last executing test programs: 52.825357732s ago: executing program 3 (id=1807): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/mcfilter\x00', 0x69483, 0x0) (async) mmap$auto(0x9, 0xa, 0xdf, 0xffff, 0x2, 0xa) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0) (async) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0) close_range$auto(0x2, r0, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) (async) select$auto(0x2, 0x0, 0x0, 0x0, 0xfffffffffffffffc) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae41, r1) (async) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x7, 0x0, [{0x40000003, 0x2, 0x6}]}) (async) sysfs$auto(0x2, 0x42, 0x0) (async) r2 = fsopen$auto(0x0, 0x1) fsconfig$auto(r2, 0x8, 0x0, 0x0, 0x0) (async) mmap$auto(0x0, 0xb2, 0xde, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x40d1}, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = io_uring_setup$auto(0x1, 0x0) io_uring_register$auto(r3, 0x2, &(0x7f0000000180), 0x1000) (async) r4 = getpid() (async) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xffffffffffffffff, 0x7) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x1, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0x4, 0x13) (async) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x4000, 0x0) clock_nanosleep$auto(0x8, 0x0, &(0x7f0000000000)={0x3, 0x800000000002}, 0x0) (async) adjtimex$auto(&(0x7f0000000480)={0x101, 0x0, 0x1, 0x1, 0x7, 0x7f, 0x860, 0x0, 0x1, 0x45079941, 0x8, {0x47a8}, 0x4, 0x8000000000000000, 0xc, 0x9000000, 0x0, 0x8, 0xc65, 0xffffffffffffffff, 0xb4, 0x800, 0xf9}) (async) process_vm_readv$auto(r4, &(0x7f00000001c0)={0x0, 0xfff}, 0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)="fb7f9b7f01aae3e72ef024e76647e2560badb9b841dbce85344d050002ac015f44d7f0f046465c09bda2f2ada700000000000000", 0xffffffff}, 0x6, 0x0) 52.6819661s ago: executing program 3 (id=1809): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) r0 = open(&(0x7f0000000100)='.\x00', 0x62c002, 0x500) write$auto(r0, 0x0, 0xfffffdf1) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) rename$auto(&(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='./file0\x00') 51.474062289s ago: executing program 3 (id=1820): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x14, r1, 0x309, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x24008800}, 0x20044840) (fail_nth: 3) 50.773941916s ago: executing program 3 (id=1823): close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000200), 0x101802, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r1, 0x4068aea3, &(0x7f0000000080)={0xaf}) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) recvmmsg$auto(r3, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/rcu_expedited\x00', 0x1a1842, 0x0) write$auto(r4, 0x0, 0x4) ioctl$auto_FS_IOC_ZERO_RANGE(r0, 0x40305839, 0x2) setsockopt$auto_SO_WIFI_STATUS(0xffffffffffffffff, 0x0, 0x29, 0x0, 0xbff) 49.389169784s ago: executing program 3 (id=1832): r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) 48.99312568s ago: executing program 3 (id=1833): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) (async) mmap$auto(0x0, 0x810000, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) madvise$auto(0x40, 0x2, 0x81) (async, rerun: 64) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x9000) (rerun: 64) write$auto(0xffffffffffffffff, &(0x7f0000000040)='\\\x00', 0x2) (async) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x8000, 0x0) read$auto(r1, 0x0, 0x7) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x20) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) chown$auto(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vivid.0/video4linux/vbi6/dev\x00', 0x149482, 0x0) (async) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) write$auto(0x3, 0x0, 0x7fffffff) (async) writev$auto(r0, &(0x7f0000000200)={0x0, 0xb}, 0x200000003) (async) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) 33.682833969s ago: executing program 32 (id=1833): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) (async) mmap$auto(0x0, 0x810000, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) madvise$auto(0x40, 0x2, 0x81) (async, rerun: 64) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x9000) (rerun: 64) write$auto(0xffffffffffffffff, &(0x7f0000000040)='\\\x00', 0x2) (async) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x8000, 0x0) read$auto(r1, 0x0, 0x7) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x20) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) chown$auto(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vivid.0/video4linux/vbi6/dev\x00', 0x149482, 0x0) (async) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) write$auto(0x3, 0x0, 0x7fffffff) (async) writev$auto(r0, &(0x7f0000000200)={0x0, 0xb}, 0x200000003) (async) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) 5.749464242s ago: executing program 2 (id=1965): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f00000004c0)={0x5, 0x2e9, [{0xffffffffffffffff, 0x0, 0x5, 0xd}, {0xffffffffffffffff, 0x0, 0x6}]}) write$auto(r0, &(0x7f0000000040)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\x99\x87\xba\xdaS-\xd6\xe5\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d8) ioctl$auto_SNDCTL_DSP_GETTRIGGER(0xffffffffffffffff, 0x80045010, &(0x7f0000004440)) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000) r1 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x80003, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ip_vti0\x00', 0x0}) sendto$auto(0x3, 0x0, 0x1, 0xfffffff8, &(0x7f0000000440)=@xdp={0x2c, 0xdd86, r2, 0x30}, 0x22) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/sound/ctl-led/speaker/mode\x00', 0x182, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x2000007) open(0x0, 0x163340, 0x16e) socket(0x2, 0x80802, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4e23, @multicast2}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) 5.218816625s ago: executing program 1 (id=1966): r0 = socket(0x2b, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x2, 0x9, 0x6, 0xade, r0, 0x10) r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) lseek$auto(r1, 0x7, 0x7fff) ioperm$auto(0x6, 0x3, 0x148) ioctl$auto_SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f00000001c0)) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/midiC2D2\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x11, 0x3, 0x4007) mmap$auto(0x2, 0x5, 0xe2, 0xeb1, 0x405, 0x8000) sysfs$auto(0x2, 0x100000000000030, 0x0) r4 = fsopen$auto(0x0, 0x1) fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0) socket(0x2, 0x1, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000600), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000480)={'dummy0\x00', 0x0}) r8 = ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000240)=0x2f70) sendmsg$auto_NBD_CMD_CONNECT(r5, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0xb4, 0x0, 0x300, 0x70bd25, 0x25dfdbfe, {}, [@NBD_ATTR_DEVICE_LIST={0x88, 0x9, 0x0, 0x1, [@nested={0x74, 0x86, 0x0, 0x1, [@typed={0x8, 0x7c, 0x0, 0x0, @pid=r8}, @generic="c558daed3c7a191eb0d5e4b46fd724031d7003a54136134b9aea4c93be2e622840608d540506b53f4ab200085ca26e8e8943f0eab6edf82dba5724a82393560ee1c7ab7cac80648906", @typed={0x8, 0x94, 0x0, 0x0, @fd=r4}, @generic="e1e7527bac18bc31f0327b1d6c0aa0d962d45adf1973cd"]}, @nested={0x10, 0x9e, 0x0, 0x1, [@nested={0x4, 0x126}, @typed={0x8, 0xe4, 0x0, 0x0, @u32=0x8}]}]}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x1}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x4}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4041}, 0x40080) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000e80)={0x20, r6, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@ETHTOOL_A_MODULE_FW_FLASH_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}]}, 0x20}, 0x1, 0x1000060}, 0x400c080) mmap$auto(0xfffffffffffffffb, 0x100, 0xde, 0x50, r3, 0xfffa) close_range$auto(0x2, 0x8, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x58) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) 4.846136955s ago: executing program 4 (id=1969): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x36, 0xc3d1, 0x0, 0x10001, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x11, 0x1, 0x2) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto_VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f00000001c0)={0xa, r0}) mremap$auto(0x1ff000, 0x100005, 0x843, 0x3, 0x2) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) ioctl$auto_FS_IOC_ENABLE_VERITY3(r1, 0x40806685, &(0x7f0000000040)={0x4, 0x7ff, 0x3ff, 0x8, 0x3000000000000, 0x1, 0x0, 0x2}) r4 = fsopen$auto(0x0, 0x1) prctl$auto(0x1000000003b, 0x1, 0x4, 0xd73, 0x7) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) madvise$auto(0xfffffffffffffffa, 0x9, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, r1) mmap$auto(0x2, 0x1, 0x4000000000df, 0x78, r1, 0x300000000000) socket(0x1d, 0x3, 0x1) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) execveat$auto(r4, &(0x7f0000000180)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000280)='-\x00', &(0x7f0000000340)=&(0x7f0000000300)='\x00', 0x6) sendfile$auto(r5, r5, 0x0, 0x3) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x1, 0x4) 4.729484456s ago: executing program 2 (id=1971): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop13\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) (async) r1 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) mmap$auto(0x400, 0x810004, 0x8ffb, 0x8000000008011, r1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) openat$auto_msft_opcode_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci0/msft_opcode\x00', 0x0, 0x0) (async) openat$auto_msft_opcode_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci0/msft_opcode\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) (async) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000c00), r3) (async) r4 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000c00), r3) sendmsg$auto_TCP_METRICS_CMD_DEL(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="010927bd7000fbdbdf2502000008"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram6\x00', 0x100c02, 0x0) ioctl$auto_BLKROSET(r5, 0x125d, 0x0) (async) ioctl$auto_BLKROSET(r5, 0x125d, 0x0) r6 = setfsuid$auto(0xee00) setreuid$auto(r6, 0x0) mmap$auto(0x722, 0xffffffffffffffff, 0x609, 0x11, r5, 0xbe) r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r7, 0x4, 0x100000000) waitid$auto_P_PID(0x1, r7, 0x0, 0x7, &(0x7f0000000080)={{0x3, 0x8}, {0x7, 0x7}, 0xd, 0x3, 0x7fffffff, 0x2f, 0x7, 0x19e296a3, 0x100000001, 0x3883, 0x7, 0x7, 0x81, 0x81, 0x0, 0x7}) (async) waitid$auto_P_PID(0x1, r7, 0x0, 0x7, &(0x7f0000000080)={{0x3, 0x8}, {0x7, 0x7}, 0xd, 0x3, 0x7fffffff, 0x2f, 0x7, 0x19e296a3, 0x100000001, 0x3883, 0x7, 0x7, 0x81, 0x81, 0x0, 0x7}) shmctl$auto(0xc, 0x9, &(0x7f0000000200)={{0x5, r6, 0x0, 0x3fc, 0xc, 0x3, 0x4af}, 0xb, 0x9, 0x3, 0x7, @inferred=r7, @raw, 0x9, 0x0, 0x0, &(0x7f0000000100)="c3e86406bdd70b568a5ec3c6fe6bde9c1aebfe139ef3886662e42c111e60f95964d39bc1afb142ac7beb4f0b1fcabf64dfc6c78f8345143d72e8237562e76ddb6f27a87077c392cc10804c05dd7c183ce70a7df5d9c280e09ac9e8fc149120688d9f40457b36924b8b28d59e09350a248289310f044f8e7648f5502001b1c1e429dc34f44b054b009f31e6dc93765b559d87f458b4c71afe365b549f0acbc661a3f676fa711433b8bfe6c5802914404cee536d9215eeb123f4d004cd0e346494e45f93e6e9ff63d36d"}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/ram12/queue/optimal_io_size\x00', 0x0, 0x0) (async) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/ram12/queue/optimal_io_size\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r8, &(0x7f0000000300)=""/213, 0xd5) mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1) 3.983819021s ago: executing program 1 (id=1972): r0 = socket(0x18, 0x3, 0x2) sendmmsg$auto(0x3, 0x0, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) fcntl$auto_F_SETSIG(r1, 0xa, 0x9) mmap$auto(0x0, 0x6, 0x4000000000df, 0xeb1, 0x400, 0xfffffffffffffffb) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyz9\x00', 0x34d000, 0x0) r3 = epoll_create$auto(0x3e) epoll_ctl$auto(r3, 0x1, r2, 0x0) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto_SO_WIFI_STATUS(r1, 0x8, 0x29, &(0x7f0000000000)='\x00', 0x4) ioctl$auto_BLKBSZSET(0xffffffffffffffff, 0x40081271, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="f2000000", @ANYBLOB='p\x00', @ANYRES16], 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xb, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='*'], 0x1ac}}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa509}, 0x800}, 0x7, 0x4008) r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) msgctl$auto_IPC_RMID(0x7f, 0x0, &(0x7f0000000440)={{0x800, 0x0, 0x0, 0x9, 0x8, 0x9, 0x5}, &(0x7f0000000200)=0xfb, &(0x7f0000000240)=0x5, 0x5, 0x4, 0xfffffffffffff114, 0x7fffffff, 0x9, 0xb21, 0x6, 0x0, @raw=0x8, @raw=0x9}) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/debug/block/sda/state\x00', 0x100, 0x0) lseek$auto(0x3, 0x40, 0x1) r7 = fcntl$getown(r3, 0x9) r8 = socket(0xa, 0x2, 0x73) ioctl$auto(r8, 0x8918, 0x38) sendmsg$auto_TIPC_NL_KEY_SET(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYRESOCT=r3, @ANYRES16=r5, @ANYBLOB="000428bd7000fddbdf25170000000f000000d809ad731e6244cee2f8fe00dc01018014004a8004005c800400238008004900", @ANYRES32=r6, @ANYRES8=r2, @ANYRES32=r0, @ANYRESOCT=r2, @ANYRES32=r7, @ANYBLOB="7b00cf800400d6800400588004005c000e002c002f6465762f736461310000005e1e553c31e8dae5305bcbd3916826f5d62a8ff139a4a7826748a831e4f3fa4f8ab6201f0db2df89467da3cc573febb647754ed9ff493d579d856957cb8da884ea1b87c3851975aac631eff6becca74a4eecf1a63bee921dda920400000000"], 0x2578}, 0x1, 0x0, 0x0, 0x11}, 0x4040) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x3e1301, 0x0) r9 = setfsuid$auto(0xee00) r10 = socket(0x2b, 0x1, 0x1) setsockopt$auto_SO_BSDCOMPAT(r10, 0x6, 0xe, 0x0, 0x80001) r11 = setfsuid$auto(0xee01) setresuid$auto(r9, r11, r9) 3.719174824s ago: executing program 1 (id=1973): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) (fail_nth: 3) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/sctp/assocs\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, 0x0, 0xfffffe36) read$auto_proc_reg_file_ops_compat_inode(r1, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r2 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)={0x14, r2, 0x1, 0x70bd31, 0x25dfdbfd}, 0x14}}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 2.762400388s ago: executing program 4 (id=1975): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/integrity/read_verify\x00', 0x2a262, 0x0) 2.657987821s ago: executing program 1 (id=1976): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/sctp/assocs\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, 0x0, 0xfffffe36) read$auto_proc_reg_file_ops_compat_inode(r1, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r2 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)={0x14, r2, 0x1, 0x70bd31, 0x25dfdbfd}, 0x14}}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 2.346840123s ago: executing program 4 (id=1977): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) munmap$auto(0x8000, 0xffffffff) msgctl$auto_MSG_STAT_ANY(0x3, 0xd, &(0x7f0000000200)={{0x7, 0x0, 0xffffffffffffffff, 0xefe, 0x2, 0x2, 0x448}, 0x0, 0x0, 0x8, 0x6, 0x2, 0xb0a, 0x2, 0x7f, 0x17f, 0x2, @inferred, @raw=0x7}) socket(0xa, 0x801, 0x84) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x80000000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, 0x0, 0x5) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) 2.239133236s ago: executing program 4 (id=1978): mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) eventfd$auto(0x4) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(&(0x7f0000000500)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) ioctl$auto(r1, 0x4008af20, r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) write$auto(0xffffffffffffffff, 0x0, 0x1000000007e) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r2) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000100)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fbdbdf25040000002d0011002f50136a"], 0x50}, 0x1, 0x0, 0x0, 0x4008040}, 0x40800) 2.141574698s ago: executing program 2 (id=1979): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x11, 0x1, 0x2) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) mremap$auto(0x1ff000, 0x100005, 0x843, 0x3, 0x2) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) ioctl$auto_FS_IOC_ENABLE_VERITY3(r1, 0x40806685, &(0x7f0000000040)={0x4, 0x7ff, 0x3ff, 0x8, 0x3000000000000, 0x1, 0x0, 0x2}) r3 = fsopen$auto(0x0, 0x1) prctl$auto(0x1000000003b, 0x1, 0x4, 0xd73, 0x7) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) madvise$auto(0xfffffffffffffffa, 0x9, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, r1) mmap$auto(0x2, 0x1, 0x4000000000df, 0x78, r1, 0x300000000000) socket(0x1d, 0x3, 0x1) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) execveat$auto(r3, &(0x7f0000000180)='./file0\x00', &(0x7f00000002c0)=&(0x7f0000000280)='-\x00', &(0x7f0000000340)=&(0x7f0000000300)='\x00', 0x6) sendfile$auto(r4, r4, 0x0, 0x3) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x1, 0x4) 1.408398056s ago: executing program 4 (id=1981): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES8=r2, @ANYBLOB="18000000", @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x40000f0) write$auto(r1, &(0x7f0000000000)='\xde\x00', 0xfded) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r3, 0x1, 0x7ff) 1.095495735s ago: executing program 1 (id=1983): mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty1\x00', 0x0, 0x0) mmap$auto(0x2000000000, 0x2020009, 0x3, 0xeb2, r0, 0x2) r1 = socket(0x2b, 0x1, 0x3ff) getsockopt$auto(r1, 0x41, 0x80, 0x0, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, 0x0, 0x24084005) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000180)) unshare$auto(0x8000000) shmget$auto(0x0, 0xfffffffffeffffff, 0x69c2) r2 = socket(0xa, 0x1, 0x100) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x20000, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r5 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r4, 0x541c, r5) ioctl$auto_SNDCTL_DSP_SYNC(r5, 0x5001, &(0x7f0000000300)="2b7956fa8a2881e7e40a2bbd5923d08ecba68e0cc973513066e1f12c849d8a5a8d98e05b2da6ff33e182e61373f62e5249730c597c1d30b390d27ef401c297923ffcafde40c1a6904abe8e66e74ee1918062b00defc2ad9aea0d59e9c0d4f866b1fb125deada7cd6268074e08359d171cb1954b6b53012445e70ce9f3fc1c0c96b526b517b6cd909e6b825a5fac48603b066673d4d90fd7bd7ae9de4cb25623ce2967f94cd415dd4c70566068c848546359dd205c010dfe0ca8751bc3924195105ab5d9f6b86232b1e7cf5da7e9d6db9468ea21cddfe80e645d3ba55ac5ab1173a") syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r2) sendmsg$auto_NL80211_CMD_CONNECT(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x854}, 0x4) sendmsg$auto_NL80211_CMD_SET_STATION(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x20000001) ioctl$auto(r3, 0xab00, r2) unshare$auto(0xd) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r6, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x9, 0x2020009, 0x3, 0x7fffffff, 0xfffffffffffffffa, 0x0) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) acct$auto(&(0x7f0000000200)='\x06\x00\x00\x00\x00@M\xb5\xe1t\xfe/-\x1b\x96\xf3\xab9F\xa7\xcai1\x7f\xd9\x9c-vsock\x00\xe88\x96\x9c\xda,i(\xba\x14u\xdd\xebV:]\x05\"O\xa4\xdf\xadHdeh\x86\xb8l\f\x18\xc5\x90\xad\x06\xb6\xae\xce\xe4\x88W}\xcb\xa63\xba\x92\x9ed\xb6\xb3\xf2Ad\xf5\x8ae\x81\xe0\x04\xb4\xa7W{\xb9') ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f00000002c0)="174c8bb6c072729f03df8840b4c076d067f5aaeb966aa8a92a384754af18bb886776d7fc041df70974dc3ee9dc9175a5867b94e6e799d584d831e32b7a6adf381bd38cd9540cf7578673bad4cd43320cf62447165389e3b44d8a044f09416207998b11de7fd4ecdb08bc5953bca342a3c7b1c4ba73c77e03c604b8807ee0bd5ac504e345bf671a14da852037048484561477b39785d66bef6751eae5403062295f502fb626c958cddb6a88cb09f3378c7186dedd6323ceb93eda6a0d705ac0be7d9ae27c04795e82ea5baae338da210eef8c64855d42bcd39a986fa3eab556bf009d2d9fb813126735c530559fe239251a45919e0a8f96677a3e7cbaddd17fb4c6d512dc88ddd3b0fb847d23bc61ff577727e0d6a249e32bbf7be902b9ec976af16b2653fffbc2464dda4114879a28bef18880c9ddd17f7c8d408c95dd4842c323169d9810acbc8a3490e4bf7dd62159be09e896170de1de") 1.091311935s ago: executing program 0 (id=1991): mmap$auto(0x0, 0x10, 0x4000000000e3, 0x40eb2, 0xffffffffffffffff, 0xfd1e) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty1\x00', 0x0, 0x0) mmap$auto(0x0, 0x202000d, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r1 = socket(0x2b, 0x1, 0x2) getsockopt$auto(r1, 0x41, 0x80, 0x0, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, 0x0, 0x24084005) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000180)) unshare$auto(0x8000000) shmget$auto(0x0, 0xfffffffffeffffff, 0x69c2) r2 = socket(0xa, 0x1, 0x100) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop3\x00', 0x6a2002, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r5 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r4, 0x541c, r5) ioctl$auto_SNDCTL_DSP_SYNC(r5, 0x5001, &(0x7f0000000300)="2b7956fa8a2881e7e40a2bbd5923d08ecba68e0cc973513066e1f12c849d8a5a8d98e05b2da6ff33e182e61373f62e5249730c597c1d30b390d27ef401c297923ffcafde40c1a6904abe8e66e74ee1918062b00defc2ad9aea0d59e9c0d4f866b1fb125deada7cd6268074e08359d171cb1954b6b53012445e70ce9f3fc1c0c96b526b517b6cd909e6b825a5fac48603b066673d4d90fd7bd7ae9de4cb25623ce2967f94cd415dd4c70566068c848546359dd205c010dfe0ca8751bc3924195105ab5d9f6b86232b1e7cf5da7e9d6db9468ea21cddfe80e645d3ba55ac5ab1173a") r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r2) sendmsg$auto_NL80211_CMD_CONNECT(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="18000000", @ANYRES16=r6, @ANYBLOB="02002c060000000000000000000004001601"], 0x18}, 0x1, 0x0, 0x0, 0x854}, 0x4) sendmsg$auto_NL80211_CMD_SET_STATION(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x20000001) ioctl$auto(r3, 0xab00, r2) unshare$auto(0xd) r7 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r7, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0xa6cc) listen$auto(0x3, 0x81) mmap$auto(0x9, 0x2020009, 0x3, 0x7fffffff, 0xfffffffffffffffa, 0x0) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) acct$auto(&(0x7f00000000c0)='/dev/vhost-vsock\x00') ioctl$auto_TIOCSTI2(r5, 0x5412, &(0x7f00000002c0)="174c8bb6c072729f03df8840b4c076d067f5aaeb966aa8a92a384754af18bb886776d7fc041df70974dc3ee9dc9175a5867b94e6e799d584d831e32b7a6adf381bd38cd9540cf7578673bad4cd43320cf62447165389e3b44d8a044f09416207998b11de7fd4ecdb08bc5953bca342a3c7b1c4ba73c77e03c604b8807ee0bd5ac504e345bf671a14da852037048484561477b39785d66bef6751eae5403062295f502fb626c958cddb6a88cb09f3378c7186dedd6323ceb93eda6a0d705ac0be7d9ae27c04795e82ea5baae338da210eef8c64855d42bcd39a986fa3eab556bf009d2d9fb813126735c530559fe239251a45919e0a8f96677a3e7cbaddd17fb4c6d512dc88ddd3b0fb847d23bc61ff577727e0d6a249e32bbf7be902b9ec976af16b2653fffbc2464dda4114879a28bef18880c9ddd17f7c8d408c95dd4842c323169d9810acbc8a3490e4bf7dd62159be09e896170de1de") 1.040868935s ago: executing program 4 (id=1984): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D3\x00', 0x200a41, 0x0) bpf$auto(0x8000000, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(0xffffffffffffffff, &(0x7f00000002c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1d\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"P\x8a\xbbY8@Z5`\xa2\x9aSVd\x1d\xac\xe8\x90e\x9d\x03tm\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7.\xbe\x01\x98\xd7l\x00\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfa\xf0\xd9\xc0K\x8b\xa3c\x00'/160, 0xa9) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x20000054) (async) write$auto(0xffffffffffffffff, 0x0, 0x98c7) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) (async) mmap$auto(0x0, 0x2000d, 0x4, 0xeb1, 0xffffffffffffffff, 0x6000000000) (async, rerun: 32) pidfd_send_signal$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, 0x401, &(0x7f0000000100)={@_si_pad}, 0x8) (rerun: 32) shmctl$auto_SHM_LOCK(0x2, 0xb, 0x0) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x4c2080, 0x0) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x400008000) (async) r1 = socketpair$auto(0x0, 0x1000, 0x7fffffff, &(0x7f0000000040)=0x4) close_range$auto(r1, 0xffffffffffffffff, 0x0) (async) open(0x0, 0x22240, 0x55) (async) ioctl$auto(0x3, 0x6f50, 0xffffffffffffffff) (async) getrandom$auto(0x0, 0x6000000, 0x3) (async) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r0, 0x8000) (async) ioctl$auto_BLKRRPART(r0, 0x125f, 0x0) (async) madvise$auto(0x0, 0x400053, 0x9) 868.899149ms ago: executing program 0 (id=1985): madvise$auto(0x600, 0x7fffffffffffffff, 0xa) 724.71478ms ago: executing program 0 (id=1986): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r0 = bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_fd, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) ioctl$auto_TCFLSH2(r0, 0x540b, &(0x7f0000000000)="701e5ffc5f3cd50e206b57887a1d735a10027cb78d7531d2307d67f90e684e83576eba1708520be11a9249453b6f988220344a9ea04c37635016b1651b32ef81a98b66504c5ec3227417a508dcaff71b300656c492ec0e5da1b06a2c110e94ea3e04dea6c705492281e32f5314") 626.361537ms ago: executing program 2 (id=1987): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) munmap$auto(0x8000, 0xffffffff) msgctl$auto_MSG_STAT_ANY(0x3, 0xd, &(0x7f0000000200)={{0x7, 0x0, 0xffffffffffffffff, 0xefe, 0x2, 0x2, 0x448}, 0x0, 0x0, 0x8, 0x6, 0x2, 0xb0a, 0x2, 0x7f, 0x17f, 0x2, @inferred, @raw=0x7}) socket(0xa, 0x801, 0x84) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x80000000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, 0x0, 0x5) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) 617.327789ms ago: executing program 0 (id=1988): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bpf$auto(0xfffffffe, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x88, 0xac1, 0x2, 0x36242398, 0x7ff, 0x3bb, 0x8, 0xffff, 0x1, 0x81, 0x68198}, 0x6f2) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) io_uring_setup$auto(0x8, &(0x7f0000000140)={0x3ff, 0x3, 0x9, 0x10001, 0x12, 0xc05, r0, [0x7ff, 0xfff, 0x8], {0x6, 0x1, 0x5, 0x0, 0x400, 0x3, 0x3fe0, 0x26c, 0x1000000000e8}, {0x2, 0x2, 0x54f1, 0x0, 0x101, 0xff, 0x8d8, 0xa, 0x3}}) sysfs$auto(0x2, 0x23, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400c854}, 0x800) close_range$auto(0x2, 0xffffffffffffffff, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/11/smp_affinity\x00', 0xe0182, 0x0) readv$auto(0x3, &(0x7f0000000000)={0x0, 0x10000ffff}, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lsm_get_self_attr$auto(0x8068, 0x0, &(0x7f0000002440)=0x20000008, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) listmount$auto(0xfffffffffffffffd, 0x0, 0x8, 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r2 = fanotify_init$auto(0x5, 0x2000000000002) fanotify_mark$auto(r2, 0x1, 0x803a, r2, 0x0) madvise$auto(0x110c230000, 0x1, 0x9) futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4) read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f00000004c0)=""/197, 0xffffffffffffff81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(0x0, 0x22040, 0x75) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYRESHEX=0x0, @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) r3 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r4 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x44001, 0x0) setsockopt$auto_SO_PASSPIDFD(r4, 0x5d7, 0x4c, &(0x7f0000000080)='/sys/kernel/debug/gpio\x00', 0xfffffffd) openat$auto_gpiolib_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) pread64$auto(r1, 0x0, 0x100007, 0x1) 458.872346ms ago: executing program 2 (id=1989): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/rose7/flags\x00', 0x2262, 0x0) write$auto(r0, &(0x7f0000000640)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V98\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\x80\x04z\xd0I>\x8f\x00\xd7\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02t\x87\x00\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x97nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb6\x9f4[!\x0f3u\xaf\x97\x97\x9d\x1dr\xf3\xab\xdfE[5\x86\xa2\xb92\xc0\x15L\xda\xe3\x04\\M\x85}\xdfh\xd2\xd93e\xf61^\x04\x0f\x85\xc7_\xd0\x8d9\xbd\xc6\xf3R\xea\x10\xb9\xa2\x94]\xf2\r\t\xff$\xeb\xfd1\x8d\x97\x80\x81\x95]\xb2H\xf4\x1c\x8c\xcf\x8eM\x0eB\xb0\x83\xa3\bF\xc7\xae\x1a\xa7r\x9c\xfe\xa5\xa0~\xe4o+\x9d\xb0\xa6\xe8\a\x9a}\x88\x0eKd\xe07\xf0\x88\xf2\xb7\xe3\xe3\b\xac\x1e\xa2a0\x83\x0f\x06\x9eD\xd0\xc6\xba\xa4\x13(l\xf6\xbc\x982\xa0@\xda\xe0\x96\xdc0X\x9c\n\xb3fs\xe1\xf50xffffffffffffffff}) r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x24, r4, 0x1b, 0x74bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x6}]}, @OVS_PACKET_ATTR_KEY={0x2c}]}, 0x24}, 0x1, 0x0, 0x0, 0x400c080}, 0x20004880) r5 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$auto_UBI_IOCATT(r5, 0x40186f40, &(0x7f0000000000)={0x1f, 0x0, 0x202, 0x9, 0x1}) (async) read$auto_proc_sys_file_operations_proc_sysctl(r3, 0x0, 0xffffffca) ioctl$auto_SNDCTL_DSP_POST(0xffffffffffffffff, 0x5008, &(0x7f00000000c0)="948a858b01658dee296a86e5df24de114b905d773eb7a954f4cdb61680b8ef69a2d2ebaadcd8a6b8f01b83946888f5726499dc74a6da49be7425e9a31be0d184d3dd514e248c653f518eaa35d2f5520c0eeb26afaeafe4aedd7ba6b1b04840ea2f992212b22ab9e8c8bb19259462ed3499fadaad1b4e85c8138168831942ab5ff014ec6e0af3587a88346bffec3b749dc7de8e223e74e31611f45f75389413d7e70027a5f51ebc604a79743934bb95069b1b683a379af1f92674cad2450e5d5ec9833437ee9c81051464626792a5c639081e") openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) (async) r6 = socket(0x11, 0x3, 0x6) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000280), r7) (async) sendmsg$auto_HWSIM_CMD_REGISTER(r7, 0x0, 0x0) sendmmsg$auto(r6, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f00000003c0)='\a', 0x5ea}, 0x5, 0x0, 0x0, 0x1001}, 0x5}, 0x2, 0x100) close_range$auto(0x2, 0x8, 0x0) socket(0x18, 0x3, 0x25) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/lo/disable_ipv6\x00', 0x82, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x2440, 0x0) 25.153288ms ago: executing program 2 (id=1993): r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, r0, 0x0) read$auto_vhost_net_fops_net(r0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) semctl$auto(0x1, 0x2, 0x2, 0xf00) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) write$auto(r1, 0x0, 0x1) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, 0x0) mmap$auto(0x0, 0x8, 0x1000000016, 0x13, 0x3, 0x400180000000) mmap$auto(0x0, 0x40009, 0x9, 0xffffffffffffff90, r0, 0x432) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000100), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r2, 0x100000001) mmap$auto(0x0, 0x20009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/irq/2/name\x00', 0x800, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/net/rose8/statistics/tx_dropped\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000000)=""/45, 0x2d) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x9, 0x1f, 0x940, 0x1ffde, 0x3, 0x6, 0x8000003, 0x9, 0x5, 0x0, 0x2, 0xb0, 0x7, 0x200, 0x3, 0x205, 0x7, 0x0, 0x3ffff, 0x0, 0x3, 0x7069, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0, 0x8, 0x5, 0x8000004, 0x0, 0x100000000000000, 0xfffffffffffffffb, 0x800000000000000, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x100000000, 0x0, 0x8000000000000001, 0x0, 0x7, 0x0, 0x0, 0xfff, 0x4, 0x0, 0x0, 0x2000000000000000, 0xffff]}, 0x203, 0x7d) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) socket(0x10, 0x2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ioam6(0x0, r4) sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r4, 0x0, 0x8010) sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="24080000788324674dc64ec4c5220a1414ccd3b900e08626064cde1760fc5bf30784bbf99a70340c4443f4cda47c8cfd3962d14456befb565162dd45ceb7", @ANYRES16=r5], 0x24}, 0x1, 0x0, 0x0, 0x20000091}, 0x4000000) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) 0s ago: executing program 0 (id=1994): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001480)='/proc/sys/net/ipv6/conf/geneve0/disable_ipv6\x00', 0x40001, 0x0) read$auto(r0, &(0x7f00000000c0)='MJC802154_HWSIM\x00\xca\xa52UWT1G\x01\x00\x00\x00\x00\x007\xc9\xa6\x8a\x00\x00\x00\x00\x00\x00\xff\x01\x00\x00\x00\x00\x00\x00\x00', 0x72b3) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="c80d1b5d399b3b", 0xfdef) writev$auto(r1, 0x0, 0x1) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0x50b301a, 0x2c, 0x2c, 0x0, 0x2}) epoll_create$auto(0x9) mremap$auto(0x110c230000, 0x0, 0x101, 0x3, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_STATUS64(0xffffffffffffffff, 0x80605414, &(0x7f0000000000)={0x6, 0x3, 0x200, 0xba44, 0x2, 0xb, "e00026e8fdffdbcd2c02d3c293faa80c2f5336d79fc5b8202cb37f6b6d22c42432352deb58e78afdbae70400"}) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) sysfs$auto(0x2, 0x41, 0x0) r3 = fsopen$auto(0x0, 0x1) fsconfig$auto_SHMEM_HUGE_NEVER(r3, 0x0, &(0x7f0000000180)='+\x00_\xe8\xdb\xff\x0f\\X\xc9#\xa0\xdc\x04\x0f\x99v\xbc\xc3\xf2\x03\xe2T\b\x9c\xe7J\xcd\x00\x00\x00\x00\x00\x00\x00\x00c\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_taskstats(0x0, 0xffffffffffffffff) sendmsg$auto_CGROUPSTATS_CMD_GET(r4, 0x0, 0x24000000) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, 0x0, 0x800, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x42082, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x6e642, 0x0) mmap$auto(0x0, 0x2020009, 0x5e, 0x8000000000000eb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x8, 0x0) r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/008/001\x00', 0x8901, 0x0) ioctl$auto(r5, 0x5522, r5) ioctl$auto(r5, 0x5523, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) setresuid$auto(0xffffffff, 0x0, 0x0) kernel console output (not intermixed with test programs): 659] snd_seq_oss_open+0x2b2/0xa10 [ 448.998227][T12659] odev_open+0x79/0xc0 [ 448.998261][T12659] ? __pfx_odev_open+0x10/0x10 [ 448.998296][T12659] soundcore_open+0x2e3/0x5a0 [ 448.998337][T12659] ? __pfx_soundcore_open+0x10/0x10 [ 448.998373][T12659] chrdev_open+0x234/0x6a0 [ 448.998398][T12659] ? __pfx_apparmor_file_open+0x10/0x10 [ 448.998436][T12659] ? __pfx_chrdev_open+0x10/0x10 [ 448.998464][T12659] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 448.998519][T12659] do_dentry_open+0x6d8/0x1660 [ 448.998565][T12659] ? __pfx_chrdev_open+0x10/0x10 [ 448.998601][T12659] vfs_open+0x82/0x3f0 [ 448.998639][T12659] path_openat+0x208c/0x31a0 [ 448.998678][T12659] ? __pfx_path_openat+0x10/0x10 [ 448.998718][T12659] do_file_open+0x20e/0x430 [ 448.998747][T12659] ? __pfx_do_file_open+0x10/0x10 [ 448.998799][T12659] ? alloc_fd+0x476/0x790 [ 448.998845][T12659] ? do_getname+0x191/0x390 [ 448.998881][T12659] do_sys_openat2+0x10d/0x1e0 [ 448.998914][T12659] ? __pfx_do_sys_openat2+0x10/0x10 [ 448.998950][T12659] ? __fget_files+0x21f/0x3d0 [ 448.999000][T12659] __x64_sys_openat+0x12d/0x210 [ 448.999035][T12659] ? __pfx___x64_sys_openat+0x10/0x10 [ 448.999083][T12659] do_syscall_64+0x106/0xf80 [ 448.999113][T12659] ? clear_bhb_loop+0x40/0x90 [ 448.999153][T12659] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.999185][T12659] RIP: 0033:0x7ff9be79c799 [ 448.999210][T12659] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 448.999238][T12659] RSP: 002b:00007ff9bf68e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 448.999265][T12659] RAX: ffffffffffffffda RBX: 00007ff9bea15fa0 RCX: 00007ff9be79c799 [ 448.999284][T12659] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 448.999303][T12659] RBP: 00007ff9be832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 448.999321][T12659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 448.999339][T12659] R13: 00007ff9bea16038 R14: 00007ff9bea15fa0 R15: 00007ffd50df5008 [ 448.999377][T12659] [ 449.377158][T12673] CPU: 1 UID: 0 PID: 12673 Comm: syz.1.1718 Tainted: G L syzkaller #0 PREEMPT(full) [ 449.377205][T12673] Tainted: [L]=SOFTLOCKUP [ 449.377214][T12673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 449.377231][T12673] Call Trace: [ 449.377241][T12673] [ 449.377253][T12673] dump_stack_lvl+0x100/0x190 [ 449.377299][T12673] should_fail_ex.cold+0x5/0xa [ 449.377336][T12673] ? iovec_from_user+0x8d/0x140 [ 449.377375][T12673] should_failslab+0xc2/0x120 [ 449.377403][T12673] __kmalloc_noprof+0xe0/0x850 [ 449.377457][T12673] iovec_from_user+0x8d/0x140 [ 449.377503][T12673] __import_iovec+0x81/0x640 [ 449.377555][T12673] import_iovec+0x82/0xb0 [ 449.377602][T12673] copy_msghdr_from_user+0x2ed/0x4f0 [ 449.377641][T12673] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 449.377688][T12673] ? __pfx__kstrtoull+0x10/0x10 [ 449.377744][T12673] ___sys_sendmsg+0x106/0x1e0 [ 449.377791][T12673] ? __pfx____sys_sendmsg+0x10/0x10 [ 449.377850][T12673] ? find_held_lock+0x2b/0x80 [ 449.377901][T12673] __sys_sendmmsg+0x205/0x430 [ 449.377937][T12673] ? __pfx___sys_sendmmsg+0x10/0x10 [ 449.377986][T12673] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 449.378053][T12673] ? fput+0x79/0x100 [ 449.378083][T12673] ? ksys_write+0x1ac/0x250 [ 449.378124][T12673] ? __pfx_ksys_write+0x10/0x10 [ 449.378174][T12673] __x64_sys_sendmmsg+0x9c/0x100 [ 449.378206][T12673] ? lockdep_hardirqs_on+0x78/0x100 [ 449.378237][T12673] do_syscall_64+0x106/0xf80 [ 449.378266][T12673] ? clear_bhb_loop+0x40/0x90 [ 449.378307][T12673] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.378337][T12673] RIP: 0033:0x7f2461f9c799 [ 449.378361][T12673] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 449.378389][T12673] RSP: 002b:00007f2462d79028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 449.378416][T12673] RAX: ffffffffffffffda RBX: 00007f2462216090 RCX: 00007f2461f9c799 [ 449.378436][T12673] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000004 [ 449.378454][T12673] RBP: 00007f2462d79090 R08: 0000000000000000 R09: 0000000000000000 [ 449.378471][T12673] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 449.378488][T12673] R13: 00007f2462216128 R14: 00007f2462216090 R15: 00007ffcdffc2288 [ 449.378527][T12673] [ 449.824606][T12684] misc userio: The device must be registered before sending interrupts [ 450.158195][T12695] FAULT_INJECTION: forcing a failure. [ 450.158195][T12695] name failslab, interval 1, probability 0, space 0, times 0 [ 450.185741][T12695] CPU: 1 UID: 0 PID: 12695 Comm: syz.0.1729 Tainted: G L syzkaller #0 PREEMPT(full) [ 450.185790][T12695] Tainted: [L]=SOFTLOCKUP [ 450.185801][T12695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 450.185818][T12695] Call Trace: [ 450.185832][T12695] [ 450.185844][T12695] dump_stack_lvl+0x100/0x190 [ 450.185897][T12695] should_fail_ex.cold+0x5/0xa [ 450.185931][T12695] should_failslab+0xc2/0x120 [ 450.185965][T12695] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 