last executing test programs: 2m34.537647384s ago: executing program 0 (id=564): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = getpid() mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x29, 0x1, 0x8001) bind$auto(0x3, 0x0, 0x6b) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000080), 0x20002, 0x0) ioctl$auto_TUNSETOWNER(r2, 0x400454cc, &(0x7f0000000100)=0x8001) process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0x20000001005}, 0x1, &(0x7f0000000040)={&(0x7f0000000080), 0xffffffff}, 0x4, 0x0) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r0, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x14, 0x0, 0x1, 0x70bd26, 0x25dfdbf4}, 0x14}, 0x1, 0x0, 0x0, 0x20040805}, 0x4000040) 2m34.23973916s ago: executing program 0 (id=566): openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f0000000000)=ANY=[@ANYRESOCT], 0x44}}, 0x4044000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macsec0\x00'}) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff038}}) write$auto(0xffffffffffffffff, 0x0, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r2, 0x8946, 0x24) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socketcall$auto_SYS_SOCKET(0x1, &(0x7f0000000100)=0x1) r4 = openat2$auto(r3, &(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000040)={0x5, 0x4b, 0x4}, 0x8) mmap$auto(0x0, 0xaaf, 0x4000000000df, 0x40000000000eb1, r4, 0x8000) socket(0x2, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(r0, 0x0, 0x6) 2m32.94284878s ago: executing program 0 (id=572): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) r1 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000440), 0x20100, 0x0) ioctl$auto_LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$auto_LOOP_CTL_GET_FREE(r1, 0x4c82, 0x0) r2 = epoll_create$auto(0x4) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video48\x00', 0x18a041, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), r4) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r5 = socket(0x29, 0x2, 0x0) getsockopt$auto(r5, 0x119, 0x1, 0x0, 0x0) epoll_ctl$auto(r2, 0x1, r3, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/hid/drivers/hid-retrode/bind\x00', 0x32000, 0x0) write$auto(r2, &(0x7f00000000c0)=',\x00', 0xfffffffffffffffe) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0xc7f16bff2a10ba01, 0x0) r6 = socket(0x1e, 0x2, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) getsockopt$auto(r6, 0x10f, 0x83, 0x0, 0x0) ioctl$auto_OTPGETREGIONINFO(r2, 0x400c4d0f, &(0x7f0000000000)={0x9, 0x0, 0x56b}) read$auto(r0, 0x0, 0x20) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3) sysfs$auto(0x2, 0x8000000000000001, 0xffffffffffffffff) r7 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r7, 0x0, 0x4) 2m32.549180624s ago: executing program 0 (id=583): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) r1 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000440), 0x20100, 0x0) ioctl$auto_LOOP_CTL_REMOVE(r1, 0x4c81, 0x0) ioctl$auto_LOOP_CTL_GET_FREE(r1, 0x4c82, 0x0) r2 = epoll_create$auto(0x4) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video48\x00', 0x18a041, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), r4) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r5 = socket(0x29, 0x2, 0x0) getsockopt$auto(r5, 0x119, 0x1, 0x0, 0x0) epoll_ctl$auto(r2, 0x1, r3, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/hid/drivers/hid-retrode/bind\x00', 0x32000, 0x0) write$auto(r2, &(0x7f00000000c0)=',\x00', 0xfffffffffffffffe) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0xc7f16bff2a10ba01, 0x0) r6 = socket(0x1e, 0x2, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) getsockopt$auto(r6, 0x10f, 0x83, 0x0, 0x0) ioctl$auto_OTPGETREGIONINFO(r2, 0x400c4d0f, &(0x7f0000000000)={0x9, 0x0, 0x56b}) read$auto(r0, 0x0, 0x20) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3) sysfs$auto(0x2, 0x8000000000000001, 0xffffffffffffffff) r7 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r7, 0x0, 0x4) 2m32.035408848s ago: executing program 0 (id=585): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0xf000, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) timer_create$auto(0x9, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe) write$auto(r1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) timer_settime$auto(0x0, 0xd80, &(0x7f0000000040)={{0x40000000000026b, 0x4}, {0x0, 0x83}}, 0x0) timer_gettime$auto(0x0, &(0x7f0000000080)={{0x5, 0x8}, {0x7f, 0x10000}}) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x4a42, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0xf3ff) mmap$auto(0x1000000000, 0x100000400008, 0x1000000000000df, 0x4000009b73, r2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x2c, 0x0, 0x800, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_TDLS_SUPPORT={0x4}, @NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x2}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x4e23}, @NL80211_ATTR_USE_RRM={0x4}]}, 0x2c}}, 0x20000041) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/rpc/auth.rpcsec.init/channel\x00', 0x1cb842, 0x0) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @link_local}, 0x6a) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x40080, 0x0) acct$auto(&(0x7f0000000380)='\xb1,$#\x9b-&};)(\x00') select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1, 0x4, 0x3, 0x3, 0x2000000000006, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x3, 0x6d3c, 0xffffffffffffffff, 0x2, 0x8000000000000006]}, 0x0) 2m30.522798015s ago: executing program 0 (id=581): r0 = socket(0x10, 0x2, 0x1) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYRES8], 0x14}, 0x1, 0x0, 0x0, 0x20000045}, 0x80) write$auto(r0, &(0x7f0000000100)='\x00', 0xfffffffffffffffa) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.7/usb8/remove\x00', 0xa001, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x13) mbind$auto(0x2002, 0x8e, 0x4, 0x0, 0x6, 0x2) r2 = fsopen$auto(0x0, 0x1) fsconfig$auto_SHMEM_HUGE_NEVER(r2, 0x1, &(0x7f0000000000)='-\x00', &(0x7f0000000040), 0x0) setrlimit$auto(0x7ffb, 0x0) close_range$auto(r1, r2, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8003) prctl$auto(0x3e, 0x1, 0x0, 0x4001, 0x0) r3 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read$auto_mISDN_fops_timerdev(0xffffffffffffffff, &(0x7f00000009c0)=""/4098, 0x1002) ioctl$auto_IMADDTIMER(r3, 0x80044940, 0x0) syz_clone3(&(0x7f0000000340)={0x220000, 0x0, 0x0, 0x0, {0x3d}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r4, 0x0, 0x39b8) unshare$auto(0x40000080) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x4, 0x0, 0x2, 0x2) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2c, 0x1, 0x0) listen$auto(0x3, 0x81) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 2m15.437915608s ago: executing program 32 (id=581): r0 = socket(0x10, 0x2, 0x1) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYRES8], 0x14}, 0x1, 0x0, 0x0, 0x20000045}, 0x80) write$auto(r0, &(0x7f0000000100)='\x00', 0xfffffffffffffffa) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.7/usb8/remove\x00', 0xa001, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x13) mbind$auto(0x2002, 0x8e, 0x4, 0x0, 0x6, 0x2) r2 = fsopen$auto(0x0, 0x1) fsconfig$auto_SHMEM_HUGE_NEVER(r2, 0x1, &(0x7f0000000000)='-\x00', &(0x7f0000000040), 0x0) setrlimit$auto(0x7ffb, 0x0) close_range$auto(r1, r2, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8003) prctl$auto(0x3e, 0x1, 0x0, 0x4001, 0x0) r3 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read$auto_mISDN_fops_timerdev(0xffffffffffffffff, &(0x7f00000009c0)=""/4098, 0x1002) ioctl$auto_IMADDTIMER(r3, 0x80044940, 0x0) syz_clone3(&(0x7f0000000340)={0x220000, 0x0, 0x0, 0x0, {0x3d}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r4, 0x0, 0x39b8) unshare$auto(0x40000080) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x4, 0x0, 0x2, 0x2) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2c, 0x1, 0x0) listen$auto(0x3, 0x81) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 7.98027588s ago: executing program 1 (id=1065): mmap$auto(0x0, 0x400009, 0xc, 0x9b72, 0x8000000000000003, 0x8000) socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_SET_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000009d0dcb4bb756f7ed2d68310e4fb5fd15dc9a9d34dec012832a3c5b2aa0f21bdd551bf2b20df4958960de8949eb6c86fcad92c6df113e2aebdd3943f89dc8c7bff1736bff57d79c3927762dcce7b2d5ef064b35168e41a8d240b2f9c1902a3d66291a183313b793f8dc63ebdd89e9eea25eca29f9ca4d5bfc0baf407b11e524db702fee50cfa726518c8404553b6494a1602e80c5005efa6cb461372c298d44879f59cb1cbfafb7bc0b9be6d03008ae8c7da04806d97d3a0df2dbb7417247db650e9787ab8e2ca7e914", @ANYRES16=r1, @ANYBLOB="01002abd7000fbdbdf250c000000080005009be3000008000400000000"], 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) wait4$auto(0x0, 0x0, 0xf, &(0x7f0000000140)={{0x2599}, {0xffffffffffffffff, 0x1000000009}, 0x2, 0x800080000001, 0x1, 0x1000, 0x5, 0x7, 0x5, 0x5, 0xb11c, 0x8, 0xfffffffffffffffd, 0xfffffffffffffeff, 0xffff, 0x801c0000003}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a07000000000000000e00000a0001"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000003b40)={'veth0_to_hsr\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r4], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40001) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r5 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x49402, 0x0) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x10080, 0x0) read$auto(r5, 0x0, 0x9a28) openat$auto_rfcomm_dlc_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x101201, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages_mempolicy\x00', 0xa001, 0x0) write$auto(r7, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) preadv$auto(0xffffffffffffffff, 0x0, 0x8, 0x6, 0x9f4b) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptye4\x00', 0x763100, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) memfd_secret$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty16\x00', 0x0, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) 7.055043584s ago: executing program 3 (id=1067): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyz7\x00', 0x48f41, 0x0) ioctl$auto(0x3, 0x402c542d, r0) write$auto(0x3, 0x0, 0xfffffdef) 6.941349358s ago: executing program 1 (id=1068): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x3b7742, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x101000, 0x0) write$auto(r3, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) syz_genetlink_get_family_id$auto_nl80211(0x0, r2) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x3, 0x2}) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080)) write$auto(0xffffffffffffffff, &(0x7f0000000100)='d>*\xd2x\xc7\xbf\xff\x9a\xc01(\x00iM\x9c\bAa\x9e\xe98\xee\x15\xd3\xc5v\x99\f|\xe3\xbf\xd9\xf4C\x14A\xe6k\x105\xee\xc5\xaa$\x16\t?g\xb8b\x12\v*\xf9@B\xd0\xd2\x99{\x8b^\xff@\x83\x02Tvt\xc1_\x98\x9f\x16\xd5Is', 0x100000a3da) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) mknod$auto(0x0, 0x20e9, 0x103) unshare$auto(0x20000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x8, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) 6.034250345s ago: executing program 2 (id=1070): bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x10001, 0x8, 0xc, 0xffffffffffffffff, 0x9, 0x7ff}, 0xee) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_generic(0xffffffffffffff9c, 0x0, 0x301483, 0x0) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, 0x0, 0x100000a3d9) socket(0x2b, 0x5, 0xfffffffd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto_F_NOTIFY(0xffffffffffffffff, 0x402, 0x9000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/can/rcvlist_all\x00', 0x2080, 0x0) pipe$auto(&(0x7f0000001480)=0xffffffffffffffff) vmsplice$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x5, 0x1) vmsplice$auto(0x4, &(0x7f0000000040)={0x0, 0x2}, 0x2, 0x5) 5.935843558s ago: executing program 3 (id=1071): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socket(0x11, 0x3, 0x2) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyz7\x00', 0x48f41, 0x0) ioctl$auto(0x3, 0x402c542d, r0) write$auto(0x3, 0x0, 0xfffffdef) 5.494015216s ago: executing program 4 (id=1072): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) prctl$auto(0x23, 0x2, 0x7fffffffefff, 0x0, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000053b6"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0x10, 0x2, 0x0) r2 = semctl$auto(0x1ff, 0x2, 0x13, 0x1) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x60000, 0x0) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x401000}, 0x8) r4 = getpgid(0xffffffffffffffff) r5 = getpid() tgkill$auto(r4, r5, 0x100) kcmp$auto(r4, r2, 0x1, r1, r3) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) lchown$auto(&(0x7f0000000080)='./file0\x00', 0xee01, 0xee00) write$auto(0x3, 0x0, 0x100082) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r7 = openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f00000000c0)) ioctl$auto(0xffffffffffffffff, 0x800064d1, 0xffffffffffffffff) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) swapoff$auto(0x0) shmctl$auto_IPC_INFO(0x5, 0x3, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) 4.961586035s ago: executing program 2 (id=1073): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000600)={{&(0x7f0000000400)="5cdd59f1a68d086a02a2cc1399c7b3f7410eb36cfbec7e7224eaf6de379d09771080b197b8057225ffa98bc9a7bd53a5aee9a2d48d74d149c199be3009d2d61af64942e106e9b586aabcd7ae4de8a0e87e02af7f6af674c2fc8d8a8a78916f9c23e6b8a8be7141ae87f2996f079bfcbadc2ef4a6a3e894ba7dd3d9f11bd4d05558df32f9eeb4fda5e29576787e2ced58e35355c37e1ff8a11d36a067d362a37323c582eee83ea4cc9e7f", 0x6, &(0x7f0000000540)={&(0x7f00000004c0)="35a4988620ed7f4ab66aa8948d2c0530bb25f6057ba29add8bbc1d2db5f8682804b365a0d809d366e189194941627ddf76d73565a6133f661519a99780edab37135a9058cfbea6f19ec9ad30287159ec1c6afd59583911a5239ff895b0871d32f098c6cfdef0b944fe4659694d8716"}, 0x2, &(0x7f0000000580)="6ea0838008f497d022b78e5e7eb7c80c499b948523cfff8c50f12ebc124c316e0b644f39bb8b55a743fb004e0ed1aec82d0b82794ab3801ad7705749f562a3d87256f1ec7ebea9a0fd16decd422f095cc3abfc2c4e7fcc9916d6a7139c731bdeed", 0x4, 0xc7b}, 0xfffffffe}, 0x6, 0x2) 4.849343399s ago: executing program 3 (id=1074): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)={0x14, r1, 0x1, 0x70bd31, 0x25dfdbfd}, 0x14}}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd) fanotify_init$auto(0x65, 0x2) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)={0x26c, 0x0, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_KEY_DATA={0x15, 0x7, "f6ff64389b62872b26f97bc80d052696ab"}, @NL80211_ATTR_MESH_ID={0x22, 0x18, "3eed9b1465d94ee937d70efbcdd93f95cb35b0d61936ae811703d63b6d71"}, @NL80211_ATTR_SAR_SPEC={0x208, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS={0x124, 0x2, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x1}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xa}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x2}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x1}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x48}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x6}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xd}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x401}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x200}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1000}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xfffffffd}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xffff1e6d}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x452}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7f}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x2}]}, {0x4}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xbb02}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xb19}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x20}]}]}, @NL80211_SAR_ATTR_SPECS={0xe0, 0x2, 0x0, 0x1, [{0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x497819ce}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x100}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xc59b}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x18}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x4}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7ff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xc6000000}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}]}, {0x34, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x20000}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7fff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xd}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x5}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7fff}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x100}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x5}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xfff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x6}]}]}]}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x3}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x4}, @NL80211_ATTR_TDLS_EXTERNAL_SETUP={0x4}]}, 0x26c}, 0x1, 0x0, 0x0, 0x24040081}, 0x40094) r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, 0x0, 0x80200, 0x0) pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\xf4\x00'/21, 0x100000002, 0x100000001) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0) r3 = prctl$auto(0x42, 0x0, 0x0, 0x1, 0x0) ioctl$auto_BLKROSET(r3, 0x125d, 0x0) mmap$auto(0xfffffffffffffffc, 0x40009, 0xdf, 0x9b72, r2, 0xfffffffffffffc01) madvise$auto(0x6, 0x1, 0x7fffffff) 4.753433262s ago: executing program 4 (id=1075): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x3b7742, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x101000, 0x0) write$auto(r3, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) syz_genetlink_get_family_id$auto_nl80211(0x0, r2) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x3, 0x2}) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080)) write$auto(0xffffffffffffffff, &(0x7f0000000100)='d>*\xd2x\xc7\xbf\xff\x9a\xc01(\x00iM\x9c\bAa\x9e\xe98\xee\x15\xd3\xc5v\x99\f|\xe3\xbf\xd9\xf4C\x14A\xe6k\x105\xee\xc5\xaa$\x16\t?g\xb8b\x12\v*\xf9@B\xd0\xd2\x99{\x8b^\xff@\x83\x02Tvt\xc1_\x98\x9f\x16\xd5Is', 0x100000a3da) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) mknod$auto(0x0, 0x20e9, 0x103) unshare$auto(0x20000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x8, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) 4.598843476s ago: executing program 1 (id=1076): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macsec0\x00'}) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff038}}) write$auto(r0, 0x0, 0x6) 4.049703215s ago: executing program 2 (id=1077): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000600)={{&(0x7f0000000400)="5cdd59f1a68d086a02a2cc1399c7b3f7410eb36cfbec7e7224eaf6de379d09771080b197b8057225ffa98bc9a7bd53a5aee9a2d48d74d149c199be3009d2d61af64942e106e9b586aabcd7ae4de8a0e87e02af7f6af674c2fc8d8a8a78916f9c23e6b8a8be7141ae87f2996f079bfcbadc2ef4a6a3e894ba7dd3d9f11bd4d05558df32f9eeb4fda5e29576787e2ced58e35355c37e1ff8a11d36a067d362a37323c582eee83ea4cc9e7f", 0x6, &(0x7f0000000540)={&(0x7f00000004c0)="35a4988620ed7f4ab66aa8948d2c0530bb25f6057ba29add8bbc1d2db5f8682804b365a0d809d366e189194941627ddf76d73565a6133f661519a99780edab37135a9058cfbea6f19ec9ad30287159ec1c6afd59583911a5239ff895b0871d32f098c6cfdef0b944fe4659694d8716"}, 0x2, &(0x7f0000000580)="6ea0838008f497d022b78e5e7eb7c80c499b948523cfff8c50f12ebc124c316e0b644f39bb8b55a743fb004e0ed1aec82d0b82794ab3801ad7705749f562a3d87256f1ec7ebea9a0fd16decd422f095cc3abfc2c4e7fcc9916d6a7139c731bdeed", 0x4, 0xc7b}, 0xfffffffe}, 0x6, 0x2) 4.005872007s ago: executing program 1 (id=1078): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = getpid() mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) ioctl$auto_TUNSETOWNER(0xffffffffffffffff, 0x400454cc, 0x0) process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0x20000001005}, 0x1, &(0x7f0000000040)={&(0x7f0000000080), 0xffffffff}, 0x4, 0x0) timer_create$auto_CLOCK_BOOTTIME(0x7, 0x0, 0x0) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r0, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x14, 0x0, 0x1, 0x70bd26, 0x25dfdbf4}, 0x14}, 0x1, 0x0, 0x0, 0x20040805}, 0x4000040) 3.779832408s ago: executing program 1 (id=1079): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x3b7742, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x101000, 0x0) write$auto(r3, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) syz_genetlink_get_family_id$auto_nl80211(0x0, r2) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x3, 0x2}) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080)) write$auto(0xffffffffffffffff, &(0x7f0000000100)='d>*\xd2x\xc7\xbf\xff\x9a\xc01(\x00iM\x9c\bAa\x9e\xe98\xee\x15\xd3\xc5v\x99\f|\xe3\xbf\xd9\xf4C\x14A\xe6k\x105\xee\xc5\xaa$\x16\t?g\xb8b\x12\v*\xf9@B\xd0\xd2\x99{\x8b^\xff@\x83\x02Tvt\xc1_\x98\x9f\x16\xd5Is', 0x100000a3da) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) mknod$auto(0x0, 0x20e9, 0x103) unshare$auto(0x20000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) 3.049962413s ago: executing program 2 (id=1080): socket(0x2, 0x3, 0xa) socket(0x11, 0x3, 0x2) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyz7\x00', 0x48f41, 0x0) ioctl$auto(0x3, 0x402c542d, r0) write$auto(0x3, 0x0, 0xfffffdef) 3.041345811s ago: executing program 3 (id=1081): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x3b7742, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x101000, 0x0) write$auto(r3, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) syz_genetlink_get_family_id$auto_nl80211(0x0, r2) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) 2.830814421s ago: executing program 4 (id=1082): bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x10001, 0x8, 0xc, 0xffffffffffffffff, 0x9, 0x7ff}, 0xee) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_generic(0xffffffffffffff9c, 0x0, 0x301483, 0x0) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, 0x0, 0x100000a3d9) socket(0x2b, 0x5, 0xfffffffd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto_F_NOTIFY(0xffffffffffffffff, 0x402, 0x9000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/can/rcvlist_all\x00', 0x2080, 0x0) pipe$auto(&(0x7f0000001480)=0xffffffffffffffff) vmsplice$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x5, 0x1) vmsplice$auto(0x4, &(0x7f0000000040)={0x0, 0x2}, 0x2, 0x5) 2.179799397s ago: executing program 4 (id=1083): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000600)={{&(0x7f0000000400)="5cdd59f1a68d086a02a2cc1399c7b3f7410eb36cfbec7e7224eaf6de379d09771080b197b8057225ffa98bc9a7bd53a5aee9a2d48d74d149c199be3009d2d61af64942e106e9b586aabcd7ae4de8a0e87e02af7f6af674c2fc8d8a8a78916f9c23e6b8a8be7141ae87f2996f079bfcbadc2ef4a6a3e894ba7dd3d9f11bd4d05558df32f9eeb4fda5e29576787e2ced58e35355c37e1ff8a11d36a067d362a37323c582eee83ea4cc9e7f", 0x6, &(0x7f0000000540)={&(0x7f00000004c0)="35a4988620ed7f4ab66aa8948d2c0530bb25f6057ba29add8bbc1d2db5f8682804b365a0d809d366e189194941627ddf76d73565a6133f661519a99780edab37135a9058cfbea6f19ec9ad30287159ec1c6afd59583911a5239ff895b0871d32f098c6cfdef0b944fe4659694d8716"}, 0x2, &(0x7f0000000580)="6ea0838008f497d022b78e5e7eb7c80c499b948523cfff8c50f12ebc124c316e0b644f39bb8b55a743fb004e0ed1aec82d0b82794ab3801ad7705749f562a3d87256f1ec7ebea9a0fd16decd422f095cc3abfc2c4e7fcc9916d6a7139c731bdeed", 0x4, 0xc7b}, 0xfffffffe}, 0x6, 0x2) 1.992746169s ago: executing program 2 (id=1084): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) prctl$auto(0x23, 0x2, 0x7fffffffefff, 0x0, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000053b6"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0x10, 0x2, 0x0) semctl$auto(0x1ff, 0x2, 0x13, 0x1) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x60000, 0x0) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x401000}, 0x8) r2 = getpgid(0xffffffffffffffff) r3 = getpid() tgkill$auto(r2, r3, 0x100) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r1, 0x1, &(0x7f00000002c0)) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) lchown$auto(&(0x7f0000000080)='./file0\x00', 0xee01, 0xee00) write$auto(0x3, 0x0, 0x100082) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r5, 0x0, &(0x7f00000000c0)) ioctl$auto(0xffffffffffffffff, 0x800064d1, 0xffffffffffffffff) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) swapoff$auto(0x0) shmctl$auto_IPC_INFO(0x5, 0x3, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) 1.53241588s ago: executing program 3 (id=1085): bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x10001, 0x8, 0xc, 0xffffffffffffffff, 0x9, 0x7ff}, 0xee) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_generic(0xffffffffffffff9c, 0x0, 0x301483, 0x0) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x5, 0xfffffffd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto_F_NOTIFY(0xffffffffffffffff, 0x402, 0x9000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/can/rcvlist_all\x00', 0x2080, 0x0) pipe$auto(&(0x7f0000001480)=0xffffffffffffffff) vmsplice$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x5, 0x1) vmsplice$auto(0x4, &(0x7f0000000040)={0x0, 0x2}, 0x2, 0x5) 1.401533877s ago: executing program 4 (id=1086): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000600)={{&(0x7f0000000400)="5cdd59f1a68d086a02a2cc1399c7b3f7410eb36cfbec7e7224eaf6de379d09771080b197b8057225ffa98bc9a7bd53a5aee9a2d48d74d149c199be3009d2d61af64942e106e9b586aabcd7ae4de8a0e87e02af7f6af674c2fc8d8a8a78916f9c23e6b8a8be7141ae87f2996f079bfcbadc2ef4a6a3e894ba7dd3d9f11bd4d05558df32f9eeb4fda5e29576787e2ced58e35355c37e1ff8a11d36a067d362a37323c582eee83ea4cc9e7f", 0x6, &(0x7f0000000540)={&(0x7f00000004c0)="35a4988620ed7f4ab66aa8948d2c0530bb25f6057ba29add8bbc1d2db5f8682804b365a0d809d366e189194941627ddf76d73565a6133f661519a99780edab37135a9058cfbea6f19ec9ad30287159ec1c6afd59583911a5239ff895b0871d32f098c6cfdef0b944fe4659694d8716"}, 0x2, &(0x7f0000000580)="6ea0838008f497d022b78e5e7eb7c80c499b948523cfff8c50f12ebc124c316e0b644f39bb8b55a743fb004e0ed1aec82d0b82794ab3801ad7705749f562a3d87256f1ec7ebea9a0fd16decd422f095cc3abfc2c4e7fcc9916d6a7139c731bdeed", 0x4, 0xc7b}, 0xfffffffe}, 0x6, 0x2) 1.32877605s ago: executing program 1 (id=1087): mmap$auto(0x0, 0x400009, 0xc, 0x9b72, 0x8000000000000003, 0x8000) socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_SET_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000009d0dcb4bb756f7ed2d68310e4fb5fd15dc9a9d34dec012832a3c5b2aa0f21bdd551bf2b20df4958960de8949eb6c86fcad92c6df113e2aebdd3943f89dc8c7bff1736bff57d79c3927762dcce7b2d5ef064b35168e41a8d240b2f9c1902a3d66291a183313b793f8dc63ebdd89e9eea25eca29f9ca4d5bfc0baf407b11e524db702fee50cfa726518c8404553b6494a1602e80c5005efa6cb461372c298d44879f59cb1cbfafb7bc0b9be6d03008ae8c7da04806d97d3a0df2dbb7417247db650e9787ab8e2ca7e914", @ANYBLOB="01002abd7000fbdbdf250c000000080005009be300000800040000000000"], 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) wait4$auto(0x0, 0x0, 0xf, &(0x7f0000000140)={{0x2599}, {0xffffffffffffffff, 0x1000000009}, 0x2, 0x800080000001, 0x1, 0x1000, 0x5, 0x7, 0x5, 0x5, 0xb11c, 0x8, 0xfffffffffffffffd, 0xfffffffffffffeff, 0xffff, 0x801c0000003}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a07000000000000000e00000a0001"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000003b40)={'veth0_to_hsr\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r3], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40001) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x49402, 0x0) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x10080, 0x0) read$auto(r4, 0x0, 0x9a28) openat$auto_rfcomm_dlc_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x101201, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages_mempolicy\x00', 0xa001, 0x0) write$auto(r6, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) preadv$auto(0xffffffffffffffff, 0x0, 0x8, 0x6, 0x9f4b) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptye4\x00', 0x763100, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) memfd_secret$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty16\x00', 0x0, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) 84.408903ms ago: executing program 4 (id=1088): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x3b7742, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x101000, 0x0) write$auto(r3, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) syz_genetlink_get_family_id$auto_nl80211(0x0, r2) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) 1.562133ms ago: executing program 3 (id=1089): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socket(0x11, 0x3, 0x2) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyz7\x00', 0x48f41, 0x0) ioctl$auto(0x3, 0x402c542d, r0) write$auto(0x3, 0x0, 0xfffffdef) 0s ago: executing program 2 (id=1097): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000600)={{&(0x7f0000000400)="5cdd59f1a68d086a02a2cc1399c7b3f7410eb36cfbec7e7224eaf6de379d09771080b197b8057225ffa98bc9a7bd53a5aee9a2d48d74d149c199be3009d2d61af64942e106e9b586aabcd7ae4de8a0e87e02af7f6af674c2fc8d8a8a78916f9c23e6b8a8be7141ae87f2996f079bfcbadc2ef4a6a3e894ba7dd3d9f11bd4d05558df32f9eeb4fda5e29576787e2ced58e35355c37e1ff8a11d36a067d362a37323c582eee83ea4cc9e7f", 0x6, &(0x7f0000000540)={&(0x7f00000004c0)="35a4988620ed7f4ab66aa8948d2c0530bb25f6057ba29add8bbc1d2db5f8682804b365a0d809d366e189194941627ddf76d73565a6133f661519a99780edab37135a9058cfbea6f19ec9ad30287159ec1c6afd59583911a5239ff895b0871d32f098c6cfdef0b944fe4659694d8716"}, 0x2, &(0x7f0000000580)="6ea0838008f497d022b78e5e7eb7c80c499b948523cfff8c50f12ebc124c316e0b644f39bb8b55a743fb004e0ed1aec82d0b82794ab3801ad7705749f562a3d87256f1ec7ebea9a0fd16decd422f095cc3abfc2c4e7fcc9916d6a7139c731bdeed", 0x4, 0xc7b}, 0xfffffffe}, 0x6, 0x2) kernel console output (not intermixed with test programs): 03.448685][ T8963] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 403.486203][ T8864] veth0_macvtap: entered promiscuous mode [ 403.506143][ T8979] zswap: compressor not available [ 403.506145][ T8963] Node 0 [ 403.517079][ T8963] DMA32: 5147*4kB (UME) 2604*8kB (UME) 1198*16kB (UME) 577*32kB (UME) 400*64kB (ME) 276*128kB (UME) 246*256kB (UM) 142*512kB (UME) 57*1024kB (UM) 1*2048kB (U) 224*4096kB (M) = 1253580kB [ 403.550685][ T8864] veth1_macvtap: entered promiscuous mode [ 403.582733][ T8963] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 403.605743][ T8864] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 403.625517][ T8864] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 403.648975][ T8963] Node 1 Normal: 1*4kB (M) 2*8kB (UM) 2*16kB (UM) 1*32kB (M) 2*64kB (UM) 3*128kB (UM) 2*256kB (M) 3*512kB (UM) 2*1024kB (UM) 1*2048kB (M) 960*4096kB (M) = 3938900kB [ 403.679137][ T8963] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 403.689899][ T8963] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 403.703372][ T8404] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 403.717494][ T8404] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 403.726507][ T8963] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 403.744533][ T8963] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 403.756323][ T8404] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 403.765372][ T8404] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 403.775501][ T8963] 58219 total pagecache pages [ 403.784053][ T8963] 0 pages in swap cache [ 403.788414][ T8963] Free swap = 124996kB [ 403.793488][ T8963] Total swap = 124996kB [ 403.797690][ T8963] 2097051 pages RAM [ 403.802024][ T8963] 0 pages HighMem/MovableOnly [ 403.808172][ T8963] 430825 pages reserved [ 403.816787][ T8963] 0 pages cma reserved [ 403.858674][ T8963] tty tty16: ldisc open failed (-12), clearing slot 15 [ 404.489715][ T8402] Bluetooth: hci4: command tx timeout [ 404.730233][ T8359] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 404.738644][ T8359] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 404.963414][ T8359] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 404.975051][ T8359] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 405.521747][ T9014] program syz.4.640 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 407.229666][ T9039] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input10 [ 407.759833][ T9050] netlink: 334 bytes leftover after parsing attributes in process `syz.3.674'. [ 407.782318][ T9050] FAULT_INJECTION: forcing a failure. [ 407.782318][ T9050] name failslab, interval 1, probability 0, space 0, times 0 [ 407.798707][ T9050] CPU: 1 UID: 0 PID: 9050 Comm: syz.3.674 Tainted: G L syzkaller #0 PREEMPT(full) [ 407.798758][ T9050] Tainted: [L]=SOFTLOCKUP [ 407.798769][ T9050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 407.798789][ T9050] Call Trace: [ 407.798799][ T9050] [ 407.798812][ T9050] dump_stack_lvl+0x100/0x190 [ 407.798867][ T9050] should_fail_ex.cold+0x5/0xa [ 407.798907][ T9050] should_failslab+0xc2/0x120 [ 407.798943][ T9050] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 407.799022][ T9050] ? alloc_vmap_area+0x640/0x2bd0 [ 407.799066][ T9050] alloc_vmap_area+0x640/0x2bd0 [ 407.799120][ T9050] ? __pfx_alloc_vmap_area+0x10/0x10 [ 407.799187][ T9050] __get_vm_area_node+0x1ca/0x330 [ 407.799237][ T9050] __vmalloc_node_range_noprof+0x213/0x1530 [ 407.799283][ T9050] ? n_tty_open+0x1a/0x170 [ 407.799330][ T9050] ? look_up_lock_class+0x64/0x120 [ 407.799385][ T9050] ? n_tty_open+0x1a/0x170 [ 407.799428][ T9050] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 407.799473][ T9050] ? __ldsem_down_write_nested+0xfd/0x830 [ 407.799506][ T9050] ? __ldsem_down_write_nested+0x10e/0x830 [ 407.799538][ T9050] ? is_console_locked+0x9/0x20 [ 407.799584][ T9050] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 407.799624][ T9050] ? n_tty_open+0x1a/0x170 [ 407.799654][ T9050] __vmalloc_node_noprof+0xad/0xf0 [ 407.799705][ T9050] ? n_tty_open+0x1a/0x170 [ 407.799739][ T9050] ? __pfx_n_tty_open+0x10/0x10 [ 407.799771][ T9050] n_tty_open+0x1a/0x170 [ 407.799804][ T9050] tty_ldisc_open+0xa2/0x120 [ 407.799848][ T9050] tty_ldisc_setup+0x40/0xf0 [ 407.799895][ T9050] tty_init_dev.part.0+0x1b5/0x470 [ 407.799953][ T9050] tty_open+0xa63/0xfa0 [ 407.800019][ T9050] ? __pfx_tty_open+0x10/0x10 [ 407.800069][ T9050] ? chrdev_open+0x10b/0x6a0 [ 407.800102][ T9050] ? chrdev_open+0x10b/0x6a0 [ 407.800143][ T9050] ? __pfx_tty_open+0x10/0x10 [ 407.800194][ T9050] chrdev_open+0x234/0x6a0 [ 407.800227][ T9050] ? __pfx_apparmor_file_open+0x10/0x10 [ 407.800284][ T9050] ? __pfx_chrdev_open+0x10/0x10 [ 407.800321][ T9050] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 407.800368][ T9050] do_dentry_open+0x6d8/0x1660 [ 407.800401][ T9050] ? __pfx_chrdev_open+0x10/0x10 [ 407.800447][ T9050] vfs_open+0x82/0x3f0 [ 407.800510][ T9050] path_openat+0x208c/0x31a0 [ 407.800559][ T9050] ? __pfx_path_openat+0x10/0x10 [ 407.800611][ T9050] do_file_open+0x20e/0x430 [ 407.800649][ T9050] ? __pfx_do_file_open+0x10/0x10 [ 407.800722][ T9050] ? alloc_fd+0x476/0x790 [ 407.800759][ T9050] ? do_getname+0x191/0x390 [ 407.800805][ T9050] do_sys_openat2+0x10d/0x1e0 [ 407.800868][ T9050] ? __pfx_do_sys_openat2+0x10/0x10 [ 407.800927][ T9050] __x64_sys_openat+0x12d/0x210 [ 407.800974][ T9050] ? __pfx___x64_sys_openat+0x10/0x10 [ 407.801047][ T9050] do_syscall_64+0x106/0xf80 [ 407.801096][ T9050] ? clear_bhb_loop+0x40/0x90 [ 407.801139][ T9050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.801174][ T9050] RIP: 0033:0x7f695e79c799 [ 407.801202][ T9050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 407.801242][ T9050] RSP: 002b:00007f695f6b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 407.801275][ T9050] RAX: ffffffffffffffda RBX: 00007f695ea15fa0 RCX: 00007f695e79c799 [ 407.801298][ T9050] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 407.801318][ T9050] RBP: 00007f695e832c99 R08: 0000000000000000 R09: 0000000000000000 [ 407.801337][ T9050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 407.801355][ T9050] R13: 00007f695ea16038 R14: 00007f695ea15fa0 R15: 00007fff214060a8 [ 407.801407][ T9050] [ 408.282419][ T9050] tty tty16: ldisc open failed (-12), clearing slot 15 [ 409.597823][ T9080] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 409.631237][ T9080] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 409.648800][ T9080] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 409.658653][ T9080] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 409.689665][ T9080] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 409.742139][ T9080] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 409.809783][ T9080] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 410.152066][ T9094] netlink: 334 bytes leftover after parsing attributes in process `syz.2.684'. [ 410.202361][ T9094] FAULT_INJECTION: forcing a failure. [ 410.202361][ T9094] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 410.403055][ T9094] CPU: 1 UID: 0 PID: 9094 Comm: syz.2.684 Tainted: G L syzkaller #0 PREEMPT(full) [ 410.403108][ T9094] Tainted: [L]=SOFTLOCKUP [ 410.403120][ T9094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 410.403141][ T9094] Call Trace: [ 410.403151][ T9094] [ 410.403164][ T9094] dump_stack_lvl+0x100/0x190 [ 410.403220][ T9094] should_fail_ex.cold+0x5/0xa [ 410.403252][ T9094] ? prepare_alloc_pages+0x16d/0x5f0 [ 410.403295][ T9094] should_fail_alloc_page+0xeb/0x140 [ 410.403332][ T9094] prepare_alloc_pages+0x1f0/0x5f0 [ 410.403377][ T9094] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 410.403436][ T9094] ? rcu_is_watching+0x12/0xc0 [ 410.403488][ T9094] ? trace_mm_page_alloc+0x17a/0x1d0 [ 410.403527][ T9094] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 410.403585][ T9094] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 410.403638][ T9094] ? stack_trace_save+0x8e/0xc0 [ 410.403675][ T9094] ? stack_depot_save_flags+0x27/0x9d0 [ 410.403716][ T9094] ? is_bpf_text_address+0x8a/0x1a0 [ 410.403767][ T9094] ? is_bpf_text_address+0x8a/0x1a0 [ 410.403823][ T9094] ? kasan_save_stack+0x3f/0x50 [ 410.403882][ T9094] ? kasan_save_track+0x14/0x30 [ 410.403937][ T9094] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 410.403989][ T9094] ? alloc_vmap_area+0x640/0x2bd0 [ 410.404020][ T9094] ? __get_vm_area_node+0x1ca/0x330 [ 410.404056][ T9094] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 410.404098][ T9094] ? __vmalloc_node_noprof+0xad/0xf0 [ 410.404135][ T9094] ? n_tty_open+0x1a/0x170 [ 410.404164][ T9094] ? tty_ldisc_open+0xa2/0x120 [ 410.404203][ T9094] ? tty_ldisc_setup+0x40/0xf0 [ 410.404243][ T9094] ? tty_init_dev.part.0+0x1b5/0x470 [ 410.404298][ T9094] ? do_file_open+0x20e/0x430 [ 410.404330][ T9094] ? do_sys_openat2+0x10d/0x1e0 [ 410.404378][ T9094] alloc_pages_bulk_noprof+0x782/0x1490 [ 410.404447][ T9094] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 410.404516][ T9094] ? alloc_pages_noprof+0x233/0x390 [ 410.404556][ T9094] __kasan_populate_vmalloc+0xf0/0x210 [ 410.404616][ T9094] alloc_vmap_area+0x95d/0x2bd0 [ 410.404669][ T9094] ? __pfx_alloc_vmap_area+0x10/0x10 [ 410.404717][ T9094] __get_vm_area_node+0x1ca/0x330 [ 410.404763][ T9094] __vmalloc_node_range_noprof+0x213/0x1530 [ 410.404806][ T9094] ? n_tty_open+0x1a/0x170 [ 410.404838][ T9094] ? look_up_lock_class+0x64/0x120 [ 410.404899][ T9094] ? n_tty_open+0x1a/0x170 [ 410.404943][ T9094] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 410.404987][ T9094] ? __ldsem_down_write_nested+0xfd/0x830 [ 410.405019][ T9094] ? __ldsem_down_write_nested+0x10e/0x830 [ 410.405052][ T9094] ? is_console_locked+0x9/0x20 [ 410.405099][ T9094] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 410.405137][ T9094] ? n_tty_open+0x1a/0x170 [ 410.405166][ T9094] __vmalloc_node_noprof+0xad/0xf0 [ 410.405206][ T9094] ? n_tty_open+0x1a/0x170 [ 410.405239][ T9094] ? __pfx_n_tty_open+0x10/0x10 [ 410.405270][ T9094] n_tty_open+0x1a/0x170 [ 410.405303][ T9094] tty_ldisc_open+0xa2/0x120 [ 410.405346][ T9094] tty_ldisc_setup+0x40/0xf0 [ 410.405390][ T9094] tty_init_dev.part.0+0x1b5/0x470 [ 410.405447][ T9094] tty_open+0xa63/0xfa0 [ 410.405537][ T9094] ? __pfx_tty_open+0x10/0x10 [ 410.405586][ T9094] ? chrdev_open+0x10b/0x6a0 [ 410.405619][ T9094] ? chrdev_open+0x10b/0x6a0 [ 410.405660][ T9094] ? __pfx_tty_open+0x10/0x10 [ 410.405712][ T9094] chrdev_open+0x234/0x6a0 [ 410.405745][ T9094] ? __pfx_apparmor_file_open+0x10/0x10 [ 410.405802][ T9094] ? __pfx_chrdev_open+0x10/0x10 [ 410.405840][ T9094] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 410.405894][ T9094] do_dentry_open+0x6d8/0x1660 [ 410.405928][ T9094] ? __pfx_chrdev_open+0x10/0x10 [ 410.405975][ T9094] vfs_open+0x82/0x3f0 [ 410.406025][ T9094] path_openat+0x208c/0x31a0 [ 