0xf9, 0x1, &(0x7f00000005c0)='/dev/snd/midiC2D0\x00', 0xfc) 8m13.361066821s ago: executing program 1 (id=1399): socketpair$auto(0x80000000, 0xa, 0x4, &(0x7f0000000100)) prctl$auto_SECCOMP_MODE_FILTER(0x3, 0x2, 0xffffffffffffffff, 0xfffffffffffffff7, 0xd) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r0) sendmsg$auto_TIPC_NL_NET_SET(r0, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000140)={0x24, r1, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@typed={0xc, 0x3, 0x0, 0x0, @binary="509b092db693f776"}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x4002) socket(0x11, 0xa, 0x300) r2 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0xa0fc}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/013/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000000)={0x2, 0x80, 0xffff, 0x5, &(0x7f00000000c0)="d17ff256258d1cd995f99962db740e7ebaa21c76ead7734623f06b10a0fea4c694c698ef407f90f6896ffbb038bd4a577e4bf1eaf4", 0xc694, 0x3, 0x80005, @stream_id=0x10000, 0x2004b, 0x471, 0x0, [{0x1039, 0xa5, 0xda}]}) 8m12.96872764s ago: executing program 1 (id=1402): mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000) mmap$auto(0x800000000000000, 0x2020009, 0x7fff, 0x1b, 0xfffffffffffffffa, 0xfffffffffffffffe) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x4, 0x3) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) write$auto(r0, 0x0, 0x0) madvise$auto(0x0, 0x1010001, 0x100000003) madvise$auto(0x1000, 0x400050, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000425bd7000fbdbdf25010000000c00050000000000000000000c000200010000e206934d000c00050001000000000000000c0004000300000000000000"], 0x44}, 0x1, 0x0, 0x0, 0x20000004}, 0x84) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c0000a892160f797f79fc848b2e3957410015ba099166caedf3482440c736b3c20629e07d7cc424577f272d7241be8b8b11da0068740100c2f496c073e0", @ANYRES16=0x0, @ANYBLOB="000329bd7000fbdbdf250200140008000300", @ANYRES32=r4, @ANYBLOB], 0x1c}, 0x1, 0x1400, 0x0, 0x40884}, 0x1) sendto$auto(0xffffffffffffffff, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "000000000000fe8000"}, 0x1f) r5 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) socket(0x29, 0x2, 0x0) r6 = ioctl$auto_TUNDETACHFILTER(r5, 0x401054d6, &(0x7f00000001c0)={0x9fd, &(0x7f0000000080)={0x9, 0x3, 0x4, @inferred=r3}}) ioctl$auto_RTC_PIE_ON(r6, 0x7005, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) select$auto(0x8, &(0x7f0000000340)={[0x7, 0x6, 0x825, 0x6, 0x1, 0x5, 0x8, 0x1ff, 0x9, 0x1, 0x5, 0x81, 0x5, 0x7fff, 0x5]}, 0x0, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0x7}) 8m12.633645941s ago: executing program 1 (id=1403): mmap$auto(0x0, 0x387, 0x3, 0xeb1, 0xfffffffffffffffa, 0x10000000008000) socketpair$auto(0xfffffffe, 0x2, 0x8000000000000000, 0x0) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r0, 0x5408, 0x0) (fail_nth: 6) 8m12.036329371s ago: executing program 1 (id=1413): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) connect$auto(0x3, 0x0, 0x54) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x7fffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = waitid$auto(0x8, 0xffffffffffffffff, 0x0, 0x3, 0x0) getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0x6}, 0x1b81, &(0x7f0000000180)={&(0x7f0000000300)="8f0c6739247205c41c1c19870d57eb0494d9447bff12", 0x3}, 0x1, 0x8080000101) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x2, 0x88) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, 0x0, 0x54) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket(0x11, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f00000003c0), 0x5, 0x1000}, 0x5}, 0x2, 0x100) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) shmctl$auto_SHM_LOCK(0x2, 0xb, &(0x7f0000000180)={{0x9, 0x0, 0xee01, 0x90b, 0x1, 0xdc66, 0xfff9}, 0xffffdff7, 0xffffffffffffffff, 0x4, 0xc74, @raw=0x3, @raw=0x6, 0x8, 0x0, &(0x7f0000000000)="09c04e28946ab0e4cd5082fae10a675ec32b84ba20aabbb841b77ef33ee185a126dc3ba1ba44875f0090fab7d2a99db586778cf5490a52cca1170d079835189006ea08ee0eede456bb91d67d8c5edfb2098f3f5944b31c39eac924cd279d0a87d8734ff86874ad780848ff51e756a1741eef586bcad6002be2f1eca1f961f5371e9305a1ce0b923b7ea29f783495b7b297f2ba17587662f7dae6f076c5177e4d0e3757670f64292c5008bd44c74a", &(0x7f00000000c0)}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) r5 = ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) bpf$auto_BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)=@link_update={r2, @new_prog_fd=r3, 0xffffff15, @old_prog_fd=r4}, 0x5bc1adb6) write$auto_fuse_dev_operations_fuse_i(r3, &(0x7f0000000440)="110000000100"/17, 0x11) r6 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) ioctl$auto(r6, 0x40104d11, r5) mmap$auto(0x4, 0x400000000005, 0xffffffff, 0x40eb2, r1, 0x308000000000) r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r7, &(0x7f0000000040)='//\xf2\x00', 0x80000000) 7m56.987437298s ago: executing program 32 (id=1413): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) connect$auto(0x3, 0x0, 0x54) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x7fffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = waitid$auto(0x8, 0xffffffffffffffff, 0x0, 0x3, 0x0) getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0x6}, 0x1b81, &(0x7f0000000180)={&(0x7f0000000300)="8f0c6739247205c41c1c19870d57eb0494d9447bff12", 0x3}, 0x1, 0x8080000101) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x2, 0x88) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, 0x0, 0x54) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r1 = socket(0x11, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f00000003c0), 0x5, 0x1000}, 0x5}, 0x2, 0x100) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) shmctl$auto_SHM_LOCK(0x2, 0xb, &(0x7f0000000180)={{0x9, 0x0, 0xee01, 0x90b, 0x1, 0xdc66, 0xfff9}, 0xffffdff7, 0xffffffffffffffff, 0x4, 0xc74, @raw=0x3, @raw=0x6, 0x8, 0x0, &(0x7f0000000000)="09c04e28946ab0e4cd5082fae10a675ec32b84ba20aabbb841b77ef33ee185a126dc3ba1ba44875f0090fab7d2a99db586778cf5490a52cca1170d079835189006ea08ee0eede456bb91d67d8c5edfb2098f3f5944b31c39eac924cd279d0a87d8734ff86874ad780848ff51e756a1741eef586bcad6002be2f1eca1f961f5371e9305a1ce0b923b7ea29f783495b7b297f2ba17587662f7dae6f076c5177e4d0e3757670f64292c5008bd44c74a", &(0x7f00000000c0)}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) r5 = ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) bpf$auto_BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)=@link_update={r2, @new_prog_fd=r3, 0xffffff15, @old_prog_fd=r4}, 0x5bc1adb6) write$auto_fuse_dev_operations_fuse_i(r3, &(0x7f0000000440)="110000000100"/17, 0x11) r6 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) ioctl$auto(r6, 0x40104d11, r5) mmap$auto(0x4, 0x400000000005, 0xffffffff, 0x40eb2, r1, 0x308000000000) r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r7, &(0x7f0000000040)='//\xf2\x00', 0x80000000) 7.258273976s ago: executing program 2 (id=3103): ioctl$auto_dvb_demux_fops_dmxdev(0xffffffffffffffff, 0x6f29, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd4\x00', 0x149282, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nbd4\x00', 0x14f602, 0x0) ioctl$auto_BLKRRPART(r1, 0x125f, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) getsockopt$auto_SO_DONTROUTE(r0, 0x1, 0x5, &(0x7f0000000200)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', &(0x7f0000000040)=0x7) unshare$auto(0x40000080) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) mmap$auto(0x6000, 0x810004, 0x2000000efb, 0x8000000008011, r2, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/block/ram7/queue/iostats\x00', 0x48542, 0x0) write$auto(r3, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) 6.418917426s ago: executing program 0 (id=3106): socket$nl_generic(0x11, 0x3, 0x10) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x28, 0x0, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_COALESCE_TX_AGGR_MAX_FRAMES={0x8, 0x1b, 0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x44845}, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x4, 0x0) socket(0x1d, 0x2, 0x7) setsockopt$auto(0x3, 0x6b, 0x3, 0x0, 0x4) 6.06963963s ago: executing program 4 (id=3108): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x123002, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x800008000) socketpair$auto(0xf, 0x7, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) swapon$auto(0x0, 0x7057) r2 = socket(0x2000000000000021, 0x2, 0x10000000000002) r3 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000400), 0x200, 0x0) ioctl$auto_RTC_IRQP_SET(r3, 0x4008700c, &(0x7f0000000440)=0x77b) setsockopt$auto(r2, 0x110, 0x7, 0x0, 0x4) write$auto(r0, &(0x7f0000000080)='/dev/audio\x00', 0x7ff) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = clone3$auto(&(0x7f0000000180)={0x9, 0x7, 0xa5e7, 0x10000, 0x9, 0x8000000000000000, 0x10, 0x5, 0x10003, 0x1ff, 0x5185}, 0x3ff) prctl$auto(0x3e, 0x1, r5, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_SNDCTL_DSP_GETBLKSIZE(0xffffffffffffffff, 0xc0045004, &(0x7f0000000000)) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS2\x00', 0x101000, 0x0) ioctl$auto_TIOCMSET2(r6, 0x5418, &(0x7f00000001c0)="6ab1") listmount$auto(&(0x7f0000000000)={0x0, @raw, 0x0, 0x3ff, 0x5}, &(0x7f0000000040)=0x5, 0x1000, 0xfffffcdf) sendfile$auto(r4, r4, 0x0, 0x3) ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/fs/netfs/cookies\x00', 0x20000, 0x0) select$auto(0x5, 0x0, &(0x7f0000000100)={[0x8, 0x6, 0x7, 0x8000, 0x5, 0x4000000, 0x5, 0x1, 0xd, 0x1000, 0xfb, 0x1, 0x8, 0x4f, 0x96, 0x100]}, 0x0, 0x0) 5.284923057s ago: executing program 0 (id=3109): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0xfa9d, 0x8001, &(0x7f0000000280)=0xc9e, 0x400, 0x1) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000200)='7\x00\\\xa0\x04|\x03\'\x00\xc9\n\xbf\xb9\x12\xfa\x00\x00\xcfk', 0xb7f) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, r1, 0x28000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0) read$auto(r2, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x80) umount2$auto(&(0x7f0000000240)='/proc/thread-self/ns/cgr\xd7\xe8!\x13DlB\xe4\xfb\xf4\xc4\\\xea`&\xebZ\xba\x11\xa96?\b\xb8\xe6B\x1d\n\x9e\b\xd7[\xc2v\x88\xc3\xc9\x8d\xd3\x16\x035\aq\xf5\xa9\x18\xf9].(\x86T\xc8\xd5/\xb7\x1bA~\x1cH\xf5d\x98\xb2\xf3\xfd\xab\x1aw\xb69\x80\x177\xd7\xb9\xd2J\a\x92\xfbk\x97R\x05G\xd6\xd4\xfb\x80mh\xa7\b\xffQ\xeb\xba&\x84\x92N]\xb4\x0e\xcf\x90\xa8\xfb.1\"\xcd\x03\x91Q\xcbm\xe3e\x12\xb3\xb0fj\xab\f\xa5\x82\xee\xee;!4\xb1Y\xfa}}\xb1\xd5\xa8\xf4G\x9a\x8f\xf1u\x97\xe9*\x00\xa1}7\xdf\x1d\xd4\xdc\xd7R\x04\xbbR|\x15p\xd8\x7f\xbb\xb6\x81\xde\xc42Jr<_\x15H!\a\xf5-\xfb]4Q@C\xd2\xeaf\xf0\x02)', 0x8) mlock$auto(0x81, 0xffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 4.249730223s ago: executing program 2 (id=3110): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x1, 0x0) listen$auto(0x3, 0x81) ioctl$auto(0x3, 0x8905, 0x38) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x240007, 0x19) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/cgroup.max.depth\x00', 0x182b02, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/class/infiniband_mad/abi_version\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000008c0)=""/61, 0x3d) close_range$auto(0x2, 0x8, 0x0) userfaultfd$auto(0x1) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r3, 0xff) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) 3.614122998s ago: executing program 4 (id=3112): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0x7, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_NEW_MPATH(0xffffffffffffffff, 0x0, 0x20080055) (async) sendmsg$auto_NL80211_CMD_NEW_MPATH(0xffffffffffffffff, 0x0, 0x20080055) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x20, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x5402, r0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy1/net/wpan1/queues/tx-0/byte_queue_limits/stall_thrs\x00', 0x182b02, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) waitid$auto_P_PIDFD(0x3, r0, &(0x7f0000000200)={@siginfo_0_0={0x8, 0x5, 0x3, @_sigfault={&(0x7f0000000100)="f156132d42d3a56cad7a7c4e5f6abd92241dadf0b14dbb57101822ef467cb542f66ef67f3074a48f868b94d03b7caaf3dd399058545122263dafb29dcef00d30365edc7f6614f22fc88c04f7af1bde5ed08b9f03f01b424a3b6ba9d5004115284212528bb23601fc6462ebc735aae4ab36be0ce6872937ba661cb4ee8ef6a01c1f739b515c52021c19ea36ad338cd26e4f685a3e0f57a8a44c7e2996eeb7df43b3d05b94e4811530d506a3b63dab52adce5bfdb5e50e53512027ddfacda4a6bcf2fc5280b5de8f3846b8fa29a84499a4daf55ac44338f66d6122d00864aa35dcb0308a5fbd6ac29e87498a86eaf211d6bb", @_addr_pkey={"8b41294fc5db0fd5", 0x2}}}}, 0x4a, &(0x7f0000000340)={{0x4, 0x5071d539}, {0x3, 0x9}, 0x0, 0x49, 0xbe, 0xfff, 0x1, 0x9e4, 0x0, 0x6, 0x5, 0xc, 0x7, 0x3, 0x5, 0x100000001}) (async) r2 = waitid$auto_P_PIDFD(0x3, r0, &(0x7f0000000200)={@siginfo_0_0={0x8, 0x5, 0x3, @_sigfault={&(0x7f0000000100)="f156132d42d3a56cad7a7c4e5f6abd92241dadf0b14dbb57101822ef467cb542f66ef67f3074a48f868b94d03b7caaf3dd399058545122263dafb29dcef00d30365edc7f6614f22fc88c04f7af1bde5ed08b9f03f01b424a3b6ba9d5004115284212528bb23601fc6462ebc735aae4ab36be0ce6872937ba661cb4ee8ef6a01c1f739b515c52021c19ea36ad338cd26e4f685a3e0f57a8a44c7e2996eeb7df43b3d05b94e4811530d506a3b63dab52adce5bfdb5e50e53512027ddfacda4a6bcf2fc5280b5de8f3846b8fa29a84499a4daf55ac44338f66d6122d00864aa35dcb0308a5fbd6ac29e87498a86eaf211d6bb", @_addr_pkey={"8b41294fc5db0fd5", 0x2}}}}, 0x4a, &(0x7f0000000340)={{0x4, 0x5071d539}, {0x3, 0x9}, 0x0, 0x49, 0xbe, 0xfff, 0x1, 0x9e4, 0x0, 0x6, 0x5, 0xc, 0x7, 0x3, 0x5, 0x100000001}) prctl$auto(0x1000000003b, 0x1, r2, 0x4, 0x6) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mq_unlink$auto(0x0) (async) mq_unlink$auto(0x0) 3.339631227s ago: executing program 3 (id=3114): r0 = socket(0x2, 0x801, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x809, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000040)='./file0\x00', 0xa2142, 0xe8) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) connect$auto(0x4, 0x0, 0x10) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/pcm0p/sub0/xrun_injection\x00', 0x0, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(r0, 0xc0385868, &(0x7f00000001c0)={r1, 0x0, 0x5, 0x0, 0x3, 0x0, &(0x7f0000000180)=0x2}) epoll_ctl$auto(r2, 0x9602, r0, &(0x7f0000000040)={0x4, 0x4}) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x20499d, 0x9) 2.893898963s ago: executing program 3 (id=3115): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) socket(0x2, 0x2, 0x0) ioctl$auto_SOUND_PCM_READ_CHANNELS(0xffffffffffffffff, 0x80045006, &(0x7f0000000240)) ioctl$auto_USBDEVFS_SUBMITURB32(0xffffffffffffffff, 0x802c550a, &(0x7f0000000240)=ANY=[@ANYRES16, @ANYRES16]) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/uvcvideo/parameters/clock\x00', 0xb02, 0x0) sendfile$auto(r1, r1, 0x0, 0x7ff) 2.70907145s ago: executing program 3 (id=3116): r0 = gettid() rt_sigqueueinfo$auto(r0, 0xe, &(0x7f0000000000)={@siginfo_0_0={0x76bb, 0x3, 0x4, @_sigfault={0x0}}}) r1 = ioctl$auto_SW_SYNC_IOC_INC(0xffffffffffffffff, 0x40045701, &(0x7f0000000080)=0x9) write$auto_proc_clear_refs_operations_internal(r1, &(0x7f0000000180)="8b9654df24b4f36bc6aa0c9305593ef101e329433e03a5891bbaede60dfd695d8d49e5b4b3bd2a781681fe4001363fa98bc67a70398d7ca7d7b3550b1ee9603d52cae8114b7c78a1bddd6d5ff37c25b9b5782748616abd80bdb873c84b180e5bdd02dda1e15cb758f05cab72a6fec4e46d6089d004390880d8f3b4fc2c24e52cb091baeb826c27d2e337750d8992b0ca8388178e494816f813b8b7a2913813090de13d5cfa2b82121e3f5a0d99a58cda7e555d6ca53dbbd7a965338361c789bb468103a88ea68ba221248729d838a9b6d44239392a5ce1b056f2ee6a896ede7a12d8128a9079ad43741f8bbf0726fa6854c9f9b7a4bbb23330d57faed7d98dbf59e0a1ffde2fe33ccbe8b49e6af76730156c281f889c92fc8c19b5c3ee7929d22cca81cf623ae7a7ccd8d5354465decfa841f7b5590b8b4eb9cc7653730a7bd28e23f0861a181a4220d59ec7890c7e2cdca099a11cc64f2020092970aed4bd23cd5520d69c6c6dbd20271ff66d6dfed037cbd3e5f9565258d57475b01180d6a9efedd3d7d07a479314e4dbf6e0b971124fc35659a1901ba46674182728fa53f7ed5146b0ca3bb4aeb9080acc39622fc8bcb33d73810ccd5ff0fa5c724532e59a5d60235f9885d44d03360c2971a69a911d66519fdaa94d18726e3fee40fcc6eca636523755f02d9069fea1a1ef3cc7b0cb589aff79990091eb91a29c488090acc2ebf6b1716b11e6726b2e0e48126f900698900b90452093990dd25891d88e4c4a657066b627a1031a9c52634423456fd09d1bd156a9cbca004101e2eded6d11d9266931986e1e8b197a3718adf2b4efedba813d05d4d72b1db00c081109a509c23080be550f3115cb2d9d2fcaecc5bf07f6995eda41f589770d0d2df4d6cb8c1a1c7f87a324ce68d9d3b476e7502a626f6a5e0d654d221f476af0fae041f6c4dc37d5a1d51931d882d4d30ba34db3096f159aa81b87bb72672dd156e448bd0cca99551ed03865bdbc9c6d0370091752fae7312898a106ad41b732384d57d24a22d752d30b027c304fe77cc981f0c64975bec59c7f6be9414820a033d90245d59208b4942bfbac1fd1469e3b42d45b0e021f589bee2c42bb4ba6ef8fd6d1cdb5110a401eb11ce842b82036ab903b8f638f839e9bc398d8f7f60806dbd2229d5847e328ac4a04ec40ea8c000808e755c2dbd2de0eec4aa14e6099280ff23bb20dcf8eba606ce910a313d24e76007939ba76eb50085be80bbe2f81f18ba8f4bff28988c6fb99c2e8c2614d435292d2a573cd12d2d9922f728835502727816223b88560f178257f8f42f5e53279075e6dd36476d8f268243a52e1ac4582e06170805e8fec37148845dc9a87233ec3e319f5d89e7f4e7522903a31314c7e8447b20740cebf01a3e0351b921cad13f2bf69220e7931f36426a6e3a5680fa4c4d5e8b39bbb6e8fd7341aa24953ecda9509ca0188d07c35a1f85a9d192eb8e36e276eb86f267ff121c27a46f158cf61367062eb1c63aa1bc8fe345ab1f70f77a75727359ae1baf38bf12842f697a9f61799d368b0e2e3a1464b96d8d18c294989989318add2834f79fe3114ba8ea7712261cbb9a65f9a4ba68d7da9b0e62ae04e8ec58320e6510730fcec255a81e435afee639090a55a1ca4658ce903622f303f00e47e9937436a47b0ba8c026c69d51a35521173069df64cfdabacf301ed4383ac673003e4342e019a3a06807edb0f6fa5207877f8eec6790a11bdeaa7b418148e6f331157252272438b6a0ee6a733cfaea922719fdc244fc5007d8682178d54e9834659e41b070d95ff29b87974b3f177de58c935648a1693a781d01aa9d1225215959bdeef4c6e06b51639873229ed857a69a0a04e1893286fbbfd24911db909bb85c36e36b51d452f84422dc190686da09df45f7d3a5f7532716397ca83f85d6f667164770f9cf26a671e70c76b1ee4a79637066e717bbcb97cbaaa1e7e42f017ddc3e77e4b678fcf35cae791bb1bddf15507be81159f09f4e22e615db6584d46ab73b851a52191a57676036b381795c2c05177452fb5e9ff1b252b7c5b10cc4321a02e670ae05da0be7e4178edbcbc67de1b53ed90160d596a87710a84032e98aa003ef3888862cc730a2dfa47ebba013d45e331b752e5ccc0bb350e2896f3672e83621801a4de08f662b8fc1eecc2bce8bc31d6832b48e8e0d5fdfb541462f83ce8b56d79135b6f4109f3596db53b47ee331a2c646eff40e7488605b670a08cbb385fa2f2f9c94301d8ab3783dd222bc9fef4629adcc429d4ec51d1856550213b5863ef546e79187cc450715f8cc35ff736ed9a1807f78f8496d75436938c9d17bcb7f78f34f502abd58a0c55eea5db34406e02474a9ce9802dd95f381343138c36c2b20d06c84bea79d85774502cb6f68d575a97f0b76977039f4cf4d0abad7092d4c7bf2de6feb9aacd9c9ebddc85e9813a790d975d0651a5a922c77c824087c46d5b1d8d0233b3ec6ca7b97267be294f5a5b98ed154bd0d63a5e3948d0399b75884e78670c71ce2d240a285ee804db35205964fe4f8bfbf750fb80ca54f2bfccf160d71e664f685fb00c6afa35da7034d77be683251859e8bd0c6efb246f5946593d9fa8f96a4fcdf0bad46419c2fe5b1484f1b7fa46c984ef388c6d616984ae19fb6f30dbede14d6004c3fd43a9ea71bded06e715fbe8976e2194b2a258fad52539091ebd0ec90bc80041bc0ef63db70bd08bb7a4b1ffcf66a8c55ea92b9ea277231f8d79202cadee69c7a5b3e007ebb4fc11823939ae81445b50d2bf92275b0566f68a5b1f88e8cb0b6ad87842e5760046427be763b864c84bde8ed4ba49d00086e19c6792d13936653ea56ed748464582fa2681e561154923ff06b81332e2a1ff7c2a938bc2d3417375cf0a908a13bab80462662897f9a9801bf5a10aa5099c2a39c29f0e093d703db83d32320d13ba8276e578d1d6da6a35109893dfdbae285f044850982387e305f728fd62b43d77108f8474b92584db1850c7cc474560731628d0bff0a882810e254e294925b6849d27b819bcc2de49b51926f580919fde360061575604dcf0dbd7d0fa908c15028aa8085fa5564f117e70e149ca2f9d5afdc954fba689aa07ea85e789732993051200e4b74e0c7e7f73cf18c6ef396ada096b8b9bb5fefef3a4e81331b7c915f61d6dee1ae0b55f3c019ef7768ffe9c6e907b387d923843701e3a846a08fab7d348d07d86e7bfaa986e7881b9fa0e0bf85389c2716b5e3a6cbe742cbdafa1893c38f033930b8f61203644217c7b235fda79e5ea6020d26595473df87b8b8ce083aac197c9f0b3b35f37ba3a7db9f67b6fd70f79182bbd438123a77857bc2e3609c14d1994206e5ee51d4dc76198d73c8cf0789cf643e74a8f047738cca77d66bad815785bbae8f87d01d97941e91617165cbc8e07821c73ebb3b04e0165b5691ac5ba257ab03fc2e85ed7fb3f54d6e552a132a172ae73460ae5e38aa4472544224cb4c39ac52a79e39357e6510e21438e7542dbd1989b6d83427112c2b160f758e0f18086834d6c2087568a6c2c8def4fff3c2bfce3ec7e5f7ebdadeeb347096df9481fe97d629feb357ce3af08ab71dbf3d5499db295ae1460142c62c0e5c3080ad5c3fc20eda396bc9034bee40ba6ef33c34b521cf35a6d8b0fbc6361f223a51df5cd4d19859bb074d612b2c55c8c666446282a9a29e9199ddc2812c6003cfe69fe905e79410767812a608b899ecf3685ece1a556f4b0d15bec5858ecac92f49052dfc48d3c90cbabf9194371b11990f39ab48665f85836353e0bab4efcd0998d41345fde5c86a9fc4c432ddc14dec81f0e0abd9e3822c7e087d45ef3914df6e125a65b98334e5f5aadb0d1eaa8985b4b1c74b44247ab8808e2802f77c5a5e1b62d5c989477e4239c69669254503f2d584248d78a603d48f758511af9418f79f7079bd05233fdfdd05f07771e51a106364d44c573286989711d0656d99bb083dbd78c98aa311522e379db1b9c2bc0cc73957178fa1fe0477ed0c2eb88fa01c35d21dd2c087b305c0b82854b62fe60b421557260865cf5b9ebf9401bad7c2fd437e2cd10ea44c258921f952220d1f88f872c70fcbdb4adc5dbade7102d12da0827b980ec34b814e6157d68d37b4b860bda7ab2ff96f2d2d808a475a4cf5235c4528b63a539185790f070bbc5a2ca6ba7a80659601d22deaa5075a3ff5c131d9f1638a22b2cfd1d3f14a8e86d35301d3d6e7d1be942e2c353d69379584f50627070c3772f9c3bc5ac61812369458edb029e4435deb4086398d3eb6acc48bd6b04e77dbdf9174c499b20f397a5f1de9430ab997a4a44983de3e05a044e9c6274edbbfae709f0ed0bfde1576e15781d2a25c6b7a9253318b45793f63c8c7c9383a1bdf41cf5c6673f689e083cee7877490000881dc01886dbae19b97139936c6b5afc403ef0c225482b36cea949c71f5823aa817f80a69859236cbe825608e4d903654b2990e9604a6a560f6ccc1bd3010ecb720b9ce08e26a0f5d1e0cac59ff1a401a8c8cb8531a347ae1b563a005bb8990a7bb5fdcf2332f56c198282c5dec8d5a63965d3a1258960d4b1012c9e2b49a38bf7ddf920dcce782c6c00d51ac825ad904d41a926d3ad6f4defd6eb0968e1560a2549dc27f472fbea6d2d726615286843d3a4133a3ab160e4161847e026868a12f23b5c313a142a22f5518b373fd4755652f5127e92f79890912ceff635bebf092fae2a519b7514df6187e5da1effe05322503d9d183b50c1fa8890dcbbc1dce406cca75503b036c0f023353008f140089c596ff41583ab0e21308f8b3473a2a74006b2182caeb9483c2582e577a234fa37192ab1bbbb3c9d47d91f82c9b04d99d6c424afcaa8c83a18fbf5c61c975e2fa99e141711ea32227b1d43c9255312f973084f287aeb8e41ef3704b63030ef7cd88b9f42917bc414023ca353be6e5002163523874feb640ebcc12e3e7934705d0be411b235c3e3f595407c20a1d40028424dd89cf9abb613c294a53d3f2c33e16eca83f57e84626ba632cf3cd2bdd16f9d33c23519e502d58816755afec59cc2b51d68594f7928d20b6287bc547c43f3723c38f541e6ce2b0ae97b4059a52e82815f4b661748d79602cbcd74b5209d258801044500b10e3b2bc6d04e48c0a85aa1ffe3f49e9fd02a58951514c4399cda83e69d0732f86405136fcdf2ff222e9d8f4af69f24298f11b7519da00f9d69eba45c4d4265134e32d9d355b3066a6e42b5cb8a8cef3246d17707746c0f1d97e74c69b69af2bf04eb94b4b1af35804f533864ca7470a6215dea38fe230f53da71fb5832379bb5e782975944872dc1d39b2ca71f83d1b941747a89dd01408700e369a8c5a0d8d5b8b5d65f051b1145d5a8f10ed20a40415ad26afc9401f6d937af966b99a72773f17cee29f8ad04a8640ad470d5e7be7ab9b3d6b4b4a1a4a251949faf3d4427c8a695d3e07d4fe1020d91351c620ba3b133bd02f5f3e421afb053cc5d8640d8123344c37432e39c1e6471c99b3c3ff76095255472a7f6d4d2d39a95fe311d08c8c2c57be4cc54e93a8fefcf966530ffca88f531026602b0be2c5e4cba9c91153809f1989c2bbb9ff0f08c3ce1f9657db6d449bb69b01174e34e740e5d218d3c26f336f5ad377c5d50263341bc5ecc1d9ece251b233fe622d7289059ea7cf7232aee5e826c1d76c6434e118a250aedf3d7522f5cb6dc0d387b5aaa5f5057e92c9af35a6f6f4ffa999fb6a9827dbfd68a0af733d319292b6e", 