last executing test programs:
15.852125559s ago: executing program 0 (id=1700):
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0)
keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
unshare$auto(0x40000080)
r3 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/dummy_hcd.6/usb7/power/runtime_suspended_time\x00', 0x402002, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r4, 0x0, 0x0)
r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0)
sendfile$auto(r0, r5, 0x0, 0x1)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xdf, 0xebe, 0x401, 0x8001)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000000), r6)
setsockopt$auto(0x3, 0x1, 0x48, 0x0, 0x9)
bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, r2, 0x4, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x101)
close_range$auto(0x2, 0x8, 0x0)
r7 = socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c895}, 0x10008044)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES8=r3, @ANYRES64=r6], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4004851)
11.827626569s ago: executing program 2 (id=1705):
mmap$auto(0x5, 0x8e, 0x8, 0x8000000000000010, 0xffffffffffffffff, 0x300000000000)
socket(0xa, 0x3, 0x3b)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x890)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xcd)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab/kmalloc-64/objects\x00', 0x20000, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/ram1/queue/add_random\x00', 0x1a1842, 0x0)
write$auto(r1, &(0x7f0000000000)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x4)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram9\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
write$auto(0xffffffffffffffff, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
ioctl$auto_BLKRRPART(r2, 0x125f, 0x56abffff)
unshare$auto(0x40000080)
mmap$auto(0xfffffffffffffffa, 0xe983, 0x2, 0xeb1, 0xffffffffffffffff, 0x5fa)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
socketpair$auto(0x1, 0x3, 0x5, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
ioctl$auto_TCSBRKP2(0xffffffffffffffff, 0x5425, 0x0)
ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x5408, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
9.857464676s ago: executing program 0 (id=1707):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x4, 0x7)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r1, &(0x7f0000000280)='//\xf2\x02=\'\t\xb1\xae\x86\x1c\x0flVE2\xfa\x02\x1e\x97+\xc3*Y\'\xaf\xbe\x8eE\x92\xc51\n\xbc\x9c\xad\x01\xbf\xea\xbd\x86\x03\xff\xf7\x8b\xe0jA\x0f\x00\x18\x89\x125\xaa\x86\x8f\xa3\x00\x00\x00\x00\x00\xc4\xbd\xb3\x0f\x1b5Mx\xc0\x8c\xd50\x90\xfc\b\xb5R ~D\x85\x99\x86;\xe9k\xa4<\"\xac\xc7\xc3W6rKG\x00'/115, 0x80000002)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000380), r0)
sendmsg$auto_ILA_CMD_ADD(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="010026bd7004feb1df25010000000c000300060000000000000044544c277b851a207336181df9183f916cbcb6e4c5cb7c2faef597a8bdd6403ef8"], 0x20}, 0x1, 0x0, 0x0, 0x20040880}, 0x4)
syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0)
readv$auto(0x3, 0x0, 0x1)
munmap$auto(0x200000008000, 0xffffffff)
mmap$auto(0x200000000000, 0x2020009, 0x0, 0xeb1, 0xffffffffffffffff, 0x8000)
socket(0x2a, 0xa, 0x2000)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x81, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xd551)
socket(0x2, 0x5, 0x0)
fsync$auto(0xffffffffffffffff)
9.048409178s ago: executing program 2 (id=1708):
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0)
keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
unshare$auto(0x40000080)
openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/dummy_hcd.6/usb7/power/runtime_suspended_time\x00', 0x402002, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x0)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0)
sendfile$auto(r0, r3, 0x0, 0x1)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000)
8.229281359s ago: executing program 3 (id=1710):
mmap$auto(0x5, 0x8e, 0x8, 0x8000000000000010, 0xffffffffffffffff, 0x300000000000)
socket(0xa, 0x3, 0x3b)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x890)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xcd)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab/kmalloc-64/objects\x00', 0x20000, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/ram1/queue/add_random\x00', 0x1a1842, 0x0)
write$auto(r1, &(0x7f0000000000)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x4)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram9\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
write$auto(0xffffffffffffffff, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
ioctl$auto_BLKRRPART(r2, 0x125f, 0x56abffff)
unshare$auto(0x40000080)
mmap$auto(0xfffffffffffffffa, 0xe983, 0x2, 0xeb1, 0xffffffffffffffff, 0x5fa)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
socketpair$auto(0x1, 0x3, 0x5, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
ioctl$auto_TCSBRKP2(0xffffffffffffffff, 0x5425, 0x0)
ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x5408, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
7.950958294s ago: executing program 2 (id=1711):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
read$auto(0x3, 0x0, 0x18)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
r2 = socket(0x15, 0x5, 0x0)
setsockopt$auto_SO_BUSY_POLL_BUDGET(r2, 0x1, 0x46, &(0x7f0000000000)='/proc/sys/vm/dirty_background_ratio\x00', 0x94)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mmap$auto(0x6, 0x4, 0x0, 0x251, r1, 0xff)
mknodat$auto(r3, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8)
openat$auto_ptdump_curknl_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/snd_hda_codec_hdmi/parameters/enable_acomp\x00', 0xc8282, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)
r4 = fcntl$auto(0xffffffffffffffff, 0x20007, 0xa553)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
getsockopt$auto_SO_MEMINFO(r4, 0x8, 0x37, 0x0, 0x0)
openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, 0x0, 0x40002, 0x0)
timer_delete$auto(0x1)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
pidfd_open$auto(0x1, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
6.647847938s ago: executing program 3 (id=1713):
mmap$auto(0x5, 0x8e, 0x8, 0x8000000000000010, 0xffffffffffffffff, 0x300000000000)
socket(0xa, 0x3, 0x3b)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x890)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xcd)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab/kmalloc-64/objects\x00', 0x20000, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/ram1/queue/add_random\x00', 0x1a1842, 0x0)
write$auto(r1, &(0x7f0000000000)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x4)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram9\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
write$auto(0xffffffffffffffff, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
ioctl$auto_BLKRRPART(r2, 0x125f, 0x56abffff)
unshare$auto(0x40000080)
mmap$auto(0xfffffffffffffffa, 0xe983, 0x2, 0xeb1, 0xffffffffffffffff, 0x5fa)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
socketpair$auto(0x1, 0x3, 0x5, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
ioctl$auto_TCSBRKP2(0xffffffffffffffff, 0x5425, 0x0)
ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x5408, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
4.880604046s ago: executing program 2 (id=1715):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
read$auto(0x3, 0x0, 0x18)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
r2 = socket(0x15, 0x5, 0x0)
setsockopt$auto_SO_BUSY_POLL_BUDGET(r2, 0x1, 0x46, &(0x7f0000000000)='/proc/sys/vm/dirty_background_ratio\x00', 0x94)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mmap$auto(0x6, 0x4, 0x0, 0x251, r1, 0xff)
mknodat$auto(r3, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8)
openat$auto_ptdump_curknl_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/snd_hda_codec_hdmi/parameters/enable_acomp\x00', 0xc8282, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)
r4 = fcntl$auto(0xffffffffffffffff, 0x20007, 0xa553)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
getsockopt$auto_SO_MEMINFO(r4, 0x8, 0x37, 0x0, 0x0)
openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, 0x0, 0x40002, 0x0)
timer_delete$auto(0x1)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
pidfd_open$auto(0x1, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
4.577888026s ago: executing program 3 (id=1716):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
read$auto(0x3, 0x0, 0x18)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
r2 = socket(0x15, 0x5, 0x0)
setsockopt$auto_SO_BUSY_POLL_BUDGET(r2, 0x1, 0x46, &(0x7f0000000000)='/proc/sys/vm/dirty_background_ratio\x00', 0x94)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mmap$auto(0x6, 0x4, 0x0, 0x251, r1, 0xff)
mknodat$auto(r3, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8)
openat$auto_ptdump_curknl_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/snd_hda_codec_hdmi/parameters/enable_acomp\x00', 0xc8282, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)
r4 = fcntl$auto(0xffffffffffffffff, 0x20007, 0xa553)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
getsockopt$auto_SO_MEMINFO(r4, 0x8, 0x37, 0x0, 0x0)
openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, 0x0, 0x40002, 0x0)
timer_delete$auto(0x1)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
pidfd_open$auto(0x1, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
4.219552141s ago: executing program 0 (id=1718):
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
unshare$auto(0x40000080)
openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/dummy_hcd.6/usb7/power/runtime_suspended_time\x00', 0x402002, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000)
3.895845113s ago: executing program 1 (id=1719):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000100), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), r2)
sendmsg$auto_NFSD_CMD_VERSION_SET(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000140)={0x24, r3, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x10, 0x1, 0x0, 0x1, [@NFSD_A_VERSION_MAJOR={0x8, 0x1, 0x4}, @NFSD_A_VERSION_ENABLED={0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000001}, 0x4044880)
sendmsg$auto_TIPC_NL_MON_GET(r0, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001400)={0x14, r1, 0x1, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@NFSD_A_SERVER_LEASETIME={0x8}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x800}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0xb, 0x0)
r4 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r4, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x200009}, 0x1}, 0x2, 0x0)
close_range$auto(0x0, 0xffffeffe, 0x2)
pipe$auto(0x0)
unshare$auto(0x40000080)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)
clock_gettime$auto(0x1, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x11, 0xb, 0x0, 0x8)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {0xa, 0x0, 0xa00}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
3.361038942s ago: executing program 2 (id=1720):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x4, 0x7)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r1, &(0x7f0000000280)='//\xf2\x02=\'\t\xb1\xae\x86\x1c\x0flVE2\xfa\x02\x1e\x97+\xc3*Y\'\xaf\xbe\x8eE\x92\xc51\n\xbc\x9c\xad\x01\xbf\xea\xbd\x86\x03\xff\xf7\x8b\xe0jA\x0f\x00\x18\x89\x125\xaa\x86\x8f\xa3\x00\x00\x00\x00\x00\xc4\xbd\xb3\x0f\x1b5Mx\xc0\x8c\xd50\x90\xfc\b\xb5R ~D\x85\x99\x86;\xe9k\xa4<\"\xac\xc7\xc3W6rKG\x00'/115, 0x80000002)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000380), r0)
sendmsg$auto_ILA_CMD_ADD(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="010026bd7004feb1df25010000000c000300060000000000000044544c277b851a207336181df9183f916cbcb6e4c5cb7c2faef597a8bdd6403ef8"], 0x20}, 0x1, 0x0, 0x0, 0x20040880}, 0x4)
syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0)
readv$auto(0x3, 0x0, 0x1)
munmap$auto(0x200000008000, 0xffffffff)
mmap$auto(0x200000000000, 0x2020009, 0x0, 0xeb1, 0xffffffffffffffff, 0x8000)
ioctl$auto_USB_RAW_IOCTL_VBUS_DRAW(0xffffffffffffffff, 0x4004550a, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xd551)
socket(0x2, 0x5, 0x0)
fsync$auto(0xffffffffffffffff)
3.269995351s ago: executing program 3 (id=1721):
mmap$auto(0x5, 0x8e, 0x8, 0x8000000000000010, 0xffffffffffffffff, 0x300000000000)
socket(0xa, 0x3, 0x3b)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000048c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x890)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xcd)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/slab/kmalloc-64/objects\x00', 0x20000, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/ram1/queue/add_random\x00', 0x1a1842, 0x0)
write$auto(r1, &(0x7f0000000000)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x4)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram9\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
write$auto(0xffffffffffffffff, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
ioctl$auto_BLKRRPART(r2, 0x125f, 0x56abffff)
unshare$auto(0x40000080)
mmap$auto(0xfffffffffffffffa, 0xe983, 0x2, 0xeb1, 0xffffffffffffffff, 0x5fa)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
socketpair$auto(0x1, 0x3, 0x5, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0)
ioctl$auto_TCSBRKP2(r3, 0x5425, 0x0)
ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x5408, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
3.04677858s ago: executing program 1 (id=1722):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000001c00)=""/4111, 0x100f)
r0 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/stat\x00', 0x8c40, 0x0)
read$auto_proc_single_file_operations_base(r0, &(0x7f0000000080)=""/119, 0x77)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f00000000c0)='\xac\x00', &(0x7f0000000000)=&(0x7f0000000200)=' ')
1.804344879s ago: executing program 1 (id=1723):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x6)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5)
fallocate$auto(0x3, 0x0, 0xe, 0x8ec5)
finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004)
socket(0xa, 0x1, 0x84)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
socketpair$auto(0x1e, 0x3, 0xfffffffe, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
mmap$auto(0x800, 0x2000c, 0xdf, 0x20eb1, 0xffffffffffffffff, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
ioctl$auto_TCFLSH2(r1, 0x80045439, 0x0)
mmap$auto(0x0, 0x2000f, 0xdf, 0xeb1, r1, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/038/001\x00', 0x882, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x14, 0x944, 0x1ffe0, 0x8, 0x6, 0x4000007, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x3, 0x6, 0x3, 0x40, 0x7, 0x1d, 0x309, 0x6, 0x4, 0x7fffffff, 0x3, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffff7ffff, 0x0, 0x2839bf5c, 0x4000000000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x800000000002, 0x9, 0x100000000000, 0x0, 0x0, 0x20000000000, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x10, 0xfffffffffffffffe, 0x0, 0x19d, 0x0, 0x0, 0x8]}, 0x1fb, 0x81)
mmap$auto(0x0, 0x20009, 0x4000000000d9, 0xeb1, 0x401, 0x7ffc)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0xb0681, 0x0)
1.64395025s ago: executing program 3 (id=1724):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0)
read$auto(0x3, 0x0, 0x18)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
r2 = socket(0x15, 0x5, 0x0)
setsockopt$auto_SO_BUSY_POLL_BUDGET(r2, 0x1, 0x46, &(0x7f0000000000)='/proc/sys/vm/dirty_background_ratio\x00', 0x94)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mmap$auto(0x6, 0x4, 0x0, 0x251, r1, 0xff)
mknodat$auto(r3, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8)
openat$auto_ptdump_curknl_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/snd_hda_codec_hdmi/parameters/enable_acomp\x00', 0xc8282, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)
r4 = fcntl$auto(0xffffffffffffffff, 0x20007, 0xa553)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
getsockopt$auto_SO_MEMINFO(r4, 0x8, 0x37, 0x0, 0x0)
openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, 0x0, 0x40002, 0x0)
timer_delete$auto(0x1)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
pidfd_open$auto(0x1, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
1.558828815s ago: executing program 0 (id=1725):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0xa, 0x1, 0x84)
openat$auto_regulator_summary_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x840, 0x0)
msgctl$auto_IPC_INFO(0x8, 0x3, 0x0)
ioctl$auto(r0, 0x560a, 0x7)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
setsockopt$auto(0x3, 0x10000000084, 0x82, 0x0, 0x8)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
write$auto(0x3, 0x0, 0x6)
1.51311548s ago: executing program 1 (id=1726):
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
915.899813ms ago: executing program 0 (id=1727):
mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8000)
openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_score_adj\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x300, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0xa, 0x3, 0x3b)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto(r0, 0x40015504, 0xffffffffffffffff)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/loop2/integrity/write_generate\x00', 0x2b02, 0x0)
sendfile$auto(r1, r1, 0x0, 0xb2d)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0)
socket(0x23, 0x5, 0x0)
ioctl$auto(0x3, 0x541b, 0x74)
r3 = socket(0xa, 0x801, 0x106)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r5, 0x1, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4048099}, 0x800)
timerfd_gettime$auto(r3, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0x4040ae9e, 0x0)
769.776326ms ago: executing program 1 (id=1728):
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
370.395913ms ago: executing program 3 (id=1729):
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
unshare$auto(0x40000080)
openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/dummy_hcd.6/usb7/power/runtime_suspended_time\x00', 0x402002, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000)
56.399143ms ago: executing program 0 (id=1730):
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0)
keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
unshare$auto(0x40000080)
r3 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/dummy_hcd.6/usb7/power/runtime_suspended_time\x00', 0x402002, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r4, 0x0, 0x0)
r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0)
sendfile$auto(r0, r5, 0x0, 0x1)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xdf, 0xebe, 0x401, 0x8001)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000000), r6)
setsockopt$auto(0x3, 0x1, 0x48, 0x0, 0x9)
bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, r2, 0x4, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x101)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="27040000", @ANYRES16=0x0, @ANYBLOB="f00225bd7000fcdbdf217141670006000700fe7f00000600060001000300004cb33be1119c6c5fc9040400000a007f92b7aae30555aaaaaaaaaa3600000a000500aaaaaaaaaabb00000a0005000000000000000000080002002af85226604da399af", @ANYRESHEX, @ANYBLOB="060007"], 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40080)
r7 = socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c895}, 0x10008044)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES8=r3, @ANYRES64=r6], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4004851)
39.13127ms ago: executing program 2 (id=1731):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x4, 0x7)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r1, &(0x7f0000000280)='//\xf2\x02=\'\t\xb1\xae\x86\x1c\x0flVE2\xfa\x02\x1e\x97+\xc3*Y\'\xaf\xbe\x8eE\x92\xc51\n\xbc\x9c\xad\x01\xbf\xea\xbd\x86\x03\xff\xf7\x8b\xe0jA\x0f\x00\x18\x89\x125\xaa\x86\x8f\xa3\x00\x00\x00\x00\x00\xc4\xbd\xb3\x0f\x1b5Mx\xc0\x8c\xd50\x90\xfc\b\xb5R ~D\x85\x99\x86;\xe9k\xa4<\"\xac\xc7\xc3W6rKG\x00'/115, 0x80000002)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000380), r0)
sendmsg$auto_ILA_CMD_ADD(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="010026bd7004feb1df25010000000c000300060000000000000044544c277b851a207336181df9183f916cbcb6e4c5cb7c2faef597a8bdd6403ef8"], 0x20}, 0x1, 0x0, 0x0, 0x20040880}, 0x4)
syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0)
readv$auto(0x3, 0x0, 0x1)
munmap$auto(0x200000008000, 0xffffffff)
socket(0x2a, 0xa, 0x2000)
ioctl$auto_USB_RAW_IOCTL_VBUS_DRAW(0xffffffffffffffff, 0x4004550a, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xd551)
socket(0x2, 0x5, 0x0)
fsync$auto(0xffffffffffffffff)
0s ago: executing program 1 (id=1732):
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0)
keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
unshare$auto(0x40000080)
r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/dummy_hcd.6/usb7/power/runtime_suspended_time\x00', 0x402002, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0)
sendfile$auto(r0, r4, 0x0, 0x1)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xdf, 0xebe, 0x401, 0x8001)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000000), r5)
setsockopt$auto(0x3, 0x1, 0x48, 0x0, 0x9)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="27040000", @ANYRES16=0x0, @ANYBLOB="f00225bd7000fcdbdf217141670006000700fe7f00000600060001000300004cb33be1119c6c5fc9040400000a007f92b7aae30555aaaaaaaaaa3600000a000500aaaaaaaaaabb00000a0005000000000000000000080002002af85226604da399af", @ANYRESHEX, @ANYBLOB="060007"], 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40080)
r6 = socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c895}, 0x10008044)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES8=r2, @ANYRES64=r5], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4004851)
kernel console output (not intermixed with test programs):
55.651142][T10329] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 455.651165][T10329] RIP: 0033:0x7f0ba998f6c9
[ 455.651184][T10329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 455.651206][T10329] RSP: 002b:00007f0baa7ea038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 455.651230][T10329] RAX: ffffffffffffffda RBX: 00007f0ba9be6090 RCX: 00007f0ba998f6c9
[ 455.651245][T10329] RDX: 00000000000007fc RSI: 00000000000063c1 RDI: 0000200000000340
[ 455.651260][T10329] RBP: 00007f0ba9a11f91 R08: 0000000000000000 R09: 0000000000000000
[ 455.651274][T10329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 455.651288][T10329] R13: 00007f0ba9be6128 R14: 00007f0ba9be6090 R15: 00007ffcab9b7b48
[ 455.651319][T10329]
[ 455.923972][T10299] kexec: Could not allocate control_code_buffer
[ 456.899452][T10352] FAULT_INJECTION: forcing a failure.
[ 456.899452][T10352] name failslab, interval 1, probability 0, space 0, times 0
[ 457.146549][T10352] CPU: 0 UID: 0 PID: 10352 Comm: syz.0.892 Not tainted syzkaller #0 PREEMPT(full)
[ 457.146592][T10352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 457.146609][T10352] Call Trace:
[ 457.146619][T10352]
[ 457.146631][T10352] dump_stack_lvl+0x16c/0x1f0
[ 457.146673][T10352] should_fail_ex+0x512/0x640
[ 457.146716][T10352] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[ 457.146754][T10352] should_failslab+0xc2/0x120
[ 457.146795][T10352] kmem_cache_alloc_lru_noprof+0x79/0x6e0
[ 457.146826][T10352] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 457.146860][T10352] ? sock_alloc_inode+0x25/0x1c0
[ 457.146902][T10352] ? __pfx_sock_alloc_inode+0x10/0x10
[ 457.146936][T10352] ? sock_alloc_inode+0x25/0x1c0
[ 457.146968][T10352] sock_alloc_inode+0x25/0x1c0
[ 457.147001][T10352] alloc_inode+0x64/0x240
[ 457.147042][T10352] sock_alloc+0x40/0x280
[ 457.147076][T10352] __sock_create+0xc1/0x8d0
[ 457.147121][T10352] smc_create_clcsk+0x37/0xd0
[ 457.147152][T10352] ? __pfx_smc_inet_init_sock+0x10/0x10
[ 457.147194][T10352] inet6_create+0xb30/0x12b0
[ 457.147248][T10352] ? inet6_create+0x7f/0x12b0
[ 457.147288][T10352] __sock_create+0x338/0x8d0
[ 457.147334][T10352] __sys_socket+0x14d/0x260
[ 457.147383][T10352] ? __pfx___sys_socket+0x10/0x10
[ 457.147422][T10352] ? xfd_validate_state+0x61/0x180
[ 457.147462][T10352] ? __pfx_ksys_write+0x10/0x10
[ 457.147504][T10352] __x64_sys_socket+0x72/0xb0
[ 457.147542][T10352] ? lockdep_hardirqs_on+0x7c/0x110
[ 457.147577][T10352] do_syscall_64+0xcd/0xfa0
[ 457.147615][T10352] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 457.147643][T10352] RIP: 0033:0x7fd426b8f6c9
[ 457.147666][T10352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 457.147692][T10352] RSP: 002b:00007fd427b11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 457.147721][T10352] RAX: ffffffffffffffda RBX: 00007fd426de5fa0 RCX: 00007fd426b8f6c9
[ 457.147740][T10352] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 000000000000000a
[ 457.147758][T10352] RBP: 00007fd426c11f91 R08: 0000000000000000 R09: 0000000000000000
[ 457.147777][T10352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 457.147796][T10352] R13: 00007fd426de6038 R14: 00007fd426de5fa0 R15: 00007fff57b311b8
[ 457.147839][T10352]
[ 457.147855][T10352] socket: no more sockets
[ 461.073522][T10415] netlink: 4 bytes leftover after parsing attributes in process `syz.3.905'.