410.406075][ T9094] ? __pfx_path_openat+0x10/0x10 [ 410.406128][ T9094] do_file_open+0x20e/0x430 [ 410.406168][ T9094] ? __pfx_do_file_open+0x10/0x10 [ 410.406236][ T9094] ? alloc_fd+0x476/0x790 [ 410.406275][ T9094] ? do_getname+0x191/0x390 [ 410.406322][ T9094] do_sys_openat2+0x10d/0x1e0 [ 410.406380][ T9094] ? __pfx_do_sys_openat2+0x10/0x10 [ 410.406440][ T9094] __x64_sys_openat+0x12d/0x210 [ 410.406485][ T9094] ? __pfx___x64_sys_openat+0x10/0x10 [ 410.406547][ T9094] do_syscall_64+0x106/0xf80 [ 410.406592][ T9094] ? clear_bhb_loop+0x40/0x90 [ 410.406633][ T9094] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 410.406688][ T9094] RIP: 0033:0x7f37afb9c799 [ 410.406717][ T9094] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 410.406752][ T9094] RSP: 002b:00007f37b09ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 410.406785][ T9094] RAX: ffffffffffffffda RBX: 00007f37afe15fa0 RCX: 00007f37afb9c799 [ 410.406807][ T9094] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 410.406835][ T9094] RBP: 00007f37afc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 410.406863][ T9094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 410.406884][ T9094] R13: 00007f37afe16038 R14: 00007f37afe15fa0 R15: 00007ffc29622088 [ 410.406936][ T9094] [ 411.091933][ T9094] tty tty16: ldisc open failed (-12), clearing slot 15 [ 411.593093][ T8402] Bluetooth: hci1: command 0x0c1a tx timeout [ 411.682821][ T8402] Bluetooth: hci0: command 0x0c1a tx timeout [ 411.688917][ T8861] Bluetooth: hci3: command 0x0c1a tx timeout [ 411.696211][ T8861] Bluetooth: hci2: command 0x0c1a tx timeout [ 411.756684][ T8402] Bluetooth: hci4: command 0x0c1a tx timeout [ 413.044948][ T9144] program syz.3.694 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 413.504972][ T9153] program syz.3.696 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 413.836622][ T8402] Bluetooth: hci4: command 0x0c1a tx timeout [ 415.914896][ T8402] Bluetooth: hci4: command 0x0c1a tx timeout [ 418.784662][ T9220] netlink: 334 bytes leftover after parsing attributes in process `syz.2.710'. [ 418.804069][ T9220] FAULT_INJECTION: forcing a failure. [ 418.804069][ T9220] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 418.826471][ T9220] CPU: 0 UID: 0 PID: 9220 Comm: syz.2.710 Tainted: G L syzkaller #0 PREEMPT(full) [ 418.826525][ T9220] Tainted: [L]=SOFTLOCKUP [ 418.826552][ T9220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 418.826572][ T9220] Call Trace: [ 418.826583][ T9220] [ 418.826596][ T9220] dump_stack_lvl+0x100/0x190 [ 418.826655][ T9220] should_fail_ex.cold+0x5/0xa [ 418.826688][ T9220] ? prepare_alloc_pages+0x16d/0x5f0 [ 418.826731][ T9220] should_fail_alloc_page+0xeb/0x140 [ 418.826771][ T9220] prepare_alloc_pages+0x1f0/0x5f0 [ 418.826818][ T9220] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 418.826881][ T9220] ? stack_trace_save+0x8e/0xc0 [ 418.826914][ T9220] ? __pfx_stack_trace_save+0x10/0x10 [ 418.826950][ T9220] ? stack_depot_save_flags+0x27/0x9d0 [ 418.826992][ T9220] ? is_bpf_text_address+0x8a/0x1a0 [ 418.827044][ T9220] ? is_bpf_text_address+0x8a/0x1a0 [ 418.827099][ T9220] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 418.827153][ T9220] ? kasan_save_stack+0x3f/0x50 [ 418.827205][ T9220] ? kasan_save_track+0x14/0x30 [ 418.827256][ T9220] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 418.827308][ T9220] ? alloc_vmap_area+0x186c/0x2bd0 [ 418.827341][ T9220] ? __get_vm_area_node+0x1ca/0x330 [ 418.827376][ T9220] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 418.827417][ T9220] ? __vmalloc_node_noprof+0xad/0xf0 [ 418.827456][ T9220] ? n_tty_open+0x1a/0x170 [ 418.827486][ T9220] ? tty_ldisc_open+0xa2/0x120 [ 418.827524][ T9220] ? tty_ldisc_setup+0x40/0xf0 [ 418.827577][ T9220] ? tty_init_dev.part.0+0x1b5/0x470 [ 418.827635][ T9220] ? do_file_open+0x20e/0x430 [ 418.827670][ T9220] ? do_sys_openat2+0x10d/0x1e0 [ 418.827725][ T9220] ? __x64_sys_openat+0x12d/0x210 [ 418.827768][ T9220] ? do_syscall_64+0x106/0xf80 [ 418.827815][ T9220] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.827859][ T9220] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 418.827920][ T9220] ? policy_nodemask+0xed/0x4f0 [ 418.827959][ T9220] alloc_pages_mpol+0x1fb/0x550 [ 418.827998][ T9220] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 418.828045][ T9220] alloc_pages_noprof+0x131/0x390 [ 418.828084][ T9220] get_free_pages_noprof+0x10/0xb0 [ 418.828119][ T9220] __kasan_populate_vmalloc+0xa0/0x210 [ 418.828179][ T9220] alloc_vmap_area+0x95d/0x2bd0 [ 418.828231][ T9220] ? __pfx_alloc_vmap_area+0x10/0x10 [ 418.828277][ T9220] __get_vm_area_node+0x1ca/0x330 [ 418.828321][ T9220] __vmalloc_node_range_noprof+0x213/0x1530 [ 418.828364][ T9220] ? n_tty_open+0x1a/0x170 [ 418.828398][ T9220] ? look_up_lock_class+0x64/0x120 [ 418.828452][ T9220] ? n_tty_open+0x1a/0x170 [ 418.828495][ T9220] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 418.828549][ T9220] ? __ldsem_down_write_nested+0xfd/0x830 [ 418.828583][ T9220] ? __ldsem_down_write_nested+0x10e/0x830 [ 418.828616][ T9220] ? is_console_locked+0x9/0x20 [ 418.828662][ T9220] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 418.828719][ T9220] ? n_tty_open+0x1a/0x170 [ 418.828765][ T9220] __vmalloc_node_noprof+0xad/0xf0 [ 418.828807][ T9220] ? n_tty_open+0x1a/0x170 [ 418.828840][ T9220] ? __pfx_n_tty_open+0x10/0x10 [ 418.828873][ T9220] n_tty_open+0x1a/0x170 [ 418.828907][ T9220] tty_ldisc_open+0xa2/0x120 [ 418.828949][ T9220] tty_ldisc_setup+0x40/0xf0 [ 418.828994][ T9220] tty_init_dev.part.0+0x1b5/0x470 [ 418.829053][ T9220] tty_open+0xa63/0xfa0 [ 418.829112][ T9220] ? __pfx_tty_open+0x10/0x10 [ 418.829163][ T9220] ? chrdev_open+0x10b/0x6a0 [ 418.829197][ T9220] ? chrdev_open+0x10b/0x6a0 [ 418.829235][ T9220] ? __pfx_tty_open+0x10/0x10 [ 418.829283][ T9220] chrdev_open+0x234/0x6a0 [ 418.829316][ T9220] ? __pfx_apparmor_file_open+0x10/0x10 [ 418.829373][ T9220] ? __pfx_chrdev_open+0x10/0x10 [ 418.829430][ T9220] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 418.829479][ T9220] do_dentry_open+0x6d8/0x1660 [ 418.829513][ T9220] ? __pfx_chrdev_open+0x10/0x10 [ 418.829571][ T9220] vfs_open+0x82/0x3f0 [ 418.829622][ T9220] path_openat+0x208c/0x31a0 [ 418.829676][ T9220] ? __pfx_path_openat+0x10/0x10 [ 418.829742][ T9220] do_file_open+0x20e/0x430 [ 418.829782][ T9220] ? __pfx_do_file_open+0x10/0x10 [ 418.829849][ T9220] ? alloc_fd+0x476/0x790 [ 418.829906][ T9220] ? do_getname+0x191/0x390 [ 418.829967][ T9220] do_sys_openat2+0x10d/0x1e0 [ 418.830014][ T9220] ? __pfx_do_sys_openat2+0x10/0x10 [ 418.830076][ T9220] __x64_sys_openat+0x12d/0x210 [ 418.830125][ T9220] ? __pfx___x64_sys_openat+0x10/0x10 [ 418.830190][ T9220] do_syscall_64+0x106/0xf80 [ 418.830237][ T9220] ? clear_bhb_loop+0x40/0x90 [ 418.830279][ T9220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.830314][ T9220] RIP: 0033:0x7f37afb9c799 [ 418.830342][ T9220] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 418.830375][ T9220] RSP: 002b:00007f37b09ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 418.830407][ T9220] RAX: ffffffffffffffda RBX: 00007f37afe15fa0 RCX: 00007f37afb9c799 [ 418.830430][ T9220] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 418.830453][ T9220] RBP: 00007f37afc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 418.830474][ T9220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 418.830496][ T9220] R13: 00007f37afe16038 R14: 00007f37afe15fa0 R15: 00007ffc29622088 [ 418.830550][ T9220] [ 419.393688][ T9220] warn_alloc: 2 callbacks suppressed [ 419.393708][ T9220] syz.2.710: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 419.413990][ T9220] CPU: 0 UID: 0 PID: 9220 Comm: syz.2.710 Tainted: G L syzkaller #0 PREEMPT(full) [ 419.414027][ T9220] Tainted: [L]=SOFTLOCKUP [ 419.414036][ T9220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 419.414052][ T9220] Call Trace: [ 419.414061][ T9220] [ 419.414071][ T9220] dump_stack_lvl+0x100/0x190 [ 419.414113][ T9220] warn_alloc.cold+0x95/0x1c1 [ 419.414156][ T9220] ? __pfx_warn_alloc+0x10/0x10 [ 419.414191][ T9220] ? lockdep_hardirqs_on+0x78/0x100 [ 419.414257][ T9220] ? __get_vm_area_node+0x2c5/0x330 [ 419.414293][ T9220] ? __get_vm_area_node+0x208/0x330 [ 419.414328][ T9220] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 419.414364][ T9220] ? look_up_lock_class+0x64/0x120 [ 419.414404][ T9220] ? n_tty_open+0x1a/0x170 [ 419.414437][ T9220] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 419.414471][ T9220] ? __ldsem_down_write_nested+0xfd/0x830 [ 419.414496][ T9220] ? __ldsem_down_write_nested+0x10e/0x830 [ 419.414521][ T9220] ? is_console_locked+0x9/0x20 [ 419.414556][ T9220] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 419.414587][ T9220] ? n_tty_open+0x1a/0x170 [ 419.414609][ T9220] __vmalloc_node_noprof+0xad/0xf0 [ 419.414640][ T9220] ? n_tty_open+0x1a/0x170 [ 419.414665][ T9220] ? __pfx_n_tty_open+0x10/0x10 [ 419.414689][ T9220] n_tty_open+0x1a/0x170 [ 419.414713][ T9220] tty_ldisc_open+0xa2/0x120 [ 419.414746][ T9220] tty_ldisc_setup+0x40/0xf0 [ 419.414780][ T9220] tty_init_dev.part.0+0x1b5/0x470 [ 419.414823][ T9220] tty_open+0xa63/0xfa0 [ 419.414866][ T9220] ? __pfx_tty_open+0x10/0x10 [ 419.414904][ T9220] ? chrdev_open+0x10b/0x6a0 [ 419.414929][ T9220] ? chrdev_open+0x10b/0x6a0 [ 419.414959][ T9220] ? __pfx_tty_open+0x10/0x10 [ 419.414997][ T9220] chrdev_open+0x234/0x6a0 [ 419.415028][ T9220] ? __pfx_apparmor_file_open+0x10/0x10 [ 419.415071][ T9220] ? __pfx_chrdev_open+0x10/0x10 [ 419.415099][ T9220] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 419.415132][ T9220] do_dentry_open+0x6d8/0x1660 [ 419.415157][ T9220] ? __pfx_chrdev_open+0x10/0x10 [ 419.415190][ T9220] vfs_open+0x82/0x3f0 [ 419.415246][ T9220] path_openat+0x208c/0x31a0 [ 419.415281][ T9220] ? __pfx_path_openat+0x10/0x10 [ 419.415317][ T9220] do_file_open+0x20e/0x430 [ 419.415344][ T9220] ? __pfx_do_file_open+0x10/0x10 [ 419.415390][ T9220] ? alloc_fd+0x476/0x790 [ 419.415418][ T9220] ? do_getname+0x191/0x390 [ 419.415451][ T9220] do_sys_openat2+0x10d/0x1e0 [ 419.415484][ T9220] ? __pfx_do_sys_openat2+0x10/0x10 [ 419.415527][ T9220] __x64_sys_openat+0x12d/0x210 [ 419.415561][ T9220] ? __pfx___x64_sys_openat+0x10/0x10 [ 419.415605][ T9220] do_syscall_64+0x106/0xf80 [ 419.415639][ T9220] ? clear_bhb_loop+0x40/0x90 [ 419.415669][ T9220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 419.415694][ T9220] RIP: 0033:0x7f37afb9c799 [ 419.415714][ T9220] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 419.415739][ T9220] RSP: 002b:00007f37b09ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 419.415762][ T9220] RAX: ffffffffffffffda RBX: 00007f37afe15fa0 RCX: 00007f37afb9c799 [ 419.415780][ T9220] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 419.415796][ T9220] RBP: 00007f37afc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 419.415811][ T9220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 419.415826][ T9220] R13: 00007f37afe16038 R14: 00007f37afe15fa0 R15: 00007ffc29622088 [ 419.415858][ T9220] [ 419.415925][ T9220] Mem-Info: [ 419.763720][ T9220] active_anon:12203 inactive_anon:0 isolated_anon:0 [ 419.763720][ T9220] active_file:15183 inactive_file:41688 isolated_file:0 [ 419.763720][ T9220] unevictable:768 dirty:952 writeback:0 [ 419.763720][ T9220] slab_reclaimable:11906 slab_unreclaimable:106717 [ 419.763720][ T9220] mapped:38072 shmem:6655 pagetables:1139 [ 419.763720][ T9220] sec_pagetables:0 bounce:0 [ 419.763720][ T9220] kernel_misc_reclaimable:0 [ 419.763720][ T9220] free:1297054 free_pcp:8803 free_cma:0 [ 419.809534][ T9220] Node 0 active_anon:48812kB inactive_anon:0kB active_file:60732kB inactive_file:166616kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:152288kB dirty:3808kB writeback:0kB shmem:25084kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12552kB pagetables:4424kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 419.841552][ T9220] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 419.871774][ T9220] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 419.947145][ T9220] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 419.953099][ T9220] Node 0 DMA32 free:1234080kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48828kB inactive_anon:0kB active_file:60732kB inactive_file:166616kB unevictable:1536kB writepending:3812kB zspages:0kB present:3129332kB managed:2537384kB mlocked:0kB bounce:0kB free_pcp:33440kB local_pcp:21284kB free_cma:0kB [ 420.087018][ T9220] lowmem_reserve[]: 0 0 1 1 1 [ 420.110104][ T9220] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 420.148271][ T9220] lowmem_reserve[]: 0 0 0 0 0 [ 420.153159][ T9220] Node 1 Normal free:3939652kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 420.298824][ T9227] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 420.334290][ T9220] lowmem_reserve[]: 0 0 0 0 0 [ 420.343738][ T9220] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 420.425029][ T9220] Node 0 DMA32: 3821*4kB (UME) 2370*8kB (UME) 965*16kB (UME) 695*32kB (UME) 455*64kB (ME) 301*128kB (ME) 196*256kB (UM) 140*512kB (UME) 56*1024kB (UM) 4*2048kB (UM) 222*4096kB (M) = 1236276kB [ 420.499767][ T9220] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 420.746068][ T9220] Node 1 Normal: 5*4kB (UM) 6*8kB (UM) 6*16kB (UM) 9*32kB (UM) 4*64kB (UM) 5*128kB (UM) 2*256kB (M) 3*512kB (UM) 2*1024kB (UM) 1*2048kB (M) 960*4096kB (M) = 3939652kB [ 420.783802][ T9220] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 420.793919][ T9220] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 420.835430][ T9220] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 420.873442][ T9220] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 420.888165][ T9220] 58261 total pagecache pages [ 420.895980][ T9220] 0 pages in swap cache [ 420.902899][ T9232] netlink: 334 bytes leftover after parsing attributes in process `syz.1.713'. [ 420.912105][ T9220] Free swap = 124996kB [ 420.918462][ T9220] Total swap = 124996kB [ 420.924838][ T9220] 2097051 pages RAM [ 420.929005][ T9220] 0 pages HighMem/MovableOnly [ 420.935112][ T9220] 430825 pages reserved [ 420.946092][ T9220] 0 pages cma reserved [ 420.950715][ T9220] tty tty16: ldisc open failed (-12), clearing slot 15 [ 420.966058][ T9232] FAULT_INJECTION: forcing a failure. [ 420.966058][ T9232] name failslab, interval 1, probability 0, space 0, times 0 [ 421.019181][ T9232] CPU: 1 UID: 0 PID: 9232 Comm: syz.1.713 Tainted: G L syzkaller #0 PREEMPT(full) [ 421.019235][ T9232] Tainted: [L]=SOFTLOCKUP [ 421.019249][ T9232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 421.019269][ T9232] Call Trace: [ 421.019282][ T9232] [ 421.019295][ T9232] dump_stack_lvl+0x100/0x190 [ 421.019355][ T9232] should_fail_ex.cold+0x5/0xa [ 421.019397][ T9232] should_failslab+0xc2/0x120 [ 421.019437][ T9232] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 421.019494][ T9232] ? alloc_vmap_area+0x640/0x2bd0 [ 421.019537][ T9232] alloc_vmap_area+0x640/0x2bd0 [ 421.019593][ T9232] ? __pfx_alloc_vmap_area+0x10/0x10 [ 421.019643][ T9232] __get_vm_area_node+0x1ca/0x330 [ 421.019691][ T9232] __vmalloc_node_range_noprof+0x213/0x1530 [ 421.019738][ T9232] ? n_tty_open+0x1a/0x170 [ 421.019773][ T9232] ? look_up_lock_class+0x64/0x120 [ 421.019836][ T9232] ? n_tty_open+0x1a/0x170 [ 421.019869][ T9232] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 421.019903][ T9232] ? __ldsem_down_write_nested+0xfd/0x830 [ 421.019928][ T9232] ? __ldsem_down_write_nested+0x10e/0x830 [ 421.019952][ T9232] ? is_console_locked+0x9/0x20 [ 421.019988][ T9232] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 421.020017][ T9232] ? n_tty_open+0x1a/0x170 [ 421.020040][ T9232] __vmalloc_node_noprof+0xad/0xf0 [ 421.020071][ T9232] ? n_tty_open+0x1a/0x170 [ 421.020115][ T9232] ? __pfx_n_tty_open+0x10/0x10 [ 421.020138][ T9232] n_tty_open+0x1a/0x170 [ 421.020162][ T9232] tty_ldisc_open+0xa2/0x120 [ 421.020193][ T9232] tty_ldisc_setup+0x40/0xf0 [ 421.020227][ T9232] tty_init_dev.part.0+0x1b5/0x470 [ 421.020269][ T9232] tty_open+0xa63/0xfa0 [ 421.020311][ T9232] ? __pfx_tty_open+0x10/0x10 [ 421.020347][ T9232] ? chrdev_open+0x10b/0x6a0 [ 421.020373][ T9232] ? chrdev_open+0x10b/0x6a0 [ 421.020412][ T9232] ? __pfx_tty_open+0x10/0x10 [ 421.020446][ T9232] chrdev_open+0x234/0x6a0 [ 421.020468][ T9232] ? __pfx_apparmor_file_open+0x10/0x10 [ 421.020507][ T9232] ? __pfx_chrdev_open+0x10/0x10 [ 421.020557][ T9232] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 421.020600][ T9232] do_dentry_open+0x6d8/0x1660 [ 421.020629][ T9232] ? __pfx_chrdev_open+0x10/0x10 [ 421.020669][ T9232] vfs_open+0x82/0x3f0 [ 421.020712][ T9232] path_openat+0x208c/0x31a0 [ 421.020757][ T9232] ? __pfx_path_openat+0x10/0x10 [ 421.020822][ T9232] do_file_open+0x20e/0x430 [ 421.020862][ T9232] ? __pfx_do_file_open+0x10/0x10 [ 421.020929][ T9232] ? alloc_fd+0x476/0x790 [ 421.020967][ T9232] ? do_getname+0x191/0x390 [ 421.021014][ T9232] do_sys_openat2+0x10d/0x1e0 [ 421.021059][ T9232] ? __pfx_do_sys_openat2+0x10/0x10 [ 421.021126][ T9232] __x64_sys_openat+0x12d/0x210 [ 421.021166][ T9232] ? __pfx___x64_sys_openat+0x10/0x10 [ 421.021221][ T9232] do_syscall_64+0x106/0xf80 [ 421.021262][ T9232] ? clear_bhb_loop+0x40/0x90 [ 421.021298][ T9232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.021329][ T9232] RIP: 0033:0x7f772039c799 [ 421.021354][ T9232] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 421.021389][ T9232] RSP: 002b:00007f77211b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 421.021423][ T9232] RAX: ffffffffffffffda RBX: 00007f7720615fa0 RCX: 00007f772039c799 [ 421.021447][ T9232] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 421.021470][ T9232] RBP: 00007f7720432c99 R08: 0000000000000000 R09: 0000000000000000 [ 421.021491][ T9232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 421.021512][ T9232] R13: 00007f7720616038 R14: 00007f7720615fa0 R15: 00007ffe4c435238 [ 421.021558][ T9232] [ 421.021600][ T9232] tty tty16: ldisc open failed (-12), clearing slot 15 [ 421.706860][ T9245] netlink: 334 bytes leftover after parsing attributes in process `syz.3.719'. [ 421.745821][ T9245] FAULT_INJECTION: forcing a failure. [ 421.745821][ T9245] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 421.771379][ T9245] CPU: 1 UID: 0 PID: 9245 Comm: syz.3.719 Tainted: G L syzkaller #0 PREEMPT(full) [ 421.771420][ T9245] Tainted: [L]=SOFTLOCKUP [ 421.771429][ T9245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 421.771445][ T9245] Call Trace: [ 421.771454][ T9245] [ 421.771464][ T9245] dump_stack_lvl+0x100/0x190 [ 421.771507][ T9245] should_fail_ex.cold+0x5/0xa [ 421.771542][ T9245] ? prepare_alloc_pages+0x16d/0x5f0 [ 421.771580][ T9245] should_fail_alloc_page+0xeb/0x140 [ 421.771632][ T9245] prepare_alloc_pages+0x1f0/0x5f0 [ 421.771681][ T9245] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 421.771736][ T9245] ? stack_trace_save+0x8e/0xc0 [ 421.771760][ T9245] ? __pfx_stack_trace_save+0x10/0x10 [ 421.771786][ T9245] ? stack_depot_save_flags+0x27/0x9d0 [ 421.771818][ T9245] ? is_bpf_text_address+0x8a/0x1a0 [ 421.771858][ T9245] ? is_bpf_text_address+0x8a/0x1a0 [ 421.771897][ T9245] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 421.771938][ T9245] ? kasan_save_stack+0x3f/0x50 [ 421.771984][ T9245] ? kasan_save_track+0x14/0x30 [ 421.772027][ T9245] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 421.772068][ T9245] ? alloc_vmap_area+0x186c/0x2bd0 [ 421.772094][ T9245] ? __get_vm_area_node+0x1ca/0x330 [ 421.772120][ T9245] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 421.772152][ T9245] ? __vmalloc_node_noprof+0xad/0xf0 [ 421.772181][ T9245] ? n_tty_open+0x1a/0x170 [ 421.772204][ T9245] ? tty_ldisc_open+0xa2/0x120 [ 421.772233][ T9245] ? tty_ldisc_setup+0x40/0xf0 [ 421.772264][ T9245] ? tty_init_dev.part.0+0x1b5/0x470 [ 421.772313][ T9245] ? do_file_open+0x20e/0x430 [ 421.772337][ T9245] ? do_sys_openat2+0x10d/0x1e0 [ 421.772368][ T9245] ? __x64_sys_openat+0x12d/0x210 [ 421.772401][ T9245] ? do_syscall_64+0x106/0xf80 [ 421.772436][ T9245] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.772466][ T9245] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 421.772511][ T9245] ? policy_nodemask+0xed/0x4f0 [ 421.772540][ T9245] alloc_pages_mpol+0x1fb/0x550 [ 421.772569][ T9245] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 421.772604][ T9245] alloc_pages_noprof+0x131/0x390 [ 421.772632][ T9245] get_free_pages_noprof+0x10/0xb0 [ 421.772658][ T9245] __kasan_populate_vmalloc+0xa0/0x210 [ 421.772704][ T9245] alloc_vmap_area+0x95d/0x2bd0 [ 421.772742][ T9245] ? __pfx_alloc_vmap_area+0x10/0x10 [ 421.772777][ T9245] __get_vm_area_node+0x1ca/0x330 [ 421.772811][ T9245] __vmalloc_node_range_noprof+0x213/0x1530 [ 421.772845][ T9245] ? n_tty_open+0x1a/0x170 [ 421.772869][ T9245] ? look_up_lock_class+0x64/0x120 [ 421.772909][ T9245] ? n_tty_open+0x1a/0x170 [ 421.772940][ T9245] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 421.772974][ T9245] ? __ldsem_down_write_nested+0xfd/0x830 [ 421.772998][ T9245] ? __ldsem_down_write_nested+0x10e/0x830 [ 421.773023][ T9245] ? is_console_locked+0x9/0x20 [ 421.773060][ T9245] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 421.773090][ T9245] ? n_tty_open+0x1a/0x170 [ 421.773112][ T9245] __vmalloc_node_noprof+0xad/0xf0 [ 421.773143][ T9245] ? n_tty_open+0x1a/0x170 [ 421.773168][ T9245] ? __pfx_n_tty_open+0x10/0x10 [ 421.773198][ T9245] n_tty_open+0x1a/0x170 [ 421.773223][ T9245] tty_ldisc_open+0xa2/0x120 [ 421.773261][ T9245] tty_ldisc_setup+0x40/0xf0 [ 421.773295][ T9245] tty_init_dev.part.0+0x1b5/0x470 [ 421.773345][ T9245] tty_open+0xa63/0xfa0 [ 421.773390][ T9245] ? __pfx_tty_open+0x10/0x10 [ 421.773427][ T9245] ? chrdev_open+0x10b/0x6a0 [ 421.773452][ T9245] ? chrdev_open+0x10b/0x6a0 [ 421.773481][ T9245] ? __pfx_tty_open+0x10/0x10 [ 421.773520][ T9245] chrdev_open+0x234/0x6a0 [ 421.773544][ T9245] ? __pfx_apparmor_file_open+0x10/0x10 [ 421.773587][ T9245] ? __pfx_chrdev_open+0x10/0x10 [ 421.773614][ T9245] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 421.773650][ T9245] do_dentry_open+0x6d8/0x1660 [ 421.773675][ T9245] ? __pfx_chrdev_open+0x10/0x10 [ 421.773708][ T9245] vfs_open+0x82/0x3f0 [ 421.773744][ T9245] path_openat+0x208c/0x31a0 [ 421.773780][ T9245] ? __pfx_path_openat+0x10/0x10 [ 421.773817][ T9245] do_file_open+0x20e/0x430 [ 421.773845][ T9245] ? __pfx_do_file_open+0x10/0x10 [ 421.773893][ T9245] ? alloc_fd+0x476/0x790 [ 421.773920][ T9245] ? do_getname+0x191/0x390 [ 421.773955][ T9245] do_sys_openat2+0x10d/0x1e0 [ 421.773988][ T9245] ? __pfx_do_sys_openat2+0x10/0x10 [ 421.774033][ T9245] __x64_sys_openat+0x12d/0x210 [ 421.774070][ T9245] ? __pfx___x64_sys_openat+0x10/0x10 [ 421.774116][ T9245] do_syscall_64+0x106/0xf80 [ 421.774151][ T9245] ? clear_bhb_loop+0x40/0x90 [ 421.774182][ T9245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.774208][ T9245] RIP: 0033:0x7f695e79c799 [ 421.774229][ T9245] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 421.774253][ T9245] RSP: 002b:00007f695f6b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 421.774277][ T9245] RAX: ffffffffffffffda RBX: 00007f695ea15fa0 RCX: 00007f695e79c799 [ 421.774294][ T9245] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 421.774318][ T9245] RBP: 00007f695e832c99 R08: 0000000000000000 R09: 0000000000000000 [ 421.774333][ T9245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 421.774348][ T9245] R13: 00007f695ea16038 R14: 00007f695ea15fa0 R15: 00007fff214060a8 [ 421.774381][ T9245] [ 421.774434][ T9245] tty tty16: ldisc open failed (-12), clearing slot 15 [ 424.632341][ T9289] program syz.1.728 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 424.845407][ T9300] program syz.4.731 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 429.382691][ T9373] program syz.3.744 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 430.184407][ T9389] netlink: 'syz.3.748': attribute type 11 has an invalid length. [ 430.202098][ T9389] netlink: 'syz.3.748': attribute type 11 has an invalid length. [ 430.229451][ T9389] netlink: 'syz.3.748': attribute type 11 has an invalid length. [ 430.280814][ T9389] netlink: 'syz.3.748': attribute type 11 has an invalid length. [ 430.360185][ T9389] netlink: 'syz.3.748': attribute type 3 has an invalid length. [ 430.407796][ T9389] netlink: 8 bytes leftover after parsing attributes in process `syz.3.748'. [ 430.840942][ T9396] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 431.247361][ T9411] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 433.368713][ T9448] netlink: 334 bytes leftover after parsing attributes in process `syz.2.764'. [ 433.419804][ T9448] FAULT_INJECTION: forcing a failure. [ 433.419804][ T9448] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 433.436824][ T9448] CPU: 0 UID: 0 PID: 9448 Comm: syz.2.764 Tainted: G L syzkaller #0 PREEMPT(full) [ 433.436863][ T9448] Tainted: [L]=SOFTLOCKUP [ 433.436872][ T9448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 433.436888][ T9448] Call Trace: [ 433.436896][ T9448] [ 433.436905][ T9448] dump_stack_lvl+0x100/0x190 [ 433.436947][ T9448] should_fail_ex.cold+0x5/0xa [ 433.436971][ T9448] ? prepare_alloc_pages+0x16d/0x5f0 [ 433.437001][ T9448] should_fail_alloc_page+0xeb/0x140 [ 433.437029][ T9448] prepare_alloc_pages+0x1f0/0x5f0 [ 433.437062][ T9448] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 433.437105][ T9448] ? rcu_is_watching+0x12/0xc0 [ 433.437143][ T9448] ? trace_mm_page_alloc+0x17a/0x1d0 [ 433.437171][ T9448] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 433.437214][ T9448] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 433.437258][ T9448] ? find_held_lock+0x2b/0x80 [ 433.437280][ T9448] ? is_bpf_text_address+0x8a/0x1a0 [ 433.437318][ T9448] ? is_bpf_text_address+0x8a/0x1a0 [ 433.437358][ T9448] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 433.437385][ T9448] ? is_bpf_text_address+0x94/0x1a0 [ 433.437423][ T9448] ? kernel_text_address+0x8d/0x100 [ 433.437459][ T9448] ? __kernel_text_address+0xd/0x30 [ 433.437495][ T9448] ? unwind_get_return_address+0x59/0xa0 [ 433.437530][ T9448] alloc_pages_bulk_noprof+0x782/0x1490 [ 433.437579][ T9448] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 433.437621][ T9448] ? kasan_save_stack+0x30/0x50 [ 433.437665][ T9448] ? alloc_pages_noprof+0x233/0x390 [ 433.437694][ T9448] __kasan_populate_vmalloc+0xf0/0x210 [ 433.437745][ T9448] alloc_vmap_area+0x95d/0x2bd0 [ 433.437784][ T9448] ? __pfx_alloc_vmap_area+0x10/0x10 [ 433.437818][ T9448] __get_vm_area_node+0x1ca/0x330 [ 433.437852][ T9448] __vmalloc_node_range_noprof+0x213/0x1530 [ 433.437884][ T9448] ? n_tty_open+0x1a/0x170 [ 433.437929][ T9448] ? look_up_lock_class+0x64/0x120 [ 433.437982][ T9448] ? n_tty_open+0x1a/0x170 [ 433.438014][ T9448] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 433.438047][ T9448] ? __ldsem_down_write_nested+0xfd/0x830 [ 433.438071][ T9448] ? __ldsem_down_write_nested+0x10e/0x830 [ 433.438095][ T9448] ? is_console_locked+0x9/0x20 [ 433.438148][ T9448] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 433.438178][ T9448] ? n_tty_open+0x1a/0x170 [ 433.438201][ T9448] __vmalloc_node_noprof+0xad/0xf0 [ 433.438233][ T9448] ? n_tty_open+0x1a/0x170 [ 433.438258][ T9448] ? __pfx_n_tty_open+0x10/0x10 [ 433.438282][ T9448] n_tty_open+0x1a/0x170 [ 433.438306][ T9448] tty_ldisc_open+0xa2/0x120 [ 433.438339][ T9448] tty_ldisc_setup+0x40/0xf0 [ 433.438374][ T9448] tty_init_dev.part.0+0x1b5/0x470 [ 433.438417][ T9448] tty_open+0xa63/0xfa0 [ 433.438461][ T9448] ? __pfx_tty_open+0x10/0x10 [ 433.438498][ T9448] ? chrdev_open+0x10b/0x6a0 [ 433.438523][ T9448] ? chrdev_open+0x10b/0x6a0 [ 433.438553][ T9448] ? __pfx_tty_open+0x10/0x10 [ 433.438592][ T9448] chrdev_open+0x234/0x6a0 [ 433.438617][ T9448] ? __pfx_apparmor_file_open+0x10/0x10 [ 433.438673][ T9448] ? __pfx_chrdev_open+0x10/0x10 [ 433.438700][ T9448] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 433.438738][ T9448] do_dentry_open+0x6d8/0x1660 [ 433.438762][ T9448] ? __pfx_chrdev_open+0x10/0x10 [ 433.438794][ T9448] vfs_open+0x82/0x3f0 [ 433.438828][ T9448] path_openat+0x208c/0x31a0 [ 433.438863][ T9448] ? __pfx_path_openat+0x10/0x10 [ 433.438899][ T9448] do_file_open+0x20e/0x430 [ 433.438927][ T9448] ? __pfx_do_file_open+0x10/0x10 [ 433.438973][ T9448] ? alloc_fd+0x476/0x790 [ 433.438999][ T9448] ? do_getname+0x191/0x390 [ 433.439032][ T9448] do_sys_openat2+0x10d/0x1e0 [ 433.439065][ T9448] ? __pfx_do_sys_openat2+0x10/0x10 [ 433.439108][ T9448] __x64_sys_openat+0x12d/0x210 [ 433.439141][ T9448] ? __pfx___x64_sys_openat+0x10/0x10 [ 433.439186][ T9448] do_syscall_64+0x106/0xf80 [ 433.439219][ T9448] ? clear_bhb_loop+0x40/0x90 [ 433.439249][ T9448] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 433.439274][ T9448] RIP: 0033:0x7f37afb9c799 [ 433.439296][ T9448] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 433.439320][ T9448] RSP: 002b:00007f37b09ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 433.439344][ T9448] RAX: ffffffffffffffda RBX: 00007f37afe15fa0 RCX: 00007f37afb9c799 [ 433.439361][ T9448] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 433.439377][ T9448] RBP: 00007f37afc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 433.439393][ T9448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 433.439408][ T9448] R13: 00007f37afe16038 R14: 00007f37afe15fa0 R15: 00007ffc29622088 [ 433.439440][ T9448] [ 433.439514][ T9448] warn_alloc: 2 callbacks suppressed [ 433.439528][ T9448] syz.2.764: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 434.068400][ T9448] CPU: 1 UID: 0 PID: 9448 Comm: syz.2.764 Tainted: G L syzkaller #0 PREEMPT(full) [ 434.068435][ T9448] Tainted: [L]=SOFTLOCKUP [ 434.068443][ T9448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 434.068471][ T9448] Call Trace: [ 434.068478][ T9448] [ 434.068487][ T9448] dump_stack_lvl+0x100/0x190 [ 434.068524][ T9448] warn_alloc.cold+0x95/0x1c1 [ 434.068564][ T9448] ? __pfx_warn_alloc+0x10/0x10 [ 434.068595][ T9448] ? lockdep_hardirqs_on+0x78/0x100 [ 434.068650][ T9448] ? __get_vm_area_node+0x2c5/0x330 [ 434.068683][ T9448] ? __get_vm_area_node+0x208/0x330 [ 434.068717][ T9448] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 434.068750][ T9448] ? look_up_lock_class+0x64/0x120 [ 434.068786][ T9448] ? n_tty_open+0x1a/0x170 [ 434.068817][ T9448] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 434.068848][ T9448] ? __ldsem_down_write_nested+0xfd/0x830 [ 434.068871][ T9448] ? __ldsem_down_write_nested+0x10e/0x830 [ 434.068894][ T9448] ? is_console_locked+0x9/0x20 [ 434.068926][ T9448] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 434.068954][ T9448] ? n_tty_open+0x1a/0x170 [ 434.068975][ T9448] __vmalloc_node_noprof+0xad/0xf0 [ 434.069003][ T9448] ? n_tty_open+0x1a/0x170 [ 434.069026][ T9448] ? __pfx_n_tty_open+0x10/0x10 [ 434.069048][ T9448] n_tty_open+0x1a/0x170 [ 434.069070][ T9448] tty_ldisc_open+0xa2/0x120 [ 434.069101][ T9448] tty_ldisc_setup+0x40/0xf0 [ 434.069132][ T9448] tty_init_dev.part.0+0x1b5/0x470 [ 434.069172][ T9448] tty_open+0xa63/0xfa0 [ 434.069212][ T9448] ? __pfx_tty_open+0x10/0x10 [ 434.069246][ T9448] ? chrdev_open+0x10b/0x6a0 [ 434.069269][ T9448] ? chrdev_open+0x10b/0x6a0 [ 434.069297][ T9448] ? __pfx_tty_open+0x10/0x10 [ 434.069332][ T9448] chrdev_open+0x234/0x6a0 [ 434.069355][ T9448] ? __pfx_apparmor_file_open+0x10/0x10 [ 434.069395][ T9448] ? __pfx_chrdev_open+0x10/0x10 [ 434.069430][ T9448] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 434.069466][ T9448] do_dentry_open+0x6d8/0x1660 [ 434.069489][ T9448] ? __pfx_chrdev_open+0x10/0x10 [ 434.069520][ T9448] vfs_open+0x82/0x3f0 [ 434.069553][ T9448] path_openat+0x208c/0x31a0 [ 434.069586][ T9448] ? __pfx_path_openat+0x10/0x10 [ 434.069621][ T9448] do_file_open+0x20e/0x430 [ 434.069647][ T9448] ? __pfx_do_file_open+0x10/0x10 [ 434.069692][ T9448] ? alloc_fd+0x476/0x790 [ 434.069720][ T9448] ? do_getname+0x191/0x390 [ 434.069752][ T9448] do_sys_openat2+0x10d/0x1e0 [ 434.069783][ T9448] ? __pfx_do_sys_openat2+0x10/0x10 [ 434.069835][ T9448] __x64_sys_openat+0x12d/0x210 [ 434.069883][ T9448] ? __pfx___x64_sys_openat+0x10/0x10 [ 434.069926][ T9448] do_syscall_64+0x106/0xf80 [ 434.069958][ T9448] ? clear_bhb_loop+0x40/0x90 [ 434.069986][ T9448] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.070011][ T9448] RIP: 0033:0x7f37afb9c799 [ 434.070030][ T9448] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 434.070053][ T9448] RSP: 002b:00007f37b09ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 434.070076][ T9448] RAX: ffffffffffffffda RBX: 00007f37afe15fa0 RCX: 00007f37afb9c799 [ 434.070092][ T9448] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 434.070107][ T9448] RBP: 00007f37afc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 434.070122][ T9448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 434.070136][ T9448] R13: 00007f37afe16038 R14: 00007f37afe15fa0 R15: 00007ffc29622088 [ 434.070166][ T9448] [ 434.558191][ T9448] Mem-Info: [ 434.561401][ T9448] active_anon:11538 inactive_anon:9 isolated_anon:0 [ 434.561401][ T9448] active_file:15183 inactive_file:41694 isolated_file:0 [ 434.561401][ T9448] unevictable:768 dirty:721 writeback:0 [ 434.561401][ T9448] slab_reclaimable:11915 slab_unreclaimable:110797 [ 434.561401][ T9448] mapped:34360 shmem:1856 pagetables:1165 [ 434.561401][ T9448] sec_pagetables:0 bounce:0 [ 434.561401][ T9448] kernel_misc_reclaimable:0 [ 434.561401][ T9448] free:1293722 free_pcp:9441 free_cma:0 [ 434.607156][ T9448] Node 0 active_anon:46152kB inactive_anon:36kB active_file:60732kB inactive_file:166640kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:137440kB dirty:2884kB writeback:0kB shmem:5888kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13012kB pagetables:4528kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 434.639639][ T9448] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 434.670868][ T9448] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 434.700839][ T9448] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 434.706666][ T9448] Node 0 DMA32 free:1219876kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:46152kB inactive_anon:36kB active_file:60732kB inactive_file:166640kB unevictable:1536kB writepending:2884kB zspages:0kB present:3129332kB managed:2537384kB mlocked:0kB bounce:0kB free_pcp:37768kB local_pcp:26088kB free_cma:0kB [ 434.740220][ T9448] lowmem_reserve[]: 0 0 1 1 1 [ 434.745141][ T9448] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 434.776008][ T9448] lowmem_reserve[]: 0 0 0 0 0 [ 434.780762][ T9448] Node 1 Normal free:3939648kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 434.817527][ T9448] lowmem_reserve[]: 0 0 0 0 0 [ 434.822877][ T9448] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 434.844501][ T9448] Node 0 DMA32: 3289*4kB (UME) 2868*8kB (UME) 1421*16kB (UME) 629*32kB (UME) 460*64kB (UME) 301*128kB (UME) 176*256kB (M) 121*512kB (UME) 59*1024kB (UM) 1*2048kB (U) 221*4096kB (M) = 1221620kB [ 434.874624][ T9448] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 434.886921][ T9448] Node 1 Normal: 4*4kB (UM) 6*8kB (UM) 6*16kB (UM) 9*32kB (UM) 4*64kB (UM) 5*128kB (UM) 2*256kB (M) 3*512kB (UM) 2*1024kB (UM) 1*2048kB (M) 960*4096kB (M) = 3939648kB [ 434.906403][ T9448] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 434.916218][ T9448] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 435.014545][ T9448] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 435.072240][ T9448] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 435.109021][ T9448] 58755 total pagecache pages [ 435.113750][ T9448] 12 pages in swap cache [ 435.186741][ T9448] Free swap = 122880kB [ 435.190953][ T9448] Total swap = 124996kB [ 435.195222][ T9448] 2097051 pages RAM [ 435.224152][ T9448] 0 pages HighMem/MovableOnly [ 435.244897][ T9448] 430825 pages reserved [ 435.249107][ T9448] 0 pages cma reserved [ 435.281066][ T9448] tty tty16: ldisc open failed (-12), clearing slot 15 [ 435.352964][ T9456] program syz.1.765 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 436.235693][ T9478] netlink: 334 bytes leftover after parsing attributes in process `syz.3.770'. [ 436.256314][ T9478] FAULT_INJECTION: forcing a failure. [ 436.256314][ T9478] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 436.269908][ T9478] CPU: 1 UID: 0 PID: 9478 Comm: syz.3.770 Tainted: G L syzkaller #0 PREEMPT(full) [ 436.269949][ T9478] Tainted: [L]=SOFTLOCKUP [ 436.269958][ T9478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 436.269975][ T9478] Call Trace: [ 436.269985][ T9478] [ 436.269995][ T9478] dump_stack_lvl+0x100/0x190 [ 436.270039][ T9478] should_fail_ex.cold+0x5/0xa [ 436.270064][ T9478] ? prepare_alloc_pages+0x16d/0x5f0 [ 436.270095][ T9478] should_fail_alloc_page+0xeb/0x140 [ 436.270124][ T9478] prepare_alloc_pages+0x1f0/0x5f0 [ 436.270159][ T9478] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 436.270203][ T9478] ? rcu_is_watching+0x12/0xc0 [ 436.270242][ T9478] ? trace_mm_page_alloc+0x17a/0x1d0 [ 436.270272][ T9478] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 436.270317][ T9478] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 436.270362][ T9478] ? find_held_lock+0x2b/0x80 [ 436.270385][ T9478] ? is_bpf_text_address+0x8a/0x1a0 [ 436.270425][ T9478] ? is_bpf_text_address+0x8a/0x1a0 [ 436.270468][ T9478] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 436.270496][ T9478] ? is_bpf_text_address+0x94/0x1a0 [ 436.270536][ T9478] ? kernel_text_address+0x8d/0x100 [ 436.270574][ T9478] ? __kernel_text_address+0xd/0x30 [ 436.270625][ T9478] ? unwind_get_return_address+0x59/0xa0 [ 436.270663][ T9478] alloc_pages_bulk_noprof+0x782/0x1490 [ 436.270715][ T9478] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 436.270758][ T9478] ? kasan_save_stack+0x30/0x50 [ 436.270805][ T9478] ? alloc_pages_noprof+0x233/0x390 [ 436.270836][ T9478] __kasan_populate_vmalloc+0xf0/0x210 [ 436.270882][ T9478] alloc_vmap_area+0x95d/0x2bd0 [ 436.270921][ T9478] ? __pfx_alloc_vmap_area+0x10/0x10 [ 436.270955][ T9478] __get_vm_area_node+0x1ca/0x330 [ 436.270989][ T9478] __vmalloc_node_range_noprof+0x213/0x1530 [ 436.271022][ T9478] ? n_tty_open+0x1a/0x170 [ 436.271048][ T9478] ? look_up_lock_class+0x64/0x120 [ 436.271088][ T9478] ? n_tty_open+0x1a/0x170 [ 436.271121][ T9478] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 436.271154][ T9478] ? __ldsem_down_write_nested+0xfd/0x830 [ 436.271180][ T9478] ? __ldsem_down_write_nested+0x10e/0x830 [ 436.271204][ T9478] ? is_console_locked+0x9/0x20 [ 436.271240][ T9478] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 436.271270][ T9478] ? n_tty_open+0x1a/0x170 [ 436.271292][ T9478] __vmalloc_node_noprof+0xad/0xf0 [ 436.271324][ T9478] ? n_tty_open+0x1a/0x170 [ 436.271348][ T9478] ? __pfx_n_tty_open+0x10/0x10 [ 436.271372][ T9478] n_tty_open+0x1a/0x170 [ 436.271397][ T9478] tty_ldisc_open+0xa2/0x120 [ 436.271429][ T9478] tty_ldisc_setup+0x40/0xf0 [ 436.271464][ T9478] tty_init_dev.part.0+0x1b5/0x470 [ 436.271507][ T9478] tty_open+0xa63/0xfa0 [ 436.271550][ T9478] ? __pfx_tty_open+0x10/0x10 [ 436.271587][ T9478] ? chrdev_open+0x10b/0x6a0 [ 436.271618][ T9478] ? chrdev_open+0x10b/0x6a0 [ 436.271649][ T9478] ? __pfx_tty_open+0x10/0x10 [ 436.271687][ T9478] chrdev_open+0x234/0x6a0 [ 436.271712][ T9478] ? __pfx_apparmor_file_open+0x10/0x10 [ 436.271756][ T9478] ? __pfx_chrdev_open+0x10/0x10 [ 436.271784][ T9478] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 436.271818][ T9478] do_dentry_open+0x6d8/0x1660 [ 436.271843][ T9478] ? __pfx_chrdev_open+0x10/0x10 [ 436.271877][ T9478] vfs_open+0x82/0x3f0 [ 436.271969][ T9478] path_openat+0x208c/0x31a0 [ 436.272019][ T9478] ? __pfx_path_openat+0x10/0x10 [ 436.272069][ T9478] do_file_open+0x20e/0x430 [ 436.272098][ T9478] ? __pfx_do_file_open+0x10/0x10 [ 436.272163][ T9478] ? alloc_fd+0x476/0x790 [ 436.272191][ T9478] ? do_getname+0x191/0x390 [ 436.272226][ T9478] do_sys_openat2+0x10d/0x1e0 [ 436.272260][ T9478] ? __pfx_do_sys_openat2+0x10/0x10 [ 436.272305][ T9478] __x64_sys_openat+0x12d/0x210 [ 436.272340][ T9478] ? __pfx___x64_sys_openat+0x10/0x10 [ 436.272386][ T9478] do_syscall_64+0x106/0xf80 [ 436.272422][ T9478] ? clear_bhb_loop+0x40/0x90 [ 436.272454][ T9478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.272481][ T9478] RIP: 0033:0x7f695e79c799 [ 436.272502][ T9478] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 436.272528][ T9478] RSP: 002b:00007f695f6b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 436.272553][ T9478] RAX: ffffffffffffffda RBX: 00007f695ea15fa0 RCX: 