last executing test programs: 2m57.70742886s ago: executing program 1 (id=189): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d000000000700", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d}) ioctl$auto_BLKTRACETEARDOWN(r0, 0x1276, 0x0) ioctl$auto_BLKTRACETEARDOWN(r0, 0x1276, 0x0) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x201, 0x0) r2 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/dynamic_events\x00', 0x2542, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r2, &(0x7f0000000040)='e:\ru', 0x4) recvmmsg$auto(r1, &(0x7f0000000280)={{&(0x7f0000000000)="354ce727522fdc0809ad88a09d0bc7fba7e0a47dd6a9dc2add7eda", 0x8001, &(0x7f0000000140)={&(0x7f0000000080)="4678382f7c38d91ff324b1df3239ad21c90ec009d0ee24b53e2065fd8aac1073be8536c3d5d6601e34df9e38f1e5bd3d67d8a93abe24b94d1cc8e68e0fe45a1198237da6c1e81b5f06d76cc2040b4f08b496382c2d6ad515457b0dc80644e1421c29a35f1254bdcd967b718daf8977d2c1ddcd8e769ec0b856587aa7418b0f118483bf5a1fcb48aa659dc1467094f07fbfca117b5c5b603547684fcf9eae47fe5dacf3d69cb5165ec8bd70dbe6b92e19fbe410", 0x2}, 0x10000, &(0x7f0000000180)="52a452f176c54e9344e46699f47bb83f83b2254290ba692e93f7554a05e575522e78dafd8c481f646b3a77370dd59f2aeba692935f1aef81d9681e03d044118cefad9c189039653d47412bcefa55998c69d8dd6e505becb50ec3151ba8a80ce566998b6f5e7abb1cbc0b019897cf046aa021f726fe87a608a018fa910b2d46da63a5c4a67dc6a6bc3de12e6956c45bf281dbef065dd2837afe8c77e16b58e1b135bbb59c9b74bffda83b8f673b098aed97c37fbb9332adda4840cee4d4e93455dc238dc9521024e785bdb772efaf2960eb603fc3972326efab66408fa090e53acead2a7706742e967c9ff55e88e591edd5aa8caa3c93b40e34c7cf", 0x3}, 0x8}, 0x2, 0x400, &(0x7f00000002c0)={0x4, 0x2}) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x8000, 0x0) pipe2$auto(0x0, 0x4800) splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf) mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x542, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r3, &(0x7f0000000080)="65507307ff6587a725ca87720ef9769f20592e7748315620724892e74526afb97ab17a24948c80c0330e81cdf0a589966954526f4548210eee03e9df0e5e1af908387ecc25c8de6717e11b31ead2e4f452ee89d77cc56ac221fde7e6cf58162474a55f166c6498ec03208a", 0x6b) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) r4 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vgem/clients\x00', 0x60440, 0x0) read$auto_drm_debugfs_entry_fops_drm_debugfs(r4, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x1010001, 0x100000003) r5 = socket(0xa, 0x1, 0x84) setsockopt$auto(r5, 0x0, 0x61, 0x0, 0x28) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x38, r7, 0x1b, 0x70bd26, 0x25dfdbfe, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x2}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590822ad9"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004040}, 0x4800) madvise$auto(0x1018, 0x400050, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 2m57.089963669s ago: executing program 1 (id=194): unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0xc) setsockopt$auto(r1, 0x7, 0x6, &(0x7f0000000300)=',\x00', 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/fs/o2cb/logmask/DLMFS\x00', 0x20a42, 0x0) write$auto(r3, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\xe0c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\xf0\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0xfffffdef) sendmsg$auto_CGROUPSTATS_CMD_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYBLOB="250025bd7000fedbdf", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x400c9d0}, 0x4080) r4 = socket(0x10, 0x2, 0x14) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r2], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x51) sendmmsg$auto(r4, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc5}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/midiC2D1\x00', 0x200, 0x0) openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) fadvise64$auto_POSIX_FADV_NORMAL(r0, 0x7f, 0x4, 0x0) mmap$auto(0x0, 0x20005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) mseal$auto(0x0, 0x7dda, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x0) timer_settime$auto(0x0, 0x7ff, &(0x7f0000000000)={{0xa6, 0x7}, {0x0, 0x3}}, 0x0) 2m54.050784669s ago: executing program 1 (id=206): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mlock$auto(0x1ff, 0x80006) mlockall$auto(0x800000000000005) madvise$auto(0x0, 0x200007, 0x19) 2m53.746549518s ago: executing program 1 (id=209): r0 = socket(0x2, 0x3, 0x100) getsockopt$auto_SO_NO_CHECK(r0, 0x4, 0xb, &(0x7f0000000040)='/dev/qsbmon7\x00', &(0x7f0000000080)=0x2) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/queue/atomic_write_boundary_bytes\x00', 0x240, 0x0) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/veth1_to_hsr/router_probe_interval\x00', 0x200000, 0x0) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x25, 0x1, 0x3) r1 = clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (async, rerun: 32) openat$auto_ext4_dir_operations_ext4(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bluetooth/hci4/hci4:201\x00', 0x0, 0x0) (rerun: 32) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000600), 0xffffffffffffffff) (rerun: 64) sendmsg$auto_OVS_FLOW_CMD_SET(r2, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000640)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00ffdbdf250400000004000180050028b4000000000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x51}, 0x40000) (async) ptrace$auto(0x4206, r1, 0x0, 0x200005) (async, rerun: 64) waitid$auto_P_PGID(0x2, r1, &(0x7f0000000140)={@_si_pad}, 0x6, &(0x7f0000000240)={{0x3, 0x1}, {0x8, 0x20000000000}, 0x1, 0x35, 0x9, 0x7, 0x4, 0x1, 0xc, 0x8000, 0x10000, 0x5, 0x7fff, 0x3ff, 0x10000000000000, 0xe}) (rerun: 64) socket(0x28, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x3) (async) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) (async) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram8/queue/discard_max_bytes\x00', 0x181842, 0x0) r5 = openat$auto_proc_timers_operations_base(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) sendfile$auto(r4, r5, 0x0, 0x400000000008) (async) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r6, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xcfk', 0x84) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xdcfaeb3549df84fd, 0x0) (async) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) (async) socket$nl_generic(0x10, 0x3, 0x10) 2m51.715895982s ago: executing program 1 (id=215): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1d, 0x800, 0x6) setitimer$auto(0x2, &(0x7f00000005c0)={{0x0, 0x5}, {0x0, 0x8}}, 0x0) socket(0x2, 0x5, 0x0) (async) shutdown$auto(0x200000003, 0x2) (async) connect$auto(r0, &(0x7f0000000000)=@l2={0x1f, 0xfffb, @none, 0xfe00, 0x1}, 0x52) write$auto(0x3, 0x0, 0xfdef) (async) sendmsg$auto_MACSEC_CMD_ADD_TXSA(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="d3f6ee302a1af1", @ANYRES16=0x0, @ANYRESDEC=0x0, @ANYRESHEX=r1, @ANYRESDEC=r0, @ANYRESHEX=r0, @ANYBLOB], 0x1030}}, 0x404) unshare$auto(0x40000080) (async) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) (async) ioctl$auto_SNDCTL_DSP_GETBLKSIZE(0xffffffffffffffff, 0xc0045004, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) (async) r2 = socket(0x2, 0x1, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/pcm0p/oss\x00', 0x101000, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$auto(r1, 0x4070aea0, 0xffffffffffffffff) (async) mmap$auto(0x0, 0x400008, 0x2, 0x9b72, 0x2, 0x8000) (async) ioctl$auto(r2, 0xcb72, 0xffffffffffffffff) (async) ioctl$auto(0x3, 0x80000541b, 0x38) mmap$auto(0xffffffffffffffff, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x800008000) (async) sysfs$auto(0x2, 0x23, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r4 = signalfd4$auto(0xffffffff, 0x0, 0x30b, 0x0) read$auto_l2cap_debugfs_fops_(r4, &(0x7f0000000240)=""/177, 0xb1) (async) madvise$auto(0x0, 0x200007, 0x19) (async) mmap$auto(0xffffffffffffffff, 0xe984, 0x3d0, 0xeb5, r2, 0x800d) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/fail-nth\x00', 0x341b80, 0x0) write$auto(r5, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x4a) 2m47.355517224s ago: executing program 1 (id=222): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x8000000000000001, 0x4, 0x5, 0xffffffffffffff7f) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) unshare$auto(0x40000080) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5) mseal$auto(0x1000000000000000, 0x0, 0x0) creat$auto(0x0, 0x7) 2m32.274713915s ago: executing program 32 (id=222): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x8000000000000001, 0x4, 0x5, 0xffffffffffffff7f) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) unshare$auto(0x40000080) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5) mseal$auto(0x1000000000000000, 0x0, 0x0) creat$auto(0x0, 0x7) 9.24423305s ago: executing program 4 (id=798): r0 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu0/trace\x00', 0x80602, 0x0) mmap$auto(0x0, 0x7, 0x9, 0xb500000000000010, r0, 0x8) r1 = socket(0x2, 0x1, 0x84) getsockopt$auto(r1, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x17d) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu0/trace\x00', 0x80602, 0x0) (async) mmap$auto(0x0, 0x7, 0x9, 0xb500000000000010, r0, 0x8) (async) socket(0x2, 0x1, 0x84) (async) getsockopt$auto(r1, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x17d) (async) 7.912076676s ago: executing program 4 (id=803): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/dummy_hcd.2/usb3/authorized\x00', 0x601, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0xffffffffffffffff, 0x28000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/dummy_hcd.3/usb4/ep_00/power/runtime_suspended_time\x00', 0x20200, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) write$auto(r0, &(0x7f00000002c0)='1\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0xd4d0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x6801, 0x0) io_uring_register$auto_IORING_UNREGISTER_IOWQ_AFF(r2, 0x12, &(0x7f00000000c0)="46bb79631244e3deed9b15f15eef32c6f636b5bb7445f7f39621ba101ae3e9fc03170b2395475145c1c8457989cba1fa3819f2b2bfecfd28019a8e28def207bc036b4681dda4fa01301f93acaac363899cca43cbe7381a60d8566a5277cdfd1949b33bc2f50587166946957cc13524789f8b72ef28e965bd10286b0578d9aed0a47216b09b8629c412", 0x0) 6.653454635s ago: executing program 4 (id=808): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000) sysfs$auto(0x2, 0x3f, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x20000, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000001880)='/dev/sda1\x00', 0x2000, 0x0) ioctl$auto_BLKRRPART(r0, 0x125f, 0x0) sysfs$auto(0x3, 0x9, 0x0) 5.341576721s ago: executing program 4 (id=815): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000180), r0) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000f8dbdf250100000008000200", @ANYRES32=0x4, @ANYBLOB="080001004866520008000200", @ANYRES32=0x9, @ANYBLOB="89f3d48bf4c998773ec7bd87d2704ba14af78570019c68b3123740b50cf159fa3c21b9b2b0e30a7412029336d88c905145b6d9e9080c34c2957c6dc68bd41c55bba34fbc1dd3d321d4cb049bde8d7e0a288a6aa1ca65b87e04347c951ddab5c06141ba21611ed8ade4a24d9418ad3311f5248829220cbc8fa3144cb66d617d6a510d827a77f8283fbbec254e008f5277d99580c9"], 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0109080000000000002502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) 4.802730513s ago: executing program 4 (id=817): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x5, 0x6, 0x0, 0x6, 0xfffffffffffffffd) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) ioctl$auto(r0, 0x5646, r0) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000280)=""/40, 0x28) ioctl$auto(r0, 0x2400001, 0xffffffffffffffff) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r1, 0x9, 0x7ff) mmap$auto(0x0, 0x400008, 0x2c48, 0x9b70, 0xffffffffffffffff, 0x7ffc) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x802, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram14\x00', 0x14fa02, 0x0) bpf$auto(0x4, &(0x7f0000000780)=@raw_tracepoint={0x4000000000, r0, 0x0, 0x3}, 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x101000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r3 = socket(0x1d, 0x2, 0x7) socket(0x2, 0x1, 0x0) bind$auto(r3, &(0x7f0000000000)=@can, 0x6a) r4 = socket(0xa, 0x2, 0x88) setsockopt$auto(r4, 0x11, 0x1, 0x0, 0x4) getsockopt$auto(r4, 0x6, 0xfffffffb, 0x0, 0x0) mmap$auto(0x0, 0x2020005, 0x3, 0x200000000eb2, r2, 0x8000) 4.324897563s ago: executing program 0 (id=819): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/extra\x00', 0xa142, 0x0) r0 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b) read$auto(r0, 0x0, 0x1) write$auto(0x3, 0x0, 0xffd8) close_range$auto(0x2, 0xa, 0x0) r1 = socket(0x2, 0x1, 0x106) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/bus/input/handlers\x00', 0x200, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r3 = socketpair$auto(0x1, 0x200e199, 0x5ee, 0x0) sendmmsg$auto(r2, 0x0, 0x9a6, 0x9) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, 0x0) ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r4, 0xc0045009, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x80, 0x44) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb) ioctl$auto_SOUND_PCM_READ_CHANNELS(r3, 0x80045006, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(r1, 0x0, 0x787b, 0x35) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x460043, 0x0) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x12943, 0x0) write$auto(r5, 0x0, 0x3) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/queue/atomic_write_boundary_bytes\x00', 0x240, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000080)=""/247, 0xe5) write$auto(0x3, 0x0, 0x100082) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14fa02, 0x0) 3.807483276s ago: executing program 3 (id=821): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x200000000008000) (async) mmap$auto(0xa, 0x3, 0x3, 0x800000000000eb4, 0xfffffffffffffffa, 0x4) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x20, 0x0, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0xc0, 0x0, 0x0, @ipv4=@multicast2}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x50) (async) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="011d3da4420008bd7100f9db5f2502000000"], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x7ff}, 0x7, 0x4008) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) r2 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000140), r1) sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(r1, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0x2c, r2, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@IOAM6_ATTR_NS_ID={0x6, 0x1, 0x5}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x7}, @IOAM6_ATTR_SC_ID={0x8, 0x4, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x14) (async) setitimer$auto(0x2, &(0x7f0000000040)={{0x0, 0x5}, {0x0, 0x8}}, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) (async) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, 0x0) (async) getitimer$auto_ITIMER_PROF(0x2, 0x0) 3.714631579s ago: executing program 0 (id=822): syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/block/nbd3/queue/iosched/front_merges\x00', 0x2041, 0x0) r0 = socket(0x3c, 0x6, 0x405) getsockopt$auto(r0, 0x114, 0x2718, 0xfffffffffffffffc, 0x0) (async) socket(0x2, 0x1, 0x0) (async) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d00", 0x3ff, 0x408, 0x40, 0x400004, 0x200000000040000d}) (async) ioctl$auto_BLKTRACETEARDOWN(r2, 0x1276, 0x0) (async) madvise$auto(0x0, 0x5, 0x15) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) r3 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci1/rfkill6/power\x00', 0x307082, 0x0) recvmmsg$auto(r3, 0x0, 0xd, 0xc, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, 0x0, 0x40800) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) madvise$auto(0x0, 0x7bdb, 0x19) (async) madvise$auto(0x700000000000000, 0x200007, 0x19) prctl$auto(0x43, 0x0, 0x0, 0xfffffffffffffffe, 0x5) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) (async) unshare$auto(0x40000080) (async) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x49402, 0x0) read$auto(r4, 0x0, 0x9a28) (async) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) 3.502747819s ago: executing program 0 (id=823): unshare$auto(0x40000080) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/oom_adj\x00', 0x4dac02, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8802, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x1d, 0x2, 0x6) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC2\x00', 0x100, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000040), 0x123240, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x7, 0x3, 0x10001, 0x3, 0x5e, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948e, 0xffffffffffffffff, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x6, 0x2, 0x6]}, 0x0) socketpair$auto(0x1, 0x1, 0x0, 0x0) r1 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r1, r1, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x12, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x40440c0}, 0x80) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x7ff}, 0x7, 0x4008) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video57\x00', 0xa240, 0x0) ioctl$auto(r2, 0xc0585611, r2) close_range$auto(0x2, 0x8, 0x0) 2.849434427s ago: executing program 3 (id=825): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) r0 = socket(0xa, 0x2, 0x88) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'sit0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x401, r0, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x4, 0x0, 0x9) 2.573404809s ago: executing program 2 (id=826): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) r0 = open(&(0x7f0000000140)='./file0\x00', 0x10677d, 0x0) sendmsg$auto_NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, 0x0, 0x0, 0x70bd26, 0x25dfdbff, {}, [@NL80211_ATTR_DISABLE_VHT={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4040044}, 0x54) (async, rerun: 64) pwrite64$auto(r0, &(0x7f0000000040)='-{@:\x00', 0x7, 0x8) (rerun: 64) 2.462772127s ago: executing program 0 (id=827): close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000200)={0x0, 0x1d, 0x3800, 0x2, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6, 0xfffffffffffffffd}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c2, 0x9, 0x100000000}}) clone$auto(0x1, 0x9, &(0x7f0000000280)=0x5, 0x0, 0x8) io_uring_register$auto(0x2, 0x20, &(0x7f0000000240), 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.pressure\x00', 0x42802, 0x0) write$auto(r0, &(0x7f00000003c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r1 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000100), 0x171b00, 0x0) read$auto_rng_chrdev_ops_core(r1, &(0x7f0000000140)=""/90, 0x5a) r2 = socket(0xa, 0x1, 0x84) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video43\x00', 0x129900, 0x0) ppoll$auto(&(0x7f0000000200)={0xffffffffffffffff, 0x6, 0x6}, 0x8, 0x0, 0x0, 0x8) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video43\x00', 0x129900, 0x0) select$auto(0x5, &(0x7f0000000080)={[0x400020000008, 0xfffffffffffffffc, 0x7, 0x6, 0xc, 0x3, 0x3, 0x1ffe000, 0x7, 0x2, 0x9, 0xf, 0xa657, 0x203, 0xd3, 0x1]}, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0x3, 0x80108907, r2) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)) connect$auto(r2, &(0x7f0000000000)=@l2={0x1f, 0x8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1}, 0x54) 2.35596469s ago: executing program 2 (id=828): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) lseek$auto(r0, 0x0, 0x2) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x900, 0x0) ioctl$auto_UI_SET_PROPBIT(r1, 0x4004556e, &(0x7f0000000100)=0x2) 2.298829034s ago: executing program 3 (id=829): r0 = socket(0xa, 0x3, 0xff) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/dri/vkms/state\x00', 0x200, 0x0) r1 = socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xc048aec8, r1) shutdown$auto(0x200000003, 0x2) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r4 = openat$auto_fuse_dir_operations_dir(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci1/power\x00', 0xb0400, 0x0) read$auto_fuse_dir_operations_dir(r4, &(0x7f00000000c0)=""/182, 0xb6) r5 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/uptime\x00', 0x20500, 0x0) readv$auto(r2, &(0x7f0000000240)={&(0x7f00000001c0)="245fec37ec1177a26dd156132f4c1200fa6f13d47da99178d623b35bc8c42be9de0e6ac2913e04b7e75d918343a9255b2d4f6f5e93bedeced9f9428d3881c24d4c97ec", 0x36f}, 0x2) fadvise64$auto_POSIX_FADV_DONTNEED(r0, 0x8000, 0x101, 0x4) setsockopt$auto_SO_SNDTIMEO_OLD(r5, 0x5, 0x15, &(0x7f0000000180)='-\x00', 0x3) 2.20065728s ago: executing program 2 (id=830): unshare$auto(0x40000080) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) (async) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/amidi2\x00', 0x40901, 0x0) (async) openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000001480)='/proc/thread-self/gid_map\x00', 0x0, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) setfsuid$auto(0xee01) (async) r2 = pidfd_open$auto(0x1, 0x0) setns(r2, 0x60020000) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e21, @local}, 