[ 461.285642][T10415] netlink: 354 bytes leftover after parsing attributes in process `syz.3.905'.
[ 462.299100][T10424] FAULT_INJECTION: forcing a failure.
[ 462.299100][T10424] name failslab, interval 1, probability 0, space 0, times 0
[ 462.427559][T10424] CPU: 0 UID: 0 PID: 10424 Comm: syz.3.906 Not tainted syzkaller #0 PREEMPT(full)
[ 462.427625][T10424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 462.427644][T10424] Call Trace:
[ 462.427654][T10424]
[ 462.427666][T10424] dump_stack_lvl+0x16c/0x1f0
[ 462.427710][T10424] should_fail_ex+0x512/0x640
[ 462.427755][T10424] ? __kmalloc_noprof+0xca/0x880
[ 462.427806][T10424] should_failslab+0xc2/0x120
[ 462.427847][T10424] __kmalloc_noprof+0xdd/0x880
[ 462.427896][T10424] ? __list_lru_init+0xe8/0x4c0
[ 462.427932][T10424] ? __list_lru_init+0xe8/0x4c0
[ 462.427960][T10424] __list_lru_init+0xe8/0x4c0
[ 462.427994][T10424] alloc_super+0x86d/0xb60
[ 462.428034][T10424] sget_fc+0x116/0xc20
[ 462.428066][T10424] ? __pfx_set_anon_super_fc+0x10/0x10
[ 462.428116][T10424] ? __pfx_mqueue_fill_super+0x10/0x10
[ 462.428156][T10424] get_tree_nodev+0x28/0x190
[ 462.428191][T10424] mqueue_get_tree+0xf1/0x130
[ 462.428230][T10424] vfs_get_tree+0x8e/0x340
[ 462.428277][T10424] fc_mount_longterm+0x1a/0x270
[ 462.428324][T10424] mq_init_ns+0x426/0x620
[ 462.428372][T10424] copy_ipcs+0x2d6/0x550
[ 462.428422][T10424] create_new_namespaces+0x20a/0xa90
[ 462.428458][T10424] ? security_capable+0x7e/0x260
[ 462.428506][T10424] copy_namespaces+0x468/0x560
[ 462.428543][T10424] copy_process+0x2828/0x76a0
[ 462.428609][T10424] ? __pfx_copy_process+0x10/0x10
[ 462.428662][T10424] ? _copy_from_user+0x59/0xd0
[ 462.428717][T10424] kernel_clone+0xfc/0x930
[ 462.428758][T10424] ? __pfx_kernel_clone+0x10/0x10
[ 462.428794][T10424] ? futex_private_hash_put+0xd5/0x190
[ 462.428840][T10424] ? __pfx_futex_wait+0x10/0x10
[ 462.428899][T10424] __do_sys_clone3+0x212/0x290
[ 462.428938][T10424] ? __pfx___do_sys_clone3+0x10/0x10
[ 462.428996][T10424] ? find_held_lock+0x2b/0x80
[ 462.429064][T10424] do_syscall_64+0xcd/0xfa0
[ 462.429104][T10424] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 462.429135][T10424] RIP: 0033:0x7f0ba998f6c9
[ 462.429161][T10424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 462.429191][T10424] RSP: 002b:00007f0baa80af08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 462.429223][T10424] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f0ba998f6c9
[ 462.429241][T10424] RDX: 00007f0baa80af20 RSI: 0000000000000058 RDI: 00007f0baa80af20
[ 462.429261][T10424] RBP: 00007f0ba9a11f91 R08: 0000000000000000 R09: 0000000000000058
[ 462.429279][T10424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 462.429297][T10424] R13: 00007f0ba9be6038 R14: 00007f0ba9be5fa0 R15: 00007ffcab9b7b48
[ 462.429343][T10424]
[ 467.670562][T10497] FAULT_INJECTION: forcing a failure.
[ 467.670562][T10497] name failslab, interval 1, probability 0, space 0, times 0
[ 467.683305][T10497] CPU: 1 UID: 0 PID: 10497 Comm: syz.2.920 Not tainted syzkaller #0 PREEMPT(full)
[ 467.683332][T10497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 467.683343][T10497] Call Trace:
[ 467.683349][T10497]
[ 467.683356][T10497] dump_stack_lvl+0x16c/0x1f0
[ 467.683383][T10497] should_fail_ex+0x512/0x640
[ 467.683410][T10497] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[ 467.683433][T10497] should_failslab+0xc2/0x120
[ 467.683457][T10497] kmem_cache_alloc_lru_noprof+0x79/0x6e0
[ 467.683477][T10497] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 467.683497][T10497] ? sock_alloc_inode+0x25/0x1c0
[ 467.683527][T10497] ? __pfx_sock_alloc_inode+0x10/0x10
[ 467.683547][T10497] ? sock_alloc_inode+0x25/0x1c0
[ 467.683567][T10497] sock_alloc_inode+0x25/0x1c0
[ 467.683588][T10497] alloc_inode+0x64/0x240
[ 467.683613][T10497] sock_alloc+0x40/0x280
[ 467.683632][T10497] __sock_create+0xc1/0x8d0
[ 467.683660][T10497] smc_create_clcsk+0x37/0xd0
[ 467.683678][T10497] ? __pfx_smc_inet_init_sock+0x10/0x10
[ 467.683704][T10497] inet6_create+0xb30/0x12b0
[ 467.683727][T10497] ? inet6_create+0x7f/0x12b0
[ 467.683750][T10497] __sock_create+0x338/0x8d0
[ 467.683777][T10497] __sys_socket+0x14d/0x260
[ 467.683801][T10497] ? __pfx___sys_socket+0x10/0x10
[ 467.683825][T10497] ? xfd_validate_state+0x61/0x180
[ 467.683851][T10497] ? __pfx_ksys_write+0x10/0x10
[ 467.683875][T10497] __x64_sys_socket+0x72/0xb0
[ 467.683898][T10497] ? lockdep_hardirqs_on+0x7c/0x110
[ 467.683919][T10497] do_syscall_64+0xcd/0xfa0
[ 467.683942][T10497] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 467.683960][T10497] RIP: 0033:0x7fdad638f6c9
[ 467.683975][T10497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 467.683993][T10497] RSP: 002b:00007fdad7277038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 467.684011][T10497] RAX: ffffffffffffffda RBX: 00007fdad65e5fa0 RCX: 00007fdad638f6c9
[ 467.684023][T10497] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 000000000000000a
[ 467.684033][T10497] RBP: 00007fdad6411f91 R08: 0000000000000000 R09: 0000000000000000
[ 467.684044][T10497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 467.684054][T10497] R13: 00007fdad65e6038 R14: 00007fdad65e5fa0 R15: 00007ffe8f50fba8
[ 467.684076][T10497]
[ 467.684085][T10497] socket: no more sockets
[ 470.109777][T10524] 4fRd: entered promiscuous mode
[ 472.438374][T10564] FAULT_INJECTION: forcing a failure.
[ 472.438374][T10564] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 472.456100][T10564] CPU: 0 UID: 0 PID: 10564 Comm: syz.2.932 Not tainted syzkaller #0 PREEMPT(full)
[ 472.456140][T10564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 472.456156][T10564] Call Trace:
[ 472.456166][T10564]
[ 472.456177][T10564] dump_stack_lvl+0x16c/0x1f0
[ 472.456225][T10564] should_fail_ex+0x512/0x640
[ 472.456272][T10564] _copy_from_user+0x2e/0xd0
[ 472.456317][T10564] copy_msghdr_from_user+0x98/0x160
[ 472.456347][T10564] ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 472.456382][T10564] ? kfree+0x252/0x6d0
[ 472.456423][T10564] ? __lock_acquire+0x622/0x1c90
[ 472.456469][T10564] ___sys_recvmsg+0xdb/0x1a0
[ 472.456498][T10564] ? __pfx____sys_recvmsg+0x10/0x10
[ 472.456550][T10564] ? __pfx___might_resched+0x10/0x10
[ 472.456591][T10564] do_recvmmsg+0x2fe/0x750
[ 472.456627][T10564] ? __pfx_do_recvmmsg+0x10/0x10
[ 472.456663][T10564] ? __mutex_unlock_slowpath+0x161/0x7b0
[ 472.456712][T10564] ? __fget_files+0x20e/0x3c0
[ 472.456751][T10564] __x64_sys_recvmmsg+0x22a/0x280
[ 472.456783][T10564] ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 472.456826][T10564] do_syscall_64+0xcd/0xfa0
[ 472.456864][T10564] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 472.456893][T10564] RIP: 0033:0x7fdad638f6c9
[ 472.456916][T10564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 472.456943][T10564] RSP: 002b:00007fdad7256038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 472.456971][T10564] RAX: ffffffffffffffda RBX: 00007fdad65e6090 RCX: 00007fdad638f6c9
[ 472.456990][T10564] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 472.457007][T10564] RBP: 00007fdad7256090 R08: 0000000000000000 R09: 0000000000000000
[ 472.457024][T10564] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[ 472.457041][T10564] R13: 00007fdad65e6128 R14: 00007fdad65e6090 R15: 00007ffe8f50fba8
[ 472.457082][T10564]
[ 473.154712][T10565] netlink: 'syz.1.928': attribute type 1 has an invalid length.
[ 473.492018][T10575] random: crng reseeded on system resumption
[ 486.771959][T10691] Invalid ELF header magic: != ELF
[ 487.434907][T10697] random: crng reseeded on system resumption
[ 487.470807][T10697] FAULT_INJECTION: forcing a failure.
[ 487.470807][T10697] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 487.536988][T10697] CPU: 1 UID: 0 PID: 10697 Comm: syz.2.957 Not tainted syzkaller #0 PREEMPT(full)
[ 487.537032][T10697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 487.537047][T10697] Call Trace:
[ 487.537059][T10697]
[ 487.537070][T10697] dump_stack_lvl+0x16c/0x1f0
[ 487.537109][T10697] should_fail_ex+0x512/0x640
[ 487.537161][T10697] should_fail_alloc_page+0xe7/0x130
[ 487.537213][T10697] prepare_alloc_pages+0x3c2/0x610
[ 487.537253][T10697] ? rcu_is_watching+0x12/0xc0
[ 487.537291][T10697] __alloc_frozen_pages_noprof+0x18b/0x2470
[ 487.537338][T10697] ? stack_trace_save+0x8e/0xc0
[ 487.537375][T10697] ? __pfx_stack_trace_save+0x10/0x10
[ 487.537413][T10697] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 487.537451][T10697] ? kasan_save_stack+0x42/0x60
[ 487.537484][T10697] ? kasan_save_stack+0x33/0x60
[ 487.537522][T10697] ? do_dentry_open+0x982/0x1530
[ 487.537554][T10697] ? vfs_open+0x82/0x3f0
[ 487.537591][T10697] ? path_openat+0x1de4/0x2cb0
[ 487.537620][T10697] ? do_filp_open+0x20b/0x470
[ 487.537655][T10697] ? do_sys_openat2+0x11b/0x1d0
[ 487.537696][T10697] ? __x64_sys_openat+0x174/0x210
[ 487.537738][T10697] ? do_syscall_64+0xcd/0xfa0
[ 487.537771][T10697] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 487.537805][T10697] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 487.537855][T10697] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 487.537907][T10697] ? policy_nodemask+0xea/0x4e0
[ 487.537952][T10697] alloc_pages_mpol+0x1fb/0x550
[ 487.537995][T10697] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 487.538051][T10697] alloc_pages_noprof+0x131/0x390
[ 487.538095][T10697] get_zeroed_page_noprof+0x18/0xb0
[ 487.538133][T10697] get_image_page+0x18/0x190
[ 487.538164][T10697] alloc_rtree_node+0x3c/0xb0
[ 487.538196][T10697] memory_bm_create+0x519/0x810
[ 487.538257][T10697] create_basic_memory_bitmaps+0xbd/0x320
[ 487.538302][T10697] snapshot_open+0x235/0x2b0
[ 487.538345][T10697] ? __pfx_snapshot_open+0x10/0x10
[ 487.538384][T10697] misc_open+0x26d/0x450
[ 487.538429][T10697] ? __pfx_misc_open+0x10/0x10
[ 487.538472][T10697] chrdev_open+0x234/0x6a0
[ 487.538508][T10697] ? __pfx_apparmor_file_open+0x10/0x10
[ 487.538555][T10697] ? __pfx_chrdev_open+0x10/0x10
[ 487.538593][T10697] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 487.538636][T10697] do_dentry_open+0x982/0x1530
[ 487.538672][T10697] ? __pfx_chrdev_open+0x10/0x10
[ 487.538720][T10697] vfs_open+0x82/0x3f0
[ 487.538770][T10697] path_openat+0x1de4/0x2cb0
[ 487.538823][T10697] ? __pfx_path_openat+0x10/0x10
[ 487.538861][T10697] ? __lock_acquire+0xb8a/0x1c90
[ 487.538909][T10697] do_filp_open+0x20b/0x470
[ 487.538944][T10697] ? __pfx_do_filp_open+0x10/0x10
[ 487.539016][T10697] ? alloc_fd+0x471/0x7d0
[ 487.539062][T10697] do_sys_openat2+0x11b/0x1d0
[ 487.539104][T10697] ? __pfx_do_sys_openat2+0x10/0x10
[ 487.539169][T10697] __x64_sys_openat+0x174/0x210
[ 487.539223][T10697] ? __pfx___x64_sys_openat+0x10/0x10
[ 487.539292][T10697] do_syscall_64+0xcd/0xfa0
[ 487.539329][T10697] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 487.539355][T10697] RIP: 0033:0x7fdad638f6c9
[ 487.539380][T10697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 487.539408][T10697] RSP: 002b:00007fdad7277038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 487.539436][T10697] RAX: ffffffffffffffda RBX: 00007fdad65e5fa0 RCX: 00007fdad638f6c9
[ 487.539455][T10697] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 487.539470][T10697] RBP: 00007fdad6411f91 R08: 0000000000000000 R09: 0000000000000000
[ 487.539484][T10697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 487.539497][T10697] R13: 00007fdad65e6038 R14: 00007fdad65e5fa0 R15: 00007ffe8f50fba8
[ 487.539531][T10697]
[ 488.329062][T10701] random: crng reseeded on system resumption
[ 488.382034][T10705] netlink: 4 bytes leftover after parsing attributes in process `syz.2.958'.
[ 492.656572][T10769] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078038dc0 pfn:0x78038
[ 492.706163][T10769] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 492.730243][T10769] page_type: f2(table)
[ 492.753311][T10769] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[ 492.792597][T10769] raw: ffff888078038dc0 0000000000000000 00000001f2000000 0000000000000000
[ 493.003962][T10769] page dumped because: unmovable page
[ 493.136650][T10769] page_owner tracks the page as allocated
[ 493.176059][T10769] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), pid 5826, tgid 5826 (syz-executor), ts 220464607688, free_ts 220464527269
[ 493.237314][T10787] openvswitch: netlink: Tunnel attr 242 out of range max 16
[ 493.365978][T10769] post_alloc_hook+0x1c0/0x230
[ 493.382584][T10769] get_page_from_freelist+0x10a3/0x3a30
[ 493.401507][T10769] __alloc_frozen_pages_noprof+0x25f/0x2470
[ 493.433183][T10769] alloc_pages_mpol+0x1fb/0x550
[ 493.440785][T10769] alloc_pages_noprof+0x131/0x390
[ 493.476271][T10769] __pte_alloc_kernel+0x24/0x610
[ 493.481321][T10769] vmap_small_pages_range_noflush+0x9f2/0xdb0
[ 493.494220][T10769] __vmap_pages_range_noflush+0x1ff/0x230
[ 493.510422][T10769] __vmalloc_node_range_noprof+0x863/0x1480
[ 493.530682][T10769] __vmalloc_node_noprof+0xad/0xf0
[ 493.546124][T10769] do_ip6t_get_ctl+0x63f/0xa50
[ 493.571593][T10769] nf_getsockopt+0x7c/0xe0
[ 493.581520][T10769] ipv6_getsockopt+0x1f7/0x280
[ 493.581618][T10769] tcp_getsockopt+0xa1/0x100
[ 493.581756][T10769] do_sock_getsockopt+0x34d/0x440
[ 493.581794][T10769] __sys_getsockopt+0x123/0x1b0
[ 493.581841][T10769] page last free pid 5826 tgid 5826 stack trace:
[ 493.581862][T10769] __free_frozen_pages+0x7df/0x1160
[ 493.581906][T10769] kasan_populate_vmalloc+0x1eb/0x2d0
[ 493.581938][T10769] alloc_vmap_area+0x960/0x29e0
[ 493.581974][T10769] __get_vm_area_node+0x1ca/0x330
[ 493.582014][T10769] __vmalloc_node_range_noprof+0x271/0x1480
[ 493.582058][T10769] __vmalloc_node_noprof+0xad/0xf0
[ 493.582098][T10769] do_ip6t_get_ctl+0x63f/0xa50
[ 493.582140][T10769] nf_getsockopt+0x7c/0xe0
[ 493.582181][T10769] ipv6_getsockopt+0x1f7/0x280
[ 493.582222][T10769] tcp_getsockopt+0xa1/0x100
[ 493.582268][T10769] do_sock_getsockopt+0x34d/0x440
[ 493.582304][T10769] __sys_getsockopt+0x123/0x1b0
[ 493.582349][T10769] __x64_sys_getsockopt+0xbd/0x160
[ 493.582395][T10769] do_syscall_64+0xcd/0xfa0
[ 493.582432][T10769] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 494.664361][T10816] netlink: 28 bytes leftover after parsing attributes in process `syz.1.974'.
[ 494.783471][T10820] netlink: 342 bytes leftover after parsing attributes in process `syz.3.976'.
[ 495.285154][T10837] futex_wake_op: syz.3.980 tries to shift op by -2048; fix this program
[ 495.337053][T10837] 0x000000000001-0x000000020000 : ""
[ 495.391613][ T5895] smpboot: CPU 1 is now offline
[ 495.427926][T10837] ftl_cs: FTL header corrupt!
[ 499.557994][T10932] FAULT_INJECTION: forcing a failure.
[ 499.557994][T10932] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 499.640512][T10932] CPU: 0 UID: 0 PID: 10932 Comm: syz.2.994 Not tainted syzkaller #0 PREEMPT(full)
[ 499.640539][T10932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 499.640549][T10932] Call Trace:
[ 499.640561][T10932]
[ 499.640568][T10932] dump_stack_lvl+0x16c/0x1f0
[ 499.640594][T10932] should_fail_ex+0x512/0x640
[ 499.640626][T10932] _copy_from_user+0x2e/0xd0
[ 499.640658][T10932] copy_msghdr_from_user+0x98/0x160
[ 499.640678][T10932] ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 499.640699][T10932] ? kfree+0x252/0x6d0
[ 499.640726][T10932] ? __pfx__kstrtoull+0x10/0x10
[ 499.640752][T10932] ___sys_sendmsg+0xfe/0x1d0
[ 499.640777][T10932] ? __pfx____sys_sendmsg+0x10/0x10
[ 499.640814][T10932] ? __pfx___might_resched+0x10/0x10
[ 499.640838][T10932] __sys_sendmmsg+0x200/0x420
[ 499.640858][T10932] ? __pfx___sys_sendmmsg+0x10/0x10
[ 499.640883][T10932] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 499.640916][T10932] ? fput+0x9b/0xd0
[ 499.640941][T10932] ? ksys_write+0x1ac/0x250
[ 499.640960][T10932] ? __pfx_ksys_write+0x10/0x10
[ 499.640984][T10932] __x64_sys_sendmmsg+0x9c/0x100
[ 499.641033][T10932] ? lockdep_hardirqs_on+0x7c/0x110
[ 499.641055][T10932] do_syscall_64+0xcd/0xfa0
[ 499.641078][T10932] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 499.641097][T10932] RIP: 0033:0x7fdad638f6c9
[ 499.641112][T10932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 499.641130][T10932] RSP: 002b:00007fdad7256038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 499.641147][T10932] RAX: ffffffffffffffda RBX: 00007fdad65e6090 RCX: 00007fdad638f6c9
[ 499.641159][T10932] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003
[ 499.641170][T10932] RBP: 00007fdad7256090 R08: 0000000000000000 R09: 0000000000000000
[ 499.641181][T10932] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000002
[ 499.641191][T10932] R13: 00007fdad65e6128 R14: 00007fdad65e6090 R15: 00007ffe8f50fba8
[ 499.641214][T10932]
[ 501.576065][ T5149] Bluetooth: hci3: unexpected event 0x14 length: 16 > 6
[ 502.315601][T10932] kexec: Could not allocate control_code_buffer
[ 504.606356][T10987] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1005'.
[ 504.722039][T10987] FAULT_INJECTION: forcing a failure.