450.186004][T12695] ? mas_alloc_nodes+0x280/0x390 [ 450.186055][T12695] mas_alloc_nodes+0x280/0x390 [ 450.186100][T12695] mas_preallocate+0x39c/0xf10 [ 450.186128][T12695] ? __memcg_slab_post_alloc_hook+0x480/0x9a0 [ 450.186165][T12695] ? __pfx_mas_preallocate+0x10/0x10 [ 450.186206][T12695] ? anon_vma_name+0x5a/0x250 [ 450.186244][T12695] __split_vma+0x33d/0xd90 [ 450.186286][T12695] ? __pfx___split_vma+0x10/0x10 [ 450.186330][T12695] ? __pfx_mas_prev+0x10/0x10 [ 450.186374][T12695] vms_gather_munmap_vmas+0x39f/0x1500 [ 450.186421][T12695] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 450.186466][T12695] ? mas_walk+0x6ef/0x9b0 [ 450.186506][T12695] __mmap_region+0x492/0x29e0 [ 450.186545][T12695] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 450.186589][T12695] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 450.186632][T12695] ? __pfx___mmap_region+0x10/0x10 [ 450.186673][T12695] ? __lock_acquire+0x4a5/0x2630 [ 450.186739][T12695] ? find_held_lock+0x2b/0x80 [ 450.186760][T12695] ? is_bpf_text_address+0x8a/0x1a0 [ 450.186796][T12695] ? is_bpf_text_address+0x8a/0x1a0 [ 450.186831][T12695] ? bpf_ksym_find+0x124/0x1c0 [ 450.186860][T12695] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 450.186905][T12695] ? __lock_acquire+0x4a5/0x2630 [ 450.186989][T12695] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 450.187031][T12695] mmap_region+0x30a/0x3e0 [ 450.187075][T12695] do_mmap+0xc63/0x12f0 [ 450.187108][T12695] ? __pfx_do_mmap+0x10/0x10 [ 450.187134][T12695] ? __pfx_down_write_killable+0x10/0x10 [ 450.187176][T12695] __do_sys_remap_file_pages+0x8d4/0xa10 [ 450.187216][T12695] ? __fget_files+0x21f/0x3d0 [ 450.187255][T12695] ? __pfx___do_sys_remap_file_pages+0x10/0x10 [ 450.187288][T12695] ? fput+0x79/0x100 [ 450.187314][T12695] ? ksys_write+0x1ac/0x250 [ 450.187350][T12695] ? __pfx_ksys_write+0x10/0x10 [ 450.187394][T12695] do_syscall_64+0x106/0xf80 [ 450.187421][T12695] ? clear_bhb_loop+0x40/0x90 [ 450.187452][T12695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 450.187478][T12695] RIP: 0033:0x7feda599c799 [ 450.187500][T12695] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 450.187525][T12695] RSP: 002b:00007feda693b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8 [ 450.187549][T12695] RAX: ffffffffffffffda RBX: 00007feda5c15fa0 RCX: 00007feda599c799 [ 450.187566][T12695] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000000000006a27 [ 450.187581][T12695] RBP: 00007feda693b090 R08: 000000000000066a R09: 0000000000000000 [ 450.187597][T12695] R10: 0000000000000b74 R11: 0000000000000246 R12: 0000000000000001 [ 450.187612][T12695] R13: 00007feda5c16038 R14: 00007feda5c15fa0 R15: 00007ffd7cadcb18 [ 450.187646][T12695] [ 451.243023][T12727] FAULT_INJECTION: forcing a failure. [ 451.243023][T12727] name failslab, interval 1, probability 0, space 0, times 0 [ 451.276956][T12708] FAULT_INJECTION: forcing a failure. [ 451.276956][T12708] name failslab, interval 1, probability 0, space 0, times 0 [ 451.277055][T12727] CPU: 1 UID: 0 PID: 12727 Comm: syz.1.1738 Tainted: G L syzkaller #0 PREEMPT(full) [ 451.277095][T12727] Tainted: [L]=SOFTLOCKUP [ 451.277106][T12727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 451.277121][T12727] Call Trace: [ 451.277131][T12727] [ 451.277141][T12727] dump_stack_lvl+0x100/0x190 [ 451.277183][T12727] should_fail_ex.cold+0x5/0xa [ 451.277215][T12727] should_failslab+0xc2/0x120 [ 451.277246][T12727] __kmalloc_cache_noprof+0x7a/0x6f0 [ 451.277278][T12727] ? snd_pcm_oss_change_params_locked+0x247/0x39f0 [ 451.277328][T12727] snd_pcm_oss_change_params_locked+0x247/0x39f0 [ 451.277371][T12727] ? rcu_is_watching+0x12/0xc0 [ 451.277410][T12727] ? trace_contention_end+0x140/0x180 [ 451.277451][T12727] ? snd_pcm_oss_write+0x49a/0xa30 [ 451.277491][T12727] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 451.277536][T12727] ? __pfx___mutex_lock+0x10/0x10 [ 451.277580][T12727] ? __pfx___might_resched+0x10/0x10 [ 451.277618][T12727] ? get_pid_task+0xfc/0x250 [ 451.277655][T12727] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 451.277699][T12727] snd_pcm_oss_write+0x4bb/0xa30 [ 451.277740][T12727] ? bpf_lsm_file_permission+0x9/0x10 [ 451.277779][T12727] ? security_file_permission+0x76/0x210 [ 451.277851][T12727] vfs_write+0x2aa/0x1070 [ 451.277892][T12727] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 451.277936][T12727] ? __pfx_vfs_write+0x10/0x10 [ 451.277971][T12727] ? find_held_lock+0x2b/0x80 [ 451.277995][T12727] ? __fget_files+0x215/0x3d0 [ 451.278032][T12727] ? __fget_files+0x215/0x3d0 [ 451.278077][T12727] ? __fget_files+0x21f/0x3d0 [ 451.278127][T12727] ksys_write+0x12a/0x250 [ 451.278165][T12727] ? __pfx_ksys_write+0x10/0x10 [ 451.278214][T12727] do_syscall_64+0x106/0xf80 [ 451.278242][T12727] ? clear_bhb_loop+0x40/0x90 [ 451.278275][T12727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 451.278303][T12727] RIP: 0033:0x7f2461f9c799 [ 451.278326][T12727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 451.278352][T12727] RSP: 002b:00007f2462d79028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 451.278378][T12727] RAX: ffffffffffffffda RBX: 00007f2462216090 RCX: 00007f2461f9c799 [ 451.278397][T12727] RDX: 000000007fffffff RSI: 0000000000000000 RDI: 0000000000000003 [ 451.278414][T12727] RBP: 00007f2462d79090 R08: 0000000000000000 R09: 0000000000000000 [ 451.278432][T12727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 451.278448][T12727] R13: 00007f2462216128 R14: 00007f2462216090 R15: 00007ffcdffc2288 [ 451.278485][T12727] [ 451.563168][T12720] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 451.616934][T12708] CPU: 1 UID: 0 PID: 12708 Comm: syz.2.1734 Tainted: G L syzkaller #0 PREEMPT(full) [ 451.616985][T12708] Tainted: [L]=SOFTLOCKUP [ 451.616996][T12708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 451.617012][T12708] Call Trace: [ 451.617022][T12708] [ 451.617033][T12708] dump_stack_lvl+0x100/0x190 [ 451.617083][T12708] should_fail_ex.cold+0x5/0xa [ 451.617118][T12708] should_failslab+0xc2/0x120 [ 451.617147][T12708] __kmalloc_cache_noprof+0x7a/0x6f0 [ 451.617183][T12708] ? snd_seq_timer_new+0x44/0x1b0 [ 451.617227][T12708] snd_seq_timer_new+0x44/0x1b0 [ 451.617263][T12708] snd_seq_queue_alloc+0x177/0x590 [ 451.617317][T12708] snd_seq_ioctl_create_queue+0xa9/0x370 [ 451.617358][T12708] call_seq_client_ctl+0xa3/0x130 [ 451.617399][T12708] snd_seq_kernel_client_ctl+0x77/0xd0 [ 451.617441][T12708] alloc_seq_queue+0xdb/0x180 [ 451.617480][T12708] ? __pfx_alloc_seq_queue+0x10/0x10 [ 451.617541][T12708] ? mark_held_locks+0x40/0x70 [ 451.617577][T12708] ? _raw_spin_unlock_irq+0x23/0x50 [ 451.617608][T12708] ? lockdep_hardirqs_on+0x78/0x100 [ 451.617645][T12708] snd_seq_oss_open+0x2b2/0xa10 [ 451.617693][T12708] odev_open+0x79/0xc0 [ 451.617729][T12708] ? __pfx_odev_open+0x10/0x10 [ 451.617765][T12708] soundcore_open+0x2e3/0x5a0 [ 451.617829][T12708] ? __pfx_soundcore_open+0x10/0x10 [ 451.617874][T12708] chrdev_open+0x234/0x6a0 [ 451.617902][T12708] ? __pfx_apparmor_file_open+0x10/0x10 [ 451.617943][T12708] ? __pfx_chrdev_open+0x10/0x10 [ 451.617977][T12708] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 451.618034][T12708] do_dentry_open+0x6d8/0x1660 [ 451.618079][T12708] ? __pfx_chrdev_open+0x10/0x10 [ 451.618117][T12708] vfs_open+0x82/0x3f0 [ 451.618157][T12708] path_openat+0x208c/0x31a0 [ 451.618199][T12708] ? __pfx_path_openat+0x10/0x10 [ 451.618242][T12708] do_file_open+0x20e/0x430 [ 451.618274][T12708] ? __pfx_do_file_open+0x10/0x10 [ 451.618331][T12708] ? alloc_fd+0x476/0x790 [ 451.618381][T12708] ? do_getname+0x191/0x390 [ 451.618418][T12708] do_sys_openat2+0x10d/0x1e0 [ 451.618456][T12708] ? __pfx_do_sys_openat2+0x10/0x10 [ 451.618495][T12708] ? __fget_files+0x21f/0x3d0 [ 451.618548][T12708] __x64_sys_openat+0x12d/0x210 [ 451.618586][T12708] ? __pfx___x64_sys_openat+0x10/0x10 [ 451.618638][T12708] do_syscall_64+0x106/0xf80 [ 451.618670][T12708] ? clear_bhb_loop+0x40/0x90 [ 451.618707][T12708] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 451.618738][T12708] RIP: 0033:0x7f0a9b19c799 [ 451.618763][T12708] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 451.618792][T12708] RSP: 002b:00007f0a9c023028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 451.618822][T12708] RAX: ffffffffffffffda RBX: 00007f0a9b415fa0 RCX: 00007f0a9b19c799 [ 451.618849][T12708] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 451.618869][T12708] RBP: 00007f0a9b232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 451.618887][T12708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 451.618905][T12708] R13: 00007f0a9b416038 R14: 00007f0a9b415fa0 R15: 00007ffc347cdfe8 [ 451.618944][T12708] [ 452.906585][T12764] FAULT_INJECTION: forcing a failure. [ 452.906585][T12764] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 452.921017][T12764] CPU: 1 UID: 0 PID: 12764 Comm: syz.1.1750 Tainted: G L syzkaller #0 PREEMPT(full) [ 452.921057][T12764] Tainted: [L]=SOFTLOCKUP [ 452.921067][T12764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 452.921082][T12764] Call Trace: [ 452.921092][T12764] [ 452.921102][T12764] dump_stack_lvl+0x100/0x190 [ 452.921146][T12764] should_fail_ex.cold+0x5/0xa [ 452.921177][T12764] _copy_from_user+0x2e/0xd0 [ 452.921215][T12764] user_termio_to_kernel_termios+0x97/0x250 [ 452.921259][T12764] ? __pfx_user_termio_to_kernel_termios+0x10/0x10 [ 452.921297][T12764] ? set_termios+0x1e1/0x880 [ 452.921341][T12764] set_termios+0x5b3/0x880 [ 452.921383][T12764] ? __pfx_set_termios+0x10/0x10 [ 452.921425][T12764] ? __lock_acquire+0x4a5/0x2630 [ 452.921477][T12764] tty_mode_ioctl+0x7fd/0xd40 [ 452.921519][T12764] ? __pfx_tty_mode_ioctl+0x10/0x10 [ 452.921572][T12764] ? __pfx___ldsem_down_read_nested+0x10/0x10 [ 452.921618][T12764] ? __pfx_n_tty_ioctl+0x10/0x10 [ 452.921651][T12764] n_tty_ioctl_helper+0x47/0x2b0 [ 452.921694][T12764] n_tty_ioctl+0x53/0x370 [ 452.921728][T12764] ? __pfx_uart_ioctl+0x10/0x10 [ 452.921766][T12764] ? __pfx_n_tty_ioctl+0x10/0x10 [ 452.921801][T12764] tty_ioctl+0x1204/0x1690 [ 452.921835][T12764] ? __pfx_tty_ioctl+0x10/0x10 [ 452.921878][T12764] ? find_held_lock+0x2b/0x80 [ 452.921903][T12764] ? __fget_files+0x215/0x3d0 [ 452.921959][T12764] ? hook_file_ioctl_common+0x146/0x410 [ 452.922010][T12764] ? __fget_files+0x21f/0x3d0 [ 452.922072][T12764] ? __pfx_tty_ioctl+0x10/0x10 [ 452.922106][T12764] __x64_sys_ioctl+0x18e/0x210 [ 452.922146][T12764] do_syscall_64+0x106/0xf80 [ 452.922176][T12764] ? clear_bhb_loop+0x40/0x90 [ 452.922212][T12764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.922241][T12764] RIP: 0033:0x7f2461f9c799 [ 452.922265][T12764] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 452.922293][T12764] RSP: 002b:00007f2462d9a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 452.922320][T12764] RAX: ffffffffffffffda RBX: 00007f2462215fa0 RCX: 00007f2461f9c799 [ 452.922339][T12764] RDX: 0000000000000000 RSI: 0000000000005408 RDI: 0000000000000003 [ 452.922356][T12764] RBP: 00007f2462d9a090 R08: 0000000000000000 R09: 0000000000000000 [ 452.922374][T12764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 452.922391][T12764] R13: 00007f2462216038 R14: 00007f2462215fa0 R15: 00007ffcdffc2288 [ 452.922430][T12764] [ 453.245731][T12766] FAULT_INJECTION: forcing a failure. [ 453.245731][T12766] name failslab, interval 1, probability 0, space 0, times 0 [ 453.311961][T12766] CPU: 0 UID: 0 PID: 12766 Comm: syz.0.1752 Tainted: G L syzkaller #0 PREEMPT(full) [ 453.312006][T12766] Tainted: [L]=SOFTLOCKUP [ 453.312017][T12766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 453.312034][T12766] Call Trace: [ 453.312043][T12766] [ 453.312054][T12766] dump_stack_lvl+0x100/0x190 [ 453.312101][T12766] should_fail_ex.cold+0x5/0xa [ 453.312134][T12766] should_failslab+0xc2/0x120 [ 453.312162][T12766] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 453.312201][T12766] ? __pmd_alloc+0xbf/0x9c0 [ 453.312238][T12766] __pmd_alloc+0xbf/0x9c0 [ 453.312271][T12766] __handle_mm_fault+0xa99/0x2b60 [ 453.312312][T12766] ? mt_find+0x45e/0x8e0 [ 453.312347][T12766] ? __pfx___handle_mm_fault+0x10/0x10 [ 453.312380][T12766] ? __pfx_mt_find+0x10/0x10 [ 453.312433][T12766] ? find_vma+0xbf/0x140 [ 453.312473][T12766] ? __pfx_find_vma+0x10/0x10 [ 453.312518][T12766] handle_mm_fault+0x36d/0xa20 [ 453.312560][T12766] do_user_addr_fault+0x74c/0x12f0 [ 453.312615][T12766] exc_page_fault+0x6f/0xd0 [ 453.312646][T12766] asm_exc_page_fault+0x26/0x30 [ 453.312674][T12766] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 453.312714][T12766] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 453.312740][T12766] RSP: 0018:ffffc90005a0fe38 EFLAGS: 00050202 [ 453.312764][T12766] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000000c [ 453.312780][T12766] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90005a0fe90 [ 453.312798][T12766] RBP: 000000000000000c R08: 0000000000000001 R09: fffff52000b41fd3 [ 453.312816][T12766] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 453.312832][T12766] R13: ffffc90005a0fe90 R14: 0000000000000001 R15: 0000000000000004 [ 453.312869][T12766] _copy_from_user+0x98/0xd0 [ 453.312913][T12766] __x64_sys_epoll_ctl+0x131/0x1e0 [ 453.312943][T12766] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 453.312990][T12766] do_syscall_64+0x106/0xf80 [ 453.313020][T12766] ? clear_bhb_loop+0x40/0x90 [ 453.313054][T12766] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.313084][T12766] RIP: 0033:0x7feda599c799 [ 453.313107][T12766] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 453.313134][T12766] RSP: 002b:00007feda693b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 453.313159][T12766] RAX: ffffffffffffffda RBX: 00007feda5c15fa0 RCX: 00007feda599c799 [ 453.313178][T12766] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004 [ 453.313195][T12766] RBP: 00007feda693b090 R08: 0000000000000000 R09: 0000000000000000 [ 453.313211][T12766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 453.313228][T12766] R13: 00007feda5c16038 R14: 00007feda5c15fa0 R15: 00007ffd7cadcb18 [ 453.313266][T12766] [ 453.329859][T12769] FAULT_INJECTION: forcing a failure. [ 453.329859][T12769] name failslab, interval 1, probability 0, space 0, times 0 [ 453.646938][T12769] CPU: 0 UID: 0 PID: 12769 Comm: syz.1.1753 Tainted: G L syzkaller #0 PREEMPT(full) [ 453.646964][T12769] Tainted: [L]=SOFTLOCKUP [ 453.646969][T12769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 453.646979][T12769] Call Trace: [ 453.646985][T12769] [ 453.646991][T12769] dump_stack_lvl+0x100/0x190 [ 453.647017][T12769] should_fail_ex.cold+0x5/0xa [ 453.647034][T12769] should_failslab+0xc2/0x120 [ 453.647049][T12769] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 453.647071][T12769] ? __alloc_skb+0x140/0x710 [ 453.647089][T12769] __alloc_skb+0x140/0x710 [ 453.647105][T12769] ? __pfx___alloc_skb+0x10/0x10 [ 453.647122][T12769] ? tcp_send_mss+0x1ae/0x2a0 [ 453.647143][T12769] mptcp_sendmsg_frag+0x7d7/0x2e40 [ 453.647172][T12769] ? __pfx_mptcp_sendmsg_frag+0x10/0x10 [ 453.647198][T12769] __subflow_push_pending+0x34a/0xba0 [ 453.647229][T12769] __mptcp_push_pending+0x2cc/0x540 [ 453.647248][T12769] ? __pfx___mptcp_push_pending+0x10/0x10 [ 453.647271][T12769] mptcp_sendmsg+0x17d1/0x1e40 [ 453.647295][T12769] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 453.647315][T12769] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 453.647330][T12769] inet_sendmsg+0x11c/0x140 [ 453.647352][T12769] sock_write_iter+0x509/0x610 [ 453.647373][T12769] ? __pfx_sock_write_iter+0x10/0x10 [ 453.647400][T12769] ? bpf_lsm_file_permission+0x9/0x10 [ 453.647421][T12769] ? security_file_permission+0x76/0x210 [ 453.647446][T12769] ? rw_verify_area+0xce/0x6d0 [ 453.647467][T12769] vfs_write+0x6ac/0x1070 [ 453.647488][T12769] ? __pfx_sock_write_iter+0x10/0x10 [ 453.647510][T12769] ? __pfx_vfs_write+0x10/0x10 [ 453.647529][T12769] ? find_held_lock+0x2b/0x80 [ 453.647556][T12769] ksys_write+0x1f8/0x250 [ 453.647580][T12769] ? __pfx_ksys_write+0x10/0x10 [ 453.647607][T12769] do_syscall_64+0x106/0xf80 [ 453.647627][T12769] ? clear_bhb_loop+0x40/0x90 [ 453.647645][T12769] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.647661][T12769] RIP: 0033:0x7f2461f9c799 [ 453.647674][T12769] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 453.647688][T12769] RSP: 002b:00007f2462d9a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 453.647704][T12769] RAX: ffffffffffffffda RBX: 00007f2462215fa0 RCX: 00007f2461f9c799 [ 453.647714][T12769] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000003 [ 453.647722][T12769] RBP: 00007f2462d9a090 R08: 0000000000000000 R09: 0000000000000000 [ 453.647731][T12769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 453.647740][T12769] R13: 00007f2462216038 R14: 00007f2462215fa0 R15: 00007ffcdffc2288 [ 453.647760][T12769] [ 454.453028][T12792] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 454.544704][T12792] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 454.602557][T12792] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 454.690022][T12792] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 454.989892][T12799] bridge0: port 4(team0) entered blocking state [ 454.997992][T12799] bridge0: port 4(team0) entered disabled state [ 455.004620][T12799] team0: entered allmulticast mode [ 455.061843][T12799] team_slave_1: entered allmulticast mode [ 455.072300][T12799] team0: entered promiscuous mode [ 455.172327][T12799] team_slave_1: entered promiscuous mode [ 455.193958][T12799] bridge0: port 4(team0) entered blocking state [ 455.200484][T12799] bridge0: port 4(team0) entered forwarding state [ 455.453393][T12823] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 455.535310][T12823] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 455.591459][T12823] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 455.632986][T12823] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 455.765469][T12834] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 455.860594][T12834] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 455.884630][T12834] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 455.940383][T12834] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 455.985907][T12838] misc userio: The device must be registered before sending interrupts [ 456.776604][T12857] serio: Serial port ttyS0 [ 457.487048][T12877] zswap: compressor not available [ 457.518454][T12875] FAULT_INJECTION: forcing a failure. [ 457.518454][T12875] name failslab, interval 1, probability 0, space 0, times 0 [ 457.536190][T12875] CPU: 1 UID: 0 PID: 12875 Comm: syz.0.1774 Tainted: G L syzkaller #0 PREEMPT(full) [ 457.536249][T12875] Tainted: [L]=SOFTLOCKUP [ 457.536260][T12875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 457.536276][T12875] Call Trace: [ 457.536285][T12875] [ 457.536296][T12875] dump_stack_lvl+0x100/0x190 [ 457.536343][T12875] should_fail_ex.cold+0x5/0xa [ 457.536375][T12875] should_failslab+0xc2/0x120 [ 457.536404][T12875] __kmalloc_cache_noprof+0x7a/0x6f0 [ 457.536439][T12875] ? snd_timer_instance_new+0x47/0x2e0 [ 457.536491][T12875] snd_timer_instance_new+0x47/0x2e0 [ 457.536535][T12875] snd_seq_timer_open+0x1d4/0x600 [ 457.536571][T12875] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 457.536614][T12875] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 