0x9) (async) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) (async) mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x8000) (async) r3 = epoll_create$auto(0x20009) r4 = epoll_create$auto(0x3e) epoll_ctl$auto(r4, 0x1, r3, 0x0) (async) r5 = socket(0x2b, 0x1, 0x1) ioctl$auto(r5, 0x89a0, 0x4) (async) r6 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) ioctl$auto_TUNSETVNETBE2(r6, 0x400454de, &(0x7f0000000040)=0xffffa0bd) (async) mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28004) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) r7 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/034/001\x00', 0x802, 0x0) ioctl$auto_USBDEVFS_CONTROL(r7, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x18, 0x2, 0x808, 0x7fb, &(0x7f00000000c0)="5e3468736e954cff7b32b1a811291600"/31}) (async) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(r0, 0x0, 0x8) (async) unshare$auto(0x40000080) (async) sendto$auto(0x3, 0x0, 0x100000000, 0x40000008, 0x0, 0x19) 2.192373122s ago: executing program 4 (id=831): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NFSD_CMD_VERSION_SET(r1, &(0x7f0000004580)={0x0, 0x0, &(0x7f0000004540)={0x0, 0xa4}, 0x1, 0x0, 0x0, 0x8850}, 0x0) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) semctl$auto_SETALL(0x1, 0x803, 0x11, 0x81) unshare$auto(0x40000080) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x4, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x9) getsockopt$auto_SO_BINDTODEVICE(0xffffffffffffffff, 0x1ff, 0x19, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', &(0x7f0000000040)=0x1b36) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/devices/platform/vivid.0/cec28/power/runtime_suspended_time\x00', 0x22040, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b73, r1, 0x8000) ioctl$auto_PPPIOCSCOMPRESS(0xffffffffffffffff, 0x4010744d, 0x0) read$auto(r3, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/merge_across_nodes\x00', 0x80202, 0x0) write$auto(0x3, 0x0, 0x100082) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x40400, 0x0) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) unshare$auto(0x40000080) epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, 0x0, 0x401, 0x0) write$auto(0x3, 0x0, 0x5c8) statmount$auto(0x0, &(0x7f0000000180)={0x770, 0xfffffffe, 0x8, 0x4, 0x4005, 0x0, 0x5, 0x400, 0x3, 0x9, 0x6, 0x6, 0x4, 0x11ffffffffffb, 0xb2, 0x2, 0x6, 0x10, 0x80, 0x7ff, 0x8000, 0x1, 0x1, 0x202, 0x9, 0xbca7, 0x4, 0x0, 0x0, 0x0, 0x694, [0x2, 0x6, 0x0, 0x5, 0x0, 0x0, 0x20000000000, 0x0, 0x4, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffc01, 0x7fffffff, 0xfffffffffffffffb, 0x0, 0x9, 0x2000000, 0xfffffffffffffffe, 0x0, 0x8, 0x0, 0x0, 0x3, 0x8000000000000000, 0x0, 0x1, 0x0, 0x7fffffff, 0x0, 0x0, 0x20000000000000, 0x0, 0x1000000000000200, 0x0, 0x400, 0x96, 0x4000000000009, 0x4, 0xe17, 0x0, 0x6]}, 0x1fe, 0x1) 1.943105789s ago: executing program 3 (id=832): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x123002, 0x0) write$auto(r0, &(0x7f0000000080)='/dev/audio\x00', 0x7ff) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_START_SCHED_SCAN(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="04002dbd7000fddbdf254b2000000400ff00a29b"], 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) select$auto(0x7, 0x0, &(0x7f0000000100)={[0x8, 0x6, 0x7, 0x8000, 0x5, 0x4000000, 0x5, 0x25991f93, 0xd, 0x1000, 0xfb, 0x1, 0x8, 0x4f, 0x96, 0x100]}, 0x0, 0x0) 1.910606615s ago: executing program 0 (id=833): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 64) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (rerun: 64) madvise$auto(0x40, 0x1, 0x5c8) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sigaltstack$auto(0x0, 0x0) (async) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x34d802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) (async) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) (async) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async) write$auto(0x3, 0x0, 0x3) (async) sendfile$auto(r2, r2, 0x0, 0x2) (async, rerun: 64) ioctl$auto_SNAPSHOT_FREE(r1, 0x3314, 0x0) (rerun: 64) read$auto_evdev_fops_evdev(r0, 0x0, 0x0) (async) gettid() (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) iopl$auto(0x362) 1.091104661s ago: executing program 3 (id=834): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) r1 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) statx$auto(r1, 0x0, 0x401006, 0x4015, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) sendto$auto(0x3, 0x0, 0x3, 0x101, 0x0, 0x1c) write$auto(0x3, 0x0, 0xfdf3) syz_genetlink_get_family_id$auto_nl802154(0x0, r0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) sendmsg$auto_NL80211_CMD_TDLS_OPER(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x14, 0x0, 0x10, 0x70bd25}, 0x14}, 0x1, 0x0, 0x0, 0xf5f85d42cd558c11}, 0x40005) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.0/usb1/bDeviceProtocol\x00', 0x12bc00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/203, 0xcb) r3 = bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0x10001, 0x10, 0x2, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x955b, 0x8, 0x7, 0x5}, 0x10) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_fd=r4, 0x3, 0x7f, @uprobe_multi={0x81, 0x1ff, 0x8, 0x0, 0x1f, 0x4}}, 0x81) getsockopt$auto(r3, 0x7, 0x1, &(0x7f0000000000)='\xc4*q}%^)\\*]-\x00', &(0x7f0000000040)=0x9) 679.578608ms ago: executing program 2 (id=835): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0xc0842, 0x95) r2 = wait4$auto(0xffffffffffffffff, &(0x7f0000000240)=0x9, 0x401, &(0x7f0000000300)={{0xe, 0x7}, {0x4, 0x9600}, 0x0, 0x240000000000, 0xc0a, 0x6, 0x5, 0xa6be, 0x7, 0x9, 0x9, 0xc2, 0x36f2, 0x7, 0x81, 0x3}) msgctl$auto_MSG_STAT_ANY(0x4, 0xd, &(0x7f00000000c0)={{0x8, 0xee00, 0x0, 0x7fff, 0xc0, 0xef, 0x8}, &(0x7f0000000040)=0x2, &(0x7f0000000080), 0x6, 0x63b, 0xad09, 0x1ff, 0xa, 0xb, 0x1, 0x97f, @raw=0x50, @inferred=r2}) r4 = setfsgid$auto(0x0) setresgid$auto(r4, 0x0, r4) r5 = socketpair$auto(0x67, 0x9, 0x75a8, &(0x7f0000000200)=0xa) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f00000001c0), r5) keyctl$auto(0x7, 0xffffffffffffffff, r3, r4, 0x1) sendfile$auto(r1, r1, 0x0, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video6\x00', 0x0, 0x0) ioctl$auto(r6, 0x80685600, r6) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r9 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_KVM_GET_MSRS(r9, 0xc008ae88, &(0x7f0000000040)={0x10, 0x0, [{0x484, 0x400, 0x9}]}) r10 = socket(0x15, 0x5, 0x0) setsockopt$auto(r10, 0x1, 0x21, 0x0, 0x9) sendmsg$auto(r10, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) sendmsg$auto_NL80211_CMD_SET_CQM(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="60120000", @ANYRES32=r10, @ANYBLOB="01002bbd7000fddbdf253f00000042125e80120157803b38694e6b0fca720453224d88a2393983143415c642e3c360ab48d694e21204e89b448ab7d4be6f1bd65055c54d3fedb9b4591e6ee6576b1f011e23c80c6ea478e8f3da21f26ade35148398f2ef3e09640a60c3c91182270b133cd2c31dc32b05b5ee01b088c4974eef13d2e4f95cb2ac0310e4be67d9c413ba544ba9032697b700fabb60ec805caa7199540300000028bdec1e0b739a64b91ce719be7daf4bef038618c8fccd44385a98747f2a7268f08864bda87a2213c48acc5e6c42979968e0f3768eb883808e04e10e569b844eaaeaa3189ba059a1cceea2c7c6428ae929a436757dd6815ec3f1582f74e9dee4e0f7e472575ed6621d42aeaa18af25da7d3268e408", @ANYRES32=0x0, @ANYBLOB="080081000700000000112a00058008002600", @ANYRES8, @ANYBLOB="67a34f3643a24c499e4c63b8933bc03715b91d650cbaa8940368ce12126cb0aac0004ecf7aa17f73a3580b834e2e6b914d225f52f74ac0fea28df7265abd3ee736be519502d1717de6cd8673330df94952258d016e7ea44db5c61bf50173c5f714008eb6ba9a3ec87482ad4433f20ae1aeaef535a29b40dc43a545955f7c53b5bc1c64e04a1f25edacecc1e88d36cbcfde4c02e45b5a5d96c28b396e509d080083007f000001140083000000000000000000000000000000000164100080081001800400e6804f9d3286f5dc37e371f2459a3d66ebdfbc0ffda4cd833e918c26af5fd11a1099cf1bafb1021a26bac24ecbd707760cd870c1561769fa8c7e9a939af2db3a623ac30c74e2d416fb9af4b9f936e69756ea46e2ca2b5fd29901458eba4ec4f39bec5c9948a29368c214eec7410d0117d0eeb576c3a522600b452fb976eb7e0fa7d306778d000bc42187176a9921361dd2a35d73b58cfc18c6692d74059fda389d16c17708dda577c841913e44028f9421866c3b5f2fdfe6cec6dca9949c9565b7819064e6d58eb88c6f3206013985acbc070726d3a18ede631b42b63e48e22bb3eb3310ce27ed3d87788dadd5b689768f5d9a1851f571a532595e242e8193fb161d541cf6cf8b33d1ac2f50cb54486d88af170aaad39514a106b69034e566a8683dee50b27ad1197cd43d4e1f86a11056f50af8a2a22712534dddb5038f30e7f9ed9931d73f18a01c2ae5be38a9d7997e9ce58d870cb1053a892e1b121f1a3ddc5f77d0e8732f2831d4cdc963f0914b6571a42c8f84b3f5f56b00903a820a383aae4d18152b4971974fe87c021438e2c83a0fc7aea2b928292d41bffe9c8a0530e5100e1d758d4ae7400bade7a8f8e5bcec452c0956ff05cac08c513de68f87ba7c43ab2296ee307bd1974d277b6a1bd9ea8e8aae39fa1cbafaedd754b6ffa0a1be7bcd1ee8a21d951eb5817fb3cb8f6fe6de3ef17cd5e2732914ce89185bce0cefdaeecd0d11d6857d798411db6e54e4a4541fecd51b8e182d068ce78ee082dcd94c0d82533dfde08ec897128faad32bb46685ddc3ec95472aba2dfb8a9b74352bd81faeb23cdc62115b88c4d48f65c5039e333c02dfbfcd742852cc9ad54274cd3917137de8e8e9ab7b73b64f86051d996f7574b5f66eb9bdfa7c28350aa1e5358c54de919fd9b0b8b9cb6742f91611ab6fa32f7e26d5f031e3826edd4e9a1d8b4683a983b9b5c31ee73bf5e534e0f076c7da397d47274c2ccfc5fbac9c94d219858ecf9cbec11ab987cd5e3efe607670f2075045f7fa76aa8b0e39a58b11efdf611c8ab9fe1ca4d16487f88bd4d144fe32315a1b006986c392bb2159ec69a6315ee61b97f49e24046859d019ac7d55782a3a1eacf3e09c61270e20a74125d574083bf57a8ea7fd4b3408c66d3a9d8ae40020ae1032a119234507dff4bb5dbf5fc434adcb01730ed5d88fe385012bd2d043291420576e36c0368a0a57cfa58319209402c836b06bfcc5f3a715075df18cd8e4eba8918aefa03bb0581df7ef430ce922f046cf7342f70b1902c9456196ef2e2ef606a4f2278d6ebc5b982af304aadc47e3481e4300d5ef1c2c4677cd370219ce8f5b88f33ff139fa5a102311406746af4d69a579fb19f633b58cf80205774514138392b42d1a49c24f6976380fc388073299b78e495e278d227288534bfea710bf44e2284ae5906324839004b6540d4fa7e866e8aa91707a63193fa955ec5d673c1a9cbe5eb056a53f60a067f998234dd10cdd6eb234af4e898bc31a0f64ffb774f09748a2eb2289bec50ddb5b06b11e08512dc7bfcfa4c4bbaa842a439d9db5b182ad749d23a461a83f530d1aadbe103726f6dcebb044486578acb34ad7390c691e564fde7289ad818797e4363d995a3828a67218b7374e3f02f023a3aa92c7e5dcdc179efc2407a49d3e7a8c6e0edde033e3060482163291eafdeff6a2dd194ac208ebb82827bcb60188ec9b71192c4b7843729fbb65f049e11640aab0ddbb6544d75f36f5961e68c02edd3892cb24a6b25c426ce7e6b104498087e47f67b786596fa7c02ce1956b710ca5df9282509378faa646312186495863807b7e2f47cdef0fb21579576b2700ae11c2db7b2d04fbdcb677e67db4e33dc017d7eba07392c80653193d42e9f4159db3fa71808971730c3b1906721b14939751da8d370c3909bab48a518ac61da7132b5ba284b94ca521d178057c747b55bca88545e7dcbc2a06933e12be65efa79d822853132e87f7c6539a127a501abb2421c8365e486b6ac9bf955dbe1643fa5faf8267de3f92e64feaed768b088ca5c8104bd09823fd38a119c73b0d208a608f80091736e0e1817373e87d1bcfd1be5e7a78735505d5dc023312da6cbd0d41d0594c94d2cd0235b81a56420f98e8ae22c4cd66c0c22a4aa584cfdaa441492e3c8432c0c64b00a59c6f7daf490ddce33e44a7f86012ab1c6c3a97802c7b966c6aa4e8c22d7db072680bcb0bad0cf81f03b48908ef8eb096af0ad1c1a8cd1e5a76cfda5ff3d30c4a5750b241ca655b7c68e9b1a1813fce539b5621aa6a969ea4984ea6e8dddff49ff16446fbcceee05d516917b90ac1d4e9638081ceaabbd41cbcb541a993b8e89999b9c8ee6148f1b2c1ade6270a871f1f3f683ebd9b391628977f27795566999932898f3a227ac1c725a34c201d8fc1405bed0d91d83348e0b3e3be09e0cf49f4148dca0c8373983714da584224a0ff37d051e6722b9c5669a295b812ce8d2e7b4f1bea4a28acc0fd647304de5bb8a9de4d56167b4ab4362729ae33dc43a1f50d51aa07e60d352b471d332610d9110d08905497a56cff0e65cfdab5c125ab8bef8e0bf6fc70755dacac1454c57e93c188d29f00612a15cd26fc3b46552c95410dd81bf1b772ac179ee25a4f4117792c7bf2177d93d636d66822487b34f215b8c9fae1884230b3ee022414ccd52faace045206de9d67f3ef8e6e134492e70ebcb0a0db67ff838ef9943393a1e21c2681efedb3f60ad7555d8e65bb1e67b17bfb2b5a596fb0d9afccad7a720d5f868e6f534dbddb19004021d5f28146d1d96a35e311d3f28a05538904893929a5e69dfa508753a08871721a35b93c2d6b71ab97c58b6a6460c246587a8a6acc165a39f8f83be478a9616ba720ade7dbe21eee9ff9c83acca284d75aff38747ecbff40d9972718e514069895bbc8264a5df1ba92817c79d2b2743dbe6ddf484d0bc6fa888d22a1e562ba7eb72d06f9a8269280c87aa228e110fa12c3efebcaa2061857e0e791a8f696f8bcdb5322151a158c181ec9eb6fc6c6a1b21915acc940dc479d3124039162b4bec71f59a60dd6fa52e01d370f1d128baa6013f242f81b342097a46bbb719c0fcda1e96f640df394b52970d83f9ff4c17032d2c678175ca0a67fcf96827c03d947775465fb215aeb3e7a2e61b894b8a708e19d723e0a3b5092ad53996493a19d45da7045bacae2bc5ece379309504101d06225dbe2a06338f390cad72dca28ff9ad86eeffab2e4217df4d22a81cb1f9a232233ccc4fa07f972e02efae6d6cca4d6ccb70de3f67d5f9a4935ee24f12468879fcfaa9521696efdf0f262d362ecfd4fcaa66102985b1b99f576d7a80deb0e0e7a7b1ca10ad804df3c5e15d0b9a42cc5313aec9e1fa6e5a80d653291988f03cb2404f8874925f4279a20af1d821533c6af18e9ef618b6588d28dc030f98ed32a1b74cc6dfad2548d1469efd6107f3ca178870f2e894d48c962a57d87ad290fbce440ccc9b34f0b0ee2a562efbc33cbf7469af40ef44c4eb55f48c9780bbf338d367a7979c8f689960d7f80689631209bf7700c86839c225e4e5ef374cb92252c3e6ea3d95badfee2e0bd2546005a19572ef18b97010714b3eebc25309d7b01af6786e96208126ab0ec4820e75ce420db45f8264e0acbe063a7c340ced860d2f85fd140460c9b64fd949abd41c47a96dba2d589e6c38dda1a94b67dcd37c3af44a84531cbceafb65591edb2bc21b74d79b59a29037dedf6f37e3527509d5b28031f3072611deaa62682a58c4a77ad959b61dfcd1fd2a617afb91c9d29ef358a70841df7313c6d52601160b061165c4851e1497ac6162165d4558e0c18b8217a4f656873dad090659faa4936267d4322cc973762e1e4c9dc232dab90d2b682d57d115b47be4fd093ece7844b5bdac07efbad8f21864fc2496ab3448e9e7a22dc80aeeab304a1b7bdba03ba196511da60c615aed3b1ccf0622852b8fdc53ac1ca4b29f469a2f4a2ae9482853fa23377c27903cc820abcf350e5df4e00b4a004ed0178b837308a5a5d8eb74027d37076a6ac68a48b0b28c8fa333528a40d83c64bf9017db8294afb806be56be448f5375d88b3983fe4b0f02caa27bb6e7ddbbcdb70ad825e230b765fd621791cfe1c4231f5ba2c1368df7d85f05b71ca7e6fe034356a0b75ee8841a308a11cefff15ed855417e51f908c580647d7e808be4d246ac3cdfeeb859e1a01a1336b5ec5bce4e6ab8952069280b6387304dcdbcfb5810e46d090bfab07d9f07744ddc913e7e9488496fa4ba849b458667aa7b445e9aeea9a6f79fc1c58a44f5dd3a21b9e1eb7c35407be193c51e98120608142c68e21974406e1778701d7ff45ceb5a8b9f905b811e61e035def42570ddc4cfd4a616704f8f37d454a0146895e6460b696e5c0a0e471843ebacdadb9acecaab4f26695a2e51b0c7de7b827aadaf15b6fa4689c1d79eb8c15b9305fae6f280a9c81c3f6e6c40e9cfa48f61ba119f247a3cb62fb972168d3d169efecda069a6247f55fee3a91c6fb732004437b1a8a19b38ef806bbd70af4f2387b635b37be1fe926c3c5312d9a48b1ee3f43ae973489a52a759a9e205ef6016973950e80d75bbbfc21e5e705dcfbb3247d26dcbb189127527c4b1c70259eb091511e88aa93e106b948715acca28d2b88169c156ac62a09caa132ffcce3ea40123dbe79a5ecdfbbd3bf980728bc7b98e9ccb7892b6996a8c009b0ed2f7c69c35c50ddfb2df05e875e3bce83c96d2ddd522e822f3f9128a7d80adf62b1871403950c4ab03da3f2fe31b8c1414ecf2489e0718b68bd660510c6cdc65bb893eebd4ad81b4ffd93ee20aa6533e8476e542f095bdff331f467accff8866fea9191a7b73b47008067f2fc43cf4ffc0fdaa0035bc44c7a9147c136b76b059ba33551069be8fe76b0422e26365443ffbd54c21d3c33fccf41a3a267de5d204de4c5da2c62df6bedd553a20780e6510a4ba3bc1a0cdfd26b2ff9f359d83e53daa232f06392a10217382ce20f9732b181877b9a8c39d2f52629c682e11ca6cec671b2c11eb8e11ce3ec52cfe857ee0cf6cccacf70de2d3f5fad104ba578b7a543907ac30d19a0042a8d0844665e4118f6bec03b15cb3541553f0aba726f4884521ac4b8d6270787e9a9e6466e9186f579d22b84305c3a5ba884e0be911ce87c16490de860dbcaf3abc83ea9cc9ee7650b629a0a75bf21d7601eb23ba719b01e44cf6571b21e4cb3ecd07ef2b20e37fd7f6367d6dba9fec5a565e01d89e1046f346e94185ad1097df8663cfbb49c4c0deab6afb339bfc393d9670bb2d38ed372bdea496a7c4e9be26bf74b3f242bd544e55c81c022237d8084df1df66e697c7e72731e752609f8bad9059241e8b8c778e4a19da51067d61c1da151df71089dee888b7b6dd2079c2e2de548b0a9a4e1d8fb61ba64b05dfb8fb31875f8f95df18c2c54c3cc38e3733bbf3608cc47c65d9fab1f8c2ee78a407dc0431e3097e2a95e881c5c70cd66e9bdece8201173bbe1a251f5a7ef40ecc31cf1b0d3f0100fc486c25dbc6b976e1ab30194639b9250b5efa4d2c4a6d22d92541e155ee669d54fd59487cc5d67c69c1c05517c399ae3e734e8b1fd43c4e1a17bf27ef926cabdee9aaf06776b6ce7f3ae034958df4e41a346be04931df9cc5c713a5f6c4cc28263a8c57da46dfd11da13906d562c5c38c1bcb92b3f7873d72d8f14605ff80f1db1452f76ed29775e6a7e01ecd21a3a3db9798d4c1322d1ea55724b20c7c8f853be621c1af3a440f8664ccd9dabdd4d99aa06046c70d088b08f07c52fbdc13be7c68fc9e96507ba7d78e0affcd8d011ddd818b6df6bb92a62a485193841dd0ff0c0888d57b6ec262ec7ca942ae603b7e9a9a05c10e7b36b0c00548008007900e0000002000008000300", @ANYRES32=r8], 0x1260}, 0x1, 0x0, 0x0, 0x1}, 0x0) 285.274856ms ago: executing program 0 (id=836): pwrite64$auto(0xffffffffffffffff, &(0x7f0000000100)='B\x00\x00\x00\x00\x00\x00\x001\x00', 0xe, 0x7) r0 = semctl$auto(0x1, 0x7, 0x2, 0xffffffffffffff7e) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="10002bbd7000fc5bdf250200000008000900", @ANYRES32=0x0, @ANYBLOB="08000200", @ANYRES32=r0, @ANYBLOB='\b\x00\t\x00', @ANYRES32=0x0, @ANYBLOB="080005000000000008000500010000000800090077d0f6e67e19ae87795867df66794a1f28edcef22c2c8d40d49613cfe184fc10e752a6cce39194f73b341f44e201887df6ffc0bd240446807c58b3a0e784e975f7648f71607a297ae9b0636fd02a40e56cb12c1f8e1ee006a55987e7afa4e9ce10ab7270235c0056c7076f5fe2393eb36924", @ANYRES32=r2, @ANYBLOB="0d0001002f6465762f73646100000000060001003a00000008000900", @ANYRES32=r2, @ANYBLOB='\b\x00\t\x00', @ANYRES32=r2, @ANYBLOB], 0x6c}, 0x1, 0x0, 0x0, 0x24008840}, 0x4000) r3 = socket$nl_generic(0x10, 0x3, 0x10) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000340), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f000001f300), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=r5], 0x1ac}}, 0x40000) ioctl$auto_PPPIOCSPASS(r4, 0x40107447, &(0x7f00000000c0)={0x3, &(0x7f0000000080)={0x31, 0xff, 0x0, @raw}}) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000500)=ANY=[@ANYBLOB="0000e200d9930a16cf96d95ac776857d54ccd689a90a328191406f53e3430a897f4e8c31f3098fe6e035fa9a23ab619f39e63c8e6c561749109bc7f6a8a1eca473473766197d6863e23edf0b138078188a3d2c696644cb7de42db09e04dadd78fa107f836361dbcfbe9ba01a3e39b4ce087e60ae4f86c3da45cda1bec166307ec86f73f43c145f71d02c190acfd872576962adbad117398c0de87a77e4419bdfc29e0bfa8a4f63d4b38e85b399ca9a70714e9f1a2558dd2b5853eb4b427216d75470aa47cde082c183473852754c8f260528d7f70e759e5e47c451b8cce772a8961dbced4f8722858833866ae373db6ce5dddee35881a53330e1d1350abf8dbda517bd65e4cf8c2e3c", @ANYRES16=0x0, @ANYBLOB="01002abd7000fbdbdf25040000002d0011002f50136a450cf972f5a3d28479f92a9b221ca46c2d19fda4f47902c296fa844c12cd83f712d3c41e5d00000018001a801400048010000180050007000900000004000200"], 0x5c}, 0x1, 0x0, 0x0, 0x4008040}, 0x40800) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x84) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sysfs$auto(0x2, 0x44, 0x0) setsockopt$auto(0x3, 0x1, 0x24, 0x0, 0x9) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x400053, 0x9) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r6, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) 227.774376ms ago: executing program 2 (id=837): r0 = socket(0x1e, 0x80805, 0x0) listen$auto(r0, 0x9) select$auto(0x5, 0x0, &(0x7f0000000100)={[0x9, 0x200, 0x0, 0x8000000000000201, 0x9, 0x3, 0x6, 0x7, 0xd886, 0x5e58296b, 0x341, 0x41, 0x7, 0x200, 0x8, 0xc]}, 0x0, 0x0) rseq$auto(&(0x7f0000000000)={0x6, 0x100, 0x5, 0x7fff, 0x25b42502, 0x7, "989ce36875c858f320bfd0c462eb3fbfafe687fbffb62945d5fb9287857c48929dd3fc348de057472c864c209615afe40efed43a3f6c55561f814464c45a205776d17a09ed24970fb8a3e2aee30e4bf1d9763ad1e3dd421fe2aaec9b177847d7e8bedef5f734a53d0303d7e48df336e89f0d3ea805bbe94930d121bf4a895044273629f17e2962e6af5f4e0ce963094c8f283b10be721db1a9f51ba3c1d2fbf4897ed73d31e14aecc6dda7b5dbc2febd7f3bb989369158d1f5451fd2c93c209e110c"}, 0x4, 0x8, 0xe0000000) socket(0x1e, 0x80805, 0x0) (async) listen$auto(r0, 0x9) (async) select$auto(0x5, 0x0, &(0x7f0000000100)={[0x9, 0x200, 0x0, 0x8000000000000201, 0x9, 0x3, 0x6, 0x7, 0xd886, 0x5e58296b, 0x341, 0x41, 0x7, 0x200, 0x8, 0xc]}, 0x0, 0x0) (async) rseq$auto(&(0x7f0000000000)={0x6, 0x100, 0x5, 0x7fff, 0x25b42502, 0x7, "989ce36875c858f320bfd0c462eb3fbfafe687fbffb62945d5fb9287857c48929dd3fc348de057472c864c209615afe40efed43a3f6c55561f814464c45a205776d17a09ed24970fb8a3e2aee30e4bf1d9763ad1e3dd421fe2aaec9b177847d7e8bedef5f734a53d0303d7e48df336e89f0d3ea805bbe94930d121bf4a895044273629f17e2962e6af5f4e0ce963094c8f283b10be721db1a9f51ba3c1d2fbf4897ed73d31e14aecc6dda7b5dbc2febd7f3bb989369158d1f5451fd2c93c209e110c"}, 0x4, 0x8, 0xe0000000) (async) 120.062759ms ago: executing program 3 (id=838): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x80000004020009, 0xdf, 0xeb1, 0x401, 0x4f35) write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa) socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x3, 0x400008, 0x100000001, 0x9b72, 0x2, 0x8000) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0x1002}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0x401}, 0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) r1 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r1, 0x65, 0x1, 0x0, 0x800) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@phonet={0x23, 0x6, 0x3, 0x6}, 0x1) close_range$auto(0x2, 0xffffffffffffffff, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) splice$auto(0x4, 0x0, r3, 0x0, 0x10000, 0x7) r4 = syz_genetlink_get_family_id$auto_smbd_genl(0x0, r2) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r3, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r4, 0x200, 0x70bd2c, 0x25dfdbff, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x88c1}, 