0x1000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/memory/memory3/online\x00', 0x2062, 0x0) sendfile$auto(r2, r2, 0x0, 0x5) 2.549065949s ago: executing program 4 (id=3117): mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/pci_bus/0000:00/rescan\x00', 0xc2801, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0) read$auto(r1, 0x0, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20040c84}, 0x8010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto(r0, 0x0, 0x6) futex$auto(0x0, 0x8c, 0x1, 0x0, 0x0, 0x1) unshare$auto(0x40000080) ioctl$auto(0x3, 0x89e0, 0x91) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0xb}, 0x3) r4 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mq_notify$auto(r4, 0x0) ioctl$auto_BLKROSET(r4, 0x125d, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) 2.547635831s ago: executing program 3 (id=3118): r0 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) poll$auto(&(0x7f0000000180)={r0, 0xfff7, 0x9816}, 0x7f, 0x9) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x0) mmap$auto(0xffffffffaa0c39e3, 0x0, 0xb6bb, 0xf3e, r0, 0x7) ioctl$auto(r1, 0xaf01, 0xe) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_DEL(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r3, 0x1, 0x70bd28, 0x25dfdbff, {}, [@OVS_METER_ATTR_ID={0x8, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r2) sendmsg$auto_NL80211_CMD_DISCONNECT(r1, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r4, @ANYBLOB="08002abd7000ffdbdf253000000024003180060096000d0000000800370006000000050059000600000006003600070000008d00bd0003d8cde94dd642d714fa1398fd8484891e8aadefb4eb005512ea513e57ab79786ca062c3526b348c54e0a43898ceb1b758bb872a78f8ef1e602075d6eaa2e2a5cd520892598ef8b97a3a246b5ddc59a0e28871ff531751b0b2037e6380f8c0cecbb806bca5504717bb4511491c489f1d0a4cb049ebdd6ba725fb7959f504a14022203c89d8909897600000000800260007000000"], 0xd0}, 0x1, 0x0, 0x0, 0x24000010}, 0x4008000) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x9, 0xa, 0x1400009, 0xffffffffffffffff, 0x202, 0x3}, 0x6f3) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (async) poll$auto(&(0x7f0000000180)={r0, 0xfff7, 0x9816}, 0x7f, 0x9) (async) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x0) (async) mmap$auto(0xffffffffaa0c39e3, 0x0, 0xb6bb, 0xf3e, r0, 0x7) (async) ioctl$auto(r1, 0xaf01, 0xe) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$auto_OVS_METER_CMD_DEL(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r3, 0x1, 0x70bd28, 0x25dfdbff, {}, [@OVS_METER_ATTR_ID={0x8, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) (async) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r2) (async) sendmsg$auto_NL80211_CMD_DISCONNECT(r1, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r4, @ANYBLOB="08002abd7000ffdbdf253000000024003180060096000d0000000800370006000000050059000600000006003600070000008d00bd0003d8cde94dd642d714fa1398fd8484891e8aadefb4eb005512ea513e57ab79786ca062c3526b348c54e0a43898ceb1b758bb872a78f8ef1e602075d6eaa2e2a5cd520892598ef8b97a3a246b5ddc59a0e28871ff531751b0b2037e6380f8c0cecbb806bca5504717bb4511491c489f1d0a4cb049ebdd6ba725fb7959f504a14022203c89d8909897600000000800260007000000"], 0xd0}, 0x1, 0x0, 0x0, 0x24000010}, 0x4008000) (async) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x9, 0xa, 0x1400009, 0xffffffffffffffff, 0x202, 0x3}, 0x6f3) (async) 2.515047097s ago: executing program 0 (id=3119): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sysfs$auto(0x2, 0xd, 0x0) r0 = fsopen$auto(0x0, 0x1) mmap$auto(0x4, 0x6, 0xa, 0x1c, r0, 0x2) ioctl$auto_SNDCTL_DSP_POST(r0, 0x5008, &(0x7f0000000000)="bcbbc26a0594c31ef16da0b6b50debd7c177109ae17bc5911694e0ba94617b09718fefbc6f92b0e5684fc586cc537164c14ea88ae4df0f430e06dcf43657ba42dc789fd57710") fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) 2.214957543s ago: executing program 3 (id=3120): syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x0) prctl$auto(0x1000000001c, 0x5, 0x100000000, 0x400000000009, 0x3fffffffff) msgctl$auto_MSG_INFO(0x4, 0xc, &(0x7f00000001c0)={{0x2, 0x0, 0x0, 0xffffffff, 0x0, 0x6, 0x8}, &(0x7f0000000080)=0x49, &(0x7f00000000c0)=0xe5, 0x5, 0x800, 0x2, 0x810, 0x6, 0x8, 0x1, 0x3728, @raw=0x100}) setreuid$auto(0x0, r1) fcntl$auto(r0, 0x400, 0x1) setresuid$auto(0x2, 0xee01, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x163) r2 = socket(0x2, 0x801, 0x6) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) setsockopt$auto(r2, 0x1, 0x12, 0x0, 0xa4) close_range$auto(0x2, 0xa, 0x0) ioperm$auto(0x7, 0x6, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000080), 0x2003, 0x0) r3 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xffe}, 0x40000000001, &(0x7f0000000140)={&(0x7f0000000040), 0xdb8}, 0x4, 0x0) ioctl$auto(r3, 0x400454ca, 0x38) inotify_rm_watch$auto(0xffffffffffffffff, 0x8) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), r5) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_DELETE(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="28000200", @ANYBLOB="208cc7c97c48fd151679a6de57eeb4c511c167ce1fb98cc17286f6dcdd6adda5e6feb600444f2cd48faf2ae9ebbfb59138143adcd09440bc4417bf690fdd1f3697c1c0a4acea7eebef632e597be171df00f7495f492034dce48d9b35392073ecd379df288b56262b6a1c10533427247f5ed163e9412799c07837", @ANYBLOB="090027bd7000fbdbdf250200000008000800", @ANYRES32=r7, @ANYBLOB="0c0001800800010002"], 0x28}, 0x1, 0x0, 0x0, 0x4044801}, 0xc050) socket$nl_generic(0x10, 0x3, 0x10) 2.110735741s ago: executing program 0 (id=3121): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyub\x00', 0xa2540, 0x0) ioctl$auto(r0, 0x5419, 0x38) 1.994273425s ago: executing program 2 (id=3122): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_to_bridge\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000008c0)=ANY=[@ANYBLOB="f8010000", @ANYRES16=r1, @ANYBLOB="2f212cbd7000fcdbdf252100000008000300", @ANYRES32=r2, @ANYBLOB='c\x00}'], 0x1f8}, 0x1, 0x0, 0x0, 0x40051}, 0x20000000) 1.927564269s ago: executing program 3 (id=3123): r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="08d95189c9be60ea1e9f9c81d9c24fc26b7ff51a9bcf386179689d8a1dbb9f80fa078a9ebda1b9a365ab3e33dafbc06e6d4b57c30bb82570d2b00cd24c6ad133135c9e548a8f44640644a704720f67a9927e2e8463026858455b316630ea27cf14e623c63e324542b6063e217d91bd3c4a4cf906eaf0e019f36c94ae293a3aa459fba58e55da1a40af3fff05769ded34cc6c514c486158a2e8278ea17c26d1d3466bbdcc00485f6c3411a64ee410b3cee8d7dd06ce4744ef425e"], 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x24000044) write$auto(r0, &(0x7f0000000100)='\x00', 0xfffffffffffffffa) mmap$auto(0x7f, 0x3, 0x9, 0x1d, r0, 0xdb8e5ae) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.7/usb8/remove\x00', 0xa001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2) madvise$auto(0x110c230000, 0x8031ca, 0x9) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) bpf$auto(0x7fffffe, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x5, 0x9, 0x3, 0x80, 0x8, 0x4, 0x1, 0x200, 0x8, 0x401, 0x2, 0xe2, 0x4, 0xd}, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r2, 0x0, 0x24000000) write$auto(r3, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r3, &(0x7f00000005c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) mmap$auto(0xffffffffffffffff, 0x2000d, 0x8, 0xeb1, 0x404, 0x80000000) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x3b) socket(0xa, 0x3, 0x3b) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x0) openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000000040), 0x28080, 0x0) io_uring_setup$auto(0x86, 0x0) 1.881180064s ago: executing program 4 (id=3124): r0 = openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/trace_options\x00', 0x8000, 0x0) pread64$auto(r0, &(0x7f0000000ec0)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x80000002, 0x40) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) setresuid$auto(0x909b, 0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = socket(0xa, 0x801, 0x84) getsockopt$auto(r2, 0x84, 0x83, 0x0, 0x0) landlock_create_ruleset$auto(&(0x7f0000000000)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) socketpair$auto(0x1e, 0x5, 0x100, 0x0) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0xa, 0x0) close_range$auto(0x2, 0x8, 0x5) r3 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) read$auto(r3, 0x0, 0x5) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x745100, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) madvise$auto(0x8, 0x200007, 0x19) socket(0x3, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0x7) sendmsg$auto_MACSEC_CMD_ADD_TXSA(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x2a8}, 0x1, 0x0, 0x0, 0x4008000}, 0x4040811) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/mem\x00', 0x200, 0x0) io_submit$auto(0x0, 0xa4e, &(0x7f00000000c0)=&(0x7f0000000000)={0x1, 0x6, 0x80000000, 0x6, 0x1, 0xffffffffffffffff, 0x1, 0xfffffffffffffff9, 0x9, 0x0, 0xa07, r4}) 1.747572844s ago: executing program 0 (id=3125): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) (async) vmsplice$auto(0x1, &(0x7f0000000000)={0x0, 0xffffffffffffff7e}, 0x800, 0x8) 1.691587116s ago: executing program 2 (id=3126): mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/bNumInterfaces\x00', 0x100000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)=""/251, 0xfb) madvise$auto(0x1000, 0x400050, 0x9) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) rename$auto(&(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='./file0\x00') open(&(0x7f0000000040)='./file0\x00', 0x1e9e02, 0x61) fallocate$auto(0x3, 0x8, 0x200000000000b, 0x9) madvise$auto(0x1, 0xffffffffffffffff, 0x1ff) 1.446956616s ago: executing program 0 (id=3127): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2c, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) timer_create$auto(0x8, &(0x7f0000000000)={@sival_int=0xccea, @inferred, 0x1}, &(0x7f0000000040)=0x200) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[], 0x14}}, 0x24048004) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/pagemap\x00', 0x309801, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r2 = socket(0xa, 0x801, 0x84) getsockopt$auto(r2, 0x84, 0x74, 0x0, &(0x7f0000000040)=0x9000c) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) 1.287567013s ago: executing program 4 (id=3128): r0 = socket(0x2a, 0x805, 0x7) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x6000, 0x810004, 0x2000000efb, 0x8000000008011, r1, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/hwsim/ps\x00', 0x1102, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/loop3/queue/write_same_max_bytes\x00', 0x800, 0x0) read$auto(r3, 0x0, 0x7) write$auto(r2, 0x0, 0x4000000000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0xf46d, 0x0, 0x30, 0x0, 0x4, 0x108}, 0x7}, 0x81, 0x400) bind$auto(r0, &(0x7f0000000080)=@in={0x28, 0x4e21, @rand_addr=0xfffffffa}, 0x68) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x187) r4 = ioctl$auto_TUNSETFILTEREBPF(0xffffffffffffffff, 0x800454e1, &(0x7f0000000040)=0x4) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/usb/usbmon/40u\x00', 0x705aa1, 0x0) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/usb/usbmon/36u\x00', 0x26040, 0x0) close_range$auto(0x2, 0x8, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_GET(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x8081}, 0x20004814) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="05082dbd7000fedbdf257e0000000800db00", @ANYRES32, @ANYBLOB="afb15aa91f23620c"], 0x24}, 0x1, 0x0, 0x0, 0x4044004}, 0x8000) sendmsg$auto_NL80211_CMD_UNEXPECTED_FRAME(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xc00}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRESDEC=r8, @ANYBLOB="00032dbd7000ffdbdf2553000000080022010500000008006b008c040000"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x48080) r9 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2000, 0x0) ioctl$auto(r9, 0x5424, r9) read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000240), 0x0) 899.060673ms ago: executing program 2 (id=3129): r0 = socket(0x2, 0x3, 0xc) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x805, 0x2000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_WIPHY(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="810b25bd7000ffdbdf251100000008000300", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0x0) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto(0xc8, 0x801054db, r0) 57.279841ms ago: executing program 4 (id=3130): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) socket(0x6, 0x3, 0x37) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x26, 0x5, 0x8c68) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x101e41, 0x0) ioperm$auto(0x4, 0x100000001, 0x4000005) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyr0\x00', 0x74c40, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x800, 0x8000009, 0x1, 0x213, 0xffffffffffffffff, 0x100000000000008) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x7, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x40146f2c, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(0xffffffffffffffff, 0x40146f2b, 0x0) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x50ba82, 0x0) read$auto(r4, 0x0, 0xb4d3) unshare$auto(0x40000080) setsockopt$auto(r0, 0xd0, 0x800000e4, 0x0, 0x569) 0s ago: executing program 2 (id=3131): r0 = socket(0x10, 0x2, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/acpi/wakeup\x00', 0x48041, 0x0) r2 = fcntl$getown(0xffffffffffffffff, 0x9) syz_open_procfs$namespace(r2, &(0x7f0000000040)='ns/mnt\x00') ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r2) write$auto(r1, 0x0, 0x0) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) bpf$auto(0x12, 0x0, 0x26) r4 = socket(0xa, 0x5, 0x84) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x100, 0x0) r5 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0) ioctl$auto_SNAPSHOT_S2RAM(r5, 0x330b, 0x0) sendto$auto(r4, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x17) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010027bd7000fcdbdf250a00000018000180140002000000000000000000000000000000000018000180140022006261746164765f736c6176655f310000111a2fc430612a779ae4e4f89ec7eb129960e076bf6309a03b56b36a9317840ee5b74018f1d1890e4f79bc824ae30df1da85e9a3c8402e8941195c5ba02eb670e0181b16fb2aeed76a692b69423485247b252da2722c16746a38d0705903febf72"], 0x44}, 0x1, 0x0, 0x0, 0x801}, 0x40) kernel console output (not intermixed with test programs): 000000 [ 712.349051][T17155] R13: 00007f8427c16038 R14: 00007f8427c15fa0 R15: 00007ffcbf396878 [ 712.349091][T17155] [ 713.952851][T17183] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2505'. [ 714.067472][T17192] nbd: must specify at least one socket [ 714.092958][ T8107] Bluetooth: hci0: unexpected event 0x33 length: 124 > 10 [ 714.245457][T17192] zswap: compressor  not available [ 714.453198][T17198] zswap: compressor not available [ 715.128728][T17219] FAULT_INJECTION: forcing a failure. [ 715.128728][T17219] name failslab, interval 1, probability 0, space 0, times 0 [ 715.150232][T17221] CIFS mount error: No usable UNC path provided in device string! [ 715.150232][T17221] [ 715.170870][T17219] CPU: 0 UID: 0 PID: 17219 Comm: syz.4.2512 Tainted: G L syzkaller #0 PREEMPT(full) [ 715.170911][T17219] Tainted: [L]=SOFTLOCKUP [ 715.170922][T17219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 715.170937][T17219] Call Trace: [ 715.170946][T17219] [ 715.170957][T17219] dump_stack_lvl+0x100/0x190 [ 715.170997][T17219] should_fail_ex.cold+0x5/0xa [ 715.171029][T17219] ? tomoyo_encode2+0xfb/0x3c0 [ 715.171065][T17219] should_failslab+0xc2/0x120 [ 715.171103][T17219] __kmalloc_noprof+0xe0/0x850 [ 715.171144][T17219] tomoyo_encode2+0xfb/0x3c0 [ 715.171188][T17219] tomoyo_encode+0x29/0x50 [ 715.171225][T17219] tomoyo_mount_acl+0x388/0x8b0 [ 715.171272][T17219] ? is_bpf_text_address+0x8a/0x1a0 [ 715.171309][T17219] ? bpf_ksym_find+0x124/0x1c0 [ 715.171343][T17219] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 715.171377][T17219] ? kernel_text_address+0x8d/0x100 [ 715.171415][T17219] ? unwind_get_return_address+0x59/0xa0 [ 715.171479][T17219] ? tomoyo_domain+0xb2/0x150 [ 715.171505][T17219] ? tomoyo_profile+0x47/0x60 [ 715.171535][T17219] tomoyo_mount_permission+0x214/0x460 [ 715.171571][T17219] ? tomoyo_mount_permission+0x1f6/0x460 [ 715.171610][T17219] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 715.171669][T17219] security_sb_mount+0xdd/0x270 [ 715.171704][T17219] path_mount+0x158/0x23d0 [ 715.171737][T17219] ? __pfx_path_mount+0x10/0x10 [ 715.171760][T17219] ? lockdep_hardirqs_on+0x78/0x100 [ 715.171801][T17219] ? putname+0xb1/0x110 [ 715.171837][T17219] ? kmem_cache_free+0x124/0x6a0 [ 715.171880][T17219] ? __x64_sys_mount+0x293/0x310 [ 715.171904][T17219] __x64_sys_mount+0x293/0x310 [ 715.171932][T17219] ? __pfx___x64_sys_mount+0x10/0x10 [ 715.171969][T17219] do_syscall_64+0x106/0xf80 [ 715.172005][T17219] ? clear_bhb_loop+0x40/0x90 [ 715.172038][T17219] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 715.172066][T17219] RIP: 0033:0x7fbd9e99bf79 [ 715.172089][T17219] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 715.172115][T17219] RSP: 002b:00007fbd9f7f9028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 715.172140][T17219] RAX: ffffffffffffffda RBX: 00007fbd9ec16090 RCX: 00007fbd9e99bf79 [ 715.172159][T17219] RDX: 