457.536644][T12875] ? lockdep_hardirqs_on+0x78/0x100 [ 457.536675][T12875] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 457.536709][T12875] queue_use+0xdc/0x1f0 [ 457.536756][T12875] snd_seq_queue_alloc+0x2e5/0x590 [ 457.536805][T12875] snd_seq_ioctl_create_queue+0xa9/0x370 [ 457.536842][T12875] call_seq_client_ctl+0xa3/0x130 [ 457.536881][T12875] snd_seq_kernel_client_ctl+0x77/0xd0 [ 457.536918][T12875] alloc_seq_queue+0xdb/0x180 [ 457.536953][T12875] ? __pfx_alloc_seq_queue+0x10/0x10 [ 457.537010][T12875] ? mark_held_locks+0x40/0x70 [ 457.537045][T12875] ? _raw_spin_unlock_irq+0x23/0x50 [ 457.537071][T12875] ? lockdep_hardirqs_on+0x78/0x100 [ 457.537106][T12875] snd_seq_oss_open+0x2b2/0xa10 [ 457.537153][T12875] odev_open+0x79/0xc0 [ 457.537214][T12875] ? __pfx_odev_open+0x10/0x10 [ 457.537251][T12875] soundcore_open+0x2e3/0x5a0 [ 457.537294][T12875] ? __pfx_soundcore_open+0x10/0x10 [ 457.537332][T12875] chrdev_open+0x234/0x6a0 [ 457.537356][T12875] ? __pfx_apparmor_file_open+0x10/0x10 [ 457.537392][T12875] ? __pfx_chrdev_open+0x10/0x10 [ 457.537419][T12875] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 457.537474][T12875] do_dentry_open+0x6d8/0x1660 [ 457.537517][T12875] ? __pfx_chrdev_open+0x10/0x10 [ 457.537554][T12875] vfs_open+0x82/0x3f0 [ 457.537592][T12875] path_openat+0x208c/0x31a0 [ 457.537632][T12875] ? __pfx_path_openat+0x10/0x10 [ 457.537674][T12875] do_file_open+0x20e/0x430 [ 457.537705][T12875] ? __pfx_do_file_open+0x10/0x10 [ 457.537760][T12875] ? alloc_fd+0x476/0x790 [ 457.537808][T12875] ? do_getname+0x191/0x390 [ 457.537845][T12875] do_sys_openat2+0x10d/0x1e0 [ 457.537880][T12875] ? __pfx_do_sys_openat2+0x10/0x10 [ 457.537918][T12875] ? __fget_files+0x21f/0x3d0 [ 457.537967][T12875] __x64_sys_openat+0x12d/0x210 [ 457.538003][T12875] ? __pfx___x64_sys_openat+0x10/0x10 [ 457.538054][T12875] do_syscall_64+0x106/0xf80 [ 457.538085][T12875] ? clear_bhb_loop+0x40/0x90 [ 457.538121][T12875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.538151][T12875] RIP: 0033:0x7feda599c799 [ 457.538176][T12875] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 457.538205][T12875] RSP: 002b:00007feda693b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 457.538243][T12875] RAX: ffffffffffffffda RBX: 00007feda5c15fa0 RCX: 00007feda599c799 [ 457.538263][T12875] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 457.538282][T12875] RBP: 00007feda5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 457.538301][T12875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 457.538319][T12875] R13: 00007feda5c16038 R14: 00007feda5c15fa0 R15: 00007ffd7cadcb18 [ 457.538357][T12875] [ 457.931150][T12889] netlink: 222 bytes leftover after parsing attributes in process `syz.3.1776'. [ 458.187928][T12895] ubi0: attaching mtd0 [ 458.213475][T12895] ubi0: scanning is finished [ 458.268866][T12895] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 458.924736][T12895] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 459.994812][T12957] FAULT_INJECTION: forcing a failure. [ 459.994812][T12957] name failslab, interval 1, probability 0, space 0, times 0 [ 460.040912][T12957] CPU: 1 UID: 0 PID: 12957 Comm: syz.2.1798 Tainted: G L syzkaller #0 PREEMPT(full) [ 460.040956][T12957] Tainted: [L]=SOFTLOCKUP [ 460.040965][T12957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 460.040981][T12957] Call Trace: [ 460.040991][T12957] [ 460.041002][T12957] dump_stack_lvl+0x100/0x190 [ 460.041048][T12957] should_fail_ex.cold+0x5/0xa [ 460.041082][T12957] should_failslab+0xc2/0x120 [ 460.041110][T12957] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 460.041149][T12957] ? alloc_empty_file+0x55/0x1c0 [ 460.041190][T12957] ? __pfx_stack_trace_save+0x10/0x10 [ 460.041223][T12957] alloc_empty_file+0x55/0x1c0 [ 460.041257][T12957] path_openat+0xe8/0x31a0 [ 460.041282][T12957] ? kasan_save_stack+0x3f/0x50 [ 460.041321][T12957] ? kasan_save_stack+0x30/0x50 [ 460.041358][T12957] ? kasan_save_track+0x14/0x30 [ 460.041395][T12957] ? __kasan_slab_alloc+0x89/0x90 [ 460.041435][T12957] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 460.041472][T12957] ? do_getname+0x35/0x390 [ 460.041501][T12957] ? do_sys_openat2+0xc5/0x1e0 [ 460.041535][T12957] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.041569][T12957] ? __pfx_path_openat+0x10/0x10 [ 460.041610][T12957] do_file_open+0x20e/0x430 [ 460.041640][T12957] ? __pfx_do_file_open+0x10/0x10 [ 460.041691][T12957] ? alloc_fd+0x476/0x790 [ 460.041736][T12957] ? do_getname+0x191/0x390 [ 460.041771][T12957] do_sys_openat2+0x10d/0x1e0 [ 460.041806][T12957] ? __pfx_do_sys_openat2+0x10/0x10 [ 460.041838][T12957] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 460.041878][T12957] ? __fget_files+0x21f/0x3d0 [ 460.041921][T12957] __x64_sys_openat+0x12d/0x210 [ 460.041950][T12957] ? __pfx___x64_sys_openat+0x10/0x10 [ 460.041983][T12957] ? ksys_write+0x1ac/0x250 [ 460.042037][T12957] do_syscall_64+0x106/0xf80 [ 460.042067][T12957] ? clear_bhb_loop+0x40/0x90 [ 460.042102][T12957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.042132][T12957] RIP: 0033:0x7f0a9b19c799 [ 460.042170][T12957] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 460.042199][T12957] RSP: 002b:00007f0a9c023028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 460.042227][T12957] RAX: ffffffffffffffda RBX: 00007f0a9b415fa0 RCX: 00007f0a9b19c799 [ 460.042247][T12957] RDX: 00000000000a2001 RSI: 0000200000000380 RDI: ffffffffffffff9c [ 460.042266][T12957] RBP: 00007f0a9c023090 R08: 0000000000000000 R09: 0000000000000000 [ 460.042285][T12957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 460.042303][T12957] R13: 00007f0a9b416038 R14: 00007f0a9b415fa0 R15: 00007ffc347cdfe8 [ 460.042342][T12957] [ 460.407238][T12965] FAULT_INJECTION: forcing a failure. [ 460.407238][T12965] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 460.513733][T12965] CPU: 0 UID: 0 PID: 12965 Comm: syz.1.1800 Tainted: G L syzkaller #0 PREEMPT(full) [ 460.513781][T12965] Tainted: [L]=SOFTLOCKUP [ 460.513792][T12965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 460.513808][T12965] Call Trace: [ 460.513817][T12965] [ 460.513828][T12965] dump_stack_lvl+0x100/0x190 [ 460.513873][T12965] should_fail_ex.cold+0x5/0xa [ 460.513906][T12965] _copy_to_user+0x32/0xd0 [ 460.513950][T12965] simple_read_from_buffer+0xcb/0x170 [ 460.513992][T12965] proc_fail_nth_read+0x1af/0x230 [ 460.514025][T12965] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 460.514058][T12965] ? rw_verify_area+0xce/0x6d0 [ 460.514094][T12965] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 460.514133][T12965] vfs_read+0x1e4/0xb30 [ 460.514177][T12965] ? __pfx_vfs_read+0x10/0x10 [ 460.514215][T12965] ? __fget_files+0x215/0x3d0 [ 460.514263][T12965] ? __fget_files+0x21f/0x3d0 [ 460.514313][T12965] ksys_read+0x12a/0x250 [ 460.514352][T12965] ? __pfx_ksys_read+0x10/0x10 [ 460.514402][T12965] do_syscall_64+0x106/0xf80 [ 460.514432][T12965] ? clear_bhb_loop+0x40/0x90 [ 460.514466][T12965] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.514493][T12965] RIP: 0033:0x7f2461f5cfce [ 460.514516][T12965] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 460.514542][T12965] RSP: 002b:00007f2462d99fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 460.514570][T12965] RAX: ffffffffffffffda RBX: 00007f2462d9a6c0 RCX: 00007f2461f5cfce [ 460.514589][T12965] RDX: 000000000000000f RSI: 00007f2462d9a0a0 RDI: 0000000000000004 [ 460.514607][T12965] RBP: 00007f2462d9a090 R08: 0000000000000000 R09: 0000000000000000 [ 460.514625][T12965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 460.514641][T12965] R13: 00007f2462216038 R14: 00007f2462215fa0 R15: 00007ffcdffc2288 [ 460.514679][T12965] [ 461.161686][T12973] FAULT_INJECTION: forcing a failure. [ 461.161686][T12973] name failslab, interval 1, probability 0, space 0, times 0 [ 461.187975][T12973] CPU: 1 UID: 0 PID: 12973 Comm: syz.1.1804 Tainted: G L syzkaller #0 PREEMPT(full) [ 461.188022][T12973] Tainted: [L]=SOFTLOCKUP [ 461.188034][T12973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 461.188052][T12973] Call Trace: [ 461.188062][T12973] [ 461.188073][T12973] dump_stack_lvl+0x100/0x190 [ 461.188130][T12973] should_fail_ex.cold+0x5/0xa [ 461.188165][T12973] should_failslab+0xc2/0x120 [ 461.188195][T12973] __kmalloc_cache_noprof+0x7a/0x6f0 [ 461.188231][T12973] ? snd_seq_timer_new+0x44/0x1b0 [ 461.188274][T12973] snd_seq_timer_new+0x44/0x1b0 [ 461.188309][T12973] snd_seq_queue_alloc+0x177/0x590 [ 461.188361][T12973] snd_seq_ioctl_create_queue+0xa9/0x370 [ 461.188401][T12973] call_seq_client_ctl+0xa3/0x130 [ 461.188441][T12973] snd_seq_kernel_client_ctl+0x77/0xd0 [ 461.188482][T12973] alloc_seq_queue+0xdb/0x180 [ 461.188522][T12973] ? __pfx_alloc_seq_queue+0x10/0x10 [ 461.188582][T12973] ? mark_held_locks+0x40/0x70 [ 461.188618][T12973] ? _raw_spin_unlock_irq+0x23/0x50 [ 461.188647][T12973] ? lockdep_hardirqs_on+0x78/0x100 [ 461.188685][T12973] snd_seq_oss_open+0x2b2/0xa10 [ 461.188733][T12973] odev_open+0x79/0xc0 [ 461.188768][T12973] ? __pfx_odev_open+0x10/0x10 [ 461.188804][T12973] soundcore_open+0x2e3/0x5a0 [ 461.188846][T12973] ? __pfx_soundcore_open+0x10/0x10 [ 461.188885][T12973] chrdev_open+0x234/0x6a0 [ 461.188911][T12973] ? __pfx_apparmor_file_open+0x10/0x10 [ 461.188951][T12973] ? __pfx_chrdev_open+0x10/0x10 [ 461.188981][T12973] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 461.189037][T12973] do_dentry_open+0x6d8/0x1660 [ 461.189081][T12973] ? __pfx_chrdev_open+0x10/0x10 [ 461.189124][T12973] vfs_open+0x82/0x3f0 [ 461.189164][T12973] path_openat+0x208c/0x31a0 [ 461.189205][T12973] ? __pfx_path_openat+0x10/0x10 [ 461.189248][T12973] do_file_open+0x20e/0x430 [ 461.189279][T12973] ? __pfx_do_file_open+0x10/0x10 [ 461.189342][T12973] ? alloc_fd+0x476/0x790 [ 461.189391][T12973] ? do_getname+0x191/0x390 [ 461.189428][T12973] do_sys_openat2+0x10d/0x1e0 [ 461.189464][T12973] ? __pfx_do_sys_openat2+0x10/0x10 [ 461.189502][T12973] ? __fget_files+0x21f/0x3d0 [ 461.189554][T12973] __x64_sys_openat+0x12d/0x210 [ 461.189591][T12973] ? __pfx___x64_sys_openat+0x10/0x10 [ 461.189642][T12973] do_syscall_64+0x106/0xf80 [ 461.189673][T12973] ? clear_bhb_loop+0x40/0x90 [ 461.189709][T12973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 461.189738][T12973] RIP: 0033:0x7f2461f9c799 [ 461.189761][T12973] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 461.189789][T12973] RSP: 002b:00007f2462d9a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 461.189815][T12973] RAX: ffffffffffffffda RBX: 00007f2462215fa0 RCX: 00007f2461f9c799 [ 461.189833][T12973] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 461.189851][T12973] RBP: 00007f2462032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 461.189868][T12973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 461.189886][T12973] R13: 00007f2462216038 R14: 00007f2462215fa0 R15: 00007ffcdffc2288 [ 461.189924][T12973] [ 461.553161][T12996] random: crng reseeded on system resumption [ 461.694417][T12999] kstrtoul() returned -22 for lu_gp_id [ 461.703169][ T30] audit: type=1800 audit(4294967501.600:28): pid=12999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1810" name="lu_gp_id" dev="configfs" ino=46834 res=0 errno=0 [ 461.776051][T12991] zswap: compressor not available [ 462.309955][T13021] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1818'. [ 462.451254][T13024] FAULT_INJECTION: forcing a failure. [ 462.451254][T13024] name failslab, interval 1, probability 0, space 0, times 0 [ 462.466992][T13024] CPU: 0 UID: 0 PID: 13024 Comm: syz.2.1819 Tainted: G L syzkaller #0 PREEMPT(full) [ 462.467027][T13024] Tainted: [L]=SOFTLOCKUP [ 462.467033][T13024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 462.467043][T13024] Call Trace: [ 462.467049][T13024] [ 462.467055][T13024] dump_stack_lvl+0x100/0x190 [ 462.467082][T13024] should_fail_ex.cold+0x5/0xa [ 462.467101][T13024] should_failslab+0xc2/0x120 [ 462.467116][T13024] __kmalloc_cache_noprof+0x7a/0x6f0 [ 462.467135][T13024] ? snd_seq_timer_new+0x44/0x1b0 [ 462.467157][T13024] snd_seq_timer_new+0x44/0x1b0 [ 462.467175][T13024] snd_seq_queue_alloc+0x177/0x590 [ 462.467202][T13024] snd_seq_ioctl_create_queue+0xa9/0x370 [ 462.467223][T13024] call_seq_client_ctl+0xa3/0x130 [ 462.467244][T13024] snd_seq_kernel_client_ctl+0x77/0xd0 [ 462.467265][T13024] alloc_seq_queue+0xdb/0x180 [ 462.467285][T13024] ? __pfx_alloc_seq_queue+0x10/0x10 [ 462.467315][T13024] ? mark_held_locks+0x40/0x70 [ 462.467332][T13024] ? _raw_spin_unlock_irq+0x23/0x50 [ 462.467347][T13024] ? lockdep_hardirqs_on+0x78/0x100 [ 462.467365][T13024] snd_seq_oss_open+0x2b2/0xa10 [ 462.467389][T13024] odev_open+0x79/0xc0 [ 462.467406][T13024] ? __pfx_odev_open+0x10/0x10 [ 462.467425][T13024] soundcore_open+0x2e3/0x5a0 [ 462.467447][T13024] ? __pfx_soundcore_open+0x10/0x10 [ 462.467466][T13024] chrdev_open+0x234/0x6a0 [ 462.467480][T13024] ? __pfx_apparmor_file_open+0x10/0x10 [ 462.467500][T13024] ? __pfx_chrdev_open+0x10/0x10 [ 462.467515][T13024] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 462.467543][T13024] do_dentry_open+0x6d8/0x1660 [ 462.467567][T13024] ? __pfx_chrdev_open+0x10/0x10 [ 462.467585][T13024] vfs_open+0x82/0x3f0 [ 462.467604][T13024] path_openat+0x208c/0x31a0 [ 462.467625][T13024] ? __pfx_path_openat+0x10/0x10 [ 462.467646][T13024] do_file_open+0x20e/0x430 [ 462.467662][T13024] ? __pfx_do_file_open+0x10/0x10 [ 462.467690][T13024] ? alloc_fd+0x476/0x790 [ 462.467714][T13024] ? do_getname+0x191/0x390 [ 462.467732][T13024] do_sys_openat2+0x10d/0x1e0 [ 462.467750][T13024] ? __pfx_do_sys_openat2+0x10/0x10 [ 462.467770][T13024] ? __fget_files+0x21f/0x3d0 [ 462.467795][T13024] __x64_sys_openat+0x12d/0x210 [ 462.467814][T13024] ? __pfx___x64_sys_openat+0x10/0x10 [ 462.467839][T13024] do_syscall_64+0x106/0xf80 [ 462.467855][T13024] ? clear_bhb_loop+0x40/0x90 [ 462.467873][T13024] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 462.467888][T13024] RIP: 0033:0x7f0a9b19c799 [ 462.467903][T13024] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 462.467918][T13024] RSP: 002b:00007f0a9c023028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 462.467933][T13024] RAX: ffffffffffffffda RBX: 00007f0a9b415fa0 RCX: 00007f0a9b19c799 [ 462.467943][T13024] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 462.467953][T13024] RBP: 00007f0a9b232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 462.467962][T13024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 462.467971][T13024] R13: 00007f0a9b416038 R14: 00007f0a9b415fa0 R15: 00007ffc347cdfe8 [ 462.467992][T13024] [ 463.098467][ T30] audit: type=1807 audit(4294967502.880:29): UNKNOWN=òÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿ [ 463.099062][ T30] audit: type=1802 audit(4294967502.890:30): pid=13017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.1815" res=0 errno=0 [ 463.248223][T13022] ima: policy update failed [ 463.286128][ T30] audit: type=1802 audit(4294967503.160:31): pid=13022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1815" res=0 errno=0 [ 463.492094][T13041] FAULT_INJECTION: forcing a failure. [ 463.492094][T13041] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 463.505723][T13041] CPU: 1 UID: 0 PID: 13041 Comm: syz.0.1825 Tainted: G L syzkaller #0 PREEMPT(full) [ 463.505766][T13041] Tainted: [L]=SOFTLOCKUP [ 463.505776][T13041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 463.505792][T13041] Call Trace: [ 463.505801][T13041] [ 463.505810][T13041] dump_stack_lvl+0x100/0x190 [ 463.505852][T13041] should_fail_ex.cold+0x5/0xa [ 463.505884][T13041] _copy_from_user+0x2e/0xd0 [ 463.505928][T13041] copy_msghdr_from_user+0x9f/0x4f0 [ 463.505968][T13041] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 463.506012][T13041] ? rcu_is_watching+0x12/0xc0 [ 463.506052][T13041] ? ___sys_recvmsg+0x177/0x1a0 [ 463.506088][T13041] ? kfree+0x2ec/0x6b0 [ 463.506126][T13041] ___sys_recvmsg+0xdd/0x1a0 [ 463.506166][T13041] ? __pfx____sys_recvmsg+0x10/0x10 [ 463.506224][T13041] ? __pfx___might_resched+0x10/0x10 [ 463.506271][T13041] do_recvmmsg+0x301/0x760 [ 463.506315][T13041] ? __pfx_do_recvmmsg+0x10/0x10 [ 463.506352][T13041] ? ksys_write+0x190/0x250 [ 463.506390][T13041] ? ksys_write+0x190/0x250 [ 463.506435][T13041] ? __mutex_unlock_slowpath+0x15c/0x790 [ 463.506479][T13041] ? __fget_files+0x21f/0x3d0 [ 463.506526][T13041] __x64_sys_recvmmsg+0x22a/0x280 [ 463.506559][T13041] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 463.506610][T13041] do_syscall_64+0x106/0xf80 [ 463.506640][T13041] ? clear_bhb_loop+0x40/0x90 [ 463.506675][T13041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.506703][T13041] RIP: 0033:0x7feda599c799 [ 463.506727][T13041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 463.506755][T13041] RSP: 002b:00007feda693b028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 463.506781][T13041] RAX: ffffffffffffffda RBX: 00007feda5c15fa0 RCX: 00007feda599c799 [ 463.506798][T13041] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 463.506814][T13041] RBP: 00007feda693b090 R08: 0000000000000000 R09: 0000000000000000 [ 463.506829][T13041] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000001 [ 463.506846][T13041] R13: 00007feda5c16038 R14: 00007feda5c15fa0 R15: 00007ffd7cadcb18 [ 463.506882][T13041] [ 463.806086][T13052] FAULT_INJECTION: forcing a failure. [ 463.806086][T13052] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 463.820127][T13052] CPU: 1 UID: 0 PID: 13052 Comm: syz.2.1829 Tainted: G L syzkaller #0 PREEMPT(full) [ 463.820170][T13052] Tainted: [L]=SOFTLOCKUP [ 463.820181][T13052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 463.820197][T13052] Call Trace: [ 463.820207][T13052] [ 463.820218][T13052] dump_stack_lvl+0x100/0x190 [ 463.820265][T13052] should_fail_ex.cold+0x5/0xa [ 463.820298][T13052] _copy_from_user+0x2e/0xd0 [ 463.820342][T13052] do_ip_setsockopt+0x2b8e/0x3200 [ 463.820387][T13052] ? __pfx_do_ip_setsockopt+0x10/0x10 [ 463.820430][T13052] ? aa_sk_perm+0x309/0xaa0 [ 463.820471][T13052] ? ksys_write+0x190/0x250 [ 463.820514][T13052] ? __pfx_aa_sk_perm+0x10/0x10 [ 463.820561][T13052] ip_setsockopt+0x5a/0xf0 [ 463.820601][T13052] udp_setsockopt+0x7d/0xd0 [ 463.820635][T13052] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 463.820677][T13052] do_sock_setsockopt+0xf3/0x1d0 [ 463.820719][T13052] __sys_setsockopt+0x119/0x190 [ 463.820757][T13052] __x64_sys_setsockopt+0xbd/0x160 [ 463.820786][T13052] ? do_syscall_64+0x95/0xf80 [ 463.820818][T13052] ? lockdep_hardirqs_on+0x78/0x100 [ 463.820856][T13052] do_syscall_64+0x106/0xf80 [ 463.820885][T13052] ? clear_bhb_loop+0x40/0x90 [ 463.820920][T13052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.820950][T13052] RIP: 0033:0x7f0a9b19c799 [ 463.820974][T13052] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 463.821002][T13052] RSP: 002b:00007f0a9c023028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 463.821030][T13052] RAX: ffffffffffffffda RBX: 00007f0a9b415fa0 RCX: 00007f0a9b19c799 [ 463.821049][T13052] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000000000003 [ 463.821067][T13052] RBP: 00007f0a9c023090 R08: 0000000000000bff R09: 0000000000000000 [ 463.821088][T13052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 463.821106][T13052] R13: 