0x20) sendmsg$auto_KSMBD_EVENT_RPC_REQUEST(r1, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f00000002c0)={0x14, r4, 0x300, 0x70bd25, 0x25dfdbfc, {}, ["", "", "", "", "", "", "", ""]}, 0x14}}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000001380), 0x0, 0x0) io_uring_setup$auto(0xdd4, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) 0s ago: executing program 2 (id=839): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) r0 = socket(0xa, 0x2, 0x88) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'sit0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x401, r0, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x4, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x200ffffffff, 0x9, 0x5, 0xf870e9f, 0x3ff, 0x8}, 0x9) (fail_nth: 1) kernel console output (not intermixed with test programs): ] ? clear_bhb_loop+0x40/0x90 [ 224.548894][ T8638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.548919][ T8638] RIP: 0033:0x7fe07759c629 [ 224.548942][ T8638] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 224.548971][ T8638] RSP: 002b:00007fe0784f7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 224.548998][ T8638] RAX: ffffffffffffffda RBX: 00007fe077815fa0 RCX: 00007fe07759c629 [ 224.549018][ T8638] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 224.549035][ T8638] RBP: 00007fe077632b39 R08: 0000000000000002 R09: 0000000000008000 [ 224.549052][ T8638] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 224.549069][ T8638] R13: 00007fe077816038 R14: 00007fe077815fa0 R15: 00007ffd9cd4fa28 [ 224.549107][ T8638] [ 225.789612][ T8647] netlink: 'syz.0.545': attribute type 1 has an invalid length. [ 225.849293][ T8648] FAULT_INJECTION: forcing a failure. [ 225.849293][ T8648] name failslab, interval 1, probability 0, space 0, times 0 [ 225.906851][ T8648] CPU: 1 UID: 0 PID: 8648 Comm: syz.2.544 Tainted: G L syzkaller #0 PREEMPT(full) [ 225.906896][ T8648] Tainted: [L]=SOFTLOCKUP [ 225.906905][ T8648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 225.906919][ T8648] Call Trace: [ 225.906927][ T8648] [ 225.906937][ T8648] dump_stack_lvl+0x100/0x190 [ 225.906979][ T8648] should_fail_ex.cold+0x5/0xa [ 225.907008][ T8648] should_failslab+0xc2/0x120 [ 225.907045][ T8648] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 225.907075][ T8648] ? __pmd_alloc+0xbf/0x9c0 [ 225.907104][ T8648] __pmd_alloc+0xbf/0x9c0 [ 225.907130][ T8648] move_page_tables+0x3224/0x4500 [ 225.907163][ T8648] ? __pfx_copy_vma+0x10/0x10 [ 225.907206][ T8648] ? __pfx_move_page_tables+0x10/0x10 [ 225.907270][ T8648] copy_vma_and_data+0x25c/0x7c0 [ 225.907304][ T8648] ? __pfx_copy_vma_and_data+0x10/0x10 [ 225.907349][ T8648] ? __vma_start_write+0x17f/0x280 [ 225.907376][ T8648] ? __pfx___vma_start_write+0x10/0x10 [ 225.907413][ T8648] move_vma+0x51b/0x1890 [ 225.907448][ T8648] ? __pfx_move_vma+0x10/0x10 [ 225.907482][ T8648] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 225.907521][ T8648] ? cap_mmap_addr+0x4b/0x120 [ 225.907547][ T8648] ? bpf_lsm_mmap_addr+0x9/0x30 [ 225.907579][ T8648] ? security_mmap_addr+0x71/0x1e0 [ 225.907615][ T8648] ? __get_unmapped_area+0x255/0x3e0 [ 225.907655][ T8648] ? vrm_set_new_addr+0x204/0x290 [ 225.907687][ T8648] mremap_to+0x1b7/0x450 [ 225.907718][ T8648] do_mremap+0xb76/0x2130 [ 225.907761][ T8648] ? __pfx_do_mremap+0x10/0x10 [ 225.907798][ T8648] ? ksys_write+0x190/0x250 [ 225.907838][ T8648] __do_sys_mremap+0x126/0x170 [ 225.907872][ T8648] ? __pfx___do_sys_mremap+0x10/0x10 [ 225.907911][ T8648] ? __x64_sys_futex+0x34f/0x4d0 [ 225.907959][ T8648] do_syscall_64+0x106/0xf80 [ 225.907984][ T8648] ? clear_bhb_loop+0x40/0x90 [ 225.908014][ T8648] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.908039][ T8648] RIP: 0033:0x7efddbf9c629 [ 225.908061][ T8648] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 225.908085][ T8648] RSP: 002b:00007efddcf37028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 225.908110][ T8648] RAX: ffffffffffffffda RBX: 00007efddc215fa0 RCX: 00007efddbf9c629 [ 225.908126][ T8648] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 225.908142][ T8648] RBP: 00007efddc032b39 R08: 0000000101000000 R09: 0000000000000000 [ 225.908158][ T8648] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 225.908173][ T8648] R13: 00007efddc216038 R14: 00007efddc215fa0 R15: 00007ffe14b87bb8 [ 225.908208][ T8648] [ 226.408412][ T8654] FAULT_INJECTION: forcing a failure. [ 226.408412][ T8654] name failslab, interval 1, probability 0, space 0, times 0 [ 226.479280][ T8657] netlink: 4394 bytes leftover after parsing attributes in process `syz.4.548'. [ 226.502346][ T8654] CPU: 0 UID: 0 PID: 8654 Comm: syz.0.547 Tainted: G L syzkaller #0 PREEMPT(full) [ 226.502408][ T8654] Tainted: [L]=SOFTLOCKUP [ 226.502417][ T8654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 226.502430][ T8654] Call Trace: [ 226.502438][ T8654] [ 226.502448][ T8654] dump_stack_lvl+0x100/0x190 [ 226.502491][ T8654] should_fail_ex.cold+0x5/0xa [ 226.502520][ T8654] should_failslab+0xc2/0x120 [ 226.502558][ T8654] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 226.502592][ T8654] ? security_file_alloc+0x34/0x2c0 [ 226.502628][ T8654] ? trace_kmem_cache_alloc+0xf3/0x120 [ 226.502672][ T8654] security_file_alloc+0x34/0x2c0 [ 226.502709][ T8654] init_file+0x95/0x480 [ 226.502732][ T8654] alloc_empty_file+0x73/0x1c0 [ 226.502756][ T8654] alloc_file_pseudo+0x13a/0x230 [ 226.502782][ T8654] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 226.502815][ T8654] __shmem_file_setup+0x1a3/0x330 [ 226.502844][ T8654] shmem_zero_setup+0x93/0x1b0 [ 226.502877][ T8654] __mmap_region+0x20b5/0x2760 [ 226.502921][ T8654] ? __pfx___mmap_region+0x10/0x10 [ 226.502972][ T8654] ? finish_task_switch.isra.0+0x205/0xb80 [ 226.502995][ T8654] ? lockdep_hardirqs_on+0x78/0x100 [ 226.503019][ T8654] ? finish_task_switch.isra.0+0x205/0xb80 [ 226.503101][ T8654] ? rcu_is_watching+0x12/0xc0 [ 226.503132][ T8654] ? cap_capable+0x107/0x460 [ 226.503163][ T8654] mmap_region+0x180/0x3e0 [ 226.503202][ T8654] do_mmap+0xc63/0x12f0 [ 226.503242][ T8654] ? __pfx_do_mmap+0x10/0x10 [ 226.503276][ T8654] ? __pfx_down_write_killable+0x10/0x10 [ 226.503311][ T8654] vm_mmap_pgoff+0x29e/0x470 [ 226.503351][ T8654] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 226.503392][ T8654] ? __x64_sys_futex+0x34f/0x4d0 [ 226.503418][ T8654] ? __x64_sys_futex+0x358/0x4d0 [ 226.503448][ T8654] ksys_mmap_pgoff+0x7d/0x5b0 [ 226.503487][ T8654] __x64_sys_mmap+0x125/0x190 [ 226.503522][ T8654] do_syscall_64+0x106/0xf80 [ 226.503545][ T8654] ? clear_bhb_loop+0x40/0x90 [ 226.503574][ T8654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.503598][ T8654] RIP: 0033:0x7f3103d9c629 [ 226.503617][ T8654] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 226.503639][ T8654] RSP: 002b:00007f3104bba028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 226.503662][ T8654] RAX: ffffffffffffffda RBX: 00007f3104015fa0 RCX: 00007f3103d9c629 [ 226.503677][ T8654] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 226.503691][ T8654] RBP: 00007f3103e32b39 R08: fffffffffffffffa R09: 0000000000008000 [ 226.503706][ T8654] R10: 0800000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 226.503720][ T8654] R13: 00007f3104016038 R14: 00007f3104015fa0 R15: 00007ffcd95744c8 [ 226.503752][ T8654] [ 227.313932][ T8674] FAULT_INJECTION: forcing a failure. [ 227.313932][ T8674] name failslab, interval 1, probability 0, space 0, times 0 [ 227.314020][ T8674] CPU: 1 UID: 0 PID: 8674 Comm: syz.4.550 Tainted: G L syzkaller #0 PREEMPT(full) [ 227.314060][ T8674] Tainted: [L]=SOFTLOCKUP [ 227.314069][ T8674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 227.314086][ T8674] Call Trace: [ 227.314094][ T8674] [ 227.314104][ T8674] dump_stack_lvl+0x100/0x190 [ 227.314149][ T8674] should_fail_ex.cold+0x5/0xa [ 227.314193][ T8674] should_failslab+0xc2/0x120 [ 227.314236][ T8674] __kmalloc_cache_noprof+0x7a/0x6f0 [ 227.314268][ T8674] ? pagemap_read+0x225/0x830 [ 227.314295][ T8674] ? bpf_lsm_capable+0x9/0x10 [ 227.314335][ T8674] ? security_capable+0x80/0x260 [ 227.314371][ T8674] pagemap_read+0x225/0x830 [ 227.314402][ T8674] ? common_file_perm+0x1ab/0x4f0 [ 227.314436][ T8674] ? __pfx_pagemap_read+0x10/0x10 [ 227.314470][ T8674] ? rw_verify_area+0xce/0x6d0 [ 227.314502][ T8674] ? __pfx_pagemap_read+0x10/0x10 [ 227.314529][ T8674] vfs_read+0x1e4/0xb30 [ 227.314568][ T8674] ? __pfx_vfs_read+0x10/0x10 [ 227.314599][ T8674] ? __fget_files+0x215/0x3d0 [ 227.314640][ T8674] ? __fget_files+0x21f/0x3d0 [ 227.314680][ T8674] ksys_read+0x12a/0x250 [ 227.314713][ T8674] ? __pfx_ksys_read+0x10/0x10 [ 227.314759][ T8674] do_syscall_64+0x106/0xf80 [ 227.314786][ T8674] ? clear_bhb_loop+0x40/0x90 [ 227.314819][ T8674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.314847][ T8674] RIP: 0033:0x7fe07759c629 [ 227.314871][ T8674] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 227.314898][ T8674] RSP: 002b:00007fe0784d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 227.314925][ T8674] RAX: ffffffffffffffda RBX: 00007fe077816090 RCX: 00007fe07759c629 [ 227.314944][ T8674] RDX: 00000000000039b8 RSI: 0000000000000000 RDI: 0000000000000005 [ 227.314961][ T8674] RBP: 00007fe077632b39 R08: 0000000000000000 R09: 0000000000000000 [ 227.314978][ T8674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 227.314995][ T8674] R13: 00007fe077816128 R14: 00007fe077816090 R15: 00007ffd9cd4fa28 [ 227.315030][ T8674] [ 227.321765][ T8674] vivid-007: ================= START STATUS ================= [ 227.321804][ T8674] vivid-007: Generate PTS: true [ 227.321844][ T8674] vivid-007: Generate SCR: true [ 227.321887][ T8674] tpg source WxH: 320x240 (Y'CbCr) [ 227.321906][ T8674] tpg field: 1 [ 227.321917][ T8674] tpg crop: (0,0)/320x240 [ 227.321936][ T8674] tpg compose: (0,0)/320x240 [ 227.321955][ T8674] tpg colorspace: 8 [ 227.321966][ T8674] tpg transfer function: 0/0 [ 227.321980][ T8674] tpg Y'CbCr encoding: 0/0 [ 227.321994][ T8674] tpg quantization: 0/0 [ 227.322008][ T8674] tpg RGB range: 0/2 [ 227.322021][ T8674] vivid-007: ================== END STATUS ================== [ 229.430267][ T8712] FAULT_INJECTION: forcing a failure. [ 229.430267][ T8712] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 229.464407][ T8712] CPU: 0 UID: 0 PID: 8712 Comm: syz.0.560 Tainted: G L syzkaller #0 PREEMPT(full) [ 229.464453][ T8712] Tainted: [L]=SOFTLOCKUP [ 229.464463][ T8712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 229.464479][ T8712] Call Trace: [ 229.464487][ T8712] [ 229.464498][ T8712] dump_stack_lvl+0x100/0x190 [ 229.464541][ T8712] should_fail_ex.cold+0x5/0xa [ 229.464566][ T8712] ? prepare_alloc_pages+0x16d/0x5f0 [ 229.464614][ T8712] should_fail_alloc_page+0xeb/0x140 [ 229.464658][ T8712] prepare_alloc_pages+0x1f0/0x5f0 [ 229.464706][ T8712] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 229.464744][ T8712] ? mas_next_slot+0x1003/0x18b0 [ 229.464784][ T8712] ? __pfx___up_read+0x10/0x10 [ 229.464819][ T8712] ? validate_mm+0x261/0x4e0 [ 229.464847][ T8712] ? validate_mm+0x261/0x4e0 [ 229.464879][ T8712] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 229.464917][ T8712] ? validate_mm+0x392/0x4e0 [ 229.464953][ T8712] ? __pfx_validate_mm+0x10/0x10 [ 229.465002][ T8712] ? __pfx___vma_start_write+0x10/0x10 [ 229.465035][ T8712] ? vma_iter_store_overwrite+0x392/0x650 [ 229.465065][ T8712] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 229.465109][ T8712] ? policy_nodemask+0xed/0x4f0 [ 229.465153][ T8712] alloc_pages_mpol+0x1fb/0x550 [ 229.465196][ T8712] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 229.465246][ T8712] alloc_pages_noprof+0x131/0x390 [ 229.465290][ T8712] __pmd_alloc+0x3b/0x9c0 [ 229.465319][ T8712] move_page_tables+0x3224/0x4500 [ 229.465353][ T8712] ? __pfx_copy_vma+0x10/0x10 [ 229.465395][ T8712] ? __pfx_move_page_tables+0x10/0x10 [ 229.465448][ T8712] ? finish_task_switch.isra.0+0x200/0xb80 [ 229.465478][ T8712] copy_vma_and_data+0x25c/0x7c0 [ 229.465516][ T8712] ? __pfx_copy_vma_and_data+0x10/0x10 [ 229.465567][ T8712] ? __vma_start_write+0x17f/0x280 [ 229.465597][ T8712] ? __pfx___vma_start_write+0x10/0x10 [ 229.465638][ T8712] move_vma+0x51b/0x1890 [ 229.465680][ T8712] ? __pfx_move_vma+0x10/0x10 [ 229.465720][ T8712] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 229.465768][ T8712] ? cap_mmap_addr+0x4b/0x120 [ 229.465800][ T8712] ? bpf_lsm_mmap_addr+0x9/0x30 [ 229.465838][ T8712] ? security_mmap_addr+0x71/0x1e0 [ 229.465880][ T8712] ? __get_unmapped_area+0x255/0x3e0 [ 229.465928][ T8712] ? vrm_set_new_addr+0x204/0x290 [ 229.465972][ T8712] mremap_to+0x1b7/0x450 [ 229.466008][ T8712] do_mremap+0xb76/0x2130 [ 229.466062][ T8712] ? __pfx_do_mremap+0x10/0x10 [ 229.466106][ T8712] ? ksys_write+0x190/0x250 [ 229.466154][ T8712] __do_sys_mremap+0x126/0x170 [ 229.466190][ T8712] ? __pfx___do_sys_mremap+0x10/0x10 [ 229.466235][ T8712] ? __x64_sys_futex+0x34f/0x4d0 [ 229.466292][ T8712] do_syscall_64+0x106/0xf80 [ 229.466321][ T8712] ? clear_bhb_loop+0x40/0x90 [ 229.466357][ T8712] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.466388][ T8712] RIP: 0033:0x7f3103d9c629 [ 229.466413][ T8712] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 229.466441][ T8712] RSP: 002b:00007f3104bba028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 229.466467][ T8712] RAX: ffffffffffffffda RBX: 00007f3104015fa0 RCX: 00007f3103d9c629 [ 229.466485][ T8712] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 229.466502][ T8712] RBP: 00007f3103e32b39 R08: 0000000102000000 R09: 0000000000000000 [ 229.466519][ T8712] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 229.466536][ T8712] R13: 00007f3104016038 R14: 00007f3104015fa0 R15: 00007ffcd95744c8 [ 229.466577][ T8712] [ 229.468833][ T8714] netlink: 124 bytes leftover after parsing attributes in process `syz.3.561'. [ 230.532730][ T8731] netlink: 342 bytes leftover after parsing attributes in process `syz.3.564'. [ 231.436858][ T8754] FAULT_INJECTION: forcing a failure. [ 231.436858][ T8754] name failslab, interval 1, probability 0, space 0, times 0 [ 231.506732][ T8754] CPU: 0 UID: 0 PID: 8754 Comm: syz.4.570 Tainted: G L syzkaller #0 PREEMPT(full) [ 231.506776][ T8754] Tainted: [L]=SOFTLOCKUP [ 231.506791][ T8754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 231.506817][ T8754] Call Trace: [ 231.506825][ T8754] [ 231.506836][ T8754] dump_stack_lvl+0x100/0x190 [ 231.506888][ T8754] should_fail_ex.cold+0x5/0xa [ 231.506922][ T8754] should_failslab+0xc2/0x120 [ 231.506966][ T8754] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 231.507003][ T8754] ? mas_alloc_nodes+0x280/0x390 [ 231.507051][ T8754] mas_alloc_nodes+0x280/0x390 [ 231.507096][ T8754] mas_preallocate+0x39c/0xf10 [ 231.507134][ T8754] ? __pfx_mas_preallocate+0x10/0x10 [ 231.507162][ T8754] ? find_held_lock+0x2b/0x80 [ 231.507214][ T8754] ? __pfx___might_resched+0x10/0x10 [ 231.507257][ T8754] vma_link+0x12c/0x790 [ 231.507292][ T8754] ? __pfx_vma_link+0x10/0x10 [ 231.507350][ T8754] copy_vma+0x7e6/0xac0 [ 231.507391][ T8754] ? __pfx_copy_vma+0x10/0x10 [ 231.507439][ T8754] ? __lock_acquire+0x4a5/0x2630 [ 231.507493][ T8754] ? finish_task_switch.isra.0+0x200/0xb80 [ 231.507525][ T8754] copy_vma_and_data+0x1cf/0x7c0 [ 231.507564][ T8754] ? __pfx_copy_vma_and_data+0x10/0x10 [ 231.507619][ T8754] ? __vma_start_write+0x17f/0x280 [ 231.507650][ T8754] ? __pfx___vma_start_write+0x10/0x10 [ 231.507696][ T8754] move_vma+0x51b/0x1890 [ 231.507736][ T8754] ? __pfx_move_vma+0x10/0x10 [ 231.507773][ T8754] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 231.507826][ T8754] ? cap_mmap_addr+0x4b/0x120 [ 231.507858][ T8754] ? bpf_lsm_mmap_addr+0x9/0x30 [ 231.507894][ T8754] ? security_mmap_addr+0x71/0x1e0 [ 231.507935][ T8754] ? __get_unmapped_area+0x255/0x3e0 [ 231.507981][ T8754] ? vrm_set_new_addr+0x204/0x290 [ 231.508018][ T8754] mremap_to+0x1b7/0x450 [ 231.508053][ T8754] do_mremap+0xb76/0x2130 [ 231.508103][ T8754] ? __pfx_do_mremap+0x10/0x10 [ 231.508145][ T8754] ? ksys_write+0x190/0x250 [ 231.508191][ T8754] __do_sys_mremap+0x126/0x170 [ 231.508226][ T8754] ? __pfx___do_sys_mremap+0x10/0x10 [ 231.508271][ T8754] ? __x64_sys_futex+0x34f/0x4d0 [ 231.508325][ T8754] do_syscall_64+0x106/0xf80 [ 231.508353][ T8754] ? clear_bhb_loop+0x40/0x90 [ 231.508388][ T8754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.508418][ T8754] RIP: 0033:0x7fe07759c629 [ 231.508447][ T8754] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 231.508476][ T8754] RSP: 002b:00007fe0784f7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 231.508503][ T8754] RAX: ffffffffffffffda RBX: 00007fe077815fa0 RCX: 00007fe07759c629 [ 231.508522][ T8754] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 231.508543][ T8754] RBP: 00007fe077632b39 R08: 0000000103000000 R09: 0000000000000000 [ 231.508561][ T8754] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 231.508577][ T8754] R13: 00007fe077816038 R14: 00007fe077815fa0 R15: 00007ffd9cd4fa28 [ 231.508615][ T8754] [ 232.153356][ T30] audit: type=1804 audit(1771412255.327:9): pid=8756 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.567" name=2F6E6577726F6F742F3134372F22050820 dev="tmpfs" ino=778 res=1 errno=0 [ 232.338737][ T30] audit: type=1800 audit(1771412255.327:10): pid=8756 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.567" name=22050820 dev="tmpfs" ino=778 res=0 errno=0 [ 232.631567][ T8610] mkiss: ax0: crc mode is auto. [ 233.235187][ T5824] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 233.287431][ T5824] CPU: 0 UID: 0 PID: 5824 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 233.287468][ T5824] Tainted: [L]=SOFTLOCKUP [ 233.287476][ T5824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 233.287490][ T5824] Call Trace: [ 233.287498][ T5824] [ 233.287507][ T5824] dump_stack_lvl+0x100/0x190 [ 233.287547][ T5824] dump_header+0xfb/0x606 [ 233.287577][ T5824] oom_kill_process.cold+0xd/0x330 [ 233.287607][ T5824] out_of_memory+0x340/0x14f0 [ 233.287645][ T5824] ? __pfx_out_of_memory+0x10/0x10 [ 233.287681][ T5824] mem_cgroup_out_of_memory+0xc6/0x130 [ 233.287710][ T5824] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 233.287737][ T5824] ? find_held_lock+0x2b/0x80 [ 233.287791][ T5824] ? do_raw_spin_unlock+0x145/0x1e0 [ 233.287825][ T5824] ? _raw_spin_unlock+0x28/0x50 [ 233.287863][ T5824] try_charge_memcg+0x652/0xc90 [ 233.287904][ T5824] ? __pfx_try_charge_memcg+0x10/0x10 [ 233.287945][ T5824] ? find_held_lock+0x2b/0x80 [ 233.287976][ T5824] ? rcu_read_unlock+0x17/0x60 [ 233.288010][ T5824] ? rcu_read_unlock+0x17/0x60 [ 233.288047][ T5824] charge_memcg+0xa6/0x280 [ 233.288082][ T5824] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 233.288112][ T5824] __swap_cache_prepare_and_add+0x528/0x9e0 [ 233.288157][ T5824] ? __pfx___swap_cache_prepare_and_add+0x10/0x10 [ 233.288186][ T5824] ? __pfx_swap_entry_swapped+0x10/0x10 [ 233.288231][ T5824] swap_cache_alloc_folio+0x1cb/0x300 [ 233.288263][ T5824] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 233.288297][ T5824] ? finish_task_switch.isra.0+0x2c6/0xb80 [ 233.288328][ T5824] swap_cluster_readahead+0x411/0x770 [ 233.288364][ T5824] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 233.288399][ T5824] ? update_cfs_rq_load_avg+0x51/0x550 [ 233.288440][ T5824] ? get_vma_policy+0x23f/0x3b0 [ 233.288481][ T5824] swapin_readahead+0x160/0x12c0 [ 233.288522][ T5824] ? __pfx_swapin_readahead+0x10/0x10 [ 233.288549][ T5824] ? find_held_lock+0x2b/0x80 [ 233.288582][ T5824] ? swap_table_get+0x103/0x2c0 [ 233.288605][ T5824] ? swap_table_get+0x103/0x2c0 [ 233.288637][ T5824] ? swap_table_get+0x10d/0x2c0 [ 233.288664][ T5824] ? swap_cache_get_folio+0x1ae/0x600 [ 233.288694][ T5824] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 233.288720][ T5824] ? __pfx_get_swap_device+0x10/0x10 [ 233.288768][ T5824] ? do_swap_page+0xb2e/0x68e0 [ 233.288793][ T5824] do_swap_page+0xb2e/0x68e0 [ 233.288839][ T5824] ? __pfx_do_swap_page+0x10/0x10 [ 233.288868][ T5824] ? __free_object+0x2a8/0x400 [ 233.288895][ T5824] ? lockdep_hardirqs_on+0x78/0x100 [ 233.288924][ T5824] ? rcu_is_watching+0x12/0xc0 [ 233.288960][ T5824] ? __pte_offset_map+0x179/0x310 [ 233.288999][ T5824] __handle_mm_fault+0x18c1/0x2b60 [ 233.289037][ T5824] ? reacquire_held_locks+0xce/0x1e0 [ 233.289068][ T5824] ? __pfx___handle_mm_fault+0x10/0x10 [ 233.289103][ T5824] ? lock_vma_under_rcu+0x17c/0x590 [ 233.289156][ T5824] handle_mm_fault+0x36d/0xa20 [ 233.289193][ T5824] do_user_addr_fault+0x5a3/0x12f0 [ 233.289243][ T5824] exc_page_fault+0x6f/0xd0 [ 233.289269][ T5824] asm_exc_page_fault+0x26/0x30 [ 233.289294][ T5824] RIP: 0033:0x7f3103d5cece [ 233.289317][ T5824] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 233.289342][ T5824] RSP: 002b:00007ffcd95747a8 EFLAGS: 00010246 [ 233.289362][ T5824] RAX: 0000000000000000 RBX: 0000555571c86500 RCX: 00007f3103d5cece [ 233.289379][ T5824] RDX: 00007ffcd9574800 RSI: 0000000000000000 RDI: 0000000000000000 [ 233.289395][ T5824] RBP: 00007ffcd957486c R08: 0000000000000000 R09: 0000000000000000 [ 233.289410][ T5824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388 [ 233.289425][ T5824] R13: 