00007f695e79c799 [ 436.272571][ T9478] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 436.272588][ T9478] RBP: 00007f695e832c99 R08: 0000000000000000 R09: 0000000000000000 [ 436.272621][ T9478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 436.272637][ T9478] R13: 00007f695ea16038 R14: 00007f695ea15fa0 R15: 00007fff214060a8 [ 436.272668][ T9478] [ 436.431464][ T9478] tty tty16: ldisc open failed (-12), clearing slot 15 [ 438.857341][ T9517] netlink: 334 bytes leftover after parsing attributes in process `syz.1.781'. [ 438.904381][ T9517] FAULT_INJECTION: forcing a failure. [ 438.904381][ T9517] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 438.945403][ T9517] CPU: 1 UID: 0 PID: 9517 Comm: syz.1.781 Tainted: G L syzkaller #0 PREEMPT(full) [ 438.945444][ T9517] Tainted: [L]=SOFTLOCKUP [ 438.945454][ T9517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 438.945470][ T9517] Call Trace: [ 438.945480][ T9517] [ 438.945491][ T9517] dump_stack_lvl+0x100/0x190 [ 438.945533][ T9517] should_fail_ex.cold+0x5/0xa [ 438.945557][ T9517] ? prepare_alloc_pages+0x16d/0x5f0 [ 438.945589][ T9517] should_fail_alloc_page+0xeb/0x140 [ 438.945617][ T9517] prepare_alloc_pages+0x1f0/0x5f0 [ 438.945652][ T9517] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 438.945704][ T9517] ? find_held_lock+0x2b/0x80 [ 438.945728][ T9517] ? is_bpf_text_address+0x8a/0x1a0 [ 438.945767][ T9517] ? is_bpf_text_address+0x8a/0x1a0 [ 438.945807][ T9517] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 438.945847][ T9517] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 438.945875][ T9517] ? is_bpf_text_address+0x94/0x1a0 [ 438.945914][ T9517] ? kernel_text_address+0x8d/0x100 [ 438.945957][ T9517] ? __kernel_text_address+0xd/0x30 [ 438.946028][ T9517] ? unwind_get_return_address+0x59/0xa0 [ 438.946081][ T9517] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 438.946142][ T9517] ? policy_nodemask+0xed/0x4f0 [ 438.946181][ T9517] alloc_pages_mpol+0x1fb/0x550 [ 438.946220][ T9517] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 438.946263][ T9517] ? kasan_save_stack+0x30/0x50 [ 438.946314][ T9517] ? kasan_save_track+0x14/0x30 [ 438.946367][ T9517] ? __kasan_kmalloc+0xaa/0xb0 [ 438.946417][ T9517] ? __get_vm_area_node+0x101/0x330 [ 438.946454][ T9517] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 438.946503][ T9517] alloc_pages_noprof+0x131/0x390 [ 438.946540][ T9517] get_free_pages_noprof+0x10/0xb0 [ 438.946574][ T9517] __kasan_populate_vmalloc+0xa0/0x210 [ 438.946636][ T9517] alloc_vmap_area+0x95d/0x2bd0 [ 438.946687][ T9517] ? __pfx_alloc_vmap_area+0x10/0x10 [ 438.946736][ T9517] __get_vm_area_node+0x1ca/0x330 [ 438.946785][ T9517] __vmalloc_node_range_noprof+0x213/0x1530 [ 438.946830][ T9517] ? n_tty_open+0x1a/0x170 [ 438.946870][ T9517] ? look_up_lock_class+0x64/0x120 [ 438.946927][ T9517] ? n_tty_open+0x1a/0x170 [ 438.946970][ T9517] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 438.947009][ T9517] ? __ldsem_down_write_nested+0xfd/0x830 [ 438.947038][ T9517] ? __ldsem_down_write_nested+0x10e/0x830 [ 438.947067][ T9517] ? is_console_locked+0x9/0x20 [ 438.947108][ T9517] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 438.947141][ T9517] ? n_tty_open+0x1a/0x170 [ 438.947166][ T9517] __vmalloc_node_noprof+0xad/0xf0 [ 438.947202][ T9517] ? n_tty_open+0x1a/0x170 [ 438.947240][ T9517] ? __pfx_n_tty_open+0x10/0x10 [ 438.947268][ T9517] n_tty_open+0x1a/0x170 [ 438.947297][ T9517] tty_ldisc_open+0xa2/0x120 [ 438.947335][ T9517] tty_ldisc_setup+0x40/0xf0 [ 438.947375][ T9517] tty_init_dev.part.0+0x1b5/0x470 [ 438.947426][ T9517] tty_open+0xa63/0xfa0 [ 438.947475][ T9517] ? __pfx_tty_open+0x10/0x10 [ 438.947519][ T9517] ? chrdev_open+0x10b/0x6a0 [ 438.947547][ T9517] ? chrdev_open+0x10b/0x6a0 [ 438.947581][ T9517] ? __pfx_tty_open+0x10/0x10 [ 438.947624][ T9517] chrdev_open+0x234/0x6a0 [ 438.947652][ T9517] ? __pfx_apparmor_file_open+0x10/0x10 [ 438.947700][ T9517] ? __pfx_chrdev_open+0x10/0x10 [ 438.947732][ T9517] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 438.947770][ T9517] do_dentry_open+0x6d8/0x1660 [ 438.947798][ T9517] ? __pfx_chrdev_open+0x10/0x10 [ 438.947838][ T9517] vfs_open+0x82/0x3f0 [ 438.947878][ T9517] path_openat+0x208c/0x31a0 [ 438.947920][ T9517] ? __pfx_path_openat+0x10/0x10 [ 438.947962][ T9517] do_file_open+0x20e/0x430 [ 438.947995][ T9517] ? __pfx_do_file_open+0x10/0x10 [ 438.948049][ T9517] ? alloc_fd+0x476/0x790 [ 438.948082][ T9517] ? do_getname+0x191/0x390 [ 438.948121][ T9517] do_sys_openat2+0x10d/0x1e0 [ 438.948159][ T9517] ? __pfx_do_sys_openat2+0x10/0x10 [ 438.948210][ T9517] __x64_sys_openat+0x12d/0x210 [ 438.948254][ T9517] ? __pfx___x64_sys_openat+0x10/0x10 [ 438.948308][ T9517] do_syscall_64+0x106/0xf80 [ 438.948348][ T9517] ? clear_bhb_loop+0x40/0x90 [ 438.948384][ T9517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.948414][ T9517] RIP: 0033:0x7f772039c799 [ 438.948440][ T9517] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 438.948467][ T9517] RSP: 002b:00007f77211b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 438.948497][ T9517] RAX: ffffffffffffffda RBX: 00007f7720615fa0 RCX: 00007f772039c799 [ 438.948517][ T9517] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 438.948536][ T9517] RBP: 00007f7720432c99 R08: 0000000000000000 R09: 0000000000000000 [ 438.948555][ T9517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 438.948572][ T9517] R13: 00007f7720616038 R14: 00007f7720615fa0 R15: 00007ffe4c435238 [ 438.948610][ T9517] [ 439.647030][ T9517] tty tty16: ldisc open failed (-12), clearing slot 15 [ 440.732125][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.738753][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.792442][ T9540] program syz.4.786 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 443.624777][ T9553] program syz.4.787 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 443.815301][ T9587] netlink: 334 bytes leftover after parsing attributes in process `syz.2.795'. [ 443.936573][ T9587] FAULT_INJECTION: forcing a failure. [ 443.936573][ T9587] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 443.988988][ T9587] CPU: 0 UID: 0 PID: 9587 Comm: syz.2.795 Tainted: G L syzkaller #0 PREEMPT(full) [ 443.989033][ T9587] Tainted: [L]=SOFTLOCKUP [ 443.989043][ T9587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 443.989059][ T9587] Call Trace: [ 443.989068][ T9587] [ 443.989078][ T9587] dump_stack_lvl+0x100/0x190 [ 443.989123][ T9587] should_fail_ex.cold+0x5/0xa [ 443.989160][ T9587] ? prepare_alloc_pages+0x16d/0x5f0 [ 443.989191][ T9587] should_fail_alloc_page+0xeb/0x140 [ 443.989226][ T9587] prepare_alloc_pages+0x1f0/0x5f0 [ 443.989259][ T9587] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 443.989310][ T9587] ? find_held_lock+0x2b/0x80 [ 443.989333][ T9587] ? is_bpf_text_address+0x8a/0x1a0 [ 443.989372][ T9587] ? is_bpf_text_address+0x8a/0x1a0 [ 443.989410][ T9587] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 443.989449][ T9587] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 443.989476][ T9587] ? is_bpf_text_address+0x94/0x1a0 [ 443.989514][ T9587] ? kernel_text_address+0x8d/0x100 [ 443.989551][ T9587] ? __kernel_text_address+0xd/0x30 [ 443.989587][ T9587] ? unwind_get_return_address+0x59/0xa0 [ 443.989635][ T9587] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 443.989676][ T9587] ? policy_nodemask+0xed/0x4f0 [ 443.989754][ T9587] alloc_pages_mpol+0x1fb/0x550 [ 443.989793][ T9587] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 443.989831][ T9587] ? kasan_save_stack+0x30/0x50 [ 443.989868][ T9587] ? kasan_save_track+0x14/0x30 [ 443.989906][ T9587] ? __kasan_kmalloc+0xaa/0xb0 [ 443.989942][ T9587] ? __get_vm_area_node+0x101/0x330 [ 443.989970][ T9587] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 443.990007][ T9587] alloc_pages_noprof+0x131/0x390 [ 443.990035][ T9587] get_free_pages_noprof+0x10/0xb0 [ 443.990061][ T9587] __kasan_populate_vmalloc+0xa0/0x210 [ 443.990105][ T9587] alloc_vmap_area+0x95d/0x2bd0 [ 443.990143][ T9587] ? __pfx_alloc_vmap_area+0x10/0x10 [ 443.990176][ T9587] __get_vm_area_node+0x1ca/0x330 [ 443.990222][ T9587] __vmalloc_node_range_noprof+0x213/0x1530 [ 443.990255][ T9587] ? n_tty_open+0x1a/0x170 [ 443.990280][ T9587] ? look_up_lock_class+0x64/0x120 [ 443.990320][ T9587] ? n_tty_open+0x1a/0x170 [ 443.990350][ T9587] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 443.990388][ T9587] ? __ldsem_down_write_nested+0xfd/0x830 [ 443.990412][ T9587] ? __ldsem_down_write_nested+0x10e/0x830 [ 443.990436][ T9587] ? is_console_locked+0x9/0x20 [ 443.990470][ T9587] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 443.990498][ T9587] ? n_tty_open+0x1a/0x170 [ 443.990520][ T9587] __vmalloc_node_noprof+0xad/0xf0 [ 443.990550][ T9587] ? n_tty_open+0x1a/0x170 [ 443.990574][ T9587] ? __pfx_n_tty_open+0x10/0x10 [ 443.990597][ T9587] n_tty_open+0x1a/0x170 [ 443.990620][ T9587] tty_ldisc_open+0xa2/0x120 [ 443.990653][ T9587] tty_ldisc_setup+0x40/0xf0 [ 443.990691][ T9587] tty_init_dev.part.0+0x1b5/0x470 [ 443.990733][ T9587] tty_open+0xa63/0xfa0 [ 443.990775][ T9587] ? __pfx_tty_open+0x10/0x10 [ 443.990841][ T9587] ? chrdev_open+0x10b/0x6a0 [ 443.990866][ T9587] ? chrdev_open+0x10b/0x6a0 [ 443.990896][ T9587] ? __pfx_tty_open+0x10/0x10 [ 443.990935][ T9587] chrdev_open+0x234/0x6a0 [ 443.990959][ T9587] ? __pfx_apparmor_file_open+0x10/0x10 [ 443.991005][ T9587] ? __pfx_chrdev_open+0x10/0x10 [ 443.991033][ T9587] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 443.991067][ T9587] do_dentry_open+0x6d8/0x1660 [ 443.991092][ T9587] ? __pfx_chrdev_open+0x10/0x10 [ 443.991125][ T9587] vfs_open+0x82/0x3f0 [ 443.991161][ T9587] path_openat+0x208c/0x31a0 [ 443.991199][ T9587] ? __pfx_path_openat+0x10/0x10 [ 443.991241][ T9587] do_file_open+0x20e/0x430 [ 443.991270][ T9587] ? __pfx_do_file_open+0x10/0x10 [ 443.991318][ T9587] ? alloc_fd+0x476/0x790 [ 443.991345][ T9587] ? do_getname+0x191/0x390 [ 443.991380][ T9587] do_sys_openat2+0x10d/0x1e0 [ 443.991414][ T9587] ? __pfx_do_sys_openat2+0x10/0x10 [ 443.991460][ T9587] __x64_sys_openat+0x12d/0x210 [ 443.991495][ T9587] ? __pfx___x64_sys_openat+0x10/0x10 [ 443.991541][ T9587] do_syscall_64+0x106/0xf80 [ 443.991577][ T9587] ? clear_bhb_loop+0x40/0x90 [ 443.991608][ T9587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 443.991635][ T9587] RIP: 0033:0x7f37afb9c799 [ 443.991656][ T9587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 443.991683][ T9587] RSP: 002b:00007f37b09ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 443.991707][ T9587] RAX: ffffffffffffffda RBX: 00007f37afe15fa0 RCX: 00007f37afb9c799 [ 443.991725][ T9587] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 443.991741][ T9587] RBP: 00007f37afc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 443.991757][ T9587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 443.991773][ T9587] R13: 00007f37afe16038 R14: 00007f37afe15fa0 R15: 00007ffc29622088 [ 443.991807][ T9587] [ 443.992211][ T9587] warn_alloc: 2 callbacks suppressed [ 443.992233][ T9587] syz.2.795: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 444.653075][ T9587] CPU: 1 UID: 0 PID: 9587 Comm: syz.2.795 Tainted: G L syzkaller #0 PREEMPT(full) [ 444.653127][ T9587] Tainted: [L]=SOFTLOCKUP [ 444.653140][ T9587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 444.653161][ T9587] Call Trace: [ 444.653173][ T9587] [ 444.653193][ T9587] dump_stack_lvl+0x100/0x190 [ 444.653250][ T9587] warn_alloc.cold+0x95/0x1c1 [ 444.653310][ T9587] ? __pfx_warn_alloc+0x10/0x10 [ 444.653358][ T9587] ? lockdep_hardirqs_on+0x78/0x100 [ 444.653411][ T9587] ? __get_vm_area_node+0x2c5/0x330 [ 444.653460][ T9587] ? __get_vm_area_node+0x208/0x330 [ 444.653508][ T9587] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 444.653555][ T9587] ? look_up_lock_class+0x64/0x120 [ 444.653609][ T9587] ? n_tty_open+0x1a/0x170 [ 444.653655][ T9587] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 444.653700][ T9587] ? __ldsem_down_write_nested+0xfd/0x830 [ 444.653733][ T9587] ? __ldsem_down_write_nested+0x10e/0x830 [ 444.653765][ T9587] ? is_console_locked+0x9/0x20 [ 444.653813][ T9587] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 444.653853][ T9587] ? n_tty_open+0x1a/0x170 [ 444.653884][ T9587] __vmalloc_node_noprof+0xad/0xf0 [ 444.653926][ T9587] ? n_tty_open+0x1a/0x170 [ 444.653961][ T9587] ? __pfx_n_tty_open+0x10/0x10 [ 444.653994][ T9587] n_tty_open+0x1a/0x170 [ 444.654026][ T9587] tty_ldisc_open+0xa2/0x120 [ 444.654070][ T9587] tty_ldisc_setup+0x40/0xf0 [ 444.654115][ T9587] tty_init_dev.part.0+0x1b5/0x470 [ 444.654171][ T9587] tty_open+0xa63/0xfa0 [ 444.654237][ T9587] ? __pfx_tty_open+0x10/0x10 [ 444.654286][ T9587] ? chrdev_open+0x10b/0x6a0 [ 444.654330][ T9587] ? chrdev_open+0x10b/0x6a0 [ 444.654368][ T9587] ? __pfx_tty_open+0x10/0x10 [ 444.654416][ T9587] chrdev_open+0x234/0x6a0 [ 444.654447][ T9587] ? __pfx_apparmor_file_open+0x10/0x10 [ 444.654500][ T9587] ? __pfx_chrdev_open+0x10/0x10 [ 444.654536][ T9587] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 444.654579][ T9587] do_dentry_open+0x6d8/0x1660 [ 444.654621][ T9587] ? __pfx_chrdev_open+0x10/0x10 [ 444.654661][ T9587] vfs_open+0x82/0x3f0 [ 444.654704][ T9587] path_openat+0x208c/0x31a0 [ 444.654748][ T9587] ? __pfx_path_openat+0x10/0x10 [ 444.654794][ T9587] do_file_open+0x20e/0x430 [ 444.654829][ T9587] ? __pfx_do_file_open+0x10/0x10 [ 444.654888][ T9587] ? alloc_fd+0x476/0x790 [ 444.654946][ T9587] ? do_getname+0x191/0x390 [ 444.654990][ T9587] do_sys_openat2+0x10d/0x1e0 [ 444.655032][ T9587] ? __pfx_do_sys_openat2+0x10/0x10 [ 444.655089][ T9587] __x64_sys_openat+0x12d/0x210 [ 444.655133][ T9587] ? __pfx___x64_sys_openat+0x10/0x10 [ 444.655197][ T9587] do_syscall_64+0x106/0xf80 [ 444.655241][ T9587] ? clear_bhb_loop+0x40/0x90 [ 444.655281][ T9587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.655314][ T9587] RIP: 0033:0x7f37afb9c799 [ 444.655341][ T9587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 444.655371][ T9587] RSP: 002b:00007f37b09ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 444.655400][ T9587] RAX: ffffffffffffffda RBX: 00007f37afe15fa0 RCX: 00007f37afb9c799 [ 444.655421][ T9587] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 444.655441][ T9587] RBP: 00007f37afc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 444.655461][ T9587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 444.655480][ T9587] R13: 00007f37afe16038 R14: 00007f37afe15fa0 R15: 00007ffc29622088 [ 444.655531][ T9587] [ 444.658395][ T9587] Mem-Info: [ 445.113063][ T9587] active_anon:9152 inactive_anon:0 isolated_anon:0 [ 445.113063][ T9587] active_file:15108 inactive_file:41302 isolated_file:0 [ 445.113063][ T9587] unevictable:1595 dirty:666 writeback:0 [ 445.113063][ T9587] slab_reclaimable:11959 slab_unreclaimable:112893 [ 445.113063][ T9587] mapped:36401 shmem:1871 pagetables:1175 [ 445.113063][ T9587] sec_pagetables:0 bounce:0 [ 445.113063][ T9587] kernel_misc_reclaimable:0 [ 445.113063][ T9587] free:1290858 free_pcp:12070 free_cma:0 [ 445.295581][ T9587] Node 0 active_anon:31536kB inactive_anon:0kB active_file:60432kB inactive_file:166916kB unevictable:1592kB isolated(anon):0kB isolated(file):0kB mapped:129316kB dirty:2676kB writeback:0kB shmem:3900kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12712kB pagetables:4384kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 445.329830][ T9587] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 445.446896][ T9587] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 445.547093][ T9599] program syz.4.797 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 445.590740][ T9587] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 445.596642][ T9587] Node 0 DMA32 free:1218968kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31276kB inactive_anon:0kB active_file:60432kB inactive_file:166928kB unevictable:1588kB writepending:2792kB zspages:0kB present:3129332kB managed:2537384kB mlocked:52kB bounce:0kB free_pcp:45252kB local_pcp:24460kB free_cma:0kB [ 445.660372][ T9600] program syz.3.796 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 445.698111][ T9587] lowmem_reserve[]: 0 0 1 1 1 [ 445.703997][ T9587] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 445.769990][ T9587] lowmem_reserve[]: 0 0 0 0 0 [ 445.774965][ T9587] Node 1 Normal free:3937632kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:2012kB local_pcp:2012kB free_cma:0kB [ 445.830658][ T9587] lowmem_reserve[]: 0 0 0 0 0 [ 445.845855][ T9587] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 445.894333][ T9587] Node 0 DMA32: 3167*4kB (UME) 3044*8kB (UME) 1463*16kB (UM) 658*32kB (ME) 484*64kB (UME) 315*128kB (UME) 187*256kB (UM) 109*512kB (UME) 55*1024kB (UM) 3*2048kB (UM) 219*4096kB (M) = 1215948kB [ 445.923633][ T9587] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 445.940224][ T9587] Node 1 Normal: 2*4kB (UM) 1*8kB (M) 1*16kB (M) 2*32kB (UM) 2*64kB (UM) 1*128kB (M) 2*256kB (M) 3*512kB (UM) 1*1024kB (M) 1*2048kB (M) 960*4096kB (M) = 3937632kB [ 445.957320][ T9587] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 445.967045][ T9587] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 446.010151][ T9587] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 446.030071][ T9587] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 446.050996][ T9587] 58331 total pagecache pages [ 446.055764][ T9587] 0 pages in swap cache [ 446.080284][ T9587] Free swap = 124996kB [ 446.088006][ T9587] Total swap = 124996kB [ 446.102693][ T9587] 2097051 pages RAM [ 446.106567][ T9587] 0 pages HighMem/MovableOnly [ 446.125389][ T9587] 430825 pages reserved [ 446.129618][ T9587] 0 pages cma reserved [ 446.143887][ T9587] tty tty16: ldisc open failed (-12), clearing slot 15 [ 446.491891][ T9615] program syz.2.802 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 446.869306][ T9626] program syz.3.805 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 446.896761][ T9628] program syz.1.814 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 449.548178][ T9669] netlink: 334 bytes leftover after parsing attributes in process `syz.4.811'. [ 449.564755][ T9669] FAULT_INJECTION: forcing a failure. [ 449.564755][ T9669] name failslab, interval 1, probability 0, space 0, times 0 [ 449.577708][ T9669] CPU: 1 UID: 0 PID: 9669 Comm: syz.4.811 Tainted: G L syzkaller #0 PREEMPT(full) [ 449.577759][ T9669] Tainted: [L]=SOFTLOCKUP [ 449.577771][ T9669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 449.577801][ T9669] Call Trace: [ 449.577813][ T9669] [ 449.577826][ T9669] dump_stack_lvl+0x100/0x190 [ 449.577883][ T9669] should_fail_ex.cold+0x5/0xa [ 449.577925][ T9669] should_failslab+0xc2/0x120 [ 449.577961][ T9669] __kmalloc_node_noprof+0xe6/0x850 [ 449.578011][ T9669] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 449.578066][ T9669] __vmalloc_node_range_noprof+0x3dc/0x1530 [ 449.578120][ T9669] ? n_tty_open+0x1a/0x170 [ 449.578166][ T9669] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 449.578210][ T9669] ? __ldsem_down_write_nested+0xfd/0x830 [ 449.578244][ T9669] ? __ldsem_down_write_nested+0x10e/0x830 [ 449.578278][ T9669] ? is_console_locked+0x9/0x20 [ 449.578325][ T9669] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 449.578365][ T9669] ? n_tty_open+0x1a/0x170 [ 449.578396][ T9669] __vmalloc_node_noprof+0xad/0xf0 [ 449.578437][ T9669] ? n_tty_open+0x1a/0x170 [ 449.578471][ T9669] ? __pfx_n_tty_open+0x10/0x10 [ 449.578502][ T9669] n_tty_open+0x1a/0x170 [ 449.578536][ T9669] tty_ldisc_open+0xa2/0x120 [ 449.578580][ T9669] tty_ldisc_setup+0x40/0xf0 [ 449.578627][ T9669] tty_init_dev.part.0+0x1b5/0x470 [ 449.578684][ T9669] tty_open+0xa63/0xfa0 [ 449.578741][ T9669] ? __pfx_tty_open+0x10/0x10 [ 449.578788][ T9669] ? chrdev_open+0x10b/0x6a0 [ 449.578831][ T9669] ? chrdev_open+0x10b/0x6a0 [ 449.578870][ T9669] ? __pfx_tty_open+0x10/0x10 [ 449.578918][ T9669] chrdev_open+0x234/0x6a0 [ 449.578950][ T9669] ? __pfx_apparmor_file_open+0x10/0x10 [ 449.579006][ T9669] ? __pfx_chrdev_open+0x10/0x10 [ 449.579042][ T9669] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 449.579086][ T9669] do_dentry_open+0x6d8/0x1660 [ 449.579118][ T9669] ? __pfx_chrdev_open+0x10/0x10 [ 449.579164][ T9669] vfs_open+0x82/0x3f0 [ 449.579210][ T9669] path_openat+0x208c/0x31a0 [ 449.579256][ T9669] ? __pfx_path_openat+0x10/0x10 [ 449.579305][ T9669] do_file_open+0x20e/0x430 [ 449.579343][ T9669] ? __pfx_do_file_open+0x10/0x10 [ 449.579408][ T9669] ? alloc_fd+0x476/0x790 [ 449.579445][ T9669] ? do_getname+0x191/0x390 [ 449.579492][ T9669] do_sys_openat2+0x10d/0x1e0 [ 449.579535][ T9669] ? __pfx_do_sys_openat2+0x10/0x10 [ 449.579594][ T9669] __x64_sys_openat+0x12d/0x210 [ 449.579641][ T9669] ? __pfx___x64_sys_openat+0x10/0x10 [ 449.579705][ T9669] do_syscall_64+0x106/0xf80 [ 449.579751][ T9669] ? clear_bhb_loop+0x40/0x90 [ 449.579802][ T9669] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.579838][ T9669] RIP: 0033:0x7f880b99c799 [ 449.579866][ T9669] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 449.579901][ T9669] RSP: 002b:00007f880c90b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 449.579934][ T9669] RAX: ffffffffffffffda RBX: 00007f880bc15fa0 RCX: 00007f880b99c799 [ 449.579957][ T9669] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 449.579979][ T9669] RBP: 00007f880ba32c99 R08: 0000000000000000 R09: 0000000000000000 [ 449.580000][ T9669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 449.580021][ T9669] R13: 00007f880bc16038 R14: 00007f880bc15fa0 R15: 00007fff9a6685c8 [ 449.580067][ T9669] [ 449.915579][ T9669] tty tty16: ldisc open failed (-12), clearing slot 15 [ 451.371988][ T9687] program syz.3.818 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 452.391491][ T9704] netlink: 334 bytes leftover after parsing attributes in process `syz.3.823'. [ 452.451393][ T9704] FAULT_INJECTION: forcing a failure. [ 452.451393][ T9704] name failslab, interval 1, probability 0, space 0, times 0 [ 452.483179][ T9704] CPU: 1 UID: 0 PID: 9704 Comm: syz.3.823 Tainted: G L syzkaller #0 PREEMPT(full) [ 452.483235][ T9704] Tainted: [L]=SOFTLOCKUP [ 452.483249][ T9704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 452.483270][ T9704] Call Trace: [ 452.483281][ T9704] [ 452.483295][ T9704] dump_stack_lvl+0x100/0x190 [ 452.483354][ T9704] should_fail_ex.cold+0x5/0xa [ 452.483395][ T9704] should_failslab+0xc2/0x120 [ 452.483456][ T9704] __kmalloc_node_noprof+0xe6/0x850 [ 452.483509][ T9704] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 452.483565][ T9704] __vmalloc_node_range_noprof+0x3dc/0x1530 [ 452.483632][ T9704] ? n_tty_open+0x1a/0x170 [ 452.483680][ T9704] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 452.483734][ T9704] ? __ldsem_down_write_nested+0xfd/0x830 [ 452.483768][ T9704] ? __ldsem_down_write_nested+0x10e/0x830 [ 452.483803][ T9704] ? is_console_locked+0x9/0x20 [ 452.483853][ T9704] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 452.483895][ T9704] ? n_tty_open+0x1a/0x170 [ 452.483927][ T9704] __vmalloc_node_noprof+0xad/0xf0 [ 452.483971][ T9704] ? n_tty_open+0x1a/0x170 [ 452.484006][ T9704] ? __pfx_n_tty_open+0x10/0x10 [ 452.484040][ T9704] n_tty_open+0x1a/0x170 [ 452.484074][ T9704] tty_ldisc_open+0xa2/0x120 [ 452.484119][ T9704] tty_ldisc_setup+0x40/0xf0 [ 452.484167][ T9704] tty_init_dev.part.0+0x1b5/0x470 [ 452.484228][ T9704] tty_open+0xa63/0xfa0 [ 452.484289][ T9704] ? __pfx_tty_open+0x10/0x10 [ 452.484340][ T9704] ? chrdev_open+0x10b/0x6a0 [ 452.484374][ T9704] ? chrdev_open+0x10b/0x6a0 [ 452.484415][ T9704] ? __pfx_tty_open+0x10/0x10 [ 452.484461][ T9704] chrdev_open+0x234/0x6a0 [ 452.484490][ T9704] ? __pfx_apparmor_file_open+0x10/0x10 [ 452.484540][ T9704] ? __pfx_chrdev_open+0x10/0x10 [ 452.484572][ T9704] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 452.484619][ T9704] do_dentry_open+0x6d8/0x1660 [ 452.484648][ T9704] ? __pfx_chrdev_open+0x10/0x10 [ 452.484687][ T9704] vfs_open+0x82/0x3f0 [ 452.484728][ T9704] path_openat+0x208c/0x31a0 [ 452.484784][ T9704] ? __pfx_path_openat+0x10/0x10 [ 452.484826][ T9704] do_file_open+0x20e/0x430 [ 452.484858][ T9704] ? __pfx_do_file_open+0x10/0x10 [ 452.484911][ T9704] ? alloc_fd+0x476/0x790 [ 452.484941][ T9704] ? do_getname+0x191/0x390 [ 452.484980][ T9704] do_sys_openat2+0x10d/0x1e0 [ 452.485016][ T9704] ? __pfx_do_sys_openat2+0x10/0x10 [ 452.485066][ T9704] __x64_sys_openat+0x12d/0x210 [ 452.485104][ T9704] ? __pfx___x64_sys_openat+0x10/0x10 [ 452.485155][ T9704] do_syscall_64+0x106/0xf80 [ 452.485194][ T9704] ? clear_bhb_loop+0x40/0x90 [ 452.485228][ T9704] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.485256][ T9704] RIP: 0033:0x7f695e79c799 [ 452.485281][ T9704] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 452.485308][ T9704] RSP: 002b:00007f695f6b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 452.485335][ T9704] RAX: ffffffffffffffda RBX: 00007f695ea15fa0 RCX: 00007f695e79c799 [ 452.485354][ T9704] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 452.485373][ T9704] RBP: 00007f695e832c99 R08: 0000000000000000 R09: 0000000000000000 [ 452.485390][ T9704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 452.485407][ T9704] R13: 00007f695ea16038 R14: 00007f695ea15fa0 R15: 00007fff214060a8 [ 452.485443][ T9704] [ 452.486657][ T9704] tty tty16: ldisc open failed (-12), clearing slot 15 [ 452.909756][ T9711] netlink: 334 bytes leftover after parsing attributes in process `syz.1.822'. [ 452.925989][ T9711] FAULT_INJECTION: forcing a failure. [ 452.925989][ T9711] name failslab, interval 1, probability 0, space 0, times 0 [ 452.940146][ T9711] CPU: 0 UID: 0 PID: 9711 Comm: syz.1.822 Tainted: G L syzkaller #0 PREEMPT(full) [ 452.940185][ T9711] Tainted: [L]=SOFTLOCKUP [ 452.940195][ T9711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 452.940211][ T9711] Call Trace: [ 452.940219][ T9711] [ 452.940229][ T9711] dump_stack_lvl+0x100/0x190 [ 452.940272][ T9711] should_fail_ex.cold+0x5/0xa [ 452.940301][ T9711] should_failslab+0xc2/0x120 [ 452.940328][ T9711] __kmalloc_node_noprof+0xe6/0x850 [ 452.940366][ T9711] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 452.940405][ T9711] __vmalloc_node_range_noprof+0x3dc/0x1530 [ 452.940446][ T9711] ? n_tty_open+0x1a/0x170 [ 452.940479][ T9711] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 452.940512][ T9711] ? __ldsem_down_write_nested+0xfd/0x830 [ 452.940537][ T9711] ? __ldsem_down_write_nested+0x10e/0x830 [ 452.940562][ T9711] ? is_console_locked+0x9/0x20 [ 452.940597][ T9711] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 452.940627][ T9711] ? n_tty_open+0x1a/0x170 [ 452.940649][ T9711] __vmalloc_node_noprof+0xad/0xf0 [ 452.940681][ T9711] ? n_tty_open+0x1a/0x170 [ 452.940705][ T9711] ? __pfx_n_tty_open+0x10/0x10 [ 452.940729][ T9711] n_tty_open+0x1a/0x170 [ 452.940753][ T9711] tty_ldisc_open+0xa2/0x120 [ 452.940789][ T9711] tty_ldisc_setup+0x40/0xf0 [ 452.940832][ T9711] tty_init_dev.part.0+0x1b5/0x470 [ 452.940875][ T9711] tty_open+0xa63/0xfa0 [ 452.940919][ T9711] ? __pfx_tty_open+0x10/0x10 [ 452.940956][ T9711] ? chrdev_open+0x10b/0x6a0 [ 452.940980][ T9711] ? chrdev_open+0x10b/0x6a0 [ 452.941010][ T9711] ? __pfx_tty_open+0x10/0x10 [ 452.941048][ T9711] chrdev_open+0x234/0x6a0 [ 452.941072][ T9711] ? __pfx_apparmor_file_open+0x10/0x10 [ 452.941115][ T9711] ? __pfx_chrdev_open+0x10/0x10 [ 452.941143][ T9711] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 452.941177][ T9711] do_dentry_open+0x6d8/0x1660 [ 452.941201][ T9711] ? __pfx_chrdev_open+0x10/0x10 [ 452.941234][ T9711] vfs_open+0x82/0x3f0 [ 452.941270][ T9711] path_openat+0x208c/0x31a0 [ 452.941306][ T9711] ? __pfx_path_openat+0x10/0x10 [ 452.941343][ T9711] do_file_open+0x20e/0x430 [ 452.941371][ T9711] ? __pfx_do_file_open+0x10/0x10 [ 452.941419][ T9711] ? alloc_fd+0x476/0x790 [ 452.941447][ T9711] ? do_getname+0x191/0x390 [ 452.941482][ T9711] do_sys_openat2+0x10d/0x1e0 [ 452.941516][ T9711] ? __pfx_do_sys_openat2+0x10/0x10 [ 452.941563][ T9711] __x64_sys_openat+0x12d/0x210 [ 452.941598][ T9711] ? __pfx___x64_sys_openat+0x10/0x10 [ 452.941644][ T9711] do_syscall_64+0x106/0xf80 [ 452.941680][ T9711] ? clear_bhb_loop+0x40/0x90 [ 452.941712][ T9711] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.941738][ T9711] RIP: 0033:0x7f772039c799 [ 452.941759][ T9711] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 452.941785][ T9711] RSP: 002b:00007f77211b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 452.941815][ T9711] RAX: ffffffffffffffda RBX: 00007f7720615fa0 RCX: 00007f772039c799 [ 452.941832][ T9711] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 452.941849][ T9711] RBP: 00007f7720432c99 R08: 0000000000000000 R09: 0000000000000000 [ 452.941865][ T9711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 452.941881][ T9711] R13: 00007f7720616038 R14: 00007f7720615fa0 R15: 00007ffe4c435238 [ 452.941914][ T9711] [ 452.942949][ T9711] tty tty16: ldisc open failed (-12), clearing slot 15 [ 454.547580][ T9742] program syz.1.830 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 455.290998][ T9760] netlink: 334 bytes leftover after parsing attributes in process `syz.2.834'. [ 455.382935][ T9760] FAULT_INJECTION: forcing a failure. [ 455.382935][ T9760] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 455.448636][ T9760] CPU: 0 UID: 0 PID: 9760 Comm: syz.2.834 Tainted: G L syzkaller #0 PREEMPT(full) [ 455.448676][ T9760] Tainted: [L]=SOFTLOCKUP [ 455.448684][ T9760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 455.448700][ T9760] Call Trace: [ 455.448708][ T9760] [ 455.448717][ T9760] dump_stack_lvl+0x100/0x190 [ 455.448759][ T9760] should_fail_ex.cold+0x5/0xa [ 455.448784][ T9760] ? prepare_alloc_pages+0x16d/0x5f0 [ 455.448815][ T9760] should_fail_alloc_page+0xeb/0x140 [ 455.448843][ T9760] prepare_alloc_pages+0x1f0/0x5f0 [ 455.448875][ T9760] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 455.448926][ T9760] ? find_held_lock+0x2b/0x80 [ 455.448949][ T9760] ? is_bpf_text_address+0x8a/0x1a0 [ 455.448986][ T9760] ? is_bpf_text_address+0x8a/0x1a0 [ 455.449025][ T9760] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 455.449064][ T9760] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 455.449091][ T9760] ? is_bpf_text_address+0x94/0x1a0 [ 455.449128][ T9760] ? kernel_text_address+0x8d/0x100 [ 455.449165][ T9760] ? __kernel_text_address+0xd/0x30 [ 455.449200][ T9760] ? unwind_get_return_address+0x59/0xa0 [ 455.449237][ T9760] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 455.449280][ T9760] ? policy_nodemask+0xed/0x4f0 [ 455.449308][ T9760] alloc_pages_mpol+0x1fb/0x550 [ 455.449335][ T9760] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 455.449362][ T9760] ? kasan_save_stack+0x30/0x50 [ 455.449398][ T9760] ? kasan_save_track+0x14/0x30 [ 455.449436][ T9760] ? __kasan_kmalloc+0xaa/0xb0 [ 455.449472][ T9760] ? __get_vm_area_node+0x101/0x330 [ 455.449506][ T9760] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 455.449542][ T9760] alloc_pages_noprof+0x131/0x390 [ 455.449570][ T9760] get_free_pages_noprof+0x10/0xb0 [ 455.449595][ T9760] __kasan_populate_vmalloc+0xa0/0x210 [ 455.449640][ T9760] alloc_vmap_area+0x95d/0x2bd0 [ 455.449678][ T9760] ? __pfx_alloc_vmap_area+0x10/0x10 [ 455.449711][ T9760] __get_vm_area_node+0x1ca/0x330 [ 455.449745][ T9760] __vmalloc_node_range_noprof+0x213/0x1530 [ 455.449777][ T9760] ? n_tty_open+0x1a/0x170 [ 455.449802][ T9760] ? look_up_lock_class+0x64/0x120 [ 455.449841][ T9760] ? n_tty_open+0x1a/0x170 [ 455.449872][ T9760] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 455.449905][ T9760] ? __ldsem_down_write_nested+0xfd/0x830 [ 455.449929][ T9760] ? __ldsem_down_write_nested+0x10e/0x830 [ 455.449953][ T9760] ? is_console_locked+0x9/0x20 [ 455.449987][ T9760] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 455.450016][ T9760] ? n_tty_open+0x1a/0x170 [ 455.450037][ T9760] __vmalloc_node_noprof+0xad/0xf0 [ 455.450068][ T9760] ? n_tty_open+0x1a/0x170 [ 455.450091][ T9760] ? __pfx_n_tty_open+0x10/0x10 [ 455.450114][ T9760] n_tty_open+0x1a/0x170 [ 455.450138][ T9760] tty_ldisc_open+0xa2/0x120 [ 455.450170][ T9760] tty_ldisc_setup+0x40/0xf0 [ 455.450203][ T9760] tty_init_dev.part.0+0x1b5/0x470 [ 455.450245][ T9760] tty_open+0xa63/0xfa0 [ 455.450287][ T9760] ? __pfx_tty_open+0x10/0x10 [ 455.450323][ T9760] ? chrdev_open+0x10b/0x6a0 [ 455.450347][ T9760] ? chrdev_open+0x10b/0x6a0 [ 455.450375][ T9760] ? __pfx_tty_open+0x10/0x10 [ 455.450413][ T9760] chrdev_open+0x234/0x6a0 [ 455.450437][ T9760] ? __pfx_apparmor_file_open+0x10/0x10 [ 455.450479][ T9760] ? __pfx_chrdev_open+0x10/0x10 [ 455.450511][ T9760] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 455.450544][ T9760] do_dentry_open+0x6d8/0x1660 [ 455.450568][ T9760] ? __pfx_chrdev_open+0x10/0x10 [ 455.450601][ T9760] vfs_open+0x82/0x3f0 [ 455.450635][ T9760] path_openat+0x208c/0x31a0 [ 455.450670][ T9760] ? __pfx_path_openat+0x10/0x10 [ 455.450707][ T9760] do_file_open+0x20e/0x430 [ 455.450734][ T9760] ? __pfx_do_file_open+0x10/0x10 [ 455.450782][ T9760] ? alloc_fd+0x476/0x790 [ 455.450828][ T9760] ? do_getname+0x191/0x390 [ 455.450862][ T9760] do_sys_openat2+0x10d/0x1e0 [ 455.450896][ T9760] ? __pfx_do_sys_openat2+0x10/0x10 [ 455.450941][ T9760] __x64_sys_openat+0x12d/0x210 [ 455.450976][ T9760] ? __pfx___x64_sys_openat+0x10/0x10 [ 455.451022][ T9760] do_syscall_64+0x106/0xf80 [ 455.451057][ T9760] ? clear_bhb_loop+0x40/0x90 [ 455.451088][ T9760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 455.451114][ T9760] RIP: 0033:0x7f37afb9c799 [ 455.451135][ T9760] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 455.451161][ T9760] RSP: 002b:00007f37b09ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 455.451186][ T9760] RAX: ffffffffffffffda RBX: 00007f37afe15fa0 RCX: 00007f37afb9c799 [ 455.451203][ T9760] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 455.451220][ T9760] RBP: 00007f37afc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 455.451236][ T9760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 455.451252][ T9760] R13: 00007f37afe16038 R14: 00007f37afe15fa0 R15: 00007ffc29622088 [ 455.451284][ T9760] [ 455.451319][ T9760] warn_alloc: 3 callbacks suppressed [ 455.451333][ T9760] syz.2.834: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 455.549527][ T9763] program syz.1.833 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 455.972305][ T9760] ,cpuset=/,mems_allowed=0-1 [ 455.978031][ T9760] CPU: 0 UID: 0 PID: 9760 Comm: syz.2.834 Tainted: G L syzkaller #0 PREEMPT(full) [ 455.978082][ T9760] Tainted: [L]=SOFTLOCKUP [ 455.978095][ T9760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 455.978115][ T9760] Call Trace: [ 455.978127][ T9760] [ 455.978140][ T9760] dump_stack_lvl+0x100/0x190 [ 455.978196][ T9760] warn_alloc.cold+0x95/0x1c1 [ 455.978256][ T9760] ? __pfx_warn_alloc+0x10/0x10 [ 455.978305][ T9760] ? lockdep_hardirqs_on+0x78/0x100 [ 455.978359][ T9760] ? __get_vm_area_node+0x2c5/0x330 [ 455.978408][ T9760] ? __get_vm_area_node+0x208/0x330 [ 455.978465][ T9760] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 455.978515][ T9760] ? look_up_lock_class+0x64/0x120 [ 455.978569][ T9760] ? n_tty_open+0x1a/0x170 [ 455.978615][ T9760] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 455.978661][ T9760] ? __ldsem_down_write_nested+0xfd/0x830 [ 455.978695][ T9760] ? __ldsem_down_write_nested+0x10e/0x830 [ 455.978727][ T9760] ? is_console_locked+0x9/0x20 [ 455.978775][ T9760] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 455.978826][ T9760] ? n_tty_open+0x1a/0x170 [ 455.978855][ T9760] __vmalloc_node_noprof+0xad/0xf0 [ 455.978895][ T9760] ? n_tty_open+0x1a/0x170 [ 455.978927][ T9760] ? __pfx_n_tty_open+0x10/0x10 [ 455.978957][ T9760] n_tty_open+0x1a/0x170 [ 455.978989][ T9760] tty_ldisc_open+0xa2/0x120 [ 455.979029][ T9760] tty_ldisc_setup+0x40/0xf0 [ 455.979077][ T9760] tty_init_dev.part.0+0x1b5/0x470 [ 455.979130][ T9760] tty_open+0xa63/0xfa0 [ 455.979185][ T9760] ? __pfx_tty_open+0x10/0x10 [ 455.979232][ T9760] ? chrdev_open+0x10b/0x6a0 [ 455.979263][ T9760] ? chrdev_open+0x10b/0x6a0 [ 455.979302][ T9760] ? __pfx_tty_open+0x10/0x10 [ 455.979369][ T9760] chrdev_open+0x234/0x6a0 [ 455.979402][ T9760] ? __pfx_apparmor_file_open+0x10/0x10 [ 455.979476][ T9760] ? __pfx_chrdev_open+0x10/0x10 [ 455.979514][ T9760] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 455.979557][ T9760] do_dentry_open+0x6d8/0x1660 [ 455.979589][ T9760] ? __pfx_chrdev_open+0x10/0x10 [ 455.979633][ T9760] vfs_open+0x82/0x3f0 [ 455.979697][ T9760] path_openat+0x208c/0x31a0 [ 455.979747][ T9760] ? __pfx_path_openat+0x10/0x10 [ 455.979813][ T9760] do_file_open+0x20e/0x430 [ 455.979870][ T9760] ? __pfx_do_file_open+0x10/0x10 [ 455.979938][ T9760] ? alloc_fd+0x476/0x790 [ 455.979977][ T9760] ? do_getname+0x191/0x390 [ 455.980024][ T9760] do_sys_openat2+0x10d/0x1e0 [ 455.980068][ T9760] ? __pfx_do_sys_openat2+0x10/0x10 [ 455.980130][ T9760] __x64_sys_openat+0x12d/0x210 [ 455.980177][ T9760] ? __pfx___x64_sys_openat+0x10/0x10 [ 455.980240][ T9760] do_syscall_64+0x106/0xf80 [ 455.980287][ T9760] ? clear_bhb_loop+0x40/0x90 [ 455.980330][ T9760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 455.980367][ T9760] RIP: 0033:0x7f37afb9c799 [ 455.980396][ T9760] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 455.980431][ T9760] RSP: 002b:00007f37b09ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 455.980472][ T9760] RAX: ffffffffffffffda RBX: 00007f37afe15fa0 RCX: 00007f37afb9c799 [ 455.980496][ T9760] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 455.980520][ T9760] RBP: 00007f37afc32c99 R08: 0000000000000000 R09: 0000000000000000 [ 455.980542][ T9760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 455.980563][ T9760] R13: 00007f37afe16038 R14: 00007f37afe15fa0 R15: 00007ffc29622088 [ 455.980610][ T9760] [ 456.495344][ T9760] Mem-Info: [ 456.507077][ T9760] active_anon:9121 inactive_anon:0 isolated_anon:0 [ 456.507077][ T9760] active_file:15108 inactive_file:41770 isolated_file:0 [ 456.507077][ T9760] unevictable:768 dirty:533 writeback:0 [ 456.507077][ T9760] slab_reclaimable:12016 slab_unreclaimable:115953 [ 456.507077][ T9760] mapped:32317 shmem:2574 pagetables:1147 [ 456.507077][ T9760] sec_pagetables:0 bounce:0 [ 456.507077][ T9760] kernel_misc_reclaimable:0 [ 456.507077][ T9760] free:1288806 free_pcp:11475 free_cma:0 [ 456.705316][ T9760] Node 0 active_anon:37196kB inactive_anon:0kB active_file:60432kB inactive_file:166944kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:129268kB dirty:2188kB writeback:0kB shmem:8812kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13192kB pagetables:4532kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 456.805385][ T9760] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 456.945343][ T9760] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 457.095485][ T9760] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 457.108907][ T9760] Node 0 DMA32 free:1209640kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:29496kB inactive_anon:0kB active_file:60432kB inactive_file:166944kB unevictable:1536kB writepending:2288kB zspages:0kB present:3129332kB managed:2537384kB mlocked:0kB bounce:0kB free_pcp:43856kB local_pcp:19108kB free_cma:0kB [ 457.241869][ T9760] lowmem_reserve[]: 0 0 1 1 1 [ 457.253128][ T9786] program syz.1.836 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 457.264782][ T9760] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 457.566275][ T9760] lowmem_reserve[]: 0 0 0 0 0 [ 457.571242][ T9760] Node 1 Normal free:3938640kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:1000kB local_pcp:0kB free_cma:0kB [ 457.610036][ T9760] lowmem_reserve[]: 0 0 0 0 0 [ 457.620284][ T9760] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 457.663117][ T9760] Node 0 DMA32: 3359*4kB (UME) 3222*8kB (UME) 1425*16kB (UME) 705*32kB (UME) 494*64kB (UM) 320*128kB (UME) 195*256kB (UME) 108*512kB (UM) 47*1024kB (UM) 2*2048kB (UM) 217*4096kB (M) = 1203420kB [ 457.715809][ T9760] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 457.741149][ T9760] Node 1 Normal: 2*4kB (UM) 1*8kB (M) 2*16kB (UM) 1*32kB (M) 2*64kB (UM) 1*128kB (M) 2*256kB (M) 3*512kB (UM) 2*1024kB (UM) 1*2048kB (M) 960*4096kB (M) = 3938640kB [ 457.805991][ T9760] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 457.848243][ T9760] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 457.909959][ T9760] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 457.954471][ T9760] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 