[ 504.722039][T10987] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 504.810076][T10987] CPU: 0 UID: 0 PID: 10987 Comm: syz.2.1005 Not tainted syzkaller #0 PREEMPT(full)
[ 504.810102][T10987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 504.810113][T10987] Call Trace:
[ 504.810119][T10987]
[ 504.810126][T10987] dump_stack_lvl+0x16c/0x1f0
[ 504.810151][T10987] should_fail_ex+0x512/0x640
[ 504.810184][T10987] _copy_from_iter+0x29f/0x1720
[ 504.810216][T10987] ? __alloc_skb+0x200/0x380
[ 504.810245][T10987] ? __pfx__copy_from_iter+0x10/0x10
[ 504.810275][T10987] ? netlink_autobind.isra.0+0x158/0x370
[ 504.810302][T10987] netlink_sendmsg+0x820/0xdd0
[ 504.810325][T10987] ? __pfx_netlink_sendmsg+0x10/0x10
[ 504.810347][T10987] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 504.810378][T10987] ____sys_sendmsg+0xa98/0xc70
[ 504.810402][T10987] ? copy_msghdr_from_user+0x10a/0x160
[ 504.810420][T10987] ? __pfx_____sys_sendmsg+0x10/0x10
[ 504.810446][T10987] ? __pfx__kstrtoull+0x10/0x10
[ 504.810473][T10987] ___sys_sendmsg+0x134/0x1d0
[ 504.810491][T10987] ? __pfx____sys_sendmsg+0x10/0x10
[ 504.810519][T10987] ? find_held_lock+0x2b/0x80
[ 504.810551][T10987] __sys_sendmmsg+0x200/0x420
[ 504.810571][T10987] ? __pfx___sys_sendmmsg+0x10/0x10
[ 504.810601][T10987] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 504.810637][T10987] ? fput+0x9b/0xd0
[ 504.810691][T10987] ? ksys_write+0x1ac/0x250
[ 504.810716][T10987] ? __pfx_ksys_write+0x10/0x10
[ 504.810739][T10987] __x64_sys_sendmmsg+0x9c/0x100
[ 504.810757][T10987] ? lockdep_hardirqs_on+0x7c/0x110
[ 504.810778][T10987] do_syscall_64+0xcd/0xfa0
[ 504.810802][T10987] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 504.810821][T10987] RIP: 0033:0x7fdad638f6c9
[ 504.810835][T10987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 504.810853][T10987] RSP: 002b:00007fdad7277038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 504.810872][T10987] RAX: ffffffffffffffda RBX: 00007fdad65e5fa0 RCX: 00007fdad638f6c9
[ 504.810884][T10987] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[ 504.810895][T10987] RBP: 00007fdad7277090 R08: 0000000000000000 R09: 0000000000000000
[ 504.810905][T10987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 504.810916][T10987] R13: 00007fdad65e6038 R14: 00007fdad65e5fa0 R15: 00007ffe8f50fba8
[ 504.810939][T10987]
[ 505.544453][T11000] futex_wake_op: syz.0.1006 tries to shift op by -9; fix this program
[ 505.702956][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 505.711153][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 505.752721][T11006] FAULT_INJECTION: forcing a failure.
[ 505.752721][T11006] name failslab, interval 1, probability 0, space 0, times 0
[ 505.823047][T11001] can: request_module (can-proto-0) failed.
[ 505.830949][T11006] CPU: 0 UID: 0 PID: 11006 Comm: syz.3.1008 Not tainted syzkaller #0 PREEMPT(full)
[ 505.830974][T11006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 505.830984][T11006] Call Trace:
[ 505.830990][T11006]
[ 505.830997][T11006] dump_stack_lvl+0x16c/0x1f0
[ 505.831024][T11006] should_fail_ex+0x512/0x640
[ 505.831052][T11006] ? __kmalloc_noprof+0xca/0x880
[ 505.831084][T11006] should_failslab+0xc2/0x120
[ 505.831109][T11006] __kmalloc_noprof+0xdd/0x880
[ 505.831139][T11006] ? __register_sysctl_table+0xb3/0x1900
[ 505.831170][T11006] ? __register_sysctl_table+0xb3/0x1900
[ 505.831196][T11006] __register_sysctl_table+0xb3/0x1900
[ 505.831224][T11006] ? rcu_is_watching+0x12/0xc0
[ 505.831244][T11006] ? __kmalloc_node_track_caller_noprof+0x362/0x8a0
[ 505.831267][T11006] ? __pfx___register_sysctl_table+0x10/0x10
[ 505.831297][T11006] ? __asan_memcpy+0x3c/0x60
[ 505.831317][T11006] setup_ipc_sysctls+0x1aa/0x300
[ 505.831344][T11006] copy_ipcs+0x3fe/0x550
[ 505.831373][T11006] create_new_namespaces+0x20a/0xa90
[ 505.831394][T11006] ? security_capable+0x7e/0x260
[ 505.831422][T11006] copy_namespaces+0x468/0x560
[ 505.831442][T11006] copy_process+0x2828/0x76a0
[ 505.831474][T11006] ? __pfx_copy_process+0x10/0x10
[ 505.831502][T11006] ? _copy_from_user+0x59/0xd0
[ 505.831533][T11006] kernel_clone+0xfc/0x930
[ 505.831557][T11006] ? __pfx_kernel_clone+0x10/0x10
[ 505.831578][T11006] ? futex_private_hash_put+0xd5/0x190
[ 505.831604][T11006] ? __pfx_futex_wait+0x10/0x10
[ 505.831638][T11006] __do_sys_clone3+0x212/0x290
[ 505.831661][T11006] ? __pfx___do_sys_clone3+0x10/0x10
[ 505.831693][T11006] ? find_held_lock+0x2b/0x80
[ 505.831736][T11006] do_syscall_64+0xcd/0xfa0
[ 505.831759][T11006] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 505.831778][T11006] RIP: 0033:0x7f0ba998f6c9
[ 505.831793][T11006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 505.831811][T11006] RSP: 002b:00007f0baa80af08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 505.831830][T11006] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f0ba998f6c9
[ 505.831842][T11006] RDX: 00007f0baa80af20 RSI: 0000000000000058 RDI: 00007f0baa80af20
[ 505.831854][T11006] RBP: 00007f0ba9a11f91 R08: 0000000000000000 R09: 0000000000000058
[ 505.831865][T11006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 505.831876][T11006] R13: 00007f0ba9be6038 R14: 00007f0ba9be5fa0 R15: 00007ffcab9b7b48
[ 505.831899][T11006]
[ 506.096308][T10999] can: request_module (can-proto-3) failed.
[ 512.147188][T11060] Invalid ELF header magic: != ELF
[ 512.772984][T11070] FAULT_INJECTION: forcing a failure.
[ 512.772984][T11070] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 512.914259][T11070] CPU: 0 UID: 0 PID: 11070 Comm: syz.3.1023 Not tainted syzkaller #0 PREEMPT(full)
[ 512.914287][T11070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 512.914297][T11070] Call Trace:
[ 512.914304][T11070]
[ 512.914311][T11070] dump_stack_lvl+0x16c/0x1f0
[ 512.914338][T11070] should_fail_ex+0x512/0x640
[ 512.914369][T11070] _copy_from_user+0x2e/0xd0
[ 512.914399][T11070] copy_msghdr_from_user+0x98/0x160
[ 512.914419][T11070] ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 512.914440][T11070] ? kfree+0x252/0x6d0
[ 512.914469][T11070] ? __lock_acquire+0x622/0x1c90
[ 512.914499][T11070] ___sys_recvmsg+0xdb/0x1a0
[ 512.914516][T11070] ? __pfx____sys_recvmsg+0x10/0x10
[ 512.914546][T11070] ? __pfx___might_resched+0x10/0x10
[ 512.914570][T11070] do_recvmmsg+0x2fe/0x750
[ 512.914597][T11070] ? __pfx_do_recvmmsg+0x10/0x10
[ 512.914619][T11070] ? __mutex_unlock_slowpath+0x161/0x7b0
[ 512.914650][T11070] ? __fget_files+0x20e/0x3c0
[ 512.914674][T11070] __x64_sys_recvmmsg+0x22a/0x280
[ 512.914694][T11070] ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 512.914720][T11070] do_syscall_64+0xcd/0xfa0
[ 512.914744][T11070] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 512.914763][T11070] RIP: 0033:0x7f0ba998f6c9
[ 512.914777][T11070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 512.914795][T11070] RSP: 002b:00007f0baa7ea038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 512.914813][T11070] RAX: ffffffffffffffda RBX: 00007f0ba9be6090 RCX: 00007f0ba998f6c9
[ 512.914825][T11070] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 512.914836][T11070] RBP: 00007f0baa7ea090 R08: 0000000000000000 R09: 0000000000000000
[ 512.914847][T11070] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[ 512.914857][T11070] R13: 00007f0ba9be6128 R14: 00007f0ba9be6090 R15: 00007ffcab9b7b48
[ 512.914880][T11070]
[ 513.106873][ C0] vkms_vblank_simulate: vblank timer overrun
[ 513.719619][T11083] ptrace attach of "./syz-executor exec"[5826] was attempted by ""[11083]
[ 514.476980][T11094] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1029'.
[ 515.007068][T11085] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 515.042993][T11085] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 515.069209][T11085] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 515.100768][T11085] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 515.246931][T11085] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 515.469912][T11089] netlink: 'syz.1.1027': attribute type 1 has an invalid length.
[ 516.109347][T11124] FAULT_INJECTION: forcing a failure.
[ 516.109347][T11124] name failslab, interval 1, probability 0, space 0, times 0
[ 516.179629][T11124] CPU: 0 UID: 0 PID: 11124 Comm: syz.2.1035 Not tainted syzkaller #0 PREEMPT(full)
[ 516.179657][T11124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 516.179667][T11124] Call Trace:
[ 516.179673][T11124]
[ 516.179681][T11124] dump_stack_lvl+0x16c/0x1f0
[ 516.179708][T11124] should_fail_ex+0x512/0x640
[ 516.179736][T11124] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[ 516.179759][T11124] should_failslab+0xc2/0x120
[ 516.179784][T11124] kmem_cache_alloc_lru_noprof+0x79/0x6e0
[ 516.179804][T11124] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 516.179824][T11124] ? sock_alloc_inode+0x25/0x1c0
[ 516.179849][T11124] ? __pfx_sock_alloc_inode+0x10/0x10
[ 516.179869][T11124] ? sock_alloc_inode+0x25/0x1c0
[ 516.179889][T11124] sock_alloc_inode+0x25/0x1c0
[ 516.179910][T11124] alloc_inode+0x64/0x240
[ 516.179935][T11124] sock_alloc+0x40/0x280
[ 516.179954][T11124] __sock_create+0xc1/0x8d0
[ 516.179981][T11124] smc_create_clcsk+0x37/0xd0
[ 516.180000][T11124] ? __pfx_smc_inet_init_sock+0x10/0x10
[ 516.180025][T11124] inet6_create+0xb30/0x12b0
[ 516.180049][T11124] ? inet6_create+0x7f/0x12b0
[ 516.180072][T11124] __sock_create+0x338/0x8d0
[ 516.180099][T11124] __sys_socket+0x14d/0x260
[ 516.180123][T11124] ? __pfx___sys_socket+0x10/0x10
[ 516.180146][T11124] ? xfd_validate_state+0x61/0x180
[ 516.180172][T11124] ? __pfx_ksys_write+0x10/0x10
[ 516.180195][T11124] __x64_sys_socket+0x72/0xb0
[ 516.180218][T11124] ? lockdep_hardirqs_on+0x7c/0x110
[ 516.180240][T11124] do_syscall_64+0xcd/0xfa0
[ 516.180263][T11124] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 516.180281][T11124] RIP: 0033:0x7fdad638f6c9
[ 516.180296][T11124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 516.180314][T11124] RSP: 002b:00007fdad7277038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 516.180336][T11124] RAX: ffffffffffffffda RBX: 00007fdad65e5fa0 RCX: 00007fdad638f6c9
[ 516.180348][T11124] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 000000000000000a
[ 516.180358][T11124] RBP: 00007fdad6411f91 R08: 0000000000000000 R09: 0000000000000000
[ 516.180371][T11124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 516.180382][T11124] R13: 00007fdad65e6038 R14: 00007fdad65e5fa0 R15: 00007ffe8f50fba8
[ 516.180406][T11124]
[ 516.415485][ C0] vkms_vblank_simulate: vblank timer overrun
[ 516.422604][T11124] socket: no more sockets
[ 516.758818][ T5149] Bluetooth: hci0: command 0x0c1a tx timeout
[ 517.120982][ T5149] Bluetooth: hci2: command 0x0c1a tx timeout
[ 517.128056][ T5149] Bluetooth: hci1: command 0x0c1a tx timeout
[ 517.331602][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[ 517.746733][T11145] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1041'.
[ 519.156705][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[ 519.220317][T11172] FAULT_INJECTION: forcing a failure.
[ 519.220317][T11172] name failslab, interval 1, probability 0, space 0, times 0
[ 519.290827][T11172] CPU: 0 UID: 0 PID: 11172 Comm: syz.0.1045 Not tainted syzkaller #0 PREEMPT(full)
[ 519.290853][T11172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 519.290864][T11172] Call Trace:
[ 519.290871][T11172]
[ 519.290878][T11172] dump_stack_lvl+0x16c/0x1f0
[ 519.290905][T11172] should_fail_ex+0x512/0x640
[ 519.290932][T11172] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[ 519.290956][T11172] should_failslab+0xc2/0x120
[ 519.290981][T11172] kmem_cache_alloc_lru_noprof+0x79/0x6e0
[ 519.290999][T11172] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 519.291020][T11172] ? sock_alloc_inode+0x25/0x1c0
[ 519.291053][T11172] ? __pfx_sock_alloc_inode+0x10/0x10
[ 519.291073][T11172] ? sock_alloc_inode+0x25/0x1c0
[ 519.291094][T11172] sock_alloc_inode+0x25/0x1c0
[ 519.291114][T11172] alloc_inode+0x64/0x240
[ 519.291140][T11172] sock_alloc+0x40/0x280
[ 519.291160][T11172] __sock_create+0xc1/0x8d0
[ 519.291188][T11172] smc_create_clcsk+0x37/0xd0
[ 519.291208][T11172] ? __pfx_smc_inet_init_sock+0x10/0x10
[ 519.291233][T11172] inet6_create+0xb30/0x12b0
[ 519.291257][T11172] ? inet6_create+0x7f/0x12b0
[ 519.291280][T11172] __sock_create+0x338/0x8d0
[ 519.291307][T11172] __sys_socket+0x14d/0x260
[ 519.291331][T11172] ? __pfx___sys_socket+0x10/0x10
[ 519.291355][T11172] ? xfd_validate_state+0x61/0x180
[ 519.291380][T11172] ? __pfx_ksys_write+0x10/0x10
[ 519.291404][T11172] __x64_sys_socket+0x72/0xb0
[ 519.291428][T11172] ? lockdep_hardirqs_on+0x7c/0x110
[ 519.291449][T11172] do_syscall_64+0xcd/0xfa0
[ 519.291472][T11172] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 519.291490][T11172] RIP: 0033:0x7fd426b8f6c9
[ 519.291505][T11172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 519.291530][T11172] RSP: 002b:00007fd427b11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 519.291548][T11172] RAX: ffffffffffffffda RBX: 00007fd426de5fa0 RCX: 00007fd426b8f6c9
[ 519.291560][T11172] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 000000000000000a
[ 519.291570][T11172] RBP: 00007fd426c11f91 R08: 0000000000000000 R09: 0000000000000000
[ 519.291581][T11172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 519.291591][T11172] R13: 00007fd426de6038 R14: 00007fd426de5fa0 R15: 00007fff57b311b8
[ 519.291613][T11172]
[ 519.291623][T11172] socket: no more sockets
[ 520.329058][T11188] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 520.337943][T11188] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 520.383714][T11188] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 520.412335][T11188] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 520.591988][T11197] netlink: 244 bytes leftover after parsing attributes in process `syz.2.1049'.
[ 521.051557][T11213] futex_wake_op: syz.2.1052 tries to shift op by -2048; fix this program
[ 521.096141][T11207] input: j�J�Ǹ-9%vlQ J86� as /devices/virtual/input/input19
[ 522.276074][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[ 522.344862][ T5829] Bluetooth: hci0: Unable to find connection for big 0xd2
[ 522.356459][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[ 522.362508][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[ 522.436286][T11246] Bluetooth: hci3: command 0x0c1a tx timeout
[ 523.517014][T11270] FAULT_INJECTION: forcing a failure.
[ 523.517014][T11270] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 523.566678][T11271] syz.3.1063 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[ 523.579774][T11270] CPU: 0 UID: 0 PID: 11270 Comm: syz.0.1062 Not tainted syzkaller #0 PREEMPT(full)
[ 523.579800][T11270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 523.579811][T11270] Call Trace:
[ 523.579816][T11270]
[ 523.579823][T11270] dump_stack_lvl+0x16c/0x1f0
[ 523.579850][T11270] should_fail_ex+0x512/0x640
[ 523.579883][T11270] _copy_from_user+0x2e/0xd0
[ 523.579913][T11270] copy_msghdr_from_user+0x98/0x160
[ 523.579932][T11270] ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 523.579954][T11270] ? __pfx__kstrtoull+0x10/0x10
[ 523.579980][T11270] ___sys_sendmsg+0xfe/0x1d0
[ 523.579999][T11270] ? __pfx____sys_sendmsg+0x10/0x10
[ 523.580027][T11270] ? find_held_lock+0x2b/0x80
[ 523.580059][T11270] __sys_sendmmsg+0x200/0x420
[ 523.580080][T11270] ? __pfx___sys_sendmmsg+0x10/0x10
[ 523.580105][T11270] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 523.580138][T11270] ? fput+0x9b/0xd0
[ 523.580163][T11270] ? ksys_write+0x1ac/0x250
[ 523.580181][T11270] ? __pfx_ksys_write+0x10/0x10
[ 523.580205][T11270] __x64_sys_sendmmsg+0x9c/0x100
[ 523.580223][T11270] ? lockdep_hardirqs_on+0x7c/0x110
[ 523.580244][T11270] do_syscall_64+0xcd/0xfa0
[ 523.580267][T11270] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 523.580286][T11270] RIP: 0033:0x7fd426b8f6c9
[ 523.580300][T11270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 523.580318][T11270] RSP: 002b:00007fd427b11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 523.580336][T11270] RAX: ffffffffffffffda RBX: 00007fd426de5fa0 RCX: 00007fd426b8f6c9
[ 523.580348][T11270] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000004
[ 523.580359][T11270] RBP: 00007fd427b11090 R08: 0000000000000000 R09: 0000000000000000
[ 523.580369][T11270] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[ 523.580380][T11270] R13: 00007fd426de6038 R14: 00007fd426de5fa0 R15: 00007fff57b311b8
[ 523.580403][T11270]
[ 524.672864][T11288] random: crng reseeded on system resumption
[ 524.776568][T11288] FAULT_INJECTION: forcing a failure.
[ 524.776568][T11288] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 524.820918][T11288] CPU: 0 UID: 0 PID: 11288 Comm: syz.0.1068 Not tainted syzkaller #0 PREEMPT(full)
[ 524.820944][T11288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 524.820955][T11288] Call Trace:
[ 524.820962][T11288]
[ 524.820969][T11288] dump_stack_lvl+0x16c/0x1f0
[ 524.820996][T11288] should_fail_ex+0x512/0x640
[ 524.821027][T11288] should_fail_alloc_page+0xe7/0x130
[ 524.821055][T11288] prepare_alloc_pages+0x3c2/0x610
[ 524.821080][T11288] ? rcu_is_watching+0x12/0xc0
[ 524.821102][T11288] __alloc_frozen_pages_noprof+0x18b/0x2470
[ 524.821129][T11288] ? stack_trace_save+0x8e/0xc0
[ 524.821150][T11288] ? __pfx_stack_trace_save+0x10/0x10
[ 524.821173][T11288] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 524.821195][T11288] ? kasan_save_stack+0x42/0x60
[ 524.821215][T11288] ? kasan_save_stack+0x33/0x60
[ 524.821238][T11288] ? do_dentry_open+0x982/0x1530
[ 524.821258][T11288] ? vfs_open+0x82/0x3f0
[ 524.821281][T11288] ? path_openat+0x1de4/0x2cb0
[ 524.821299][T11288] ? do_filp_open+0x20b/0x470
[ 524.821316][T11288] ? do_sys_openat2+0x11b/0x1d0
[ 524.821341][T11288] ? __x64_sys_openat+0x174/0x210
[ 524.821367][T11288] ? do_syscall_64+0xcd/0xfa0
[ 524.821387][T11288] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 524.821418][T11288] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 524.821449][T11288] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 524.821480][T11288] ? policy_nodemask+0xea/0x4e0
[ 524.821507][T11288] alloc_pages_mpol+0x1fb/0x550
[ 524.821533][T11288] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 524.821564][T11288] alloc_pages_noprof+0x131/0x390
[ 524.821589][T11288] get_zeroed_page_noprof+0x18/0xb0
[ 524.821612][T11288] get_image_page+0x18/0x190
[ 524.821632][T11288] alloc_rtree_node+0x3c/0xb0
[ 524.821651][T11288] memory_bm_create+0x519/0x810
[ 524.821678][T11288] create_basic_memory_bitmaps+0xbd/0x320
[ 524.821703][T11288] snapshot_open+0x235/0x2b0
[ 524.821724][T11288] ? __pfx_snapshot_open+0x10/0x10
[ 524.821748][T11288] misc_open+0x26d/0x450
[ 524.821775][T11288] ? __pfx_misc_open+0x10/0x10
[ 524.821802][T11288] chrdev_open+0x234/0x6a0
[ 524.821822][T11288] ? __pfx_apparmor_file_open+0x10/0x10
[ 524.821854][T11288] ? __pfx_chrdev_open+0x10/0x10
[ 524.821877][T11288] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 524.821902][T11288] do_dentry_open+0x982/0x1530
[ 524.821923][T11288] ? __pfx_chrdev_open+0x10/0x10
[ 524.821949][T11288] vfs_open+0x82/0x3f0
[ 524.821984][T11288] path_openat+0x1de4/0x2cb0
[ 524.822011][T11288] ? __pfx_path_openat+0x10/0x10
[ 524.822033][T11288] ? __lock_acquire+0xb8a/0x1c90
[ 524.822060][T11288] do_filp_open+0x20b/0x470
[ 524.822080][T11288] ? __pfx_do_filp_open+0x10/0x10
[ 524.822116][T11288] ? alloc_fd+0x471/0x7d0
[ 524.822141][T11288] do_sys_openat2+0x11b/0x1d0
[ 524.822168][T11288] ? __pfx_do_sys_openat2+0x10/0x10
[ 524.822204][T11288] __x64_sys_openat+0x174/0x210
[ 524.822232][T11288] ? __pfx___x64_sys_openat+0x10/0x10
[ 524.822275][T11288] do_syscall_64+0xcd/0xfa0
[ 524.822298][T11288] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 524.822316][T11288] RIP: 0033:0x7fd426b8f6c9
[ 524.822331][T11288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 524.822349][T11288] RSP: 002b:00007fd427b11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 524.822367][T11288] RAX: ffffffffffffffda RBX: 00007fd426de5fa0 RCX: 00007fd426b8f6c9
[ 524.822379][T11288] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 524.822391][T11288] RBP: 00007fd426c11f91 R08: 0000000000000000 R09: 0000000000000000
[ 524.822402][T11288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 524.822418][T11288] R13: 00007fd426de6038 R14: 00007fd426de5fa0 R15: 00007fff57b311b8
[ 524.822442][T11288]
[ 526.265216][T11321] FAULT_INJECTION: forcing a failure.