00000000000927c0 R14: 0000000000038c7a R15: 00007ffcd95748c0 [ 233.289461][ T5824] [ 233.289528][ T5824] memory: usage 3072kB, limit 3072kB, failcnt 61267 [ 233.919352][ T5824] memory+swap: usage 10448kB, limit 9007199254740988kB, failcnt 0 [ 233.976621][ T5824] kmem: usage 708kB, limit 9007199254740988kB, failcnt 0 [ 234.016695][ T5824] Memory cgroup stats for /syz0: [ 234.016894][ T5824] cache 307200 [ 234.025245][ T5824] rss 0 [ 234.122293][ T5824] rss_huge 0 [ 234.125552][ T5824] shmem 307200 [ 234.178283][ T5824] mapped_file 0 [ 234.181797][ T5824] dirty 0 [ 234.236657][ T5824] writeback 0 [ 234.240008][ T5824] workingset_refault_anon 7855 [ 234.244784][ T5824] workingset_refault_file 9159 [ 234.287157][ T5824] swap 7553024 [ 234.304119][ T5824] swapcached 191201280 [ 234.309966][ T5824] pgpgin 128060 [ 234.340721][ T5824] pgpgout 128491 [ 234.344305][ T5824] pgfault 128703 [ 234.357079][ T5824] pgmajfault 2988 [ 234.360748][ T5824] inactive_anon 0 [ 234.371779][ T5824] active_anon 16384 [ 234.375631][ T5824] inactive_file 0 [ 234.402227][ T5824] active_file 0 [ 234.405712][ T5824] unevictable 0 [ 234.418526][ T5824] hierarchical_memory_limit 3145728 [ 234.423757][ T5824] hierarchical_memsw_limit 9223372036854771712 [ 234.442270][ T5824] total_cache 307200 [ 234.446215][ T5824] total_rss 0 [ 234.474712][ T5824] total_rss_huge 0 [ 234.498941][ T5824] total_shmem 307200 [ 234.509430][ T5824] total_mapped_file 0 [ 234.522221][ T5824] total_dirty 0 [ 234.525713][ T5824] total_writeback 0 [ 234.540003][ T5824] total_workingset_refault_anon 7855 [ 234.545336][ T5824] total_workingset_refault_file 9159 [ 234.552099][ T5824] total_swap 7553024 [ 234.556028][ T5824] total_swapcached 191201280 [ 234.561217][ T5824] total_pgpgin 128060 [ 234.565221][ T5824] total_pgpgout 128491 [ 234.569801][ T5824] total_pgfault 128703 [ 234.573900][ T5824] total_pgmajfault 2988 [ 234.578527][ T5824] total_inactive_anon 0 [ 234.582757][ T5824] total_active_anon 16384 [ 234.587674][ T5824] total_inactive_file 0 [ 234.591856][ T5824] total_active_file 0 [ 234.595844][ T5824] total_unevictable 0 [ 234.600456][ T5824] anon_cost 380 [ 234.603941][ T5824] file_cost 0 [ 234.613715][ T5824] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.567,pid=8741,uid=0 [ 234.628833][ T5824] Memory cgroup out of memory: OOM victim 8741 (syz.0.567) is already exiting. Skip killing the task [ 235.756388][ T8830] zswap: compressor not available [ 236.014064][ T8836] vivid-007: ================= START STATUS ================= [ 236.048373][ T8836] vivid-007: Generate PTS: true [ 236.053324][ T8836] vivid-007: Generate SCR: true [ 236.076683][ T8836] tpg source WxH: 320x240 (Y'CbCr) [ 236.084621][ T8836] tpg field: 1 [ 236.088532][ T8836] tpg crop: (0,0)/320x240 [ 236.092989][ T8836] tpg compose: (0,0)/320x240 [ 236.149960][ T8836] tpg colorspace: 8 [ 236.155684][ T8837] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 236.186875][ T8836] tpg transfer function: 0/0 [ 236.196668][ T8836] tpg Y'CbCr encoding: 0/0 [ 236.256707][ T8836] tpg quantization: 0/0 [ 236.260989][ T8836] tpg RGB range: 0/2 [ 236.264891][ T8836] vivid-007: ================== END STATUS ================== [ 237.947814][ T8850] FAULT_INJECTION: forcing a failure. [ 237.947814][ T8850] name fail_futex, interval 1, probability 0, space 0, times 0 [ 237.975994][ T8850] CPU: 0 UID: 0 PID: 8850 Comm: syz.4.583 Tainted: G L syzkaller #0 PREEMPT(full) [ 237.976019][ T8850] Tainted: [L]=SOFTLOCKUP [ 237.976024][ T8850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 237.976033][ T8850] Call Trace: [ 237.976038][ T8850] [ 237.976043][ T8850] dump_stack_lvl+0x100/0x190 [ 237.976069][ T8850] should_fail_ex.cold+0x5/0xa [ 237.976085][ T8850] get_futex_key+0x295/0x1620 [ 237.976103][ T8850] ? __pfx_get_futex_key+0x10/0x10 [ 237.976116][ T8850] ? lock_acquire+0x1cf/0x380 [ 237.976139][ T8850] futex_wake+0xea/0x530 [ 237.976159][ T8850] ? __pfx_futex_wake+0x10/0x10 [ 237.976178][ T8850] ? exit_mm_release+0x19/0x30 [ 237.976199][ T8850] do_futex+0x32b/0x350 [ 237.976215][ T8850] ? __pfx_do_futex+0x10/0x10 [ 237.976230][ T8850] ? __might_fault+0xc5/0x140 [ 237.976251][ T8850] mm_release+0x24a/0x2f0 [ 237.976265][ T8850] do_exit+0x675/0x2aa0 [ 237.976285][ T8850] ? __pfx_do_exit+0x10/0x10 [ 237.976302][ T8850] ? do_raw_spin_lock+0x128/0x260 [ 237.976320][ T8850] ? find_held_lock+0x2b/0x80 [ 237.976340][ T8850] ? get_signal+0x7e0/0x21e0 [ 237.976355][ T8850] do_group_exit+0xd5/0x2a0 [ 237.976374][ T8850] get_signal+0x1ec7/0x21e0 [ 237.976394][ T8850] ? __pfx_get_signal+0x10/0x10 [ 237.976413][ T8850] arch_do_signal_or_restart+0x91/0x770 [ 237.976430][ T8850] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 237.976457][ T8850] exit_to_user_mode_loop+0x86/0x4a0 [ 237.976483][ T8850] do_syscall_64+0x668/0xf80 [ 237.976498][ T8850] ? clear_bhb_loop+0x40/0x90 [ 237.976515][ T8850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.976529][ T8850] RIP: 0033:0x7fe07759c629 [ 237.976542][ T8850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 237.976555][ T8850] RSP: 002b:00007fe0784f7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000082 [ 237.976580][ T8850] RAX: fffffffffffffdfe RBX: 00007fe077815fa0 RCX: 00007fe07759c629 [ 237.976594][ T8850] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000200000000100 [ 237.976607][ T8850] RBP: 00007fe077632b39 R08: 0000000000000000 R09: 0000000000000000 [ 237.976620][ T8850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 237.976633][ T8850] R13: 00007fe077816038 R14: 00007fe077815fa0 R15: 00007ffd9cd4fa28 [ 237.976666][ T8850] [ 238.682624][ T8871] bridge_slave_1: left allmulticast mode [ 238.742908][ T8871] bridge_slave_1: left promiscuous mode [ 238.761889][ T8871] bridge0: port 2(bridge_slave_1) entered disabled state [ 239.191558][ T8880] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 239.932545][ T8897] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 239.943829][ T8898] netlink: 4394 bytes leftover after parsing attributes in process `syz.2.595'. [ 239.976363][ T8898] FAULT_INJECTION: forcing a failure. [ 239.976363][ T8898] name failslab, interval 1, probability 0, space 0, times 0 [ 240.040914][ T8898] CPU: 0 UID: 0 PID: 8898 Comm: syz.2.595 Tainted: G L syzkaller #0 PREEMPT(full) [ 240.040956][ T8898] Tainted: [L]=SOFTLOCKUP [ 240.040965][ T8898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 240.040980][ T8898] Call Trace: [ 240.040988][ T8898] [ 240.040998][ T8898] dump_stack_lvl+0x100/0x190 [ 240.041041][ T8898] should_fail_ex.cold+0x5/0xa [ 240.041072][ T8898] should_failslab+0xc2/0x120 [ 240.041109][ T8898] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 240.041141][ T8898] ? skb_clone+0x190/0x400 [ 240.041173][ T8898] skb_clone+0x190/0x400 [ 240.041199][ T8898] netlink_deliver_tap+0xaed/0xcc0 [ 240.041234][ T8898] netlink_unicast+0x70c/0x870 [ 240.041268][ T8898] ? __pfx_netlink_unicast+0x10/0x10 [ 240.041293][ T8898] ? __alloc_skb+0x5b7/0x710 [ 240.041331][ T8898] ? genl_rcv_msg+0x4be/0x800 [ 240.041370][ T8898] netlink_ack+0x655/0xb80 [ 240.041410][ T8898] netlink_rcv_skb+0x333/0x420 [ 240.041438][ T8898] ? __pfx_genl_rcv_msg+0x10/0x10 [ 240.041471][ T8898] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 240.041515][ T8898] ? netlink_deliver_tap+0x1ae/0xcc0 [ 240.041547][ T8898] genl_rcv+0x28/0x40 [ 240.041575][ T8898] netlink_unicast+0x5aa/0x870 [ 240.041614][ T8898] ? __pfx_netlink_unicast+0x10/0x10 [ 240.041640][ T8898] ? __asan_memset+0x23/0x50 [ 240.041669][ T8898] ? __build_skb_around+0x278/0x390 [ 240.041705][ T8898] ? is_vmalloc_addr+0x86/0xa0 [ 240.041741][ T8898] netlink_sendmsg+0x8b0/0xda0 [ 240.041776][ T8898] ? __pfx_netlink_sendmsg+0x10/0x10 [ 240.041802][ T8898] ? __import_iovec+0x1d2/0x640 [ 240.041841][ T8898] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 240.041877][ T8898] ____sys_sendmsg+0xa54/0xc30 [ 240.041914][ T8898] ? __pfx_____sys_sendmsg+0x10/0x10 [ 240.041967][ T8898] ___sys_sendmsg+0x190/0x1e0 [ 240.042003][ T8898] ? __pfx____sys_sendmsg+0x10/0x10 [ 240.042082][ T8898] __sys_sendmsg+0x170/0x220 [ 240.042109][ T8898] ? __pfx___sys_sendmsg+0x10/0x10 [ 240.042159][ T8898] do_syscall_64+0x106/0xf80 [ 240.042184][ T8898] ? clear_bhb_loop+0x40/0x90 [ 240.042216][ T8898] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.042241][ T8898] RIP: 0033:0x7efddbf9c629 [ 240.042262][ T8898] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 240.042285][ T8898] RSP: 002b:00007efddcf37028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 240.042307][ T8898] RAX: ffffffffffffffda RBX: 00007efddc215fa0 RCX: 00007efddbf9c629 [ 240.042324][ T8898] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 240.042338][ T8898] RBP: 00007efddcf37090 R08: 0000000000000000 R09: 0000000000000000 [ 240.042352][ T8898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 240.042367][ T8898] R13: 00007efddc216038 R14: 00007efddc215fa0 R15: 00007ffe14b87bb8 [ 240.042403][ T8898] [ 240.786629][ T8910] binder: 8909:8910 ioctl 4018620d ffffffffffffffff returned -22 [ 241.383388][ T8907] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 241.721287][ T8924] vivid-007: ================= START STATUS ================= [ 241.828579][ T8924] vivid-007: Generate PTS: true [ 241.874643][ T8924] vivid-007: Generate SCR: true [ 241.921827][ T8914] [U] ^\ [ 241.933048][ T8924] tpg source WxH: 320x240 (Y'CbCr) [ 241.988529][ T8924] tpg field: 1 [ 242.012994][ T8924] tpg crop: (0,0)/320x240 [ 242.208424][ T8924] tpg compose: (0,0)/320x240 [ 242.213095][ T8924] tpg colorspace: 8 [ 242.251008][ T8924] tpg transfer function: 0/0 [ 242.265260][ T8924] tpg Y'CbCr encoding: 0/0 [ 242.289712][ T8924] tpg quantization: 0/0 [ 242.319061][ T8924] tpg RGB range: 0/2 [ 242.322998][ T8924] vivid-007: ================== END STATUS ================== [ 243.835014][ T8802] mkiss: ax0: crc mode is auto. [ 244.415949][ T8951] netlink: 206 bytes leftover after parsing attributes in process `syz.3.606'. [ 244.788307][ T8958] netlink: 4394 bytes leftover after parsing attributes in process `syz.3.608'. [ 244.823898][ T8958] FAULT_INJECTION: forcing a failure. [ 244.823898][ T8958] name failslab, interval 1, probability 0, space 0, times 0 [ 244.894241][ T8958] CPU: 1 UID: 0 PID: 8958 Comm: syz.3.608 Tainted: G L syzkaller #0 PREEMPT(full) [ 244.894282][ T8958] Tainted: [L]=SOFTLOCKUP [ 244.894292][ T8958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 244.894306][ T8958] Call Trace: [ 244.894315][ T8958] [ 244.894325][ T8958] dump_stack_lvl+0x100/0x190 [ 244.894362][ T8958] should_fail_ex.cold+0x5/0xa [ 244.894388][ T8958] should_failslab+0xc2/0x120 [ 244.894421][ T8958] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 244.894450][ T8958] ? skb_clone+0x190/0x400 [ 244.894477][ T8958] skb_clone+0x190/0x400 [ 244.894500][ T8958] netlink_deliver_tap+0xaed/0xcc0 [ 244.894531][ T8958] netlink_unicast+0x70c/0x870 [ 244.894560][ T8958] ? __pfx_netlink_unicast+0x10/0x10 [ 244.894583][ T8958] ? __alloc_skb+0x5b7/0x710 [ 244.894616][ T8958] ? genl_rcv_msg+0x4be/0x800 [ 244.894650][ T8958] netlink_ack+0x655/0xb80 [ 244.894684][ T8958] netlink_rcv_skb+0x333/0x420 [ 244.894712][ T8958] ? __pfx_genl_rcv_msg+0x10/0x10 [ 244.894740][ T8958] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 244.894778][ T8958] ? netlink_deliver_tap+0x1ae/0xcc0 [ 244.894805][ T8958] genl_rcv+0x28/0x40 [ 244.894829][ T8958] netlink_unicast+0x5aa/0x870 [ 244.894858][ T8958] ? __pfx_netlink_unicast+0x10/0x10 [ 244.894880][ T8958] ? __asan_memset+0x23/0x50 [ 244.894905][ T8958] ? __build_skb_around+0x278/0x390 [ 244.894937][ T8958] ? is_vmalloc_addr+0x86/0xa0 [ 244.894973][ T8958] netlink_sendmsg+0x8b0/0xda0 [ 244.895003][ T8958] ? __pfx_netlink_sendmsg+0x10/0x10 [ 244.895026][ T8958] ? __import_iovec+0x1d2/0x640 [ 244.895061][ T8958] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 244.895092][ T8958] ____sys_sendmsg+0xa54/0xc30 [ 244.895124][ T8958] ? __pfx_____sys_sendmsg+0x10/0x10 [ 244.895166][ T8958] ___sys_sendmsg+0x190/0x1e0 [ 244.895196][ T8958] ? __pfx____sys_sendmsg+0x10/0x10 [ 244.895265][ T8958] __sys_sendmsg+0x170/0x220 [ 244.895288][ T8958] ? __pfx___sys_sendmsg+0x10/0x10 [ 244.895330][ T8958] do_syscall_64+0x106/0xf80 [ 244.895353][ T8958] ? clear_bhb_loop+0x40/0x90 [ 244.895381][ T8958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.895403][ T8958] RIP: 0033:0x7feb1719c629 [ 244.895423][ T8958] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 244.895445][ T8958] RSP: 002b:00007feb1800a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 244.895467][ T8958] RAX: ffffffffffffffda RBX: 00007feb17415fa0 RCX: 00007feb1719c629 [ 244.895482][ T8958] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 244.895496][ T8958] RBP: 00007feb1800a090 R08: 0000000000000000 R09: 0000000000000000 [ 244.895510][ T8958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 244.895523][ T8958] R13: 00007feb17416038 R14: 00007feb17415fa0 R15: 00007ffca73e07e8 [ 244.895554][ T8958] [ 245.191109][ T8963] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 245.930740][ T8980] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16) [ 245.973208][ T8980] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 246.718307][ T30] audit: type=1804 audit(1771412269.877:11): pid=9000 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.614" name="/newroot/sys/kernel/tracing/trace_marker_raw" dev="tracefs" ino=3338 res=1 errno=0 [ 247.459319][ T9009] netlink: 4394 bytes leftover after parsing attributes in process `syz.4.618'. [ 247.516948][ T9009] FAULT_INJECTION: forcing a failure. [ 247.516948][ T9009] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 247.561246][ T9009] CPU: 0 UID: 0 PID: 9009 Comm: syz.4.618 Tainted: G L syzkaller #0 PREEMPT(full) [ 247.561286][ T9009] Tainted: [L]=SOFTLOCKUP [ 247.561294][ T9009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 247.561308][ T9009] Call Trace: [ 247.561316][ T9009] [ 247.561326][ T9009] dump_stack_lvl+0x100/0x190 [ 247.561366][ T9009] should_fail_ex.cold+0x5/0xa [ 247.561396][ T9009] _copy_to_user+0x32/0xd0 [ 247.561433][ T9009] simple_read_from_buffer+0xcb/0x170 [ 247.561468][ T9009] proc_fail_nth_read+0x1af/0x230 [ 247.561509][ T9009] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 247.561551][ T9009] ? rw_verify_area+0xce/0x6d0 [ 247.561581][ T9009] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 247.561621][ T9009] vfs_read+0x1e4/0xb30 [ 247.561659][ T9009] ? __pfx_vfs_read+0x10/0x10 [ 247.561690][ T9009] ? __fget_files+0x215/0x3d0 [ 247.561731][ T9009] ? __fget_files+0x21f/0x3d0 [ 247.561781][ T9009] ksys_read+0x12a/0x250 [ 247.561813][ T9009] ? __pfx_ksys_read+0x10/0x10 [ 247.561856][ T9009] do_syscall_64+0x106/0xf80 [ 247.561883][ T9009] ? clear_bhb_loop+0x40/0x90 [ 247.561915][ T9009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.561941][ T9009] RIP: 0033:0x7fe07755cece [ 247.561962][ T9009] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 247.561986][ T9009] RSP: 002b:00007fe0784f6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 247.562010][ T9009] RAX: ffffffffffffffda RBX: 00007fe0784f76c0 RCX: 00007fe07755cece [ 247.562026][ T9009] RDX: 000000000000000f RSI: 00007fe0784f70a0 RDI: 0000000000000005 [ 247.562041][ T9009] RBP: 00007fe0784f7090 R08: 0000000000000000 R09: 0000000000000000 [ 247.562057][ T9009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 247.562071][ T9009] R13: 00007fe077816038 R14: 00007fe077815fa0 R15: 00007ffd9cd4fa28 [ 247.562107][ T9009] [ 247.945872][ T9010] netlink: 28 bytes leftover after parsing attributes in process `syz.2.617'. [ 248.093231][ T9010] veth1_macvtap: entered allmulticast mode [ 249.066994][ T9032] zswap: compressor û not available [ 249.095282][ T9049] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 249.656094][ T9053] sd 0:0:1:0: PR command failed: 1026 [ 249.663363][ T9053] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 249.692706][ T9053] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 251.823626][ T9095] vivid-007: ================= START STATUS ================= [ 251.857715][ T9095] vivid-007: Generate PTS: true [ 251.901121][ T9095] vivid-007: Generate SCR: true [ 251.906059][ T9095] tpg source WxH: 320x240 (Y'CbCr) [ 251.953807][ T9095] tpg field: 1 [ 251.974208][ T9095] tpg crop: (0,0)/320x240 [ 252.000493][ T9095] tpg compose: (0,0)/320x240 [ 252.017790][ T9095] tpg colorspace: 8 [ 252.022087][ T9095] tpg transfer function: 0/0 [ 252.045748][ T9095] tpg Y'CbCr encoding: 0/0 [ 252.076675][ T9095] tpg quantization: 0/0 [ 252.080882][ T9095] tpg RGB range: 0/2 [ 252.084794][ T9095] vivid-007: ================== END STATUS ================== [ 252.193213][ T9106] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 252.989141][ T9117] random: crng reseeded on system resumption [ 254.701054][ T9148] FAULT_INJECTION: forcing a failure. [ 254.701054][ T9148] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 254.764643][ T9148] CPU: 0 UID: 0 PID: 9148 Comm: syz.2.644 Tainted: G L syzkaller #0 PREEMPT(full) [ 254.764692][ T9148] Tainted: [L]=SOFTLOCKUP [ 254.764702][ T9148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 254.764720][ T9148] Call Trace: [ 254.764730][ T9148] [ 254.764741][ T9148] dump_stack_lvl+0x100/0x190 [ 254.764799][ T9148] should_fail_ex.cold+0x5/0xa [ 254.764826][ T9148] ? prepare_alloc_pages+0x16d/0x5f0 [ 254.764873][ T9148] should_fail_alloc_page+0xeb/0x140 [ 254.764919][ T9148] prepare_alloc_pages+0x1f0/0x5f0 [ 254.764969][ T9148] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 254.765007][ T9148] ? mas_next_slot+0x1003/0x18b0 [ 254.765049][ T9148] ? __pfx___up_read+0x10/0x10 [ 254.765085][ T9148] ? validate_mm+0x261/0x4e0 [ 254.765115][ T9148] ? validate_mm+0x261/0x4e0 [ 254.765148][ T9148] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 254.765187][ T9148] ? validate_mm+0x392/0x4e0 [ 254.765222][ T9148] ? __pfx_validate_mm+0x10/0x10 [ 254.765263][ T9148] ? __pfx___vma_start_write+0x10/0x10 [ 254.765296][ T9148] ? vma_iter_store_overwrite+0x392/0x650 [ 254.765327][ T9148] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 254.765381][ T9148] ? policy_nodemask+0xed/0x4f0 [ 254.765426][ T9148] alloc_pages_mpol+0x1fb/0x550 [ 254.765470][ T9148] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 254.765523][ T9148] alloc_pages_noprof+0x131/0x390 [ 254.765567][ T9148] __pmd_alloc+0x3b/0x9c0 [ 254.765601][ T9148] move_page_tables+0x3224/0x4500 [ 254.765639][ T9148] ? __pfx_copy_vma+0x10/0x10 [ 254.765674][ T9148] ? __pfx_css_rstat_updated+0x10/0x10 [ 254.765714][ T9148] ? __pfx_move_page_tables+0x10/0x10 [ 254.765769][ T9148] ? finish_task_switch.isra.0+0x200/0xb80 [ 254.765802][ T9148] copy_vma_and_data+0x25c/0x7c0 [ 254.765840][ T9148] ? __pfx_copy_vma_and_data+0x10/0x10 [ 254.765891][ T9148] ? __vma_start_write+0x17f/0x280 [ 254.765934][ T9148] ? __pfx___vma_start_write+0x10/0x10 [ 254.765975][ T9148] move_vma+0x51b/0x1890 [ 254.766017][ T9148] ? __pfx_move_vma+0x10/0x10 [ 254.766055][ T9148] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 254.766099][ T9148] ? cap_mmap_addr+0x4b/0x120 [ 254.766127][ T9148] ? bpf_lsm_mmap_addr+0x9/0x30 [ 254.766162][ T9148] ? security_mmap_addr+0x71/0x1e0 [ 254.766201][ T9148] ? __get_unmapped_area+0x255/0x3e0 [ 254.766247][ T9148] ? vrm_set_new_addr+0x204/0x290 [ 254.766285][ T9148] mremap_to+0x1b7/0x450 [ 254.766322][ T9148] do_mremap+0xb76/0x2130 [ 254.766380][ T9148] ? __pfx_do_mremap+0x10/0x10 [ 254.766432][ T9148] ? ksys_write+0x190/0x250 [ 254.766482][ T9148] __do_sys_mremap+0x126/0x170 [ 254.766520][ T9148] ? __pfx___do_sys_mremap+0x10/0x10 [ 254.766562][ T9148] ? __x64_sys_futex+0x34f/0x4d0 [ 254.766609][ T9148] do_syscall_64+0x106/0xf80 [ 254.766635][ T9148] ? clear_bhb_loop+0x40/0x90 [ 254.766669][ T9148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.766697][ T9148] RIP: 0033:0x7efddbf9c629 [ 254.766720][ T9148] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 254.766748][ T9148] RSP: 002b:00007efddcf37028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 254.766774][ T9148] RAX: ffffffffffffffda RBX: 00007efddc215fa0 RCX: 00007efddbf9c629 [ 254.766791][ T9148] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 254.766807][ T9148] RBP: 00007efddc032b39 R08: 0000000100000000 R09: 0000000000000000 [ 254.766824][ T9148] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 254.766839][ T9148] R13: 00007efddc216038 R14: 00007efddc215fa0 R15: 00007ffe14b87bb8 [ 254.766878][ T9148] [ 255.429711][ T9157] syz.3.649 invoked oom-killer: gfp_mask=0x100dc0(GFP_USER|__GFP_ZERO), order=0, oom_score_adj=1000 [ 255.440783][ T9157] CPU: 0 UID: 0 PID: 9157 Comm: syz.3.649 Tainted: G L syzkaller #0 PREEMPT(full) [ 255.440807][ T9157] Tainted: [L]=SOFTLOCKUP [ 255.440812][ T9157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 255.440820][ T9157] Call Trace: [ 255.440827][ T9157] [ 255.440834][ T9157] dump_stack_lvl+0x100/0x190 [ 255.440858][ T9157] dump_header+0xfb/0x606 [ 255.440875][ T9157] oom_kill_process.cold+0xd/0x330 [ 255.440894][ T9157] out_of_memory+0x340/0x14f0 [ 255.440932][ T9157] ? __pfx_out_of_memory+0x10/0x10 [ 255.440961][ T9157] mem_cgroup_out_of_memory+0xc6/0x130 [ 255.440978][ T9157] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 255.440993][ T9157] ? find_held_lock+0x2b/0x80 [ 255.441017][ T9157] ? do_raw_spin_unlock+0x145/0x1e0 [ 255.441037][ T9157] ? _raw_spin_unlock+0x28/0x50 [ 255.441060][ T9157] try_charge_memcg+0x652/0xc90 [ 255.441085][ T9157] ? __pfx_try_charge_memcg+0x10/0x10 [ 255.441105][ T9157] ? find_held_lock+0x2b/0x80 [ 255.441125][ T9157] ? rcu_read_unlock+0x17/0x60 [ 255.441145][ T9157] ? rcu_read_unlock+0x17/0x60 [ 255.441172][ T9157] charge_memcg+0xa6/0x280 [ 255.441192][ T9157] __mem_cgroup_charge+0x2b/0x1e0 [ 255.441208][ T9157] filemap_add_folio+0xe7/0x690 [ 255.441228][ T9157] ? __pfx_filemap_add_folio+0x10/0x10 [ 255.441249][ T9157] ? rcu_is_watching+0x12/0xc0 [ 255.441277][ T9157] __filemap_get_folio_mpol+0x5d5/0xe70 [ 255.441302][ T9157] ioctx_alloc+0x7a0/0x21e0 [ 255.441332][ T9157] ? __pfx_ioctx_alloc+0x10/0x10 [ 255.441354][ T9157] ? __might_fault+0x111/0x140 [ 255.441373][ T9157] __x64_sys_io_setup+0xc9/0x220 [ 255.441396][ T9157] do_syscall_64+0x106/0xf80 [ 255.441410][ T9157] ? clear_bhb_loop+0x40/0x90 [ 255.441427][ T9157] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.441442][ T9157] RIP: 0033:0x7feb1719c629 [ 255.441456][ T9157] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 255.441470][ T9157] RSP: 002b:00007feb17fe9028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 255.441484][ T9157] RAX: ffffffffffffffda RBX: 00007feb17416090 RCX: 00007feb1719c629 [ 255.441493][ T9157] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000007ffe [ 255.441501][ T9157] RBP: 00007feb17232b39 R08: 0000000000000000 R09: 0000000000000000 [ 255.441510][ T9157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 255.441520][ T9157] R13: 00007feb17416128 R14: 00007feb17416090 R15: 00007ffca73e07e8 [ 255.441539][ T9157] [ 255.441545][ T9157] memory: usage 3072kB, limit 3072kB, failcnt 50967 [ 255.711779][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.718218][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.846369][ T30] audit: type=1800 audit(1771412279.017:12): pid=9160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.650" name="dbroot" dev="configfs" ino=24885 res=0 errno=0 [ 255.888017][ T8961] mkiss: ax0: crc mode is auto. [ 255.930862][ T9157] memory+swap: usage 25924kB, limit 9007199254740988kB, failcnt 0 [ 256.049504][ T9157] kmem: usage 1140kB, limit 9007199254740988kB, failcnt 0 [ 256.171379][ T9157] Memory cgroup stats for /syz3: [ 256.175274][ T9157] cache 1847296 [ 256.245214][ T9157] rss 16384 [ 256.259501][ T9157] rss_huge 0 [ 256.275786][ T9157] shmem 0 [ 256.641017][ T9157] mapped_file 0 [ 256.657050][ T9157] dirty 4096 [ 256.682641][ T9157] writeback 0 [ 256.685955][ T9157] workingset_refault_anon 6367 [ 256.793831][ T9157] workingset_refault_file 26258 [ 256.867082][ T9157] swap 23547904 [ 256.870680][ T9157] swapcached 192626688 [ 257.116645][ T9157] pgpgin 256215 [ 257.120152][ T9157] pgpgout 260887 [ 257.123709][ T9157] pgfault 139268 [ 257.229861][ T9157] pgmajfault 1376 [ 257.233527][ T9157] inactive_anon 0 [ 257.530718][ T9157] active_anon 0 [ 257.534226][ T9157] inactive_file 1581056 [ 257.726942][ T9157] active_file 4096 [ 257.730719][ T9157] unevictable 0 [ 257.734191][ T9157] hierarchical_memory_limit 3145728 [ 257.842979][ T9157] hierarchical_memsw_limit 9223372036854771712 [ 257.902822][ T9185] zswap: compressor not available [ 257.918570][ T9157] total_cache 1847296 [ 257.964722][ T9157] total_rss 16384 [ 258.014594][ T9157] total_rss_huge 0 [ 258.031608][ T9157] total_shmem 0 [ 258.049412][ T9157] total_mapped_file 0 [ 258.071326][ T9157] total_dirty 4096 [ 258.075091][ T9157] total_writeback 0 [ 258.113311][ T9157] total_workingset_refault_anon 6367 [ 258.144910][ T9157] total_workingset_refault_file 26258 [ 258.161970][ T9157] total_swap 23547904 [ 258.176717][ T9157] total_swapcached 192626688 [ 258.188673][ T9157] total_pgpgin 256215 [ 258.201469][ T9157] total_pgpgout 260887 [ 258.216772][ T9157] total_pgfault 139268 [ 258.225309][ T9157] total_pgmajfault 1376 [ 258.234129][ T9157] total_inactive_anon 0 [ 258.242827][ T9157] total_active_anon 0 [ 258.269569][ T9157] total_inactive_file 1581056 [ 258.274299][ T9157] total_active_file 4096 [ 258.373495][ T9157] total_unevictable 0 [ 258.420464][ T9157] anon_cost 0 [ 258.426429][ T9157] file_cost 88 [ 258.430752][ T9157] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.588,pid=8865,uid=0 [ 258.446275][ T9157] Memory cgroup out of memory: Killed process 8865 (syz.3.588) total-vm:104536kB, anon-rss:1232kB, file-rss:22692kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 258.561398][ T5824] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 258.620784][ T5824] CPU: 1 UID: 0 PID: 5824 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 258.620810][ T5824] Tainted: [L]=SOFTLOCKUP [ 258.620815][ T5824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 258.620824][ T5824] Call Trace: [ 258.620829][ T5824] [ 258.620835][ T5824] dump_stack_lvl+0x100/0x190 [ 258.620860][ T5824] dump_header+0xfb/0x606 [ 258.620877][ T5824] oom_kill_process.cold+0xd/0x330 [ 258.620893][ T5824] out_of_memory+0x340/0x14f0 [ 258.620917][ T5824] ? __pfx_out_of_memory+0x10/0x10 [ 258.620940][ T5824] mem_cgroup_out_of_memory+0xc6/0x130 [ 258.620956][ T5824] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 258.620971][ T5824] ? find_held_lock+0x2b/0x80 [ 258.620996][ T5824] ? do_raw_spin_unlock+0x145/0x1e0 [ 258.621015][ T5824] ? _raw_spin_unlock+0x28/0x50 [ 258.621040][ T5824] try_charge_memcg+0x652/0xc90 [ 258.621065][ T5824] ? __pfx_try_charge_memcg+0x10/0x10 [ 258.621089][ T5824] ? find_held_lock+0x2b/0x80 [ 258.621108][ T5824] ? rcu_read_unlock+0x17/0x60 [ 258.621129][ T5824] ? rcu_read_unlock+0x17/0x60 [ 258.621152][ T5824] charge_memcg+0xa6/0x280 [ 258.621172][ T5824] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 258.621189][ T5824] __swap_cache_prepare_and_add+0x528/0x9e0 [ 258.621213][ T5824] ? __pfx___swap_cache_prepare_and_add+0x10/0x10 [ 258.621230][ T5824] ? __pfx_swap_entry_swapped+0x10/0x10 [ 258.621255][ T5824] swap_cache_alloc_folio+0x1cb/0x300 [ 258.621273][ T5824] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 258.621297][ T5824] ? __lock_acquire+0x4a5/0x2630 [ 258.621316][ T5824] swap_cluster_readahead+0x53b/0x770 [ 258.621332][ T5824] ? __pfx___xa_erase+0x10/0x10 [ 258.621352][ T5824] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 258.621368][ T5824] ? do_raw_spin_lock+0x128/0x260 [ 258.621386][ T5824] ? __print_lock_name+0x20/0x80 [ 258.621407][ T5824] ? move_cluster+0x1f7/0x570 [ 258.621432][ T5824] ? get_vma_policy+0x23f/0x3b0 [ 258.621455][ T5824] swapin_readahead+0x160/0x12c0 [ 258.621478][ T5824] ? __pfx_swapin_readahead+0x10/0x10 [ 258.621493][ T5824] ? find_held_lock+0x2b/0x80 [ 258.621513][ T5824] ? swap_table_get+0x103/0x2c0 [ 258.621530][ T5824] ? swap_table_get+0x103/0x2c0 [ 258.621548][ T5824] ? swap_table_get+0x10d/0x2c0 [ 258.621564][ T5824] ? swap_cache_get_folio+0x1ae/0x600 [ 258.621581][ T5824] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 258.621595][ T5824] ? __pfx_get_swap_device+0x10/0x10 [ 258.621619][ T5824] ? do_swap_page+0xb2e/0x68e0 [ 258.621633][ T5824] do_swap_page+0xb2e/0x68e0 [ 258.621659][ T5824] ? __pfx_do_swap_page+0x10/0x10 [ 258.621675][ T5824] ? __free_object+0x2a8/0x400 [ 258.621690][ T5824] ? lockdep_hardirqs_on+0x78/0x100 [ 258.621706][ T5824] ? rcu_is_watching+0x12/0xc0 [ 258.621726][ T5824] ? __pte_offset_map+0x179/0x310 [ 258.621748][ T5824] __handle_mm_fault+0x18c1/0x2b60 [ 258.621768][ T5824] ? reacquire_held_locks+0xce/0x1e0 [ 258.621785][ T5824] ? __pfx___handle_mm_fault+0x10/0x10 [ 258.621807][ T5824] ? lock_vma_under_rcu+0x17c/0x590 [ 258.621835][ T5824] handle_mm_fault+0x36d/0xa20 [ 258.621855][ T5824] do_user_addr_fault+0x5a3/0x12f0 [ 258.621882][ T5824] exc_page_fault+0x6f/0xd0 [ 258.621897][ T5824] asm_exc_page_fault+0x26/0x30 [ 258.621911][ T5824] RIP: 0033:0x7f3103d5cece [ 258.621923][ T5824] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 258.621937][ T5824] RSP: 002b:00007ffcd95747a8 EFLAGS: 00010246 [ 258.621949][ T5824] RAX: 0000000000000000 RBX: 0000555571c86500 RCX: 00007f3103d5cece [ 258.621958][ T5824] RDX: 00007ffcd9574800 RSI: 0000000000000000 RDI: 0000000000000000 [ 258.621966][ T5824] RBP: 00007ffcd957486c R08: 0000000000000000 R09: 0000000000000000 [ 258.621975][ T5824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388 [ 258.621983][ T5824] R13: 00000000000927c0 R14: 000000000003ef75 R15: 00007ffcd95748c0 [ 258.622002][ T5824] [ 259.007053][ T5824] memory: usage 3072kB, limit 3072kB, failcnt 72017 [ 259.013695][ T5824] memory+swap: usage 12068kB, limit 9007199254740988kB, failcnt 0 [ 259.022640][ T5824] kmem: usage 756kB, limit 9007199254740988kB, failcnt 0 [ 259.029765][ T5824] Memory cgroup stats for /syz0: [ 259.029864][ T5824] cache 245760 [ 259.038182][ T5824] rss 0 [ 259.040925][ T5824] rss_huge 0 [ 259.044103][ T5824] shmem 245760 [ 259.047546][ T5824] mapped_file 0 [ 259.051007][ T5824] dirty 0 [ 259.057304][ T5824] writeback 0 [ 259.060587][ T5824] workingset_refault_anon 8602 [ 259.065332][ T5824] workingset_refault_file 10141 [ 259.070266][ T5824] swap 9211904 [ 259.073657][ T5824] swapcached 234196992 [ 259.077817][ T5824] pgpgin 148897 [ 259.081913][ T5824] pgpgout 149340 [ 259.085450][ T5824] pgfault 156172 [ 259.089006][ T5824] pgmajfault 3513 [ 259.092620][ T5824] inactive_anon 28672 [ 259.096626][ T5824] active_anon 0 [ 259.100067][ T5824] inactive_file 0 [ 259.103677][ T5824] active_file 0 [ 259.107235][ T5824] unevictable 0 [ 259.110672][ T5824] hierarchical_memory_limit 3145728 [ 259.115898][ T5824] hierarchical_memsw_limit 9223372036854771712 [ 259.122112][ T5824] total_cache 245760 [ 259.125991][ T5824] total_rss 0 [ 259.129304][ T5824] total_rss_huge 0 [ 259.133004][ T5824] total_shmem 245760 [ 259.136938][ T5824] total_mapped_file 0 [ 259.140900][ T5824] total_dirty 0 [ 259.144338][ T5824] total_writeback 0 [ 259.148185][ T5824] total_workingset_refault_anon 8602 [ 259.153446][ T5824] total_workingset_refault_file 10141 [ 259.158834][ T5824] total_swap 9211904 [ 259.162706][ T5824] total_swapcached 234196992 [ 259.167313][ T5824] total_pgpgin 148897 [ 259.171273][ T5824] total_pgpgout 149340 [ 259.175316][ T5824] total_pgfault 156172 [ 259.179394][ T5824] total_pgmajfault 3513 [ 259.184133][ T5824] total_inactive_anon 28672 [ 259.188660][ T5824] total_active_anon 0 [ 259.192623][ T5824] total_inactive_file 0 [ 259.196793][ T5824] total_active_file 0 [ 259.200758][ T5824] total_unevictable 0 [ 259.204715][ T5824] anon_cost 364 [ 259.208174][ T5824] file_cost 0 [ 259.211436][ T5824] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.650,pid=9159,uid=0 [ 259.226169][ T5824] Memory cgroup out of memory: Killed process 9167 (syz.0.650) total-vm:176628kB, anon-rss:1228kB, file-rss:30960kB, shmem-rss:0kB, UID:0 pgtables:184kB oom_score_adj:1000 [ 260.102127][ T9198] netlink: 342 bytes leftover after parsing attributes in process `syz.2.658'. [ 261.355540][ T7128] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 261.381133][ T7128] CPU: 0 UID: 0 PID: 7128 Comm: syz-executor Tainted: G L syzkaller #0 PREEMPT(full) [ 261.381182][ T7128] Tainted: [L]=SOFTLOCKUP [ 261.381191][ T7128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 261.381206][ T7128] Call Trace: [ 261.381213][ T7128] [ 261.381221][ T7128] dump_stack_lvl+0x100/0x190 [ 261.381259][ T7128] dump_header+0xfb/0x606 [ 261.381289][ T7128] oom_kill_process.cold+0xd/0x330 [ 261.381321][ T7128] out_of_memory+0x340/0x14f0 [ 261.381362][ T7128] ? __pfx_out_of_memory+0x10/0x10 [ 261.381405][ T7128] mem_cgroup_out_of_memory+0xc6/0x130 [ 261.381436][ T7128] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 261.381464][ T7128] ? find_held_lock+0x2b/0x80 [ 261.381509][ T7128] ? do_raw_spin_unlock+0x145/0x1e0 [ 261.381545][ T7128] ? _raw_spin_unlock+0x28/0x50 [ 261.381586][ T7128] try_charge_memcg+0x652/0xc90 [ 261.381631][ T7128] ? __pfx_try_charge_memcg+0x10/0x10 [ 261.381676][ T7128] ? find_held_lock+0x2b/0x80 [ 261.381712][ T7128] ? rcu_read_unlock+0x17/0x60 [ 261.381749][ T7128] ? rcu_read_unlock+0x17/0x60 [ 261.381791][ T7128] charge_memcg+0xa6/0x280 [ 261.381828][ T7128] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 261.381860][ T7128] __swap_cache_prepare_and_add+0x528/0x9e0 [ 261.381906][ T7128] ? __pfx___swap_cache_prepare_and_add+0x10/0x10 [ 261.381936][ T7128] ? __pfx_swap_entry_swapped+0x10/0x10 [ 261.381983][ T7128] swap_cache_alloc_folio+0x1cb/0x300 [ 261.382016][ T7128] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 261.382050][ T7128] ? get_page_from_freelist+0x111d/0x3140 [ 261.382090][ T7128] swap_cluster_readahead+0x411/0x770 [ 261.382130][ T7128] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 261.382169][ T7128] ? rcu_is_cpu_rrupt_from_idle+0x230/0x270 [ 261.382207][ T7128] ? trace_mm_page_alloc+0x17a/0x1d0 [ 261.382263][ T7128] ? get_vma_policy+0x23f/0x3b0 [ 261.382306][ T7128] swapin_readahead+0x160/0x12c0 [ 261.382335][ T7128] ? __lock_acquire+0x4a5/0x2630 [ 261.382376][ T7128] ? __pfx_swapin_readahead+0x10/0x10 [ 261.382405][ T7128] ? find_held_lock+0x2b/0x80 [ 261.382441][ T7128] ? swap_table_get+0x103/0x2c0 [ 261.382468][ T7128] ? swap_table_get+0x103/0x2c0 [ 261.382502][ T7128] ? swap_table_get+0x10d/0x2c0 [ 261.382531][ T7128] ? swap_cache_get_folio+0x1ae/0x600 [ 261.382563][ T7128] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 261.382591][ T7128] ? __pfx_get_swap_device+0x10/0x10 [ 261.382635][ T7128] ? do_swap_page+0xb2e/0x68e0 [ 261.382662][ T7128] do_swap_page+0xb2e/0x68e0 [ 261.382699][ T7128] ? find_held_lock+0x2b/0x80 [ 261.382735][ T7128] ? is_bpf_text_address+0x8a/0x1a0 [ 261.382776][ T7128] ? __pfx_do_swap_page+0x10/0x10 [ 261.382815][ T7128] ? rcu_is_watching+0x12/0xc0 [ 261.382850][ T7128] ? __pte_offset_map+0x179/0x310 [ 261.382890][ T7128] __handle_mm_fault+0x18c1/0x2b60 [ 261.382926][ T7128] ? mt_find+0x45e/0x8e0 [ 261.382956][ T7128] ? __pfx___handle_mm_fault+0x10/0x10 [ 261.382983][ T7128] ? __pfx_mt_find+0x10/0x10 [ 261.383033][ T7128] ? find_vma+0xbf/0x140 [ 261.383067][ T7128] ? __pfx_find_vma+0x10/0x10 [ 261.383107][ T7128] handle_mm_fault+0x36d/0xa20 [ 261.383150][ T7128] do_user_addr_fault+0x74c/0x12f0 [ 261.383201][ T7128] exc_page_fault+0x6f/0xd0 [ 261.383228][ T7128] asm_exc_page_fault+0x26/0x30 [ 261.383254][ T7128] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 261.383287][ T7128] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 8f 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 261.383310][ T7128] RSP: 0018:ffffc90003797b98 EFLAGS: 00050206 [ 261.383329][ T7128] RAX: 0000000000000001 RBX: 00007fe0777e6ec0 RCX: 0000000000000218 [ 261.383344][ T7128] RDX: 0000000000000001 RSI: 00007fe0777e7000 RDI: ffff888037d89180 [ 261.383358][ T7128] RBP: 0000000000000358 R08: 0000000000000001 R09: ffffed1006fb1272 [ 261.383372][ T7128] R10: ffff888037d89397 R11: 0000000000000000 R12: 0000000000000000 [ 261.383386][ T7128] R13: ffff888037d89040 R14: 0000000000000000 R15: 0000000000000358 [ 261.383417][ T7128] _copy_from_user+0x98/0xd0 [ 261.383451][ T7128] do_ip6t_set_ctl+0x854/0xb00 [ 261.383479][ T7128] ? nf_sockopt_find.isra.0+0x222/0x290 [ 261.383515][ T7128] ? __pfx_do_ip6t_set_ctl+0x10/0x10 [ 261.383548][ T7128] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 261.383590][ T7128] ? nf_sockopt_find.isra.0+0x222/0x290 [ 261.383621][ T7128] nf_setsockopt+0x8d/0xf0 [ 261.383651][ T7128] ipv6_setsockopt+0x135/0x170 [ 261.383683][ T7128] tcp_setsockopt+0xa7/0x100 [ 261.383716][ T7128] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 261.383746][ T7128] do_sock_setsockopt+0xf3/0x1d0 [ 261.383777][ T7128] __sys_setsockopt+0x119/0x190 [ 261.383819][ T7128] __x64_sys_setsockopt+0xbd/0x160 [ 261.383852][ T7128] ? do_syscall_64+0x95/0xf80 [ 261.383874][ T7128] ? lockdep_hardirqs_on+0x78/0x100 [ 261.383897][ T7128] do_syscall_64+0x106/0xf80 [ 261.383920][ T7128] ? clear_bhb_loop+0x40/0x90 [ 261.383948][ T7128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.383971][ T7128] RIP: 0033:0x7fe07759de9a [ 261.383990][ T7128] Code: 48 83 ec 10 48 63 c9 48 63 ff 45 89 c9 6a 2c e8 ac 99 fb ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 49 89 ca b8 36 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 [ 261.384012][ T7128] RSP: 002b:00007ffd9cd4f698 EFLAGS: 00000202 ORIG_RAX: 0000000000000036 [ 261.384033][ T7128] RAX: ffffffffffffffda RBX: 00007ffd9cd4f720 RCX: 00007fe07759de9a [ 261.384048][ T7128] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003 [ 261.384061][ T7128] RBP: 0000000000000003 R08: 00000000000003b8 R09: 0000000000000000 [ 261.384075][ T7128] R10: 00007fe0777e6e60 R11: 0000000000000202 R12: 00007fe0777e6e00 [ 261.384089][ T7128] R13: 00007ffd9cd4f6bc R14: 0000000000000000 R15: 00007fe0777e8fc0 [ 261.384121][ T7128] [ 261.384136][ T7128] memory: usage 3072kB, limit 3072kB, failcnt 87143 [ 261.958043][ T7128] memory+swap: usage 66148kB, limit 9007199254740988kB, failcnt 0 [ 261.965912][ T7128] kmem: usage 1640kB, limit 9007199254740988kB, failcnt 0 [ 261.973149][ T7128] Memory cgroup stats for /syz2: [ 261.973404][ T7128] cache 0 [ 261.981511][ T7128] rss 0 [ 261.989609][ T7128] rss_huge 0 [ 261.993369][ T7128] shmem 0 [ 261.996336][ T7128] mapped_file 0 [ 262.016620][ T7128] dirty 0 [ 262.019608][ T7128] writeback 0 [ 262.022904][ T7128] workingset_refault_anon 5768 [ 262.027789][ T7128] workingset_refault_file 44881 [ 262.032650][ T7128] swap 64589824 [ 262.036117][ T7128] swapcached 215773184 [ 262.040982][ T7128] pgpgin 215259 [ 262.044473][ T7128] pgpgout 217456 [ 262.051520][ T7128] pgfault 119763 [ 262.055111][ T7128] pgmajfault 1971 [ 262.059092][ T7128] inactive_anon 786432 [ 262.063179][ T7128] active_anon 679936 [ 262.083660][ T7128] inactive_file 0 [ 262.087400][ T7128] active_file 0 [ 262.090917][ T7128] unevictable 0 [ 262.094437][ T7128] hierarchical_memory_limit 3145728 [ 262.101589][ T7128] hierarchical_memsw_limit 9223372036854771712 [ 262.110957][ T7128] total_cache 0 [ 262.114555][ T7128] total_rss 0 [ 262.117919][ T7128] total_rss_huge 0 [ 262.124381][ T7128] total_shmem 0 [ 262.131070][ T7128] total_mapped_file 0 [ 262.140471][ T7128] total_dirty 0 [ 262.143975][ T7128] total_writeback 0 [ 262.162226][ T7128] total_workingset_refault_anon 5768 [ 262.178104][ T7128] total_workingset_refault_file 44881 [ 262.183694][ T7128] total_swap 64589824 [ 262.201700][ T7128] total_swapcached 215773184 [ 262.206344][ T7128] total_pgpgin 215259 [ 262.240545][ T7128] total_pgpgout 217456 [ 262.244675][ T7128] total_pgfault 119763 [ 262.256610][ T7128] total_pgmajfault 1971 [ 262.260819][ T7128] total_inactive_anon 786432 [ 262.265428][ T7128] total_active_anon 679936 [ 262.274765][ T7128] total_inactive_file 0 [ 262.279940][ T7128] total_active_file 0 [ 262.284227][ T7128] total_unevictable 0 [ 262.289553][ T7128] anon_cost 56 [ 262.296635][ T7128] file_cost 0 [ 262.299962][ T7128] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.497,pid=8380,uid=0 [ 262.347990][ T7128] Memory cgroup out of memory: Killed process 8380 (syz.2.497) total-vm:102224kB, anon-rss:1236kB, file-rss:26836kB, shmem-rss:0kB, UID:0 pgtables:212kB oom_score_adj:1000 [ 263.497379][ T9212] syz.2.661 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 263.576641][ T9212] CPU: 0 UID: 0 PID: 9212 Comm: syz.2.661 Tainted: G L syzkaller #0 PREEMPT(full) [ 263.576681][ T9212] Tainted: [L]=SOFTLOCKUP [ 263.576690][ T9212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 263.576704][ T9212] Call Trace: [ 263.576712][ T9212] [ 263.576721][ T9212] dump_stack_lvl+0x100/0x190 [ 263.576772][ T9212] dump_header+0xfb/0x606 [ 263.576801][ T9212] oom_kill_process.cold+0xd/0x330 [ 263.576838][ T9212] out_of_memory+0x340/0x14f0 [ 263.576884][ T9212] ? __pfx_out_of_memory+0x10/0x10 [ 263.576931][ T9212] mem_cgroup_out_of_memory+0xc6/0x130 [ 263.576961][ T9212] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 263.576991][ T9212] ? find_held_lock+0x2b/0x80 [ 263.577034][ T9212] ? do_raw_spin_unlock+0x145/0x1e0 [ 263.577067][ T9212] ? _raw_spin_unlock+0x28/0x50 [ 263.577113][ T9212] try_charge_memcg+0x652/0xc90 [ 263.577154][ T9212] ? __pfx_try_charge_memcg+0x10/0x10 [ 263.577191][ T9212] ? find_held_lock+0x2b/0x80 [ 263.577231][ T9212] ? rcu_read_unlock+0x17/0x60 [ 263.577272][ T9212] ? rcu_read_unlock+0x17/0x60 [ 263.577327][ T9212] charge_memcg+0xa6/0x280 [ 263.577368][ T9212] __mem_cgroup_charge+0x2b/0x1e0 [ 263.577399][ T9212] do_anonymous_page+0xb62/0x1fb0 [ 263.577447][ T9212] __handle_mm_fault+0x1d42/0x2b60 [ 263.577492][ T9212] ? __pfx___handle_mm_fault+0x10/0x10 [ 263.577548][ T9212] ? pte_offset_map_lock+0x174/0x320 [ 263.577590][ T9212] ? find_held_lock+0x2b/0x80 [ 263.577642][ T9212] ? follow_page_pte+0x5b3/0x1400 [ 263.577694][ T9212] handle_mm_fault+0x36d/0xa20 [ 263.577735][ T9212] __get_user_pages+0xf9c/0x34d0 [ 263.577800][ T9212] ? __pfx___get_user_pages+0x10/0x10 [ 263.577855][ T9212] populate_vma_page_range+0x267/0x3f0 [ 263.577886][ T9212] ? __pfx_populate_vma_page_range+0x10/0x10 [ 263.577915][ T9212] ? __pfx_find_vma_intersection+0x10/0x10 [ 263.577959][ T9212] ? do_mmap+0x93f/0x12f0 [ 263.578005][ T9212] __mm_populate+0x107/0x3a0 [ 263.578036][ T9212] ? __pfx___mm_populate+0x10/0x10 [ 263.578067][ T9212] ? up_write+0x290/0x4f0 [ 263.578108][ T9212] vm_mmap_pgoff+0x37f/0x470 [ 263.578157][ T9212] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 263.578210][ T9212] ? __x64_sys_futex+0x34f/0x4d0 [ 263.578238][ T9212] ? __x64_sys_futex+0x358/0x4d0 [ 263.578273][ T9212] ksys_mmap_pgoff+0x7d/0x5b0 [ 263.578321][ T9212] __x64_sys_mmap+0x125/0x190 [ 263.578366][ T9212] do_syscall_64+0x106/0xf80 [ 263.578393][ T9212] ? clear_bhb_loop+0x40/0x90 [ 263.578429][ T9212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.578458][ T9212] RIP: 0033:0x7efddbf9c629 [ 263.578482][ T9212] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 263.578510][ T9212] RSP: 002b:00007efddcf16028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 263.578538][ T9212] RAX: ffffffffffffffda RBX: 00007efddc216090 RCX: 00007efddbf9c629 [ 263.578557][ T9212] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 263.578575][ T9212] RBP: 00007efddc032b39 R08: 0000000000000002 R09: 0000000000008000 [ 263.578592][ T9212] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 263.578610][ T9212] R13: 00007efddc216128 R14: 00007efddc216090 R15: 00007ffe14b87bb8 [ 263.578650][ T9212] [ 263.578661][ T9212] memory: usage 3072kB, limit 3072kB, failcnt 87427 [ 263.787084][ T9226] input: fĴ as /devices/virtual/input/input24 [ 263.799648][ T9212] memory+swap: usage 25104kB, limit 9007199254740988kB, failcnt 0 [ 263.932216][ T9212] kmem: usage 1344kB, limit 9007199254740988kB, failcnt 0 [ 263.939688][ T9212] Memory cgroup stats for /syz2: [ 263.945417][ T9212] cache 0 [ 263.953931][ T9212] rss 20480 [ 263.963861][ T9212] rss_huge 0 [ 264.049623][ T9212] shmem 0 [ 264.140800][ T9212] mapped_file 0 [ 264.171934][ T9212] dirty 0 [ 264.178515][ T9212] writeback 0 [ 264.185508][ T9212] workingset_refault_anon 5784 [ 264.198683][ T9212] workingset_refault_file 44881 [ 264.215002][ T9212] swap 13398016 [ 264.227988][ T9212] swapcached 215625728 [ 264.245588][ T9212] pgpgin 215276 [ 264.264920][ T9212] pgpgout 217501 [ 264.276310][ T9212] pgfault 119773 [ 264.291168][ T9212] pgmajfault 1976 [ 264.326343][ T9212] inactive_anon 0 [ 264.370540][ T9242] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 700000007 [ 264.387082][ T9212] active_anon 1347584 [ 264.402361][ T9212] inactive_file 0 [ 264.415031][ T9212] active_file 0 [ 264.426817][ T9212] unevictable 0 [ 264.446978][ T9212] hierarchical_memory_limit 3145728 [ 264.452307][ T9212] hierarchical_memsw_limit 9223372036854771712 [ 264.460646][ T9212] total_cache 0 [ 264.464228][ T9212] total_rss 20480 [ 264.468352][ T9212] total_rss_huge 0 [ 264.472203][ T9212] total_shmem 0 [ 264.475748][ T9212] total_mapped_file 0 [ 264.481464][ T9212] total_dirty 0 [ 264.485122][ T9212] total_writeback 0 [ 264.490248][ T9212] total_workingset_refault_anon 5784 [ 264.495634][ T9212] total_workingset_refault_file 44881 [ 264.502198][ T9212] total_swap 13398016 [ 264.508151][ T9212] total_swapcached 215625728 [ 264.512782][ T9212] total_pgpgin 215276 [ 264.517451][ T9212] total_pgpgout 217501 [ 264.521653][ T9212] total_pgfault 119773 [ 264.525763][ T9212] total_pgmajfault 1976 [ 264.530567][ T9212] total_inactive_anon 0 [ 264.534801][ T9212] total_active_anon 1347584 [ 264.539850][ T9212] total_inactive_file 0 [ 264.544123][ T9212] total_active_file 0 [ 264.548907][ T9212] total_unevictable 0 [ 264.563858][ T9212] anon_cost 94 [ 264.567670][ T9212] file_cost 0 [ 264.571150][ T9212] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.661,pid=9208,uid=0 [ 264.586498][ T9212] Memory cgroup out of memory: Killed process 9211 (syz.2.661) total-vm:106456kB, anon-rss:1240kB, file-rss:22352kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 264.846899][ T9252] futex_wake_op: syz.4.670 tries to shift op by -2048; fix this program [ 264.855506][ T9252] futex_wake_op: syz.4.670 tries to shift op by -2048; fix this program [ 264.895951][ T9253] 0x000000000001-0x000000020000 : "" [ 264.937327][ T9253] ftl_cs: FTL header corrupt! [ 264.964297][ T9252] misc userio: No port type given on /dev/userio [ 265.187858][ T9252] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 265.330203][ T9253] : Can't lookup blockdev [ 265.392487][ T9252] PCI: Can't parse resource_alignment parameter: Bż [ 265.893544][ T9272] sd 0:0:1:0: PR command failed: 1026 [ 265.899134][ T9272] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 265.905874][ T9272] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 265.981635][ T9272] FAULT_INJECTION: forcing a failure. [ 265.981635][ T9272] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 266.030465][ T9272] CPU: 1 UID: 0 PID: 9272 Comm: syz.4.677 Tainted: G L syzkaller #0 PREEMPT(full) [ 266.030513][ T9272] Tainted: [L]=SOFTLOCKUP [ 266.030523][ T9272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 266.030541][ T9272] Call Trace: [ 266.030550][ T9272] [ 266.030561][ T9272] dump_stack_lvl+0x100/0x190 [ 266.030608][ T9272] should_fail_ex.cold+0x5/0xa [ 266.030636][ T9272] ? prepare_alloc_pages+0x16d/0x5f0 [ 266.030685][ T9272] should_fail_alloc_page+0xeb/0x140 [ 266.030731][ T9272] prepare_alloc_pages+0x1f0/0x5f0 [ 266.030789][ T9272] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 266.030829][ T9272] ? lock_acquire+0x1cf/0x380 [ 266.030864][ T9272] ? find_held_lock+0x2b/0x80 [ 266.030906][ T9272] ? free_unref_folios+0xd1f/0x1760 [ 266.030939][ T9272] ? free_unref_folios+0xd1f/0x1760 [ 266.030979][ T9272] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 266.031036][ T9272] ? lock_acquire+0x1cf/0x380 [ 266.031069][ T9272] ? find_held_lock+0x2b/0x80 [ 266.031110][ T9272] ? page_table_check_set+0x49a/0xa10 [ 266.031149][ T9272] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 266.031194][ T9272] ? policy_nodemask+0xed/0x4f0 [ 266.031239][ T9272] alloc_pages_mpol+0x1fb/0x550 [ 266.031282][ T9272] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 266.031335][ T9272] folio_alloc_mpol_noprof+0x36/0x340 [ 266.031367][ T9272] vma_alloc_folio_noprof+0xed/0x1d0 [ 266.031396][ T9272] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 266.031436][ T9272] do_anonymous_page+0xb3a/0x1fb0 [ 266.031483][ T9272] __handle_mm_fault+0x1d42/0x2b60 [ 266.031527][ T9272] ? __pfx___handle_mm_fault+0x10/0x10 [ 266.031562][ T9272] ? pte_offset_map_lock+0x174/0x320 [ 266.031603][ T9272] ? find_held_lock+0x2b/0x80 [ 266.031657][ T9272] ? follow_page_pte+0x5b3/0x1400 [ 266.031709][ T9272] handle_mm_fault+0x36d/0xa20 [ 266.031754][ T9272] __get_user_pages+0xf9c/0x34d0 [ 266.031813][ T9272] ? __pfx___get_user_pages+0x10/0x10 [ 266.031861][ T9272] populate_vma_page_range+0x267/0x3f0 [ 266.031887][ T9272] ? __pfx_populate_vma_page_range+0x10/0x10 [ 266.031912][ T9272] ? __pfx_find_vma_intersection+0x10/0x10 [ 266.031950][ T9272] ? do_mmap+0x93f/0x12f0 [ 266.031991][ T9272] __mm_populate+0x107/0x3a0 [ 266.032019][ T9272] ? __pfx___mm_populate+0x10/0x10 [ 266.032045][ T9272] ? up_write+0x290/0x4f0 [ 266.032083][ T9272] vm_mmap_pgoff+0x37f/0x470 [ 266.032124][ T9272] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 266.032167][ T9272] ? find_held_lock+0x2b/0x80 [ 266.032213][ T9272] ? __x64_sys_futex+0x34f/0x4d0 [ 266.032245][ T9272] ? __x64_sys_futex+0x358/0x4d0 [ 266.032282][ T9272] ksys_mmap_pgoff+0x7d/0x5b0 [ 266.032330][ T9272] __x64_sys_mmap+0x125/0x190 [ 266.032373][ T9272] do_syscall_64+0x106/0xf80 [ 266.032399][ T9272] ? clear_bhb_loop+0x40/0x90 [ 266.032433][ T9272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.032460][ T9272] RIP: 0033:0x7fe07759c629 [ 266.032497][ T9272] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 266.032525][ T9272] RSP: 002b:00007fe0784f7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 266.032552][ T9272] RAX: ffffffffffffffda RBX: 00007fe077815fa0 RCX: 00007fe07759c629 [ 266.032571][ T9272] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 266.032589][ T9272] RBP: 00007fe077632b39 R08: 0000000000000002 R09: 0000000000008000 [ 266.032603][ T9272] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 266.032618][ T9272] R13: 00007fe077816038 R14: 00007fe077815fa0 R15: 00007ffd9cd4fa28 [ 266.032652][ T9272] [ 267.133503][ T9290] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 267.189232][ T9176] mkiss: ax0: crc mode is auto. [ 267.664394][ T9287] netlink: 186 bytes leftover after parsing attributes in process `syz.0.680'. [ 268.259849][ T9317] bridge0: port 3(gretap0) entered blocking state [ 268.266458][ T9317] bridge0: port 3(gretap0) entered disabled state [ 268.273206][ T9317] gretap0: entered allmulticast mode [ 268.280141][ T9317] FAULT_INJECTION: forcing a failure. [ 268.280141][ T9317] name failslab, interval 1, probability 0, space 0, times 0 [ 268.292835][ T9317] CPU: 1 UID: 0 PID: 9317 Comm: syz.0.686 Tainted: G L syzkaller #0 PREEMPT(full) [ 268.292880][ T9317] Tainted: [L]=SOFTLOCKUP [ 268.292890][ T9317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 268.292907][ T9317] Call Trace: [ 268.292916][ T9317] [ 268.292927][ T9317] dump_stack_lvl+0x100/0x190 [ 268.292974][ T9317] should_fail_ex.cold+0x5/0xa [ 268.293007][ T9317] should_failslab+0xc2/0x120 [ 268.293047][ T9317] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 268.293083][ T9317] ? __kernfs_new_node+0xd2/0x960 [ 268.293115][ T9317] ? kstrdup+0xb3/0xe0 [ 268.293156][ T9317] __kernfs_new_node+0xd2/0x960 [ 268.293193][ T9317] ? __pfx___kernfs_new_node+0x10/0x10 [ 268.293236][ T9317] ? find_held_lock+0x2b/0x80 [ 268.293277][ T9317] ? kernfs_root+0xee/0x2a0 [ 268.293306][ T9317] ? kernfs_root+0xee/0x2a0 [ 268.293347][ T9317] kernfs_new_node+0x11b/0x1a0 [ 268.293399][ T9317] kernfs_create_link+0xcc/0x240 [ 268.293449][ T9317] sysfs_do_create_link_sd+0x90/0x140 [ 268.293485][ T9317] sysfs_create_link+0x61/0xc0 [ 268.293516][ T9317] __netdev_adjacent_dev_insert+0x819/0xbf0 [ 268.293567][ T9317] ? __pfx___netdev_adjacent_dev_insert+0x10/0x10 [ 268.293625][ T9317] __netdev_upper_dev_link+0x3d8/0x7e0 [ 268.293665][ T9317] ? __pfx___netdev_upper_dev_link+0x10/0x10 [ 268.293698][ T9317] ? kernfs_root+0xf8/0x2a0 [ 268.293733][ T9317] ? kernfs_add_one+0x214/0x850 [ 268.293780][ T9317] netdev_master_upper_dev_link+0x9f/0xd0 [ 268.293816][ T9317] ? __pfx_netdev_master_upper_dev_link+0x10/0x10 [ 268.293855][ T9317] ? lockdep_rtnl_is_held+0x26/0x40 [ 268.293891][ T9317] ? netdev_is_rx_handler_busy+0x83/0x140 [ 268.293925][ T9317] br_add_if+0x9fd/0x1b40 [ 268.293971][ T9317] ? security_capable+0x80/0x260 [ 268.294007][ T9317] add_del_if+0x114/0x160 [ 268.294035][ T9317] br_dev_siocdevprivate+0x8ac/0x1650 [ 268.294069][ T9317] ? __pfx_br_dev_siocdevprivate+0x10/0x10 [ 268.294098][ T9317] ? __pfx___schedule+0x10/0x10 [ 268.294152][ T9317] ? lock_acquire+0x1cf/0x380 [ 268.294198][ T9317] ? netdev_name_node_lookup+0x107/0x150 [ 268.294236][ T9317] ? __mutex_lock+0x26a/0x1b90 [ 268.294270][ T9317] dev_ifsioc+0xc1e/0x1e90 [ 268.294315][ T9317] ? __pfx_dev_ifsioc+0x10/0x10 [ 268.294353][ T9317] ? __pfx___mutex_lock+0x10/0x10 [ 268.294407][ T9317] ? dev_load+0x8e/0x240 [ 268.294446][ T9317] ? dev_load+0x8e/0x240 [ 268.294505][ T9317] dev_ioctl+0x70e/0x1070 [ 268.294552][ T9317] sock_ioctl+0x494/0x6b0 [ 268.294590][ T9317] ? __pfx_sock_ioctl+0x10/0x10 [ 268.294624][ T9317] ? hook_file_ioctl_common+0x146/0x410 [ 268.294669][ T9317] ? __fget_files+0x21f/0x3d0 [ 268.294714][ T9317] ? __pfx_sock_ioctl+0x10/0x10 [ 268.294753][ T9317] __x64_sys_ioctl+0x18e/0x210 [ 268.294789][ T9317] do_syscall_64+0x106/0xf80 [ 268.294817][ T9317] ? clear_bhb_loop+0x40/0x90 [ 268.294851][ T9317] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.294880][ T9317] RIP: 0033:0x7f3103d9c629 [ 268.294906][ T9317] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 268.294933][ T9317] RSP: 002b:00007f3104b78028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 268.294961][ T9317] RAX: ffffffffffffffda RBX: 00007f3104016180 RCX: 00007f3103d9c629 [ 268.294980][ T9317] RDX: 0000200000000040 RSI: 00000000000089fc RDI: 000000000000000a [ 268.294998][ T9317] RBP: 00007f3103e32b39 R08: 0000000000000000 R09: 0000000000000000 [ 268.295015][ T9317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 268.295032][ T9317] R13: 00007f3104016218 R14: 00007f3104016180 R15: 00007ffcd95744c8 [ 268.295069][ T9317] [ 268.686012][ T9317] gretap0: left allmulticast mode [ 269.051607][ T9328] FAULT_INJECTION: forcing a failure. [ 269.051607][ T9328] name failslab, interval 1, probability 0, space 0, times 0 [ 269.086939][ T9328] CPU: 1 UID: 0 PID: 9328 Comm: syz.3.690 Tainted: G L syzkaller #0 PREEMPT(full) [ 269.086981][ T9328] Tainted: [L]=SOFTLOCKUP [ 269.086989][ T9328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 269.087004][ T9328] Call Trace: [ 269.087012][ T9328] [ 269.087022][ T9328] dump_stack_lvl+0x100/0x190 [ 269.087065][ T9328] should_fail_ex.cold+0x5/0xa [ 269.087094][ T9328] ? tomoyo_realpath_from_path+0xb6/0x690 [ 269.087133][ T9328] should_failslab+0xc2/0x120 [ 269.087169][ T9328] __kmalloc_noprof+0xe0/0x850 [ 269.087208][ T9328] tomoyo_realpath_from_path+0xb6/0x690 [ 269.087251][ T9328] tomoyo_path_number_perm+0x23c/0x580 [ 269.087280][ T9328] ? tomoyo_path_number_perm+0x22e/0x580 [ 269.087315][ T9328] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 269.087382][ T9328] ? find_held_lock+0x2b/0x80 [ 269.087419][ T9328] ? __fget_files+0x215/0x3d0 [ 269.087449][ T9328] ? hook_file_ioctl_common+0x146/0x410 [ 269.087486][ T9328] ? __fget_files+0x21f/0x3d0 [ 269.087518][ T9328] security_file_ioctl+0xd3/0x230 [ 269.087560][ T9328] __x64_sys_ioctl+0xb7/0x210 [ 269.087589][ T9328] do_syscall_64+0x106/0xf80 [ 269.087613][ T9328] ? clear_bhb_loop+0x40/0x90 [ 269.087641][ T9328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.087663][ T9328] RIP: 0033:0x7feb1719c629 [ 269.087681][ T9328] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 269.087706][ T9328] RSP: 002b:00007feb1800a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 269.087728][ T9328] RAX: ffffffffffffffda RBX: 00007feb17415fa0 RCX: 00007feb1719c629 [ 269.087744][ T9328] RDX: 0000000000000002 RSI: 00000000c0205647 RDI: 0000000000000003 [ 269.087759][ T9328] RBP: 00007feb1800a090 R08: 0000000000000000 R09: 0000000000000000 [ 269.087775][ T9328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 269.087790][ T9328] R13: 00007feb17416038 R14: 00007feb17415fa0 R15: 00007ffca73e07e8 [ 269.087824][ T9328] [ 269.087833][ T9328] ERROR: Out of memory at tomoyo_realpath_from_path. [ 269.174467][ T9331] FAULT_INJECTION: forcing a failure. [ 269.174467][ T9331] name failslab, interval 1, probability 0, space 0, times 0 [ 269.325976][ T9331] CPU: 0 UID: 0 PID: 9331 Comm: syz.2.689 Tainted: G L syzkaller #0 PREEMPT(full) [ 269.326027][ T9331] Tainted: [L]=SOFTLOCKUP [ 269.326037][ T9331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 269.326055][ T9331] Call Trace: [ 269.326064][ T9331] [ 269.326075][ T9331] dump_stack_lvl+0x100/0x190 [ 269.326124][ T9331] should_fail_ex.cold+0x5/0xa [ 269.326158][ T9331] should_failslab+0xc2/0x120 [ 269.326201][ T9331] __kmalloc_cache_noprof+0x7a/0x6f0 [ 269.326233][ T9331] ? ipv4_mib_init_net+0x2ce/0x5b0 [ 269.326276][ T9331] ipv4_mib_init_net+0x2ce/0x5b0 [ 269.326313][ T9331] ? __pfx_igmp_net_init+0x10/0x10 [ 269.326350][ T9331] ? __pfx_ipv4_mib_init_net+0x10/0x10 [ 269.326382][ T9331] ops_init+0x1e2/0x5f0 [ 269.326413][ T9331] setup_net+0x118/0x3a0 [ 269.326442][ T9331] ? __pfx_setup_net+0x10/0x10 [ 269.326470][ T9331] ? lockdep_init_map_type+0x5c/0x250 [ 269.326507][ T9331] ? mutex_init_lockep+0x110/0x150 [ 269.326559][ T9331] copy_net_ns+0x46f/0x7c0 [ 269.326593][ T9331] create_new_namespaces+0x3ea/0xac0 [ 269.326648][ T9331] copy_namespaces+0x468/0x5e0 [ 269.326679][ T9331] copy_process+0x3226/0x7a10 [ 269.326731][ T9331] ? __pfx_copy_process+0x10/0x10 [ 269.326762][ T9331] ? find_held_lock+0x2b/0x80 [ 269.326820][ T9331] kernel_clone+0xfc/0x9a0 [ 269.326849][ T9331] ? __pfx_futex_wait+0x10/0x10 [ 269.326891][ T9331] ? __pfx_kernel_clone+0x10/0x10 [ 269.326932][ T9331] ? __pfx_sock_write_iter+0x10/0x10 [ 269.326977][ T9331] __do_sys_clone+0xd9/0x120 [ 269.327010][ T9331] ? __pfx___do_sys_clone+0x10/0x10 [ 269.327075][ T9331] do_syscall_64+0x106/0xf80 [ 269.327104][ T9331] ? clear_bhb_loop+0x40/0x90 [ 269.327139][ T9331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.327169][ T9331] RIP: 0033:0x7efddbf9c629 [ 269.327194][ T9331] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 269.327223][ T9331] RSP: 002b:00007efddcef4fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 269.327252][ T9331] RAX: ffffffffffffffda RBX: 00007efddc216180 RCX: 00007efddbf9c629 [ 269.327270][ T9331] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211 [ 269.327288][ T9331] RBP: 00007efddc032b39 R08: 0000000000000000 R09: 0000000000000000 [ 269.327305][ T9331] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 269.327322][ T9331] R13: 00007efddc216218 R14: 00007efddc216180 R15: 00007ffe14b87bb8 [ 269.327362][ T9331] [ 269.622349][ T9336] sd 0:0:1:0: PR command failed: 1026 [ 269.628872][ T9336] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 269.635703][ T9336] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 269.647180][ T9336] FAULT_INJECTION: forcing a failure. [ 269.647180][ T9336] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 269.660736][ T9336] CPU: 0 UID: 0 PID: 9336 Comm: syz.3.692 Tainted: G L syzkaller #0 PREEMPT(full) [ 269.660779][ T9336] Tainted: [L]=SOFTLOCKUP [ 269.660788][ T9336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 269.660806][ T9336] Call Trace: [ 269.660815][ T9336] [ 269.660825][ T9336] dump_stack_lvl+0x100/0x190 [ 269.660872][ T9336] should_fail_ex.cold+0x5/0xa [ 269.660898][ T9336] ? prepare_alloc_pages+0x16d/0x5f0 [ 269.660944][ T9336] should_fail_alloc_page+0xeb/0x140 [ 269.660987][ T9336] prepare_alloc_pages+0x1f0/0x5f0 [ 269.661033][ T9336] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 269.661069][ T9336] ? __lock_acquire+0x441/0x2630 [ 269.661102][ T9336] ? _raw_spin_lock_irqsave+0x52/0x60 [ 269.661151][ T9336] ? kasan_save_stack+0x3f/0x50 [ 269.661191][ T9336] ? kasan_save_stack+0x30/0x50 [ 269.661225][ T9336] ? kasan_save_track+0x14/0x30 [ 269.661259][ T9336] ? __kasan_slab_alloc+0x89/0x90 [ 269.661296][ T9336] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 269.661331][ T9336] ? ptlock_alloc+0x1f/0x70 [ 269.661357][ T9336] ? pte_alloc_one+0x84/0x3e0 [ 269.661384][ T9336] ? do_anonymous_page+0x13cc/0x1fb0 [ 269.661417][ T9336] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 269.661466][ T9336] ? __pfx_css_rstat_updated+0x10/0x10 [ 269.661503][ T9336] ? lock_acquire+0x1cf/0x380 [ 269.661534][ T9336] ? find_held_lock+0x2b/0x80 [ 269.661571][ T9336] ? page_table_check_set+0x49a/0xa10 [ 269.661612][ T9336] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 269.661656][ T9336] ? policy_nodemask+0xed/0x4f0 [ 269.661696][ T9336] alloc_pages_mpol+0x1fb/0x550 [ 269.661734][ T9336] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 269.661780][ T9336] folio_alloc_mpol_noprof+0x36/0x340 [ 269.661808][ T9336] vma_alloc_folio_noprof+0xed/0x1d0 [ 269.661835][ T9336] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 269.661872][ T9336] do_anonymous_page+0xb3a/0x1fb0 [ 269.661914][ T9336] __handle_mm_fault+0x1d42/0x2b60 [ 269.661951][ T9336] ? __pfx___handle_mm_fault+0x10/0x10 [ 269.661980][ T9336] ? pte_offset_map_lock+0x174/0x320 [ 269.662015][ T9336] ? find_held_lock+0x2b/0x80 [ 269.662064][ T9336] ? follow_page_pte+0x5b3/0x1400 [ 269.662116][ T9336] handle_mm_fault+0x36d/0xa20 [ 269.662156][ T9336] __get_user_pages+0xf9c/0x34d0 [ 269.662214][ T9336] ? __pfx___get_user_pages+0x10/0x10 [ 269.662269][ T9336] populate_vma_page_range+0x267/0x3f0 [ 269.662299][ T9336] ? __pfx_populate_vma_page_range+0x10/0x10 [ 269.662327][ T9336] ? __pfx_find_vma_intersection+0x10/0x10 [ 269.662370][ T9336] ? do_mmap+0x93f/0x12f0 [ 269.662416][ T9336] __mm_populate+0x107/0x3a0 [ 269.662446][ T9336] ? __pfx___mm_populate+0x10/0x10 [ 269.662476][ T9336] ? up_write+0x290/0x4f0 [ 269.662517][ T9336] vm_mmap_pgoff+0x37f/0x470 [ 269.662565][ T9336] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 269.662618][ T9336] ? find_held_lock+0x2b/0x80 [ 269.662667][ T9336] ? __x64_sys_futex+0x34f/0x4d0 [ 269.662700][ T9336] ? __x64_sys_futex+0x358/0x4d0 [ 269.662737][ T9336] ksys_mmap_pgoff+0x7d/0x5b0 [ 269.662785][ T9336] __x64_sys_mmap+0x125/0x190 [ 269.662829][ T9336] do_syscall_64+0x106/0xf80 [ 269.662858][ T9336] ? clear_bhb_loop+0x40/0x90 [ 269.662893][ T9336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.662922][ T9336] RIP: 0033:0x7feb1719c629 [ 269.662947][ T9336] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 269.662975][ T9336] RSP: 002b:00007feb1800a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 269.663003][ T9336] RAX: ffffffffffffffda RBX: 00007feb17415fa0 