0000200000000000 RSI: 0000200000000040 RDI: 0000000000000000 [ 715.172175][T17219] RBP: 00007fbd9ea327e0 R08: 0000200000001580 R09: 0000000000000000 [ 715.172193][T17219] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000000 [ 715.172209][T17219] R13: 00007fbd9ec16128 R14: 00007fbd9ec16090 R15: 00007fff9ce804f8 [ 715.172253][T17219] [ 715.635444][T17221] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 716.132079][T17242] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 716.138819][T17242] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 718.637779][T17296] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2528'. [ 718.724696][T17296] netlink: 354 bytes leftover after parsing attributes in process `syz.2.2528'. [ 720.592322][T17344] netlink: 504 bytes leftover after parsing attributes in process `syz.2.2540'. [ 721.709363][T17370] netlink: 206 bytes leftover after parsing attributes in process `syz.3.2549'. [ 723.821578][ T8107] Bluetooth: hci6: command 0x0406 tx timeout [ 724.533283][T17430] [U]  [ 724.536708][T17430] [U] [ 724.539426][T17430] [U] [ 724.542129][T17430] [U] [ 724.548219][T17430] [U] [ 724.550951][T17430] [U] [ 724.553658][T17430] [U] [ 724.556370][T17430] [U] [ 724.560671][T17430] [U] [ 724.563396][T17430] [U] [ 724.566114][T17430] [U] [ 724.568830][T17430] [U] [ 724.572359][T17430] [U] [ 724.575085][T17430] [U] [ 724.577817][T17430] [U] [ 724.580528][T17430] [U] [ 724.622182][T17430] [U] [ 724.624915][T17430] [U] [ 724.627586][T17430] [U] [ 724.630261][T17430] [U] [ 724.664955][T17430] [U] [ 724.943055][T17436] FAULT_INJECTION: forcing a failure. [ 724.943055][T17436] name failslab, interval 1, probability 0, space 0, times 0 [ 725.012143][T17436] CPU: 1 UID: 0 PID: 17436 Comm: syz.4.2565 Tainted: G L syzkaller #0 PREEMPT(full) [ 725.012168][T17436] Tainted: [L]=SOFTLOCKUP [ 725.012174][T17436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 725.012183][T17436] Call Trace: [ 725.012190][T17436] [ 725.012196][T17436] dump_stack_lvl+0x100/0x190 [ 725.012232][T17436] should_fail_ex.cold+0x5/0xa [ 725.012251][T17436] ? tomoyo_realpath_from_path+0xb6/0x690 [ 725.012274][T17436] should_failslab+0xc2/0x120 [ 725.012296][T17436] __kmalloc_noprof+0xe0/0x850 [ 725.012319][T17436] tomoyo_realpath_from_path+0xb6/0x690 [ 725.012347][T17436] tomoyo_check_open_permission+0x2af/0x3c0 [ 725.012368][T17436] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 725.012407][T17436] ? do_raw_spin_lock+0x128/0x260 [ 725.012428][T17436] ? path_get+0x61/0x80 [ 725.012453][T17436] tomoyo_file_open+0x6b/0x90 [ 725.012469][T17436] security_file_open+0xb5/0x1e0 [ 725.012494][T17436] do_dentry_open+0x5aa/0x1660 [ 725.012517][T17436] ? security_inode_permission+0xbf/0x250 [ 725.012540][T17436] vfs_open+0x82/0x3f0 [ 725.012558][T17436] path_openat+0x208c/0x31a0 [ 725.012587][T17436] ? __pfx_path_openat+0x10/0x10 [ 725.012616][T17436] do_file_open+0x20e/0x430 [ 725.012638][T17436] ? __pfx_do_file_open+0x10/0x10 [ 725.012673][T17436] ? alloc_fd+0x476/0x790 [ 725.012696][T17436] ? do_getname+0x191/0x390 [ 725.012713][T17436] do_sys_openat2+0x10d/0x1e0 [ 725.012730][T17436] ? __pfx_do_sys_openat2+0x10/0x10 [ 725.012753][T17436] __x64_sys_openat+0x12d/0x210 [ 725.012770][T17436] ? __pfx___x64_sys_openat+0x10/0x10 [ 725.012794][T17436] do_syscall_64+0x106/0xf80 [ 725.012815][T17436] ? clear_bhb_loop+0x40/0x90 [ 725.012834][T17436] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 725.012851][T17436] RIP: 0033:0x7fbd9e99bf79 [ 725.012864][T17436] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 725.012879][T17436] RSP: 002b:00007fbd9f81a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 725.012893][T17436] RAX: ffffffffffffffda RBX: 00007fbd9ec15fa0 RCX: 00007fbd9e99bf79 [ 725.012903][T17436] RDX: 0000000000001000 RSI: 0000200000000380 RDI: ffffffffffffff9c [ 725.012913][T17436] RBP: 00007fbd9ea327e0 R08: 0000000000000000 R09: 0000000000000000 [ 725.012922][T17436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 725.012931][T17436] R13: 00007fbd9ec16038 R14: 00007fbd9ec15fa0 R15: 00007fff9ce804f8 [ 725.012952][T17436] [ 725.013041][T17436] ERROR: Out of memory at tomoyo_realpath_from_path. [ 725.674373][T17448] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 726.692992][T17467] zswap: compressor not available [ 729.143880][T17505] Process accounting resumed [ 729.315087][T17504] Invalid ELF header magic: != ELF [ 729.458876][T17524] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2583'. [ 729.509894][T17522] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2583'. [ 729.558390][T17522] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2583'. [ 729.582912][T17522] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2583'. [ 729.652063][T17522] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2583'. [ 729.687589][T17522] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2583'. [ 730.105572][T17540] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2586'. [ 730.130957][T17542] Line length is too long: Should be less than 4094 [ 730.963216][T17567] warning: `syz.0.2590' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 734.116205][T10661] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 734.124269][T10661] Bluetooth: hci4: Invalid handle: 0x3a4a > 0x0eff [ 736.469543][T17665] input: f as /devices/virtual/input/input27 [ 737.351381][T17660] bond0: invalid ARP target specified [ 740.785372][T17744] zswap: compressor not available [ 740.880919][T17751] FAULT_INJECTION: forcing a failure. [ 740.880919][T17751] name failslab, interval 1, probability 0, space 0, times 0 [ 740.930020][T17751] CPU: 1 UID: 0 PID: 17751 Comm: syz.0.2622 Tainted: G L syzkaller #0 PREEMPT(full) [ 740.930066][T17751] Tainted: [L]=SOFTLOCKUP [ 740.930077][T17751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 740.930095][T17751] Call Trace: [ 740.930105][T17751] [ 740.930116][T17751] dump_stack_lvl+0x100/0x190 [ 740.930162][T17751] should_fail_ex.cold+0x5/0xa [ 740.930200][T17751] should_failslab+0xc2/0x120 [ 740.930242][T17751] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 740.930277][T17751] ? skb_clone+0x190/0x400 [ 740.930324][T17751] skb_clone+0x190/0x400 [ 740.930367][T17751] netlink_deliver_tap+0xaed/0xcc0 [ 740.930416][T17751] netlink_unicast+0x70c/0x870 [ 740.930462][T17751] ? __pfx_netlink_unicast+0x10/0x10 [ 740.930504][T17751] ? __alloc_skb+0x5b7/0x710 [ 740.930539][T17751] ? genl_rcv_msg+0x4be/0x800 [ 740.930579][T17751] netlink_ack+0x655/0xb80 [ 740.930632][T17751] netlink_rcv_skb+0x333/0x420 [ 740.930674][T17751] ? __pfx_genl_rcv_msg+0x10/0x10 [ 740.930707][T17751] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 740.930766][T17751] ? netlink_deliver_tap+0x1ae/0xcc0 [ 740.930814][T17751] genl_rcv+0x28/0x40 [ 740.930840][T17751] netlink_unicast+0x5aa/0x870 [ 740.930888][T17751] ? __pfx_netlink_unicast+0x10/0x10 [ 740.930945][T17751] netlink_sendmsg+0x8b0/0xda0 [ 740.930991][T17751] ? __pfx_netlink_sendmsg+0x10/0x10 [ 740.931036][T17751] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 740.931073][T17751] __sys_sendto+0x4aa/0x520 [ 740.931110][T17751] ? __pfx___sys_sendto+0x10/0x10 [ 740.931157][T17751] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 740.931205][T17751] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 740.931271][T17751] __x64_sys_sendto+0xe0/0x1c0 [ 740.931307][T17751] ? do_syscall_64+0x95/0xf80 [ 740.931346][T17751] ? lockdep_hardirqs_on+0x78/0x100 [ 740.931386][T17751] do_syscall_64+0x106/0xf80 [ 740.931422][T17751] ? clear_bhb_loop+0x40/0x90 [ 740.931457][T17751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 740.931485][T17751] RIP: 0033:0x7f842795c84e [ 740.931511][T17751] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 740.931540][T17751] RSP: 002b:00007f84288d1e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 740.931570][T17751] RAX: ffffffffffffffda RBX: 00007f84288d36c0 RCX: 00007f842795c84e [ 740.931589][T17751] RDX: 0000000000000024 RSI: 00007f84288d2000 RDI: 000000000000000a [ 740.931606][T17751] RBP: 0000000000000000 R08: 00007f84288d1f04 R09: 000000000000000c [ 740.931624][T17751] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a [ 740.931641][T17751] R13: 00007f84288d1f58 R14: 00007f84288d2000 R15: 0000000000000000 [ 740.931681][T17751] [ 741.553297][ T30] audit: type=1804 audit(2147483909.368:25): pid=17762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.2625" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 742.284751][T17791] futex_wake_op: syz.0.2629 tries to shift op by -2048; fix this program [ 742.293219][T17791] futex_wake_op: syz.0.2629 tries to shift op by -2048; fix this program [ 742.363758][T17791] futex_wake_op: syz.0.2629 tries to shift op by -2048; fix this program [ 742.396644][T17791] futex_wake_op: syz.0.2629 tries to shift op by -2048; fix this program [ 742.465894][T17791] futex_wake_op: syz.0.2629 tries to shift op by -2048; fix this program [ 742.507373][T17791] futex_wake_op: syz.0.2629 tries to shift op by -2048; fix this program [ 742.549164][T17791] futex_wake_op: syz.0.2629 tries to shift op by -2048; fix this program [ 742.589433][T17791] futex_wake_op: syz.0.2629 tries to shift op by -2048; fix this program [ 742.637334][T17791] futex_wake_op: syz.0.2629 tries to shift op by -2048; fix this program [ 742.683891][T17791] futex_wake_op: syz.0.2629 tries to shift op by -2048; fix this program [ 745.109340][T17830] FAULT_INJECTION: forcing a failure. [ 745.109340][T17830] name failslab, interval 1, probability 0, space 0, times 0 [ 745.164165][T17830] CPU: 1 UID: 0 PID: 17830 Comm: syz.3.2637 Tainted: G L syzkaller #0 PREEMPT(full) [ 745.164209][T17830] Tainted: [L]=SOFTLOCKUP [ 745.164220][T17830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 745.164237][T17830] Call Trace: [ 745.164247][T17830] [ 745.164258][T17830] dump_stack_lvl+0x100/0x190 [ 745.164306][T17830] should_fail_ex.cold+0x5/0xa [ 745.164339][T17830] ? fib_default_rule_add+0x4f/0x420 [ 745.164381][T17830] should_failslab+0xc2/0x120 [ 745.164422][T17830] __kmalloc_noprof+0xe0/0x850 [ 745.164466][T17830] fib_default_rule_add+0x4f/0x420 [ 745.164513][T17830] fib4_rules_init+0x52/0x1c0 [ 745.164549][T17830] fib_net_init+0x1dc/0x3f0 [ 745.164591][T17830] ? is_module_address+0x69/0xf0 [ 745.164623][T17830] ? __pfx_fib_net_init+0x10/0x10 [ 745.164664][T17830] ? timer_init_key+0x150/0x340 [ 745.164696][T17830] ? devinet_init_net+0x56c/0x8d0 [ 745.164729][T17830] ? __pfx_fib_net_init+0x10/0x10 [ 745.164768][T17830] ops_init+0x1e2/0x5f0 [ 745.164808][T17830] setup_net+0x118/0x3a0 [ 745.164851][T17830] ? __pfx_setup_net+0x10/0x10 [ 745.164900][T17830] ? lockdep_init_map_type+0x5c/0x250 [ 745.164938][T17830] ? mutex_init_lockep+0x110/0x150 [ 745.164980][T17830] copy_net_ns+0x46f/0x7c0 [ 745.165012][T17830] create_new_namespaces+0x3ea/0xac0 [ 745.165066][T17830] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 745.165099][T17830] ksys_unshare+0x455/0xab0 [ 745.165135][T17830] ? __pfx_ksys_unshare+0x10/0x10 [ 745.165183][T17830] __x64_sys_unshare+0x31/0x40 [ 745.165215][T17830] do_syscall_64+0x106/0xf80 [ 745.165252][T17830] ? clear_bhb_loop+0x40/0x90 [ 745.165286][T17830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.165318][T17830] RIP: 0033:0x7fa6d259bf79 [ 745.165342][T17830] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 745.165370][T17830] RSP: 002b:00007fa6d33b6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 745.165397][T17830] RAX: ffffffffffffffda RBX: 00007fa6d2815fa0 RCX: 00007fa6d259bf79 [ 745.165417][T17830] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 745.165434][T17830] RBP: 00007fa6d26327e0 R08: 0000000000000000 R09: 0000000000000000 [ 745.165452][T17830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.165466][T17830] R13: 00007fa6d2816038 R14: 00007fa6d2815fa0 R15: 00007ffd113ab928 [ 745.165504][T17830] [ 746.544362][T17855] Invalid ELF header magic: != ELF [ 747.020747][T17861] binder: 17859:17861 ioctl c018620c 0 returned -1 [ 747.353051][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.360406][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.778867][T17867] Invalid ELF header magic: != ELF [ 749.444030][T17887] Bluetooth: hci1: command 0x0406 tx timeout [ 751.308544][T10661] Bluetooth: hci7: Opcode 0x0c03 failed: -110 [ 751.929136][T17931] FAULT_INJECTION: forcing a failure. [ 751.929136][T17931] name failslab, interval 1, probability 0, space 0, times 0 [ 751.995113][T17931] CPU: 1 UID: 0 PID: 17931 Comm: syz.3.2658 Tainted: G L syzkaller #0 PREEMPT(full) [ 751.995154][T17931] Tainted: [L]=SOFTLOCKUP [ 751.995164][T17931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 751.995179][T17931] Call Trace: [ 751.995187][T17931] [ 751.995197][T17931] dump_stack_lvl+0x100/0x190 [ 751.995239][T17931] should_fail_ex.cold+0x5/0xa [ 751.995271][T17931] should_failslab+0xc2/0x120 [ 751.995308][T17931] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 751.995340][T17931] ? ptlock_alloc+0x1f/0x70 [ 751.995376][T17931] ? __pfx_filemap_map_pages+0x10/0x10 [ 751.995407][T17931] ptlock_alloc+0x1f/0x70 [ 751.995436][T17931] pte_alloc_one+0x84/0x3e0 [ 751.995465][T17931] __do_fault+0x359/0x550 [ 751.995504][T17931] ? __pfx_filemap_map_pages+0x10/0x10 [ 751.995535][T17931] do_fault+0x2db/0x1a00 [ 751.995559][T17931] ? __pmd_alloc+0x6aa/0x9c0 [ 751.995587][T17931] __handle_mm_fault+0x180f/0x2b60 [ 751.995623][T17931] ? mt_find+0x45e/0x8e0 [ 751.995664][T17931] ? __pfx___handle_mm_fault+0x10/0x10 [ 751.995692][T17931] ? __pfx_mt_find+0x10/0x10 [ 751.995750][T17931] ? find_vma+0xbf/0x140 [ 751.995785][T17931] ? __pfx_find_vma+0x10/0x10 [ 751.995822][T17931] handle_mm_fault+0x36d/0xa20 [ 751.995860][T17931] do_user_addr_fault+0x74c/0x12f0 [ 751.995910][T17931] exc_page_fault+0x6f/0xd0 [ 751.995947][T17931] asm_exc_page_fault+0x26/0x30 [ 751.995973][T17931] RIP: 0010:rep_movs_alternative+0x33/0x90 [ 751.996003][T17931] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb [ 751.996027][T17931] RSP: 0018:ffffc900044afd80 EFLAGS: 00050246 [ 751.996047][T17931] RAX: 0000000000000000 RBX: 0000000000000008 RCX: 0000000000000008 [ 751.996083][T17931] RDX: 0000000000000001 RSI: ffffc900044afe10 RDI: 0000000000000004 [ 751.996099][T17931] RBP: 0000000000000004 R08: 0000000000000000 R09: fffff52000895fc2 [ 751.996115][T17931] R10: ffffc900044afe17 R11: 0000000000000000 R12: ffffc900044afe10 [ 751.996130][T17931] R13: 000000000000000c R14: 00007ffffffff000 R15: 0000000000000000 [ 751.996165][T17931] _copy_to_user+0xa4/0xd0 [ 751.996203][T17931] do_fcntl+0xfc1/0x1670 [ 751.996232][T17931] ? __pfx_do_fcntl+0x10/0x10 [ 751.996256][T17931] ? __fget_files+0x215/0x3d0 [ 751.996303][T17931] ? tomoyo_file_fcntl+0x6c/0xc0 [ 751.996334][T17931] __x64_sys_fcntl+0x163/0x200 [ 751.996361][T17931] do_syscall_64+0x106/0xf80 [ 751.996388][T17931] ? clear_bhb_loop+0x40/0x90 [ 751.996412][T17931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 751.996432][T17931] RIP: 0033:0x7fa6d259bf79 [ 751.996449][T17931] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 751.996468][T17931] RSP: 002b:00007fa6d33b6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 751.996487][T17931] RAX: ffffffffffffffda RBX: 00007fa6d2815fa0 RCX: 00007fa6d259bf79 [ 751.996500][T17931] RDX: 0000000000000004 RSI: 000000000000040b RDI: 0000000000000003 [ 751.996513][T17931] RBP: 00007fa6d26327e0 R08: 0000000000000000 R09: 0000000000000000 [ 751.996525][T17931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 751.996538][T17931] R13: 00007fa6d2816038 R14: 00007fa6d2815fa0 R15: 00007ffd113ab928 [ 751.996568][T17931] [ 752.394747][T17931] FAULT_INJECTION: forcing a failure. [ 752.394747][T17931] name failslab, interval 1, probability 0, space 0, times 0 [ 752.407532][T17931] CPU: 1 UID: 0 PID: 17931 Comm: syz.3.2658 Tainted: G L syzkaller #0 PREEMPT(full) [ 752.407572][T17931] Tainted: [L]=SOFTLOCKUP [ 752.407581][T17931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 752.407596][T17931] Call Trace: [ 752.407605][T17931] [ 752.407616][T17931] dump_stack_lvl+0x100/0x190 [ 752.407657][T17931] should_fail_ex.cold+0x5/0xa [ 752.407688][T17931] should_failslab+0xc2/0x120 [ 752.407725][T17931] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 752.407758][T17931] ? security_file_alloc+0x34/0x2c0 [ 752.407794][T17931] ? trace_kmem_cache_alloc+0xf3/0x120 [ 752.407838][T17931] security_file_alloc+0x34/0x2c0 [ 752.407875][T17931] init_file+0x95/0x480 [ 752.407901][T17931] alloc_empty_file+0x73/0x1c0 [ 752.407929][T17931] alloc_file_pseudo+0x13a/0x230 [ 752.407960][T17931] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 752.407998][T17931] __shmem_file_setup+0x1a3/0x330 [ 752.408032][T17931] shmem_zero_setup+0x93/0x1b0 [ 752.408070][T17931] __mmap_region+0x20b5/0x2760 [ 752.408109][T17931] ? __pfx___mmap_region+0x10/0x10 [ 752.408147][T17931] ? find_held_lock+0x2b/0x80 [ 752.408184][T17931] ? trace_ignore_this_task+0x56/0x100 [ 752.408218][T17931] ? trace_ignore_this_task+0x56/0x100 [ 752.408264][T17931] ? finish_task_switch.isra.0+0x200/0xb80 [ 752.408291][T17931] ? finish_task_switch.isra.0+0x200/0xb80 [ 752.408324][T17931] ? rcu_is_watching+0x12/0xc0 [ 752.408373][T17931] ? __schedule+0x1000/0x60e0 [ 752.408404][T17931] ? trace_ignore_this_task+0x56/0x100 [ 752.408436][T17931] ? trace_ignore_this_task+0x56/0x100 [ 752.408517][T17931] ? rcu_is_watching+0x12/0xc0 [ 752.408555][T17931] ? cap_capable+0x107/0x460 [ 752.408588][T17931] mmap_region+0x180/0x3e0 [ 752.408625][T17931] do_mmap+0xc63/0x12f0 [ 752.408666][T17931] ? __pfx_do_mmap+0x10/0x10 [ 752.408701][T17931] ? __pfx_down_write_killable+0x10/0x10 [ 752.408732][T17931] vm_mmap_pgoff+0x29e/0x470 [ 752.408776][T17931] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 752.408824][T17931] ? __x64_sys_futex+0x34f/0x4d0 [ 752.408854][T17931] ? __x64_sys_futex+0x358/0x4d0 [ 752.408888][T17931] ksys_mmap_pgoff+0x7d/0x5b0 [ 752.408934][T17931] __x64_sys_mmap+0x125/0x190 [ 752.408976][T17931] do_syscall_64+0x106/0xf80 [ 752.409012][T17931] ? clear_bhb_loop+0x40/0x90 [ 752.409046][T17931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.409072][T17931] RIP: 0033:0x7fa6d259bf79 [ 752.409095][T17931] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 752.409120][T17931] RSP: 002b:00007fa6d33b6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 752.409145][T17931] RAX: ffffffffffffffda RBX: 00007fa6d2815fa0 RCX: 00007fa6d259bf79 [ 752.409164][T17931] RDX: 00004000000200df RSI: 000000000002000d RDI: 0000000000000000 [ 752.409181][T17931] RBP: 00007fa6d26327e0 R08: 0000000000000404 R09: 0000000000008000 [ 752.409198][T17931] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 752.409215][T17931] R13: 00007fa6d2816038 R14: 00007fa6d2815fa0 R15: 00007ffd113ab928 [ 752.409253][T17931] [ 753.153725][T17947] FAULT_INJECTION: forcing a failure. [ 753.153725][T17947] name fail_futex, interval 1, probability 0, space 0, times 0 [ 753.166692][T17947] CPU: 1 UID: 0 PID: 17947 Comm: syz.0.2661 Tainted: G L syzkaller #0 PREEMPT(full) [ 753.166731][T17947] Tainted: [L]=SOFTLOCKUP [ 753.166741][T17947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 753.166755][T17947] Call Trace: [ 753.166764][T17947] [ 753.166774][T17947] dump_stack_lvl+0x100/0x190 [ 753.166816][T17947] should_fail_ex.cold+0x5/0xa [ 753.166847][T17947] get_futex_key+0x1d2/0x1620 [ 753.166880][T17947] ? __pfx_get_futex_key+0x10/0x10 [ 753.166910][T17947] ? find_held_lock+0x2b/0x80 [ 753.166947][T17947] ? __might_fault+0xc5/0x140 [ 753.166977][T17947] ? __might_fault+0xc5/0x140 [ 753.167020][T17947] futex_wait_setup+0x81/0x500 [ 753.167065][T17947] __futex_wait+0x19f/0x300 [ 753.167103][T17947] ? __pfx___futex_wait+0x10/0x10 [ 753.167144][T17947] ? __pfx_futex_wake_mark+0x10/0x10 [ 753.167181][T17947] ? futex_hash+0x2c5/0x380 [ 753.167219][T17947] futex_wait+0xed/0x380 [ 753.167255][T17947] ? __pfx_futex_wait+0x10/0x10 [ 753.167307][T17947] do_futex+0x1ef/0x350 [ 753.167338][T17947] ? __pfx_do_futex+0x10/0x10 [ 753.167377][T17947] __x64_sys_futex+0x34f/0x4d0 [ 753.167412][T17947] ? __pfx___x64_sys_futex+0x10/0x10 [ 753.167456][T17947] do_syscall_64+0x106/0xf80 [ 753.167492][T17947] ? clear_bhb_loop+0x40/0x90 [ 