[ 526.265216][T11321] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 526.381479][T11321] CPU: 0 UID: 0 PID: 11321 Comm: syz.2.1076 Not tainted syzkaller #0 PREEMPT(full)
[ 526.381506][T11321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 526.381518][T11321] Call Trace:
[ 526.381524][T11321]
[ 526.381532][T11321] dump_stack_lvl+0x16c/0x1f0
[ 526.381558][T11321] should_fail_ex+0x512/0x640
[ 526.381590][T11321] should_fail_alloc_page+0xe7/0x130
[ 526.381617][T11321] prepare_alloc_pages+0x3c2/0x610
[ 526.381645][T11321] __alloc_frozen_pages_noprof+0x18b/0x2470
[ 526.381665][T11321] ? finish_task_switch.isra.0+0x21c/0xc10
[ 526.381692][T11321] ? rcu_is_watching+0x12/0xc0
[ 526.381712][T11321] ? finish_task_switch.isra.0+0x221/0xc10
[ 526.381730][T11321] ? lockdep_hardirqs_on+0x7c/0x110
[ 526.381752][T11321] ? finish_task_switch.isra.0+0x221/0xc10
[ 526.381772][T11321] ? rcu_is_watching+0x12/0xc0
[ 526.381791][T11321] ? trace_sched_exit_tp+0xd1/0x120
[ 526.381820][T11321] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 526.381849][T11321] ? __lock_acquire+0x622/0x1c90
[ 526.381876][T11321] ? __pfx___schedule+0x10/0x10
[ 526.381895][T11321] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 526.381927][T11321] ? policy_nodemask+0xea/0x4e0
[ 526.381954][T11321] alloc_pages_mpol+0x1fb/0x550
[ 526.381979][T11321] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 526.382011][T11321] folio_alloc_mpol_noprof+0x36/0x2f0
[ 526.382041][T11321] vma_alloc_folio_noprof+0xed/0x1e0
[ 526.382070][T11321] ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 526.382105][T11321] do_pte_missing+0x2202/0x3ba0
[ 526.382135][T11321] ? find_held_lock+0x2b/0x80
[ 526.382159][T11321] __handle_mm_fault+0x1556/0x2aa0
[ 526.382195][T11321] ? __pfx___handle_mm_fault+0x10/0x10
[ 526.382242][T11321] ? lock_vma_under_rcu+0x176/0x530
[ 526.382278][T11321] ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 526.382313][T11321] handle_mm_fault+0x589/0xd10
[ 526.382343][T11321] ? __pkru_allows_pkey+0x21/0xb0
[ 526.382373][T11321] do_user_addr_fault+0x60c/0x1370
[ 526.382393][T11321] ? rcu_is_watching+0x12/0xc0
[ 526.382415][T11321] exc_page_fault+0x64/0xc0
[ 526.382436][T11321] asm_exc_page_fault+0x26/0x30
[ 526.382453][T11321] RIP: 0033:0x7fdad625a5ab
[ 526.382468][T11321] Code: 00 00 00 48 8d 3d 8d 3b 19 00 48 89 c1 31 c0 e8 db 39 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d c1 3b 19 00 48 89 34 24 48 8b 14 24 48 8b
[ 526.382486][T11321] RSP: 002b:00007fdad7254fb0 EFLAGS: 00010202
[ 526.382501][T11321] RAX: 0000000000000000 RBX: 00007fdad65e6090 RCX: 0000000000000000
[ 526.382517][T11321] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000180
[ 526.382528][T11321] RBP: 00007fdad6411f91 R08: 0000000000000000 R09: 0000000000000000
[ 526.382539][T11321] R10: 0000200000000180 R11: 0000000000000000 R12: 0000000000000000
[ 526.382549][T11321] R13: 00007fdad65e6128 R14: 00007fdad65e6090 R15: 00007ffe8f50fba8
[ 526.382573][T11321]
[ 526.661875][ C0] vkms_vblank_simulate: vblank timer overrun
[ 526.671048][T11321] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 526.681873][T11321] FAULT_INJECTION: forcing a failure.
[ 526.681873][T11321] name failslab, interval 1, probability 0, space 0, times 0
[ 526.695019][T11321] CPU: 0 UID: 0 PID: 11321 Comm: syz.2.1076 Not tainted syzkaller #0 PREEMPT(full)
[ 526.695046][T11321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 526.695057][T11321] Call Trace:
[ 526.695063][T11321]
[ 526.695069][T11321] dump_stack_lvl+0x16c/0x1f0
[ 526.695097][T11321] should_fail_ex+0x512/0x640
[ 526.695124][T11321] ? kmem_cache_alloc_node_noprof+0x65/0x770
[ 526.695148][T11321] should_failslab+0xc2/0x120
[ 526.695173][T11321] kmem_cache_alloc_node_noprof+0x78/0x770
[ 526.695192][T11321] ? __alloc_skb+0x2b2/0x380
[ 526.695226][T11321] ? __alloc_skb+0x2b2/0x380
[ 526.695255][T11321] __alloc_skb+0x2b2/0x380
[ 526.695283][T11321] ? __pfx___alloc_skb+0x10/0x10
[ 526.695312][T11321] ? netlink_autobind.isra.0+0x158/0x370
[ 526.695338][T11321] netlink_alloc_large_skb+0x69/0x140
[ 526.695359][T11321] netlink_sendmsg+0x698/0xdd0
[ 526.695384][T11321] ? __pfx_netlink_sendmsg+0x10/0x10
[ 526.695407][T11321] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 526.695438][T11321] __sys_sendto+0x4a3/0x520
[ 526.695467][T11321] ? __pfx___sys_sendto+0x10/0x10
[ 526.695502][T11321] ? find_held_lock+0x2b/0x80
[ 526.695536][T11321] __x64_sys_sendto+0xe0/0x1c0
[ 526.695564][T11321] ? do_syscall_64+0x91/0xfa0
[ 526.695585][T11321] ? lockdep_hardirqs_on+0x7c/0x110
[ 526.695607][T11321] do_syscall_64+0xcd/0xfa0
[ 526.695638][T11321] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 526.695657][T11321] RIP: 0033:0x7fdad639155c
[ 526.695672][T11321] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[ 526.695689][T11321] RSP: 002b:00007fdad7254ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 526.695707][T11321] RAX: ffffffffffffffda RBX: 00007fdad7254fc0 RCX: 00007fdad639155c
[ 526.695719][T11321] RDX: 0000000000000020 RSI: 00007fdad7255010 RDI: 0000000000000006
[ 526.695730][T11321] RBP: 0000000000000000 R08: 00007fdad7254f14 R09: 000000000000000c
[ 526.695741][T11321] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000006
[ 526.695751][T11321] R13: 00007fdad7254f68 R14: 00007fdad7255010 R15: 0000000000000000
[ 526.695774][T11321]
[ 526.908569][ C0] vkms_vblank_simulate: vblank timer overrun
[ 527.223793][T11328] FAULT_INJECTION: forcing a failure.
[ 527.223793][T11328] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 527.266031][T11328] CPU: 0 UID: 0 PID: 11328 Comm: syz.2.1081 Not tainted syzkaller #0 PREEMPT(full)
[ 527.266057][T11328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 527.266068][T11328] Call Trace:
[ 527.266074][T11328]
[ 527.266082][T11328] dump_stack_lvl+0x16c/0x1f0
[ 527.266109][T11328] should_fail_ex+0x512/0x640
[ 527.266142][T11328] _copy_to_user+0x32/0xd0
[ 527.266173][T11328] simple_read_from_buffer+0xcb/0x170
[ 527.266204][T11328] proc_fail_nth_read+0x197/0x240
[ 527.266226][T11328] ? __pfx_proc_fail_nth_read+0x10/0x10
[ 527.266247][T11328] ? rw_verify_area+0xcf/0x6c0
[ 527.266264][T11328] ? __pfx_proc_fail_nth_read+0x10/0x10
[ 527.266284][T11328] vfs_read+0x1e4/0xcf0
[ 527.266306][T11328] ? __pfx___mutex_lock+0x10/0x10
[ 527.266331][T11328] ? __pfx_vfs_read+0x10/0x10
[ 527.266355][T11328] ? __fget_files+0x20e/0x3c0
[ 527.266387][T11328] ksys_read+0x12a/0x250
[ 527.266406][T11328] ? __pfx_ksys_read+0x10/0x10
[ 527.266432][T11328] do_syscall_64+0xcd/0xfa0
[ 527.266456][T11328] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 527.266475][T11328] RIP: 0033:0x7fdad638e0dc
[ 527.266489][T11328] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 527.266508][T11328] RSP: 002b:00007fdad7277030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 527.266526][T11328] RAX: ffffffffffffffda RBX: 00007fdad65e5fa0 RCX: 00007fdad638e0dc
[ 527.266537][T11328] RDX: 000000000000000f RSI: 00007fdad72770a0 RDI: 0000000000000004
[ 527.266548][T11328] RBP: 00007fdad7277090 R08: 0000000000000000 R09: 0000000000000000
[ 527.266559][T11328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 527.266570][T11328] R13: 00007fdad65e6038 R14: 00007fdad65e5fa0 R15: 00007ffe8f50fba8
[ 527.266593][T11328]
[ 527.457282][ C0] vkms_vblank_simulate: vblank timer overrun
[ 528.728551][T11343] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1077'.
[ 528.814891][T11353] futex_wake_op: syz.1.1085 tries to shift op by -2048; fix this program
[ 528.827160][T11342] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1077'.
[ 528.874729][T11354] 0x000000000001-0x000000020000 : ""
[ 528.943327][T11354] ftl_cs: FTL header corrupt!
[ 529.780458][T11380] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1088'.
[ 530.168834][T11246] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[ 530.263440][T11382] Process accounting resumed
[ 532.114147][T11425] FAULT_INJECTION: forcing a failure.
[ 532.114147][T11425] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 532.183068][T11425] CPU: 0 UID: 0 PID: 11425 Comm: syz.3.1098 Not tainted syzkaller #0 PREEMPT(full)
[ 532.183096][T11425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 532.183106][T11425] Call Trace:
[ 532.183113][T11425]
[ 532.183120][T11425] dump_stack_lvl+0x16c/0x1f0
[ 532.183146][T11425] should_fail_ex+0x512/0x640
[ 532.183179][T11425] should_fail_alloc_page+0xe7/0x130
[ 532.183206][T11425] prepare_alloc_pages+0x3c2/0x610
[ 532.183231][T11425] ? rcu_is_watching+0x12/0xc0
[ 532.183252][T11425] __alloc_frozen_pages_noprof+0x18b/0x2470
[ 532.183273][T11425] ? __lock_acquire+0xb8a/0x1c90
[ 532.183307][T11425] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 532.183333][T11425] ? do_raw_spin_lock+0x12c/0x2b0
[ 532.183362][T11425] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 532.183390][T11425] ? find_held_lock+0x2b/0x80
[ 532.183415][T11425] ? __lock_acquire+0xb8a/0x1c90
[ 532.183440][T11425] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 532.183472][T11425] ? policy_nodemask+0xea/0x4e0
[ 532.183499][T11425] alloc_pages_mpol+0x1fb/0x550
[ 532.183524][T11425] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 532.183555][T11425] folio_alloc_mpol_noprof+0x36/0x2f0
[ 532.183585][T11425] shmem_alloc_folio+0x135/0x160
[ 532.183612][T11425] shmem_alloc_and_add_folio+0x499/0xc20
[ 532.183648][T11425] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 532.183681][T11425] ? shmem_allowable_huge_orders+0xd4/0x3f0
[ 532.183705][T11425] shmem_get_folio_gfp+0x67f/0x1610
[ 532.183728][T11425] ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 532.183747][T11425] ? __pfx_timestamp_truncate+0x10/0x10
[ 532.183771][T11425] shmem_fault+0x1fe/0xa30
[ 532.183790][T11425] ? __pfx_shmem_fault+0x10/0x10
[ 532.183812][T11425] ? __pfx___up_read+0x10/0x10
[ 532.183838][T11425] ? inode_to_bdi+0x9e/0x160
[ 532.183863][T11425] ? __pfx_filemap_map_pages+0x10/0x10
[ 532.183880][T11425] __do_fault+0x10d/0x490
[ 532.183900][T11425] ? __pfx_filemap_map_pages+0x10/0x10
[ 532.183916][T11425] do_pte_missing+0x1a6/0x3ba0
[ 532.183945][T11425] ? find_held_lock+0x2b/0x80
[ 532.183964][T11425] ? __handle_mm_fault+0x1529/0x2aa0
[ 532.183995][T11425] __handle_mm_fault+0x1556/0x2aa0
[ 532.184030][T11425] ? __pfx___handle_mm_fault+0x10/0x10
[ 532.184059][T11425] ? __pte_offset_map_lock+0x174/0x310
[ 532.184082][T11425] ? find_held_lock+0x2b/0x80
[ 532.184106][T11425] ? follow_page_pte+0x5cf/0x1390
[ 532.184135][T11425] handle_mm_fault+0x589/0xd10
[ 532.184167][T11425] __get_user_pages+0x54e/0x3530
[ 532.184198][T11425] ? down_read_killable+0x220/0x4b0
[ 532.184226][T11425] ? __pfx___get_user_pages+0x10/0x10
[ 532.184256][T11425] faultin_page_range+0x338/0x940
[ 532.184295][T11425] madvise_do_behavior+0x34c/0x530
[ 532.184333][T11425] ? __pfx_madvise_do_behavior+0x10/0x10
[ 532.184362][T11425] ? down_read+0x13d/0x480
[ 532.184389][T11425] ? rcu_is_watching+0x12/0xc0
[ 532.184416][T11425] do_madvise+0x176/0x240
[ 532.184442][T11425] ? __pfx_do_madvise+0x10/0x10
[ 532.184467][T11425] ? do_futex+0x122/0x350
[ 532.184497][T11425] ? __pfx___might_resched+0x10/0x10
[ 532.184526][T11425] ? xfd_validate_state+0x61/0x180
[ 532.184551][T11425] ? __pfx_do_writev+0x10/0x10
[ 532.184573][T11425] __x64_sys_madvise+0xa9/0x110
[ 532.184599][T11425] ? lockdep_hardirqs_on+0x7c/0x110
[ 532.184627][T11425] do_syscall_64+0xcd/0xfa0
[ 532.184650][T11425] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 532.184669][T11425] RIP: 0033:0x7f0ba998f6c9
[ 532.184690][T11425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 532.184708][T11425] RSP: 002b:00007f0baa7ea038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[ 532.184725][T11425] RAX: ffffffffffffffda RBX: 00007f0ba9be6090 RCX: 00007f0ba998f6c9
[ 532.184737][T11425] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000
[ 532.184748][T11425] RBP: 00007f0ba9a11f91 R08: 0000000000000000 R09: 0000000000000000
[ 532.184759][T11425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 532.184770][T11425] R13: 00007f0ba9be6128 R14: 00007f0ba9be6090 R15: 00007ffcab9b7b48
[ 532.184794][T11425]
[ 533.133888][T11246] Bluetooth: hci0: command 0x0c1a tx timeout
[ 533.217062][T11434] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1100'.
[ 533.756331][T11450] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1102'.
[ 533.851588][T11450] FAULT_INJECTION: forcing a failure.
[ 533.851588][T11450] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 533.968383][T11450] CPU: 0 UID: 0 PID: 11450 Comm: syz.1.1102 Not tainted syzkaller #0 PREEMPT(full)
[ 533.968410][T11450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 533.968421][T11450] Call Trace:
[ 533.968427][T11450]
[ 533.968434][T11450] dump_stack_lvl+0x16c/0x1f0
[ 533.968461][T11450] should_fail_ex+0x512/0x640
[ 533.968492][T11450] _copy_from_user+0x2e/0xd0
[ 533.968523][T11450] copy_msghdr_from_user+0x98/0x160
[ 533.968542][T11450] ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 533.968566][T11450] ? kfree+0x252/0x6d0
[ 533.968593][T11450] ? __pfx__kstrtoull+0x10/0x10
[ 533.968619][T11450] ___sys_sendmsg+0xfe/0x1d0
[ 533.968638][T11450] ? __pfx____sys_sendmsg+0x10/0x10
[ 533.968675][T11450] ? __pfx___might_resched+0x10/0x10
[ 533.968699][T11450] __sys_sendmmsg+0x200/0x420
[ 533.968720][T11450] ? __pfx___sys_sendmmsg+0x10/0x10
[ 533.968745][T11450] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 533.968778][T11450] ? fput+0x9b/0xd0
[ 533.968802][T11450] ? ksys_write+0x1ac/0x250
[ 533.968822][T11450] ? __pfx_ksys_write+0x10/0x10
[ 533.968845][T11450] __x64_sys_sendmmsg+0x9c/0x100
[ 533.968863][T11450] ? lockdep_hardirqs_on+0x7c/0x110
[ 533.968885][T11450] do_syscall_64+0xcd/0xfa0
[ 533.968908][T11450] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 533.968926][T11450] RIP: 0033:0x7f405858f6c9
[ 533.968941][T11450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 533.968959][T11450] RSP: 002b:00007f4059346038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 533.968977][T11450] RAX: ffffffffffffffda RBX: 00007f40587e5fa0 RCX: 00007f405858f6c9
[ 533.968989][T11450] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[ 533.969000][T11450] RBP: 00007f4059346090 R08: 0000000000000000 R09: 0000000000000000
[ 533.969011][T11450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 533.969021][T11450] R13: 00007f40587e6038 R14: 00007f40587e5fa0 R15: 00007ffc6a280e98
[ 533.969044][T11450]
[ 534.718593][T11458] FAULT_INJECTION: forcing a failure.
[ 534.718593][T11458] name failslab, interval 1, probability 0, space 0, times 0
[ 534.754798][T11458] CPU: 0 UID: 0 PID: 11458 Comm: syz.0.1105 Not tainted syzkaller #0 PREEMPT(full)
[ 534.754829][T11458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 534.754840][T11458] Call Trace:
[ 534.754847][T11458]
[ 534.754854][T11458] dump_stack_lvl+0x16c/0x1f0
[ 534.754881][T11458] should_fail_ex+0x512/0x640
[ 534.754908][T11458] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0
[ 534.754943][T11458] should_failslab+0xc2/0x120
[ 534.754969][T11458] __kmalloc_node_track_caller_noprof+0xde/0x8a0
[ 534.754999][T11458] ? kstrdup_const+0x63/0x80
[ 534.755022][T11458] ? kstrdup+0x53/0x100
[ 534.755038][T11458] kstrdup+0x53/0x100
[ 534.755058][T11458] kstrdup_const+0x63/0x80
[ 534.755076][T11458] alloc_vfsmnt+0xea/0x6b0
[ 534.755109][T11458] clone_mnt+0x4b/0x930
[ 534.755142][T11458] copy_tree+0x31d/0xbd0
[ 534.755168][T11458] copy_mnt_ns+0x1a9/0xac0
[ 534.755188][T11458] ? rcu_is_watching+0x12/0xc0
[ 534.755215][T11458] create_new_namespaces+0xd3/0xa90
[ 534.755236][T11458] ? bpf_lsm_capable+0x9/0x10
[ 534.755260][T11458] ? security_capable+0x7e/0x260
[ 534.755289][T11458] copy_namespaces+0x468/0x560
[ 534.755310][T11458] copy_process+0x2828/0x76a0
[ 534.755351][T11458] ? __pfx_copy_process+0x10/0x10
[ 534.755379][T11458] ? _copy_from_user+0x59/0xd0
[ 534.755411][T11458] kernel_clone+0xfc/0x930
[ 534.755435][T11458] ? __pfx_kernel_clone+0x10/0x10
[ 534.755455][T11458] ? futex_private_hash_put+0xd5/0x190
[ 534.755496][T11458] ? __pfx_futex_wake+0x10/0x10
[ 534.755529][T11458] __do_sys_clone3+0x212/0x290
[ 534.755552][T11458] ? __pfx___do_sys_clone3+0x10/0x10
[ 534.755586][T11458] ? find_held_lock+0x2b/0x80
[ 534.755624][T11458] do_syscall_64+0xcd/0xfa0
[ 534.755648][T11458] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 534.755667][T11458] RIP: 0033:0x7fd426b8f6c9
[ 534.755683][T11458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 534.755700][T11458] RSP: 002b:00007fd427aeff08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 534.755718][T11458] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fd426b8f6c9
[ 534.755730][T11458] RDX: 00007fd427aeff20 RSI: 0000000000000058 RDI: 00007fd427aeff20
[ 534.755740][T11458] RBP: 00007fd426c11f91 R08: 0000000000000000 R09: 0000000000000058
[ 534.755751][T11458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 534.755761][T11458] R13: 00007fd426de6128 R14: 00007fd426de6090 R15: 00007fff57b311b8
[ 534.755785][T11458]
[ 539.438301][T11530] Unable to find swap-space signature
[ 539.478857][T11527] Invalid ELF header magic: != ELF
[ 539.508302][T11530] futex_wake_op: syz.2.1119 tries to shift op by -2048; fix this program
[ 539.598325][T11533] zswap: compressor 5hHX^rRO��תWCn#ТڪeBH�V�Q.VdlM_� not available
[ 539.713611][T11533] i2c i2c-0: new_device: Missing parameters
[ 539.873462][T11533] i2c i2c-0: new_device: Missing parameters
[ 541.114720][T11548] FAULT_INJECTION: forcing a failure.
[ 541.114720][T11548] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 541.440162][T11548] CPU: 0 UID: 0 PID: 11548 Comm: syz.1.1122 Not tainted syzkaller #0 PREEMPT(full)
[ 541.440189][T11548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 541.440200][T11548] Call Trace:
[ 541.440206][T11548]
[ 541.440213][T11548] dump_stack_lvl+0x16c/0x1f0
[ 541.440253][T11548] should_fail_ex+0x512/0x640
[ 541.440285][T11548] _copy_from_user+0x2e/0xd0
[ 541.440315][T11548] copy_msghdr_from_user+0x98/0x160
[ 541.440334][T11548] ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 541.440356][T11548] ? kfree+0x252/0x6d0
[ 541.440384][T11548] ? __lock_acquire+0x622/0x1c90
[ 541.440413][T11548] ___sys_recvmsg+0xdb/0x1a0
[ 541.440431][T11548] ? __pfx____sys_recvmsg+0x10/0x10
[ 541.440460][T11548] ? __pfx___might_resched+0x10/0x10
[ 541.440484][T11548] do_recvmmsg+0x2fe/0x750
[ 541.440505][T11548] ? __pfx_do_recvmmsg+0x10/0x10
[ 541.440527][T11548] ? __mutex_unlock_slowpath+0x161/0x7b0
[ 541.440558][T11548] ? __fget_files+0x20e/0x3c0
[ 541.440582][T11548] __x64_sys_recvmmsg+0x22a/0x280
[ 541.440602][T11548] ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 541.440628][T11548] do_syscall_64+0xcd/0xfa0
[ 541.440651][T11548] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 541.440670][T11548] RIP: 0033:0x7f405858f6c9
[ 541.440684][T11548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 541.440703][T11548] RSP: 002b:00007f4059346038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 541.440720][T11548] RAX: ffffffffffffffda RBX: 00007f40587e5fa0 RCX: 00007f405858f6c9
[ 541.440732][T11548] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[ 541.440743][T11548] RBP: 00007f4059346090 R08: 0000000000000000 R09: 0000000000000000
[ 541.440754][T11548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 541.440764][T11548] R13: 00007f40587e6038 R14: 00007f40587e5fa0 R15: 00007ffc6a280e98
[ 541.440787][T11548]
[ 542.589346][T11555] Invalid ELF header magic: != ELF
[ 545.231752][T11614] program syz.1.1130 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 547.780009][T11658] bond0: option all_slaves_active: invalid value (�)
[ 549.576170][T11678] capability: warning: `syz.1.1140' uses 32-bit capabilities (legacy support in use)
[ 551.650804][T11696] bond0: option slaves: interface - does not exist!