00007f0a9b416038 R14: 00007f0a9b415fa0 R15: 00007ffc347cdfe8 [ 463.821145][T13052] [ 464.397318][T13064] FAULT_INJECTION: forcing a failure. [ 464.397318][T13064] name failslab, interval 1, probability 0, space 0, times 0 [ 464.447049][T13064] CPU: 1 UID: 0 PID: 13064 Comm: syz.0.1831 Tainted: G L syzkaller #0 PREEMPT(full) [ 464.447097][T13064] Tainted: [L]=SOFTLOCKUP [ 464.447108][T13064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 464.447125][T13064] Call Trace: [ 464.447135][T13064] [ 464.447146][T13064] dump_stack_lvl+0x100/0x190 [ 464.447195][T13064] should_fail_ex.cold+0x5/0xa [ 464.447228][T13064] should_failslab+0xc2/0x120 [ 464.447256][T13064] __kmalloc_cache_noprof+0x7a/0x6f0 [ 464.447290][T13064] ? snd_seq_timer_new+0x44/0x1b0 [ 464.447329][T13064] snd_seq_timer_new+0x44/0x1b0 [ 464.447361][T13064] snd_seq_queue_alloc+0x177/0x590 [ 464.447409][T13064] snd_seq_ioctl_create_queue+0xa9/0x370 [ 464.447448][T13064] call_seq_client_ctl+0xa3/0x130 [ 464.447487][T13064] snd_seq_kernel_client_ctl+0x77/0xd0 [ 464.447528][T13064] alloc_seq_queue+0xdb/0x180 [ 464.447567][T13064] ? __pfx_alloc_seq_queue+0x10/0x10 [ 464.447626][T13064] ? mark_held_locks+0x40/0x70 [ 464.447662][T13064] ? _raw_spin_unlock_irq+0x23/0x50 [ 464.447691][T13064] ? lockdep_hardirqs_on+0x78/0x100 [ 464.447727][T13064] snd_seq_oss_open+0x2b2/0xa10 [ 464.447774][T13064] odev_open+0x79/0xc0 [ 464.447808][T13064] ? __pfx_odev_open+0x10/0x10 [ 464.447852][T13064] soundcore_open+0x2e3/0x5a0 [ 464.447896][T13064] ? __pfx_soundcore_open+0x10/0x10 [ 464.447934][T13064] chrdev_open+0x234/0x6a0 [ 464.447961][T13064] ? __pfx_apparmor_file_open+0x10/0x10 [ 464.448001][T13064] ? __pfx_chrdev_open+0x10/0x10 [ 464.448030][T13064] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 464.448104][T13064] do_dentry_open+0x6d8/0x1660 [ 464.448149][T13064] ? __pfx_chrdev_open+0x10/0x10 [ 464.448186][T13064] vfs_open+0x82/0x3f0 [ 464.448224][T13064] path_openat+0x208c/0x31a0 [ 464.448266][T13064] ? __pfx_path_openat+0x10/0x10 [ 464.448308][T13064] do_file_open+0x20e/0x430 [ 464.448339][T13064] ? __pfx_do_file_open+0x10/0x10 [ 464.448395][T13064] ? alloc_fd+0x476/0x790 [ 464.448442][T13064] ? do_getname+0x191/0x390 [ 464.448479][T13064] do_sys_openat2+0x10d/0x1e0 [ 464.448513][T13064] ? __pfx_do_sys_openat2+0x10/0x10 [ 464.448551][T13064] ? __fget_files+0x21f/0x3d0 [ 464.448601][T13064] __x64_sys_openat+0x12d/0x210 [ 464.448638][T13064] ? __pfx___x64_sys_openat+0x10/0x10 [ 464.448688][T13064] do_syscall_64+0x106/0xf80 [ 464.448719][T13064] ? clear_bhb_loop+0x40/0x90 [ 464.448755][T13064] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 464.448785][T13064] RIP: 0033:0x7feda599c799 [ 464.448809][T13064] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 464.448851][T13064] RSP: 002b:00007feda693b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 464.448880][T13064] RAX: ffffffffffffffda RBX: 00007feda5c15fa0 RCX: 00007feda599c799 [ 464.448899][T13064] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 464.448918][T13064] RBP: 00007feda5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 464.448936][T13064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 464.448954][T13064] R13: 00007feda5c16038 R14: 00007feda5c15fa0 R15: 00007ffd7cadcb18 [ 464.448993][T13064] [ 464.956559][T13068] FAULT_INJECTION: forcing a failure. [ 464.956559][T13068] name failslab, interval 1, probability 0, space 0, times 0 [ 464.993843][T13068] CPU: 0 UID: 0 PID: 13068 Comm: syz.2.1834 Tainted: G L syzkaller #0 PREEMPT(full) [ 464.993869][T13068] Tainted: [L]=SOFTLOCKUP [ 464.993874][T13068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 464.993884][T13068] Call Trace: [ 464.993889][T13068] [ 464.993895][T13068] dump_stack_lvl+0x100/0x190 [ 464.993921][T13068] should_fail_ex.cold+0x5/0xa [ 464.993940][T13068] should_failslab+0xc2/0x120 [ 464.993955][T13068] __kmalloc_cache_noprof+0x7a/0x6f0 [ 464.993974][T13068] ? vhost_task_create+0xee/0x370 [ 464.993997][T13068] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 464.994016][T13068] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 464.994036][T13068] vhost_task_create+0xee/0x370 [ 464.994057][T13068] ? __pfx_vhost_task_create+0x10/0x10 [ 464.994077][T13068] ? trace_contention_end+0x140/0x180 [ 464.994101][T13068] ? __pfx_vhost_task_fn+0x10/0x10 [ 464.994123][T13068] ? __pfx___mutex_lock+0x10/0x10 [ 464.994140][T13068] ? kasan_quarantine_put+0x104/0x240 [ 464.994159][T13068] ? lockdep_hardirqs_on+0x78/0x100 [ 464.994180][T13068] kvm_mmu_post_init_vm+0x1b3/0x370 [ 464.994197][T13068] kvm_arch_vcpu_ioctl_run+0x66/0x1830 [ 464.994212][T13068] ? kvm_vcpu_ioctl+0x155c/0x1730 [ 464.994236][T13068] kvm_vcpu_ioctl+0x730/0x1730 [ 464.994257][T13068] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 464.994276][T13068] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 464.994301][T13068] ? do_vfs_ioctl+0x226/0x13e0 [ 464.994321][T13068] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 464.994346][T13068] ? find_held_lock+0x2b/0x80 [ 464.994358][T13068] ? __fget_files+0x215/0x3d0 [ 464.994379][T13068] ? hook_file_ioctl_common+0x146/0x410 [ 464.994406][T13068] ? __fget_files+0x21f/0x3d0 [ 464.994432][T13068] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 464.994452][T13068] __x64_sys_ioctl+0x18e/0x210 [ 464.994473][T13068] do_syscall_64+0x106/0xf80 [ 464.994488][T13068] ? clear_bhb_loop+0x40/0x90 [ 464.994506][T13068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 464.994521][T13068] RIP: 0033:0x7f0a9b19c799 [ 464.994534][T13068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 464.994549][T13068] RSP: 002b:00007f0a9c023028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 464.994564][T13068] RAX: ffffffffffffffda RBX: 00007f0a9b415fa0 RCX: 00007f0a9b19c799 [ 464.994574][T13068] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000004 [ 464.994584][T13068] RBP: 00007f0a9c023090 R08: 0000000000000000 R09: 0000000000000000 [ 464.994597][T13068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 464.994605][T13068] R13: 00007f0a9b416038 R14: 00007f0a9b415fa0 R15: 00007ffc347cdfe8 [ 464.994625][T13068] [ 465.301335][T13074] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1835'. [ 465.310602][T13074] veth1_macvtap: entered allmulticast mode [ 467.160090][T13116] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1844'. [ 467.552798][T13125] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1847'. [ 467.669852][T13130] FAULT_INJECTION: forcing a failure. [ 467.669852][T13130] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 467.696894][T13130] CPU: 1 UID: 0 PID: 13130 Comm: syz.2.1848 Tainted: G L syzkaller #0 PREEMPT(full) [ 467.696938][T13130] Tainted: [L]=SOFTLOCKUP [ 467.696948][T13130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 467.696964][T13130] Call Trace: [ 467.696974][T13130] [ 467.696986][T13130] dump_stack_lvl+0x100/0x190 [ 467.697031][T13130] should_fail_ex.cold+0x5/0xa [ 467.697058][T13130] ? prepare_alloc_pages+0x16d/0x5f0 [ 467.697091][T13130] should_fail_alloc_page+0xeb/0x140 [ 467.697122][T13130] prepare_alloc_pages+0x1f0/0x5f0 [ 467.697158][T13130] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 467.697200][T13130] ? process_measurement+0x4c8/0x2350 [ 467.697251][T13130] ? up_write+0x290/0x4f0 [ 467.697294][T13130] ? process_measurement+0x1f4/0x2350 [ 467.697329][T13130] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 467.697375][T13130] ? __lock_acquire+0x4a5/0x2630 [ 467.697417][T13130] ? __lock_acquire+0x4a5/0x2630 [ 467.697458][T13130] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 467.697502][T13130] ? policy_nodemask+0xed/0x4f0 [ 467.697533][T13130] alloc_pages_mpol+0x1fb/0x550 [ 467.697563][T13130] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 467.697601][T13130] alloc_pages_noprof+0x131/0x390 [ 467.697632][T13130] __pmd_alloc+0x3b/0x9c0 [ 467.697666][T13130] __handle_mm_fault+0xa99/0x2b60 [ 467.697707][T13130] ? mt_find+0x45e/0x8e0 [ 467.697742][T13130] ? __pfx___handle_mm_fault+0x10/0x10 [ 467.697775][T13130] ? __pfx_mt_find+0x10/0x10 [ 467.697830][T13130] ? find_vma+0xbf/0x140 [ 467.697870][T13130] ? __pfx_find_vma+0x10/0x10 [ 467.697915][T13130] handle_mm_fault+0x36d/0xa20 [ 467.697958][T13130] do_user_addr_fault+0x74c/0x12f0 [ 467.698013][T13130] exc_page_fault+0x6f/0xd0 [ 467.698044][T13130] asm_exc_page_fault+0x26/0x30 [ 467.698071][T13130] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 467.698110][T13130] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 467.698136][T13130] RSP: 0018:ffffc90006b27cf0 EFLAGS: 00050246 [ 467.698159][T13130] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000008 [ 467.698176][T13130] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff88803781b5c0 [ 467.698193][T13130] RBP: 0000000000000008 R08: 0000000000000001 R09: ffffed1006f036b8 [ 467.698210][T13130] R10: ffff88803781b5c7 R11: 0000000000000000 R12: 0000000000000000 [ 467.698234][T13130] R13: ffff88803781b5c0 R14: 0000000000000008 R15: 0000000000000008 [ 467.698270][T13130] _copy_from_user+0x98/0xd0 [ 467.698313][T13130] sctp_setsockopt+0x8cc/0xb370 [ 467.698353][T13130] ? __pfx_aa_sk_perm+0x10/0x10 [ 467.698398][T13130] ? __pfx_sctp_setsockopt+0x10/0x10 [ 467.698440][T13130] ? aa_sock_opt_perm+0xfe/0x1b0 [ 467.698472][T13130] ? sock_common_setsockopt+0x2e/0xf0 [ 467.698508][T13130] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 467.698548][T13130] do_sock_setsockopt+0xf3/0x1d0 [ 467.698590][T13130] __sys_setsockopt+0x119/0x190 [ 467.698628][T13130] __x64_sys_setsockopt+0xbd/0x160 [ 467.698656][T13130] ? do_syscall_64+0x95/0xf80 [ 467.698684][T13130] ? lockdep_hardirqs_on+0x78/0x100 [ 467.698713][T13130] do_syscall_64+0x106/0xf80 [ 467.698740][T13130] ? clear_bhb_loop+0x40/0x90 [ 467.698771][T13130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.698799][T13130] RIP: 0033:0x7f0a9b19c799 [ 467.698821][T13130] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 467.698848][T13130] RSP: 002b:00007f0a9c002028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 467.698872][T13130] RAX: ffffffffffffffda RBX: 00007f0a9b416090 RCX: 00007f0a9b19c799 [ 467.698891][T13130] RDX: 0000000000000071 RSI: 0000010000000084 RDI: 0000000000000003 [ 467.698908][T13130] RBP: 00007f0a9c002090 R08: 0000000000000008 R09: 0000000000000000 [ 467.698925][T13130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 467.698942][T13130] R13: 00007f0a9b416128 R14: 00007f0a9b416090 R15: 00007ffc347cdfe8 [ 467.698976][T13130] [ 468.678318][T13143] FAULT_INJECTION: forcing a failure. [ 468.678318][T13143] name failslab, interval 1, probability 0, space 0, times 0 [ 468.698038][T13143] CPU: 1 UID: 0 PID: 13143 Comm: syz.0.1853 Tainted: G L syzkaller #0 PREEMPT(full) [ 468.698082][T13143] Tainted: [L]=SOFTLOCKUP [ 468.698093][T13143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 468.698110][T13143] Call Trace: [ 468.698120][T13143] [ 468.698131][T13143] dump_stack_lvl+0x100/0x190 [ 468.698178][T13143] should_fail_ex.cold+0x5/0xa [ 468.698211][T13143] should_failslab+0xc2/0x120 [ 468.698239][T13143] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 468.698277][T13143] ? __pmd_alloc+0xbf/0x9c0 [ 468.698320][T13143] __pmd_alloc+0xbf/0x9c0 [ 468.698353][T13143] __handle_mm_fault+0xa99/0x2b60 [ 468.698393][T13143] ? mt_find+0x45e/0x8e0 [ 468.698429][T13143] ? __pfx___handle_mm_fault+0x10/0x10 [ 468.698461][T13143] ? __pfx_mt_find+0x10/0x10 [ 468.698518][T13143] ? find_vma+0xbf/0x140 [ 468.698559][T13143] ? __pfx_find_vma+0x10/0x10 [ 468.698603][T13143] handle_mm_fault+0x36d/0xa20 [ 468.698646][T13143] do_user_addr_fault+0x74c/0x12f0 [ 468.698700][T13143] exc_page_fault+0x6f/0xd0 [ 468.698732][T13143] asm_exc_page_fault+0x26/0x30 [ 468.698759][T13143] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 468.698799][T13143] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 8f 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 468.698825][T13143] RSP: 0018:ffffc90005d378a8 EFLAGS: 00050202 [ 468.698848][T13143] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 00000000000000e4 [ 468.698865][T13143] RDX: 0000000000000001 RSI: ffff88802e5f8000 RDI: 0000000000000000 [ 468.698883][T13143] RBP: ffffc90005d37c50 R08: 0000000000000000 R09: ffffed1005cbf01c [ 468.698901][T13143] R10: ffff88802e5f80e3 R11: 0000000000000000 R12: 00000000000000e4 [ 468.698920][T13143] R13: 00007ffffffff000 R14: ffff88802e5f8000 R15: 00000000000000e4 [ 468.698958][T13143] _copy_to_iter+0x391/0x1720 [ 468.699003][T13143] ? __pfx___skb_try_recv_datagram+0x10/0x10 [ 468.699050][T13143] ? __pfx__copy_to_iter+0x10/0x10 [ 468.699088][T13143] ? is_bpf_text_address+0x94/0x1a0 [ 468.699134][T13143] ? __skb_recv_datagram+0x1b2/0x220 [ 468.699184][T13143] simple_copy_to_iter+0x46/0x90 [ 468.699226][T13143] __skb_datagram_iter+0x129/0x900 [ 468.699265][T13143] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 468.699316][T13143] ? skb_recv_datagram+0x88/0xc0 [ 468.699363][T13143] skb_copy_datagram_iter+0xa1/0x270 [ 468.699410][T13143] netlink_recvmsg+0x27e/0xa90 [ 468.699446][T13143] ? __pfx_netlink_recvmsg+0x10/0x10 [ 468.699486][T13143] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 468.699530][T13143] sock_recvmsg+0x1f9/0x250 [ 468.699570][T13143] sock_read_iter+0x2c6/0x3c0 [ 468.699608][T13143] ? __pfx_sock_read_iter+0x10/0x10 [ 468.699660][T13143] ? bpf_lsm_file_permission+0x9/0x10 [ 468.699700][T13143] ? security_file_permission+0x76/0x210 [ 468.699745][T13143] ? rw_verify_area+0xce/0x6d0 [ 468.699778][T13143] ? __pfx_sock_read_iter+0x10/0x10 [ 468.699813][T13143] vfs_read+0x957/0xb30 [ 468.699853][T13143] ? __pfx_vfs_read+0x10/0x10 [ 468.699885][T13143] ? find_held_lock+0x2b/0x80 [ 468.699945][T13143] ksys_read+0x1f8/0x250 [ 468.699984][T13143] ? __pfx_ksys_read+0x10/0x10 [ 468.700032][T13143] do_syscall_64+0x106/0xf80 [ 468.700061][T13143] ? clear_bhb_loop+0x40/0x90 [ 468.700093][T13143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.700118][T13143] RIP: 0033:0x7feda599c799 [ 468.700140][T13143] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 468.700167][T13143] RSP: 002b:00007feda691a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 468.700191][T13143] RAX: ffffffffffffffda RBX: 00007feda5c16090 RCX: 00007feda599c799 [ 468.700209][T13143] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000004 [ 468.700226][T13143] RBP: 00007feda691a090 R08: 0000000000000000 R09: 0000000000000000 [ 468.700242][T13143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 468.700259][T13143] R13: 00007feda5c16128 R14: 00007feda5c16090 R15: 00007ffd7cadcb18 [ 468.700298][T13143] [ 468.702604][T13142] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1852'. [ 468.837318][T13140] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1852'. [ 469.209634][T13148] bonding: no command found in bonding_masters - use +ifname or -ifname [ 469.772740][T13154] FAULT_INJECTION: forcing a failure. [ 469.772740][T13154] name failslab, interval 1, probability 0, space 0, times 0 [ 469.785713][T13154] CPU: 1 UID: 0 PID: 13154 Comm: syz.2.1856 Tainted: G L syzkaller #0 PREEMPT(full) [ 469.785763][T13154] Tainted: [L]=SOFTLOCKUP [ 469.785776][T13154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 469.785794][T13154] Call Trace: [ 469.785808][T13154] [ 469.785820][T13154] dump_stack_lvl+0x100/0x190 [ 469.785870][T13154] should_fail_ex.cold+0x5/0xa [ 469.785906][T13154] should_failslab+0xc2/0x120 [ 469.785936][T13154] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 469.785982][T13154] ? snd_timer_instance_new+0x65/0x2e0 [ 469.786036][T13154] kstrdup+0x51/0xe0 [ 469.786082][T13154] snd_timer_instance_new+0x65/0x2e0 [ 469.786128][T13154] snd_seq_timer_open+0x1d4/0x600 [ 469.786166][T13154] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 469.786213][T13154] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 469.786251][T13154] ? lockdep_hardirqs_on+0x78/0x100 [ 469.786286][T13154] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 469.786322][T13154] queue_use+0xdc/0x1f0 [ 469.786370][T13154] snd_seq_queue_alloc+0x2e5/0x590 [ 469.786424][T13154] snd_seq_ioctl_create_queue+0xa9/0x370 [ 469.786465][T13154] call_seq_client_ctl+0xa3/0x130 [ 469.786507][T13154] snd_seq_kernel_client_ctl+0x77/0xd0 [ 469.786549][T13154] alloc_seq_queue+0xdb/0x180 [ 469.786590][T13154] ? __pfx_alloc_seq_queue+0x10/0x10 [ 469.786652][T13154] ? mark_held_locks+0x40/0x70 [ 469.786689][T13154] ? _raw_spin_unlock_irq+0x23/0x50 [ 469.786717][T13154] ? lockdep_hardirqs_on+0x78/0x100 [ 469.786753][T13154] snd_seq_oss_open+0x2b2/0xa10 [ 469.786795][T13154] odev_open+0x79/0xc0 [ 469.786825][T13154] ? __pfx_odev_open+0x10/0x10 [ 469.786859][T13154] soundcore_open+0x2e3/0x5a0 [ 469.786901][T13154] ? __pfx_soundcore_open+0x10/0x10 [ 469.786940][T13154] chrdev_open+0x234/0x6a0 [ 469.786965][T13154] ? __pfx_apparmor_file_open+0x10/0x10 [ 469.787004][T13154] ? __pfx_chrdev_open+0x10/0x10 [ 469.787035][T13154] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 469.787093][T13154] do_dentry_open+0x6d8/0x1660 [ 469.787140][T13154] ? __pfx_chrdev_open+0x10/0x10 [ 469.787178][T13154] vfs_open+0x82/0x3f0 [ 469.787217][T13154] path_openat+0x208c/0x31a0 [ 469.787267][T13154] ? __pfx_path_openat+0x10/0x10 [ 469.787311][T13154] do_file_open+0x20e/0x430 [ 469.787343][T13154] ? __pfx_do_file_open+0x10/0x10 [ 469.787401][T13154] ? alloc_fd+0x476/0x790 [ 469.787452][T13154] ? do_getname+0x191/0x390 [ 469.787490][T13154] do_sys_openat2+0x10d/0x1e0 [ 469.787527][T13154] ? __pfx_do_sys_openat2+0x10/0x10 [ 469.787567][T13154] ? __fget_files+0x21f/0x3d0 [ 469.787618][T13154] __x64_sys_openat+0x12d/0x210 [ 469.787655][T13154] ? __pfx___x64_sys_openat+0x10/0x10 [ 469.787708][T13154] do_syscall_64+0x106/0xf80 [ 469.787739][T13154] ? clear_bhb_loop+0x40/0x90 [ 469.787771][T13154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 469.787799][T13154] RIP: 0033:0x7f0a9b19c799 [ 469.787822][T13154] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 469.787848][T13154] RSP: 002b:00007f0a9c023028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 469.787873][T13154] RAX: ffffffffffffffda RBX: 00007f0a9b415fa0 RCX: 00007f0a9b19c799 [ 469.787895][T13154] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 469.787914][T13154] RBP: 00007f0a9b232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 469.787933][T13154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 469.787952][T13154] R13: 00007f0a9b416038 R14: 00007f0a9b415fa0 R15: 00007ffc347cdfe8 [ 469.787992][T13154] [ 470.467969][T13163] FAULT_INJECTION: forcing a failure. [ 470.467969][T13163] name failslab, interval 1, probability 0, space 0, times 0 [ 470.526966][T13163] CPU: 0 UID: 0 PID: 13163 Comm: syz.1.1860 Tainted: G L syzkaller #0 PREEMPT(full) [ 470.526992][T13163] Tainted: [L]=SOFTLOCKUP [ 470.526998][T13163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 470.527008][T13163] Call Trace: [ 470.527014][T13163] [ 470.527020][T13163] dump_stack_lvl+0x100/0x190 [ 470.527045][T13163] should_fail_ex.cold+0x5/0xa [ 470.527063][T13163] ? create_ruleset+0x21/0x140 [ 470.527083][T13163] should_failslab+0xc2/0x120 [ 470.527097][T13163] __kmalloc_noprof+0xe0/0x850 [ 470.527121][T13163] create_ruleset+0x21/0x140 [ 470.527144][T13163] landlock_merge_ruleset+0xbb/0x830 [ 