753.167525][T17947] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 753.167551][T17947] RIP: 0033:0x7f842799bf79 [ 753.167573][T17947] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 753.167599][T17947] RSP: 002b:00007f84288d30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 753.167623][T17947] RAX: ffffffffffffffda RBX: 00007f8427c15fa8 RCX: 00007f842799bf79 [ 753.167641][T17947] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8427c15fa8 [ 753.167657][T17947] RBP: 00007f8427c15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 753.167673][T17947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 753.167689][T17947] R13: 00007f8427c16038 R14: 00007ffcbf396790 R15: 00007ffcbf396878 [ 753.167725][T17947] [ 753.631296][ T5821] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 753.644116][ T5821] CPU: 1 UID: 0 PID: 5821 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 753.644156][ T5821] Tainted: [L]=SOFTLOCKUP [ 753.644165][ T5821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 753.644179][ T5821] Call Trace: [ 753.644187][ T5821] [ 753.644196][ T5821] dump_stack_lvl+0x100/0x190 [ 753.644236][ T5821] dump_header+0xfb/0x606 [ 753.644275][ T5821] oom_kill_process.cold+0xd/0x330 [ 753.644305][ T5821] out_of_memory+0x340/0x14f0 [ 753.644345][ T5821] ? __pfx_out_of_memory+0x10/0x10 [ 753.644387][ T5821] mem_cgroup_out_of_memory+0xc6/0x130 [ 753.644417][ T5821] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 753.644446][ T5821] ? find_held_lock+0x2b/0x80 [ 753.644492][ T5821] ? do_raw_spin_unlock+0x145/0x1e0 [ 753.644528][ T5821] ? _raw_spin_unlock+0x28/0x50 [ 753.644563][ T5821] try_charge_memcg+0x652/0xc90 [ 753.644609][ T5821] ? __pfx_try_charge_memcg+0x10/0x10 [ 753.644654][ T5821] ? find_held_lock+0x2b/0x80 [ 753.644690][ T5821] ? rcu_read_unlock+0x17/0x60 [ 753.644728][ T5821] ? rcu_read_unlock+0x17/0x60 [ 753.644770][ T5821] charge_memcg+0xa6/0x280 [ 753.644807][ T5821] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 753.644839][ T5821] __swap_cache_prepare_and_add+0x528/0x9e0 [ 753.644886][ T5821] ? __pfx___swap_cache_prepare_and_add+0x10/0x10 [ 753.644917][ T5821] ? __pfx_swap_entry_swapped+0x10/0x10 [ 753.644964][ T5821] swap_cache_alloc_folio+0x1cb/0x300 [ 753.644998][ T5821] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 753.645044][ T5821] swap_cluster_readahead+0x411/0x770 [ 753.645075][ T5821] ? __pfx___xa_erase+0x10/0x10 [ 753.645123][ T5821] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 753.645158][ T5821] ? __swap_cache_clear_shadow+0x2fc/0x3d0 [ 753.645197][ T5821] ? __lock_acquire+0x4a5/0x2630 [ 753.645229][ T5821] ? get_vma_policy+0x23f/0x3b0 [ 753.645274][ T5821] swapin_readahead+0x160/0x12c0 [ 753.645312][ T5821] ? __pfx_swapin_readahead+0x10/0x10 [ 753.645339][ T5821] ? find_held_lock+0x2b/0x80 [ 753.645373][ T5821] ? swap_table_get+0x103/0x2c0 [ 753.645397][ T5821] ? swap_table_get+0x103/0x2c0 [ 753.645428][ T5821] ? swap_table_get+0x10d/0x2c0 [ 753.645454][ T5821] ? swap_cache_get_folio+0x1ae/0x600 [ 753.645483][ T5821] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 753.645508][ T5821] ? __pfx_get_swap_device+0x10/0x10 [ 753.645547][ T5821] ? do_swap_page+0xb2e/0x68e0 [ 753.645572][ T5821] do_swap_page+0xb2e/0x68e0 [ 753.645615][ T5821] ? __pfx_do_swap_page+0x10/0x10 [ 753.645642][ T5821] ? __free_object+0x2a8/0x400 [ 753.645667][ T5821] ? lockdep_hardirqs_on+0x78/0x100 [ 753.645703][ T5821] ? rcu_is_watching+0x12/0xc0 [ 753.645736][ T5821] ? __pte_offset_map+0x179/0x310 [ 753.645773][ T5821] __handle_mm_fault+0x18c1/0x2b60 [ 753.645807][ T5821] ? reacquire_held_locks+0xce/0x1e0 [ 753.645835][ T5821] ? __pfx___handle_mm_fault+0x10/0x10 [ 753.645868][ T5821] ? lock_vma_under_rcu+0x17c/0x590 [ 753.645914][ T5821] handle_mm_fault+0x36d/0xa20 [ 753.645948][ T5821] do_user_addr_fault+0x5a3/0x12f0 [ 753.645992][ T5821] exc_page_fault+0x6f/0xd0 [ 753.646025][ T5821] asm_exc_page_fault+0x26/0x30 [ 753.646049][ T5821] RIP: 0033:0x7fc5c9f5c84e [ 753.646069][ T5821] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 753.646092][ T5821] RSP: 002b:00007ffd2bf67bf8 EFLAGS: 00010246 [ 753.646112][ T5821] RAX: 0000000000000000 RBX: 0000555558d18500 RCX: 00007fc5c9f5c84e [ 753.646128][ T5821] RDX: 00007ffd2bf67c50 RSI: 0000000000000000 RDI: 0000000000000000 [ 753.646142][ T5821] RBP: 00007ffd2bf67cbc R08: 0000000000000000 R09: 0000000000000000 [ 753.646156][ T5821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388 [ 753.646171][ T5821] R13: 00000000000927c0 R14: 00000000000b73bf R15: 00007ffd2bf67d10 [ 753.646203][ T5821] [ 753.646218][ T5821] memory: usage 3072kB, limit 3072kB, failcnt 248933 [ 754.268874][ T5821] memory+swap: usage 87720kB, limit 9007199254740988kB, failcnt 0 [ 754.365841][ T5821] kmem: usage 2328kB, limit 9007199254740988kB, failcnt 0 [ 754.497748][T10661] Bluetooth: hci6: Malformed Event: 0x02 [ 754.687331][ T5821] Memory cgroup stats for /syz2: [ 754.687506][ T5821] cache 0 [ 754.786656][ T5821] rss 0 [ 754.857409][ T5821] rss_huge 0 [ 755.071179][ T5821] shmem 0 [ 755.165699][ T5821] mapped_file 0 [ 755.169286][ T5821] dirty 0 [ 755.217302][ T5821] writeback 0 [ 755.264840][ T5821] workingset_refault_anon 36671 [ 755.299227][ T5821] workingset_refault_file 65435 [ 755.331993][ T5821] swap 86679552 [ 755.374058][ T5821] swapcached 1003069440 [ 755.420893][ T5821] pgpgin 530810 [ 755.465622][ T5821] pgpgout 538926 [ 755.488152][ T5821] pgfault 437671 [ 755.691700][ T5821] pgmajfault 14826 [ 755.695469][ T5821] inactive_anon 167936 [ 755.699539][ T5821] active_anon 462848 [ 755.770327][ T5821] inactive_file 0 [ 755.774020][ T5821] active_file 0 [ 755.777489][ T5821] unevictable 0 [ 755.812191][ T5821] hierarchical_memory_limit 3145728 [ 755.817433][ T5821] hierarchical_memsw_limit 9223372036854771712 [ 755.861315][ T5821] total_cache 0 [ 755.864877][ T5821] total_rss 0 [ 755.881085][ T5821] total_rss_huge 0 [ 755.884847][ T5821] total_shmem 0 [ 755.888308][ T5821] total_mapped_file 0 [ 755.917441][ T5821] total_dirty 0 [ 755.926964][ T5821] total_writeback 0 [ 755.940348][ T5821] total_workingset_refault_anon 36671 [ 755.945894][ T5821] total_workingset_refault_file 65435 [ 755.987913][ T5821] total_swap 86679552 [ 756.003530][ T5821] total_swapcached 1003069440 [ 756.008230][ T5821] total_pgpgin 530810 [ 756.047043][ T5821] total_pgpgout 538926 [ 756.061127][ T5821] total_pgfault 437671 [ 756.087857][ T5821] total_pgmajfault 14826 [ 756.099663][ T5821] total_inactive_anon 167936 [ 756.110475][ T5821] total_active_anon 462848 [ 756.120568][ T5821] total_inactive_file 0 [ 756.124749][ T5821] total_active_file 0 [ 756.141908][ T5821] total_unevictable 0 [ 756.156635][ T5821] anon_cost 23 [ 756.160021][ T5821] file_cost 0 [ 756.184319][ T5821] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2478,pid=17084,uid=0 [ 756.242409][ T5821] Memory cgroup out of memory: Killed process 17084 (syz.2.2478) total-vm:135384kB, anon-rss:1232kB, file-rss:47676kB, shmem-rss:0kB, UID:0 pgtables:280kB oom_score_adj:1000 [ 756.799550][ T30] audit: type=1804 audit(4294967340.743:26): pid=18001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2670" name="/newroot/357/file0" dev="tmpfs" ino=1875 res=1 errno=0 [ 758.353739][ T32] oom_reaper: reaped process 17084 (syz.2.2478), now anon-rss:0kB, file-rss:23352kB, shmem-rss:0kB [ 758.793003][T18046] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2679'. [ 759.526349][T17993] Process accounting paused [ 760.963911][T18076] FAULT_INJECTION: forcing a failure. [ 760.963911][T18076] name failslab, interval 1, probability 0, space 0, times 0 [ 761.057133][T18076] CPU: 0 UID: 0 PID: 18076 Comm: syz.4.2686 Tainted: G L syzkaller #0 PREEMPT(full) [ 761.057178][T18076] Tainted: [L]=SOFTLOCKUP [ 761.057189][T18076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 761.057205][T18076] Call Trace: [ 761.057214][T18076] [ 761.057225][T18076] dump_stack_lvl+0x100/0x190 [ 761.057269][T18076] should_fail_ex.cold+0x5/0xa [ 761.057299][T18076] should_failslab+0xc2/0x120 [ 761.057336][T18076] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 761.057367][T18076] ? sk_prot_alloc+0x60/0x2a0 [ 761.057407][T18076] sk_prot_alloc+0x60/0x2a0 [ 761.057435][T18076] sk_alloc+0x36/0xe80 [ 761.057470][T18076] inet6_create+0x385/0x12b0 [ 761.057509][T18076] ? inet6_create+0x7f/0x12b0 [ 761.057548][T18076] __sock_create+0x339/0x860 [ 761.057583][T18076] __sys_socket+0x14d/0x260 [ 761.057617][T18076] ? __pfx___sys_socket+0x10/0x10 [ 761.057656][T18076] __x64_sys_socket+0x72/0xb0 [ 761.057685][T18076] ? lockdep_hardirqs_on+0x78/0x100 [ 761.057723][T18076] do_syscall_64+0x106/0xf80 [ 761.057759][T18076] ? clear_bhb_loop+0x40/0x90 [ 761.057790][T18076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 761.057815][T18076] RIP: 0033:0x7fbd9e99bf79 [ 761.057836][T18076] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 761.057861][T18076] RSP: 002b:00007fbd9f7f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 761.057885][T18076] RAX: ffffffffffffffda RBX: 00007fbd9ec16090 RCX: 00007fbd9e99bf79 [ 761.057902][T18076] RDX: 0000000000000084 RSI: 0000000000000801 RDI: 000000000000000a [ 761.057918][T18076] RBP: 00007fbd9ea327e0 R08: 0000000000000000 R09: 0000000000000000 [ 761.057934][T18076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 761.057950][T18076] R13: 00007fbd9ec16128 R14: 00007fbd9ec16090 R15: 00007fff9ce804f8 [ 761.057984][T18076] [ 761.695885][T18091] FAULT_INJECTION: forcing a failure. [ 761.695885][T18091] name fail_futex, interval 1, probability 0, space 0, times 0 [ 761.709305][T18091] CPU: 1 UID: 0 PID: 18091 Comm: syz.0.2689 Tainted: G L syzkaller #0 PREEMPT(full) [ 761.709337][T18091] Tainted: [L]=SOFTLOCKUP [ 761.709343][T18091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 761.709352][T18091] Call Trace: [ 761.709358][T18091] [ 761.709364][T18091] dump_stack_lvl+0x100/0x190 [ 761.709390][T18091] should_fail_ex.cold+0x5/0xa [ 761.709405][T18091] ? tomoyo_path_number_perm+0x46d/0x580 [ 761.709427][T18091] get_futex_key+0x1d2/0x1620 [ 761.709446][T18091] ? __pfx_get_futex_key+0x10/0x10 [ 761.709469][T18091] futex_wake+0xea/0x530 [ 761.709491][T18091] ? __pfx_futex_wake+0x10/0x10 [ 761.709510][T18091] ? __pfx_sock_do_ioctl+0x10/0x10 [ 761.709533][T18091] do_futex+0x32b/0x350 [ 761.709550][T18091] ? __pfx_do_futex+0x10/0x10 [ 761.709568][T18091] ? sock_ioctl+0x2dc/0x6b0 [ 761.709595][T18091] __x64_sys_futex+0x34f/0x4d0 [ 761.709614][T18091] ? __fget_files+0x21f/0x3d0 [ 761.709635][T18091] ? __pfx___x64_sys_futex+0x10/0x10 [ 761.709661][T18091] do_syscall_64+0x106/0xf80 [ 761.709682][T18091] ? clear_bhb_loop+0x40/0x90 [ 761.709700][T18091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 761.709716][T18091] RIP: 0033:0x7f842799bf79 [ 761.709730][T18091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 761.709745][T18091] RSP: 002b:00007f84288d30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 761.709760][T18091] RAX: ffffffffffffffda RBX: 00007f8427c15fa8 RCX: 00007f842799bf79 [ 761.709770][T18091] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8427c15fac [ 761.709779][T18091] RBP: 00007f8427c15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 761.709788][T18091] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 761.709797][T18091] R13: 00007f8427c16038 R14: 00007ffcbf396790 R15: 00007ffcbf396878 [ 761.709818][T18091] [ 762.043612][T10661] Bluetooth: hci0: unexpected subevent 0x0c length: 118 > 5 [ 762.106047][T18100] Setting dangerous option i915.mitigations - tainting kernel [ 762.118983][T18100] Bad "i915.mitigations=CmâUQF\ ", 'CmâUQF\' is unknown [ 762.381752][T18104] zswap: compressor not available [ 762.548084][T18112] Invalid ELF header magic: != ELF [ 764.287750][T18160] FAULT_INJECTION: forcing a failure. [ 764.287750][T18160] name failslab, interval 1, probability 0, space 0, times 0 [ 764.313592][T18160] CPU: 0 UID: 0 PID: 18160 Comm: syz.0.2703 Tainted: G U L syzkaller #0 PREEMPT(full) [ 764.313634][T18160] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 764.313645][T18160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 764.313662][T18160] Call Trace: [ 764.313675][T18160] [ 764.313686][T18160] dump_stack_lvl+0x100/0x190 [ 764.313727][T18160] should_fail_ex.cold+0x5/0xa [ 764.313758][T18160] should_failslab+0xc2/0x120 [ 764.313796][T18160] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 764.313828][T18160] ? ptlock_alloc+0x1f/0x70 [ 764.313863][T18160] ? __pfx_filemap_map_pages+0x10/0x10 [ 764.313895][T18160] ptlock_alloc+0x1f/0x70 [ 764.313923][T18160] pte_alloc_one+0x84/0x3e0 [ 764.313952][T18160] __do_fault+0x359/0x550 [ 764.313992][T18160] ? __pfx_filemap_map_pages+0x10/0x10 [ 764.314023][T18160] do_fault+0x2db/0x1a00 [ 764.314047][T18160] ? __pmd_alloc+0x6aa/0x9c0 [ 764.314075][T18160] __handle_mm_fault+0x180f/0x2b60 [ 764.314117][T18160] ? mt_find+0x45e/0x8e0 [ 764.314158][T18160] ? __pfx___handle_mm_fault+0x10/0x10 [ 764.314185][T18160] ? __pfx_mt_find+0x10/0x10 [ 764.314244][T18160] ? find_vma+0xbf/0x140 [ 764.314278][T18160] ? __pfx_find_vma+0x10/0x10 [ 764.314318][T18160] handle_mm_fault+0x36d/0xa20 [ 764.314355][T18160] do_user_addr_fault+0x74c/0x12f0 [ 764.314404][T18160] exc_page_fault+0x6f/0xd0 [ 764.314441][T18160] asm_exc_page_fault+0x26/0x30 [ 764.314466][T18160] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 764.314496][T18160] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 8f 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 764.314522][T18160] RSP: 0018:ffffc900050d7b08 EFLAGS: 00050202 [ 764.314544][T18160] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000004d [ 764.314560][T18160] RDX: 0000000000000001 RSI: ffff88807b8ee000 RDI: 0000000000000000 [ 764.314577][T18160] RBP: ffffc900050d7d78 R08: 0000000000000000 R09: ffffed100f71dc09 [ 764.314593][T18160] R10: ffff88807b8ee04c R11: 0000000000000000 R12: 000000000000004d [ 764.314610][T18160] R13: 00007ffffffff000 R14: ffff88807b8ee000 R15: 000000000000004d [ 764.314646][T18160] _copy_to_iter+0x391/0x1720 [ 764.314679][T18160] ? __mutex_unlock_slowpath+0x15c/0x790 [ 764.314720][T18160] ? __pfx_seq_printf+0x10/0x10 [ 764.314752][T18160] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 764.314791][T18160] ? __pfx__copy_to_iter+0x10/0x10 [ 764.314825][T18160] ? xt_mttg_seq_next.isra.0+0x1ed/0x4b0 [ 764.314857][T18160] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 764.314904][T18160] seq_read_iter+0xdab/0x1270 [ 764.314953][T18160] proc_reg_read_iter+0x220/0x310 [ 764.314984][T18160] ? __pfx_proc_reg_read_iter+0x10/0x10 [ 764.315017][T18160] vfs_read+0x825/0xb30 [ 764.315055][T18160] ? __pfx_vfs_read+0x10/0x10 [ 764.315104][T18160] ? find_held_lock+0x2b/0x80 [ 764.315166][T18160] __x64_sys_pread64+0x1eb/0x250 [ 764.315203][T18160] ? __pfx___x64_sys_pread64+0x10/0x10 [ 764.315250][T18160] do_syscall_64+0x106/0xf80 [ 764.315284][T18160] ? clear_bhb_loop+0x40/0x90 [ 764.315315][T18160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 764.315341][T18160] RIP: 0033:0x7f842799bf79 [ 764.315362][T18160] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 764.315387][T18160] RSP: 002b:00007f84288d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 764.315410][T18160] RAX: ffffffffffffffda RBX: 00007f8427c15fa0 RCX: 00007f842799bf79 [ 764.315428][T18160] RDX: 0000600100000001 RSI: 0000000000000000 RDI: 0000000000000003 [ 764.315444][T18160] RBP: 00007f84288d3090 R08: 0000000000000000 R09: 0000000000000000 [ 764.315461][T18160] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 764.315477][T18160] R13: 00007f8427c16038 R14: 00007f8427c15fa0 R15: 00007ffcbf396878 [ 764.315514][T18160] [ 765.753370][T18169] sd 0:0:1:0: PR command failed: 1026 [ 765.758922][T18169] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 765.771698][T18169] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 766.178522][ T30] audit: type=1800 audit(4295032841.835:27): pid=18182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2708" name="features" dev="configfs" ino=146540 res=0 errno=0 [ 766.367888][T18184] zswap: compressor not available [ 766.816357][T18194] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 766.860988][T18194] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 766.911721][T18194] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 768.058808][T18219] validate_nla: 1 callbacks suppressed [ 768.058822][T18219] netlink: 'syz.3.2716': attribute type 1 has an invalid length. [ 768.111807][T18219] netlink: 'syz.3.2716': attribute type 1 has an invalid length. [ 768.894110][T18232] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2720'. [ 768.920991][T18232] ipvlan1: entered promiscuous mode [ 768.985129][T18232] ipvlan1: entered allmulticast mode [ 768.990484][T18232] veth0_vlan: entered allmulticast mode [ 769.288026][T18245] bond0: invalid ARP target specified [ 769.707583][T18274] FAULT_INJECTION: forcing a failure. [ 769.707583][T18274] name failslab, interval 1, probability 0, space 0, times 0 [ 769.853440][T18274] CPU: 1 UID: 0 PID: 18274 Comm: syz.3.2727 Tainted: G U L syzkaller #0 PREEMPT(full) [ 769.853466][T18274] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 769.853471][T18274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 769.853480][T18274] Call Trace: [ 769.853485][T18274] [ 769.853491][T18274] dump_stack_lvl+0x100/0x190 [ 769.853516][T18274] should_fail_ex.cold+0x5/0xa [ 769.853533][T18274] should_failslab+0xc2/0x120 [ 769.853554][T18274] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 769.853572][T18274] ? sk_prot_alloc+0x60/0x2a0 [ 769.853591][T18274] sk_prot_alloc+0x60/0x2a0 [ 769.853606][T18274] sk_alloc+0x36/0xe80 [ 769.853625][T18274] inet_create+0x3a0/0x1060 [ 769.853643][T18274] ? inet_create+0x94/0x1060 [ 769.853671][T18274] __sock_create+0x339/0x860 [ 769.853690][T18274] __sys_socket+0x14d/0x260 [ 769.853708][T18274] ? __pfx___sys_socket+0x10/0x10 [ 769.853729][T18274] __x64_sys_socket+0x72/0xb0 [ 769.853744][T18274] ? lockdep_hardirqs_on+0x78/0x100 [ 769.853765][T18274] do_syscall_64+0x106/0xf80 [ 769.853785][T18274] ? clear_bhb_loop+0x40/0x90 [ 769.853802][T18274] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 769.853817][T18274] RIP: 0033:0x7fa6d259bf79 [ 769.853830][T18274] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 769.853844][T18274] RSP: 002b:00007fa6d33b6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 769.853858][T18274] RAX: ffffffffffffffda RBX: 00007fa6d2815fa0 RCX: 00007fa6d259bf79 [ 769.853868][T18274] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002 [ 769.853876][T18274] RBP: 00007fa6d26327e0 R08: 0000000000000000 R09: 0000000000000000 [ 769.853885][T18274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 769.853893][T18274] R13: 00007fa6d2816038 R14: 00007fa6d2815fa0 R15: 00007ffd113ab928 [ 769.853912][T18274] [ 770.093801][T18280] mkiss: ax0: crc mode is auto. [ 773.788580][T18371] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2740'. [ 775.903670][T18420] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 775.956620][T18420] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 776.031778][T18420] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 777.283262][T18454] FAULT_INJECTION: forcing a failure. [ 777.283262][T18454] name failslab, interval 1, probability 0, space 0, times 0 [ 777.671853][T18454] CPU: 0 UID: 0 PID: 18454 Comm: syz.3.2751 Tainted: G U L syzkaller #0 PREEMPT(full) [ 777.671903][T18454] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 777.671915][T18454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 777.671933][T18454] Call Trace: [ 777.671943][T18454] [ 777.671955][T18454] dump_stack_lvl+0x100/0x190 [ 777.672002][T18454] should_fail_ex.cold+0x5/0xa [ 777.672035][T18454] ? tomoyo_encode2+0xfb/0x3c0 [ 777.672085][T18454] should_failslab+0xc2/0x120 [ 777.672128][T18454] __kmalloc_noprof+0xe0/0x850 [ 777.672165][T18454] ? rcu_is_watching+0x12/0xc0 [ 777.672211][T18454] tomoyo_encode2+0xfb/0x3c0 [ 777.672259][T18454] tomoyo_encode+0x29/0x50 [ 777.672299][T18454] tomoyo_realpath_from_path+0x18c/0x690 [ 777.672351][T18454] tomoyo_check_open_permission+0x2af/0x3c0 [ 777.672391][T18454] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 