[ 552.016676][T11711] FAULT_INJECTION: forcing a failure.
[ 552.016676][T11711] name failslab, interval 1, probability 0, space 0, times 0
[ 552.074096][T11711] CPU: 0 UID: 0 PID: 11711 Comm: syz.2.1148 Not tainted syzkaller #0 PREEMPT(full)
[ 552.074122][T11711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 552.074133][T11711] Call Trace:
[ 552.074139][T11711]
[ 552.074147][T11711] dump_stack_lvl+0x16c/0x1f0
[ 552.074175][T11711] should_fail_ex+0x512/0x640
[ 552.074202][T11711] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[ 552.074224][T11711] should_failslab+0xc2/0x120
[ 552.074250][T11711] kmem_cache_alloc_lru_noprof+0x79/0x6e0
[ 552.074269][T11711] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 552.074290][T11711] ? sock_alloc_inode+0x25/0x1c0
[ 552.074315][T11711] ? __pfx_sock_alloc_inode+0x10/0x10
[ 552.074334][T11711] ? sock_alloc_inode+0x25/0x1c0
[ 552.074354][T11711] sock_alloc_inode+0x25/0x1c0
[ 552.074375][T11711] alloc_inode+0x64/0x240
[ 552.074400][T11711] sock_alloc+0x40/0x280
[ 552.074420][T11711] __sock_create+0xc1/0x8d0
[ 552.074447][T11711] smc_create_clcsk+0x37/0xd0
[ 552.074465][T11711] ? __pfx_smc_inet_init_sock+0x10/0x10
[ 552.074491][T11711] inet6_create+0xb30/0x12b0
[ 552.074514][T11711] ? inet6_create+0x7f/0x12b0
[ 552.074537][T11711] __sock_create+0x338/0x8d0
[ 552.074564][T11711] __sys_socket+0x14d/0x260
[ 552.074589][T11711] ? __pfx___sys_socket+0x10/0x10
[ 552.074613][T11711] ? xfd_validate_state+0x61/0x180
[ 552.074638][T11711] ? __pfx_ksys_write+0x10/0x10
[ 552.074662][T11711] __x64_sys_socket+0x72/0xb0
[ 552.074685][T11711] ? lockdep_hardirqs_on+0x7c/0x110
[ 552.074706][T11711] do_syscall_64+0xcd/0xfa0
[ 552.074729][T11711] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 552.074747][T11711] RIP: 0033:0x7fdad638f6c9
[ 552.074762][T11711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 552.074780][T11711] RSP: 002b:00007fdad7277038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 552.074798][T11711] RAX: ffffffffffffffda RBX: 00007fdad65e5fa0 RCX: 00007fdad638f6c9
[ 552.074810][T11711] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 000000000000000a
[ 552.074821][T11711] RBP: 00007fdad6411f91 R08: 0000000000000000 R09: 0000000000000000
[ 552.074835][T11711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 552.074849][T11711] R13: 00007fdad65e6038 R14: 00007fdad65e5fa0 R15: 00007ffe8f50fba8
[ 552.074872][T11711]
[ 552.074882][T11711] socket: no more sockets
[ 553.355365][T11416] syz.1.1095 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 553.630176][T11731] FAULT_INJECTION: forcing a failure.
[ 553.630176][T11731] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 553.668334][T11733] random: crng reseeded on system resumption
[ 553.692921][T11731] CPU: 0 UID: 0 PID: 11731 Comm: syz.2.1153 Not tainted syzkaller #0 PREEMPT(full)
[ 553.692947][T11731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 553.692957][T11731] Call Trace:
[ 553.692963][T11731]
[ 553.692970][T11731] dump_stack_lvl+0x16c/0x1f0
[ 553.692996][T11731] should_fail_ex+0x512/0x640
[ 553.693027][T11731] _copy_to_user+0x32/0xd0
[ 553.693058][T11731] do_sys_name_to_handle+0x574/0x830
[ 553.693089][T11731] ? __pfx_do_sys_name_to_handle+0x10/0x10
[ 553.693112][T11731] ? putname+0x154/0x1a0
[ 553.693134][T11731] ? putname+0x154/0x1a0
[ 553.693159][T11731] __x64_sys_name_to_handle_at+0x2af/0x310
[ 553.693181][T11731] ? __pfx___x64_sys_name_to_handle_at+0x10/0x10
[ 553.693207][T11731] do_syscall_64+0xcd/0xfa0
[ 553.693231][T11731] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 553.693250][T11731] RIP: 0033:0x7fdad638f6c9
[ 553.693264][T11731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 553.693282][T11731] RSP: 002b:00007fdad7277038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[ 553.693300][T11731] RAX: ffffffffffffffda RBX: 00007fdad65e5fa0 RCX: 00007fdad638f6c9
[ 553.693312][T11731] RDX: 0000200000000400 RSI: 00002000000003c0 RDI: ffffffffffffffff
[ 553.693323][T11731] RBP: 00007fdad7277090 R08: 0000000000000200 R09: 0000000000000000
[ 553.693334][T11731] R10: 0000200000000480 R11: 0000000000000246 R12: 0000000000000002
[ 553.693344][T11731] R13: 00007fdad65e6038 R14: 00007fdad65e5fa0 R15: 00007ffe8f50fba8
[ 553.693367][T11731]
[ 553.896192][T11416] CPU: 0 UID: 0 PID: 11416 Comm: syz.1.1095 Not tainted syzkaller #0 PREEMPT(full)
[ 553.896222][T11416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 553.896235][T11416] Call Trace:
[ 553.896242][T11416]
[ 553.896249][T11416] dump_stack_lvl+0x16c/0x1f0
[ 553.896284][T11416] dump_header+0x101/0x930
[ 553.896319][T11416] oom_kill_process+0x272/0xa40
[ 553.896340][T11416] out_of_memory+0x350/0x1700
[ 553.896363][T11416] ? __pfx_out_of_memory+0x10/0x10
[ 553.896388][T11416] mem_cgroup_out_of_memory+0x118/0x130
[ 553.896424][T11416] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 553.896464][T11416] ? do_raw_spin_unlock+0x172/0x230
[ 553.896499][T11416] try_charge_memcg+0x695/0xd30
[ 553.896527][T11416] ? __pfx_try_charge_memcg+0x10/0x10
[ 553.896551][T11416] ? __print_lock_name+0xb1/0xe0
[ 553.896571][T11416] ? rcu_read_unlock+0x17/0x60
[ 553.896601][T11416] charge_memcg+0x8a/0x230
[ 553.896624][T11416] __mem_cgroup_charge+0x2b/0x1e0
[ 553.896652][T11416] shmem_alloc_and_add_folio+0x514/0xc20
[ 553.896689][T11416] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 553.896722][T11416] ? shmem_allowable_huge_orders+0xd4/0x3f0
[ 553.896747][T11416] shmem_get_folio_gfp+0x67f/0x1610
[ 553.896768][T11416] ? __lock_acquire+0xb8a/0x1c90
[ 553.896794][T11416] ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 553.896820][T11416] shmem_write_begin+0x160/0x300
[ 553.896841][T11416] ? __pfx_shmem_write_begin+0x10/0x10
[ 553.896858][T11416] ? timestamp_truncate+0x21e/0x2d0
[ 553.896888][T11416] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[ 553.896918][T11416] generic_perform_write+0x3c4/0x900
[ 553.896954][T11416] ? __pfx_generic_perform_write+0x10/0x10
[ 553.896996][T11416] ? inode_needs_update_time.part.0+0x191/0x270
[ 553.897023][T11416] ? __pfx_shmem_file_write_iter+0x10/0x10
[ 553.897045][T11416] shmem_file_write_iter+0x10e/0x140
[ 553.897070][T11416] __kernel_write_iter+0x31a/0xb10
[ 553.897094][T11416] ? __pfx___kernel_write_iter+0x10/0x10
[ 553.897114][T11416] ? __up_read+0x1f8/0x750
[ 553.897145][T11416] ? dump_user_range+0x756/0xb70
[ 553.897168][T11416] dump_user_range+0x413/0xb70
[ 553.897191][T11416] ? __pfx_dump_user_range+0x10/0x10
[ 553.897210][T11416] ? elf_coredump_extra_notes_write+0xbd/0x4f0
[ 553.897245][T11416] ? __pfx_writenote+0x10/0x10
[ 553.897270][T11416] elf_core_dump+0x29c3/0x3c00
[ 553.897302][T11416] ? __pfx_elf_core_dump+0x10/0x10
[ 553.897320][T11416] ? kasan_save_stack+0x33/0x60
[ 553.897340][T11416] ? kasan_save_track+0x14/0x30
[ 553.897360][T11416] ? __kasan_kmalloc+0xaa/0xb0
[ 553.897379][T11416] ? __kvmalloc_node_noprof+0x3a3/0x9c0
[ 553.897400][T11416] ? vfs_coredump+0x1ddc/0x5670
[ 553.897416][T11416] ? arch_do_signal_or_restart+0x8f/0x790
[ 553.897438][T11416] ? irqentry_exit_to_user_mode+0x176/0x310
[ 553.897460][T11416] ? asm_exc_page_fault+0x26/0x30
[ 553.897484][T11416] ? 0xffffffffff600000
[ 553.897535][T11416] ? vfs_coredump+0x2b9f/0x5670
[ 553.897550][T11416] vfs_coredump+0x2b9f/0x5670
[ 553.897576][T11416] ? __pfx_vfs_coredump+0x10/0x10
[ 553.897595][T11416] ? __lock_acquire+0x622/0x1c90
[ 553.897629][T11416] ? lock_acquire+0x179/0x350
[ 553.897664][T11416] ? is_bpf_text_address+0x8a/0x1a0
[ 553.897691][T11416] ? bpf_ksym_find+0x124/0x1c0
[ 553.897717][T11416] ? unwind_get_return_address+0x59/0xa0
[ 553.897738][T11416] ? arch_stack_walk+0xa6/0x100
[ 553.897765][T11416] ? stack_trace_save+0x8e/0xc0
[ 553.897787][T11416] ? __pfx_stack_trace_save+0x10/0x10
[ 553.897808][T11416] ? stack_depot_save_flags+0x29/0x9c0
[ 553.897839][T11416] ? __lock_acquire+0xb8a/0x1c90
[ 553.897903][T11416] ? proc_coredump_connector+0x2d1/0x4f0
[ 553.897923][T11416] ? __pfx_proc_coredump_connector+0x10/0x10
[ 553.897948][T11416] ? rcu_is_watching+0x12/0xc0
[ 553.897971][T11416] get_signal+0x22e1/0x26d0
[ 553.898007][T11416] ? __pfx_get_signal+0x10/0x10
[ 553.898029][T11416] ? rcu_is_watching+0x12/0xc0
[ 553.898053][T11416] arch_do_signal_or_restart+0x8f/0x790
[ 553.898076][T11416] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 553.898114][T11416] irqentry_exit_to_user_mode+0x176/0x310
[ 553.898139][T11416] asm_exc_page_fault+0x26/0x30
[ 553.898156][T11416] RIP: 0033:0x3c5d1
[ 553.898170][T11416] Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <00> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 553.898188][T11416] RSP: 002b:000000000000000a EFLAGS: 00010206
[ 553.898203][T11416] RAX: 0000000000000000 RBX: 00007f40587e5fa0 RCX: 00007f405858f6c9
[ 553.898215][T11416] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46
[ 553.898225][T11416] RBP: 00007f4058611f91 R08: 0000000000000002 R09: 0000000000000000
[ 553.898236][T11416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 553.898246][T11416] R13: 00007f40587e6038 R14: 00007f40587e5fa0 R15: 00007ffc6a280e98
[ 553.898271][T11416]
[ 553.898277][T11416] memory: usage 307200kB, limit 307200kB, failcnt 48436
[ 555.248415][T11692] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078037550 pfn:0x78037
[ 555.337732][T11416] memory+swap: usage 307052kB, limit 9007199254740988kB, failcnt 0
[ 555.349791][T11692] memcg:ffff88813ff37202
[ 555.354057][T11692] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 555.369708][T11416] kmem: usage 4552kB, limit 9007199254740988kB, failcnt 0
[ 555.413860][T11416] Memory cgroup stats for /syz1:
[ 555.414205][T11416] cache 308830208
[ 555.444916][T11416] rss 720896
[ 555.444981][T11416] rss_huge 0
[ 555.444996][T11416] shmem 298770432
[ 555.445004][T11416] mapped_file 117833728
[ 555.445012][T11416] dirty 61440
[ 555.445019][T11416] writeback 0
[ 555.445026][T11416] workingset_refault_anon 683
[ 555.445034][T11416] workingset_refault_file 602
[ 555.445041][T11416] swap 118784
[ 555.445049][T11416] swapcached 69632
[ 555.445056][T11416] pgpgin 892941
[ 555.445063][T11416] pgpgout 817861
[ 555.445071][T11416] pgfault 473108
[ 555.445078][T11416] pgmajfault 331
[ 555.445085][T11416] inactive_anon 20480
[ 555.445092][T11416] active_anon 299540480
[ 555.445100][T11416] inactive_file 208896
[ 555.445107][T11416] active_file 9850880
[ 555.445115][T11416] unevictable 0
[ 555.445122][T11416] hierarchical_memory_limit 314572800
[ 555.445131][T11416] hierarchical_memsw_limit 9223372036854771712
[ 555.445140][T11416] total_cache 308830208
[ 555.445147][T11416] total_rss 720896
[ 555.445155][T11416] total_rss_huge 0
[ 555.445162][T11416] total_shmem 298770432
[ 555.445170][T11416] total_mapped_file 117833728
[ 555.445177][T11416] total_dirty 61440
[ 555.445185][T11416] total_writeback 0
[ 555.445192][T11416] total_workingset_refault_anon 683
[ 555.445200][T11416] total_workingset_refault_file 602
[ 555.445208][T11416] total_swap 118784
[ 555.445216][T11416] total_swapcached 69632
[ 555.445223][T11416] total_pgpgin 892941
[ 555.445238][T11416] total_pgpgout 817861
[ 555.445245][T11416] total_pgfault 473108
[ 555.445253][T11416] total_pgmajfault 331
[ 555.445260][T11416] total_inactive_anon 20480
[ 555.445268][T11416] total_active_anon 299540480
[ 555.445276][T11416] total_inactive_file 208896
[ 555.445284][T11416] total_active_file 9850880
[ 555.445292][T11416] total_unevictable 0
[ 555.445299][T11416] anon_cost 0
[ 555.445306][T11416] file_cost 0
[ 555.445315][T11416] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.1095,pid=11416,uid=0
[ 555.445575][T11416] Memory cgroup out of memory: Killed process 11416 (syz.1.1095) total-vm:167820kB, anon-rss:1332kB, file-rss:32996kB, shmem-rss:65664kB, UID:0 pgtables:288kB oom_score_adj:1000
[ 555.450417][T11692] page_type: f2(table)
[ 555.450480][T11692] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[ 555.450499][T11692] raw: ffff888078037550 ffff8880774f3600 00000001f2000000 ffff88813ff37202
[ 555.450510][T11692] page dumped because: unmovable page
[ 555.450520][T11692] page_owner tracks the page as allocated
[ 555.450528][T11692] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), pid 11416, tgid 11416 (syz.1.1095), ts 540960960540, free_ts 540928171738
[ 555.450561][T11692] post_alloc_hook+0x1c0/0x230
[ 555.450592][T11692] get_page_from_freelist+0x10a3/0x3a30
[ 555.450610][T11692] __alloc_frozen_pages_noprof+0x25f/0x2470
[ 555.450628][T11692] alloc_pages_mpol+0x1fb/0x550
[ 555.450652][T11692] alloc_pages_noprof+0x131/0x390
[ 555.450677][T11692] pte_alloc_one+0x1e/0x350
[ 555.450696][T11692] do_pte_missing+0x1acf/0x3ba0
[ 555.450723][T11692] __handle_mm_fault+0x1556/0x2aa0
[ 555.450751][T11692] handle_mm_fault+0x589/0xd10
[ 555.450778][T11692] __get_user_pages+0x54e/0x3530
[ 555.450802][T11692] get_dump_page+0x257/0x3d0
[ 555.450827][T11692] dump_user_range+0x195/0xb70
[ 555.450843][T11692] elf_core_dump+0x29c3/0x3c00
[ 555.450862][T11692] vfs_coredump+0x2b9f/0x5670
[ 555.450877][T11692] get_signal+0x22e1/0x26d0
[ 555.450897][T11692] arch_do_signal_or_restart+0x8f/0x790
[ 555.450920][T11692] page last free pid 15 tgid 15 stack trace:
[ 555.450930][T11692] __free_frozen_pages+0x7df/0x1160
[ 555.450956][T11692] tlb_remove_table_rcu+0x121/0x320
[ 555.450983][T11692] rcu_core+0x79c/0x1530
[ 555.451008][T11692] handle_softirqs+0x219/0x8e0
[ 555.451028][T11692] run_ksoftirqd+0x3a/0x60
[ 555.451047][T11692] smpboot_thread_fn+0x3f7/0xae0
[ 555.451068][T11692] kthread+0x3c5/0x780
[ 555.451093][T11692] ret_from_fork+0x675/0x7d0
[ 555.451121][T11692] ret_from_fork_asm+0x1a/0x30
[ 555.452399][T11733] Restarting kernel threads ...
[ 555.452793][T11733] Done restarting kernel threads.
[ 556.754477][T11759] netlink: 146 bytes leftover after parsing attributes in process `syz.3.1159'.
[ 556.937113][T11757] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1158'.
[ 556.937885][T11757] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1158'.
[ 557.188436][T11764] FAULT_INJECTION: forcing a failure.
[ 557.188436][T11764] name failslab, interval 1, probability 0, space 0, times 0
[ 557.188467][T11764] CPU: 0 UID: 0 PID: 11764 Comm: syz.3.1160 Not tainted syzkaller #0 PREEMPT(full)
[ 557.188488][T11764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 557.188498][T11764] Call Trace:
[ 557.188503][T11764]
[ 557.188510][T11764] dump_stack_lvl+0x16c/0x1f0
[ 557.188536][T11764] should_fail_ex+0x512/0x640
[ 557.188564][T11764] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[ 557.188587][T11764] should_failslab+0xc2/0x120
[ 557.188613][T11764] kmem_cache_alloc_lru_noprof+0x79/0x6e0
[ 557.188632][T11764] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 557.188653][T11764] ? sock_alloc_inode+0x25/0x1c0
[ 557.188678][T11764] ? __pfx_sock_alloc_inode+0x10/0x10
[ 557.188697][T11764] ? sock_alloc_inode+0x25/0x1c0
[ 557.188717][T11764] sock_alloc_inode+0x25/0x1c0
[ 557.188738][T11764] alloc_inode+0x64/0x240
[ 557.188762][T11764] sock_alloc+0x40/0x280
[ 557.188781][T11764] __sock_create+0xc1/0x8d0
[ 557.188808][T11764] smc_create_clcsk+0x37/0xd0
[ 557.188826][T11764] ? __pfx_smc_inet_init_sock+0x10/0x10
[ 557.188853][T11764] inet6_create+0xb30/0x12b0
[ 557.188877][T11764] ? inet6_create+0x7f/0x12b0
[ 557.188900][T11764] __sock_create+0x338/0x8d0
[ 557.188927][T11764] __sys_socket+0x14d/0x260
[ 557.188951][T11764] ? __pfx___sys_socket+0x10/0x10
[ 557.188983][T11764] ? xfd_validate_state+0x61/0x180
[ 557.189008][T11764] ? __pfx_ksys_write+0x10/0x10
[ 557.189032][T11764] __x64_sys_socket+0x72/0xb0
[ 557.189056][T11764] ? lockdep_hardirqs_on+0x7c/0x110
[ 557.189078][T11764] do_syscall_64+0xcd/0xfa0
[ 557.189101][T11764] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 557.189120][T11764] RIP: 0033:0x7f0ba998f6c9
[ 557.189135][T11764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 557.189153][T11764] RSP: 002b:00007f0baa80b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 557.189171][T11764] RAX: ffffffffffffffda RBX: 00007f0ba9be5fa0 RCX: 00007f0ba998f6c9
[ 557.189182][T11764] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 000000000000000a
[ 557.189192][T11764] RBP: 00007f0ba9a11f91 R08: 0000000000000000 R09: 0000000000000000
[ 557.189202][T11764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 557.189212][T11764] R13: 00007f0ba9be6038 R14: 00007f0ba9be5fa0 R15: 00007ffcab9b7b48
[ 557.189234][T11764]
[ 557.189243][T11764] socket: no more sockets
[ 559.301345][ C0] vkms_vblank_simulate: vblank timer overrun
[ 561.598580][T11809] random: crng reseeded on system resumption
[ 562.682974][T11775] Process accounting paused
[ 563.032975][T11807] random: crng reseeded on system resumption
[ 563.084327][T11807] FAULT_INJECTION: forcing a failure.