470.527165][T13163] ? prepare_creds+0x5ee/0x950 [ 470.527187][T13163] __do_sys_landlock_restrict_self+0x2a6/0x9e0 [ 470.527211][T13163] do_syscall_64+0x106/0xf80 [ 470.527227][T13163] ? clear_bhb_loop+0x40/0x90 [ 470.527253][T13163] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 470.527281][T13163] RIP: 0033:0x7f2461f9c799 [ 470.527303][T13163] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 470.527327][T13163] RSP: 002b:00007f2462d9a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 470.527343][T13163] RAX: ffffffffffffffda RBX: 00007f2462215fa0 RCX: 00007f2461f9c799 [ 470.527353][T13163] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 470.527361][T13163] RBP: 00007f2462d9a090 R08: 0000000000000000 R09: 0000000000000000 [ 470.527370][T13163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 470.527378][T13163] R13: 00007f2462216038 R14: 00007f2462215fa0 R15: 00007ffcdffc2288 [ 470.527398][T13163] [ 471.525151][T13183] zswap: compressor not available [ 471.537037][ T30] audit: type=1800 audit(4294967511.440:32): pid=13183 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1864" name="lu_gp_id" dev="configfs" ino=49487 res=0 errno=0 [ 471.537427][T13183] kstrtoul() returned -22 for lu_gp_id [ 471.821237][T13190] FAULT_INJECTION: forcing a failure. [ 471.821237][T13190] name failslab, interval 1, probability 0, space 0, times 0 [ 471.885234][T13190] CPU: 1 UID: 0 PID: 13190 Comm: syz.0.1865 Tainted: G L syzkaller #0 PREEMPT(full) [ 471.885267][T13190] Tainted: [L]=SOFTLOCKUP [ 471.885273][T13190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 471.885283][T13190] Call Trace: [ 471.885289][T13190] [ 471.885296][T13190] dump_stack_lvl+0x100/0x190 [ 471.885325][T13190] should_fail_ex.cold+0x5/0xa [ 471.885344][T13190] ? __register_sysctl_table+0xbe4/0x1650 [ 471.885367][T13190] should_failslab+0xc2/0x120 [ 471.885382][T13190] __kmalloc_noprof+0xe0/0x850 [ 471.885408][T13190] __register_sysctl_table+0xbe4/0x1650 [ 471.885434][T13190] ? __pfx___register_sysctl_table+0x10/0x10 [ 471.885456][T13190] ? is_module_address+0x69/0xf0 [ 471.885474][T13190] ? register_net_sysctl_sz+0x222/0x430 [ 471.885495][T13190] ? __asan_memcpy+0x3c/0x60 [ 471.885516][T13190] sctp_sysctl_net_register+0x15e/0x200 [ 471.885535][T13190] ? __pfx_sctp_defaults_init+0x10/0x10 [ 471.885552][T13190] sctp_defaults_init+0x6d2/0xd90 [ 471.885570][T13190] ? __pfx_sctp_defaults_init+0x10/0x10 [ 471.885587][T13190] ops_init+0x1e2/0x5f0 [ 471.885608][T13190] setup_net+0x118/0x3a0 [ 471.885626][T13190] ? __pfx_setup_net+0x10/0x10 [ 471.885642][T13190] ? lockdep_init_map_type+0x5c/0x250 [ 471.885662][T13190] ? mutex_init_lockep+0x110/0x150 [ 471.885684][T13190] copy_net_ns+0x46f/0x7c0 [ 471.885705][T13190] create_new_namespaces+0x3ea/0xac0 [ 471.885725][T13190] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 471.885751][T13190] ksys_unshare+0x473/0xad0 [ 471.885773][T13190] ? __pfx_ksys_unshare+0x10/0x10 [ 471.885798][T13190] __x64_sys_unshare+0x31/0x40 [ 471.885817][T13190] do_syscall_64+0x106/0xf80 [ 471.885834][T13190] ? clear_bhb_loop+0x40/0x90 [ 471.885852][T13190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 471.885868][T13190] RIP: 0033:0x7feda599c799 [ 471.885882][T13190] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 471.885898][T13190] RSP: 002b:00007feda693b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 471.885913][T13190] RAX: ffffffffffffffda RBX: 00007feda5c15fa0 RCX: 00007feda599c799 [ 471.885924][T13190] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 471.885934][T13190] RBP: 00007feda5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 471.885944][T13190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 471.885953][T13190] R13: 00007feda5c16038 R14: 00007feda5c15fa0 R15: 00007ffd7cadcb18 [ 471.885974][T13190] [ 471.885982][T13190] sysctl could not get directory: /net/sctp -12 [ 472.191499][T13199] can0: slcan on ttyS2. [ 472.249048][T13199] can0 (unregistered): slcan off ttyS2. [ 472.474084][T13202] FAULT_INJECTION: forcing a failure. [ 472.474084][T13202] name failslab, interval 1, probability 0, space 0, times 0 [ 472.523973][T13202] CPU: 1 UID: 0 PID: 13202 Comm: syz.1.1868 Tainted: G L syzkaller #0 PREEMPT(full) [ 472.524000][T13202] Tainted: [L]=SOFTLOCKUP [ 472.524006][T13202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 472.524016][T13202] Call Trace: [ 472.524022][T13202] [ 472.524028][T13202] dump_stack_lvl+0x100/0x190 [ 472.524056][T13202] should_fail_ex.cold+0x5/0xa [ 472.524075][T13202] should_failslab+0xc2/0x120 [ 472.524090][T13202] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 472.524113][T13202] ? snd_timer_instance_new+0x65/0x2e0 [ 472.524139][T13202] kstrdup+0x51/0xe0 [ 472.524162][T13202] snd_timer_instance_new+0x65/0x2e0 [ 472.524185][T13202] snd_seq_timer_open+0x1d4/0x600 [ 472.524204][T13202] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 472.524227][T13202] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 472.524243][T13202] ? lockdep_hardirqs_on+0x78/0x100 [ 472.524258][T13202] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 472.524278][T13202] queue_use+0xdc/0x1f0 [ 472.524303][T13202] snd_seq_queue_alloc+0x2e5/0x590 [ 472.524329][T13202] snd_seq_ioctl_create_queue+0xa9/0x370 [ 472.524349][T13202] call_seq_client_ctl+0xa3/0x130 [ 472.524369][T13202] snd_seq_kernel_client_ctl+0x77/0xd0 [ 472.524390][T13202] alloc_seq_queue+0xdb/0x180 [ 472.524410][T13202] ? __pfx_alloc_seq_queue+0x10/0x10 [ 472.524440][T13202] ? mark_held_locks+0x40/0x70 [ 472.524458][T13202] ? _raw_spin_unlock_irq+0x23/0x50 [ 472.524472][T13202] ? lockdep_hardirqs_on+0x78/0x100 [ 472.524490][T13202] snd_seq_oss_open+0x2b2/0xa10 [ 472.524514][T13202] odev_open+0x79/0xc0 [ 472.524531][T13202] ? __pfx_odev_open+0x10/0x10 [ 472.524550][T13202] soundcore_open+0x2e3/0x5a0 [ 472.524571][T13202] ? __pfx_soundcore_open+0x10/0x10 [ 472.524590][T13202] chrdev_open+0x234/0x6a0 [ 472.524603][T13202] ? __pfx_apparmor_file_open+0x10/0x10 [ 472.524631][T13202] ? __pfx_chrdev_open+0x10/0x10 [ 472.524647][T13202] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 472.524677][T13202] do_dentry_open+0x6d8/0x1660 [ 472.524699][T13202] ? __pfx_chrdev_open+0x10/0x10 [ 472.524718][T13202] vfs_open+0x82/0x3f0 [ 472.524737][T13202] path_openat+0x208c/0x31a0 [ 472.524758][T13202] ? __pfx_path_openat+0x10/0x10 [ 472.524779][T13202] do_file_open+0x20e/0x430 [ 472.524795][T13202] ? __pfx_do_file_open+0x10/0x10 [ 472.524823][T13202] ? alloc_fd+0x476/0x790 [ 472.524847][T13202] ? do_getname+0x191/0x390 [ 472.524865][T13202] do_sys_openat2+0x10d/0x1e0 [ 472.524883][T13202] ? __pfx_do_sys_openat2+0x10/0x10 [ 472.524903][T13202] ? __fget_files+0x21f/0x3d0 [ 472.524928][T13202] __x64_sys_openat+0x12d/0x210 [ 472.524946][T13202] ? __pfx___x64_sys_openat+0x10/0x10 [ 472.524971][T13202] do_syscall_64+0x106/0xf80 [ 472.524987][T13202] ? clear_bhb_loop+0x40/0x90 [ 472.525005][T13202] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 472.525020][T13202] RIP: 0033:0x7f2461f9c799 [ 472.525035][T13202] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 472.525049][T13202] RSP: 002b:00007f2462d9a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 472.525065][T13202] RAX: ffffffffffffffda RBX: 00007f2462215fa0 RCX: 00007f2461f9c799 [ 472.525075][T13202] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 472.525086][T13202] RBP: 00007f2462032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 472.525095][T13202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 472.525104][T13202] R13: 00007f2462216038 R14: 00007f2462215fa0 R15: 00007ffcdffc2288 [ 472.525124][T13202] [ 474.044953][T13236] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1872'. [ 474.101356][T13231] FAULT_INJECTION: forcing a failure. [ 474.101356][T13231] name failslab, interval 1, probability 0, space 0, times 0 [ 474.170336][T13231] CPU: 0 UID: 0 PID: 13231 Comm: syz.0.1874 Tainted: G L syzkaller #0 PREEMPT(full) [ 474.170382][T13231] Tainted: [L]=SOFTLOCKUP [ 474.170392][T13231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 474.170409][T13231] Call Trace: [ 474.170419][T13231] [ 474.170429][T13231] dump_stack_lvl+0x100/0x190 [ 474.170474][T13231] should_fail_ex.cold+0x5/0xa [ 474.170512][T13231] ? ops_init+0x77/0x5f0 [ 474.170542][T13231] should_failslab+0xc2/0x120 [ 474.170569][T13231] __kmalloc_noprof+0xe0/0x850 [ 474.170616][T13231] ops_init+0x77/0x5f0 [ 474.170652][T13231] setup_net+0x118/0x3a0 [ 474.170685][T13231] ? __pfx_setup_net+0x10/0x10 [ 474.170717][T13231] ? lockdep_init_map_type+0x5c/0x250 [ 474.170754][T13231] ? mutex_init_lockep+0x110/0x150 [ 474.170797][T13231] copy_net_ns+0x46f/0x7c0 [ 474.170836][T13231] create_new_namespaces+0x3ea/0xac0 [ 474.170874][T13231] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 474.170908][T13231] ksys_unshare+0x473/0xad0 [ 474.170944][T13231] ? __pfx_ksys_unshare+0x10/0x10 [ 474.170992][T13231] __x64_sys_unshare+0x31/0x40 [ 474.171025][T13231] do_syscall_64+0x106/0xf80 [ 474.171055][T13231] ? clear_bhb_loop+0x40/0x90 [ 474.171090][T13231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 474.171118][T13231] RIP: 0033:0x7feda599c799 [ 474.171141][T13231] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 474.171167][T13231] RSP: 002b:00007feda693b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 474.171194][T13231] RAX: ffffffffffffffda RBX: 00007feda5c15fa0 RCX: 00007feda599c799 [ 474.171213][T13231] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 474.171230][T13231] RBP: 00007feda5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 474.171247][T13231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 474.171263][T13231] R13: 00007feda5c16038 R14: 00007feda5c15fa0 R15: 00007ffd7cadcb18 [ 474.171302][T13231] [ 474.242436][T13242] FAULT_INJECTION: forcing a failure. [ 474.242436][T13242] name failslab, interval 1, probability 0, space 0, times 0 [ 474.450865][T13242] CPU: 0 UID: 0 PID: 13242 Comm: syz.1.1875 Tainted: G L syzkaller #0 PREEMPT(full) [ 474.450911][T13242] Tainted: [L]=SOFTLOCKUP [ 474.450922][T13242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 474.450940][T13242] Call Trace: [ 474.450950][T13242] [ 474.450961][T13242] dump_stack_lvl+0x100/0x190 [ 474.451009][T13242] should_fail_ex.cold+0x5/0xa [ 474.451042][T13242] ? __register_sysctl_table+0xac/0x1650 [ 474.451084][T13242] should_failslab+0xc2/0x120 [ 474.451113][T13242] __kmalloc_noprof+0xe0/0x850 [ 474.451161][T13242] __register_sysctl_table+0xac/0x1650 [ 474.451203][T13242] ? is_module_address+0x5f/0xf0 [ 474.451245][T13242] ? __pfx___register_sysctl_table+0x10/0x10 [ 474.451287][T13242] ? is_module_address+0x69/0xf0 [ 474.451321][T13242] ? register_net_sysctl_sz+0x222/0x430 [ 474.451367][T13242] nf_ct_net_init+0x249/0x370 [ 474.451410][T13242] ? __pfx_nf_ct_net_init+0x10/0x10 [ 474.451453][T13242] ops_init+0x1e2/0x5f0 [ 474.451491][T13242] setup_net+0x118/0x3a0 [ 474.451526][T13242] ? __pfx_setup_net+0x10/0x10 [ 474.451557][T13242] ? lockdep_init_map_type+0x5c/0x250 [ 474.451599][T13242] ? mutex_init_lockep+0x110/0x150 [ 474.451643][T13242] copy_net_ns+0x46f/0x7c0 [ 474.451684][T13242] create_new_namespaces+0x3ea/0xac0 [ 474.451723][T13242] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 474.451762][T13242] ksys_unshare+0x473/0xad0 [ 474.451797][T13242] ? __pfx_ksys_unshare+0x10/0x10 [ 474.451840][T13242] __x64_sys_unshare+0x31/0x40 [ 474.451872][T13242] do_syscall_64+0x106/0xf80 [ 474.451900][T13242] ? clear_bhb_loop+0x40/0x90 [ 474.451931][T13242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 474.451957][T13242] RIP: 0033:0x7f2461f9c799 [ 474.451980][T13242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 474.452008][T13242] RSP: 002b:00007f2462d9a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 474.452034][T13242] RAX: ffffffffffffffda RBX: 00007f2462215fa0 RCX: 00007f2461f9c799 [ 474.452052][T13242] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 474.452068][T13242] RBP: 00007f2462032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 474.452085][T13242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 474.452101][T13242] R13: 00007f2462216038 R14: 00007f2462215fa0 R15: 00007ffcdffc2288 [ 474.452135][T13242] [ 476.325911][T13284] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1882'. [ 479.835998][T13320] Invalid ELF header magic: != ELF [ 479.921907][ T30] audit: type=1806 audit(4294967519.830:33): xattr=96BCF19994B021EB81191EBB429C11F41294FA99ED095E1903D92E818201DB0405837D2DF2D488A8A87FAF3DE272621C6A76B252 res=-22 [ 480.534539][T13329] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 480.564120][T13329] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 480.586909][T13329] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 480.608084][T13329] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 480.630604][T13329] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 481.691154][T13328] chnl_net:caif_netlink_parms(): no params data found [ 481.915747][T13328] bridge0: port 1(bridge_slave_0) entered blocking state [ 481.926516][T13328] bridge0: port 1(bridge_slave_0) entered disabled state [ 481.934384][T13328] bridge_slave_0: entered allmulticast mode [ 481.942637][T13328] bridge_slave_0: entered promiscuous mode [ 481.962814][T13328] bridge0: port 2(bridge_slave_1) entered blocking state [ 481.977410][T13328] bridge0: port 2(bridge_slave_1) entered disabled state [ 481.984748][T13328] bridge_slave_1: entered allmulticast mode [ 482.021451][T13328] bridge_slave_1: entered promiscuous mode [ 482.089574][T13328] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 482.112283][T13328] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 482.213936][T13328] team0: Port device team_slave_0 added [ 482.255674][T13328] team0: Port device team_slave_1 added [ 482.375364][T13341] can0: slcan on ttyS2. [ 482.376168][T13328] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 482.410175][T13328] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 482.494682][T13328] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 482.577549][T13328] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 482.598384][T13328] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 482.638905][T13347] can0 (unregistered): slcan off ttyS2. [ 482.677332][T13328] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 482.727175][T13329] Bluetooth: hci4: command tx timeout [ 482.816539][T13357] FAULT_INJECTION: forcing a failure. [ 482.816539][T13357] name failslab, interval 1, probability 0, space 0, times 0 [ 482.829758][T13357] CPU: 1 UID: 0 PID: 13357 Comm: syz.2.1896 Tainted: G L syzkaller #0 PREEMPT(full) [ 482.829801][T13357] Tainted: [L]=SOFTLOCKUP [ 482.829810][T13357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 482.829835][T13357] Call Trace: [ 482.829844][T13357] [ 482.829854][T13357] dump_stack_lvl+0x100/0x190 [ 482.829899][T13357] should_fail_ex.cold+0x5/0xa [ 482.829930][T13357] should_failslab+0xc2/0x120 [ 482.829956][T13357] __kmalloc_cache_noprof+0x7a/0x6f0 [ 482.829986][T13357] ? snd_seq_timer_new+0x44/0x1b0 [ 482.830024][T13357] snd_seq_timer_new+0x44/0x1b0 [ 482.830057][T13357] snd_seq_queue_alloc+0x177/0x590 [ 482.830104][T13357] snd_seq_ioctl_create_queue+0xa9/0x370 [ 482.830141][T13357] call_seq_client_ctl+0xa3/0x130 [ 482.830184][T13357] snd_seq_kernel_client_ctl+0x77/0xd0 [ 482.830222][T13357] alloc_seq_queue+0xdb/0x180 [ 482.830263][T13357] ? __pfx_alloc_seq_queue+0x10/0x10 [ 482.830323][T13357] ? mark_held_locks+0x40/0x70 [ 482.830358][T13357] ? _raw_spin_unlock_irq+0x23/0x50 [ 482.830387][T13357] ? lockdep_hardirqs_on+0x78/0x100 [ 482.830423][T13357] snd_seq_oss_open+0x2b2/0xa10 [ 482.830471][T13357] odev_open+0x79/0xc0 [ 482.830505][T13357] ? __pfx_odev_open+0x10/0x10 [ 482.830541][T13357] soundcore_open+0x2e3/0x5a0 [ 482.830581][T13357] ? __pfx_soundcore_open+0x10/0x10 [ 482.830616][T13357] chrdev_open+0x234/0x6a0 [ 482.830641][T13357] ? __pfx_apparmor_file_open+0x10/0x10 [ 482.830677][T13357] ? __pfx_chrdev_open+0x10/0x10 [ 482.830703][T13357] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 482.830756][T13357] do_dentry_open+0x6d8/0x1660 [ 482.830796][T13357] ? __pfx_chrdev_open+0x10/0x10 [ 482.830837][T13357] vfs_open+0x82/0x3f0 [ 482.830875][T13357] path_openat+0x208c/0x31a0 [ 482.830914][T13357] ? __pfx_path_openat+0x10/0x10 [ 482.830954][T13357] do_file_open+0x20e/0x430 [ 482.830984][T13357] ? __pfx_do_file_open+0x10/0x10 [ 482.831038][T13357] ? alloc_fd+0x476/0x790 [ 482.831085][T13357] ? do_getname+0x191/0x390 [ 482.831119][T13357] do_sys_openat2+0x10d/0x1e0 [ 482.831155][T13357] ? __pfx_do_sys_openat2+0x10/0x10 [ 482.831192][T13357] ? __fget_files+0x21f/0x3d0 [ 482.831238][T13357] __x64_sys_openat+0x12d/0x210 [ 482.831271][T13357] ? __pfx___x64_sys_openat+0x10/0x10 [ 482.831318][T13357] do_syscall_64+0x106/0xf80 [ 482.831348][T13357] ? clear_bhb_loop+0x40/0x90 [ 482.831382][T13357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.831411][T13357] RIP: 0033:0x7f0a9b19c799 [ 482.831435][T13357] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 482.831464][T13357] RSP: 002b:00007f0a9c023028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 482.831492][T13357] RAX: ffffffffffffffda RBX: 00007f0a9b415fa0 RCX: 00007f0a9b19c799 [ 482.831511][T13357] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 482.831531][T13357] RBP: 00007f0a9b232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 482.831549][T13357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 482.831565][T13357] R13: 00007f0a9b416038 R14: 00007f0a9b415fa0 R15: 00007ffc347cdfe8 [ 482.831605][T13357] [ 483.304309][T13328] hsr_slave_0: entered promiscuous mode [ 483.310921][T13328] hsr_slave_1: entered promiscuous mode [ 483.317715][T13328] debugfs: 'hsr0' already exists in 'hsr' [ 483.323464][T13328] Cannot create hsr debugfs directory [ 483.756485][T13367] FAULT_INJECTION: forcing a failure. [ 483.756485][T13367] name failslab, interval 1, probability 0, space 0, times 0 [ 483.782745][T13367] CPU: 1 UID: 0 PID: 13367 Comm: syz.1.1898 Tainted: G L syzkaller #0 PREEMPT(full) [ 483.782788][T13367] Tainted: [L]=SOFTLOCKUP [ 483.782797][T13367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 483.782811][T13367] Call Trace: [ 483.782820][T13367] [ 483.782829][T13367] dump_stack_lvl+0x100/0x190 [ 483.782872][T13367] should_fail_ex.cold+0x5/0xa [ 483.782902][T13367] should_failslab+0xc2/0x120 [ 483.782927][T13367] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 483.782961][T13367] ? security_inode_alloc+0x3b/0x2c0 [ 483.782995][T13367] ? lockdep_init_map_type+0x5c/0x250 [ 483.783032][T13367] security_inode_alloc+0x3b/0x2c0 [ 483.783066][T13367] inode_init_always_gfp+0xced/0x1040 [ 483.783110][T13367] alloc_inode+0x8e/0x250 [ 483.783140][T13367] sock_alloc+0x44/0x280 [ 483.783168][T13367] ? security_socket_create+0x7f/0x250 [ 483.783202][T13367] __sock_create+0xc2/0x860 [ 483.783243][T13367] __sys_socket+0x14d/0x260 [ 483.783277][T13367] ? exc_page_fault+0x6f/0xd0 [ 483.783304][T13367] ? __pfx___sys_socket+0x10/0x10 [ 483.783341][T13367] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 483.783379][T13367] __x64_sys_socket+0x72/0xb0 [ 483.783414][T13367] ? lockdep_hardirqs_on+0x78/0x100 [ 483.783441][T13367] do_syscall_64+0x106/0xf80 [ 483.783468][T13367] ? clear_bhb_loop+0x40/0x90 [ 483.783499][T13367] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.783535][T13367] RIP: 0033:0x7f2461f9e007 [ 483.783557][T13367] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 483.783582][T13367] RSP: 002b:00007f2462d98f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 483.783606][T13367] RAX: ffffffffffffffda RBX: 00007f2462215fa0 RCX: 00007f2461f9e007 [ 483.783624][T13367] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 483.783639][T13367] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 483.783655][T13367] R10: 0000200000000180 R11: 0000000000000286 R12: 0000000000000001 [ 483.783671][T13367] R13: 00007f2462216038 R14: 00007f2462215fa0 R15: 00007ffcdffc2288 [ 483.783704][T13367] [ 483.783741][T13367] socket: no more sockets [ 484.085984][ T9486] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.301198][ T9486] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.388637][ T9486] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.613799][ T9486] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 484.796267][T13328] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 484.804292][T13329] Bluetooth: hci4: command tx timeout [ 484.848735][T13328] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 484.938793][T13328] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 484.968594][T13328] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 485.110988][ T9486] gretap0: left allmulticast mode [ 485.126925][ T9486] gretap0: left promiscuous mode [ 485.134995][ T9486] bridge0: port 3(gretap0) entered disabled state [ 485.203199][ T9486] bridge_slave_1: left allmulticast mode [ 485.219150][ T9486] bridge_slave_1: left promiscuous mode [ 485.225036][ T9486] bridge0: port 2(bridge_slave_1) entered disabled state [ 485.308234][ T9486] bridge_slave_0: left allmulticast mode [ 485.313929][ T9486] bridge_slave_0: left promiscuous mode [ 485.339008][ T9486] bridge0: port 1(bridge_slave_0) entered disabled state [ 485.453054][T13390] FAULT_INJECTION: forcing a failure. [ 485.453054][T13390] name failslab, interval 1, probability 0, space 0, times 0 [ 485.508604][T13390] CPU: 1 UID: 0 PID: 13390 Comm: syz.0.1909 Tainted: G L syzkaller #0 PREEMPT(full) [ 485.508646][T13390] Tainted: [L]=SOFTLOCKUP [ 485.508656][T13390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 485.508672][T13390] Call Trace: [ 485.508682][T13390] [ 485.508691][T13390] dump_stack_lvl+0x100/0x190 [ 485.508736][T13390] should_fail_ex.cold+0x5/0xa [ 485.508767][T13390] should_failslab+0xc2/0x120 [ 485.508793][T13390] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 485.508833][T13390] ? __d_alloc+0x34/0xa80 [ 485.508868][T13390] __d_alloc+0x34/0xa80 [ 485.508899][T13390] d_alloc+0x4a/0x1e0 [ 485.508930][T13390] lookup_one_qstr_excl+0x175/0x250 [ 485.508966][T13390] start_dirop+0x59/0xb0 [ 485.509006][T13390] simple_start_creating+0xf9/0x110 [ 485.509048][T13390] ? __pfx_simple_start_creating+0x10/0x10 [ 485.509088][T13390] ? mntput+0x70/0xa0 [ 485.509130][T13390] ? simple_pin_fs+0xa3/0x190 [ 485.509168][T13390] debugfs_start_creating.part.0+0x82/0x170 [ 485.509209][T13390] __debugfs_create_file+0xb3/0x4f0 [ 485.509253][T13390] debugfs_create_file_full+0x41/0x60 [ 485.509295][T13390] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 485.509325][T13390] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 485.509353][T13390] ? rcu_is_watching+0x12/0xc0 [ 485.509425][T13390] ? lockdep_init_map_type+0x5c/0x250 [ 485.509468][T13390] preinit_net.part.0+0x24e/0x8f0 [ 485.509505][T13390] copy_net_ns+0x339/0x7c0 [ 485.509552][T13390] create_new_namespaces+0x3ea/0xac0 [ 485.509590][T13390] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 485.509624][T13390] ksys_unshare+0x473/0xad0 [ 485.509661][T13390] ? __pfx_ksys_unshare+0x10/0x10 [ 485.509709][T13390] __x64_sys_unshare+0x31/0x40 [ 485.509743][T13390] do_syscall_64+0x106/0xf80 [ 485.509772][T13390] ? clear_bhb_loop+0x40/0x90 [ 485.509807][T13390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 485.509836][T13390] RIP: 0033:0x7feda599c799 [ 485.509859][T13390] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 485.509887][T13390] RSP: 002b:00007feda691a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 485.509914][T13390] RAX: ffffffffffffffda RBX: 00007feda5c16090 RCX: 00007feda599c799 [ 485.509933][T13390] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 485.509950][T13390] RBP: 00007feda5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 485.509968][T13390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 485.509984][T13390] R13: 00007feda5c16128 R14: 00007feda5c16090 R15: 00007ffd7cadcb18 [ 485.510023][T13390] [ 486.044309][T13402] FAULT_INJECTION: forcing a failure. [ 486.044309][T13402] name failslab, interval 1, probability 0, space 0, times 0 [ 486.092492][T13402] CPU: 0 UID: 0 PID: 13402 Comm: syz.0.1909 Tainted: G L syzkaller #0 PREEMPT(full) [ 486.092535][T13402] Tainted: [L]=SOFTLOCKUP [ 486.092544][T13402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 486.092561][T13402] Call Trace: [ 486.092569][T13402] [ 486.092579][T13402] dump_stack_lvl+0x100/0x190 [ 486.092623][T13402] should_fail_ex.cold+0x5/0xa [ 486.092653][T13402] ? net_alloc_generic+0x1e/0x70 [ 486.092681][T13402] should_failslab+0xc2/0x120 [ 486.092707][T13402] __kmalloc_noprof+0xe0/0x850 [ 486.092750][T13402] net_alloc_generic+0x1e/0x70 [ 486.092782][T13402] copy_net_ns+0xc6/0x7c0 [ 486.092814][T13402] ? copy_cgroup_ns+0x71/0x970 [ 486.092849][T13402] create_new_namespaces+0x3ea/0xac0 [ 486.092886][T13402] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 486.092917][T13402] ksys_unshare+0x473/0xad0 [ 486.092947][T13402] ? do_user_addr_fault+0x7de/0x12f0 [ 486.092988][T13402] ? do_user_addr_fault+0x7de/0x12f0 [ 486.093028][T13402] ? __pfx_ksys_unshare+0x10/0x10 [ 486.093064][T13402] ? do_user_addr_fault+0x8d6/0x12f0 [ 486.093111][T13402] __x64_sys_unshare+0x31/0x40 [ 486.093143][T13402] do_syscall_64+0x106/0xf80 [ 486.093171][T13402] ? clear_bhb_loop+0x40/0x90 [ 486.093204][T13402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.093239][T13402] RIP: 0033:0x7feda599c799 [ 486.093262][T13402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 486.093288][T13402] RSP: 002b:00007feda6854028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 486.093314][T13402] RAX: ffffffffffffffda RBX: 00007feda5c16630 RCX: 00007feda599c799 [ 486.093332][T13402] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 486.093350][T13402] RBP: 00007feda5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 486.093367][T13402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 486.093382][T13402] R13: 00007feda5c166c8 R14: 00007feda5c16630 R15: 00007ffd7cadcb18 [ 486.093417][T13402] [ 486.844121][T13412] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 486.863050][T13412] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 486.876908][T13329] Bluetooth: hci4: command tx timeout [ 486.883894][T13412] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 486.899894][T13412] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 486.996410][T13413] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 487.018894][T13413] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 487.038211][T13413] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 487.095880][T13413] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 487.221489][T13328] 8021q: adding VLAN 0 to HW filter on device bond0 [ 487.382116][T13328] 8021q: adding VLAN 0 to HW filter on device team0 [ 487.405013][ T9482] bridge0: port 1(bridge_slave_0) entered blocking state [ 487.412251][ T9482] bridge0: port 1(bridge_slave_0) entered forwarding state [ 487.474842][T13418] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 487.493431][T13418] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 487.507274][T13418] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 487.550058][T13418] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 487.616578][ T9486] hsr_slave_0: left promiscuous mode [ 487.661762][T13424] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 487.699507][ T9486] hsr_slave_1: left promiscuous mode [ 487.750619][T13424] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 487.780355][ T9486] veth1_macvtap: left promiscuous mode [ 487.786712][ T9486] veth0_macvtap: left promiscuous mode [ 487.795199][T13424] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 487.811460][ T9486] veth1_vlan: left promiscuous mode [ 487.816722][ T9486] veth0_vlan: left promiscuous mode [ 487.822265][T13424] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 488.066394][T13428] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1905'. [ 488.504384][ T9486] team0 (unregistering): Port device team_slave_1 removed [ 488.617517][ T9486] team0 (unregistering): Port device team_slave_0 removed [ 488.895581][ T9480] bridge0: port 2(bridge_slave_1) entered blocking state [ 488.902736][ T9480] bridge0: port 2(bridge_slave_1) entered forwarding state [ 488.959339][T13329] Bluetooth: hci4: command tx timeout [ 489.324068][T13446] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 489.372254][T13446] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 489.387844][T13446] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 489.449888][T13446] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 489.573650][T13328] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 491.560105][T13328] veth0_vlan: entered promiscuous mode [ 491.591558][T13328] veth1_vlan: entered promiscuous mode [ 491.691237][T13328] veth0_macvtap: entered promiscuous mode [ 491.702457][T13328] veth1_macvtap: entered promiscuous mode [ 491.736695][T13328] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 491.807007][T13328] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 491.851770][T11780] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.916229][T11780] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.944501][T11780] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.997521][T11780] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 492.272837][ T9482] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 492.290357][ T9482] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 492.396674][ T9480] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 492.451739][ T9480] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 493.299044][T13522] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1920'. [ 498.611288][T13610] FAULT_INJECTION: forcing a failure. [ 498.611288][T13610] name failslab, interval 1, probability 0, space 0, times 0 [ 498.684963][T13610] CPU: 0 UID: 0 PID: 13610 Comm: syz.0.1943 Tainted: G L syzkaller #0 PREEMPT(full) [ 498.685003][T13610] Tainted: [L]=SOFTLOCKUP [ 498.685011][T13610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 498.685025][T13610] Call Trace: [ 498.685034][T13610] [ 498.685044][T13610] dump_stack_lvl+0x100/0x190 [ 498.685089][T13610] should_fail_ex.cold+0x5/0xa [ 498.685121][T13610] should_failslab+0xc2/0x120 [ 498.685147][T13610] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 498.685181][T13610] ? alloc_empty_file+0x55/0x1c0 [ 498.685209][T13610] ? unwind_get_return_address+0x59/0xa0 [ 498.685245][T13610] alloc_empty_file+0x55/0x1c0 [ 498.685286][T13610] path_openat+0xe8/0x31a0 [ 498.685316][T13610] ? stack_trace_save+0x8e/0xc0 [ 498.685343][T13610] ? __pfx_stack_trace_save+0x10/0x10 [ 498.685371][T13610] ? stack_depot_save_flags+0x27/0x9d0 [ 498.685416][T13610] ? __pfx_path_openat+0x10/0x10 [ 498.685445][T13610] ? kasan_save_stack+0x3f/0x50 [ 498.685479][T13610] ? kasan_save_stack+0x30/0x50 [ 498.685511][T13610] ? kasan_save_track+0x14/0x30 [ 498.685544][T13610] ? __kasan_slab_alloc+0x89/0x90 [ 498.685580][T13610] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 498.685612][T13610] ? do_getname+0x35/0x390 [ 498.685644][T13610] do_file_open+0x20e/0x430 [ 498.685670][T13610] ? __pfx_do_file_open+0x10/0x10 [ 498.685719][T13610] ? find_held_lock+0x2b/0x80 [ 498.685742][T13610] ? __might_fault+0xc5/0x140 [ 498.685772][T13610] ? __might_fault+0xc5/0x140 [ 498.685807][T13610] file_open_name+0x198/0x3b0 [ 498.685838][T13610] ? __pfx_file_open_name+0x10/0x10 [ 498.685874][T13610] ? do_getname+0x191/0x390 [ 498.685905][T13610] acct_on+0xa4/0x9e0 [ 498.685947][T13610] ? __pfx_acct_on+0x10/0x10 [ 498.685982][T13610] ? bpf_lsm_capable+0x9/0x10 [ 498.686005][T13610] ? security_capable+0x80/0x260 [ 498.686040][T13610] __x64_sys_acct+0x81/0x1e0 [ 498.686074][T13610] ? lockdep_hardirqs_on+0x78/0x100 [ 498.686102][T13610] do_syscall_64+0x106/0xf80 [ 498.686129][T13610] ? clear_bhb_loop+0x40/0x90 [ 498.686160][T13610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 498.686185][T13610] RIP: 0033:0x7feda599c799 [ 498.686206][T13610] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 498.686231][T13610] RSP: 002b:00007feda691a028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 498.686256][T13610] RAX: ffffffffffffffda RBX: 00007feda5c16090 RCX: 00007feda599c799 [ 498.686273][T13610] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000000c0 [ 498.686289][T13610] RBP: 00007feda691a090 R08: 0000000000000000 R09: 0000000000000000 [ 498.686305][T13610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 498.686321][T13610] R13: 00007feda5c16128 R14: 00007feda5c16090 R15: 00007ffd7cadcb18 [ 498.686354][T13610] [ 499.270712][T13601] block nbd8: shutting down sockets [ 499.444484][T13613] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 500.015021][T13619] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 500.336365][T13627] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1935'. [ 501.117241][T13640] block nbd8: Device being setup by another task [ 501.520087][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.527101][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 501.908841][T13637] block nbd8: shutting down sockets [ 501.984766][T13649] EXT4-fs warning: 14 callbacks suppressed [ 501.984789][T13649] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 502.015668][T13649] EXT4-fs error: 14 callbacks suppressed [ 502.015689][T13649] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 502.040865][T13649] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 502.067614][T13649] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 502.203852][T13656] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 502.251209][T13656] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 502.298153][T13656] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 502.336031][T13656] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 502.636366][T13668] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 502.723449][T13668] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 502.824568][T13668] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 502.867807][T13674] block nbd8: Device being setup by another task [ 502.884136][T13668] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 503.420268][T13681] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 503.447006][T13681] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 503.519883][T13681] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 503.555915][T13672] block nbd8: shutting down sockets [ 503.575181][T13681] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 503.764522][T13690] netlink: 130 bytes leftover after parsing attributes in process `syz.1.1949'. [ 503.852101][T13691] FAULT_INJECTION: forcing a failure. [ 503.852101][T13691] name failslab, interval 1, probability 0, space 0, times 0 [ 503.875510][T13691] CPU: 0 UID: 0 PID: 13691 Comm: syz.0.1947 Tainted: G L syzkaller #0 PREEMPT(full) [ 503.875552][T13691] Tainted: [L]=SOFTLOCKUP [ 503.875561][T13691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 503.875576][T13691] Call Trace: [ 503.875586][T13691] [ 503.875596][T13691] dump_stack_lvl+0x100/0x190 [ 503.875631][T13691] should_fail_ex.cold+0x5/0xa [ 503.875649][T13691] should_failslab+0xc2/0x120 [ 503.875664][T13691] __kmalloc_cache_noprof+0x7a/0x6f0 [ 503.875682][T13691] ? sctp_add_bind_addr+0xae/0x3e0 [ 503.875702][T13691] ? __pfx_sctp_get_port_local+0x10/0x10 [ 503.875722][T13691] sctp_add_bind_addr+0xae/0x3e0 [ 503.875739][T13691] sctp_do_bind+0x36c/0x760 [ 503.875763][T13691] sctp_connect_new_asoc+0x5e7/0x770 [ 503.875784][T13691] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 503.875808][T13691] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 503.875834][T13691] sctp_sendmsg+0x171a/0x22b0 [ 503.875859][T13691] ? __pfx_sctp_sendmsg+0x10/0x10 [ 503.875882][T13691] ? aa_sk_perm+0x309/0xaa0 [ 503.875907][T13691] ? __pfx_aa_sk_perm+0x10/0x10 [ 503.875927][T13691] ? __might_fault+0xc5/0x140 [ 503.875951][T13691] ? __pfx_sctp_sendmsg+0x10/0x10 [ 503.875972][T13691] inet_sendmsg+0x11c/0x140 [ 503.876007][T13691] __sys_sendto+0x467/0x520 [ 503.876035][T13691] ? __pfx___sys_sendto+0x10/0x10 [ 503.876068][T13691] ? ksys_write+0x1ac/0x250 [ 503.876089][T13691] ? __pfx_ksys_write+0x10/0x10 [ 503.876112][T13691] __x64_sys_sendto+0xe0/0x1c0 [ 503.876126][T13691] ? do_syscall_64+0x95/0xf80 [ 503.876143][T13691] ? lockdep_hardirqs_on+0x78/0x100 [ 503.876159][T13691] do_syscall_64+0x106/0xf80 [ 503.876174][T13691] ? clear_bhb_loop+0x40/0x90 [ 503.876192][T13691] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.876208][T13691] RIP: 0033:0x7feda599c799 [ 503.876222][T13691] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 503.876236][T13691] RSP: 002b:00007feda68f9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 503.876251][T13691] RAX: ffffffffffffffda RBX: 00007feda5c16180 RCX: 00007feda599c799 [ 503.876261][T13691] RDX: 0000000000000401 RSI: 0000000000000000 RDI: 0000000000000007 [ 503.876269][T13691] RBP: 00007feda68f9090 R08: 0000200000000000 R09: 000000000000001c [ 503.876278][T13691] R10: 000000000000007f R11: 0000000000000246 R12: 0000000000000001 [ 503.876287][T13691] R13: 00007feda5c16218 R14: 00007feda5c16180 R15: 00007ffd7cadcb18 [ 503.876307][T13691] [ 504.609885][T13697] FAULT_INJECTION: forcing a failure. [ 504.609885][T13697] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 504.681161][T13697] CPU: 0 UID: 0 PID: 13697 Comm: syz.1.1954 Tainted: G L syzkaller #0 PREEMPT(full) [ 504.681206][T13697] Tainted: [L]=SOFTLOCKUP [ 504.681216][T13697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 504.681232][T13697] Call Trace: [ 504.681242][T13697] [ 504.681253][T13697] dump_stack_lvl+0x100/0x190 [ 504.681298][T13697] should_fail_ex.cold+0x5/0xa [ 504.681323][T13697] ? prepare_alloc_pages+0x16d/0x5f0 [ 504.681356][T13697] should_fail_alloc_page+0xeb/0x140 [ 504.681386][T13697] prepare_alloc_pages+0x1f0/0x5f0 [ 504.681416][T13697] ? bpf_ksym_find+0x124/0x1c0 [ 504.681452][T13697] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 504.681493][T13697] ? kernel_text_address+0x8d/0x100 [ 504.681533][T13697] ? __kernel_text_address+0xd/0x30 [ 504.681591][T13697] ? unwind_get_return_address+0x59/0xa0 [ 504.681622][T13697] ? arch_stack_walk+0xa6/0xf0 [ 504.681660][T13697] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 504.681700][T13697] ? stack_trace_save+0x8e/0xc0 [ 504.681731][T13697] ? stack_depot_save_flags+0x27/0x9d0 [ 504.681784][T13697] ? kasan_save_stack+0x3f/0x50 [ 