777.672466][T18454] ? do_raw_spin_lock+0x128/0x260 [ 777.672506][T18454] ? path_get+0x61/0x80 [ 777.672553][T18454] tomoyo_file_open+0x6b/0x90 [ 777.672585][T18454] security_file_open+0xb5/0x1e0 [ 777.672626][T18454] do_dentry_open+0x5aa/0x1660 [ 777.672669][T18454] ? security_inode_permission+0xbf/0x250 [ 777.672714][T18454] vfs_open+0x82/0x3f0 [ 777.672748][T18454] path_openat+0x208c/0x31a0 [ 777.672802][T18454] ? __pfx_path_openat+0x10/0x10 [ 777.672852][T18454] do_file_open+0x20e/0x430 [ 777.672893][T18454] ? __pfx_do_file_open+0x10/0x10 [ 777.672958][T18454] ? alloc_fd+0x476/0x790 [ 777.673001][T18454] ? do_getname+0x191/0x390 [ 777.673035][T18454] do_sys_openat2+0x10d/0x1e0 [ 777.673073][T18454] ? __pfx_do_sys_openat2+0x10/0x10 [ 777.673107][T18454] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 777.673162][T18454] __x64_sys_openat+0x12d/0x210 [ 777.673194][T18454] ? __pfx___x64_sys_openat+0x10/0x10 [ 777.673238][T18454] do_syscall_64+0x106/0xf80 [ 777.673274][T18454] ? clear_bhb_loop+0x40/0x90 [ 777.673309][T18454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 777.673338][T18454] RIP: 0033:0x7fa6d259bf79 [ 777.673363][T18454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 777.673390][T18454] RSP: 002b:00007fa6d33b6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 777.673418][T18454] RAX: ffffffffffffffda RBX: 00007fa6d2815fa0 RCX: 00007fa6d259bf79 [ 777.673437][T18454] RDX: 0000000000000100 RSI: 0000200000000200 RDI: ffffffffffffff9c [ 777.673456][T18454] RBP: 00007fa6d26327e0 R08: 0000000000000000 R09: 0000000000000000 [ 777.673474][T18454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 777.673491][T18454] R13: 00007fa6d2816038 R14: 00007fa6d2815fa0 R15: 00007ffd113ab928 [ 777.673530][T18454] [ 777.674102][T18454] ERROR: Out of memory at tomoyo_realpath_from_path. [ 778.348110][T18472] netlink: Unknown conntrack attr (type=23, max=9) [ 778.528367][T18475] netlink: 'syz.4.2753': attribute type 1 has an invalid length. [ 779.496712][T18489] smpboot: CPU 1 is now offline [ 780.649205][T18507] FAULT_INJECTION: forcing a failure. [ 780.649205][T18507] name fail_futex, interval 1, probability 0, space 0, times 0 [ 780.821337][T18507] CPU: 0 UID: 0 PID: 18507 Comm: syz.4.2759 Tainted: G U L syzkaller #0 PREEMPT(full) [ 780.821366][T18507] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 780.821372][T18507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 780.821382][T18507] Call Trace: [ 780.821387][T18507] [ 780.821394][T18507] dump_stack_lvl+0x100/0x190 [ 780.821421][T18507] should_fail_ex.cold+0x5/0xa [ 780.821439][T18507] get_futex_key+0x1d2/0x1620 [ 780.821459][T18507] ? __pfx_get_futex_key+0x10/0x10 [ 780.821477][T18507] ? blk_finish_plug+0x83/0xa0 [ 780.821501][T18507] ? madvise_do_behavior+0x1fc/0x510 [ 780.821518][T18507] futex_wake+0xea/0x530 [ 780.821538][T18507] ? __pfx___up_read+0x10/0x10 [ 780.821560][T18507] ? madvise_unlock+0x172/0x220 [ 780.821581][T18507] ? __pfx_futex_wake+0x10/0x10 [ 780.821604][T18507] ? madvise_unlock+0xa9/0x220 [ 780.821629][T18507] do_futex+0x32b/0x350 [ 780.821648][T18507] ? __pfx_do_futex+0x10/0x10 [ 780.821666][T18507] ? find_held_lock+0x2b/0x80 [ 780.821690][T18507] __x64_sys_futex+0x34f/0x4d0 [ 780.821710][T18507] ? __pfx___x64_sys_futex+0x10/0x10 [ 780.821735][T18507] do_syscall_64+0x106/0xf80 [ 780.821755][T18507] ? clear_bhb_loop+0x40/0x90 [ 780.821774][T18507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 780.821790][T18507] RIP: 0033:0x7fbd9e99bf79 [ 780.821803][T18507] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 780.821818][T18507] RSP: 002b:00007fbd9f7f90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 780.821833][T18507] RAX: ffffffffffffffda RBX: 00007fbd9ec16098 RCX: 00007fbd9e99bf79 [ 780.821843][T18507] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fbd9ec1609c [ 780.821853][T18507] RBP: 00007fbd9ec16090 R08: 0000000000000000 R09: 0000000000000000 [ 780.821862][T18507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 780.821878][T18507] R13: 00007fbd9ec16128 R14: 00007fff9ce80410 R15: 00007fff9ce804f8 [ 780.821899][T18507] [ 782.593239][T18537] misc userio: Invalid payload size [ 782.894835][T18540] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2768'. [ 782.954776][T18540] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2768'. [ 782.998497][T18540] IPv6: NLM_F_REPLACE set, but no existing node found! [ 783.424034][T18554] ovs_: entered promiscuous mode [ 783.472743][T18547] zswap: compressor not available [ 783.954782][T18559] Process accounting resumed [ 784.741886][T18586] FAULT_INJECTION: forcing a failure. [ 784.741886][T18586] name failslab, interval 1, probability 0, space 0, times 0 [ 784.829318][T18586] CPU: 0 UID: 0 PID: 18586 Comm: syz.0.2780 Tainted: G U L syzkaller #0 PREEMPT(full) [ 784.829347][T18586] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 784.829353][T18586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 784.829362][T18586] Call Trace: [ 784.829369][T18586] [ 784.829375][T18586] dump_stack_lvl+0x100/0x190 [ 784.829402][T18586] should_fail_ex.cold+0x5/0xa [ 784.829421][T18586] should_failslab+0xc2/0x120 [ 784.829444][T18586] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 784.829462][T18586] ? __pmd_alloc+0xbf/0x9c0 [ 784.829480][T18586] __pmd_alloc+0xbf/0x9c0 [ 784.829496][T18586] __handle_mm_fault+0xa99/0x2b60 [ 784.829526][T18586] ? mt_find+0x45e/0x8e0 [ 784.829551][T18586] ? __pfx___handle_mm_fault+0x10/0x10 [ 784.829567][T18586] ? __pfx_mt_find+0x10/0x10 [ 784.829605][T18586] handle_mm_fault+0x36d/0xa20 [ 784.829625][T18586] __get_user_pages+0xf9c/0x34d0 [ 784.829656][T18586] ? __pfx___get_user_pages+0x10/0x10 [ 784.829684][T18586] populate_vma_page_range+0x267/0x3f0 [ 784.829700][T18586] ? __pfx_populate_vma_page_range+0x10/0x10 [ 784.829715][T18586] ? __pfx_find_vma_intersection+0x10/0x10 [ 784.829738][T18586] ? do_mmap+0x93f/0x12f0 [ 784.829761][T18586] __mm_populate+0x107/0x3a0 [ 784.829777][T18586] ? __pfx___mm_populate+0x10/0x10 [ 784.829793][T18586] ? up_write+0x290/0x4f0 [ 784.829815][T18586] vm_mmap_pgoff+0x37f/0x470 [ 784.829841][T18586] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 784.829868][T18586] ? __x64_sys_futex+0x34f/0x4d0 [ 784.829885][T18586] ? __x64_sys_futex+0x358/0x4d0 [ 784.829904][T18586] ksys_mmap_pgoff+0x7d/0x5b0 [ 784.829929][T18586] __x64_sys_mmap+0x125/0x190 [ 784.829953][T18586] do_syscall_64+0x106/0xf80 [ 784.829973][T18586] ? clear_bhb_loop+0x40/0x90 [ 784.829992][T18586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 784.830007][T18586] RIP: 0033:0x7f842799bf79 [ 784.830021][T18586] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 784.830036][T18586] RSP: 002b:00007f84288d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 784.830051][T18586] RAX: ffffffffffffffda RBX: 00007f8427c15fa0 RCX: 00007f842799bf79 [ 784.830062][T18586] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 784.830071][T18586] RBP: 00007f8427a327e0 R08: 0000000000000002 R09: 0000040000008000 [ 784.830081][T18586] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 784.830090][T18586] R13: 00007f8427c16038 R14: 00007f8427c15fa0 R15: 00007ffcbf396878 [ 784.830111][T18586] [ 788.211530][T18647] zswap: compressor not available [ 788.371316][ T5821] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 788.426235][ T5821] CPU: 0 UID: 0 PID: 5821 Comm: syz-executor Tainted: G U L syzkaller #0 PREEMPT(full) [ 788.426261][ T5821] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 788.426267][ T5821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 788.426276][ T5821] Call Trace: [ 788.426285][ T5821] [ 788.426291][ T5821] dump_stack_lvl+0x100/0x190 [ 788.426317][ T5821] dump_header+0xfb/0x606 [ 788.426334][ T5821] oom_kill_process.cold+0xd/0x330 [ 788.426351][ T5821] out_of_memory+0x340/0x14f0 [ 788.426374][ T5821] ? __pfx_out_of_memory+0x10/0x10 [ 788.426398][ T5821] mem_cgroup_out_of_memory+0xc6/0x130 [ 788.426415][ T5821] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 788.426430][ T5821] ? find_held_lock+0x2b/0x80 [ 788.426456][ T5821] ? do_raw_spin_unlock+0x145/0x1e0 [ 788.426476][ T5821] ? _raw_spin_unlock+0x28/0x50 [ 788.426496][ T5821] try_charge_memcg+0x652/0xc90 [ 788.426522][ T5821] ? __pfx_try_charge_memcg+0x10/0x10 [ 788.426547][ T5821] ? find_held_lock+0x2b/0x80 [ 788.426567][ T5821] ? rcu_read_unlock+0x17/0x60 [ 788.426588][ T5821] ? rcu_read_unlock+0x17/0x60 [ 788.426611][ T5821] charge_memcg+0xa6/0x280 [ 788.426632][ T5821] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 788.426649][ T5821] __swap_cache_prepare_and_add+0x528/0x9e0 [ 788.426678][ T5821] ? __pfx___swap_cache_prepare_and_add+0x10/0x10 [ 788.426695][ T5821] ? __pfx_swap_entry_swapped+0x10/0x10 [ 788.426721][ T5821] swap_cache_alloc_folio+0x1cb/0x300 [ 788.426740][ T5821] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 788.426758][ T5821] ? lockdep_hardirqs_on+0x78/0x100 [ 788.426778][ T5821] ? finish_task_switch.isra.0+0x205/0xb80 [ 788.426796][ T5821] swap_cluster_readahead+0x53b/0x770 [ 788.426818][ T5821] ? __lock_acquire+0x4a5/0x2630 [ 788.426836][ T5821] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 788.426862][ T5821] ? __lock_acquire+0x4a5/0x2630 [ 788.426881][ T5821] ? get_vma_policy+0x23f/0x3b0 [ 788.426904][ T5821] swapin_readahead+0x160/0x12c0 [ 788.426928][ T5821] ? __pfx_swapin_readahead+0x10/0x10 [ 788.426944][ T5821] ? find_held_lock+0x2b/0x80 [ 788.426964][ T5821] ? swap_table_get+0x103/0x2c0 [ 788.426979][ T5821] ? swap_table_get+0x103/0x2c0 [ 788.426998][ T5821] ? swap_table_get+0x10d/0x2c0 [ 788.427014][ T5821] ? swap_cache_get_folio+0x1ae/0x600 [ 788.427031][ T5821] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 788.427046][ T5821] ? __pfx_get_swap_device+0x10/0x10 [ 788.427070][ T5821] ? do_swap_page+0xb2e/0x68e0 [ 788.427085][ T5821] do_swap_page+0xb2e/0x68e0 [ 788.427111][ T5821] ? __pfx_do_swap_page+0x10/0x10 [ 788.427128][ T5821] ? __free_object+0x2a8/0x400 [ 788.427143][ T5821] ? lockdep_hardirqs_on+0x78/0x100 [ 788.427164][ T5821] ? rcu_is_watching+0x12/0xc0 [ 788.427185][ T5821] ? __pte_offset_map+0x179/0x310 [ 788.427208][ T5821] __handle_mm_fault+0x18c1/0x2b60 [ 788.427233][ T5821] ? reacquire_held_locks+0xce/0x1e0 [ 788.427250][ T5821] ? __pfx___handle_mm_fault+0x10/0x10 [ 788.427270][ T5821] ? lock_vma_under_rcu+0x17c/0x590 [ 788.427298][ T5821] handle_mm_fault+0x36d/0xa20 [ 788.427319][ T5821] do_user_addr_fault+0x5a3/0x12f0 [ 788.427347][ T5821] exc_page_fault+0x6f/0xd0 [ 788.427367][ T5821] asm_exc_page_fault+0x26/0x30 [ 788.427382][ T5821] RIP: 0033:0x7fc5c9f5c84e [ 788.427395][ T5821] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 788.427408][ T5821] RSP: 002b:00007ffd2bf67bf8 EFLAGS: 00010246 [ 788.427421][ T5821] RAX: 0000000000000000 RBX: 0000555558d18500 RCX: 00007fc5c9f5c84e [ 788.427430][ T5821] RDX: 00007ffd2bf67c50 RSI: 0000000000000000 RDI: 0000000000000000 [ 788.427439][ T5821] RBP: 00007ffd2bf67cbc R08: 0000000000000000 R09: 0000000000000000 [ 788.427447][ T5821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388 [ 788.427456][ T5821] R13: 00000000000927c0 R14: 00000000000c056e R15: 00007ffd2bf67d10 [ 788.427475][ T5821] [ 789.204738][ T5821] memory: usage 3072kB, limit 3072kB, failcnt 259439 [ 789.211449][ T5821] memory+swap: usage 15592kB, limit 9007199254740988kB, failcnt 0 [ 789.231583][ T5821] kmem: usage 2804kB, limit 9007199254740988kB, failcnt 0 [ 789.238684][ T5821] Memory cgroup stats for /syz2: [ 789.238778][ T5821] cache 131072 [ 789.261597][ T5821] rss 0 [ 789.264357][ T5821] rss_huge 0 [ 789.267536][ T5821] shmem 131072 [ 789.270880][ T5821] mapped_file 131072 [ 789.291573][ T5821] dirty 0 [ 789.294506][ T5821] writeback 0 [ 789.297780][ T5821] workingset_refault_anon 38569 [ 789.311595][ T5821] workingset_refault_file 65438 [ 789.316433][ T5821] swap 12820480 [ 789.319866][ T5821] swapcached 1057263616 [ 789.341586][ T5821] pgpgin 549405 [ 789.345054][ T5821] pgpgout 558027 [ 789.349150][ T5821] pgfault 456702 [ 789.361593][ T5821] pgmajfault 15439 [ 789.365295][ T5821] inactive_anon 24576 [ 789.369252][ T5821] active_anon 0 [ 789.387979][T18650] zswap: compressor not available [ 789.401591][ T5821] inactive_file 0 [ 789.405214][ T5821] active_file 0 [ 789.409408][ T5821] unevictable 131072 [ 789.421604][ T5821] hierarchical_memory_limit 3145728 [ 789.441590][ T5821] hierarchical_memsw_limit 9223372036854771712 [ 789.447741][ T5821] total_cache 131072 [ 789.472561][ T5821] total_rss 0 [ 789.475842][ T5821] total_rss_huge 0 [ 789.491708][ T5821] total_shmem 131072 [ 789.495609][ T5821] total_mapped_file 131072 [ 789.499998][ T5821] total_dirty 0 [ 789.532698][ T5821] total_writeback 0 [ 789.536502][ T5821] total_workingset_refault_anon 38569 [ 789.567891][ T5821] total_workingset_refault_file 65438 [ 789.581863][ T5821] total_swap 12820480 [ 789.585830][ T5821] total_swapcached 1057263616 [ 789.590486][ T5821] total_pgpgin 549405 [ 789.639059][ T5821] total_pgpgout 558027 [ 789.648722][ T5821] total_pgfault 456702 [ 789.673499][ T5821] total_pgmajfault 15439 [ 789.687878][ T5821] total_inactive_anon 24576 [ 789.706591][ T5821] total_active_anon 0 [ 789.710575][ T5821] total_inactive_file 0 [ 789.741688][ T5821] total_active_file 0 [ 789.745684][ T5821] total_unevictable 131072 [ 789.750082][ T5821] anon_cost 18 [ 789.786286][ T5821] file_cost 0 [ 789.789576][ T5821] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.766,pid=9519,uid=0 [ 789.855250][ T5821] Memory cgroup out of memory: Killed process 9519 (syz.2.766) total-vm:164312kB, anon-rss:1228kB, file-rss:20868kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 789.991012][T18645] syz.2.2787 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 790.076062][T18645] CPU: 0 UID: 0 PID: 18645 Comm: syz.2.2787 Tainted: G U L syzkaller #0 PREEMPT(full) [ 790.076093][T18645] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 790.076099][T18645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 790.076108][T18645] Call Trace: [ 790.076114][T18645] [ 790.076120][T18645] dump_stack_lvl+0x100/0x190 [ 790.076147][T18645] dump_header+0xfb/0x606 [ 790.076164][T18645] oom_kill_process.cold+0xd/0x330 [ 790.076183][T18645] out_of_memory+0x340/0x14f0 [ 790.076207][T18645] ? __pfx_out_of_memory+0x10/0x10 [ 790.076231][T18645] mem_cgroup_out_of_memory+0xc6/0x130 [ 790.076249][T18645] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 790.076265][T18645] ? find_held_lock+0x2b/0x80 [ 790.076291][T18645] ? do_raw_spin_unlock+0x145/0x1e0 [ 790.076311][T18645] ? _raw_spin_unlock+0x28/0x50 [ 790.076332][T18645] try_charge_memcg+0x652/0xc90 [ 790.076358][T18645] ? __pfx_try_charge_memcg+0x10/0x10 [ 790.076380][T18645] ? find_held_lock+0x2b/0x80 [ 790.076400][T18645] ? rcu_read_unlock+0x17/0x60 [ 790.076422][T18645] ? rcu_read_unlock+0x17/0x60 [ 790.076450][T18645] charge_memcg+0xa6/0x280 [ 790.076472][T18645] __mem_cgroup_charge+0x2b/0x1e0 [ 790.076488][T18645] shmem_alloc_and_add_folio+0x451/0xd40 [ 790.076513][T18645] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 790.076534][T18645] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 790.076558][T18645] shmem_get_folio_gfp+0x6ab/0x1900 [ 790.076582][T18645] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 790.076602][T18645] ? filemap_map_pages+0x9e0/0x2170 [ 790.076625][T18645] shmem_fault+0x1f9/0xa20 [ 790.076645][T18645] ? __pfx_shmem_fault+0x10/0x10 [ 790.076668][T18645] ? __pfx_filemap_map_pages+0x10/0x10 [ 790.076692][T18645] __do_fault+0x10d/0x550 [ 790.076715][T18645] do_fault+0xaf9/0x1a00 [ 790.076732][T18645] __handle_mm_fault+0x180f/0x2b60 [ 790.076755][T18645] ? __pfx___handle_mm_fault+0x10/0x10 [ 790.076773][T18645] ? pte_offset_map_lock+0x174/0x320 [ 790.076794][T18645] ? find_held_lock+0x2b/0x80 [ 790.076826][T18645] ? follow_page_pte+0x5b3/0x1400 [ 790.076853][T18645] handle_mm_fault+0x36d/0xa20 [ 790.076873][T18645] __get_user_pages+0xf9c/0x34d0 [ 790.076903][T18645] ? __pfx___get_user_pages+0x10/0x10 [ 790.076932][T18645] populate_vma_page_range+0x267/0x3f0 [ 790.076949][T18645] ? __pfx_populate_vma_page_range+0x10/0x10 [ 790.076964][T18645] ? __pfx_find_vma_intersection+0x10/0x10 [ 790.076986][T18645] ? __pfx_apply_vma_lock_flags+0x10/0x10 [ 790.077008][T18645] __mm_populate+0x107/0x3a0 [ 790.077024][T18645] ? __pfx___mm_populate+0x10/0x10 [ 790.077040][T18645] ? up_write+0x290/0x4f0 [ 790.077062][T18645] do_mlock+0x3f0/0x7f0 [ 790.077082][T18645] ? __pfx_do_mlock+0x10/0x10 [ 790.077105][T18645] ? count_memcg_events_mm.constprop.0+0x109/0x2a0 [ 790.077127][T18645] ? find_held_lock+0x2b/0x80 [ 790.077147][T18645] ? exc_page_fault+0x6f/0xd0 [ 790.077167][T18645] ? exc_page_fault+0x6f/0xd0 [ 790.077190][T18645] ? do_user_addr_fault+0x8d6/0x12f0 [ 790.077222][T18645] __x64_sys_mlock+0x59/0x80 [ 790.077240][T18645] do_syscall_64+0x106/0xf80 [ 790.077261][T18645] ? clear_bhb_loop+0x40/0x90 [ 790.077279][T18645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 790.077294][T18645] RIP: 0033:0x7fc5c9f9bf79 [ 790.077307][T18645] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 790.077322][T18645] RSP: 002b:00007fc5cae21028 EFLAGS: 00000246 ORIG_RAX: 0000000000000095 [ 790.077337][T18645] RAX: ffffffffffffffda RBX: 00007fc5ca216090 RCX: 00007fc5c9f9bf79 [ 790.077347][T18645] RDX: 0000000000000000 RSI: 0000000000080006 RDI: 0000000000000112 [ 790.077356][T18645] RBP: 00007fc5ca0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 790.077365][T18645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 790.077374][T18645] R13: 00007fc5ca216128 R14: 00007fc5ca216090 R15: 00007ffd2bf67918 [ 790.077395][T18645] [ 790.077416][T18645] memory: usage 3072kB, limit 3072kB, failcnt 259477 [ 790.538383][T18660] Process accounting resumed [ 790.616359][T18682] syz_tun: tun_chr_ioctl cmd 1074025688 [ 791.595888][T18700] zswap: compressor not available [ 792.101827][T18645] memory+swap: usage 15528kB, limit 9007199254740988kB, failcnt 0 [ 792.109659][T18645] kmem: usage 2612kB, limit 9007199254740988kB, failcnt 0 [ 792.201006][T18645] Memory cgroup stats for /syz2: [ 792.201184][T18645] cache 413696 [ 792.228241][T18645] rss 0 [ 792.241805][T18645] rss_huge 0 [ 792.248291][T18721] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2808'. [ 792.268224][T18645] shmem 413696 [ 792.291810][T18645] mapped_file 413696 [ 792.303120][T18645] dirty 0 [ 792.313819][T18645] writeback 0 [ 792.336612][T18645] workingset_refault_anon 38569 [ 792.373114][T18645] workingset_refault_file 65438 [ 792.393829][T18645] swap 12754944 [ 792.397287][T18645] swapcached 1057177600 [ 792.401415][T18645] pgpgin 549441 [ 792.456782][T18645] pgpgout 558048 [ 792.465775][T18645] pgfault 456738 [ 792.488476][T18645] pgmajfault 15439 [ 792.508222][T18645] inactive_anon 0 [ 792.523840][T18645] active_anon 57344 [ 792.544683][T18645] inactive_file 0 [ 792.562506][T18645] active_file 0 [ 792.577960][T18645] unevictable 413696 [ 792.599553][T18645] hierarchical_memory_limit 3145728 [ 792.625176][T18645] hierarchical_memsw_limit 9223372036854771712 [ 792.654988][T18645] total_cache 413696 [ 792.674827][T18645] total_rss 0 [ 792.706009][T18645] total_rss_huge 0 [ 792.724463][T18645] total_shmem 413696 [ 792.744456][T18645] total_mapped_file 413696 [ 792.765092][T18645] total_dirty 0 [ 792.780588][T18645] total_writeback 0 [ 792.805944][T18645] total_workingset_refault_anon 38569 [ 792.832131][T18645] total_workingset_refault_file 65438 [ 792.859093][T18645] total_swap 12754944 [ 792.877292][T18645] total_swapcached 1057177600 [ 792.899015][T18645] total_pgpgin 549441 [ 792.942052][T18645] total_pgpgout 558048 [ 792.977483][T18645] total_pgfault 456738 [ 793.000381][T18738] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2810'. [ 793.010413][T18645] total_pgmajfault 15439 [ 793.036173][T18645] total_inactive_anon 0 [ 793.074321][T18645] total_active_anon 57344 [ 793.078656][T18645] total_inactive_file 0 [ 793.123304][T18645] total_active_file 0 [ 793.127294][T18645] total_unevictable 413696 [ 793.204172][T18645] anon_cost 12 [ 793.229261][T18645] file_cost 0 [ 793.255577][T18645] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2787,pid=18623,uid=0 [ 793.339771][T18645] Memory cgroup out of memory: Killed process 18623 (syz.2.2787) total-vm:168020kB, anon-rss:1232kB, file-rss:22008kB, shmem-rss:404kB, UID:0 pgtables:144kB oom_score_adj:0 [ 793.869094][T18738] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2810'. [ 795.601291][T18763] kexec: Could not allocate control_code_buffer [ 796.310602][T18797] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2824'. [ 797.413190][T18810] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 797.484057][T18814] ICMPv6: process `syz.3.2828' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0_to_bridge.base_reachable_time - use net.ipv6.neigh.veth0_to_bridge.base_reachable_time_ms instead [ 797.672898][T18811] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 798.047608][T18825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2831'. [ 798.176553][T18828] netlink: 266 bytes leftover after parsing attributes in process `syz.3.2832'. [ 798.219680][T18828] IPv6: NLM_F_CREATE should be specified when creating new route [ 798.494899][ T5821] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 798.630062][ T5821] CPU: 0 UID: 0 PID: 5821 Comm: syz-executor Tainted: G U L syzkaller #0 PREEMPT(full) [ 798.630088][ T5821] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 798.630094][ T5821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 798.630103][ T5821] Call Trace: [ 798.630109][ T5821] [ 798.630115][ T5821] dump_stack_lvl+0x100/0x190 [ 798.630140][ T5821] dump_header+0xfb/0x606 [ 798.630157][ T5821] oom_kill_process.cold+0xd/0x330 [ 798.630175][ T5821] out_of_memory+0x340/0x14f0 [ 798.630198][ T5821] ? __pfx_out_of_memory+0x10/0x10 [ 798.630222][ T5821] mem_cgroup_out_of_memory+0xc6/0x130 [ 798.630239][ T5821] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 798.630255][ T5821] ? find_held_lock+0x2b/0x80 [ 798.630280][ T5821] ? do_raw_spin_unlock+0x145/0x1e0 [ 798.630300][ T5821] ? _raw_spin_unlock+0x28/0x50 [ 798.630321][ T5821] try_charge_memcg+0x652/0xc90 [ 798.630346][ T5821] ? __pfx_try_charge_memcg+0x10/0x10 [ 798.630371][ T5821] ? find_held_lock+0x2b/0x80 [ 798.630396][ T5821] ? rcu_read_unlock+0x17/0x60 [ 798.630417][ T5821] ? rcu_read_unlock+0x17/0x60 [ 798.630440][ T5821] charge_memcg+0xa6/0x280 [ 798.630461][ T5821] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 798.630479][ T5821] __swap_cache_prepare_and_add+0x528/0x9e0 [ 798.630504][ T5821] ? __pfx___swap_cache_prepare_and_add+0x10/0x10 [ 798.630521][ T5821] ? __pfx_swap_entry_swapped+0x10/0x10 [ 798.630547][ T5821] swap_cache_alloc_folio+0x1cb/0x300 [ 798.630566][ T5821] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 798.630584][ T5821] ? lockdep_hardirqs_on+0x78/0x100 [ 798.630604][ T5821] ? finish_task_switch.isra.0+0x205/0xb80 [ 798.630621][ T5821] swap_cluster_readahead+0x411/0x770 [ 798.630644][ T5821] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 798.630670][ T5821] ? __lock_acquire+0x4a5/0x2630 [ 798.630689][ T5821] ? get_vma_policy+0x23f/0x3b0 [ 798.630712][ T5821] swapin_readahead+0x160/0x12c0 [ 798.630736][ T5821] ? __pfx_swapin_readahead+0x10/0x10 [ 798.630752][ T5821] ? find_held_lock+0x2b/0x80 [ 798.630772][ T5821] ? swap_table_get+0x103/0x2c0 [ 798.630787][ T5821] ? swap_table_get+0x103/0x2c0 [ 798.630805][ T5821] ? swap_table_get+0x10d/0x2c0 [ 798.630821][ T5821] ? swap_cache_get_folio+0x1ae/0x600 [ 798.630839][ T5821] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 798.630854][ T5821] ? __pfx_get_swap_device+0x10/0x10 [ 798.630878][ T5821] ? do_swap_page+0xb2e/0x68e0 [ 798.630893][ T5821] do_swap_page+0xb2e/0x68e0 [ 798.630919][ T5821] ? __pfx_do_swap_page+0x10/0x10 [ 798.630936][ T5821] ? __free_object+0x2a8/0x400 [ 798.630951][ T5821] ? lockdep_hardirqs_on+0x78/0x100 [ 798.630972][ T5821] ? rcu_is_watching+0x12/0xc0 [ 798.630993][ T5821] ? __pte_offset_map+0x179/0x310 [ 798.631016][ T5821] __handle_mm_fault+0x18c1/0x2b60 [ 798.631037][ T5821] ? reacquire_held_locks+0xce/0x1e0 [ 798.631054][ T5821] ? __pfx___handle_mm_fault+0x10/0x10 [ 798.631074][ T5821] ? lock_vma_under_rcu+0x17c/0x590 [ 798.631102][ T5821] handle_mm_fault+0x36d/0xa20 [ 798.631123][ T5821] do_user_addr_fault+0x5a3/0x12f0 [ 798.631151][ T5821] exc_page_fault+0x6f/0xd0 [ 798.631171][ T5821] asm_exc_page_fault+0x26/0x30 [ 798.631186][ T5821] RIP: 0033:0x7fc5c9f5c84e [ 798.631199][ T5821] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 798.631214][ T5821] RSP: 002b:00007ffd2bf67bf8 EFLAGS: 00010246 [ 798.631226][ T5821] RAX: 0000000000000000 RBX: 0000555558d18500 RCX: 00007fc5c9f5c84e [ 798.631235][ T5821] RDX: 00007ffd2bf67c50 RSI: 0000000000000000 RDI: 0000000000000000 [ 798.631243][ T5821] RBP: 00007ffd2bf67cbc R08: 0000000000000000 R09: 0000000000000000 [ 798.631252][ T5821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388 [ 798.631260][ T5821] R13: 00000000000927c0 R14: 00000000000c1f22 R15: 00007ffd2bf67d10 [ 798.631280][ T5821] [ 798.631286][ T5821] memory: usage 3072kB, limit 3072kB, failcnt 261420 [ 800.457684][T18855] hub 1-0:1.0: USB hub found [ 800.492240][T18855] hub 1-0:1.0: 1 port detected [ 800.535663][ T5821] memory+swap: usage 18184kB, limit 9007199254740988kB, failcnt 0 [ 800.569967][ T5821] kmem: usage 1604kB, limit 9007199254740988kB, failcnt 0 [ 800.621365][ T5821] Memory cgroup stats for /syz2: [ 800.621465][ T5821] cache 135168 [ 800.662655][ T5821] rss 1249280 [ 800.665938][ T5821] rss_huge 0 [ 800.669110][ T5821] shmem 135168 [ 800.721206][ T5821] mapped_file 0 [ 800.735566][ T5821] dirty 0 [ 800.738496][ T5821] writeback 0 [ 800.792794][ T5821] workingset_refault_anon 39976 [ 800.797644][ T5821] workingset_refault_file 65438 [ 800.858598][ T5821] swap 15474688 [ 800.886674][ T5821] swapcached 1062109184 [ 800.943187][ T5821] pgpgin 552212 [ 800.946657][ T5821] pgpgout 560538 [ 800.950179][ T5821] pgfault 459297 [ 801.054338][ T5821] pgmajfault 15686 [ 801.058066][ T5821] inactive_anon 737280 [ 801.064807][ T5821] active_anon 634880 [ 801.089404][ T5821] inactive_file 0 [ 801.112666][ T5821] active_file 0 [ 801.130139][ T5821] unevictable 0 [ 801.156985][ T5821] hierarchical_memory_limit 3145728 [ 801.184312][ T5821] hierarchical_memsw_limit 9223372036854771712 [ 801.223747][ T5821] total_cache 135168 [ 801.251736][ T5821] total_rss 1249280 [ 801.255551][ T5821] total_rss_huge 0 [ 801.259249][ T5821] total_shmem 135168 [ 801.303715][ T5821] total_mapped_file 0 [ 801.307700][ T5821] total_dirty 0 [ 801.311135][ T5821] total_writeback 0 [ 801.389095][ T5821] total_workingset_refault_anon 39976 [ 801.417985][ T5821] total_workingset_refault_file 65438 [ 801.463441][ T5821] total_swap 15474688 [ 801.485801][ T5821] total_swapcached 1062109184 [ 801.490488][ T5821] total_pgpgin 552212 [ 801.546163][ T5821] total_pgpgout 560538 [ 801.550244][ T5821] total_pgfault 459297 [ 801.590611][ T5821] total_pgmajfault 15686 [ 801.615688][ T5821] total_inactive_anon 737280 [ 801.668984][ T5821] total_active_anon 634880 [ 801.686651][ T5821] total_inactive_file 0 [ 801.690800][ T5821] total_active_file 0 [ 801.764907][ T5821] total_unevictable 0 [ 801.768890][ T5821] anon_cost 58 [ 801.814608][ T5821] file_cost 0 [ 801.817900][ T5821] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2815,pid=18751,uid=0 [ 801.939179][ T5821] Memory cgroup out of memory: Killed process 18751 (syz.2.2815) total-vm:131940kB, anon-rss:2452kB, file-rss:21504kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:0 [ 802.220205][T18885] QAT: failed to copy from user cfg_data. [ 802.989050][T18903] zswap: compressor  not available [ 803.016113][T18914] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 803.262265][T18924] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2853'. [ 803.452416][T18936] FAULT_INJECTION: forcing a failure. [ 803.452416][T18936] name failslab, interval 1, probability 0, space 0, times 0 [ 803.657935][T18936] CPU: 0 UID: 0 PID: 18936 Comm: syz.0.2855 Tainted: G U L syzkaller #0 PREEMPT(full) [ 803.657962][T18936] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 803.657969][T18936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 803.657979][T18936] Call Trace: [ 803.657984][T18936] [ 803.657996][T18936] dump_stack_lvl+0x100/0x190 [ 803.658024][T18936] should_fail_ex.cold+0x5/0xa [ 803.658042][T18936] should_failslab+0xc2/0x120 [ 803.658064][T18936] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 803.658084][T18936] ? __alloc_skb+0x140/0x710 [ 803.658108][T18936] __alloc_skb+0x140/0x710 [ 803.658126][T18936] ? __alloc_skb+0x5b7/0x710 [ 803.658145][T18936] ? __pfx___alloc_skb+0x10/0x10 [ 803.658165][T18936] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 803.658183][T18936] ? audit_log_start+0x29d/0x930 [ 803.658202][T18936] ? lockdep_init_map_type+0x5c/0x250 [ 803.658223][T18936] audit_log_start+0x350/0x930 [ 803.658243][T18936] ? __pfx_audit_log_start+0x10/0x10 [ 803.658266][T18936] ? arch_do_signal_or_restart+0x1f9/0x770 [ 803.658285][T18936] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 803.658307][T18936] audit_seccomp+0x60/0x190 [ 803.658322][T18936] ? exc_general_protection+0x12e/0x250 [ 803.658341][T18936] __secure_computing+0x26d/0x2c0 [ 803.658361][T18936] do_syscall_64+0x568/0xf80 [ 803.658382][T18936] ? clear_bhb_loop+0x40/0x90 [ 803.658400][T18936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 803.658416][T18936] RIP: 0033:0x7f842799bf79 [ 803.658429][T18936] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 803.658444][T18936] RSP: 002b:00007f8428890a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 803.658459][T18936] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f842799bf79 [ 803.658468][T18936] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 000000000000000b [ 803.658477][T18936] RBP: 00007f8428891030 R08: 0000000000000000 R09: 000000000000000b [ 803.658486][T18936] R10: 0000000000000009 R11: 0000000000000246 R12: 000000000002652c [ 803.658495][T18936] R13: 00007f8427c16218 R14: 00007f8427c16180 R15: 00007ffcbf396878 [ 803.658514][T18936] [ 803.660139][T18936] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 804.646489][T18941] syz_tun: tun_chr_ioctl cmd 1074025684 [ 805.271707][T18936] audit: out of memory in audit_log_start [ 807.517982][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 807.524336][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 807.653699][T19012] netlink: 'syz.3.2874': attribute type 11 has an invalid length. [ 807.693230][T19012] netlink: 'syz.3.2874': attribute type 11 has an invalid length. [ 807.741590][T19012] netlink: 'syz.3.2874': attribute type 11 has an invalid length. [ 809.248157][T19036] zswap: compressor not available [ 810.033671][T19064] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 810.119931][T19064] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 810.261862][T19064] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 810.368933][T19064] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 810.501459][T19064] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 810.533340][T19068] zswap: compressor not available [ 810.611371][T19064] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 810.731951][T19064] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 811.166588][T19086] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2893'. [ 812.067777][T19098] zswap: compressor not available [ 813.141731][T19121] zswap: compressor not available [ 814.398690][T19142] Process accounting paused [ 814.441115][T19152] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2903'. [ 816.938373][T19195] Invalid ELF header magic: != ELF [ 817.693903][T19212] usb usb15: usbfs: process 19212 (syz.0.2915) did not claim interface 0 before use [ 818.086677][T19221] : entered promiscuous mode [ 820.866809][T19264] tipc: Started in network mode [ 821.067176][T19264] tipc: Node identity ee00, cluster identity 4711 [ 821.136116][T19250] Process accounting paused [ 821.142171][T19264] tipc: Node number set to 60928 [ 823.973606][T19319] cgroup: fork rejected by pids controller in /syz0 [ 824.638905][T19375] Invalid ELF header magic: != ELF [ 824.796886][ T30] audit: type=1800 audit(4294967304.370:28): pid=19380 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2943" name="SYSVffffffff" dev="tmpfs" ino=0 res=0 errno=0 [ 825.052018][T19382] FAULT_INJECTION: forcing a failure. [ 825.052018][T19382] name fail_futex, interval 1, probability 0, space 0, times 0 [ 825.135877][T19382] CPU: 0 UID: 0 PID: 19382 Comm: syz.4.2944 Tainted: G U L syzkaller #0 PREEMPT(full) [ 825.135904][T19382] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 825.135910][T19382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 825.135919][T19382] Call Trace: [ 825.135925][T19382] [ 825.135931][T19382] dump_stack_lvl+0x100/0x190 [ 825.135957][T19382] should_fail_ex.cold+0x5/0xa [ 825.135971][T19382] ? __kernel_text_address+0xd/0x30 [ 825.135993][T19382] get_futex_key+0x1d2/0x1620 [ 825.136011][T19382] ? __pfx_get_futex_key+0x10/0x10 [ 825.136027][T19382] ? putname+0xb1/0x110 [ 825.136048][T19382] ? stack_trace_save+0x8e/0xc0 [ 825.136069][T19382] ? __pfx_stack_trace_save+0x10/0x10 [ 825.136093][T19382] futex_wait_setup+0x81/0x500 [ 825.136118][T19382] __futex_wait+0x19f/0x300 [ 825.136138][T19382] ? __pfx___futex_wait+0x10/0x10 [ 825.136161][T19382] ? __pfx_futex_wake_mark+0x10/0x10 [ 825.136182][T19382] ? futex_hash+0x2c5/0x380 [ 825.136203][T19382] futex_wait+0xed/0x380 [ 825.136222][T19382] ? __pfx_futex_wait+0x10/0x10 [ 825.136246][T19382] ? putname+0xb1/0x110 [ 825.136265][T19382] ? kmem_cache_free+0x124/0x6a0 [ 825.136286][T19382] do_futex+0x1ef/0x350 [ 825.136307][T19382] ? __pfx_do_futex+0x10/0x10 [ 825.136322][T19382] ? __pfx_do_sys_openat2+0x10/0x10 [ 825.136339][T19382] ? find_held_lock+0x2b/0x80 [ 825.136363][T19382] __x64_sys_futex+0x34f/0x4d0 [ 825.136380][T19382] ? __x64_sys_openat+0x12d/0x210 [ 825.136396][T19382] ? __pfx___x64_sys_futex+0x10/0x10 [ 825.136420][T19382] do_syscall_64+0x106/0xf80 [ 825.136440][T19382] ? clear_bhb_loop+0x40/0x90 [ 825.136458][T19382] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 825.136472][T19382] RIP: 0033:0x7fbd9e99bf79 [ 825.136485][T19382] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 825.136499][T19382] RSP: 002b:00007fbd9f81a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 825.136513][T19382] RAX: ffffffffffffffda RBX: 00007fbd9ec15fa8 RCX: 00007fbd9e99bf79 [ 825.136523][T19382] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbd9ec15fa8 [ 825.136531][T19382] RBP: 00007fbd9ec15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 825.136540][T19382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 825.136549][T19382] R13: 00007fbd9ec16038 R14: 00007fff9ce80410 R15: 00007fff9ce804f8 [ 825.136568][T19382] [ 826.120345][T19404] syz_tun: tun_chr_ioctl cmd 2147767507 [ 827.904058][T19436] FAULT_INJECTION: forcing a failure. [ 827.904058][T19436] name failslab, interval 1, probability 0, space 0, times 0 [ 827.985493][T19436] CPU: 0 UID: 0 PID: 19436 Comm: syz.3.2958 Tainted: G U L syzkaller #0 PREEMPT(full) [ 827.985522][T19436] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 827.985528][T19436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 827.985538][T19436] Call Trace: [ 827.985544][T19436] [ 827.985550][T19436] dump_stack_lvl+0x100/0x190 [ 827.985577][T19436] should_fail_ex.cold+0x5/0xa [ 827.985595][T19436] should_failslab+0xc2/0x120 [ 827.985617][T19436] __kmalloc_cache_noprof+0x7a/0x6f0 [ 827.985634][T19436] ? kvm_uevent_notify_change.part.0+0x2a6/0x450 [ 827.985657][T19436] kvm_uevent_notify_change.part.0+0x2a6/0x450 [ 827.985676][T19436] ? __pfx_kvm_vm_release+0x10/0x10 [ 827.985692][T19436] kvm_put_kvm+0xe4/0xb10 [ 827.985708][T19436] ? lockdep_hardirqs_on+0x78/0x100 [ 827.985729][T19436] ? _raw_spin_unlock_irq+0x2e/0x50 [ 827.985749][T19436] ? __pfx_kvm_vm_release+0x10/0x10 [ 827.985765][T19436] kvm_vm_release+0x3c/0x50 [ 827.985780][T19436] __fput+0x3ff/0xb40 [ 827.985799][T19436] task_work_run+0x150/0x240 [ 827.985820][T19436] ? __pfx_task_work_run+0x10/0x10 [ 827.985845][T19436] exit_to_user_mode_loop+0x100/0x4a0 [ 827.985865][T19436] do_syscall_64+0x668/0xf80 [ 827.985886][T19436] ? clear_bhb_loop+0x40/0x90 [ 827.985905][T19436] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 827.985920][T19436] RIP: 0033:0x7fa6d259bf79 [ 827.985933][T19436] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 827.985949][T19436] RSP: 002b:00007fa6d3395028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 827.985964][T19436] RAX: 0000000000000000 RBX: 00007fa6d2816090 RCX: 00007fa6d259bf79 [ 827.985973][T19436] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 827.985982][T19436] RBP: 00007fa6d26327e0 R08: 0000000000000000 R09: 0000000000000000 [ 827.985991][T19436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 827.985999][T19436] R13: 00007fa6d2816128 R14: 00007fa6d2816090 R15: 00007ffd113ab928 [ 827.986020][T19436] [ 830.071836][ T5883] Process accounting resumed [ 830.588547][T19498] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 832.070214][T19516] sd 0:0:1:0: PR command failed: 1026 [ 832.102520][T19516] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 832.146859][T19516] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 832.219624][T19509] usb usb3: usbfs: interface 0 claimed by hub while 'syz.3.2971' sets config #16 [ 833.698585][T19542] zswap: compressor not available [ 834.062670][T19561] netlink: 'syz.4.2985': attribute type 1 has an invalid length. [ 835.143120][ T30] audit: type=1800 audit(4294967314.720:29): pid=19585 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2991" name="features" dev="configfs" ino=152670 res=0 errno=0 [ 836.711993][T19624] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2997'. [ 837.451380][T19640] tipc: Started in network mode [ 837.500111][T19640] tipc: Node identity ee00, cluster identity 4711 [ 837.531758][T19640] tipc: Node number set to 60928 [ 838.078472][ T30] audit: type=1800 audit(4294967317.650:30): pid=19644 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3001" name="dbroot" dev="configfs" ino=152897 res=0 errno=0 [ 838.146400][T19644] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3001'. [ 838.687281][T19659] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3005'. [ 839.495655][T19677] vivid-007: ================= START STATUS ================= [ 839.669897][T19677] vivid-007: Generate PTS: true [ 839.758658][T19677] vivid-007: Generate SCR: true [ 839.861686][T19677] tpg source WxH: 320x240 (Y'CbCr) [ 839.918079][T19677] tpg field: 1 [ 840.017869][T19677] tpg crop: (0,0)/320x240 [ 840.091966][T19677] tpg compose: (0,0)/320x240 [ 840.147351][T19677] tpg colorspace: 8 [ 840.151439][T19677] tpg transfer function: 0/0 [ 840.293263][T19677] tpg Y'CbCr encoding: 0/0 [ 840.371599][T19677] tpg quantization: 0/0 [ 840.422743][T19677] tpg RGB range: 0/2 [ 840.426654][T19677] vivid-007: ================== END STATUS ================== [ 843.216359][T19706] zswap: compressor not available [ 845.711148][T19705] Process accounting resumed [ 845.928149][T19741] FAULT_INJECTION: forcing a failure. [ 845.928149][T19741] name failslab, interval 1, probability 0, space 0, times 0 [ 845.973375][T19739] Invalid ELF header magic: != ELF [ 846.002195][T19741] CPU: 0 UID: 0 PID: 19741 Comm: syz.0.3019 Tainted: G U L syzkaller #0 PREEMPT(full) [ 846.002224][T19741] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 846.002230][T19741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 846.002240][T19741] Call Trace: [ 846.002246][T19741] [ 846.002252][T19741] dump_stack_lvl+0x100/0x190 [ 846.002280][T19741] should_fail_ex.cold+0x5/0xa [ 846.002299][T19741] should_failslab+0xc2/0x120 [ 846.002321][T19741] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 846.002341][T19741] ? __anon_vma_prepare+0xae/0x5e0 [ 846.002362][T19741] ? __pfx_filemap_map_pages+0x10/0x10 [ 846.002382][T19741] __anon_vma_prepare+0xae/0x5e0 [ 846.002398][T19741] ? find_held_lock+0x2b/0x80 [ 846.002422][T19741] ? __pfx_filemap_map_pages+0x10/0x10 [ 846.002440][T19741] __vmf_anon_prepare+0x11f/0x250 [ 846.002464][T19741] do_fault+0x152/0x1a00 [ 