[ 563.084327][T11807] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 563.313630][T11807] CPU: 0 UID: 0 PID: 11807 Comm: syz.1.1167 Not tainted syzkaller #0 PREEMPT(full)
[ 563.313658][T11807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 563.313668][T11807] Call Trace:
[ 563.313675][T11807]
[ 563.313682][T11807] dump_stack_lvl+0x16c/0x1f0
[ 563.313709][T11807] should_fail_ex+0x512/0x640
[ 563.313741][T11807] should_fail_alloc_page+0xe7/0x130
[ 563.313774][T11807] prepare_alloc_pages+0x3c2/0x610
[ 563.313799][T11807] ? rcu_is_watching+0x12/0xc0
[ 563.313822][T11807] __alloc_frozen_pages_noprof+0x18b/0x2470
[ 563.313849][T11807] ? stack_trace_save+0x8e/0xc0
[ 563.313871][T11807] ? __pfx_stack_trace_save+0x10/0x10
[ 563.313893][T11807] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 563.313915][T11807] ? kasan_save_stack+0x42/0x60
[ 563.313944][T11807] ? kasan_save_stack+0x33/0x60
[ 563.313968][T11807] ? do_dentry_open+0x982/0x1530
[ 563.313987][T11807] ? vfs_open+0x82/0x3f0
[ 563.314010][T11807] ? path_openat+0x1de4/0x2cb0
[ 563.314027][T11807] ? do_filp_open+0x20b/0x470
[ 563.314045][T11807] ? do_sys_openat2+0x11b/0x1d0
[ 563.314069][T11807] ? __x64_sys_openat+0x174/0x210
[ 563.314095][T11807] ? do_syscall_64+0xcd/0xfa0
[ 563.314115][T11807] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 563.314135][T11807] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 563.314164][T11807] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 563.314195][T11807] ? policy_nodemask+0xea/0x4e0
[ 563.314221][T11807] alloc_pages_mpol+0x1fb/0x550
[ 563.314247][T11807] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 563.314278][T11807] alloc_pages_noprof+0x131/0x390
[ 563.314304][T11807] get_zeroed_page_noprof+0x18/0xb0
[ 563.314328][T11807] get_image_page+0x18/0x190
[ 563.314347][T11807] alloc_rtree_node+0x3c/0xb0
[ 563.314366][T11807] memory_bm_create+0x519/0x810
[ 563.314393][T11807] create_basic_memory_bitmaps+0xbd/0x320
[ 563.314418][T11807] snapshot_open+0x235/0x2b0
[ 563.314440][T11807] ? __pfx_snapshot_open+0x10/0x10
[ 563.314463][T11807] misc_open+0x26d/0x450
[ 563.314491][T11807] ? __pfx_misc_open+0x10/0x10
[ 563.314518][T11807] chrdev_open+0x234/0x6a0
[ 563.314539][T11807] ? __pfx_apparmor_file_open+0x10/0x10
[ 563.314566][T11807] ? __pfx_chrdev_open+0x10/0x10
[ 563.314589][T11807] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 563.314614][T11807] do_dentry_open+0x982/0x1530
[ 563.314635][T11807] ? __pfx_chrdev_open+0x10/0x10
[ 563.314662][T11807] vfs_open+0x82/0x3f0
[ 563.314690][T11807] path_openat+0x1de4/0x2cb0
[ 563.314717][T11807] ? __pfx_path_openat+0x10/0x10
[ 563.314739][T11807] ? __lock_acquire+0xb8a/0x1c90
[ 563.314766][T11807] do_filp_open+0x20b/0x470
[ 563.314786][T11807] ? __pfx_do_filp_open+0x10/0x10
[ 563.314823][T11807] ? alloc_fd+0x471/0x7d0
[ 563.314847][T11807] do_sys_openat2+0x11b/0x1d0
[ 563.314873][T11807] ? __pfx_do_sys_openat2+0x10/0x10
[ 563.314909][T11807] __x64_sys_openat+0x174/0x210
[ 563.314944][T11807] ? __pfx___x64_sys_openat+0x10/0x10
[ 563.314982][T11807] do_syscall_64+0xcd/0xfa0
[ 563.315004][T11807] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 563.315022][T11807] RIP: 0033:0x7f405858f6c9
[ 563.315038][T11807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 563.315057][T11807] RSP: 002b:00007f4059346038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 563.315076][T11807] RAX: ffffffffffffffda RBX: 00007f40587e5fa0 RCX: 00007f405858f6c9
[ 563.315088][T11807] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 563.315099][T11807] RBP: 00007f4058611f91 R08: 0000000000000000 R09: 0000000000000000
[ 563.315110][T11807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 563.315121][T11807] R13: 00007f40587e6038 R14: 00007f40587e5fa0 R15: 00007ffc6a280e98
[ 563.315145][T11807]
[ 564.696561][T11246] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[ 565.646095][T11847] netlink: zone id is out of range
[ 565.710070][T11844] netlink: set zone limit has 8 unknown bytes
[ 565.755976][T11847] netlink: del zone limit has 4 unknown bytes
[ 568.359880][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 568.367609][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 568.803898][T11888] input: j�J�Ǹ-9%vlQ J86� as /devices/virtual/input/input22
[ 569.090759][T11892] FAULT_INJECTION: forcing a failure.
[ 569.090759][T11892] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 569.146021][T11892] CPU: 0 UID: 0 PID: 11892 Comm: syz.2.1186 Not tainted syzkaller #0 PREEMPT(full)
[ 569.146050][T11892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 569.146061][T11892] Call Trace:
[ 569.146068][T11892]
[ 569.146076][T11892] dump_stack_lvl+0x16c/0x1f0
[ 569.146106][T11892] should_fail_ex+0x512/0x640
[ 569.146139][T11892] should_fail_alloc_page+0xe7/0x130
[ 569.146166][T11892] prepare_alloc_pages+0x3c2/0x610
[ 569.146191][T11892] ? __lock_acquire+0x622/0x1c90
[ 569.146219][T11892] __alloc_frozen_pages_noprof+0x18b/0x2470
[ 569.146247][T11892] ? find_held_lock+0x2b/0x80
[ 569.146266][T11892] ? is_bpf_text_address+0x8a/0x1a0
[ 569.146294][T11892] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 569.146313][T11892] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 569.146336][T11892] ? is_bpf_text_address+0x94/0x1a0
[ 569.146363][T11892] ? kernel_text_address+0x8d/0x100
[ 569.146392][T11892] ? mark_held_locks+0x49/0x80
[ 569.146417][T11892] ? arch_stack_walk+0xa6/0x100
[ 569.146442][T11892] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 569.146475][T11892] ? policy_nodemask+0xea/0x4e0
[ 569.146501][T11892] alloc_pages_mpol+0x1fb/0x550
[ 569.146527][T11892] ? __pfx_alloc_pages_mpol+0x10/0x10
[ 569.146554][T11892] ? __lock_acquire+0x622/0x1c90
[ 569.146581][T11892] alloc_pages_noprof+0x131/0x390
[ 569.146607][T11892] pte_alloc_one+0x1e/0x350
[ 569.146629][T11892] do_huge_pmd_anonymous_page+0x8bd/0x1f50
[ 569.146653][T11892] __handle_mm_fault+0x1cff/0x2aa0
[ 569.146688][T11892] ? mt_find+0x3e2/0xa20
[ 569.146715][T11892] ? __pfx___handle_mm_fault+0x10/0x10
[ 569.146743][T11892] ? __pfx_mt_find+0x10/0x10
[ 569.146778][T11892] ? find_vma+0xbf/0x140
[ 569.146799][T11892] ? __pfx_find_vma+0x10/0x10
[ 569.146823][T11892] handle_mm_fault+0x589/0xd10
[ 569.146860][T11892] ? __pkru_allows_pkey+0x21/0xb0
[ 569.146890][T11892] do_user_addr_fault+0x7a6/0x1370
[ 569.146910][T11892] ? rcu_is_watching+0x12/0xc0
[ 569.146932][T11892] exc_page_fault+0x64/0xc0
[ 569.146955][T11892] asm_exc_page_fault+0x26/0x30
[ 569.146973][T11892] RIP: 0010:fault_in_readable+0x135/0x1d0
[ 569.146996][T11892] Code: 61 c6 b6 ff 48 85 db 0f 84 9c 00 00 00 e8 e3 ca b6 ff 48 89 de 48 89 ef e8 88 c5 b6 ff 48 39 eb 73 1d e8 ce ca b6 ff 45 89 f7 <8a> 03 31 ff 44 89 fe 88 44 24 28 e8 fb c5 b6 ff 45 85 ff 74 a8 e8
[ 569.147014][T11892] RSP: 0018:ffffc90004c07978 EFLAGS: 00050293
[ 569.147030][T11892] RAX: 0000000000000000 RBX: 0000200000200000 RCX: ffffffff82059da8
[ 569.147041][T11892] RDX: ffff88802e1e5ac0 RSI: ffffffff82059db2 RDI: 0000000000000006
[ 569.147052][T11892] RBP: 0000200000200280 R08: 0000000000000006 R09: 0000200000200280
[ 569.147063][T11892] R10: 0000200000200000 R11: 0000000000000001 R12: 0000200000000280
[ 569.147074][T11892] R13: 0000000000200000 R14: 0000000000000000 R15: 0000000000000000
[ 569.147091][T11892] ? fault_in_readable+0x128/0x1d0
[ 569.147112][T11892] ? fault_in_readable+0x132/0x1d0
[ 569.147137][T11892] ? fault_in_readable+0x132/0x1d0
[ 569.147159][T11892] ? __pfx_fault_in_readable+0x10/0x10
[ 569.147180][T11892] ? rcu_is_watching+0x12/0xc0
[ 569.147197][T11892] ? I_BDEV+0xd/0x20
[ 569.147222][T11892] ? inode_to_bdi+0x9e/0x160
[ 569.147245][T11892] fault_in_iov_iter_readable+0x101/0x2c0
[ 569.147276][T11892] iomap_file_buffered_write+0x441/0xac0
[ 569.147314][T11892] ? __pfx_iomap_file_buffered_write+0x10/0x10
[ 569.147347][T11892] ? inode_set_ctime_current+0x2a1/0x8f0
[ 569.147388][T11892] ? __pfx_down_read+0x10/0x10
[ 569.147414][T11892] ? preempt_count_add+0x76/0x150
[ 569.147442][T11892] ? mnt_put_write_access_file+0xc1/0xf0
[ 569.147463][T11892] blkdev_write_iter+0x575/0xe00
[ 569.147489][T11892] vfs_write+0x7d3/0x11d0
[ 569.147509][T11892] ? __pfx_blkdev_write_iter+0x10/0x10
[ 569.147532][T11892] ? __pfx_vfs_write+0x10/0x10
[ 569.147550][T11892] ? find_held_lock+0x2b/0x80
[ 569.147583][T11892] ksys_write+0x12a/0x250
[ 569.147602][T11892] ? __pfx_ksys_write+0x10/0x10
[ 569.147621][T11892] ? syscall_user_dispatch+0x78/0x140
[ 569.147657][T11892] do_syscall_64+0xcd/0xfa0
[ 569.147682][T11892] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 569.147702][T11892] RIP: 0033:0x7fdad638f6c9
[ 569.147716][T11892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 569.147733][T11892] RSP: 002b:00007fdad7277038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 569.147749][T11892] RAX: ffffffffffffffda RBX: 00007fdad65e5fa0 RCX: 00007fdad638f6c9
[ 569.147760][T11892] RDX: 0000000080000002 RSI: 0000200000000280 RDI: 0000000000000003
[ 569.147771][T11892] RBP: 00007fdad7277090 R08: 0000000000000000 R09: 0000000000000000
[ 569.147781][T11892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 569.147792][T11892] R13: 00007fdad65e6038 R14: 00007fdad65e5fa0 R15: 00007ffe8f50fba8
[ 569.147816][T11892]
[ 576.700837][T11975] futex_wake_op: syz.0.1199 tries to shift op by -2048; fix this program
[ 577.842021][T11996] netlink: 244 bytes leftover after parsing attributes in process `syz.1.1203'.
[ 578.100448][T12009] Invalid ELF header magic: != ELF
[ 579.546153][T12017] netlink: 'syz.1.1206': attribute type 1 has an invalid length.
[ 583.500756][T12066] Invalid ELF header magic: != ELF
[ 585.613164][T12092] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23
[ 585.829414][T12093] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16)
[ 585.829437][T12093] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[ 587.380257][T12094] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24
[ 590.663188][T12144] ubi: mtd0 is already attached to ubi31
[ 591.003619][T12143] FAULT_INJECTION: forcing a failure.
[ 591.003619][T12143] name failslab, interval 1, probability 0, space 0, times 0
[ 591.134067][T12143] CPU: 0 UID: 0 PID: 12143 Comm: syz.3.1231 Not tainted syzkaller #0 PREEMPT(full)
[ 591.134095][T12143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 591.134105][T12143] Call Trace:
[ 591.134112][T12143]
[ 591.134119][T12143] dump_stack_lvl+0x16c/0x1f0
[ 591.134146][T12143] should_fail_ex+0x512/0x640
[ 591.134173][T12143] ? fs_reclaim_acquire+0xae/0x150
[ 591.134200][T12143] should_failslab+0xc2/0x120
[ 591.134226][T12143] __kmalloc_noprof+0xdd/0x880
[ 591.134255][T12143] ? security_inode_init_security+0x13f/0x390
[ 591.134285][T12143] ? security_inode_init_security+0x13f/0x390
[ 591.134307][T12143] security_inode_init_security+0x13f/0x390
[ 591.134332][T12143] ? __pfx_shmem_initxattrs+0x10/0x10
[ 591.134357][T12143] ? __pfx_security_inode_init_security+0x10/0x10
[ 591.134381][T12143] ? shmem_get_inode+0x73a/0xfb0
[ 591.134411][T12143] shmem_symlink+0x135/0x9f0
[ 591.134432][T12143] ? __pfx_shmem_symlink+0x10/0x10
[ 591.134450][T12143] ? bpf_lsm_inode_permission+0x9/0x10
[ 591.134468][T12143] ? security_inode_permission+0xbf/0x260
[ 591.134505][T12143] ? inode_permission+0x156/0x630
[ 591.134533][T12143] vfs_symlink+0x403/0x680
[ 591.134564][T12143] do_symlinkat+0x261/0x310
[ 591.134587][T12143] ? __pfx_do_symlinkat+0x10/0x10
[ 591.134608][T12143] ? getname_flags.part.0+0x1c5/0x550
[ 591.134639][T12143] __x64_sys_symlink+0x75/0x90
[ 591.134662][T12143] do_syscall_64+0xcd/0xfa0
[ 591.134685][T12143] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 591.134703][T12143] RIP: 0033:0x7f0ba998f6c9
[ 591.134718][T12143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 591.134736][T12143] RSP: 002b:00007f0baa80b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[ 591.134753][T12143] RAX: ffffffffffffffda RBX: 00007f0ba9be5fa0 RCX: 00007f0ba998f6c9
[ 591.134765][T12143] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[ 591.134775][T12143] RBP: 00007f0ba9a11f91 R08: 0000000000000000 R09: 0000000000000000
[ 591.134785][T12143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 591.134796][T12143] R13: 00007f0ba9be6038 R14: 00007f0ba9be5fa0 R15: 00007ffcab9b7b48
[ 591.134819][T12143]
[ 591.791745][T12153] FAULT_INJECTION: forcing a failure.
[ 591.791745][T12153] name failslab, interval 1, probability 0, space 0, times 0
[ 591.835775][T12153] CPU: 0 UID: 0 PID: 12153 Comm: syz.3.1234 Not tainted syzkaller #0 PREEMPT(full)
[ 591.835803][T12153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 591.835813][T12153] Call Trace:
[ 591.835820][T12153]
[ 591.835827][T12153] dump_stack_lvl+0x16c/0x1f0
[ 591.835858][T12153] should_fail_ex+0x512/0x640
[ 591.835886][T12153] ? __kmalloc_noprof+0xca/0x880
[ 591.835918][T12153] should_failslab+0xc2/0x120
[ 591.835943][T12153] __kmalloc_noprof+0xdd/0x880
[ 591.835973][T12153] ? __list_lru_init+0xe8/0x4c0
[ 591.835994][T12153] ? __list_lru_init+0xe8/0x4c0
[ 591.836010][T12153] __list_lru_init+0xe8/0x4c0
[ 591.836030][T12153] alloc_super+0x86d/0xb60
[ 591.836053][T12153] sget_fc+0x116/0xc20
[ 591.836071][T12153] ? __pfx_set_anon_super_fc+0x10/0x10
[ 591.836102][T12153] ? __pfx_mqueue_fill_super+0x10/0x10
[ 591.836126][T12153] get_tree_nodev+0x28/0x190
[ 591.836146][T12153] mqueue_get_tree+0xf1/0x130
[ 591.836170][T12153] vfs_get_tree+0x8e/0x340
[ 591.836197][T12153] fc_mount_longterm+0x1a/0x270
[ 591.836225][T12153] mq_init_ns+0x426/0x620
[ 591.836255][T12153] copy_ipcs+0x2d6/0x550
[ 591.836284][T12153] create_new_namespaces+0x20a/0xa90
[ 591.836306][T12153] ? security_capable+0x7e/0x260
[ 591.836334][T12153] copy_namespaces+0x468/0x560
[ 591.836355][T12153] copy_process+0x2828/0x76a0
[ 591.836388][T12153] ? __pfx_copy_process+0x10/0x10
[ 591.836416][T12153] ? _copy_from_user+0x59/0xd0
[ 591.836448][T12153] kernel_clone+0xfc/0x930
[ 591.836480][T12153] ? __pfx_kernel_clone+0x10/0x10
[ 591.836500][T12153] ? futex_private_hash_put+0xd5/0x190
[ 591.836527][T12153] ? __pfx_futex_wait+0x10/0x10
[ 591.836563][T12153] __do_sys_clone3+0x212/0x290
[ 591.836585][T12153] ? __pfx___do_sys_clone3+0x10/0x10
[ 591.836618][T12153] ? find_held_lock+0x2b/0x80
[ 591.836656][T12153] do_syscall_64+0xcd/0xfa0
[ 591.836680][T12153] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 591.836699][T12153] RIP: 0033:0x7f0ba998f6c9
[ 591.836714][T12153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 591.836731][T12153] RSP: 002b:00007f0baa80af08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 591.836749][T12153] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f0ba998f6c9
[ 591.836761][T12153] RDX: 00007f0baa80af20 RSI: 0000000000000058 RDI: 00007f0baa80af20
[ 591.836771][T12153] RBP: 00007f0ba9a11f91 R08: 0000000000000000 R09: 0000000000000058
[ 591.836782][T12153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 591.836792][T12153] R13: 00007f0ba9be6038 R14: 00007f0ba9be5fa0 R15: 00007ffcab9b7b48
[ 591.836816][T12153]
[ 593.728377][T12167] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1238'.
[ 593.828191][T12167] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1238'.
[ 594.008009][T12177] random: crng reseeded on system resumption
[ 594.679992][T12104] Process accounting resumed
[ 594.808003][T12187] futex_wake_op: syz.1.1242 tries to shift op by -2048; fix this program
[ 594.882711][T12188] 0x000000000001-0x000000020000 : ""
[ 594.928528][T12188] ftl_cs: FTL header corrupt!
[ 595.591485][T12203] Invalid ELF header magic: != ELF
[ 595.784517][T12202] FAULT_INJECTION: forcing a failure.
[ 595.784517][T12202] name failslab, interval 1, probability 0, space 0, times 0
[ 595.852982][T12202] CPU: 0 UID: 0 PID: 12202 Comm: syz.2.1246 Not tainted syzkaller #0 PREEMPT(full)
[ 595.853010][T12202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 595.853021][T12202] Call Trace:
[ 595.853028][T12202]
[ 595.853035][T12202] dump_stack_lvl+0x16c/0x1f0
[ 595.853061][T12202] should_fail_ex+0x512/0x640
[ 595.853089][T12202] ? __kmalloc_cache_noprof+0x5f/0x780
[ 595.853121][T12202] should_failslab+0xc2/0x120
[ 595.853147][T12202] __kmalloc_cache_noprof+0x72/0x780
[ 595.853179][T12202] ? usbdev_open+0x9d/0x8b0
[ 595.853205][T12202] ? usbdev_open+0x9d/0x8b0
[ 595.853226][T12202] usbdev_open+0x9d/0x8b0
[ 595.853248][T12202] ? do_raw_spin_lock+0x12c/0x2b0
[ 595.853277][T12202] ? __pfx_usbdev_open+0x10/0x10
[ 595.853299][T12202] ? chrdev_open+0x58c/0x6a0
[ 595.853323][T12202] ? __pfx_usbdev_open+0x10/0x10
[ 595.853344][T12202] chrdev_open+0x234/0x6a0
[ 595.853367][T12202] ? __pfx_chrdev_open+0x10/0x10
[ 595.853390][T12202] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 595.853424][T12202] do_dentry_open+0x982/0x1530
[ 595.853445][T12202] ? __pfx_chrdev_open+0x10/0x10
[ 595.853471][T12202] vfs_open+0x82/0x3f0
[ 595.853505][T12202] path_openat+0x1de4/0x2cb0
[ 595.853533][T12202] ? __pfx_path_openat+0x10/0x10
[ 595.853554][T12202] ? __lock_acquire+0xb8a/0x1c90
[ 595.853582][T12202] do_filp_open+0x20b/0x470
[ 595.853602][T12202] ? __pfx_do_filp_open+0x10/0x10
[ 595.853638][T12202] ? alloc_fd+0x471/0x7d0
[ 595.853662][T12202] do_sys_openat2+0x11b/0x1d0
[ 595.853688][T12202] ? __pfx_do_sys_openat2+0x10/0x10
[ 595.853724][T12202] __x64_sys_openat+0x174/0x210
[ 595.853751][T12202] ? __pfx___x64_sys_openat+0x10/0x10
[ 595.853789][T12202] do_syscall_64+0xcd/0xfa0
[ 595.853813][T12202] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 595.853831][T12202] RIP: 0033:0x7fdad638f6c9
[ 595.853847][T12202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 595.853864][T12202] RSP: 002b:00007fdad7277038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 595.853882][T12202] RAX: ffffffffffffffda RBX: 00007fdad65e5fa0 RCX: 00007fdad638f6c9
[ 595.853893][T12202] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c
[ 595.853904][T12202] RBP: 00007fdad6411f91 R08: 0000000000000000 R09: 0000000000000000
[ 595.853914][T12202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 595.853925][T12202] R13: 00007fdad65e6038 R14: 00007fdad65e5fa0 R15: 00007ffe8f50fba8
[ 595.853948][T12202]
[ 596.103819][ C0] vkms_vblank_simulate: vblank timer overrun
[ 597.350428][T12214] netlink: 'syz.3.1247': attribute type 1 has an invalid length.
[ 601.286146][T12275] nbd: must specify at least one socket
[ 601.700458][T12275] zswap: compressor not available
[ 602.272049][T12312] FAULT_INJECTION: forcing a failure.