504.681821][T13697] ? kasan_save_stack+0x30/0x50 [ 504.681862][T13697] ? kasan_save_track+0x14/0x30 [ 504.681899][T13697] ? __kasan_slab_alloc+0x89/0x90 [ 504.681938][T13697] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 504.681975][T13697] ? __pmd_alloc+0xbf/0x9c0 [ 504.682002][T13697] ? __handle_mm_fault+0xa99/0x2b60 [ 504.682035][T13697] ? handle_mm_fault+0x36d/0xa20 [ 504.682066][T13697] ? do_user_addr_fault+0x74c/0x12f0 [ 504.682107][T13697] ? exc_page_fault+0x6f/0xd0 [ 504.682134][T13697] ? asm_exc_page_fault+0x26/0x30 [ 504.682155][T13697] ? __put_user_4+0xd/0x20 [ 504.682169][T13697] ? __sys_socketpair+0x120/0x5b0 [ 504.682190][T13697] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 504.682215][T13697] ? policy_nodemask+0xed/0x4f0 [ 504.682230][T13697] alloc_pages_mpol+0x1fb/0x550 [ 504.682246][T13697] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 504.682265][T13697] alloc_pages_noprof+0x131/0x390 [ 504.682280][T13697] pte_alloc_one+0x1e/0x3e0 [ 504.682296][T13697] __pte_alloc+0x6d/0x3f0 [ 504.682310][T13697] ? __pfx___pte_alloc+0x10/0x10 [ 504.682332][T13697] ? do_raw_spin_lock+0x128/0x260 [ 504.682362][T13697] ? find_held_lock+0x2b/0x80 [ 504.682383][T13697] do_anonymous_page+0x13cc/0x1fb0 [ 504.682402][T13697] ? do_raw_spin_unlock+0x145/0x1e0 [ 504.682422][T13697] ? _raw_spin_unlock+0x28/0x50 [ 504.682436][T13697] ? __pmd_alloc+0x6aa/0x9c0 [ 504.682453][T13697] __handle_mm_fault+0x1d42/0x2b60 [ 504.682474][T13697] ? mt_find+0x45e/0x8e0 [ 504.682492][T13697] ? __pfx___handle_mm_fault+0x10/0x10 [ 504.682509][T13697] ? __pfx_mt_find+0x10/0x10 [ 504.682536][T13697] ? find_vma+0xbf/0x140 [ 504.682557][T13697] ? __pfx_find_vma+0x10/0x10 [ 504.682587][T13697] handle_mm_fault+0x36d/0xa20 [ 504.682610][T13697] do_user_addr_fault+0x74c/0x12f0 [ 504.682637][T13697] exc_page_fault+0x6f/0xd0 [ 504.682653][T13697] asm_exc_page_fault+0x26/0x30 [ 504.682668][T13697] RIP: 0010:__put_user_4+0xd/0x20 [ 504.682685][T13697] Code: 66 89 01 31 c9 0f 01 ca e9 80 d0 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca e9 57 d0 03 00 0f 1f 80 00 00 00 00 90 90 90 [ 504.682699][T13697] RSP: 0018:ffffc9000475fe08 EFLAGS: 00050246 [ 504.682712][T13697] RAX: 0000000000000008 RBX: 0000000000000000 RCX: 0000000000000000 [ 504.682722][T13697] RDX: ffff888030e2dac0 RSI: ffffffff8255c2b1 RDI: ffffffff8c1aefa0 [ 504.682732][T13697] RBP: 1ffff920008ebfc5 R08: 0000000000000001 R09: 00000000000001c5 [ 504.682741][T13697] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000008 [ 504.682750][T13697] R13: 0000000000000009 R14: 0000000000000004 R15: dffffc0000000000 [ 504.682764][T13697] ? __might_fault+0x111/0x140 [ 504.682786][T13697] __sys_socketpair+0x120/0x5b0 [ 504.682810][T13697] ? __pfx___sys_socketpair+0x10/0x10 [ 504.682834][T13697] ? __pfx_ksys_write+0x10/0x10 [ 504.682858][T13697] __x64_sys_socketpair+0x96/0x100 [ 504.682880][T13697] ? lockdep_hardirqs_on+0x78/0x100 [ 504.682895][T13697] do_syscall_64+0x106/0xf80 [ 504.682910][T13697] ? clear_bhb_loop+0x40/0x90 [ 504.682928][T13697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.682943][T13697] RIP: 0033:0x7f2461f9c799 [ 504.682955][T13697] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 504.682969][T13697] RSP: 002b:00007f2462d9a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 504.682982][T13697] RAX: ffffffffffffffda RBX: 00007f2462215fa0 RCX: 00007f2461f9c799 [ 504.682992][T13697] RDX: 8000000000000000 RSI: 0000000000000004 RDI: 000000000000001e [ 504.683001][T13697] RBP: 00007f2462d9a090 R08: 0000000000000000 R09: 0000000000000000 [ 504.683010][T13697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 504.683018][T13697] R13: 00007f2462216038 R14: 00007f2462215fa0 R15: 00007ffcdffc2288 [ 504.683038][T13697] [ 505.296961][T13702] block nbd8: Device being setup by another task [ 505.348892][T13704] block nbd8: Device being setup by another task [ 505.931682][ T30] audit: type=1804 audit(4294967545.700:34): pid=13711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1957" name="/newroot/507/file0" dev="tmpfs" ino=2632 res=1 errno=0 [ 506.041417][ T30] audit: type=1804 audit(4294967545.700:35): pid=13711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1957" name="/newroot/507/file0" dev="tmpfs" ino=2632 res=1 errno=0 [ 506.100363][T13713] FAULT_INJECTION: forcing a failure. [ 506.100363][T13713] name failslab, interval 1, probability 0, space 0, times 0 [ 506.120161][T13703] block nbd8: shutting down sockets [ 506.381555][T13713] CPU: 1 UID: 0 PID: 13713 Comm: syz.4.1958 Tainted: G L syzkaller #0 PREEMPT(full) [ 506.381583][T13713] Tainted: [L]=SOFTLOCKUP [ 506.381589][T13713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 506.381605][T13713] Call Trace: [ 506.381611][T13713] [ 506.381618][T13713] dump_stack_lvl+0x100/0x190 [ 506.381645][T13713] should_fail_ex.cold+0x5/0xa [ 506.381662][T13713] should_failslab+0xc2/0x120 [ 506.381677][T13713] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 506.381705][T13713] ? alloc_empty_file+0x55/0x1c0 [ 506.381734][T13713] ? __pfx_stack_trace_save+0x10/0x10 [ 506.381752][T13713] alloc_empty_file+0x55/0x1c0 [ 506.381769][T13713] path_openat+0xe8/0x31a0 [ 506.381782][T13713] ? kasan_save_stack+0x3f/0x50 [ 506.381802][T13713] ? kasan_save_stack+0x30/0x50 [ 506.381821][T13713] ? kasan_save_track+0x14/0x30 [ 506.381840][T13713] ? __kasan_slab_alloc+0x89/0x90 [ 506.381861][T13713] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 506.381880][T13713] ? do_getname+0x35/0x390 [ 506.381895][T13713] ? do_sys_openat2+0xc5/0x1e0 [ 506.381913][T13713] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.381930][T13713] ? __pfx_path_openat+0x10/0x10 [ 506.381951][T13713] do_file_open+0x20e/0x430 [ 506.381966][T13713] ? __pfx_do_file_open+0x10/0x10 [ 506.381993][T13713] ? alloc_fd+0x476/0x790 [ 506.382017][T13713] ? do_getname+0x191/0x390 [ 506.382034][T13713] do_sys_openat2+0x10d/0x1e0 [ 506.382052][T13713] ? __pfx_do_sys_openat2+0x10/0x10 [ 506.382068][T13713] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 506.382089][T13713] ? __fget_files+0x21f/0x3d0 [ 506.382113][T13713] __x64_sys_openat+0x12d/0x210 [ 506.382131][T13713] ? __pfx___x64_sys_openat+0x10/0x10 [ 506.382148][T13713] ? ksys_write+0x1ac/0x250 [ 506.382179][T13713] do_syscall_64+0x106/0xf80 [ 506.382195][T13713] ? clear_bhb_loop+0x40/0x90 [ 506.382213][T13713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.382227][T13713] RIP: 0033:0x7f2091f9c799 [ 506.382241][T13713] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 506.382256][T13713] RSP: 002b:00007f2092f2f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 506.382271][T13713] RAX: ffffffffffffffda RBX: 00007f2092215fa0 RCX: 00007f2091f9c799 [ 506.382281][T13713] RDX: 0000000000020000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 506.382291][T13713] RBP: 00007f2092f2f090 R08: 0000000000000000 R09: 0000000000000000 [ 506.382300][T13713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 506.382309][T13713] R13: 00007f2092216038 R14: 00007f2092215fa0 R15: 00007ffcfbdf0a68 [ 506.382328][T13713] [ 506.397616][T13718] FAULT_INJECTION: forcing a failure. [ 506.397616][T13718] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 506.397646][T13718] CPU: 0 UID: 0 PID: 13718 Comm: syz.1.1957 Tainted: G L syzkaller #0 PREEMPT(full) [ 506.397667][T13718] Tainted: [L]=SOFTLOCKUP [ 506.397672][T13718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 506.397681][T13718] Call Trace: [ 506.397686][T13718] [ 506.397692][T13718] dump_stack_lvl+0x100/0x190 [ 506.397717][T13718] should_fail_ex.cold+0x5/0xa [ 506.397735][T13718] _copy_to_user+0x32/0xd0 [ 506.397759][T13718] simple_read_from_buffer+0xcb/0x170 [ 506.397782][T13718] proc_fail_nth_read+0x1af/0x230 [ 506.397800][T13718] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 506.397818][T13718] ? rw_verify_area+0xce/0x6d0 [ 506.397837][T13718] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 506.397853][T13718] vfs_read+0x1e4/0xb30 [ 506.397877][T13718] ? __pfx_vfs_read+0x10/0x10 [ 506.397897][T13718] ? __fget_files+0x215/0x3d0 [ 506.397922][T13718] ? __fget_files+0x21f/0x3d0 [ 506.397949][T13718] ksys_read+0x12a/0x250 [ 506.397969][T13718] ? __pfx_ksys_read+0x10/0x10 [ 506.397995][T13718] do_syscall_64+0x106/0xf80 [ 506.398011][T13718] ? clear_bhb_loop+0x40/0x90 [ 506.398029][T13718] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.398044][T13718] RIP: 0033:0x7f2461f5cfce [ 506.398057][T13718] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 506.398071][T13718] RSP: 002b:00007f24601f5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 506.398085][T13718] RAX: ffffffffffffffda RBX: 00007f24601f66c0 RCX: 00007f2461f5cfce [ 506.398095][T13718] RDX: 000000000000000f RSI: 00007f24601f60a0 RDI: 000000000000000a [ 506.398104][T13718] RBP: 00007f24601f6090 R08: 0000000000000000 R09: 0000000000000000 [ 506.398113][T13718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 506.398122][T13718] R13: 00007f2462216218 R14: 00007f2462216180 R15: 00007ffcdffc2288 [ 506.398142][T13718] [ 506.540981][ T30] audit: type=1804 audit(4294967546.450:36): pid=13721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1959" name="/newroot/508/file0" dev="tmpfs" ino=2638 res=1 errno=0 [ 506.541852][ T30] audit: type=1804 audit(4294967546.450:37): pid=13721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1959" name="/newroot/508/file0" dev="tmpfs" ino=2638 res=1 errno=0 [ 507.342236][T13723] block nbd8: shutting down sockets [ 508.310553][T13750] NFSD: Failed to start, no listeners configured. [ 510.130435][T13767] block nbd8: shutting down sockets [ 511.844113][T13813] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1978'. [ 512.020525][T13813] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !Pjâ<~ݲå3hj_;¥qm’ÇPÉ.‚w8üXä [ 512.543428][T13825] netlink: 202 bytes leftover after parsing attributes in process `syz.4.1981'. [ 513.419561][T13851] FAULT_INJECTION: forcing a failure. [ 513.419561][T13851] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 513.452416][T13851] CPU: 0 UID: 0 PID: 13851 Comm: syz.2.1989 Tainted: G L syzkaller #0 PREEMPT(full) [ 513.452462][T13851] Tainted: [L]=SOFTLOCKUP [ 513.452472][T13851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 513.452491][T13851] Call Trace: [ 513.452502][T13851] [ 513.452512][T13851] dump_stack_lvl+0x100/0x190 [ 513.452559][T13851] should_fail_ex.cold+0x5/0xa [ 513.452593][T13851] _copy_from_user+0x2e/0xd0 [ 513.452636][T13851] kstrtouint_from_user+0xd6/0x1d0 [ 513.452670][T13851] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 513.452702][T13851] ? __lock_acquire+0x4a5/0x2630 [ 513.452747][T13851] ? lock_acquire+0x1cf/0x380 [ 513.452790][T13851] proc_fail_nth_write+0x83/0x220 [ 513.452823][T13851] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 513.452866][T13851] vfs_write+0x2aa/0x1070 [ 513.452908][T13851] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 513.452944][T13851] ? __pfx_vfs_write+0x10/0x10 [ 513.452982][T13851] ? __fget_files+0x215/0x3d0 [ 513.453031][T13851] ? __fget_files+0x21f/0x3d0 [ 513.453083][T13851] ksys_write+0x12a/0x250 [ 513.453123][T13851] ? __pfx_ksys_write+0x10/0x10 [ 513.453174][T13851] do_syscall_64+0x106/0xf80 [ 513.453205][T13851] ? clear_bhb_loop+0x40/0x90 [ 513.453239][T13851] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.453268][T13851] RIP: 0033:0x7f0a9b15cfce [ 513.453292][T13851] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 513.453319][T13851] RSP: 002b:00007f0a9c022fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 513.453346][T13851] RAX: ffffffffffffffda RBX: 00007f0a9c0236c0 RCX: 00007f0a9b15cfce [ 513.453365][T13851] RDX: 0000000000000001 RSI: 00007f0a9c0230a0 RDI: 0000000000000004 [ 513.453383][T13851] RBP: 00007f0a9c023090 R08: 0000000000000000 R09: 0000000000000000 [ 513.453406][T13851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 513.453422][T13851] R13: 00007f0a9b416038 R14: 00007f0a9b415fa0 R15: 00007ffc347cdfe8 [ 513.453460][T13851] [ 513.691584][T13831] block nbd8: shutting down sockets [ 513.812769][T13858] ================================================================== [ 513.812793][T13858] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x174a/0x1910 [ 513.812835][T13858] Write of size 8 at addr ffffc900042a9000 by task syz.0.1994/13858 [ 513.812861][T13858] [ 513.812877][T13858] CPU: 1 UID: 0 PID: 13858 Comm: syz.0.1994 Tainted: G L syzkaller #0 PREEMPT(full) [ 513.812919][T13858] Tainted: [L]=SOFTLOCKUP [ 513.812930][T13858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 513.812949][T13858] Call Trace: [ 513.812960][T13858] [ 513.812971][T13858] dump_stack_lvl+0x100/0x190 [ 513.813015][T13858] print_report+0x156/0x4c9 [ 513.813055][T13858] ? _raw_spin_lock_irqsave+0x52/0x60 [ 513.813102][T13858] ? __virt_addr_valid+0x81/0x620 [ 513.813140][T13858] ? sys_fillrect+0x174a/0x1910 [ 513.813171][T13858] kasan_report+0xdf/0x1e0 [ 513.813199][T13858] ? sys_fillrect+0x174a/0x1910 [ 513.813234][T13858] sys_fillrect+0x174a/0x1910 [ 513.813273][T13858] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 513.813316][T13858] bit_clear+0x17d/0x220 [ 513.813359][T13858] ? __pfx_bit_clear+0x10/0x10 [ 513.813410][T13858] ? fb_get_color_depth+0x120/0x250 [ 513.813452][T13858] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 513.813504][T13858] __fbcon_clear+0x633/0x760 [ 513.813545][T13858] ? __pfx_bit_clear+0x10/0x10 [ 513.813590][T13858] fbcon_scroll+0x48b/0x650 [ 513.813631][T13858] con_scroll+0x464/0x690 [ 513.813664][T13858] do_con_write+0x6883/0x8540 [ 513.813708][T13858] ? __pfx_do_con_write+0x10/0x10 [ 513.813750][T13858] con_write+0x23/0xb0 [ 513.813782][T13858] n_tty_write+0x44f/0x12d0 [ 513.813829][T13858] ? __pfx_n_tty_write+0x10/0x10 [ 513.813868][T13858] ? trace_kmalloc+0x101/0x130 [ 513.813895][T13858] ? __pfx_woken_wake_function+0x10/0x10 [ 513.813938][T13858] ? rcu_is_watching+0x12/0xc0 [ 513.813979][T13858] ? file_tty_write.isra.0+0x694/0x890 [ 513.814012][T13858] ? kfree+0x2ec/0x6b0 [ 513.814045][T13858] ? __pfx_n_tty_write+0x10/0x10 [ 513.814086][T13858] file_tty_write.isra.0+0x4d2/0x890 [ 513.814124][T13858] redirected_tty_write+0xd4/0x120 [ 513.814159][T13858] vfs_write+0x6ac/0x1070 [ 513.814201][T13858] ? __pfx_redirected_tty_write+0x10/0x10 [ 513.814238][T13858] ? __pfx_vfs_write+0x10/0x10 [ 513.814278][T13858] ? find_held_lock+0x2b/0x80 [ 513.814315][T13858] ksys_write+0x12a/0x250 [ 513.814357][T13858] ? __pfx_ksys_write+0x10/0x10 [ 513.814411][T13858] do_syscall_64+0x106/0xf80 [ 513.814443][T13858] ? clear_bhb_loop+0x40/0x90 [ 513.814477][T13858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.814507][T13858] RIP: 0033:0x7feda599c799 [ 513.814531][T13858] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 513.814559][T13858] RSP: 002b:00007feda693b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 513.814588][T13858] RAX: ffffffffffffffda RBX: 00007feda5c15fa0 RCX: 00007feda599c799 [ 513.814608][T13858] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000004 [ 513.814628][T13858] RBP: 00007feda5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 513.814646][T13858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 513.814664][T13858] R13: 00007feda5c16038 R14: 00007feda5c15fa0 R15: 00007ffd7cadcb18 [ 513.814693][T13858] [ 513.814704][T13858] [ 513.814712][T13858] The buggy address belongs to a vmalloc virtual mapping [ 513.814732][T13858] Memory state around the buggy address: [ 513.814748][T13858] ffffc900042a8f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 513.814775][T13858] ffffc900042a8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 513.814797][T13858] >ffffc900042a9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 513.814814][T13858] ^ [ 513.814829][T13858] ffffc900042a9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 513.814851][T13858] ffffc900042a9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 513.814869][T13858] ================================================================== [ 513.814891][T13858] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 513.814914][T13858] CPU: 1 UID: 0 PID: 13858 Comm: syz.0.1994 Tainted: G L syzkaller #0 PREEMPT(full) [ 513.814955][T13858] Tainted: [L]=SOFTLOCKUP [ 513.814965][T13858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 513.814983][T13858] Call Trace: [ 513.814992][T13858] [ 513.815003][T13858] dump_stack_lvl+0x100/0x190 [ 513.815040][T13858] vpanic+0x552/0x970 [ 513.815064][T13858] ? __pfx_vpanic+0x10/0x10 [ 513.815089][T13858] ? __pfx_vprintk_emit+0x10/0x10 [ 513.815136][T13858] ? sys_fillrect+0x174a/0x1910 [ 513.815166][T13858] panic+0xd1/0xe0 [ 513.815192][T13858] ? __pfx_panic+0x10/0x10 [ 513.815223][T13858] ? sys_fillrect+0x174a/0x1910 [ 513.815256][T13858] check_panic_on_warn.cold+0x19/0x34 [ 513.815284][T13858] end_report.part.0+0x3a/0x90 [ 513.815320][T13858] kasan_report.cold+0xe/0x18 [ 513.815358][T13858] ? sys_fillrect+0x174a/0x1910 [ 513.815402][T13858] sys_fillrect+0x174a/0x1910 [ 513.815442][T13858] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 513.815484][T13858] bit_clear+0x17d/0x220 [ 513.815528][T13858] ? __pfx_bit_clear+0x10/0x10 [ 513.815572][T13858] ? fb_get_color_depth+0x120/0x250 [ 513.815611][T13858] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 513.815659][T13858] __fbcon_clear+0x633/0x760 [ 513.815699][T13858] ? __pfx_bit_clear+0x10/0x10 [ 513.815741][T13858] fbcon_scroll+0x48b/0x650 [ 513.815783][T13858] con_scroll+0x464/0x690 [ 513.815816][T13858] do_con_write+0x6883/0x8540 [ 513.815860][T13858] ? __pfx_do_con_write+0x10/0x10 [ 513.815901][T13858] con_write+0x23/0xb0 [ 513.815928][T13858] n_tty_write+0x44f/0x12d0 [ 513.815970][T13858] ? __pfx_n_tty_write+0x10/0x10 [ 513.816009][T13858] ? trace_kmalloc+0x101/0x130 [ 513.816036][T13858] ? __pfx_woken_wake_function+0x10/0x10 [ 513.816078][T13858] ? rcu_is_watching+0x12/0xc0 [ 513.816116][T13858] ? file_tty_write.isra.0+0x694/0x890 [ 513.816146][T13858] ? kfree+0x2ec/0x6b0 [ 513.816176][T13858] ? __pfx_n_tty_write+0x10/0x10 [ 513.816214][T13858] file_tty_write.isra.0+0x4d2/0x890 [ 513.816252][T13858] redirected_tty_write+0xd4/0x120 [ 513.816284][T13858] vfs_write+0x6ac/0x1070 [ 513.816327][T13858] ? __pfx_redirected_tty_write+0x10/0x10 [ 513.816362][T13858] ? __pfx_vfs_write+0x10/0x10 [ 513.816412][T13858] ? find_held_lock+0x2b/0x80 [ 513.816451][T13858] ksys_write+0x12a/0x250 [ 513.816493][T13858] ? __pfx_ksys_write+0x10/0x10 [ 513.816533][T13858] do_syscall_64+0x106/0xf80 [ 513.816565][T13858] ? clear_bhb_loop+0x40/0x90 [ 513.816600][T13858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.816630][T13858] RIP: 0033:0x7feda599c799 [ 513.816653][T13858] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 513.816683][T13858] RSP: 002b:00007feda693b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 513.816713][T13858] RAX: ffffffffffffffda RBX: 00007feda5c15fa0 RCX: 00007feda599c799 [ 513.816737][T13858] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000004 [ 513.816754][T13858] RBP: 00007feda5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 513.816770][T13858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 513.816786][T13858] R13: 00007feda5c16038 R14: 00007feda5c15fa0 R15: 00007ffd7cadcb18 [ 513.816811][T13858] [ 513.817154][T13858] Kernel Offset: disabled