846.002478][T19741] ? __pmd_alloc+0x6aa/0x9c0 [ 846.002494][T19741] __handle_mm_fault+0x180f/0x2b60 [ 846.002514][T19741] ? mt_find+0x45e/0x8e0 [ 846.002538][T19741] ? __pfx___handle_mm_fault+0x10/0x10 [ 846.002554][T19741] ? __pfx_mt_find+0x10/0x10 [ 846.002591][T19741] handle_mm_fault+0x36d/0xa20 [ 846.002612][T19741] __get_user_pages+0xf9c/0x34d0 [ 846.002643][T19741] ? __pfx___get_user_pages+0x10/0x10 [ 846.002678][T19741] populate_vma_page_range+0x267/0x3f0 [ 846.002695][T19741] ? __pfx_populate_vma_page_range+0x10/0x10 [ 846.002709][T19741] ? __pfx_find_vma_intersection+0x10/0x10 [ 846.002733][T19741] ? do_mmap+0x93f/0x12f0 [ 846.002758][T19741] __mm_populate+0x107/0x3a0 [ 846.002774][T19741] ? __pfx___mm_populate+0x10/0x10 [ 846.002790][T19741] ? up_write+0x290/0x4f0 [ 846.002811][T19741] vm_mmap_pgoff+0x37f/0x470 [ 846.002836][T19741] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 846.002858][T19741] ? __fget_files+0x215/0x3d0 [ 846.002881][T19741] ? __fget_files+0x21f/0x3d0 [ 846.002904][T19741] ksys_mmap_pgoff+0x328/0x5b0 [ 846.002929][T19741] __x64_sys_mmap+0x125/0x190 [ 846.002953][T19741] do_syscall_64+0x106/0xf80 [ 846.002974][T19741] ? clear_bhb_loop+0x40/0x90 [ 846.002993][T19741] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 846.003008][T19741] RIP: 0033:0x7f842799bf79 [ 846.003022][T19741] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 846.003037][T19741] RSP: 002b:00007f84288d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 846.003052][T19741] RAX: ffffffffffffffda RBX: 00007f8427c15fa0 RCX: 00007f842799bf79 [ 846.003062][T19741] RDX: 0000000000000003 RSI: 0000000000000009 RDI: 0000000000000000 [ 846.003072][T19741] RBP: 00007f8427a327e0 R08: 0000000000000003 R09: 0000000000008000 [ 846.003081][T19741] R10: 0000000000008012 R11: 0000000000000246 R12: 0000000000000000 [ 846.003090][T19741] R13: 00007f8427c16038 R14: 00007f8427c15fa0 R15: 00007ffcbf396878 [ 846.003111][T19741] [ 846.994098][T10661] Bluetooth: hci1: unexpected event 0x02 length: 726 > 260 [ 847.957244][T19751] zswap: compressor not available [ 848.510960][T19763] can: request_module (can-proto-4) failed. [ 850.795637][T19800] FAULT_INJECTION: forcing a failure. [ 850.795637][T19800] name fail_futex, interval 1, probability 0, space 0, times 0 [ 850.901859][T19800] CPU: 0 UID: 0 PID: 19800 Comm: syz.3.3032 Tainted: G U L syzkaller #0 PREEMPT(full) [ 850.901889][T19800] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 850.901895][T19800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 850.901905][T19800] Call Trace: [ 850.901911][T19800] [ 850.901918][T19800] dump_stack_lvl+0x100/0x190 [ 850.901945][T19800] should_fail_ex.cold+0x5/0xa [ 850.901963][T19800] get_futex_key+0x1d2/0x1620 [ 850.901982][T19800] ? __pfx_get_futex_key+0x10/0x10 [ 850.902005][T19800] futex_wait_setup+0x81/0x500 [ 850.902030][T19800] __futex_wait+0x19f/0x300 [ 850.902053][T19800] ? __pfx___futex_wait+0x10/0x10 [ 850.902072][T19800] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 850.902092][T19800] ? lockdep_hardirqs_on+0x78/0x100 [ 850.902116][T19800] ? __pfx_futex_wake_mark+0x10/0x10 [ 850.902138][T19800] ? futex_hash+0x2c5/0x380 [ 850.902159][T19800] futex_wait+0xed/0x380 [ 850.902180][T19800] ? __pfx_futex_wait+0x10/0x10 [ 850.902205][T19800] ? __might_fault+0xc5/0x140 [ 850.902228][T19800] do_futex+0x1ef/0x350 [ 850.902246][T19800] ? __pfx_do_futex+0x10/0x10 [ 850.902264][T19800] ? __sys_connect+0xe4/0x170 [ 850.902286][T19800] __x64_sys_futex+0x34f/0x4d0 [ 850.902306][T19800] ? __pfx___x64_sys_futex+0x10/0x10 [ 850.902331][T19800] do_syscall_64+0x106/0xf80 [ 850.902361][T19800] ? clear_bhb_loop+0x40/0x90 [ 850.902380][T19800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 850.902396][T19800] RIP: 0033:0x7fa6d259bf79 [ 850.902409][T19800] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 850.902425][T19800] RSP: 002b:00007fa6d33b60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 850.902440][T19800] RAX: ffffffffffffffda RBX: 00007fa6d2815fa8 RCX: 00007fa6d259bf79 [ 850.902451][T19800] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa6d2815fa8 [ 850.902460][T19800] RBP: 00007fa6d2815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 850.902469][T19800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 850.902478][T19800] R13: 00007fa6d2816038 R14: 00007ffd113ab840 R15: 00007ffd113ab928 [ 850.902498][T19800] [ 851.627177][T19806] netlink: 504 bytes leftover after parsing attributes in process `syz.0.3034'. [ 851.668250][T19806] netlink: 504 bytes leftover after parsing attributes in process `syz.0.3034'. [ 852.063678][T19812] Invalid ELF header magic: != ELF [ 852.389951][T19816] can: request_module (can-proto-0) failed. [ 853.216456][T19839] FAULT_INJECTION: forcing a failure. [ 853.216456][T19839] name failslab, interval 1, probability 0, space 0, times 0 [ 853.312369][T19839] CPU: 0 UID: 0 PID: 19839 Comm: syz.0.3042 Tainted: G U L syzkaller #0 PREEMPT(full) [ 853.312399][T19839] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 853.312405][T19839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 853.312415][T19839] Call Trace: [ 853.312420][T19839] [ 853.312427][T19839] dump_stack_lvl+0x100/0x190 [ 853.312454][T19839] should_fail_ex.cold+0x5/0xa [ 853.312473][T19839] should_failslab+0xc2/0x120 [ 853.312495][T19839] __kmalloc_cache_noprof+0x7a/0x6f0 [ 853.312511][T19839] ? rfkill_fop_open+0x1b6/0x750 [ 853.312529][T19839] ? mark_held_locks+0x40/0x70 [ 853.312550][T19839] rfkill_fop_open+0x1b6/0x750 [ 853.312570][T19839] ? __pfx_rfkill_fop_open+0x10/0x10 [ 853.312590][T19839] misc_open+0x26d/0x450 [ 853.312610][T19839] ? __pfx_misc_open+0x10/0x10 [ 853.312628][T19839] chrdev_open+0x234/0x6a0 [ 853.312650][T19839] ? __pfx_apparmor_file_open+0x10/0x10 [ 853.312667][T19839] ? __pfx_chrdev_open+0x10/0x10 [ 853.312690][T19839] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 853.312716][T19839] do_dentry_open+0x6d8/0x1660 [ 853.312737][T19839] ? __pfx_chrdev_open+0x10/0x10 [ 853.312763][T19839] vfs_open+0x82/0x3f0 [ 853.312781][T19839] path_openat+0x208c/0x31a0 [ 853.312809][T19839] ? __pfx_path_openat+0x10/0x10 [ 853.312837][T19839] do_file_open+0x20e/0x430 [ 853.312860][T19839] ? __pfx_do_file_open+0x10/0x10 [ 853.312895][T19839] ? alloc_fd+0x476/0x790 [ 853.312918][T19839] ? do_getname+0x191/0x390 [ 853.312935][T19839] do_sys_openat2+0x10d/0x1e0 [ 853.312951][T19839] ? __pfx_do_sys_openat2+0x10/0x10 [ 853.312969][T19839] ? __fget_files+0x21f/0x3d0 [ 853.312993][T19839] __x64_sys_openat+0x12d/0x210 [ 853.313010][T19839] ? __pfx___x64_sys_openat+0x10/0x10 [ 853.313039][T19839] do_syscall_64+0x106/0xf80 [ 853.313061][T19839] ? clear_bhb_loop+0x40/0x90 [ 853.313087][T19839] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 853.313104][T19839] RIP: 0033:0x7f842799bf79 [ 853.313118][T19839] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 853.313133][T19839] RSP: 002b:00007f84288d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 853.313148][T19839] RAX: ffffffffffffffda RBX: 00007f8427c15fa0 RCX: 00007f842799bf79 [ 853.313159][T19839] RDX: 0000000000000000 RSI: 0000200000000200 RDI: ffffffffffffff9c [ 853.313168][T19839] RBP: 00007f8427a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 853.313178][T19839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 853.313188][T19839] R13: 00007f8427c16038 R14: 00007f8427c15fa0 R15: 00007ffcbf396878 [ 853.313208][T19839] [ 853.882922][T19835] block nbd7: not configured, cannot reconfigure [ 855.583038][T19877] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30 [ 855.933099][T19875] Console: switching to colour frame buffer device 13x6 [ 856.218662][T19878] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31 [ 858.193105][T19935] bridge0: port 3(dummy0) entered blocking state [ 858.199514][T19935] bridge0: port 3(dummy0) entered disabled state [ 858.278080][T19935] dummy0: entered allmulticast mode [ 858.324721][T19935] dummy0: entered promiscuous mode [ 858.347635][T19935] bridge0: port 3(dummy0) entered blocking state [ 858.354092][T19935] bridge0: port 3(dummy0) entered forwarding state [ 858.821735][ T30] audit: type=1804 audit(4294967338.390:31): pid=19953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3063" name="/newroot/467/file0" dev="tmpfs" ino=2451 res=1 errno=0 [ 858.905322][T19077] syz.2.2889 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 859.014190][ T30] audit: type=1804 audit(4294967338.430:32): pid=19956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3063" name="/newroot/467/file0" dev="tmpfs" ino=2451 res=1 errno=0 [ 859.359228][T19077] CPU: 0 UID: 0 PID: 19077 Comm: syz.2.2889 Tainted: G U L syzkaller #0 PREEMPT(full) [ 859.359255][T19077] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 859.359261][T19077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 859.359270][T19077] Call Trace: [ 859.359276][T19077] [ 859.359282][T19077] dump_stack_lvl+0x100/0x190 [ 859.359308][T19077] dump_header+0xfb/0x606 [ 859.359326][T19077] oom_kill_process.cold+0xd/0x330 [ 859.359343][T19077] out_of_memory+0x340/0x14f0 [ 859.359367][T19077] ? __pfx_out_of_memory+0x10/0x10 [ 859.359390][T19077] mem_cgroup_out_of_memory+0xc6/0x130 [ 859.359408][T19077] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 859.359423][T19077] ? find_held_lock+0x2b/0x80 [ 859.359449][T19077] ? do_raw_spin_unlock+0x145/0x1e0 [ 859.359469][T19077] ? _raw_spin_unlock+0x28/0x50 [ 859.359489][T19077] try_charge_memcg+0x652/0xc90 [ 859.359514][T19077] ? __pfx_try_charge_memcg+0x10/0x10 [ 859.359535][T19077] ? find_held_lock+0x2b/0x80 [ 859.359555][T19077] ? rcu_read_unlock+0x17/0x60 [ 859.359576][T19077] ? rcu_read_unlock+0x17/0x60 [ 859.359604][T19077] charge_memcg+0xa6/0x280 [ 859.359624][T19077] __mem_cgroup_charge+0x2b/0x1e0 [ 859.359640][T19077] shmem_alloc_and_add_folio+0x451/0xd40 [ 859.359672][T19077] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 859.359692][T19077] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 859.359715][T19077] shmem_get_folio_gfp+0x6ab/0x1900 [ 859.359738][T19077] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 859.359762][T19077] shmem_write_begin+0x1a4/0x420 [ 859.359783][T19077] ? __pfx_shmem_write_begin+0x10/0x10 [ 859.359803][T19077] ? balance_dirty_pages_ratelimited_flags+0x91/0x1170 [ 859.359825][T19077] ? lockdep_hardirqs_on+0x78/0x100 [ 859.359848][T19077] generic_perform_write+0x292/0xa40 [ 859.359872][T19077] ? __pfx_generic_perform_write+0x10/0x10 [ 859.359893][T19077] ? file_update_time_flags+0x373/0x500 [ 859.359910][T19077] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 859.359931][T19077] shmem_file_write_iter+0x10e/0x140 [ 859.359954][T19077] __kernel_write_iter+0x2ac/0x920 [ 859.359976][T19077] ? __pfx___kernel_write_iter+0x10/0x10 [ 859.359995][T19077] ? __up_read+0x2c5/0x700 [ 859.360015][T19077] ? dump_user_range+0x73b/0xb50 [ 859.360041][T19077] dump_user_range+0x3f9/0xb50 [ 859.360067][T19077] ? __pfx_dump_user_range+0x10/0x10 [ 859.360095][T19077] ? __pfx_writenote+0x10/0x10 [ 859.360114][T19077] elf_core_dump+0x2d16/0x3c60 [ 859.360139][T19077] ? __pfx_elf_core_dump+0x10/0x10 [ 859.360154][T19077] ? kasan_save_stack+0x3f/0x50 [ 859.360173][T19077] ? kasan_save_track+0x14/0x30 [ 859.360190][T19077] ? __kasan_kmalloc+0xaa/0xb0 [ 859.360207][T19077] ? __kvmalloc_node_noprof+0x360/0xa00 [ 859.360228][T19077] ? irqentry_exit+0x1f8/0x670 [ 859.360246][T19077] ? asm_exc_page_fault+0x26/0x30 [ 859.360263][T19077] ? 0xffffffffff600000 [ 859.360307][T19077] ? vfs_coredump+0x27b4/0x5570 [ 859.360327][T19077] vfs_coredump+0x27b4/0x5570 [ 859.360357][T19077] ? __pfx_vfs_coredump+0x10/0x10 [ 859.360379][T19077] ? __lock_acquire+0x4a5/0x2630 [ 859.360404][T19077] ? lock_acquire+0x1cf/0x380 [ 859.360428][T19077] ? is_bpf_text_address+0x8a/0x1a0 [ 859.360448][T19077] ? bpf_ksym_find+0x124/0x1c0 [ 859.360468][T19077] ? __kernel_text_address+0xd/0x30 [ 859.360487][T19077] ? unwind_get_return_address+0x59/0xa0 [ 859.360502][T19077] ? arch_stack_walk+0xa6/0xf0 [ 859.360522][T19077] ? __sigqueue_free+0xbe/0x2a0 [ 859.360540][T19077] ? stack_trace_save+0x8e/0xc0 [ 859.360562][T19077] ? __pfx_stack_trace_save+0x10/0x10 [ 859.360583][T19077] ? stack_depot_save_flags+0x27/0x9d0 [ 859.360604][T19077] ? __lock_acquire+0x4a5/0x2630 [ 859.360656][T19077] ? proc_coredump_connector+0x2d3/0x4f0 [ 859.360679][T19077] ? __pfx_proc_coredump_connector+0x10/0x10 [ 859.360705][T19077] ? rcu_is_watching+0x12/0xc0 [ 859.360728][T19077] get_signal+0x1f2a/0x21e0 [ 859.360750][T19077] ? __pfx_get_signal+0x10/0x10 [ 859.360770][T19077] arch_do_signal_or_restart+0x91/0x770 [ 859.360788][T19077] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 859.360811][T19077] ? do_user_addr_fault+0x8d6/0x12f0 [ 859.360837][T19077] irqentry_exit+0x1f8/0x670 [ 859.360859][T19077] asm_exc_page_fault+0x26/0x30 [ 859.360873][T19077] RIP: 0033:0x7fc5c9f9bf81 [ 859.360885][T19077] Code: 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 859.360899][T19077] RSP: 002b:0000000000000200 EFLAGS: 00010217 [ 859.360911][T19077] RAX: 0000000000000000 RBX: 00007fc5ca215fa0 RCX: 00007fc5c9f9bf79 [ 859.360921][T19077] RDX: 00002000000003c0 RSI: 0000000000000200 RDI: 0000000000000002 [ 859.360929][T19077] RBP: 00007fc5ca0327e0 R08: 0000000000000002 R09: 0000000000000000 [ 859.360938][T19077] R10: 0000200000000400 R11: 0000000000000246 R12: 0000000000000000 [ 859.360947][T19077] R13: 00007fc5ca216038 R14: 00007fc5ca215fa0 R15: 00007ffd2bf67918 [ 859.360967][T19077] [ 861.202756][T19981] input: jJǸ-9%vJ86 as /devices/virtual/input/input32 [ 862.125628][T19077] memory: usage 3072kB, limit 3072kB, failcnt 306413 [ 862.158891][T19077] memory+swap: usage 118784kB, limit 9007199254740988kB, failcnt 0 [ 862.208549][T19077] kmem: usage 2240kB, limit 9007199254740988kB, failcnt 0 [ 862.271612][T19077] Memory cgroup stats for /syz2: [ 862.271797][T19077] cache 0 [ 862.329618][T19077] rss 0 [ 862.352975][T19077] rss_huge 0 [ 862.356173][T19077] shmem 0 [ 862.392795][T19077] mapped_file 0 [ 862.411621][T19077] dirty 0 [ 862.448207][T19077] writeback 0 [ 862.479272][T19077] workingset_refault_anon 43107 [ 862.495734][T19077] workingset_refault_file 83462 [ 862.518654][T19077] swap 118489088 [ 862.560036][T19077] swapcached 1212915712 [ 862.597305][T19077] pgpgin 612861 [ 862.600783][T19077] pgpgout 621464 [ 862.665669][T19077] pgfault 479181 [ 862.669225][T19077] pgmajfault 17087 [ 862.712456][T19077] inactive_anon 360448 [ 862.722805][T20008] zswap: compressor not available [ 862.731996][T19077] active_anon 491520 [ 862.746872][T19077] inactive_file 0 [ 862.750516][T19077] active_file 0 [ 862.781622][T19077] unevictable 0 [ 862.811734][T19077] hierarchical_memory_limit 3145728 [ 862.829210][T19077] hierarchical_memsw_limit 9223372036854771712 [ 862.857795][T20018] Invalid ELF header magic: != ELF [ 862.870366][T19077] total_cache 0 [ 862.877865][T19077] total_rss 0 [ 862.881139][T19077] total_rss_huge 0 [ 862.923749][T19077] total_shmem 0 [ 862.927212][T19077] total_mapped_file 0 [ 862.970912][T19077] total_dirty 0 [ 862.991624][T19077] total_writeback 0 [ 863.005732][T19077] total_workingset_refault_anon 43107 [ 863.011090][T19077] total_workingset_refault_file 83462 [ 863.069999][T19077] total_swap 118489088 [ 863.082695][T19077] total_swapcached 1212915712 [ 863.111452][T19077] total_pgpgin 612861 [ 863.142135][T19077] total_pgpgout 621464 [ 863.153530][T19077] total_pgfault 479181 [ 863.173969][T19077] total_pgmajfault 17087 [ 863.203202][T19077] total_inactive_anon 360448 [ 863.207808][T19077] total_active_anon 491520 [ 863.253738][T19077] total_inactive_file 0 [ 863.257894][T19077] total_active_file 0 [ 863.311611][T19077] total_unevictable 0 [ 863.315615][T19077] anon_cost 29 [ 863.318964][T19077] file_cost 0 [ 863.354879][T19077] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2889,pid=19077,uid=0 [ 863.423529][T19077] Memory cgroup out of memory: Killed process 19077 (syz.2.2889) total-vm:102220kB, anon-rss:1232kB, file-rss:46648kB, shmem-rss:0kB, UID:0 pgtables:208kB oom_score_adj:0 [ 865.660269][T20048] netlink: 346 bytes leftover after parsing attributes in process `syz.0.3081'. [ 865.726605][T20048] FAULT_INJECTION: forcing a failure. [ 865.726605][T20048] name fail_futex, interval 1, probability 0, space 0, times 0 [ 865.826635][T20048] CPU: 0 UID: 0 PID: 20048 Comm: syz.0.3081 Tainted: G U L syzkaller #0 PREEMPT(full) [ 865.826662][T20048] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 865.826669][T20048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 865.826679][T20048] Call Trace: [ 865.826685][T20048] [ 865.826691][T20048] dump_stack_lvl+0x100/0x190 [ 865.826718][T20048] should_fail_ex.cold+0x5/0xa [ 865.826737][T20048] get_futex_key+0x1d2/0x1620 [ 865.826757][T20048] ? __pfx_get_futex_key+0x10/0x10 [ 865.826776][T20048] ? __fput+0x68a/0xb40 [ 865.826793][T20048] futex_wait_setup+0x81/0x500 [ 865.826824][T20048] __futex_wait+0x19f/0x300 [ 865.826847][T20048] ? __pfx___futex_wait+0x10/0x10 [ 865.826871][T20048] ? __pfx_futex_wake_mark+0x10/0x10 [ 865.826894][T20048] ? futex_hash+0x2c5/0x380 [ 865.826916][T20048] futex_wait+0xed/0x380 [ 865.826937][T20048] ? __pfx_futex_wait+0x10/0x10 [ 865.826969][T20048] do_futex+0x1ef/0x350 [ 865.826986][T20048] ? __pfx_do_futex+0x10/0x10 [ 865.827004][T20048] ? __pfx___might_resched+0x10/0x10 [ 865.827024][T20048] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 865.827051][T20048] __x64_sys_futex+0x34f/0x4d0 [ 865.827083][T20048] ? __pfx___x64_sys_futex+0x10/0x10 [ 865.827114][T20048] do_syscall_64+0x106/0xf80 [ 865.827137][T20048] ? clear_bhb_loop+0x40/0x90 [ 865.827156][T20048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 865.827172][T20048] RIP: 0033:0x7f842799bf79 [ 865.827185][T20048] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 865.827200][T20048] RSP: 002b:00007f84288d30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 865.827215][T20048] RAX: ffffffffffffffda RBX: 00007f8427c15fa8 RCX: 00007f842799bf79 [ 865.827225][T20048] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8427c15fa8 [ 865.827234][T20048] RBP: 00007f8427c15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 865.827243][T20048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 865.827252][T20048] R13: 00007f8427c16038 R14: 00007ffcbf396790 R15: 00007ffcbf396878 [ 865.827272][T20048] [ 866.141698][T20052] syz.2.3080 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 866.153063][T20052] CPU: 0 UID: 0 PID: 20052 Comm: syz.2.3080 Tainted: G U L syzkaller #0 PREEMPT(full) [ 866.153089][T20052] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 866.153095][T20052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 866.153104][T20052] Call Trace: [ 866.153109][T20052] [ 866.153115][T20052] dump_stack_lvl+0x100/0x190 [ 866.153141][T20052] dump_header+0xfb/0x606 [ 866.153157][T20052] oom_kill_process.cold+0xd/0x330 [ 866.153175][T20052] out_of_memory+0x340/0x14f0 [ 866.153198][T20052] ? __pfx_out_of_memory+0x10/0x10 [ 866.153222][T20052] mem_cgroup_out_of_memory+0xc6/0x130 [ 866.153239][T20052] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 866.153255][T20052] ? find_held_lock+0x2b/0x80 [ 866.153280][T20052] ? do_raw_spin_unlock+0x145/0x1e0 [ 866.153299][T20052] ? _raw_spin_unlock+0x28/0x50 [ 866.153320][T20052] try_charge_memcg+0x652/0xc90 [ 866.153345][T20052] ? __pfx_try_charge_memcg+0x10/0x10 [ 866.153365][T20052] ? rcu_read_unlock+0x17/0x60 [ 866.153386][T20052] ? rcu_read_unlock+0x17/0x60 [ 866.153411][T20052] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 866.153432][T20052] obj_cgroup_charge_account+0x33d/0x640 [ 866.153456][T20052] __memcg_slab_post_alloc_hook+0x2e3/0x9a0 [ 866.153482][T20052] ? kasan_save_track+0x14/0x30 [ 866.153503][T20052] kmem_cache_alloc_noprof+0x58a/0x6e0 [ 866.153521][T20052] ? anon_vma_fork+0x19a/0x6b0 [ 866.153541][T20052] anon_vma_fork+0x19a/0x6b0 [ 866.153560][T20052] dup_mmap+0x1054/0x1db0 [ 866.153582][T20052] ? __pfx_dup_mmap+0x10/0x10 [ 866.153595][T20052] ? rcu_is_watching+0x12/0xc0 [ 866.153629][T20052] copy_process+0x73d7/0x7a10 [ 866.153655][T20052] ? __pfx_copy_process+0x10/0x10 [ 866.153671][T20052] ? find_held_lock+0x2b/0x80 [ 866.153695][T20052] ? futex_private_hash_put+0x107/0x1c0 [ 866.153715][T20052] kernel_clone+0xfc/0x9a0 [ 866.153732][T20052] ? __pfx_kernel_clone+0x10/0x10 [ 866.153760][T20052] __do_sys_clone+0xd9/0x120 [ 866.153776][T20052] ? __pfx___do_sys_clone+0x10/0x10 [ 866.153809][T20052] do_syscall_64+0x106/0xf80 [ 866.153829][T20052] ? clear_bhb_loop+0x40/0x90 [ 866.153847][T20052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 866.153862][T20052] RIP: 0033:0x7fc5c9f9bf79 [ 866.153876][T20052] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 866.153890][T20052] RSP: 002b:00007fc5cae21028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 866.153904][T20052] RAX: ffffffffffffffda RBX: 00007fc5ca216090 RCX: 00007fc5c9f9bf79 [ 866.153914][T20052] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000001 [ 866.153923][T20052] RBP: 00007fc5ca0327e0 R08: 0000000000000009 R09: 0000000000000000 [ 866.153931][T20052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 866.153940][T20052] R13: 00007fc5ca216128 R14: 00007fc5ca216090 R15: 00007ffd2bf67918 [ 866.153960][T20052] [ 866.153966][T20052] memory: usage 3072kB, limit 3072kB, failcnt 306677 [ 866.849930][T20062] input: jJǸ-9%vJ86 as /devices/virtual/input/input33 [ 868.233127][T20081] FAULT_INJECTION: forcing a failure. [ 868.233127][T20081] name fail_futex, interval 1, probability 0, space 0, times 0 [ 868.342575][T20081] CPU: 0 UID: 0 PID: 20081 Comm: syz.4.3086 Tainted: G U L syzkaller #0 PREEMPT(full) [ 868.342604][T20081] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 868.342611][T20081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 868.342620][T20081] Call Trace: [ 868.342626][T20081] [ 868.342633][T20081] dump_stack_lvl+0x100/0x190 [ 868.342660][T20081] should_fail_ex.cold+0x5/0xa [ 868.342678][T20081] get_futex_key+0x295/0x1620 [ 868.342698][T20081] ? __pfx_get_futex_key+0x10/0x10 [ 868.342716][T20081] ? kasan_save_track+0x14/0x30 [ 868.342737][T20081] ? __kasan_kmalloc+0xaa/0xb0 [ 868.342759][T20081] futex_lock_pi+0x1d3/0x7b0 [ 868.342780][T20081] ? preempt_schedule_thunk+0x16/0x30 [ 868.342798][T20081] ? __pfx_futex_lock_pi+0x10/0x10 [ 868.342816][T20081] ? preempt_schedule_common+0x42/0xc0 [ 868.342837][T20081] ? preempt_schedule_thunk+0x16/0x30 [ 868.342863][T20081] ? __pfx_try_to_wake_up+0x10/0x10 [ 868.342900][T20081] ? futex_private_hash_put+0x107/0x1c0 [ 868.342920][T20081] ? __pfx_futex_wake_mark+0x10/0x10 [ 868.342945][T20081] ? __might_fault+0x111/0x140 [ 868.342964][T20081] ? do_vfs_ioctl+0x226/0x13e0 [ 868.342985][T20081] do_futex+0x18a/0x350 [ 868.343004][T20081] ? __pfx_do_futex+0x10/0x10 [ 868.343023][T20081] ? find_held_lock+0x2b/0x80 [ 868.343047][T20081] __x64_sys_futex+0x34f/0x4d0 [ 868.343067][T20081] ? __pfx___x64_sys_futex+0x10/0x10 [ 868.343092][T20081] do_syscall_64+0x106/0xf80 [ 868.343113][T20081] ? clear_bhb_loop+0x40/0x90 [ 868.343131][T20081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 868.343146][T20081] RIP: 0033:0x7fbd9e99bf79 [ 868.343160][T20081] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 868.343176][T20081] RSP: 002b:00007fbd9f7b7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 868.343191][T20081] RAX: ffffffffffffffda RBX: 00007fbd9ec16270 RCX: 00007fbd9e99bf79 [ 868.343201][T20081] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 868.343210][T20081] RBP: 00007fbd9ea327e0 R08: 0000000000000000 R09: 000000008000fff5 [ 868.343220][T20081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 868.343229][T20081] R13: 00007fbd9ec16308 R14: 00007fbd9ec16270 R15: 00007fff9ce804f8 [ 868.343250][T20081] [ 869.030010][T20052] memory+swap: usage 67228kB, limit 9007199254740988kB, failcnt 0 [ 869.101619][T20052] kmem: usage 2060kB, limit 9007199254740988kB, failcnt 0 [ 869.148866][T20052] Memory cgroup stats for /syz2: [ 869.149063][T20052] cache 466944 [ 869.217433][T20052] rss 4096 [ 869.236962][T20052] rss_huge 0 [ 869.272771][T20052] shmem 466944 [ 869.296791][T20052] mapped_file 0 [ 869.314496][T20052] dirty 0 [ 869.343560][T20052] writeback 0 [ 869.362939][T20052] workingset_refault_anon 43157 [ 869.386006][T20052] workingset_refault_file 83462 [ 869.416344][T20052] swap 65904640 [ 869.451805][T20052] swapcached 1213960192 [ 869.493562][T20052] pgpgin 613423 [ 869.522027][T20052] pgpgout 622033 [ 869.540450][T20052] pgfault 479273 [ 869.572836][T20052] pgmajfault 17111 [ 869.601633][T20052] inactive_anon 557056 [ 869.643397][T20052] active_anon 221184 [ 869.665688][T20052] inactive_file 0 [ 869.685632][T20052] active_file 0 [ 869.708415][T20052] unevictable 0 [ 869.761408][T20052] hierarchical_memory_limit 3145728 [ 869.821872][T20052] hierarchical_memsw_limit 9223372036854771712 [ 869.880213][T20052] total_cache 466944 [ 869.928523][T20096] netlink: 206 bytes leftover after parsing attributes in process `syz.3.3089'. [ 869.962250][T20052] total_rss 4096 [ 870.020440][T20052] total_rss_huge 0 [ 870.039701][T20052] total_shmem 466944 [ 870.066838][T20052] total_mapped_file 0 [ 870.122270][T20052] total_dirty 0 [ 870.125746][T20052] total_writeback 0 [ 870.235875][T20052] total_workingset_refault_anon 43157 [ 870.241266][T20052] total_workingset_refault_file 83462 [ 870.248687][ T1296] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.256774][ T1296] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.304322][T20052] total_swap 65904640 [ 870.356868][T20052] total_swapcached 1213960192 [ 870.391632][T20052] total_pgpgin 613423 [ 870.447118][T20052] total_pgpgout 622033 [ 870.532686][T20052] total_pgfault 479273 [ 870.548883][T20052] total_pgmajfault 17111 [ 870.597172][T20052] total_inactive_anon 557056 [ 870.624923][T20109] futex_atomic_op_inuser: 56 callbacks suppressed [ 870.624937][T20109] futex_wake_op: syz.4.3093 tries to shift op by -2048; fix this program [ 870.645528][T20052] total_active_anon 221184 [ 870.686788][T20052] total_inactive_file 0 [ 870.690948][T20052] total_active_file 0 [ 870.793221][T20052] total_unevictable 0 [ 870.797218][T20052] anon_cost 348 [ 870.879563][T20052] file_cost 0 [ 870.929536][T20052] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.2923,pid=19248,uid=0 [ 871.110437][T20052] Memory cgroup out of memory: Killed process 19248 (syz.2.2923) total-vm:100824kB, anon-rss:1232kB, file-rss:45860kB, shmem-rss:0kB, UID:0 pgtables:204kB oom_score_adj:0 [ 871.403905][T20122] netlink: 188 bytes leftover after parsing attributes in process `syz.0.3097'. [ 872.177519][ T30] audit: type=1800 audit(4294967351.750:33): pid=20149 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3104" name="dbroot" dev="configfs" ino=155477 res=0 errno=0 [ 872.896706][T20155] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3106'. [ 873.233702][T20166] FAULT_INJECTION: forcing a failure. [ 873.233702][T20166] name failslab, interval 1, probability 0, space 0, times 0 [ 873.321246][T20166] CPU: 0 UID: 0 PID: 20166 Comm: syz.4.3108 Tainted: G U L syzkaller #0 PREEMPT(full) [ 873.321275][T20166] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 873.321281][T20166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 873.321291][T20166] Call Trace: [ 873.321297][T20166] [ 873.321304][T20166] dump_stack_lvl+0x100/0x190 [ 873.321331][T20166] should_fail_ex.cold+0x5/0xa [ 873.321350][T20166] should_failslab+0xc2/0x120 [ 873.321372][T20166] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 873.321392][T20166] ? __d_alloc+0x34/0xa80 [ 873.321414][T20166] ? lockdep_init_map_type+0x5c/0x250 [ 873.321436][T20166] __d_alloc+0x34/0xa80 [ 873.321460][T20166] d_alloc_pseudo+0x1c/0xc0 [ 873.321477][T20166] alloc_file_pseudo+0xcf/0x230 [ 873.321503][T20166] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 873.321519][T20166] ? alloc_fd+0x476/0x790 [ 873.321547][T20166] sock_alloc_file+0x50/0x210 [ 873.321571][T20166] __sys_socket+0x1c0/0x260 [ 873.321587][T20166] ? exc_page_fault+0x6f/0xd0 [ 873.321608][T20166] ? __pfx___sys_socket+0x10/0x10 [ 873.321627][T20166] ? do_user_addr_fault+0x8d6/0x12f0 [ 873.321652][T20166] __x64_sys_socket+0x72/0xb0 [ 873.321668][T20166] ? lockdep_hardirqs_on+0x78/0x100 [ 873.321690][T20166] do_syscall_64+0x106/0xf80 [ 873.321710][T20166] ? clear_bhb_loop+0x40/0x90 [ 873.321728][T20166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 873.321744][T20166] RIP: 0033:0x7fbd9e99d807 [ 873.321757][T20166] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 873.321772][T20166] RSP: 002b:00007fbd9f818f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 873.321787][T20166] RAX: ffffffffffffffda RBX: 00007fbd9ec15fa0 RCX: 00007fbd9e99d807 [ 873.321797][T20166] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 873.321806][T20166] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 873.321815][T20166] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 873.321825][T20166] R13: 00007fbd9ec16038 R14: 00007fbd9ec15fa0 R15: 00007fff9ce804f8 [ 873.321846][T20166] [ 873.925406][T20175] FAULT_INJECTION: forcing a failure. [ 873.925406][T20175] name failslab, interval 1, probability 0, space 0, times 0 [ 874.055917][T20175] CPU: 0 UID: 0 PID: 20175 Comm: syz.0.3109 Tainted: G U L syzkaller #0 PREEMPT(full) [ 874.055945][T20175] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 874.055951][T20175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 874.055961][T20175] Call Trace: [ 874.055968][T20175] [ 874.055974][T20175] dump_stack_lvl+0x100/0x190 [ 874.056002][T20175] should_fail_ex.cold+0x5/0xa [ 874.056020][T20175] ? tomoyo_realpath_from_path+0xb6/0x690 [ 874.056044][T20175] should_failslab+0xc2/0x120 [ 874.056066][T20175] __kmalloc_noprof+0xe0/0x850 [ 874.056089][T20175] tomoyo_realpath_from_path+0xb6/0x690 [ 874.056116][T20175] tomoyo_check_open_permission+0x2af/0x3c0 [ 874.056137][T20175] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 874.056175][T20175] ? lock_acquire+0x1cf/0x380 [ 874.056192][T20175] ? find_held_lock+0x2b/0x80 [ 874.056219][T20175] tomoyo_file_open+0x6b/0x90 [ 874.056235][T20175] security_file_open+0xb5/0x1e0 [ 874.056256][T20175] do_dentry_open+0x5aa/0x1660 [ 874.056284][T20175] vfs_open+0x82/0x3f0 [ 874.056301][T20175] path_openat+0x208c/0x31a0 [ 874.056330][T20175] ? __pfx_path_openat+0x10/0x10 [ 874.056358][T20175] do_file_open+0x20e/0x430 [ 874.056381][T20175] ? __pfx_do_file_open+0x10/0x10 [ 874.056417][T20175] ? alloc_fd+0x476/0x790 [ 874.056449][T20175] ? do_getname+0x191/0x390 [ 874.056466][T20175] do_sys_openat2+0x10d/0x1e0 [ 874.056484][T20175] ? __pfx_do_sys_openat2+0x10/0x10 [ 874.056509][T20175] __x64_sys_openat+0x12d/0x210 [ 874.056527][T20175] ? __pfx___x64_sys_openat+0x10/0x10 [ 874.056552][T20175] do_syscall_64+0x106/0xf80 [ 874.056573][T20175] ? clear_bhb_loop+0x40/0x90 [ 874.056592][T20175] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 874.056609][T20175] RIP: 0033:0x7f842799bf79 [ 874.056622][T20175] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 874.056637][T20175] RSP: 002b:00007f84288d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 874.056652][T20175] RAX: ffffffffffffffda RBX: 00007f8427c15fa0 RCX: 00007f842799bf79 [ 874.056662][T20175] RDX: 00000000000c0202 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 874.056672][T20175] RBP: 00007f8427a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 874.056681][T20175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 874.056690][T20175] R13: 00007f8427c16038 R14: 00007f8427c15fa0 R15: 00007ffcbf396878 [ 874.056711][T20175] [ 874.056718][T20175] ERROR: Out of memory at tomoyo_realpath_from_path. [ 875.669331][T20193] [U] [ 875.672127][T20193] [U] [ 875.674793][T20193] [U] [ 875.677461][T20193] [U] [ 875.762773][T20193] [U] [ 875.765482][T20193] [U] [ 875.768153][T20193] [U] [ 875.770819][T20193] [U] [ 875.932854][T20193] [U] [ 875.935566][T20193] [U] [ 875.938232][T20193] [U] [ 875.940898][T20193] [U] [ 876.018490][T20193] [U] [ 876.021198][T20193] [U] [ 876.023865][T20193] [U] [ 876.026538][T20193] [U] [ 876.074292][T20193] [U] [ 876.076998][T20193] [U] [ 876.079665][T20193] [U] [ 876.082334][T20193] [U] [ 876.141032][T20193] [U] [ 876.143742][T20193] [U] [ 876.146413][T20193] [U] [ 876.149078][T20193] [U] [ 876.215639][T20193] [U] [ 876.218347][T20193] [U] [ 876.221016][T20193] [U] [ 876.223684][T20193] [U] [ 876.290650][T20193] [U] [ 876.293354][T20193] [U] [ 876.296019][T20193] [U] [ 876.298685][T20193] [U] [ 876.337200][T20193] [U] [ 876.339905][T20193] [U] [ 876.342573][T20193] [U] [ 876.345236][T20193] [U] [ 876.411684][T20193] [U] [ 876.414388][T20193] [U] [ 876.417055][T20193] [U] [ 876.419719][T20193] [U] [ 876.487759][T20193] [U] [ 876.531459][T20175] Process accounting paused [ 876.710620][T20208] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3118'. [ 877.305367][T20225] netlink: 376 bytes leftover after parsing attributes in process `syz.2.3122'. [ 878.680111][T20231] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 878.991312][T20253] syz_tun: tun_chr_ioctl cmd 2148553947 [ 879.263298][T20261] FAULT_INJECTION: forcing a failure. [ 879.263298][T20261] name failslab, interval 1, probability 0, space 0, times 0 [ 879.368814][T20261] CPU: 0 UID: 0 PID: 20261 Comm: syz.4.3130 Tainted: G U L syzkaller #0 PREEMPT(full) [ 879.368841][T20261] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 879.368846][T20261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 879.368856][T20261] Call Trace: [ 879.368862][T20261] [ 879.368869][T20261] dump_stack_lvl+0x100/0x190 [ 879.368895][T20261] should_fail_ex.cold+0x5/0xa [ 879.368913][T20261] should_failslab+0xc2/0x120 [ 879.368937][T20261] __kmalloc_cache_noprof+0x7a/0x6f0 [ 879.368953][T20261] ? vidtv_mux_create_pid_ctx_once.part.0+0x49/0x200 [ 879.368982][T20261] vidtv_mux_create_pid_ctx_once.part.0+0x49/0x200 [ 879.369008][T20261] vidtv_mux_init+0x8a6/0xbf0 [ 879.369038][T20261] vidtv_start_feed+0x33e/0x4c0 [ 879.369055][T20261] ? __pfx_vidtv_start_feed+0x10/0x10 [ 879.369073][T20261] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 879.369095][T20261] ? mark_held_locks+0x40/0x70 [ 879.369116][T20261] ? __pfx_vidtv_start_feed+0x10/0x10 [ 879.369132][T20261] dmx_ts_feed_start_filtering+0xf6/0x220 [ 879.369155][T20261] dvb_dmxdev_start_feed+0x273/0x3f0 [ 879.369173][T20261] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 879.369192][T20261] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 879.369211][T20261] dvb_demux_do_ioctl+0xe64/0x1200 [ 879.369234][T20261] dvb_usercopy+0x167/0x340 [ 879.369247][T20261] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 879.369265][T20261] ? __pfx_dvb_usercopy+0x10/0x10 [ 879.369287][T20261] ? __fget_files+0x21f/0x3d0 [ 879.369312][T20261] dvb_demux_ioctl+0x29/0x40 [ 879.369326][T20261] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 879.369341][T20261] __x64_sys_ioctl+0x18e/0x210 [ 879.369360][T20261] do_syscall_64+0x106/0xf80 [ 879.369381][T20261] ? clear_bhb_loop+0x40/0x90 [ 879.369400][T20261] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 879.369415][T20261] RIP: 0033:0x7fbd9e99bf79 [ 879.369429][T20261] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 879.369444][T20261] RSP: 002b:00007fbd9f81a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 879.369459][T20261] RAX: ffffffffffffffda RBX: 00007fbd9ec15fa0 RCX: 00007fbd9e99bf79 [ 879.369469][T20261] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 879.369479][T20261] RBP: 00007fbd9ea327e0 R08: 0000000000000000 R09: 0000000000000000 [ 879.369488][T20261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 879.369497][T20261] R13: 00007fbd9ec16038 R14: 00007fbd9ec15fa0 R15: 00007fff9ce804f8 [ 879.369519][T20261] [ 879.369622][ T5883] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI [ 879.628455][ T5883] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 879.636873][ T5883] CPU: 0 UID: 0 PID: 5883 Comm: kworker/0:5 Tainted: G U L syzkaller #0 PREEMPT(full) [ 879.647785][ T5883] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 879.652959][ T5883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 879.662997][ T5883] Workqueue: events vidtv_mux_tick [ 879.668098][ T5883] RIP: 0010:vidtv_psi_ts_psi_write_into+0x54a/0xbc0 [ 879.674674][ T5883] Code: 6c 61 dd f9 4c 8d 63 20 4c 89 e0 48 c1 e8 03 80 3c 28 00 0f 85 e8 04 00 00 48 8b 43 20 48 89 c2 48 89 c1 48 c1 ea 03 83 e1 07 <0f> b6 14 2a 38 ca 7f 08 84 d2 0f 85 19 05 00 00 0f b6 10 48 8b 7c [ 879.694258][ T5883] RSP: 0018:ffffc900042d73f8 EFLAGS: 00010202 [ 879.700301][ T5883] RAX: 0000000000000002 RBX: ffffc900042d7678 RCX: 0000000000000002 [ 879.708251][ T5883] RDX: 0000000000000000 RSI: ffffffff882a97b4 RDI: ffff88805b0f1e40 [ 879.716209][ T5883] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000 [ 879.724159][ T5883] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc900042d7698 [ 879.732110][ T5883] R13: 0000000000000178 R14: 0000000000000000 R15: 0000000000000008 [ 879.740056][ T5883] FS: 0000000000000000(0000) GS:ffff888124354000(0000) knlGS:0000000000000000 [ 879.748964][ T5883] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 879.755526][ T5883] CR2: 00007fbd9f7f8ff8 CR3: 00000000475fa000 CR4: 00000000003526f0 [ 879.763475][ T5883] Call Trace: [ 879.766734][ T5883] [ 879.769657][ T5883] ? __pfx_vidtv_psi_ts_psi_write_into+0x10/0x10 [ 879.775969][ T5883] vidtv_psi_pmt_write_into+0x3b2/0xa70 [ 879.781508][ T5883] ? __pfx_vidtv_psi_pmt_write_into+0x10/0x10 [ 879.787556][ T5883] ? vidtv_psi_pat_write_into+0x56a/0x690 [ 879.793254][ T5883] ? __pfx_vidtv_psi_pat_write_into+0x10/0x10 [ 879.799306][ T5883] ? __skb_to_sgvec+0x541/0xad0 [ 879.804140][ T5883] vidtv_mux_push_si+0x932/0xe80 [ 879.809065][ T5883] ? __pfx_vidtv_mux_push_si+0x10/0x10 [ 879.814513][ T5883] ? __pfx_vidtv_ts_pcr_write_into+0x10/0x10 [ 879.820504][ T5883] vidtv_mux_tick+0xe9b/0x1480 [ 879.825251][ T5883] ? __pick_eevdf+0x14c/0x440 [ 879.829915][ T5883] ? __lock_acquire+0x4a5/0x2630 [ 879.834851][ T5883] ? __pfx_vidtv_mux_tick+0x10/0x10 [ 879.840035][ T5883] ? __lock_acquire+0x4a5/0x2630 [ 879.844953][ T5883] ? debug_object_deactivate+0x2e4/0x3b0 [ 879.850566][ T5883] ? finish_task_switch.isra.0+0x200/0xb80 [ 879.856351][ T5883] ? rcu_is_watching+0x12/0xc0 [ 879.861103][ T5883] process_one_work+0x9d7/0x1920 [ 879.866027][ T5883] ? __pfx_process_one_work+0x10/0x10 [ 879.871384][ T5883] ? __pfx_vidtv_mux_tick+0x10/0x10 [ 879.876564][ T5883] worker_thread+0x5da/0xe40 [ 879.881142][ T5883] ? kthread+0x13a/0x450 [ 879.885365][ T5883] ? __pfx_worker_thread+0x10/0x10 [ 879.890459][ T5883] kthread+0x370/0x450 [ 879.894507][ T5883] ? __pfx_kthread+0x10/0x10 [ 879.899116][ T5883] ret_from_fork+0x754/0xd80 [ 879.903690][ T5883] ? __pfx_ret_from_fork+0x10/0x10 [ 879.908795][ T5883] ? __switch_to+0x7b4/0x1120 [ 879.913466][ T5883] ? __pfx_kthread+0x10/0x10 [ 879.918037][ T5883] ret_from_fork_asm+0x1a/0x30 [ 879.922783][ T5883] [ 879.925780][ T5883] Modules linked in: [ 879.930824][ T5883] ---[ end trace 0000000000000000 ]--- [ 880.772661][T20234] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input35 [ 881.785816][ T5883] RIP: 0010:vidtv_psi_ts_psi_write_into+0x54a/0xbc0 [ 881.807693][ T5883] Code: 6c 61 dd f9 4c 8d 63 20 4c 89 e0 48 c1 e8 03 80 3c 28 00 0f 85 e8 04 00 00 48 8b 43 20 48 89 c2 48 89 c1 48 c1 ea 03 83 e1 07 <0f> b6 14 2a 38 ca 7f 08 84 d2 0f 85 19 05 00 00 0f b6 10 48 8b 7c [ 881.871623][ T5883] RSP: 0018:ffffc900042d73f8 EFLAGS: 00010202 [ 881.892457][ T5883] RAX: 0000000000000002 RBX: ffffc900042d7678 RCX: 0000000000000002 [ 881.920641][ T5883] RDX: 0000000000000000 RSI: ffffffff882a97b4 RDI: ffff88805b0f1e40 [ 881.947281][ T5883] RBP: dffffc0000000000 R08: 0000000000000005 R09: 0000000000000000 [ 881.970435][ T5883] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc900042d7698 [ 881.996094][ T5883] R13: 0000000000000178 R14: 0000000000000000 R15: 0000000000000008 [ 882.024142][ T5883] FS: 0000000000000000(0000) GS:ffff888124354000(0000) knlGS:0000000000000000 [ 882.051427][ T5883] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 882.071071][ T5883] CR2: 00007fc5ca1e7198 CR3: 0000000046b76000 CR4: 00000000003526f0 [ 882.095673][ T5883] Kernel panic - not syncing: Fatal exception [ 882.101782][ T5883] Kernel Offset: disabled [ 882.106089][ T5883] Rebooting in 86400 seconds..