[ 602.272049][T12312] name failslab, interval 1, probability 0, space 0, times 0
[ 602.462358][T12312] CPU: 0 UID: 0 PID: 12312 Comm: syz.2.1263 Not tainted syzkaller #0 PREEMPT(full)
[ 602.462386][T12312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 602.462397][T12312] Call Trace:
[ 602.462403][T12312]
[ 602.462410][T12312] dump_stack_lvl+0x16c/0x1f0
[ 602.462437][T12312] should_fail_ex+0x512/0x640
[ 602.462466][T12312] ? __kmalloc_noprof+0xca/0x880
[ 602.462498][T12312] should_failslab+0xc2/0x120
[ 602.462524][T12312] __kmalloc_noprof+0xdd/0x880
[ 602.462554][T12312] ? lsm_blob_alloc+0x68/0x90
[ 602.462580][T12312] ? lsm_blob_alloc+0x68/0x90
[ 602.462601][T12312] lsm_blob_alloc+0x68/0x90
[ 602.462625][T12312] security_sk_alloc+0x30/0x270
[ 602.462654][T12312] sk_prot_alloc+0x1c7/0x2a0
[ 602.462679][T12312] sk_alloc+0x36/0xc20
[ 602.462708][T12312] xsk_create+0x11b/0x770
[ 602.462738][T12312] __sock_create+0x338/0x8d0
[ 602.462766][T12312] __sys_socket+0x14d/0x260
[ 602.462791][T12312] ? __pfx___sys_socket+0x10/0x10
[ 602.462816][T12312] ? xfd_validate_state+0x61/0x180
[ 602.462842][T12312] ? __pfx___do_sys_close_range+0x10/0x10
[ 602.462868][T12312] __x64_sys_socket+0x72/0xb0
[ 602.462898][T12312] ? lockdep_hardirqs_on+0x7c/0x110
[ 602.462921][T12312] do_syscall_64+0xcd/0xfa0
[ 602.462944][T12312] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 602.462963][T12312] RIP: 0033:0x7fdad638f6c9
[ 602.462978][T12312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 602.462996][T12312] RSP: 002b:00007fdad7256038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 602.463014][T12312] RAX: ffffffffffffffda RBX: 00007fdad65e6090 RCX: 00007fdad638f6c9
[ 602.463026][T12312] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 000000000000002c
[ 602.463036][T12312] RBP: 00007fdad6411f91 R08: 0000000000000000 R09: 0000000000000000
[ 602.463047][T12312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 602.463057][T12312] R13: 00007fdad65e6128 R14: 00007fdad65e6090 R15: 00007ffe8f50fba8
[ 602.463080][T12312]
[ 602.667963][ C0] vkms_vblank_simulate: vblank timer overrun
[ 602.992953][T11246] Bluetooth: hci1: Received unexpected HCI Event 0x00
[ 603.213110][T12332] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1267'.
[ 603.286505][T12332] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1267'.
[ 605.527561][T12341] netlink: 'syz.2.1268': attribute type 1 has an invalid length.
[ 605.956678][T12368] ubi: mtd0 is already attached to ubi31
[ 606.686601][T12367] MTRR 1 not used
[ 606.983116][ T30] audit: type=1800 audit(4294967299.360:5): pid=12361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1266" name="dbroot" dev="configfs" ino=33950 res=0 errno=0
[ 607.782879][T12397] netlink: 220 bytes leftover after parsing attributes in process `syz.3.1276'.
[ 607.938175][T12404] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1277'.
[ 608.191460][T12404] bridge_slave_0: left allmulticast mode
[ 608.215998][T12404] bridge_slave_0: left promiscuous mode
[ 608.236173][T12404] bridge0: port 1(bridge_slave_0) entered disabled state
[ 609.144557][T12414] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1280'.
[ 613.215729][T12431] hub 1-0:1.0: USB hub found
[ 613.276118][T12431] hub 1-0:1.0: 1 port detected
[ 613.471956][T12434] hub 1-0:1.0: USB hub found
[ 613.532967][T12434] hub 1-0:1.0: 1 port detected
[ 619.425802][T12511] netlink: 'syz.3.1303': attribute type 27 has an invalid length.
[ 619.469013][T12511] netlink: 'syz.3.1303': attribute type 28 has an invalid length.
[ 619.516026][T12511] netlink: 'syz.3.1303': attribute type 29 has an invalid length.
[ 619.540748][T12511] netlink: 'syz.3.1303': attribute type 30 has an invalid length.
[ 619.574983][T12511] netlink: 'syz.3.1303': attribute type 31 has an invalid length.
[ 619.618507][T12511] netlink: 'syz.3.1303': attribute type 32 has an invalid length.
[ 619.655995][T12511] netlink: 'syz.3.1303': attribute type 33 has an invalid length.
[ 619.694733][T12511] netlink: 'syz.3.1303': attribute type 35 has an invalid length.
[ 619.736026][T12511] netlink: 'syz.3.1303': attribute type 37 has an invalid length.
[ 619.754728][T12511] netlink: 'syz.3.1303': attribute type 39 has an invalid length.
[ 619.790846][T12511] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1303'.
[ 624.076155][T12558] random: crng reseeded on system resumption
[ 625.456928][T12488] Process accounting paused
[ 625.562821][T12565] Console: switching to colour VGA+ 80x25
[ 626.372379][T12084] syz.0.1216 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 626.549526][T12084] CPU: 0 UID: 0 PID: 12084 Comm: syz.0.1216 Not tainted syzkaller #0 PREEMPT(full)
[ 626.549553][T12084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 626.549564][T12084] Call Trace:
[ 626.549570][T12084]
[ 626.549577][T12084] dump_stack_lvl+0x16c/0x1f0
[ 626.549604][T12084] dump_header+0x101/0x930
[ 626.549639][T12084] oom_kill_process+0x272/0xa40
[ 626.549660][T12084] out_of_memory+0x350/0x1700
[ 626.549683][T12084] ? __pfx_out_of_memory+0x10/0x10
[ 626.549708][T12084] mem_cgroup_out_of_memory+0x118/0x130
[ 626.549739][T12084] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 626.549773][T12084] ? do_raw_spin_unlock+0x172/0x230
[ 626.549808][T12084] try_charge_memcg+0x695/0xd30
[ 626.549837][T12084] ? __pfx_try_charge_memcg+0x10/0x10
[ 626.549860][T12084] ? __print_lock_name+0xb1/0xe0
[ 626.549880][T12084] ? rcu_read_unlock+0x17/0x60
[ 626.549910][T12084] charge_memcg+0x8a/0x230
[ 626.549934][T12084] __mem_cgroup_charge+0x2b/0x1e0
[ 626.549967][T12084] filemap_add_folio+0xe6/0x610
[ 626.549988][T12084] ? __pfx_filemap_add_folio+0x10/0x10
[ 626.550015][T12084] __filemap_get_folio+0x510/0xc30
[ 626.550040][T12084] filemap_fault+0x661/0x29a0
[ 626.550066][T12084] ? __pfx_filemap_fault+0x10/0x10
[ 626.550097][T12084] ? __pfx_filemap_map_pages+0x10/0x10
[ 626.550114][T12084] __do_fault+0x10d/0x490
[ 626.550135][T12084] ? __pfx_filemap_map_pages+0x10/0x10
[ 626.550152][T12084] do_pte_missing+0xf4a/0x3ba0
[ 626.550181][T12084] ? find_held_lock+0x2b/0x80
[ 626.550200][T12084] ? __handle_mm_fault+0x1529/0x2aa0
[ 626.550233][T12084] __handle_mm_fault+0x1556/0x2aa0
[ 626.550269][T12084] ? __pfx___handle_mm_fault+0x10/0x10
[ 626.550300][T12084] ? __pte_offset_map_lock+0x174/0x310
[ 626.550323][T12084] ? find_held_lock+0x2b/0x80
[ 626.550349][T12084] ? follow_page_pte+0x5cf/0x1390
[ 626.550379][T12084] handle_mm_fault+0x589/0xd10
[ 626.550413][T12084] __get_user_pages+0x54e/0x3530
[ 626.550448][T12084] ? __pfx___get_user_pages+0x10/0x10
[ 626.550474][T12084] ? __kernel_write_iter+0x5a5/0xb10
[ 626.550500][T12084] get_dump_page+0x257/0x3d0
[ 626.550526][T12084] ? __pfx_get_dump_page+0x10/0x10
[ 626.550553][T12084] ? dump_user_range+0x756/0xb70
[ 626.550576][T12084] dump_user_range+0x195/0xb70
[ 626.550600][T12084] ? __pfx_dump_user_range+0x10/0x10
[ 626.550619][T12084] ? elf_coredump_extra_notes_write+0xbd/0x4f0
[ 626.550653][T12084] ? __pfx_writenote+0x10/0x10
[ 626.550679][T12084] elf_core_dump+0x29c3/0x3c00
[ 626.550711][T12084] ? __pfx_elf_core_dump+0x10/0x10
[ 626.550729][T12084] ? kasan_save_stack+0x33/0x60
[ 626.550750][T12084] ? kasan_save_track+0x14/0x30
[ 626.550769][T12084] ? __kasan_kmalloc+0xaa/0xb0
[ 626.550788][T12084] ? __kvmalloc_node_noprof+0x3a3/0x9c0
[ 626.550809][T12084] ? vfs_coredump+0x1ddc/0x5670
[ 626.550825][T12084] ? arch_do_signal_or_restart+0x8f/0x790
[ 626.550847][T12084] ? irqentry_exit_to_user_mode+0x176/0x310
[ 626.550869][T12084] ? asm_exc_invalid_op+0x1a/0x20
[ 626.550892][T12084] ? 0xffffffffff600000
[ 626.550946][T12084] ? vfs_coredump+0x2b9f/0x5670
[ 626.550966][T12084] vfs_coredump+0x2b9f/0x5670
[ 626.550992][T12084] ? __pfx_vfs_coredump+0x10/0x10
[ 626.551011][T12084] ? __lock_acquire+0x622/0x1c90
[ 626.551045][T12084] ? lock_acquire+0x179/0x350
[ 626.551095][T12084] ? lock_acquire+0x179/0x350
[ 626.551120][T12084] ? find_held_lock+0x2b/0x80
[ 626.551139][T12084] ? stack_depot_save_flags+0x3de/0x9c0
[ 626.551168][T12084] ? __pfx___cant_migrate+0x10/0x10
[ 626.551190][T12084] ? do_raw_spin_unlock+0x172/0x230
[ 626.551220][T12084] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 626.551241][T12084] ? stack_depot_save_flags+0x3de/0x9c0
[ 626.551312][T12084] ? proc_coredump_connector+0x2d1/0x4f0
[ 626.551332][T12084] ? __pfx_proc_coredump_connector+0x10/0x10
[ 626.551356][T12084] ? rcu_is_watching+0x12/0xc0
[ 626.551380][T12084] get_signal+0x22e1/0x26d0
[ 626.551410][T12084] ? __pfx_get_signal+0x10/0x10
[ 626.551438][T12084] arch_do_signal_or_restart+0x8f/0x790
[ 626.551462][T12084] ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 626.551491][T12084] ? trace_irq_disable.constprop.0+0xd4/0x120
[ 626.551511][T12084] ? do_error_trap+0x214/0x240
[ 626.551538][T12084] irqentry_exit_to_user_mode+0x176/0x310
[ 626.551563][T12084] asm_exc_invalid_op+0x1a/0x20
[ 626.551580][T12084] RIP: 0033:0x2
[ 626.551592][T12084] Code: Unable to access opcode bytes at 0xffffffffffffffd8.
[ 626.551600][T12084] RSP: 002b:000000000000000c EFLAGS: 00010a82
[ 626.551615][T12084] RAX: 0000000000000000 RBX: 00007fd426dec280 RCX: 00007fd426b8f6c9
[ 626.551627][T12084] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000100000001
[ 626.551638][T12084] RBP: 00007fd426c11f91 R08: 0000000000000200 R09: 0000000000000000
[ 626.551649][T12084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 626.551659][T12084] R13: 00007fd426de6218 R14: 00007fd426de6180 R15: 00007fff57b311b8
[ 626.551683][T12084]
[ 626.551690][T12084] memory: usage 307200kB, limit 307200kB, failcnt 52102
[ 627.244406][ T5149] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[ 627.575979][T12576] futex_wake_op: syz.1.1318 tries to shift op by -2048; fix this program
[ 628.096426][T12084] memory+swap: usage 431552kB, limit 9007199254740988kB, failcnt 0
[ 628.104372][T12084] kmem: usage 4520kB, limit 9007199254740988kB, failcnt 0
[ 628.146078][T12084] Memory cgroup stats for /syz0:
[ 628.146303][T12084] cache 309178368
[ 628.176761][T12084] rss 483328
[ 628.190242][T12084] rss_huge 0
[ 628.193480][T12084] shmem 309170176
[ 628.220601][T12084] mapped_file 93446144
[ 628.224718][T12084] dirty 0
[ 628.240806][T12084] writeback 0
[ 628.244133][T12084] workingset_refault_anon 4085
[ 628.271332][T12084] workingset_refault_file 7984
[ 628.320251][T12084] swap 127336448
[ 628.323855][T12084] swapcached 282624
[ 628.345981][T12084] pgpgin 861851
[ 628.351141][T12084] pgpgout 787722
[ 628.369595][T12084] pgfault 520940
[ 628.376190][T12084] pgmajfault 719
[ 628.379761][T12084] inactive_anon 286892032
[ 628.417755][T12084] active_anon 23044096
[ 628.426220][T12084] inactive_file 8192
[ 628.447027][T12084] active_file 0
[ 628.450518][T12084] unevictable 0
[ 628.468341][T12084] hierarchical_memory_limit 314572800
[ 628.495066][T12084] hierarchical_memsw_limit 9223372036854771712
[ 628.507320][T12084] total_cache 309178368
[ 628.511543][T12084] total_rss 483328
[ 628.535985][T12084] total_rss_huge 0
[ 628.550696][T12084] total_shmem 309170176
[ 628.554888][T12084] total_mapped_file 93446144
[ 628.577941][T12084] total_dirty 0
[ 628.584796][T12084] total_writeback 0
[ 628.628929][T12084] total_workingset_refault_anon 4085
[ 628.634255][T12084] total_workingset_refault_file 7984
[ 628.671261][T12084] total_swap 127336448
[ 628.675390][T12084] total_swapcached 282624
[ 628.703645][T12084] total_pgpgin 861851
[ 628.725973][T12084] total_pgpgout 787722
[ 628.756160][T12084] total_pgfault 520940
[ 628.760266][T12084] total_pgmajfault 719
[ 628.784572][T12084] total_inactive_anon 286892032
[ 628.804458][T12084] total_active_anon 23044096
[ 628.824268][T12084] total_inactive_file 8192
[ 628.841232][T12084] total_active_file 0
[ 628.863096][T12585] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1321'.
[ 628.873790][T12084] total_unevictable 0
[ 628.881706][T12084] anon_cost 236
[ 628.885193][T12084] file_cost 17110
[ 628.908847][T12084] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.1200,pid=11993,uid=0
[ 628.985168][T12084] Memory cgroup out of memory: Killed process 11993 (syz.0.1200) total-vm:167820kB, anon-rss:1204kB, file-rss:35468kB, shmem-rss:58368kB, UID:0 pgtables:340kB oom_score_adj:1000
[ 629.802928][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 629.809557][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 631.546854][T12621] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1327'.
[ 632.007648][T12624] FAULT_INJECTION: forcing a failure.
[ 632.007648][T12624] name failslab, interval 1, probability 0, space 0, times 0
[ 632.068673][T12624] CPU: 0 UID: 0 PID: 12624 Comm: syz.3.1331 Not tainted syzkaller #0 PREEMPT(full)
[ 632.068701][T12624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 632.068713][T12624] Call Trace:
[ 632.068719][T12624]
[ 632.068726][T12624] dump_stack_lvl+0x16c/0x1f0
[ 632.068753][T12624] should_fail_ex+0x512/0x640
[ 632.068782][T12624] ? __kmalloc_noprof+0xca/0x880
[ 632.068814][T12624] should_failslab+0xc2/0x120
[ 632.068839][T12624] __kmalloc_noprof+0xdd/0x880
[ 632.068896][T12624] ? memcg_list_lru_alloc+0x4e9/0x740
[ 632.068920][T12624] ? memcg_list_lru_alloc+0x4e9/0x740
[ 632.068938][T12624] memcg_list_lru_alloc+0x4e9/0x740
[ 632.068963][T12624] ? __pfx_memcg_list_lru_alloc+0x10/0x10
[ 632.068995][T12624] __memcg_slab_post_alloc_hook+0x133/0x940
[ 632.069026][T12624] ? kasan_save_track+0x14/0x30
[ 632.069050][T12624] kmem_cache_alloc_lru_noprof+0x556/0x6e0
[ 632.069071][T12624] ? mqueue_alloc_inode+0x25/0x50
[ 632.069098][T12624] ? __pfx_mqueue_fill_super+0x10/0x10
[ 632.069121][T12624] ? __pfx_mqueue_alloc_inode+0x10/0x10
[ 632.069144][T12624] ? mqueue_alloc_inode+0x25/0x50
[ 632.069166][T12624] ? lockdep_init_map_type+0x5c/0x280
[ 632.069191][T12624] mqueue_alloc_inode+0x25/0x50
[ 632.069215][T12624] alloc_inode+0x64/0x240
[ 632.069239][T12624] new_inode+0x22/0x1c0
[ 632.069265][T12624] ? __pfx_mqueue_fill_super+0x10/0x10
[ 632.069288][T12624] mqueue_get_inode+0x2e/0xdd0
[ 632.069311][T12624] ? sget_fc+0x808/0xc20
[ 632.069330][T12624] ? __pfx_mqueue_fill_super+0x10/0x10
[ 632.069353][T12624] mqueue_fill_super+0x14d/0x260
[ 632.069377][T12624] get_tree_nodev+0xdd/0x190
[ 632.069397][T12624] mqueue_get_tree+0xf1/0x130
[ 632.069420][T12624] vfs_get_tree+0x8e/0x340
[ 632.069447][T12624] fc_mount_longterm+0x1a/0x270
[ 632.069475][T12624] mq_init_ns+0x426/0x620
[ 632.069505][T12624] copy_ipcs+0x2d6/0x550
[ 632.069534][T12624] create_new_namespaces+0x20a/0xa90
[ 632.069555][T12624] ? security_capable+0x7e/0x260
[ 632.069583][T12624] copy_namespaces+0x468/0x560
[ 632.069605][T12624] copy_process+0x2828/0x76a0
[ 632.069637][T12624] ? __pfx_copy_process+0x10/0x10
[ 632.069665][T12624] ? _copy_from_user+0x59/0xd0
[ 632.069696][T12624] kernel_clone+0xfc/0x930
[ 632.069719][T12624] ? __pfx_kernel_clone+0x10/0x10
[ 632.069740][T12624] ? futex_private_hash_put+0xd5/0x190
[ 632.069767][T12624] ? __pfx_futex_wait+0x10/0x10
[ 632.069801][T12624] __do_sys_clone3+0x212/0x290
[ 632.069824][T12624] ? __pfx___do_sys_clone3+0x10/0x10
[ 632.069856][T12624] ? find_held_lock+0x2b/0x80
[ 632.069899][T12624] do_syscall_64+0xcd/0xfa0
[ 632.069922][T12624] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 632.069940][T12624] RIP: 0033:0x7f0ba998f6c9
[ 632.069956][T12624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 632.069974][T12624] RSP: 002b:00007f0baa80af08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[ 632.069992][T12624] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f0ba998f6c9
[ 632.070004][T12624] RDX: 00007f0baa80af20 RSI: 0000000000000058 RDI: 00007f0baa80af20
[ 632.070015][T12624] RBP: 00007f0ba9a11f91 R08: 0000000000000000 R09: 0000000000000058
[ 632.070026][T12624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 632.070036][T12624] R13: 00007f0ba9be6038 R14: 00007f0ba9be5fa0 R15: 00007ffcab9b7b48
[ 632.070060][T12624]
[ 634.630162][T12648] Invalid ELF header magic: != ELF
[ 636.084931][T12667] validate_nla: 1 callbacks suppressed
[ 636.084950][T12667] netlink: 'syz.2.1332': attribute type 1 has an invalid length.
[ 639.465114][T12704] netlink: 244 bytes leftover after parsing attributes in process `syz.3.1346'.
[ 639.647119][T12714] zswap: compressor not available
[ 640.813910][T12744] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1354'.
[ 644.997097][T12799] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1367'.
[ 645.097272][T12801] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1367'.
[ 645.213839][T12801] FAULT_INJECTION: forcing a failure.
[ 645.213839][T12801] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 645.349422][T12801] CPU: 0 UID: 0 PID: 12801 Comm: syz.0.1367 Not tainted syzkaller #0 PREEMPT(full)
[ 645.349451][T12801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 645.349461][T12801] Call Trace:
[ 645.349467][T12801]
[ 645.349475][T12801] dump_stack_lvl+0x16c/0x1f0
[ 645.349502][T12801] should_fail_ex+0x512/0x640
[ 645.349534][T12801] _copy_from_user+0x2e/0xd0
[ 645.349565][T12801] copy_msghdr_from_user+0x98/0x160
[ 645.349586][T12801] ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 645.349607][T12801] ? kfree+0x252/0x6d0
[ 645.349634][T12801] ? __pfx__kstrtoull+0x10/0x10
[ 645.349660][T12801] ___sys_sendmsg+0xfe/0x1d0
[ 645.349679][T12801] ? __pfx____sys_sendmsg+0x10/0x10
[ 645.349715][T12801] ? __pfx___might_resched+0x10/0x10
[ 645.349746][T12801] __sys_sendmmsg+0x200/0x420
[ 645.349766][T12801] ? __pfx___sys_sendmmsg+0x10/0x10
[ 645.349791][T12801] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 645.349824][T12801] ? fput+0x9b/0xd0
[ 645.349849][T12801] ? ksys_write+0x1ac/0x250
[ 645.349868][T12801] ? __pfx_ksys_write+0x10/0x10
[ 645.349892][T12801] __x64_sys_sendmmsg+0x9c/0x100
[ 645.349909][T12801] ? lockdep_hardirqs_on+0x7c/0x110
[ 645.349931][T12801] do_syscall_64+0xcd/0xfa0
[ 645.349955][T12801] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 645.349974][T12801] RIP: 0033:0x7fd426b8f6c9
[ 645.349988][T12801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 645.350006][T12801] RSP: 002b:00007fd427acf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 645.350024][T12801] RAX: ffffffffffffffda RBX: 00007fd426de6180 RCX: 00007fd426b8f6c9
[ 645.350036][T12801] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[ 645.350046][T12801] RBP: 00007fd427acf090 R08: 0000000000000000 R09: 0000000000000000
[ 645.350057][T12801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 645.350067][T12801] R13: 00007fd426de6218 R14: 00007fd426de6180 R15: 00007fff57b311b8
[ 645.350090][T12801]
[ 646.363239][ T5149] Bluetooth: hci0: command 0x0c1a tx timeout
[ 648.357078][T12769] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 648.425293][T12769] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 648.568597][T12769] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 648.592626][T12769] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 648.697865][T12769] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 650.356284][T12856] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1381'.