458.006039][ T9760] 58244 total pagecache pages [ 458.033407][ T9760] 0 pages in swap cache [ 458.094462][ T9760] Free swap = 123384kB [ 458.102932][ T9760] Total swap = 124996kB [ 458.136865][ T9760] 2097051 pages RAM [ 458.146241][ T9760] 0 pages HighMem/MovableOnly [ 458.159734][ T9760] 430825 pages reserved [ 458.174152][ T9760] 0 pages cma reserved [ 458.185309][ T9760] tty tty16: ldisc open failed (-12), clearing slot 15 [ 458.760426][ T9801] program syz.2.841 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 459.042764][ T9803] program syz.3.842 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 462.117366][ T9860] program syz.4.853 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 468.943283][ T9973] program syz.4.877 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 470.499257][ T9991] program syz.2.878 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 476.004477][T10066] program syz.3.894 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 481.530738][T10168] program syz.4.913 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 482.563019][T10192] netlink: 334 bytes leftover after parsing attributes in process `syz.4.919'. [ 484.167828][T10216] program syz.2.924 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 490.828443][T10341] program syz.2.950 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 491.533232][T10353] program syz.4.953 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 494.507076][T10403] program syz.3.965 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 501.982089][T10538] program syz.2.994 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 502.203133][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.209613][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 516.088054][T10767] program syz.4.1041 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 518.900743][T10817] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1059'. [ 518.914748][T10817] FAULT_INJECTION: forcing a failure. [ 518.914748][T10817] name failslab, interval 1, probability 0, space 0, times 0 [ 518.937965][T10817] CPU: 1 UID: 0 PID: 10817 Comm: syz.4.1059 Tainted: G L syzkaller #0 PREEMPT(full) [ 518.938002][T10817] Tainted: [L]=SOFTLOCKUP [ 518.938011][T10817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 518.938027][T10817] Call Trace: [ 518.938035][T10817] [ 518.938044][T10817] dump_stack_lvl+0x100/0x190 [ 518.938087][T10817] should_fail_ex.cold+0x5/0xa [ 518.938115][T10817] should_failslab+0xc2/0x120 [ 518.938141][T10817] __kmalloc_node_noprof+0xe6/0x850 [ 518.938178][T10817] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 518.938216][T10817] __vmalloc_node_range_noprof+0x3dc/0x1530 [ 518.938256][T10817] ? n_tty_open+0x1a/0x170 [ 518.938288][T10817] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 518.938320][T10817] ? __ldsem_down_write_nested+0xfd/0x830 [ 518.938345][T10817] ? __ldsem_down_write_nested+0x10e/0x830 [ 518.938369][T10817] ? is_console_locked+0x9/0x20 [ 518.938403][T10817] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 518.938432][T10817] ? n_tty_open+0x1a/0x170 [ 518.938460][T10817] __vmalloc_node_noprof+0xad/0xf0 [ 518.938491][T10817] ? n_tty_open+0x1a/0x170 [ 518.938515][T10817] ? __pfx_n_tty_open+0x10/0x10 [ 518.938538][T10817] n_tty_open+0x1a/0x170 [ 518.938569][T10817] tty_ldisc_open+0xa2/0x120 [ 518.938601][T10817] tty_ldisc_setup+0x40/0xf0 [ 518.938635][T10817] tty_init_dev.part.0+0x1b5/0x470 [ 518.938677][T10817] tty_open+0xa63/0xfa0 [ 518.938723][T10817] ? __pfx_tty_open+0x10/0x10 [ 518.938759][T10817] ? chrdev_open+0x10b/0x6a0 [ 518.938784][T10817] ? chrdev_open+0x10b/0x6a0 [ 518.938813][T10817] ? __pfx_tty_open+0x10/0x10 [ 518.938850][T10817] chrdev_open+0x234/0x6a0 [ 518.938875][T10817] ? __pfx_apparmor_file_open+0x10/0x10 [ 518.938930][T10817] ? __pfx_chrdev_open+0x10/0x10 [ 518.938957][T10817] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 518.938990][T10817] do_dentry_open+0x6d8/0x1660 [ 518.939032][T10817] ? __pfx_chrdev_open+0x10/0x10 [ 518.939066][T10817] vfs_open+0x82/0x3f0 [ 518.939102][T10817] path_openat+0x208c/0x31a0 [ 518.939138][T10817] ? __pfx_path_openat+0x10/0x10 [ 518.939175][T10817] do_file_open+0x20e/0x430 [ 518.939204][T10817] ? __pfx_do_file_open+0x10/0x10 [ 518.939251][T10817] ? alloc_fd+0x476/0x790 [ 518.939279][T10817] ? do_getname+0x191/0x390 [ 518.939313][T10817] do_sys_openat2+0x10d/0x1e0 [ 518.939346][T10817] ? __pfx_do_sys_openat2+0x10/0x10 [ 518.939391][T10817] __x64_sys_openat+0x12d/0x210 [ 518.939426][T10817] ? __pfx___x64_sys_openat+0x10/0x10 [ 518.939472][T10817] do_syscall_64+0x106/0xf80 [ 518.939507][T10817] ? clear_bhb_loop+0x40/0x90 [ 518.939538][T10817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 518.939571][T10817] RIP: 0033:0x7f880b99c799 [ 518.939591][T10817] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 518.939617][T10817] RSP: 002b:00007f880c90b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 518.939640][T10817] RAX: ffffffffffffffda RBX: 00007f880bc15fa0 RCX: 00007f880b99c799 [ 518.939658][T10817] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 518.939674][T10817] RBP: 00007f880ba32c99 R08: 0000000000000000 R09: 0000000000000000 [ 518.939690][T10817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 518.939706][T10817] R13: 00007f880bc16038 R14: 00007f880bc15fa0 R15: 00007fff9a6685c8 [ 518.939739][T10817] [ 518.939752][T10817] syz.4.1059: vmalloc error: size 12288, failed to allocated page array size 24, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 519.597082][T10817] CPU: 1 UID: 0 PID: 10817 Comm: syz.4.1059 Tainted: G L syzkaller #0 PREEMPT(full) [ 519.597132][T10817] Tainted: [L]=SOFTLOCKUP [ 519.597144][T10817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 519.597163][T10817] Call Trace: [ 519.597173][T10817] [ 519.597185][T10817] dump_stack_lvl+0x100/0x190 [ 519.597236][T10817] warn_alloc.cold+0x95/0x1c1 [ 519.597292][T10817] ? __pfx_warn_alloc+0x10/0x10 [ 519.597343][T10817] ? lockdep_hardirqs_on+0x78/0x100 [ 519.597387][T10817] ? dump_stack_lvl+0x17c/0x190 [ 519.597436][T10817] ? trace_kmalloc+0x101/0x130 [ 519.597468][T10817] ? __kasan_kmalloc+0x8a/0xb0 [ 519.597519][T10817] ? __kmalloc_node_noprof+0x324/0x850 [ 519.597565][T10817] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 519.597620][T10817] __vmalloc_node_range_noprof+0x1275/0x1530 [ 519.597672][T10817] ? n_tty_open+0x1a/0x170 [ 519.597714][T10817] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 519.597756][T10817] ? __ldsem_down_write_nested+0xfd/0x830 [ 519.597786][T10817] ? __ldsem_down_write_nested+0x10e/0x830 [ 519.597815][T10817] ? is_console_locked+0x9/0x20 [ 519.597858][T10817] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 519.597893][T10817] ? n_tty_open+0x1a/0x170 [ 519.597921][T10817] __vmalloc_node_noprof+0xad/0xf0 [ 519.597957][T10817] ? n_tty_open+0x1a/0x170 [ 519.597989][T10817] ? __pfx_n_tty_open+0x10/0x10 [ 519.598020][T10817] n_tty_open+0x1a/0x170 [ 519.598051][T10817] tty_ldisc_open+0xa2/0x120 [ 519.598092][T10817] tty_ldisc_setup+0x40/0xf0 [ 519.598141][T10817] tty_init_dev.part.0+0x1b5/0x470 [ 519.598194][T10817] tty_open+0xa63/0xfa0 [ 519.598247][T10817] ? __pfx_tty_open+0x10/0x10 [ 519.598291][T10817] ? chrdev_open+0x10b/0x6a0 [ 519.598321][T10817] ? chrdev_open+0x10b/0x6a0 [ 519.598359][T10817] ? __pfx_tty_open+0x10/0x10 [ 519.598404][T10817] chrdev_open+0x234/0x6a0 [ 519.598436][T10817] ? __pfx_apparmor_file_open+0x10/0x10 [ 519.598488][T10817] ? __pfx_chrdev_open+0x10/0x10 [ 519.598522][T10817] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 519.598564][T10817] do_dentry_open+0x6d8/0x1660 [ 519.598606][T10817] ? __pfx_chrdev_open+0x10/0x10 [ 519.598649][T10817] vfs_open+0x82/0x3f0 [ 519.598693][T10817] path_openat+0x208c/0x31a0 [ 519.598739][T10817] ? __pfx_path_openat+0x10/0x10 [ 519.598786][T10817] do_file_open+0x20e/0x430 [ 519.598823][T10817] ? __pfx_do_file_open+0x10/0x10 [ 519.598885][T10817] ? alloc_fd+0x476/0x790 [ 519.598919][T10817] ? do_getname+0x191/0x390 [ 519.598961][T10817] do_sys_openat2+0x10d/0x1e0 [ 519.599003][T10817] ? __pfx_do_sys_openat2+0x10/0x10 [ 519.599058][T10817] __x64_sys_openat+0x12d/0x210 [ 519.599100][T10817] ? __pfx___x64_sys_openat+0x10/0x10 [ 519.599179][T10817] do_syscall_64+0x106/0xf80 [ 519.599225][T10817] ? clear_bhb_loop+0x40/0x90 [ 519.599266][T10817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 519.599302][T10817] RIP: 0033:0x7f880b99c799 [ 519.599330][T10817] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 519.599364][T10817] RSP: 002b:00007f880c90b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 519.599397][T10817] RAX: ffffffffffffffda RBX: 00007f880bc15fa0 RCX: 00007f880b99c799 [ 519.599418][T10817] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 519.599439][T10817] RBP: 00007f880ba32c99 R08: 0000000000000000 R09: 0000000000000000 [ 519.599459][T10817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 519.599479][T10817] R13: 00007f880bc16038 R14: 00007f880bc15fa0 R15: 00007fff9a6685c8 [ 519.599525][T10817] [ 519.599633][T10817] Mem-Info: [ 519.964142][T10817] active_anon:7963 inactive_anon:0 isolated_anon:0 [ 519.964142][T10817] active_file:15139 inactive_file:41765 isolated_file:0 [ 519.964142][T10817] unevictable:768 dirty:771 writeback:0 [ 519.964142][T10817] slab_reclaimable:12523 slab_unreclaimable:127769 [ 519.964142][T10817] mapped:33372 shmem:1358 pagetables:1149 [ 519.964142][T10817] sec_pagetables:0 bounce:0 [ 519.964142][T10817] kernel_misc_reclaimable:0 [ 519.964142][T10817] free:1278113 free_pcp:10576 free_cma:0 [ 520.069599][T10817] Node 0 active_anon:33752kB inactive_anon:0kB active_file:60556kB inactive_file:166924kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:133488kB dirty:3084kB writeback:0kB shmem:3896kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13900kB pagetables:4464kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 520.107237][T10817] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 520.138453][T10817] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 520.184762][T10817] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 520.193031][T10817] Node 0 DMA32 free:1155828kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:35852kB inactive_anon:0kB active_file:60556kB inactive_file:166924kB unevictable:1536kB writepending:3084kB zspages:0kB present:3129332kB managed:2537384kB mlocked:0kB bounce:0kB free_pcp:40808kB local_pcp:32452kB free_cma:0kB [ 520.248758][T10817] lowmem_reserve[]: 0 0 1 1 1 [ 520.253527][T10817] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 520.306684][T10817] lowmem_reserve[]: 0 0 0 0 0 [ 520.320206][T10817] Node 1 Normal free:3939132kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:500kB local_pcp:500kB free_cma:0kB [ 520.371221][T10817] lowmem_reserve[]: 0 0 0 0 0 [ 520.377255][T10817] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 520.408995][T10817] Node 0 DMA32: 2056*4kB (UME) 3280*8kB (UME) 1269*16kB (UM) 870*32kB (UME) 509*64kB (UME) 322*128kB (UME) 193*256kB (ME) 110*512kB (UME) 38*1024kB (UME) 3*2048kB (UME) 206*4096kB (M) = 1150960kB [ 520.451180][T10817] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 520.488665][T10817] Node 1 Normal: 3*4kB (UM) 2*8kB (UM) 2*16kB (UM) 2*32kB (UM) 3*64kB (UM) 6*128kB (UM) 3*256kB (UM) 4*512kB (UM) 3*1024kB (UM) 2*2048kB (UM) 959*4096kB (M) = 3939132kB [ 520.509702][T10817] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 520.527722][T10817] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 520.538707][T10817] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 520.565834][T10817] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 520.591216][T10817] 58270 total pagecache pages [ 520.595927][T10817] 0 pages in swap cache [ 520.612806][T10817] Free swap = 122952kB [ 520.616998][T10817] Total swap = 124996kB [ 520.643177][T10817] 2097051 pages RAM [ 520.647026][T10817] 0 pages HighMem/MovableOnly [ 520.663595][T10817] 430825 pages reserved [ 520.671965][T10817] 0 pages cma reserved [ 520.680183][T10817] tty tty16: ldisc open failed (-12), clearing slot 15 [ 523.418295][T10889] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1065'. [ 523.432533][T10889] FAULT_INJECTION: forcing a failure. [ 523.432533][T10889] name failslab, interval 1, probability 0, space 0, times 0 [ 523.445209][T10889] CPU: 1 UID: 0 PID: 10889 Comm: syz.1.1065 Tainted: G L syzkaller #0 PREEMPT(full) [ 523.445247][T10889] Tainted: [L]=SOFTLOCKUP [ 523.445257][T10889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 523.445273][T10889] Call Trace: [ 523.445283][T10889] [ 523.445292][T10889] dump_stack_lvl+0x100/0x190 [ 523.445334][T10889] should_fail_ex.cold+0x5/0xa [ 523.445365][T10889] should_failslab+0xc2/0x120 [ 523.445391][T10889] __kmalloc_node_noprof+0xe6/0x850 [ 523.445448][T10889] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 523.445486][T10889] __vmalloc_node_range_noprof+0x3dc/0x1530 [ 523.445525][T10889] ? n_tty_open+0x1a/0x170 [ 523.445557][T10889] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 523.445589][T10889] ? __ldsem_down_write_nested+0xfd/0x830 [ 523.445613][T10889] ? __ldsem_down_write_nested+0x10e/0x830 [ 523.445636][T10889] ? is_console_locked+0x9/0x20 [ 523.445671][T10889] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 523.445700][T10889] ? n_tty_open+0x1a/0x170 [ 523.445721][T10889] __vmalloc_node_noprof+0xad/0xf0 [ 523.445751][T10889] ? n_tty_open+0x1a/0x170 [ 523.445776][T10889] ? __pfx_n_tty_open+0x10/0x10 [ 523.445799][T10889] n_tty_open+0x1a/0x170 [ 523.445822][T10889] tty_ldisc_open+0xa2/0x120 [ 523.445854][T10889] tty_ldisc_setup+0x40/0xf0 [ 523.445887][T10889] tty_init_dev.part.0+0x1b5/0x470 [ 523.445929][T10889] tty_open+0xa63/0xfa0 [ 523.445972][T10889] ? __pfx_tty_open+0x10/0x10 [ 523.446008][T10889] ? chrdev_open+0x10b/0x6a0 [ 523.446031][T10889] ? chrdev_open+0x10b/0x6a0 [ 523.446060][T10889] ? __pfx_tty_open+0x10/0x10 [ 523.446097][T10889] chrdev_open+0x234/0x6a0 [ 523.446121][T10889] ? __pfx_apparmor_file_open+0x10/0x10 [ 523.446163][T10889] ? __pfx_chrdev_open+0x10/0x10 [ 523.446190][T10889] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 523.446222][T10889] do_dentry_open+0x6d8/0x1660 [ 523.446246][T10889] ? __pfx_chrdev_open+0x10/0x10 [ 523.446278][T10889] vfs_open+0x82/0x3f0 [ 523.446312][T10889] path_openat+0x208c/0x31a0 [ 523.446347][T10889] ? __pfx_path_openat+0x10/0x10 [ 523.446384][T10889] do_file_open+0x20e/0x430 [ 523.446411][T10889] ? __pfx_do_file_open+0x10/0x10 [ 523.446463][T10889] ? alloc_fd+0x476/0x790 [ 523.446489][T10889] ? do_getname+0x191/0x390 [ 523.446522][T10889] do_sys_openat2+0x10d/0x1e0 [ 523.446565][T10889] ? __pfx_do_sys_openat2+0x10/0x10 [ 523.446607][T10889] __x64_sys_openat+0x12d/0x210 [ 523.446638][T10889] ? __pfx___x64_sys_openat+0x10/0x10 [ 523.446680][T10889] do_syscall_64+0x106/0xf80 [ 523.446712][T10889] ? clear_bhb_loop+0x40/0x90 [ 523.446740][T10889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 523.446764][T10889] RIP: 0033:0x7f772039c799 [ 523.446784][T10889] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 523.446806][T10889] RSP: 002b:00007f77211b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 523.446828][T10889] RAX: ffffffffffffffda RBX: 00007f7720615fa0 RCX: 00007f772039c799 [ 523.446844][T10889] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 523.446858][T10889] RBP: 00007f7720432c99 R08: 0000000000000000 R09: 0000000000000000 [ 523.446872][T10889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 523.446886][T10889] R13: 00007f7720616038 R14: 00007f7720615fa0 R15: 00007ffe4c435238 [ 523.446916][T10889] [ 523.446939][T10889] tty tty16: ldisc open failed (-12), clearing slot 15 [ 529.386272][T10990] program syz.2.1084 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 529.960221][T11002] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1087'. [ 529.975963][T11002] FAULT_INJECTION: forcing a failure. [ 529.975963][T11002] name failslab, interval 1, probability 0, space 0, times 0 [ 529.991256][T11002] CPU: 1 UID: 0 PID: 11002 Comm: syz.1.1087 Tainted: G L syzkaller #0 PREEMPT(full) [ 529.991322][T11002] Tainted: [L]=SOFTLOCKUP [ 529.991335][T11002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 529.991357][T11002] Call Trace: [ 529.991369][T11002] [ 529.991383][T11002] dump_stack_lvl+0x100/0x190 [ 529.991440][T11002] should_fail_ex.cold+0x5/0xa [ 529.991482][T11002] should_failslab+0xc2/0x120 [ 529.991523][T11002] __kmalloc_node_noprof+0xe6/0x850 [ 529.991575][T11002] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 529.991628][T11002] __vmalloc_node_range_noprof+0x3dc/0x1530 [ 529.991688][T11002] ? n_tty_open+0x1a/0x170 [ 529.991734][T11002] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 529.991789][T11002] ? __ldsem_down_write_nested+0xfd/0x830 [ 529.991823][T11002] ? __ldsem_down_write_nested+0x10e/0x830 [ 529.991867][T11002] ? is_console_locked+0x9/0x20 [ 529.991903][T11002] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 529.991933][T11002] ? n_tty_open+0x1a/0x170 [ 529.991957][T11002] __vmalloc_node_noprof+0xad/0xf0 [ 529.991989][T11002] ? n_tty_open+0x1a/0x170 [ 529.992014][T11002] ? __pfx_n_tty_open+0x10/0x10 [ 529.992038][T11002] n_tty_open+0x1a/0x170 [ 529.992062][T11002] tty_ldisc_open+0xa2/0x120 [ 529.992095][T11002] tty_ldisc_setup+0x40/0xf0 [ 529.992130][T11002] tty_init_dev.part.0+0x1b5/0x470 [ 529.992173][T11002] tty_open+0xa63/0xfa0 [ 529.992217][T11002] ? __pfx_tty_open+0x10/0x10 [ 529.992254][T11002] ? chrdev_open+0x10b/0x6a0 [ 529.992279][T11002] ? chrdev_open+0x10b/0x6a0 [ 529.992309][T11002] ? __pfx_tty_open+0x10/0x10 [ 529.992347][T11002] chrdev_open+0x234/0x6a0 [ 529.992372][T11002] ? __pfx_apparmor_file_open+0x10/0x10 [ 529.992415][T11002] ? __pfx_chrdev_open+0x10/0x10 [ 529.992443][T11002] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 529.992477][T11002] do_dentry_open+0x6d8/0x1660 [ 529.992514][T11002] ? __pfx_chrdev_open+0x10/0x10 [ 529.992546][T11002] vfs_open+0x82/0x3f0 [ 529.992581][T11002] path_openat+0x208c/0x31a0 [ 529.992616][T11002] ? __pfx_path_openat+0x10/0x10 [ 529.992652][T11002] do_file_open+0x20e/0x430 [ 529.992679][T11002] ? __pfx_do_file_open+0x10/0x10 [ 529.992726][T11002] ? alloc_fd+0x476/0x790 [ 529.992752][T11002] ? do_getname+0x191/0x390 [ 529.992786][T11002] do_sys_openat2+0x10d/0x1e0 [ 529.992818][T11002] ? __pfx_do_sys_openat2+0x10/0x10 [ 529.992866][T11002] __x64_sys_openat+0x12d/0x210 [ 529.992900][T11002] ? __pfx___x64_sys_openat+0x10/0x10 [ 529.992946][T11002] do_syscall_64+0x106/0xf80 [ 529.992980][T11002] ? clear_bhb_loop+0x40/0x90 [ 529.993010][T11002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.993035][T11002] RIP: 0033:0x7f772039c799 [ 529.993055][T11002] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 529.993079][T11002] RSP: 002b:00007f77211b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 529.993103][T11002] RAX: ffffffffffffffda RBX: 00007f7720615fa0 RCX: 00007f772039c799 [ 529.993120][T11002] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 529.993136][T11002] RBP: 00007f7720432c99 R08: 0000000000000000 R09: 0000000000000000 [ 529.993151][T11002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 529.993166][T11002] R13: 00007f7720616038 R14: 00007f7720615fa0 R15: 00007ffe4c435238 [ 529.993198][T11002] [ 530.382865][T11002] warn_alloc: 1 callbacks suppressed [ 530.382888][T11002] syz.1.1087: vmalloc error: size 12288, failed to allocated page array size 24, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 530.416416][T11002] CPU: 0 UID: 0 PID: 11002 Comm: syz.1.1087 Tainted: G L syzkaller #0 PREEMPT(full) [ 530.416454][T11002] Tainted: [L]=SOFTLOCKUP [ 530.416463][T11002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 530.416478][T11002] Call Trace: [ 530.416486][T11002] [ 530.416495][T11002] dump_stack_lvl+0x100/0x190 [ 530.416537][T11002] warn_alloc.cold+0x95/0x1c1 [ 530.416580][T11002] ? __pfx_warn_alloc+0x10/0x10 [ 530.416618][T11002] ? dump_stack_lvl+0x17c/0x190 [ 530.416668][T11002] ? trace_kmalloc+0x101/0x130 [ 530.416690][T11002] ? __kasan_kmalloc+0x8a/0xb0 [ 530.416728][T11002] ? __kmalloc_node_noprof+0x324/0x850 [ 530.416765][T11002] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 