RCX: 00007feb1719c629 [ 269.663022][ T9336] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 269.663039][ T9336] RBP: 00007feb17232b39 R08: 0000000000000002 R09: 0000000000008000 [ 269.663057][ T9336] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 269.663074][ T9336] R13: 00007feb17416038 R14: 00007feb17415fa0 R15: 00007ffca73e07e8 [ 269.663113][ T9336] [ 270.368143][ T5830] Bluetooth: hci4: unexpected event 0x14 length: 16 > 6 [ 271.158130][ T9373] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 271.532569][ T9390] vivid-007: ================= START STATUS ================= [ 271.546059][ T9390] vivid-007: Generate PTS: true [ 271.566703][ T9390] vivid-007: Generate SCR: true [ 271.581056][ T9390] tpg source WxH: 320x240 (Y'CbCr) [ 271.592869][ T9390] tpg field: 1 [ 271.596535][ T9390] tpg crop: (0,0)/320x240 [ 271.606074][ T9393] FAULT_INJECTION: forcing a failure. [ 271.606074][ T9393] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 271.619455][ T9393] CPU: 0 UID: 0 PID: 9393 Comm: syz.0.707 Tainted: G L syzkaller #0 PREEMPT(full) [ 271.619481][ T9393] Tainted: [L]=SOFTLOCKUP [ 271.619487][ T9393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 271.619497][ T9393] Call Trace: [ 271.619502][ T9393] [ 271.619507][ T9393] dump_stack_lvl+0x100/0x190 [ 271.619535][ T9393] should_fail_ex.cold+0x5/0xa [ 271.619549][ T9393] ? prepare_alloc_pages+0x16d/0x5f0 [ 271.619574][ T9393] should_fail_alloc_page+0xeb/0x140 [ 271.619597][ T9393] prepare_alloc_pages+0x1f0/0x5f0 [ 271.619622][ T9393] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 271.619642][ T9393] ? __lock_acquire+0x441/0x2630 [ 271.619662][ T9393] ? kasan_save_stack+0x3f/0x50 [ 271.619679][ T9393] ? kasan_save_stack+0x30/0x50 [ 271.619696][ T9393] ? kasan_save_track+0x14/0x30 [ 271.619714][ T9393] ? __kasan_slab_alloc+0x89/0x90 [ 271.619732][ T9393] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 271.619750][ T9393] ? ptlock_alloc+0x1f/0x70 [ 271.619764][ T9393] ? pte_alloc_one+0x84/0x3e0 [ 271.619779][ T9393] ? do_anonymous_page+0x13cc/0x1fb0 [ 271.619798][ T9393] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 271.619820][ T9393] ? __pfx_css_rstat_updated+0x10/0x10 [ 271.619840][ T9393] ? lock_acquire+0x1cf/0x380 [ 271.619857][ T9393] ? find_held_lock+0x2b/0x80 [ 271.619878][ T9393] ? page_table_check_set+0x49a/0xa10 [ 271.619898][ T9393] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 271.619921][ T9393] ? policy_nodemask+0xed/0x4f0 [ 271.619943][ T9393] alloc_pages_mpol+0x1fb/0x550 [ 271.619966][ T9393] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 271.619992][ T9393] folio_alloc_mpol_noprof+0x36/0x340 [ 271.620008][ T9393] vma_alloc_folio_noprof+0xed/0x1d0 [ 271.620023][ T9393] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 271.620043][ T9393] do_anonymous_page+0xb3a/0x1fb0 [ 271.620066][ T9393] __handle_mm_fault+0x1d42/0x2b60 [ 271.620089][ T9393] ? __pfx___handle_mm_fault+0x10/0x10 [ 271.620106][ T9393] ? pte_offset_map_lock+0x174/0x320 [ 271.620128][ T9393] ? find_held_lock+0x2b/0x80 [ 271.620155][ T9393] ? follow_page_pte+0x5b3/0x1400 [ 271.620181][ T9393] handle_mm_fault+0x36d/0xa20 [ 271.620201][ T9393] __get_user_pages+0xf9c/0x34d0 [ 271.620230][ T9393] ? __pfx___get_user_pages+0x10/0x10 [ 271.620258][ T9393] populate_vma_page_range+0x267/0x3f0 [ 271.620274][ T9393] ? __pfx_populate_vma_page_range+0x10/0x10 [ 271.620288][ T9393] ? __pfx_find_vma_intersection+0x10/0x10 [ 271.620309][ T9393] ? do_mmap+0x93f/0x12f0 [ 271.620333][ T9393] __mm_populate+0x107/0x3a0 [ 271.620348][ T9393] ? __pfx___mm_populate+0x10/0x10 [ 271.620364][ T9393] ? up_write+0x290/0x4f0 [ 271.620385][ T9393] vm_mmap_pgoff+0x37f/0x470 [ 271.620416][ T9393] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 271.620441][ T9393] ? find_held_lock+0x2b/0x80 [ 271.620466][ T9393] ? __x64_sys_futex+0x34f/0x4d0 [ 271.620483][ T9393] ? __x64_sys_futex+0x358/0x4d0 [ 271.620502][ T9393] ksys_mmap_pgoff+0x7d/0x5b0 [ 271.620527][ T9393] __x64_sys_mmap+0x125/0x190 [ 271.620549][ T9393] do_syscall_64+0x106/0xf80 [ 271.620564][ T9393] ? clear_bhb_loop+0x40/0x90 [ 271.620583][ T9393] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.620598][ T9393] RIP: 0033:0x7f3103d9c629 [ 271.620613][ T9393] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 271.620627][ T9393] RSP: 002b:00007f3104bba028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 271.620642][ T9393] RAX: ffffffffffffffda RBX: 00007f3104015fa0 RCX: 00007f3103d9c629 [ 271.620653][ T9393] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 271.620662][ T9393] RBP: 00007f3103e32b39 R08: 0000000000000002 R09: 0000000000008000 [ 271.620671][ T9393] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 271.620681][ T9393] R13: 00007f3104016038 R14: 00007f3104015fa0 R15: 00007ffcd95744c8 [ 271.620700][ T9393] [ 272.034328][ T9390] tpg compose: (0,0)/320x240 [ 272.039058][ T9390] tpg colorspace: 8 [ 272.042857][ T9390] tpg transfer function: 0/0 [ 272.047588][ T9390] tpg Y'CbCr encoding: 0/0 [ 272.052021][ T9390] tpg quantization: 0/0 [ 272.056191][ T9390] tpg RGB range: 0/2 [ 272.060253][ T9390] vivid-007: ================== END STATUS ================== [ 272.560706][ T9396] FAULT_INJECTION: forcing a failure. [ 272.560706][ T9396] name failslab, interval 1, probability 0, space 0, times 0 [ 272.573513][ T9396] CPU: 1 UID: 0 PID: 9396 Comm: syz.2.706 Tainted: G L syzkaller #0 PREEMPT(full) [ 272.573560][ T9396] Tainted: [L]=SOFTLOCKUP [ 272.573571][ T9396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 272.573588][ T9396] Call Trace: [ 272.573597][ T9396] [ 272.573608][ T9396] dump_stack_lvl+0x100/0x190 [ 272.573655][ T9396] should_fail_ex.cold+0x5/0xa [ 272.573688][ T9396] ? dma_buf_export+0x389/0xcb0 [ 272.573717][ T9396] should_failslab+0xc2/0x120 [ 272.573761][ T9396] __kmalloc_noprof+0xe0/0x850 [ 272.573805][ T9396] dma_buf_export+0x389/0xcb0 [ 272.573836][ T9396] ? sg_alloc_table+0x4c/0x1c0 [ 272.573871][ T9396] system_heap_allocate+0xb5e/0x1170 [ 272.573915][ T9396] ? __pfx_system_heap_allocate+0x10/0x10 [ 272.573961][ T9396] ? rep_movs_alternative+0x4a/0x90 [ 272.574002][ T9396] dma_heap_ioctl+0x37f/0x5e0 [ 272.574036][ T9396] ? __pfx_dma_heap_ioctl+0x10/0x10 [ 272.574064][ T9396] ? __x64_sys_close_range+0x2d9/0x5d0 [ 272.574120][ T9396] ? __pfx___x64_sys_futex+0x10/0x10 [ 272.574164][ T9396] ? __pfx_dma_heap_ioctl+0x10/0x10 [ 272.574197][ T9396] __x64_sys_ioctl+0x18e/0x210 [ 272.574236][ T9396] do_syscall_64+0x106/0xf80 [ 272.574264][ T9396] ? clear_bhb_loop+0x40/0x90 [ 272.574299][ T9396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.574328][ T9396] RIP: 0033:0x7efddbf9c629 [ 272.574353][ T9396] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 272.574381][ T9396] RSP: 002b:00007efddcf16028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 272.574409][ T9396] RAX: ffffffffffffffda RBX: 00007efddc216090 RCX: 00007efddbf9c629 [ 272.574429][ T9396] RDX: 0000200000000140 RSI: ffffffffffdffe00 RDI: 0000000000000001 [ 272.574448][ T9396] RBP: 00007efddc032b39 R08: 0000000000000000 R09: 0000000000000000 [ 272.574466][ T9396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 272.574484][ T9396] R13: 00007efddc216128 R14: 00007efddc216090 R15: 00007ffe14b87bb8 [ 272.574523][ T9396] [ 273.254085][ T9420] FAULT_INJECTION: forcing a failure. [ 273.254085][ T9420] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 273.290858][ T9420] CPU: 1 UID: 0 PID: 9420 Comm: syz.0.711 Tainted: G L syzkaller #0 PREEMPT(full) [ 273.290898][ T9420] Tainted: [L]=SOFTLOCKUP [ 273.290907][ T9420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 273.290922][ T9420] Call Trace: [ 273.290930][ T9420] [ 273.290939][ T9420] dump_stack_lvl+0x100/0x190 [ 273.290981][ T9420] should_fail_ex.cold+0x5/0xa [ 273.291010][ T9420] _copy_from_user+0x2e/0xd0 [ 273.291047][ T9420] video_usercopy+0x9e0/0x14d0 [ 273.291074][ T9420] ? __pfx_subdev_do_ioctl_lock+0x10/0x10 [ 273.291117][ T9420] ? __pfx_video_usercopy+0x10/0x10 [ 273.291161][ T9420] ? __fget_files+0x21f/0x3d0 [ 273.291199][ T9420] v4l2_ioctl+0x1bd/0x250 [ 273.291226][ T9420] ? __pfx_v4l2_ioctl+0x10/0x10 [ 273.291257][ T9420] __x64_sys_ioctl+0x18e/0x210 [ 273.291291][ T9420] do_syscall_64+0x106/0xf80 [ 273.291390][ T9420] ? clear_bhb_loop+0x40/0x90 [ 273.291417][ T9420] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.291444][ T9420] RIP: 0033:0x7f3103d9c629 [ 273.291466][ T9420] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 273.291490][ T9420] RSP: 002b:00007f3104bba028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 273.291524][ T9420] RAX: ffffffffffffffda RBX: 00007f3104015fa0 RCX: 00007f3103d9c629 [ 273.291540][ T9420] RDX: 0000000000000002 RSI: 00000000c0205647 RDI: 0000000000000003 [ 273.291554][ T9420] RBP: 00007f3104bba090 R08: 0000000000000000 R09: 0000000000000000 [ 273.291568][ T9420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 273.291582][ T9420] R13: 00007f3104016038 R14: 00007f3104015fa0 R15: 00007ffcd95744c8 [ 273.291616][ T9420] [ 273.557584][ T9412] FAULT_INJECTION: forcing a failure. [ 273.557584][ T9412] name failslab, interval 1, probability 0, space 0, times 0 [ 273.570269][ T9412] CPU: 1 UID: 0 PID: 9412 Comm: syz.4.709 Tainted: G L syzkaller #0 PREEMPT(full) [ 273.570292][ T9412] Tainted: [L]=SOFTLOCKUP [ 273.570297][ T9412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 273.570306][ T9412] Call Trace: [ 273.570312][ T9412] [ 273.570318][ T9412] dump_stack_lvl+0x100/0x190 [ 273.570343][ T9412] should_fail_ex.cold+0x5/0xa [ 273.570359][ T9412] should_failslab+0xc2/0x120 [ 273.570381][ T9412] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 273.570399][ T9412] ? mas_alloc_nodes+0x280/0x390 [ 273.570423][ T9412] mas_alloc_nodes+0x280/0x390 [ 273.570446][ T9412] mas_preallocate+0x39c/0xf10 [ 273.570461][ T9412] ? __memcg_slab_post_alloc_hook+0x4a0/0x9a0 [ 273.570486][ T9412] ? __pfx_mas_preallocate+0x10/0x10 [ 273.570507][ T9412] ? anon_vma_name+0x5a/0x250 [ 273.570524][ T9412] __split_vma+0x33d/0xd90 [ 273.570542][ T9412] ? __pfx___split_vma+0x10/0x10 [ 273.570568][ T9412] vma_modify+0x1121/0x2250 [ 273.570590][ T9412] ? __pfx_vma_modify+0x10/0x10 [ 273.570610][ T9412] vma_modify_flags+0x257/0x3d0 [ 273.570628][ T9412] ? __pfx_vma_modify_flags+0x10/0x10 [ 273.570653][ T9412] ? mas_walk+0x6ef/0x9b0 [ 273.570665][ T9412] ? __pfx_mas_prev+0x10/0x10 [ 273.570685][ T9412] do_mseal+0x483/0x860 [ 273.570708][ T9412] ? __pfx_do_mseal+0x10/0x10 [ 273.570725][ T9412] ? __fget_files+0x21f/0x3d0 [ 273.570749][ T9412] ? ksys_write+0x1ac/0x250 [ 273.570767][ T9412] ? __pfx_ksys_write+0x10/0x10 [ 273.570789][ T9412] __x64_sys_mseal+0x73/0xb0 [ 273.570807][ T9412] ? lockdep_hardirqs_on+0x78/0x100 [ 273.570821][ T9412] do_syscall_64+0x106/0xf80 [ 273.570834][ T9412] ? clear_bhb_loop+0x40/0x90 [ 273.570851][ T9412] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.570865][ T9412] RIP: 0033:0x7fe07759c629 [ 273.570879][ T9412] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 273.570892][ T9412] RSP: 002b:00007fe0784d6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ce [ 273.570905][ T9412] RAX: ffffffffffffffda RBX: 00007fe077816090 RCX: 00007fe07759c629 [ 273.570915][ T9412] RDX: 0000000000000000 RSI: 0000000000007dda RDI: 0000000000000000 [ 273.570923][ T9412] RBP: 00007fe0784d6090 R08: 0000000000000000 R09: 0000000000000000 [ 273.570932][ T9412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 273.570940][ T9412] R13: 00007fe077816128 R14: 00007fe077816090 R15: 00007ffd9cd4fa28 [ 273.570958][ T9412] [ 273.919966][ T30] audit: type=1804 audit(1771412297.087:13): pid=9421 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.710" name="/newroot/158/file0" dev="tmpfs" ino=838 res=1 errno=0 [ 273.964306][ T9426] netlink: 8 bytes leftover after parsing attributes in process `syz.0.712'. [ 274.005916][ T30] audit: type=1804 audit(1771412297.087:14): pid=9423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.710" name="/newroot/158/file0" dev="tmpfs" ino=838 res=1 errno=0 [ 275.320204][ T9455] FAULT_INJECTION: forcing a failure. [ 275.320204][ T9455] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 275.372561][ T9455] CPU: 0 UID: 0 PID: 9455 Comm: syz.3.720 Tainted: G L syzkaller #0 PREEMPT(full) [ 275.372603][ T9455] Tainted: [L]=SOFTLOCKUP [ 275.372612][ T9455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 275.372625][ T9455] Call Trace: [ 275.372633][ T9455] [ 275.372642][ T9455] dump_stack_lvl+0x100/0x190 [ 275.372683][ T9455] should_fail_ex.cold+0x5/0xa [ 275.372713][ T9455] _copy_to_user+0x32/0xd0 [ 275.372751][ T9455] video_usercopy+0xcad/0x14d0 [ 275.372787][ T9455] ? __pfx_video_usercopy+0x10/0x10 [ 275.372830][ T9455] ? __fget_files+0x21f/0x3d0 [ 275.372866][ T9455] v4l2_ioctl+0x1bd/0x250 [ 275.372894][ T9455] ? __pfx_v4l2_ioctl+0x10/0x10 [ 275.372923][ T9455] __x64_sys_ioctl+0x18e/0x210 [ 275.372956][ T9455] do_syscall_64+0x106/0xf80 [ 275.372981][ T9455] ? clear_bhb_loop+0x40/0x90 [ 275.373012][ T9455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.373038][ T9455] RIP: 0033:0x7feb1719c629 [ 275.373059][ T9455] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 275.373083][ T9455] RSP: 002b:00007feb1800a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 275.373107][ T9455] RAX: ffffffffffffffda RBX: 00007feb17415fa0 RCX: 00007feb1719c629 [ 275.373125][ T9455] RDX: 0000000000000002 RSI: 00000000c0205647 RDI: 0000000000000003 [ 275.373140][ T9455] RBP: 00007feb1800a090 R08: 0000000000000000 R09: 0000000000000000 [ 275.373163][ T9455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 275.373178][ T9455] R13: 00007feb17416038 R14: 00007feb17415fa0 R15: 00007ffca73e07e8 [ 275.373213][ T9455] [ 276.726103][ T9233] netdevsim netdevsim1335 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 277.076394][ T9491] FAULT_INJECTION: forcing a failure. [ 277.076394][ T9491] name failslab, interval 1, probability 0, space 0, times 0 [ 277.113298][ T9491] CPU: 0 UID: 0 PID: 9491 Comm: syz.3.729 Tainted: G L syzkaller #0 PREEMPT(full) [ 277.113342][ T9491] Tainted: [L]=SOFTLOCKUP [ 277.113352][ T9491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 277.113367][ T9491] Call Trace: [ 277.113376][ T9491] [ 277.113386][ T9491] dump_stack_lvl+0x100/0x190 [ 277.113428][ T9491] should_fail_ex.cold+0x5/0xa [ 277.113458][ T9491] should_failslab+0xc2/0x120 [ 277.113496][ T9491] __kvmalloc_node_noprof+0xfa/0xa00 [ 277.113531][ T9491] ? seq_read_iter+0x819/0x1270 [ 277.113571][ T9491] seq_read_iter+0x819/0x1270 [ 277.113603][ T9491] ? futex_unqueue+0x133/0x2c0 [ 277.113632][ T9491] ? __pfx_aa_file_perm+0x10/0x10 [ 277.113679][ T9491] kernfs_fop_read_iter+0x46c/0x610 [ 277.113725][ T9491] do_iter_readv_writev+0x60d/0x920 [ 277.113759][ T9491] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 277.113788][ T9491] ? common_file_perm+0x1ab/0x4f0 [ 277.113841][ T9491] ? rw_verify_area+0xce/0x6d0 [ 277.113874][ T9491] vfs_readv+0x4d3/0x8d0 [ 277.113903][ T9491] ? rcu_is_watching+0x12/0xc0 [ 277.113937][ T9491] ? trace_contention_end+0x140/0x180 [ 277.113973][ T9491] ? __pfx_vfs_readv+0x10/0x10 [ 277.114001][ T9491] ? fdget_pos+0x2aa/0x380 [ 277.114061][ T9491] ? __fget_files+0x21f/0x3d0 [ 277.114101][ T9491] ? do_readv+0x13e/0x340 [ 277.114128][ T9491] do_readv+0x13e/0x340 [ 277.114159][ T9491] ? __pfx_do_readv+0x10/0x10 [ 277.114200][ T9491] do_syscall_64+0x106/0xf80 [ 277.114224][ T9491] ? clear_bhb_loop+0x40/0x90 [ 277.114256][ T9491] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.114281][ T9491] RIP: 0033:0x7feb1719c629 [ 277.114302][ T9491] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 277.114326][ T9491] RSP: 002b:00007feb1800a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 277.114350][ T9491] RAX: ffffffffffffffda RBX: 00007feb17415fa0 RCX: 00007feb1719c629 [ 277.114366][ T9491] RDX: 0000000000000001 RSI: 0000200000000a80 RDI: 0000000000000003 [ 277.114381][ T9491] RBP: 00007feb17232b39 R08: 0000000000000000 R09: 0000000000000000 [ 277.114396][ T9491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 277.114411][ T9491] R13: 00007feb17416038 R14: 00007feb17415fa0 R15: 00007ffca73e07e8 [ 277.114447][ T9491] [ 277.452909][ T9495] FAULT_INJECTION: forcing a failure. [ 277.452909][ T9495] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 277.513337][ T9496] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 277.533446][ T9495] CPU: 0 UID: 0 PID: 9495 Comm: syz.3.730 Tainted: G L syzkaller #0 PREEMPT(full) [ 277.533488][ T9495] Tainted: [L]=SOFTLOCKUP [ 277.533497][ T9495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 277.533511][ T9495] Call Trace: [ 277.533520][ T9495] [ 277.533530][ T9495] dump_stack_lvl+0x100/0x190 [ 277.533570][ T9495] should_fail_ex.cold+0x5/0xa [ 277.533600][ T9495] _copy_to_user+0x32/0xd0 [ 277.533638][ T9495] simple_read_from_buffer+0xcb/0x170 [ 277.533682][ T9495] proc_fail_nth_read+0x1af/0x230 [ 277.533723][ T9495] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 277.533773][ T9495] ? rw_verify_area+0xce/0x6d0 [ 277.533803][ T9495] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 277.533842][ T9495] vfs_read+0x1e4/0xb30 [ 277.533880][ T9495] ? __pfx_vfs_read+0x10/0x10 [ 277.533911][ T9495] ? __fget_files+0x215/0x3d0 [ 277.533953][ T9495] ? __fget_files+0x21f/0x3d0 [ 277.533996][ T9495] ksys_read+0x12a/0x250 [ 277.534028][ T9495] ? __pfx_ksys_read+0x10/0x10 [ 277.534058][ T9495] ? v4l2_ioctl+0x1c5/0x250 [ 277.534096][ T9495] do_syscall_64+0x106/0xf80 [ 277.534121][ T9495] ? clear_bhb_loop+0x40/0x90 [ 277.534152][ T9495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.534177][ T9495] RIP: 0033:0x7feb1715cece [ 277.534199][ T9495] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 277.534224][ T9495] RSP: 002b:00007feb18009fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 277.534248][ T9495] RAX: ffffffffffffffda RBX: 00007feb1800a6c0 RCX: 00007feb1715cece [ 277.534265][ T9495] RDX: 000000000000000f RSI: 00007feb1800a0a0 RDI: 0000000000000004 [ 277.534280][ T9495] RBP: 00007feb1800a090 R08: 0000000000000000 R09: 0000000000000000 [ 277.534296][ T9495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 277.534310][ T9495] R13: 00007feb17416038 R14: 00007feb17415fa0 R15: 00007ffca73e07e8 [ 277.534346][ T9495] [ 278.007399][ T9503] netlink: 'syz.0.734': attribute type 3 has an invalid length. [ 278.833806][ T9527] zswap: compressor 000 not available [ 279.256015][ T9318] mkiss: ax0: crc mode is auto. [ 280.019846][ T9554] netlink: 'syz.4.746': attribute type 2 has an invalid length. [ 281.191603][ T9573] sctp: [Deprecated]: syz.4.749 (pid 9573) Use of int in max_burst socket option deprecated. [ 281.191603][ T9573] Use struct sctp_assoc_value instead [ 282.997614][ T9606] FAULT_INJECTION: forcing a failure. [ 282.997614][ T9606] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 283.036889][ T9606] CPU: 0 UID: 0 PID: 9606 Comm: syz.2.756 Tainted: G L syzkaller #0 PREEMPT(full) [ 283.036936][ T9606] Tainted: [L]=SOFTLOCKUP [ 283.036946][ T9606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 283.036963][ T9606] Call Trace: [ 283.036973][ T9606] [ 283.036984][ T9606] dump_stack_lvl+0x100/0x190 [ 283.037031][ T9606] should_fail_ex.cold+0x5/0xa [ 283.037057][ T9606] ? prepare_alloc_pages+0x16d/0x5f0 [ 283.037103][ T9606] should_fail_alloc_page+0xeb/0x140 [ 283.037141][ T9606] prepare_alloc_pages+0x1f0/0x5f0 [ 283.037185][ T9606] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 283.037219][ T9606] ? __lock_acquire+0x441/0x2630 [ 283.037254][ T9606] ? kasan_save_stack+0x3f/0x50 [ 283.037288][ T9606] ? kasan_save_stack+0x30/0x50 [ 283.037322][ T9606] ? kasan_save_track+0x14/0x30 [ 283.037367][ T9606] ? __kasan_slab_alloc+0x89/0x90 [ 283.037406][ T9606] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 283.037441][ T9606] ? ptlock_alloc+0x1f/0x70 [ 283.037469][ T9606] ? pte_alloc_one+0x84/0x3e0 [ 283.037496][ T9606] ? do_anonymous_page+0x13cc/0x1fb0 [ 283.037532][ T9606] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 283.037574][ T9606] ? __pfx_css_rstat_updated+0x10/0x10 [ 283.037611][ T9606] ? lock_acquire+0x1cf/0x380 [ 283.037644][ T9606] ? find_held_lock+0x2b/0x80 [ 283.037685][ T9606] ? page_table_check_set+0x49a/0xa10 [ 283.037723][ T9606] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 283.037767][ T9606] ? policy_nodemask+0xed/0x4f0 [ 283.037811][ T9606] alloc_pages_mpol+0x1fb/0x550 [ 283.037855][ T9606] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 283.037907][ T9606] folio_alloc_mpol_noprof+0x36/0x340 [ 283.037937][ T9606] vma_alloc_folio_noprof+0xed/0x1d0 [ 283.037966][ T9606] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 283.038007][ T9606] do_anonymous_page+0xb3a/0x1fb0 [ 283.038049][ T9606] __handle_mm_fault+0x1d42/0x2b60 [ 283.038088][ T9606] ? __pfx___handle_mm_fault+0x10/0x10 [ 283.038118][ T9606] ? pte_offset_map_lock+0x174/0x320 [ 283.038153][ T9606] ? find_held_lock+0x2b/0x80 [ 283.038206][ T9606] ? follow_page_pte+0x5b3/0x1400 [ 283.038252][ T9606] handle_mm_fault+0x36d/0xa20 [ 283.038289][ T9606] __get_user_pages+0xf9c/0x34d0 [ 283.038352][ T9606] ? __pfx___get_user_pages+0x10/0x10 [ 283.038408][ T9606] populate_vma_page_range+0x267/0x3f0 [ 283.038440][ T9606] ? __pfx_populate_vma_page_range+0x10/0x10 [ 283.038469][ T9606] ? __pfx_find_vma_intersection+0x10/0x10 [ 283.038512][ T9606] ? do_mmap+0x93f/0x12f0 [ 283.038559][ T9606] __mm_populate+0x107/0x3a0 [ 283.038588][ T9606] ? __pfx___mm_populate+0x10/0x10 [ 283.038618][ T9606] ? up_write+0x290/0x4f0 [ 283.038658][ T9606] vm_mmap_pgoff+0x37f/0x470 [ 283.038706][ T9606] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 283.038750][ T9606] ? find_held_lock+0x2b/0x80 [ 283.038796][ T9606] ? __x64_sys_futex+0x34f/0x4d0 [ 283.038828][ T9606] ? __x64_sys_futex+0x358/0x4d0 [ 283.038865][ T9606] ksys_mmap_pgoff+0x7d/0x5b0 [ 283.038912][ T9606] __x64_sys_mmap+0x125/0x190 [ 283.038955][ T9606] do_syscall_64+0x106/0xf80 [ 283.038984][ T9606] ? clear_bhb_loop+0x40/0x90 [ 283.039019][ T9606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.039049][ T9606] RIP: 0033:0x7efddbf9c629 [ 283.039073][ T9606] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 283.039102][ T9606] RSP: 002b:00007efddcf37028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 283.039129][ T9606] RAX: ffffffffffffffda RBX: 00007efddc215fa0 RCX: 00007efddbf9c629 [ 283.039148][ T9606] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 283.039166][ T9606] RBP: 00007efddc032b39 R08: 0000000000000002 R09: 0000000000008000 [ 283.039184][ T9606] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 283.039201][ T9606] R13: 00007efddc216038 R14: 00007efddc215fa0 R15: 00007ffe14b87bb8 [ 283.039238][ T9606] [ 285.247109][ T9625] FAULT_INJECTION: forcing a failure. [ 285.247109][ T9625] name failslab, interval 1, probability 0, space 0, times 0 [ 285.263006][ T5830] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9 [ 285.295151][ T9626] netlink: set zone limit has 8 unknown bytes [ 285.332268][ T9625] CPU: 1 UID: 0 PID: 9625 Comm: syz.3.762 Tainted: G L syzkaller #0 PREEMPT(full) [ 285.332312][ T9625] Tainted: [L]=SOFTLOCKUP [ 285.332325][ T9625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 285.332342][ T9625] Call Trace: [ 285.332350][ T9625] [ 285.332361][ T9625] dump_stack_lvl+0x100/0x190 [ 285.332407][ T9625] should_fail_ex.cold+0x5/0xa [ 285.332435][ T9625] ? udp_init_sock+0x24e/0x450 [ 285.332469][ T9625] should_failslab+0xc2/0x120 [ 285.332505][ T9625] __kmalloc_noprof+0xe0/0x850 [ 285.332536][ T9625] ? lockdep_init_map_type+0x5c/0x250 [ 285.332570][ T9625] udp_init_sock+0x24e/0x450 [ 285.332601][ T9625] ? __pfx_udp_init_sock+0x10/0x10 [ 285.332638][ T9625] inet_create+0x94c/0x1060 [ 285.332669][ T9625] ? inet_create+0x94/0x1060 [ 285.332705][ T9625] __sock_create+0x339/0x860 [ 285.332740][ T9625] __sys_socket+0x14d/0x260 [ 285.332771][ T9625] ? __pfx___sys_socket+0x10/0x10 [ 285.332811][ T9625] __x64_sys_socket+0x72/0xb0 [ 285.332841][ T9625] ? lockdep_hardirqs_on+0x78/0x100 [ 285.332866][ T9625] do_syscall_64+0x106/0xf80 [ 285.332889][ T9625] ? clear_bhb_loop+0x40/0x90 [ 285.332917][ T9625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.332942][ T9625] RIP: 0033:0x7feb1719c629 [ 285.332964][ T9625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 285.332988][ T9625] RSP: 002b:00007feb1800a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 285.333011][ T9625] RAX: ffffffffffffffda RBX: 00007feb17415fa0 RCX: 00007feb1719c629 [ 285.333028][ T9625] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000002 [ 285.333043][ T9625] RBP: 00007feb17232b39 R08: 0000000000000000 R09: 0000000000000000 [ 285.333058][ T9625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 285.333073][ T9625] R13: 00007feb17416038 R14: 00007feb17415fa0 R15: 00007ffca73e07e8 [ 285.333106][ T9625] [ 288.411350][ T9673] netlink: 4394 bytes leftover after parsing attributes in process `syz.0.771'. [ 289.273465][ T9692] netlink: 342 bytes leftover after parsing attributes in process `syz.0.776'. [ 290.664536][ T9561] mkiss: ax0: crc mode is auto. [ 290.890499][ T9724] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 291.486598][ T9733] FAULT_INJECTION: forcing a failure. [ 291.486598][ T9733] name failslab, interval 1, probability 0, space 0, times 0 [ 291.507823][ T9733] CPU: 1 UID: 0 PID: 9733 Comm: syz.3.786 Tainted: G L syzkaller #0 PREEMPT(full) [ 291.507870][ T9733] Tainted: [L]=SOFTLOCKUP [ 291.507880][ T9733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 291.507898][ T9733] Call Trace: [ 291.507907][ T9733] [ 291.507917][ T9733] dump_stack_lvl+0x100/0x190 [ 291.507963][ T9733] should_fail_ex.cold+0x5/0xa [ 291.507995][ T9733] ? iter_file_splice_write+0x1d3/0x10a0 [ 291.508041][ T9733] should_failslab+0xc2/0x120 [ 291.508079][ T9733] __kmalloc_noprof+0xe0/0x850 [ 291.508121][ T9733] iter_file_splice_write+0x1d3/0x10a0 [ 291.508158][ T9733] ? lockdep_hardirqs_on+0x78/0x100 [ 291.508192][ T9733] ? copy_splice_read+0x734/0xb90 [ 291.508227][ T9733] ? kfree+0x1f6/0x6b0 [ 291.508265][ T9733] ? __pfx_iter_file_splice_write+0x10/0x10 [ 291.508302][ T9733] ? __lock_acquire+0x4a5/0x2630 [ 291.508334][ T9733] ? __pfx_copy_splice_read+0x10/0x10 [ 291.508382][ T9733] ? __pfx_iter_file_splice_write+0x10/0x10 [ 291.508419][ T9733] direct_splice_actor+0x192/0x6c0 [ 291.508461][ T9733] splice_direct_to_actor+0x345/0xa30 [ 291.508501][ T9733] ? __pfx_direct_splice_actor+0x10/0x10 [ 291.508547][ T9733] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 291.508591][ T9733] do_splice_direct+0x174/0x240 [ 291.508628][ T9733] ? __pfx_do_splice_direct+0x10/0x10 [ 291.508659][ T9733] ? common_file_perm+0x1ab/0x4f0 [ 291.508697][ T9733] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 291.508736][ T9733] ? rw_verify_area+0xce/0x6d0 [ 291.508771][ T9733] do_sendfile+0xadc/0xe20 [ 291.508808][ T9733] ? __pfx_do_sendfile+0x10/0x10 [ 291.508850][ T9733] ? __x64_sys_futex+0x34f/0x4d0 [ 291.508880][ T9733] ? __x64_sys_futex+0x358/0x4d0 [ 291.508914][ T9733] __x64_sys_sendfile64+0x1d8/0x220 [ 291.508957][ T9733] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 291.509008][ T9733] do_syscall_64+0x106/0xf80 [ 291.509046][ T9733] ? clear_bhb_loop+0x40/0x90 [ 291.509081][ T9733] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.509109][ T9733] RIP: 0033:0x7feb1719c629 [ 291.509132][ T9733] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 291.509157][ T9733] RSP: 002b:00007feb17fe9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 291.509171][ T9733] RAX: ffffffffffffffda RBX: 00007feb17416090 RCX: 00007feb1719c629 [ 291.509181][ T9733] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005 [ 291.509191][ T9733] RBP: 00007feb17232b39 R08: 0000000000000000 R09: 0000000000000000 [ 291.509200][ T9733] R10: 0000000000004a00 R11: 0000000000000246 R12: 0000000000000000 [ 291.509210][ T9733] R13: 00007feb17416128 R14: 00007feb17416090 R15: 00007ffca73e07e8 [ 291.509230][ T9733] [ 292.090552][ T9733] netlink: 'syz.3.786': attribute type 1 has an invalid length. [ 292.198496][ T9733] netlink: 33 bytes leftover after parsing attributes in process `syz.3.786'. [ 292.803916][ T9744] netlink: 'syz.2.787': attribute type 1 has an invalid length. [ 293.377716][ T9750] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 293.414708][ T9750] vivid-007: ================= START STATUS ================= [ 293.441877][ T9750] vivid-007: Generate PTS: true [ 293.470947][ T9750] vivid-007: Generate SCR: true [ 293.475886][ T9750] tpg source WxH: 320x240 (Y'CbCr) [ 293.570762][ T9750] tpg field: 1 [ 293.574201][ T9750] tpg crop: (0,0)/320x240 [ 293.580913][ T9750] tpg compose: (0,0)/320x240 [ 293.585545][ T9750] tpg colorspace: 8 [ 293.608946][ T9750] tpg transfer function: 0/0 [ 293.613710][ T9750] tpg Y'CbCr encoding: 0/0 [ 293.650218][ T9750] tpg quantization: 0/0 [ 293.686667][ T9750] tpg RGB range: 0/2 [ 293.725291][ T9750] vivid-007: ================== END STATUS ================== [ 293.845839][ T9762] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 293.855583][ T9761] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 294.675519][ T5830] Bluetooth: hci2: unexpected event 0x07 length: 440 > 255 [ 294.779031][ T9782] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 295.019670][ T9787] blktrace: Concurrent blktraces are not allowed on loop2 [ 295.707407][ T9801] FAULT_INJECTION: forcing a failure. [ 295.707407][ T9801] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 295.720936][ T9801] CPU: 1 UID: 0 PID: 9801 Comm: syz.2.800 Tainted: G L syzkaller #0 PREEMPT(full) [ 295.720983][ T9801] Tainted: [L]=SOFTLOCKUP [ 295.720993][ T9801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 295.721010][ T9801] Call Trace: [ 295.721018][ T9801] [ 295.721028][ T9801] dump_stack_lvl+0x100/0x190 [ 295.721074][ T9801] should_fail_ex.cold+0x5/0xa [ 295.721096][ T9801] ? prepare_alloc_pages+0x16d/0x5f0 [ 295.721140][ T9801] should_fail_alloc_page+0xeb/0x140 [ 295.721181][ T9801] prepare_alloc_pages+0x1f0/0x5f0 [ 295.721221][ T9801] ? bpf_ksym_find+0x124/0x1c0 [ 295.721251][ T9801] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 295.721284][ T9801] ? kernel_text_address+0x8d/0x100 [ 295.721320][ T9801] ? __kernel_text_address+0xd/0x30 [ 295.721355][ T9801] ? unwind_get_return_address+0x59/0xa0 [ 295.721383][ T9801] ? arch_stack_walk+0xa6/0xf0 [ 295.721420][ T9801] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 295.721455][ T9801] ? stack_trace_save+0x8e/0xc0 [ 295.721497][ T9801] ? stack_depot_save_flags+0x27/0x9d0 [ 295.721536][ T9801] ? mas_wr_store_entry+0x6d2/0x2390 [ 295.721574][ T9801] ? kasan_save_stack+0x3f/0x50 [ 295.721610][ T9801] ? kasan_save_stack+0x30/0x50 [ 295.721642][ T9801] ? kasan_save_track+0x14/0x30 [ 295.721675][ T9801] ? __kasan_slab_alloc+0x89/0x90 [ 295.721711][ T9801] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 295.721744][ T9801] ? __pmd_alloc+0xbf/0x9c0 [ 295.721768][ T9801] ? __handle_mm_fault+0xa99/0x2b60 [ 295.721808][ T9801] ? handle_mm_fault+0x36d/0xa20 [ 295.721838][ T9801] ? __get_user_pages+0xf9c/0x34d0 [ 295.721877][ T9801] ? populate_vma_page_range+0x267/0x3f0 [ 295.721902][ T9801] ? __mm_populate+0x107/0x3a0 [ 295.721927][ T9801] ? vm_mmap_pgoff+0x37f/0x470 [ 295.721966][ T9801] ? ksys_mmap_pgoff+0x7d/0x5b0 [ 295.722004][ T9801] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 295.722044][ T9801] ? policy_nodemask+0xed/0x4f0 [ 295.722084][ T9801] alloc_pages_mpol+0x1fb/0x550 [ 295.722122][ T9801] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 295.722169][ T9801] alloc_pages_noprof+0x131/0x390 [ 295.722212][ T9801] pte_alloc_one+0x1e/0x3e0 [ 295.722242][ T9801] __pte_alloc+0x6d/0x3f0 [ 295.722280][ T9801] ? __pfx___pte_alloc+0x10/0x10 [ 295.722322][ T9801] ? do_raw_spin_lock+0x128/0x260 [ 295.722360][ T9801] ? find_held_lock+0x2b/0x80 [ 295.722402][ T9801] do_anonymous_page+0x13cc/0x1fb0 [ 295.722432][ T9801] ? do_huge_pmd_anonymous_page+0x7ee/0x1a60 [ 295.722465][ T9801] ? __pmd_alloc+0x6aa/0x9c0 [ 295.722492][ T9801] __handle_mm_fault+0x1d42/0x2b60 [ 295.722527][ T9801] ? mt_find+0x45e/0x8e0 [ 295.722558][ T9801] ? __pfx___handle_mm_fault+0x10/0x10 [ 295.722588][ T9801] ? __pfx_mt_find+0x10/0x10 [ 295.722648][ T9801] handle_mm_fault+0x36d/0xa20 [ 295.722688][ T9801] __get_user_pages+0xf9c/0x34d0 [ 295.722748][ T9801] ? __pfx___get_user_pages+0x10/0x10 [ 295.722808][ T9801] populate_vma_page_range+0x267/0x3f0 [ 295.722840][ T9801] ? __pfx_populate_vma_page_range+0x10/0x10 [ 295.722868][ T9801] ? __pfx_find_vma_intersection+0x10/0x10 [ 295.722911][ T9801] ? do_mmap+0x93f/0x12f0 [ 295.722957][ T9801] __mm_populate+0x107/0x3a0 [ 295.722988][ T9801] ? __pfx___mm_populate+0x10/0x10 [ 295.723018][ T9801] ? up_write+0x290/0x4f0 [ 295.723057][ T9801] vm_mmap_pgoff+0x37f/0x470 [ 295.723106][ T9801] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 295.723157][ T9801] ? __x64_sys_futex+0x34f/0x4d0 [ 295.723188][ T9801] ? __x64_sys_futex+0x358/0x4d0 [ 295.723225][ T9801] ksys_mmap_pgoff+0x7d/0x5b0 [ 295.723274][ T9801] __x64_sys_mmap+0x125/0x190 [ 295.723317][ T9801] do_syscall_64+0x106/0xf80 [ 295.723345][ T9801] ? clear_bhb_loop+0x40/0x90 [ 295.723379][ T9801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.723408][ T9801] RIP: 0033:0x7efddbf9c629 [ 295.723433][ T9801] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 295.723461][ T9801] RSP: 002b:00007efddcf37028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 295.723488][ T9801] RAX: ffffffffffffffda RBX: 00007efddc215fa0 RCX: 00007efddbf9c629 [ 295.723507][ T9801] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 295.723523][ T9801] RBP: 00007efddc032b39 R08: 0000000000000007 R09: 0000000000028000 [ 295.723539][ T9801] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 295.723557][ T9801] R13: 00007efddc216038 R14: 00007efddc215fa0 R15: 00007ffe14b87bb8 [ 295.723595][ T9801] [ 297.005383][ T9817] netlink: 20 bytes leftover after parsing attributes in process `syz.2.804'. [ 297.023088][ T9818] netlink: 24 bytes leftover after parsing attributes in process `syz.0.805'. [ 297.105515][ T9817] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 297.134254][ T9819] hub 3-0:1.0: USB hub found [ 297.150945][ T9818] QAT: Stopping all acceleration devices. [ 297.260879][ T9819] hub 3-0:1.0: 1 port detected [ 297.404852][ T9819] usb usb3: authorized to connect [ 297.667784][ T9818] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 297.674244][ T9818] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 297.681814][ T9818] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 297.704049][ T9818] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 297.944939][ T9833] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29 [ 299.572312][ T9870] netlink: 32 bytes leftover after parsing attributes in process `syz.4.815'. [ 299.609286][ T9867] HfR: entered promiscuous mode [ 299.747171][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 299.751718][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 299.753312][ T5839] Bluetooth: hci4: command 0x0c1a tx timeout [ 299.759942][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 300.128496][ T9881] vivid-007: ================= START STATUS ================= [ 300.242019][ T9881] vivid-007: Generate PTS: true [ 300.322213][ T9881] vivid-007: Generate SCR: true [ 300.355339][ T9881] tpg source WxH: 320x240 (Y'CbCr) [ 300.423208][ T9881] tpg field: 1 [ 300.434008][ T9881] tpg crop: (0,0)/320x240 [ 300.447522][ T9890] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30 [ 300.467120][ T9881] tpg compose: (0,0)/320x240 [ 300.474844][ T9881] tpg colorspace: 8 [ 300.489238][ T9881] tpg transfer function: 0/0 [ 300.493885][ T9881] tpg Y'CbCr encoding: 0/0 [ 300.534459][ T9881] tpg quantization: 0/0 [ 300.583790][ T9881] tpg RGB range: 0/2 [ 300.666193][ T9881] vivid-007: ================== END STATUS ================== [ 301.944870][ T9916] netlink: 4394 bytes leftover after parsing attributes in process `syz.2.824'. [ 302.485814][ T9735] mkiss: ax0: crc mode is auto. [ 303.117042][ T9945] random: crng reseeded on system resumption [ 303.775153][ T9945] hub 1-0:1.0: USB hub found [ 303.851449][ T9945] hub 1-0:1.0: 1 port detected [ 304.798483][ T9959] Oops: general protection fault, probably for non-canonical address 0xdffffc000000001e: 0000 [#1] SMP KASAN PTI [ 304.810413][ T9959] KASAN: null-ptr-deref in range [0x00000000000000f0-0x00000000000000f7] [ 304.818838][ T9959] CPU: 0 UID: 0 PID: 9959 Comm: syz.4.831 Tainted: G L syzkaller #0 PREEMPT(full) [ 304.829612][ T9959] Tainted: [L]=SOFTLOCKUP [ 304.833956][ T9959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 304.844015][ T9959] RIP: 0010:grab_requested_root+0xde/0x3c0 [ 304.849844][ T9959] Code: 02 00 00 49 39 5d 18 0f 84 cd 01 00 00 e8 5a d9 76 ff 48 8d bb 08 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 82 02 00 00 48 8b 83 08 01 00 00 48 85 c0 0f 84 [ 304.869464][ T9959] RSP: 0018:ffffc90006b17d88 EFLAGS: 00010206 [ 304.875541][ T9959] RAX: dffffc0000000000 RBX: ffffffffffffffea RCX: ffffc90019ff0000 [ 304.883512][ T9959] RDX: 000000000000001e RSI: ffffffff82911fc6 RDI: 00000000000000f2 [ 304.891485][ T9959] RBP: ffffc90006b17db0 R08: 0000000000000005 R09: 0000000000000000 [ 304.899457][ T9959] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88802a7a5ac0 [ 304.907426][ T9959] R13: ffff8880594e6000 R14: ffff8880368ff028 R15: ffff8880368ff010 [ 304.915395][ T9959] FS: 00007fe0784946c0(0000) GS:ffff888124351000(0000) knlGS:0000000000000000 [ 304.924332][ T9959] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 304.930921][ T9959] CR2: 0000001b31dbeff8 CR3: 0000000036a8e000 CR4: 00000000003526f0 [ 304.938900][ T9959] Call Trace: [ 304.942176][ T9959] [ 304.945100][ T9959] __do_sys_statmount+0x359/0x2440 [ 304.950240][ T9959] ? __pfx___do_sys_statmount+0x10/0x10 [ 304.955811][ T9959] do_syscall_64+0x106/0xf80 [ 304.960410][ T9959] ? clear_bhb_loop+0x40/0x90 [ 304.965100][ T9959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.970998][ T9959] RIP: 0033:0x7fe07759c629 [ 304.975413][ T9959] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 304.995029][ T9959] RSP: 002b:00007fe078494028 EFLAGS: 00000246 ORIG_RAX: 00000000000001c9 [ 305.003457][ T9959] RAX: ffffffffffffffda RBX: 00007fe077816270 RCX: 00007fe07759c629 [ 305.011432][ T9959] RDX: 00000000000001fe RSI: 0000200000000180 RDI: 0000000000000000 [ 305.019405][ T9959] RBP: 00007fe077632b39 R08: 0000000000000000 R09: 0000000000000000 [ 305.027375][ T9959] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 305.035346][ T9959] R13: 00007fe077816308 R14: 00007fe077816270 R15: 00007ffd9cd4fa28 [ 305.043333][ T9959] [ 305.046376][ T9959] Modules linked in: [ 305.051086][ T9959] ---[ end trace 0000000000000000 ]--- [ 305.265648][ T9968] FAULT_INJECTION: forcing a failure. [ 305.265648][ T9968] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 305.291079][ T9968] CPU: 0 UID: 0 PID: 9968 Comm: syz.2.839 Tainted: G D L syzkaller #0 PREEMPT(full) [ 305.291125][ T9968] Tainted: [D]=DIE, [L]=SOFTLOCKUP [ 305.291134][ T9968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 305.291149][ T9968] Call Trace: [ 305.291157][ T9968] [ 305.291165][ T9968] dump_stack_lvl+0x100/0x190 [ 305.291205][ T9968] should_fail_ex.cold+0x5/0xa [ 305.291231][ T9968] _copy_from_user+0x2e/0xd0 [ 305.291264][ T9968] __sys_bpf+0x243/0x4b90 [ 305.291290][ T9968] ? __pfx___sys_bpf+0x10/0x10 [ 305.291312][ T9968] ? proc_fail_nth_write+0x9f/0x220 [ 305.291337][ T9968] ? ksys_write+0x12a/0x250 [ 305.291373][ T9968] ? rcu_is_watching+0x12/0xc0 [ 305.291407][ T9968] ? ksys_write+0x12a/0x250 [ 305.291438][ T9968] ? lock_release+0x263/0x320 [ 305.291468][ T9968] ? ksys_write+0x190/0x250 [ 305.291499][ T9968] ? rcu_is_watching+0x12/0xc0 [ 305.291532][ T9968] ? lock_release+0x263/0x320 [ 305.291558][ T9968] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 305.291584][ T9968] ? __mutex_unlock_slowpath+0x15c/0x790 [ 305.291613][ T9968] ? rcu_is_watching+0x12/0xc0 [ 305.291654][ T9968] ? fput+0x79/0x100 [ 305.291675][ T9968] ? ksys_write+0x1ac/0x250 [ 305.291707][ T9968] ? __pfx_ksys_write+0x10/0x10 [ 305.291742][ T9968] __x64_sys_bpf+0x7b/0xc0 [ 305.291768][ T9968] do_syscall_64+0x106/0xf80 [ 305.291792][ T9968] ? clear_bhb_loop+0x40/0x90 [ 305.291821][ T9968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.291847][ T9968] RIP: 0033:0x7efddbf9c629 [ 305.291867][ T9968] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 305.291892][ T9968] RSP: 002b:00007efddcf37028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 305.291924][ T9968] RAX: ffffffffffffffda RBX: 00007efddc215fa0 RCX: 00007efddbf9c629 [ 305.291942][ T9968] RDX: 0000000000000009 RSI: 0000200000000500 RDI: 0000000000000004 [ 305.291958][ T9968] RBP: 00007efddcf37090 R08: 0000000000000000 R09: 0000000000000000 [ 305.291974][ T9968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 305.291990][ T9968] R13: 00007efddc216038 R14: 00007efddc215fa0 R15: 00007ffe14b87bb8 [ 305.292015][ T9968] [ 305.646771][ T9959] RIP: 0010:grab_requested_root+0xde/0x3c0 [ 305.652656][ T9959] Code: 02 00 00 49 39 5d 18 0f 84 cd 01 00 00 e8 5a d9 76 ff 48 8d bb 08 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 82 02 00 00 48 8b 83 08 01 00 00 48 85 c0 0f 84 [ 305.672867][ T9959] RSP: 0018:ffffc90006b17d88 EFLAGS: 00010206 [ 305.679001][ T9959] RAX: dffffc0000000000 RBX: ffffffffffffffea RCX: ffffc90019ff0000 [ 305.696636][ T9959] RDX: 000000000000001e RSI: ffffffff82911fc6 RDI: 00000000000000f2 [ 305.704666][ T9959] RBP: ffffc90006b17db0 R08: 0000000000000005 R09: 0000000000000000 [ 305.712706][ T9959] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88802a7a5ac0 [ 305.720720][ T9959] R13: ffff8880594e6000 R14: ffff8880368ff028 R15: ffff8880368ff010 [ 305.728755][ T9959] FS: 00007fe0784946c0(0000) GS:ffff888124351000(0000) knlGS:0000000000000000 [ 305.737864][ T9959] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 305.744484][ T9959] CR2: 00007ffd9cd4fc84 CR3: 0000000036a8e000 CR4: 00000000003526f0 [ 305.887332][ T9959] Kernel panic - not syncing: Fatal exception [ 305.893852][ T9959] Kernel Offset: disabled [ 305.898173][ T9959] Rebooting in 86400 seconds..