[ 650.435946][ T5149] Bluetooth: hci0: command 0x0c1a tx timeout
[ 650.596000][T11246] Bluetooth: hci1: command 0x0c1a tx timeout
[ 650.602094][ T5149] Bluetooth: hci2: command 0x0c1a tx timeout
[ 650.756022][ T5149] Bluetooth: hci3: command 0x0c1a tx timeout
[ 651.347463][T12881] ptrace attach of "./syz-executor exec"[5826] was attempted by ""[12881]
[ 653.867753][T12869] netlink: 'syz.2.1382': attribute type 1 has an invalid length.
[ 656.810785][T12907] Process accounting resumed
[ 661.152121][T13004] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1411'.
[ 663.171031][T13022] [U]
[ 663.174196][T13022] [U]
[ 663.176898][T13022] [U]
[ 663.179608][T13022] [U]
[ 663.182398][T13022] [U]
[ 663.234753][T13022] [U]
[ 663.237495][T13022] [U]
[ 663.240189][T13022] [U]
[ 663.242877][T13022] [U]
[ 663.562406][T13021] [U]
syzkaller
syzkaller login: [ 670.610932][T13120] futex_wake_op: syz.3.1434 tries to shift op by -2048; fix this program
[ 670.777996][T13130] 0x000000000001-0x000000020000 : ""
[ 670.977330][T13130] ftl_cs: FTL header corrupt!
[ 671.687029][T13148] random: crng reseeded on system resumption
[ 671.728734][T13148] Restarting kernel threads ...
[ 671.750905][T13148] Done restarting kernel threads.
[ 672.468418][T13167] __vm_enough_memory: pid: 13167, comm: syz.1.1441, bytes: 4398046511104 not enough memory for the allocation
[ 677.673774][T13228] usb usb18: usbfs: process 13228 (syz.2.1457) did not claim interface 0 before use
[ 678.366021][T13234] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1455'.
[ 680.083695][T13271] Invalid ELF header magic: != ELF
[ 682.828095][T13303] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1471'.
[ 687.692221][T13323] Process accounting paused
[ 689.547666][T13364] Invalid ELF header magic: != ELF
[ 690.895145][T13387] futex_wake_op: syz.0.1490 tries to shift op by -2048; fix this program
[ 691.241360][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 691.248042][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 693.733012][ T5149] Bluetooth: hci1: unexpected subevent 0x05 length: 123 > 12
[ 695.799141][ T5149] Bluetooth: hci1: command 0x0c1a tx timeout
[ 700.234536][T13533] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1498'.
[ 700.351307][T13535] ptrace attach of ""[13537] was attempted by "./syz-executor exec"[13535]
[ 701.279586][T13533] ipvlan0: entered promiscuous mode
[ 701.284858][T13533] ipvlan0: entered allmulticast mode
[ 701.369396][T13533] veth0_vlan: entered allmulticast mode
[ 704.046265][T13565] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size
[ 704.720586][T13552] Console: switching to colour frame buffer device 128x48
[ 709.057502][T13595] ptrace attach of "./syz-executor exec"[5824] was attempted by ""[13595]
[ 711.749391][T13630] Console: switching to colour VGA+ 80x25
[ 712.078442][T13620] netlink: 'syz.1.1515': attribute type 1 has an invalid length.
[ 712.664915][T13632] Console: switching to colour frame buffer device 128x48
[ 715.158237][T13669] Console: switching to colour VGA+ 80x25
[ 715.685909][T13669] Console: switching to colour frame buffer device 128x48
[ 717.885165][T13421] Process accounting resumed
[ 719.297871][T13708] Console: switching to colour VGA+ 80x25
[ 719.651286][T13716] Console: switching to colour frame buffer device 128x48
[ 721.087903][T13746] ubi: mtd0 is already attached to ubi31
[ 722.173137][T13755] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1536'.
[ 722.306690][T13755] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 722.331640][T13755] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 722.429329][T13755] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 722.480323][T13755] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 723.229555][T13759] Console: switching to colour VGA+ 80x25
[ 723.484733][T13759] Console: switching to colour frame buffer device 128x48
[ 734.701635][T13960] Console: switching to colour VGA+ 80x25
[ 734.923610][T13960] Console: switching to colour frame buffer device 128x48
[ 735.856085][T13966] netlink: 'syz.1.1572': attribute type 1 has an invalid length.
[ 736.731660][T13983] Console: switching to colour VGA+ 80x25
[ 737.029402][T13983] Console: switching to colour frame buffer device 128x48
[ 746.553361][T14115] Console: switching to colour VGA+ 80x25
[ 748.764072][T14121] Process accounting paused
[ 752.677927][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 752.684752][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 754.805266][T14208] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1616'.
[ 758.758766][T14236] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1622'.
[ 764.589770][T14268] Console: switching to colour frame buffer device 128x48
[ 767.837434][T14320] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1637'.
[ 779.532777][T14468] Process accounting resumed
[ 781.399560][ T5895] usb usb38-port5: attempt power cycle
[ 781.973428][ T5895] usb usb38-port5: unable to enumerate USB device
[ 782.996779][ T5895] usb usb38-port5: attempt power cycle
[ 783.306037][T14515] Console: switching to colour VGA+ 80x25
[ 783.576716][ T5895] usb usb38-port5: unable to enumerate USB device
[ 796.328301][T14606] zswap: compressor not available
[ 801.357701][T14653] Console: switching to colour frame buffer device 128x48
[ 806.628771][T14703] Console: switching to colour VGA+ 80x25
[ 810.800943][T14694] Process accounting paused
[ 814.119427][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 814.125897][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 815.797139][T14811] ==================================================================
[ 815.797155][T14811] BUG: KASAN: slab-use-after-free in fbcon_prepare_logo+0xa03/0xc70
[ 815.797191][T14811] Read of size 256 at addr ffff888032dd23c0 by task syz.0.1730/14811
[ 815.797206][T14811]
[ 815.797216][T14811] CPU: 0 UID: 0 PID: 14811 Comm: syz.0.1730 Not tainted syzkaller #0 PREEMPT(full)
[ 815.797237][T14811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 815.797247][T14811] Call Trace:
[ 815.797254][T14811]
[ 815.797261][T14811] dump_stack_lvl+0x116/0x1f0
[ 815.797285][T14811] print_report+0xcd/0x630
[ 815.797308][T14811] ? __virt_addr_valid+0x81/0x610
[ 815.797345][T14811] ? __phys_addr+0xe8/0x180
[ 815.797369][T14811] ? fbcon_prepare_logo+0xa03/0xc70
[ 815.797394][T14811] kasan_report+0xe0/0x110
[ 815.797418][T14811] ? fbcon_prepare_logo+0xa03/0xc70
[ 815.797450][T14811] kasan_check_range+0x100/0x1b0
[ 815.797478][T14811] __asan_memcpy+0x23/0x60
[ 815.797497][T14811] fbcon_prepare_logo+0xa03/0xc70
[ 815.797527][T14811] fbcon_init+0xd77/0x1900
[ 815.797552][T14811] ? __pfx_drm_fb_helper_set_par+0x10/0x10
[ 815.797579][T14811] visual_init+0x320/0x620
[ 815.797606][T14811] do_bind_con_driver.isra.0+0x57a/0xbf0
[ 815.797628][T14811] store_bind+0x61d/0x760
[ 815.797645][T14811] ? sysfs_file_kobj+0xe4/0x290
[ 815.797665][T14811] ? __pfx_store_bind+0x10/0x10
[ 815.797681][T14811] dev_attr_store+0x58/0x80
[ 815.797706][T14811] ? __pfx_dev_attr_store+0x10/0x10
[ 815.797731][T14811] sysfs_kf_write+0xf2/0x150
[ 815.797750][T14811] kernfs_fop_write_iter+0x3af/0x570
[ 815.797778][T14811] ? __pfx_sysfs_kf_write+0x10/0x10
[ 815.797802][T14811] iter_file_splice_write+0xa24/0x12e0
[ 815.797826][T14811] ? __pfx_iter_file_splice_write+0x10/0x10
[ 815.797846][T14811] ? __pfx_copy_splice_read+0x10/0x10
[ 815.797879][T14811] ? __pfx_iter_file_splice_write+0x10/0x10
[ 815.797898][T14811] direct_splice_actor+0x192/0x6c0
[ 815.797916][T14811] splice_direct_to_actor+0x345/0xa30
[ 815.797934][T14811] ? __pfx_direct_splice_actor+0x10/0x10
[ 815.797953][T14811] ? __pfx_splice_direct_to_actor+0x10/0x10
[ 815.797973][T14811] do_splice_direct+0x174/0x240
[ 815.797989][T14811] ? __pfx_do_splice_direct+0x10/0x10
[ 815.798006][T14811] ? __pfx_direct_file_splice_eof+0x10/0x10
[ 815.798036][T14811] ? rw_verify_area+0xcf/0x6c0
[ 815.798052][T14811] do_sendfile+0xb06/0xe50
[ 815.798071][T14811] ? __pfx_do_sendfile+0x10/0x10
[ 815.798090][T14811] ? __x64_sys_futex+0x1e0/0x4c0
[ 815.798115][T14811] ? __x64_sys_futex+0x1e9/0x4c0
[ 815.798139][T14811] __x64_sys_sendfile64+0x1d8/0x220
[ 815.798163][T14811] ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 815.798189][T14811] do_syscall_64+0xcd/0xfa0
[ 815.798211][T14811] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 815.798229][T14811] RIP: 0033:0x7fd426b8f6c9
[ 815.798244][T14811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 815.798261][T14811] RSP: 002b:00007fd427af0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 815.798279][T14811] RAX: ffffffffffffffda RBX: 00007fd426de6090 RCX: 00007fd426b8f6c9
[ 815.798290][T14811] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000003
[ 815.798301][T14811] RBP: 00007fd426c11f91 R08: 0000000000000000 R09: 0000000000000000
[ 815.798318][T14811] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 815.798328][T14811] R13: 00007fd426de6128 R14: 00007fd426de6090 R15: 00007fff57b311b8
[ 815.798345][T14811]
[ 815.798351][T14811]
[ 815.798356][T14811] Allocated by task 13:
[ 815.798365][T14811] kasan_save_stack+0x33/0x60
[ 815.798385][T14811] kasan_save_track+0x14/0x30
[ 815.798404][T14811] __kasan_kmalloc+0xaa/0xb0
[ 815.798423][T14811] __kmalloc_noprof+0x32f/0x880
[ 815.798450][T14811] ieee802_11_parse_elems_full+0x1db/0x3780
[ 815.798468][T14811] ieee80211_inform_bss+0x10b/0x1140
[ 815.798495][T14811] cfg80211_inform_single_bss_data+0x8ea/0x1df0
[ 815.798515][T14811] cfg80211_inform_bss_data+0x22b/0x3be0
[ 815.798534][T14811] cfg80211_inform_bss_frame_data+0x26f/0x750
[ 815.798554][T14811] ieee80211_bss_info_update+0x310/0xab0
[ 815.798581][T14811] ieee80211_ibss_rx_queued_mgmt+0x191b/0x2fe0
[ 815.798608][T14811] ieee80211_iface_work+0xe2e/0x1360
[ 815.798636][T14811] cfg80211_wiphy_work+0x2c7/0x580
[ 815.798657][T14811] process_one_work+0x9cf/0x1b70
[ 815.798684][T14811] worker_thread+0x6c8/0xf10
[ 815.798710][T14811] kthread+0x3c5/0x780
[ 815.798734][T14811] ret_from_fork+0x675/0x7d0
[ 815.798759][T14811] ret_from_fork_asm+0x1a/0x30
[ 815.798783][T14811]
[ 815.798787][T14811] Freed by task 13:
[ 815.798794][T14811] kasan_save_stack+0x33/0x60
[ 815.798813][T14811] kasan_save_track+0x14/0x30
[ 815.798832][T14811] __kasan_save_free_info+0x3b/0x60
[ 815.798859][T14811] __kasan_slab_free+0x5f/0x80
[ 815.798880][T14811] kfree+0x2b8/0x6d0
[ 815.798905][T14811] ieee80211_inform_bss+0x77c/0x1140
[ 815.798931][T14811] cfg80211_inform_single_bss_data+0x8ea/0x1df0
[ 815.798951][T14811] cfg80211_inform_bss_data+0x22b/0x3be0
[ 815.798969][T14811] cfg80211_inform_bss_frame_data+0x26f/0x750
[ 815.798989][T14811] ieee80211_bss_info_update+0x310/0xab0
[ 815.799016][T14811] ieee80211_ibss_rx_queued_mgmt+0x191b/0x2fe0
[ 815.799043][T14811] ieee80211_iface_work+0xe2e/0x1360
[ 815.799071][T14811] cfg80211_wiphy_work+0x2c7/0x580
[ 815.799091][T14811] process_one_work+0x9cf/0x1b70
[ 815.799118][T14811] worker_thread+0x6c8/0xf10
[ 815.799144][T14811] kthread+0x3c5/0x780
[ 815.799167][T14811] ret_from_fork+0x675/0x7d0
[ 815.799192][T14811] ret_from_fork_asm+0x1a/0x30
[ 815.799215][T14811]
[ 815.799219][T14811] The buggy address belongs to the object at ffff888032dd2000
[ 815.799219][T14811] which belongs to the cache kmalloc-1k of size 1024
[ 815.799234][T14811] The buggy address is located 960 bytes inside of
[ 815.799234][T14811] freed 1024-byte region [ffff888032dd2000, ffff888032dd2400)
[ 815.799252][T14811]
[ 815.799258][T14811] The buggy address belongs to the physical page:
[ 815.799266][T14811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x32dd0
[ 815.799283][T14811] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 815.799297][T14811] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 815.799320][T14811] page_type: f5(slab)
[ 815.799336][T14811] raw: 00fff00000000040 ffff88813ffa6dc0 0000000000000000 dead000000000001
[ 815.799353][T14811] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 815.799369][T14811] head: 00fff00000000040 ffff88813ffa6dc0 0000000000000000 dead000000000001
[ 815.799385][T14811] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 815.799401][T14811] head: 00fff00000000003 ffffea0000cb7401 00000000ffffffff 00000000ffffffff
[ 815.799417][T14811] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 815.799428][T14811] page dumped because: kasan: bad access detected
[ 815.799437][T14811] page_owner tracks the page as allocated
[ 815.799442][T14811] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 240, tgid 240 (kworker/u8:5), ts 107361824310, free_ts 106466325589
[ 815.799473][T14811] post_alloc_hook+0x1c0/0x230
[ 815.799501][T14811] get_page_from_freelist+0x10a3/0x3a30
[ 815.799518][T14811] __alloc_frozen_pages_noprof+0x25f/0x2470
[ 815.799536][T14811] alloc_pages_mpol+0x1fb/0x550
[ 815.799559][T14811] new_slab+0x24a/0x360
[ 815.799584][T14811] ___slab_alloc+0xd79/0x1a50
[ 815.799611][T14811] __slab_alloc.constprop.0+0x63/0x110
[ 815.799639][T14811] __kmalloc_noprof+0x501/0x880
[ 815.799666][T14811] ieee802_11_parse_elems_full+0x1db/0x3780
[ 815.799684][T14811] ieee80211_ibss_rx_queued_mgmt+0xc79/0x2fe0
[ 815.799712][T14811] ieee80211_iface_work+0xe2e/0x1360
[ 815.799741][T14811] cfg80211_wiphy_work+0x2c7/0x580
[ 815.799762][T14811] process_one_work+0x9cf/0x1b70
[ 815.799789][T14811] worker_thread+0x6c8/0xf10
[ 815.799816][T14811] kthread+0x3c5/0x780
[ 815.799841][T14811] ret_from_fork+0x675/0x7d0
[ 815.799866][T14811] page last free pid 6060 tgid 6060 stack trace:
[ 815.799876][T14811] __free_frozen_pages+0x7df/0x1160
[ 815.799902][T14811] __put_partials+0x130/0x170
[ 815.799916][T14811] qlist_free_all+0x4d/0x120
[ 815.799933][T14811] kasan_quarantine_reduce+0x195/0x1e0
[ 815.799953][T14811] __kasan_slab_alloc+0x69/0x90
[ 815.799975][T14811] kmem_cache_alloc_noprof+0x250/0x6e0
[ 815.799991][T14811] vm_area_alloc+0x1f/0x160
[ 815.800018][T14811] __mmap_region+0xf85/0x27a0
[ 815.800034][T14811] mmap_region+0x1ab/0x3f0
[ 815.800050][T14811] do_mmap+0xa3e/0x1210
[ 815.800071][T14811] vm_mmap_pgoff+0x29e/0x470
[ 815.800092][T14811] ksys_mmap_pgoff+0x7d/0x5c0
[ 815.800113][T14811] __x64_sys_mmap+0x125/0x190
[ 815.800139][T14811] do_syscall_64+0xcd/0xfa0
[ 815.800159][T14811] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 815.800176][T14811]
[ 815.800180][T14811] Memory state around the buggy address:
[ 815.800189][T14811] ffff888032dd2280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 815.800202][T14811] ffff888032dd2300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 815.800215][T14811] >ffff888032dd2380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 815.800224][T14811] ^
[ 815.800234][T14811] ffff888032dd2400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 815.800247][T14811] ffff888032dd2480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 815.800257][T14811] ==================================================================
[ 815.822236][T14811] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 815.822255][T14811] CPU: 0 UID: 0 PID: 14811 Comm: syz.0.1730 Not tainted syzkaller #0 PREEMPT(full)
[ 815.822278][T14811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 815.822289][T14811] Call Trace:
[ 815.822296][T14811]
[ 815.822303][T14811] dump_stack_lvl+0x3d/0x1f0
[ 815.822342][T14811] vpanic+0x640/0x6f0
[ 815.822370][T14811] panic+0xca/0xd0
[ 815.822395][T14811] ? __pfx_panic+0x10/0x10
[ 815.822422][T14811] ? fbcon_prepare_logo+0xa03/0xc70
[ 815.822449][T14811] ? preempt_schedule_common+0x44/0xc0
[ 815.822471][T14811] ? preempt_schedule_thunk+0x16/0x30
[ 815.822502][T14811] check_panic_on_warn+0xab/0xb0
[ 815.822530][T14811] end_report+0x107/0x170
[ 815.822558][T14811] kasan_report+0xee/0x110
[ 815.822582][T14811] ? fbcon_prepare_logo+0xa03/0xc70
[ 815.822611][T14811] kasan_check_range+0x100/0x1b0
[ 815.822641][T14811] __asan_memcpy+0x23/0x60
[ 815.822660][T14811] fbcon_prepare_logo+0xa03/0xc70
[ 815.822691][T14811] fbcon_init+0xd77/0x1900
[ 815.822717][T14811] ? __pfx_drm_fb_helper_set_par+0x10/0x10
[ 815.822746][T14811] visual_init+0x320/0x620
[ 815.822775][T14811] do_bind_con_driver.isra.0+0x57a/0xbf0
[ 815.822797][T14811] store_bind+0x61d/0x760
[ 815.822816][T14811] ? sysfs_file_kobj+0xe4/0x290
[ 815.822836][T14811] ? __pfx_store_bind+0x10/0x10
[ 815.822853][T14811] dev_attr_store+0x58/0x80
[ 815.822880][T14811] ? __pfx_dev_attr_store+0x10/0x10
[ 815.822907][T14811] sysfs_kf_write+0xf2/0x150
[ 815.822927][T14811] kernfs_fop_write_iter+0x3af/0x570
[ 815.822956][T14811] ? __pfx_sysfs_kf_write+0x10/0x10
[ 815.822977][T14811] iter_file_splice_write+0xa24/0x12e0
[ 815.823002][T14811] ? __pfx_iter_file_splice_write+0x10/0x10
[ 815.823028][T14811] ? __pfx_copy_splice_read+0x10/0x10
[ 815.823062][T14811] ? __pfx_iter_file_splice_write+0x10/0x10
[ 815.823082][T14811] direct_splice_actor+0x192/0x6c0
[ 815.823101][T14811] splice_direct_to_actor+0x345/0xa30
[ 815.823119][T14811] ? __pfx_direct_splice_actor+0x10/0x10
[ 815.823140][T14811] ? __pfx_splice_direct_to_actor+0x10/0x10
[ 815.823161][T14811] do_splice_direct+0x174/0x240
[ 815.823178][T14811] ? __pfx_do_splice_direct+0x10/0x10
[ 815.823196][T14811] ? __pfx_direct_file_splice_eof+0x10/0x10
[ 815.823227][T14811] ? rw_verify_area+0xcf/0x6c0
[ 815.823245][T14811] do_sendfile+0xb06/0xe50
[ 815.823265][T14811] ? __pfx_do_sendfile+0x10/0x10
[ 815.823285][T14811] ? __x64_sys_futex+0x1e0/0x4c0
[ 815.823310][T14811] ? __x64_sys_futex+0x1e9/0x4c0
[ 815.823344][T14811] __x64_sys_sendfile64+0x1d8/0x220
[ 815.823370][T14811] ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 815.823397][T14811] do_syscall_64+0xcd/0xfa0
[ 815.823419][T14811] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 815.823439][T14811] RIP: 0033:0x7fd426b8f6c9
[ 815.823454][T14811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 815.823474][T14811] RSP: 002b:00007fd427af0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 815.823496][T14811] RAX: ffffffffffffffda RBX: 00007fd426de6090 RCX: 00007fd426b8f6c9
[ 815.823509][T14811] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000003
[ 815.823522][T14811] RBP: 00007fd426c11f91 R08: 0000000000000000 R09: 0000000000000000
[ 815.823534][T14811] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 815.823547][T14811] R13: 00007fd426de6128 R14: 00007fd426de6090 R15: 00007fff57b311b8
[ 815.823566][T14811]
[ 815.823635][T14811] Kernel Offset: disabled