530.416800][T11002] __vmalloc_node_range_noprof+0x1275/0x1530 [ 530.416837][T11002] ? n_tty_open+0x1a/0x170 [ 530.416867][T11002] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 530.416898][T11002] ? __ldsem_down_write_nested+0xfd/0x830 [ 530.416920][T11002] ? __ldsem_down_write_nested+0x10e/0x830 [ 530.416942][T11002] ? is_console_locked+0x9/0x20 [ 530.416974][T11002] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 530.417007][T11002] ? n_tty_open+0x1a/0x170 [ 530.417028][T11002] __vmalloc_node_noprof+0xad/0xf0 [ 530.417057][T11002] ? n_tty_open+0x1a/0x170 [ 530.417079][T11002] ? __pfx_n_tty_open+0x10/0x10 [ 530.417101][T11002] n_tty_open+0x1a/0x170 [ 530.417123][T11002] tty_ldisc_open+0xa2/0x120 [ 530.417153][T11002] tty_ldisc_setup+0x40/0xf0 [ 530.417184][T11002] tty_init_dev.part.0+0x1b5/0x470 [ 530.417223][T11002] tty_open+0xa63/0xfa0 [ 530.417262][T11002] ? __pfx_tty_open+0x10/0x10 [ 530.417295][T11002] ? chrdev_open+0x10b/0x6a0 [ 530.417318][T11002] ? chrdev_open+0x10b/0x6a0 [ 530.417345][T11002] ? __pfx_tty_open+0x10/0x10 [ 530.417379][T11002] chrdev_open+0x234/0x6a0 [ 530.417402][T11002] ? __pfx_apparmor_file_open+0x10/0x10 [ 530.417444][T11002] ? __pfx_chrdev_open+0x10/0x10 [ 530.417469][T11002] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 530.417500][T11002] do_dentry_open+0x6d8/0x1660 [ 530.417522][T11002] ? __pfx_chrdev_open+0x10/0x10 [ 530.417552][T11002] vfs_open+0x82/0x3f0 [ 530.417585][T11002] path_openat+0x208c/0x31a0 [ 530.417618][T11002] ? __pfx_path_openat+0x10/0x10 [ 530.417652][T11002] do_file_open+0x20e/0x430 [ 530.417678][T11002] ? __pfx_do_file_open+0x10/0x10 [ 530.417720][T11002] ? alloc_fd+0x476/0x790 [ 530.417745][T11002] ? do_getname+0x191/0x390 [ 530.417778][T11002] do_sys_openat2+0x10d/0x1e0 [ 530.417808][T11002] ? __pfx_do_sys_openat2+0x10/0x10 [ 530.417848][T11002] __x64_sys_openat+0x12d/0x210 [ 530.417886][T11002] ? __pfx___x64_sys_openat+0x10/0x10 [ 530.417935][T11002] do_syscall_64+0x106/0xf80 [ 530.417967][T11002] ? clear_bhb_loop+0x40/0x90 [ 530.417995][T11002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 530.418024][T11002] RIP: 0033:0x7f772039c799 [ 530.418043][T11002] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 530.418066][T11002] RSP: 002b:00007f77211b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 530.418088][T11002] RAX: ffffffffffffffda RBX: 00007f7720615fa0 RCX: 00007f772039c799 [ 530.418104][T11002] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 530.418118][T11002] RBP: 00007f7720432c99 R08: 0000000000000000 R09: 0000000000000000 [ 530.418132][T11002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 530.418148][T11002] R13: 00007f7720616038 R14: 00007f7720615fa0 R15: 00007ffe4c435238 [ 530.418200][T11002] [ 530.418313][T11002] Mem-Info: [ 530.971588][T11002] active_anon:6889 inactive_anon:0 isolated_anon:0 [ 530.971588][T11002] active_file:15139 inactive_file:41769 isolated_file:0 [ 530.971588][T11002] unevictable:768 dirty:722 writeback:0 [ 530.971588][T11002] slab_reclaimable:12739 slab_unreclaimable:130955 [ 530.971588][T11002] mapped:31334 shmem:1374 pagetables:1143 [ 530.971588][T11002] sec_pagetables:0 bounce:0 [ 530.971588][T11002] kernel_misc_reclaimable:0 [ 530.971588][T11002] free:1274047 free_pcp:12191 free_cma:0 [ 531.023945][ T32] INFO: task kworker/u10:2:8366 blocked for more than 143 seconds. [ 531.043111][ T32] Tainted: G L syzkaller #0 [ 531.072482][ T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 531.081282][T11002] Node 0 active_anon:27556kB inactive_anon:0kB active_file:60556kB inactive_file:166940kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:125336kB dirty:2888kB writeback:0kB shmem:3960kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14164kB pagetables:4340kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 531.122831][ T32] task:kworker/u10:2 state:D stack:26888 pid:8366 tgid:8366 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 531.135217][T11002] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 531.266384][ T32] Workqueue: netns cleanup_net [ 531.278825][ T32] Call Trace: [ 531.302595][ T32] [ 531.371808][ T32] __schedule+0xfee/0x6120 [ 531.381099][T11002] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 531.411838][ T32] ? __lock_acquire+0x4a5/0x2630 [ 531.431926][ T32] ? __pfx___schedule+0x10/0x10 [ 531.440349][ T32] ? find_held_lock+0x2b/0x80 [ 531.447325][ T32] ? schedule+0x2bf/0x390 [ 531.453060][ T32] schedule+0xdd/0x390 [ 531.465244][ T32] schedule_timeout+0x1b2/0x280 [ 531.472833][ T32] ? __pfx_schedule_timeout+0x10/0x10 [ 531.528331][T11002] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 531.569038][T11002] Node 0 DMA32 free:1137804kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:32756kB inactive_anon:0kB active_file:60556kB inactive_file:166940kB unevictable:1536kB writepending:2888kB zspages:0kB present:3129332kB managed:2537384kB mlocked:0kB bounce:0kB free_pcp:46400kB local_pcp:26352kB free_cma:0kB [ 531.612666][ T32] ? mark_held_locks+0x40/0x70 [ 531.625238][ T32] __wait_for_common+0x2e7/0x4c0 [ 531.652565][ T32] ? __pfx_schedule_timeout+0x10/0x10 [ 531.760466][ T32] ? __pfx___wait_for_common+0x10/0x10 [ 531.766406][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 531.780827][ T32] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 531.787114][T11002] lowmem_reserve[]: [ 531.794702][ T32] __flush_workqueue+0x3f7/0x1200 [ 531.813738][T11002] 0 0 1 1 1 [ 531.824328][ T32] ? __lock_acquire+0x4a5/0x2630 [ 531.840684][T11002] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 531.863267][ T32] ? __lock_acquire+0x4a5/0x2630 [ 531.885855][ T32] ? __pfx___flush_workqueue+0x10/0x10 [ 531.891870][ T32] ? reacquire_held_locks+0xce/0x1e0 [ 531.897404][T11002] lowmem_reserve[]: [ 531.907515][ T32] ? __pfx_sock_def_readable+0x10/0x10 [ 531.940971][T11002] 0 0 0 0 0 [ 531.949937][T11002] Node 1 Normal free:3938068kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:1508kB local_pcp:0kB free_cma:0kB [ 531.989555][ T32] ? __pfx_sock_def_readable+0x10/0x10 [ 532.018348][ T32] rds_tcp_listen_stop+0x104/0x160 [ 532.023884][ T32] rds_tcp_exit_net+0xe0/0x870 [ 532.030487][ T32] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 532.036397][ T32] ? __pfx___might_resched+0x10/0x10 [ 532.041857][ T32] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 532.048981][T11002] lowmem_reserve[]: 0 0 0 0 0 [ 532.083538][ T32] ops_undo_list+0x2ee/0xab0 [ 532.088325][T11002] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 532.108149][ T32] ? __pfx_ops_undo_list+0x10/0x10 [ 532.122443][ T32] ? cleanup_net+0x332/0x920 [ 532.133325][ T32] ? idr_destroy+0x62/0x2e0 [ 532.137953][T11002] Node 0 DMA32: 942*4kB (UE) 2580*8kB (UME) 990*16kB (UME) 683*32kB (UME) 517*64kB (UME) 323*128kB (UME) 195*256kB (UME) 110*512kB (ME) 38*1024kB (UME) 5*2048kB (ME) 206*4096kB (M) = 1135704kB [ 532.160080][ T32] cleanup_net+0x499/0x920 [ 532.169388][ T32] ? __pfx_cleanup_net+0x10/0x10 [ 532.173503][T11002] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB [ 532.178169][ T32] ? rcu_is_watching+0x12/0xc0 [ 532.189246][T11002] 0*4096kB [ 532.202589][ T32] process_one_work+0xa23/0x19a0 [ 532.215375][ T32] ? __pfx_process_one_work+0x10/0x10 [ 532.220901][ T32] ? __pfx_cleanup_net+0x10/0x10 [ 532.226205][T11002] = 4kB [ 532.229021][T11002] Node 1 Normal: 2*4kB (UM) 2*8kB (UM) 1*16kB (M) 1*32kB (M) 2*64kB (UM) 1*128kB (M) 2*256kB (M) 4*512kB (UM) 3*1024kB (UM) 2*2048kB (UM) 959*4096kB (M) = 3938120kB [ 532.243901][ T32] worker_thread+0x5ef/0xe50 [ 532.253037][ T32] ? kthread+0x13a/0x450 [ 532.259684][ T32] ? __pfx_worker_thread+0x10/0x10 [ 532.269964][T11002] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 532.274439][ T32] kthread+0x370/0x450 [ 532.297749][ T32] ? __pfx_kthread+0x10/0x10 [ 532.303044][ T32] ret_from_fork+0x754/0xd80 [ 532.313164][ T32] ? __pfx_ret_from_fork+0x10/0x10 [ 532.318425][ T32] ? __switch_to+0x7b4/0x1120 [ 532.324507][ T32] ? __pfx_kthread+0x10/0x10 [ 532.324523][T11002] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 532.324563][T11002] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 532.329297][ T32] ret_from_fork_asm+0x1a/0x30 [ 532.367347][ T32] [ 532.367346][T11002] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 532.367383][T11002] 58282 total pagecache pages [ 532.370741][ T32] INFO: task syz.0.581:8611 blocked for more than 144 seconds. [ 532.380971][T11002] 0 pages in swap cache [ 532.401295][ T32] Tainted: G L syzkaller #0 [ 532.409169][ T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 532.419302][ T32] task:syz.0.581 state:D stack:26136 pid:8611 tgid:8610 ppid:5831 task_flags:0x400140 flags:0x00080006 [ 532.443161][ T32] Call Trace: [ 532.446576][T11002] Free swap = 124996kB [ 532.446592][ T32] [ 532.446616][ T32] __schedule+0xfee/0x6120 [ 532.462087][ T32] ? __lock_acquire+0x4a5/0x2630 [ 532.471950][ T32] ? __pfx___schedule+0x10/0x10 [ 532.477515][T11002] Total swap = 124996kB [ 532.479133][ T32] ? find_held_lock+0x2b/0x80 [ 532.483875][T11002] 2097051 pages RAM [ 532.490670][T11002] 0 pages HighMem/MovableOnly [ 532.494522][ T32] ? schedule+0x2bf/0x390 [ 532.501780][ T32] schedule+0xdd/0x390 [ 532.506545][ T32] schedule_timeout+0x1b2/0x280 [ 532.511559][ T32] ? __pfx_schedule_timeout+0x10/0x10 [ 532.519399][T11002] 430825 pages reserved [ 532.519436][ T32] ? mark_held_locks+0x40/0x70 [ 532.534487][ T32] __wait_for_common+0x2e7/0x4c0 [ 532.539971][T11002] 0 pages cma reserved [ 532.541944][ T32] ? __pfx_schedule_timeout+0x10/0x10 [ 532.553162][ T32] ? __pfx___wait_for_common+0x10/0x10 [ 532.558427][T11002] tty tty16: ldisc open failed (-12), clearing slot 15 [ 532.558868][ T32] ? _raw_spin_unlock_irq+0x23/0x50 [ 532.576100][ T32] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 532.587226][ T32] __flush_workqueue+0x3f7/0x1200 [ 532.596651][ T32] ? __pfx___flush_workqueue+0x10/0x10 [ 532.602296][ T32] ? reacquire_held_locks+0xce/0x1e0 [ 532.607980][ T32] ? release_sock+0x21/0x220 [ 532.612749][ T32] ? __pfx_sock_def_readable+0x10/0x10 [ 532.621366][ T32] ? __local_bh_enable_ip+0x9e/0x120 [ 532.627170][ T32] ? __pfx_sock_def_readable+0x10/0x10 [ 532.632854][ T32] rds_tcp_listen_stop+0x104/0x160 [ 532.640476][ T32] rds_tcp_exit_net+0xe0/0x870 [ 532.653276][ T32] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 532.658894][ T32] ? __pfx___might_resched+0x10/0x10 [ 532.664417][ T32] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 532.672452][ T32] ops_undo_list+0x2ee/0xab0 [ 532.677450][ T32] ? kfree+0x1c0/0x6b0 [ 532.681756][ T32] ? __pfx_ops_undo_list+0x10/0x10 [ 532.691881][ T32] ? ops_init+0x2fa/0x5f0 [ 532.730850][ T32] setup_net+0x1fa/0x3a0 [ 532.740070][ T32] ? __pfx_setup_net+0x10/0x10 [ 532.750156][ T32] ? lockdep_init_map_type+0x5c/0x250 [ 532.762789][ T32] ? mutex_init_lockep+0x110/0x150 [ 532.768165][ T32] copy_net_ns+0x46f/0x7c0 [ 532.772834][ T32] create_new_namespaces+0x3ea/0xac0 [ 532.789219][ T32] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 532.805551][ T32] ksys_unshare+0x473/0xad0 [ 532.810145][ T32] ? __pfx_ksys_unshare+0x10/0x10 [ 532.821309][ T32] __x64_sys_unshare+0x31/0x40 [ 532.826224][ T32] do_syscall_64+0x106/0xf80 [ 532.830995][ T32] ? clear_bhb_loop+0x40/0x90 [ 532.846284][ T32] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.852218][ T32] RIP: 0033:0x7f5e6fd9c799 [ 532.861287][ T32] RSP: 002b:00007f5e70c51028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 532.870510][ T32] RAX: ffffffffffffffda RBX: 00007f5e70015fa0 RCX: 00007f5e6fd9c799 [ 532.878983][ T32] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 532.887078][ T32] RBP: 00007f5e6fe32c99 R08: 0000000000000000 R09: 0000000000000000 [ 532.896408][ T32] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 532.907268][ T32] R13: 00007f5e70016038 R14: 00007f5e70015fa0 R15: 00007ffdd3a8f338 [ 532.916189][ T32] [ 532.923332][ T32] [ 532.923332][ T32] Showing all locks held in the system: [ 532.953335][ T32] 1 lock held by khungtaskd/32: [ 532.958244][ T32] #0: ffffffff8e7e74e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 533.042672][ T32] 3 locks held by kworker/0:2/798: [ 533.055627][ T32] 1 lock held by syz-executor/5815: [ 533.070642][ T32] 2 locks held by syz-executor/5834: [ 533.088093][ T32] #0: ffff8880b843b2e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140 [ 533.121865][ T32] #1: ffff88807aa36008 (&____s->seqcount#15){.-.-}-{0:0}, at: trace_ignore_this_task+0xbc/0x100 [ 533.153445][ T32] 2 locks held by getty/8128: [ 533.158297][ T32] #0: ffff888033adb0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 533.168509][ T32] #1: ffffc9000371d2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500 [ 533.179076][ T32] 2 locks held by kworker/u10:1/8364: [ 533.184760][ T32] #0: ffff88801dfbc948 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0 [ 533.199796][ T32] #1: ffffc900035a7d08 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x988/0x19a0 [ 533.213148][ T32] 3 locks held by kworker/u10:2/8366: [ 533.218882][ T32] #0: ffff88801c6ae948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0 [ 533.229634][ T32] #1: ffffc900043a7d08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x988/0x19a0 [ 533.239975][ T32] #2: ffffffff905fb910 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920 [ 533.250447][ T32] 4 locks held by kworker/u10:7/8405: [ 533.256216][ T32] 1 lock held by syz.0.581/8611: [ 533.261309][ T32] #0: ffffffff905fb910 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0 [ 533.271254][ T32] [ 533.273908][ T32] ============================================= [ 533.273908][ T32] [ 533.282469][ T32] NMI backtrace for cpu 1 [ 533.282493][ T32] CPU: 1 UID: 0 PID: 32 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 533.282538][ T32] Tainted: [L]=SOFTLOCKUP [ 533.282549][ T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 533.282568][ T32] Call Trace: [ 533.282578][ T32] [ 533.282591][ T32] dump_stack_lvl+0x100/0x190 [ 533.282643][ T32] nmi_cpu_backtrace.cold+0x12d/0x151 [ 533.282702][ T32] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 533.282751][ T32] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 533.282792][ T32] sys_info+0x141/0x190 [ 533.282842][ T32] watchdog+0xd25/0x1050 [ 533.282885][ T32] ? __pfx_watchdog+0x10/0x10 [ 533.282918][ T32] ? __kthread_parkme+0x18c/0x230 [ 533.282958][ T32] ? kthread+0x13a/0x450 [ 533.282997][ T32] ? __pfx_watchdog+0x10/0x10 [ 533.283026][ T32] kthread+0x370/0x450 [ 533.283089][ T32] ? __pfx_kthread+0x10/0x10 [ 533.283137][ T32] ret_from_fork+0x754/0xd80 [ 533.283189][ T32] ? __pfx_ret_from_fork+0x10/0x10 [ 533.283243][ T32] ? __switch_to+0x7b4/0x1120 [ 533.283280][ T32] ? __pfx_kthread+0x10/0x10 [ 533.283327][ T32] ret_from_fork_asm+0x1a/0x30 [ 533.283383][ T32] [ 533.283395][ T32] Sending NMI from CPU 1 to CPUs 0: [ 533.409877][ C0] NMI backtrace for cpu 0 [ 533.409898][ C0] CPU: 0 UID: 0 PID: 5917 Comm: kworker/0:5 Tainted: G L syzkaller #0 PREEMPT(full) [ 533.409938][ C0] Tainted: [L]=SOFTLOCKUP [ 533.409947][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 533.409964][ C0] Workqueue: events free_obj_work [ 533.410004][ C0] RIP: 0010:rcu_is_watching+0x4b/0xc0 [ 533.410062][ C0] Code: 00 00 00 48 8d 3c ed e0 d8 12 8e 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 5c 48 03 1c ed e0 d8 12 8e <48> b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 0f b6 14 02 48 [ 533.410088][ C0] RSP: 0018:ffffc90004ad7668 EFLAGS: 00000283 [ 533.410108][ C0] RAX: dffffc0000000000 RBX: ffff8880b8433ca8 RCX: 0000000000000002 [ 533.410126][ C0] RDX: 1ffffffff1c25b1c RSI: ffffffff8c1b05a0 RDI: ffffffff8e12d8e0 [ 533.410143][ C0] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 533.410159][ C0] R10: 0000000000000200 R11: 000000000000ad2b R12: 0000000000000002 [ 533.410175][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 533.410191][ C0] FS: 0000000000000000(0000) GS:ffff88812434a000(0000) knlGS:0000000000000000 [ 533.410216][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 533.410233][ C0] CR2: 00007f880bbe92f8 CR3: 000000000e598000 CR4: 00000000003526f0 [ 533.410251][ C0] Call Trace: [ 533.410258][ C0] [ 533.410269][ C0] lock_acquire+0x317/0x380 [ 533.410302][ C0] ? unwind_next_frame+0x3be/0x1ea0 [ 533.410328][ C0] ? unwind_next_frame+0x3be/0x1ea0 [ 533.410355][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 533.410382][ C0] unwind_next_frame+0xd1/0x1ea0 [ 533.410407][ C0] ? unwind_next_frame+0xbd/0x1ea0 [ 533.410432][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 533.410463][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 533.410489][ C0] arch_stack_walk+0x94/0xf0 [ 533.410516][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 533.410544][ C0] ? free_object_list.isra.0+0xf8/0x2a0 [ 533.410584][ C0] stack_trace_save+0x8e/0xc0 [ 533.410608][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 533.410634][ C0] ? __lock_acquire+0x4a5/0x2630 [ 533.410667][ C0] kasan_save_stack+0x30/0x50 [ 533.410708][ C0] ? kasan_save_stack+0x30/0x50 [ 533.410746][ C0] ? kasan_save_track+0x14/0x30 [ 533.410784][ C0] ? kasan_save_free_info+0x3b/0x70 [ 533.410820][ C0] ? __kasan_slab_free+0x5f/0x80 [ 533.410860][ C0] ? kmem_cache_free+0x124/0x6a0 [ 533.410894][ C0] ? free_object_list.isra.0+0xf8/0x2a0 [ 533.410955][ C0] ? free_obj_work+0x19d/0x3d0 [ 533.410993][ C0] ? process_one_work+0xa23/0x19a0 [ 533.411031][ C0] ? worker_thread+0x5ef/0xe50 [ 533.411066][ C0] ? kthread+0x370/0x450 [ 533.411099][ C0] ? ret_from_fork+0x754/0xd80 [ 533.411136][ C0] ? ret_from_fork_asm+0x1a/0x30 [ 533.411188][ C0] kasan_save_track+0x14/0x30 [ 533.411228][ C0] kasan_save_free_info+0x3b/0x70 [ 533.411261][ C0] __kasan_slab_free+0x5f/0x80 [ 533.411286][ C0] kmem_cache_free+0x124/0x6a0 [ 533.411325][ C0] free_object_list.isra.0+0xf8/0x2a0 [ 533.411365][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 533.411403][ C0] free_obj_work+0x19d/0x3d0 [ 533.411447][ C0] ? __pfx_free_obj_work+0x10/0x10 [ 533.411489][ C0] ? rcu_is_watching+0x12/0xc0 [ 533.411531][ C0] process_one_work+0xa23/0x19a0 [ 533.411577][ C0] ? __pfx_process_one_work+0x10/0x10 [ 533.411620][ C0] ? __pfx_free_obj_work+0x10/0x10 [ 533.411663][ C0] worker_thread+0x5ef/0xe50 [ 533.411706][ C0] ? __pfx_worker_thread+0x10/0x10 [ 533.411744][ C0] ? kthread+0x13a/0x450 [ 533.411777][ C0] ? __pfx_worker_thread+0x10/0x10 [ 533.411813][ C0] kthread+0x370/0x450 [ 533.411846][ C0] ? __pfx_kthread+0x10/0x10 [ 533.411881][ C0] ret_from_fork+0x754/0xd80 [ 533.411920][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 533.411965][ C0] ? __switch_to+0x7b4/0x1120 [ 533.411994][ C0] ? __pfx_kthread+0x10/0x10 [ 533.412041][ C0] ret_from_fork_asm+0x1a/0x30 [ 533.412076][ C0] [ 533.832914][ T32] Kernel panic - not syncing: hung_task: blocked tasks [ 533.839839][ T32] CPU: 1 UID: 0 PID: 32 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 533.850578][ T32] Tainted: [L]=SOFTLOCKUP [ 533.854936][ T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 533.865046][ T32] Call Trace: [ 533.868373][ T32] [ 533.871342][ T32] dump_stack_lvl+0x100/0x190 [ 533.876101][ T32] vpanic+0x552/0x970 [ 533.880139][ T32] ? __pfx_vpanic+0x10/0x10 [ 533.884696][ T32] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 533.890920][ T32] panic+0xd1/0xe0 [ 533.894706][ T32] ? __pfx_panic+0x10/0x10 [ 533.899203][ T32] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 533.905411][ T32] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 533.911620][ T32] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 533.917822][ T32] ? watchdog.cold+0x198/0x1ca [ 533.922644][ T32] ? watchdog+0xd35/0x1050 [ 533.927150][ T32] watchdog.cold+0x1a9/0x1ca [ 533.931789][ T32] ? __pfx_watchdog+0x10/0x10 [ 533.936504][ T32] ? __kthread_parkme+0x18c/0x230 [ 533.941612][ T32] ? kthread+0x13a/0x450 [ 533.945915][ T32] ? __pfx_watchdog+0x10/0x10 [ 533.950632][ T32] kthread+0x370/0x450 [ 533.954756][ T32] ? __pfx_kthread+0x10/0x10 [ 533.959389][ T32] ret_from_fork+0x754/0xd80 [ 533.964092][ T32] ? __pfx_ret_from_fork+0x10/0x10 [ 533.969264][ T32] ? __switch_to+0x7b4/0x1120 [ 533.974004][ T32] ? __pfx_kthread+0x10/0x10 [ 533.978670][ T32] ret_from_fork_asm+0x1a/0x30 [ 533.983518][ T32] [ 533.987180][ T32] Kernel Offset: disabled [ 533.991532][ T32] Rebooting in 86400 seconds..