last executing test programs: 11.234625313s ago: executing program 3 (id=691): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video43\x00', 0x129900, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x103281, 0x0) mmap$auto(0x0, 0x20009, 0x4000000001df, 0xeb1, 0x401, 0x8000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x883, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_hcd.7/usb8/authorized_default\x00', 0x20582, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) open(0x0, 0x261c2, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 11.048711022s ago: executing program 3 (id=692): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/tty43\x00', 0x101201, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0) io_uring_setup$auto(0x83, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/etherd/err\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x29, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x20c002, 0x0) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x382, 0x0) socket(0x15, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/nr_anon\x00', 0x0, 0x0) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x109500, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptys0\x00', 0x101e81, 0x0) socketpair$auto(0x4004, 0x2, 0xfff, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) write$auto(r0, 0x0, 0x1) 10.516777272s ago: executing program 3 (id=695): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socketcall$auto(0x3, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) signalfd$auto(0xffffffffffffffff, 0x0, 0x8) r3 = epoll_create$auto(0x3e) epoll_ctl$auto(r3, 0x1, 0x8000000000000000, 0x0) timer_create$auto(0x3, 0x0, 0x0) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x0, 0x400}, {0x0, 0x87}}, 0x0) sendmsg$auto_SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x4) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) ioctl$auto(0x3, 0xae41, r0) 9.811935575s ago: executing program 3 (id=698): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmallocinfo\x00', 0x0, 0x0) read$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) socketcall$auto(0xa, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x101600, 0x0) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, 0x0, 0x101002, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0xa2781, 0x0) ioctl$auto(0x3, 0x402c542d, 0xffffffffffffffff) write$auto(0x3, 0x0, 0xfffffdef) 9.263525253s ago: executing program 1 (id=701): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x40384708, 0x0) 9.209759659s ago: executing program 2 (id=702): r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xc0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083a", 0x2f7) ioctl$auto_SNDCTL_SEQ_SYNC(r0, 0x5101, 0x0) socket(0x2, 0x80802, 0x0) r2 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) ioctl$auto_SNAPSHOT_PREF_IMAGE_SIZE(r2, 0x3312, 0x0) socket(0x2b, 0x1, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x20) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0x50b301a, 0x2c, 0x2c, 0x0, 0x2}) prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) ioctl$auto_SNDCTL_SEQ_PANIC(r0, 0x5111, 0x0) 8.576930493s ago: executing program 1 (id=705): r0 = pidfd_open$auto(0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mprotect$auto(0x0, 0x806121, 0x8) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) readahead$auto(r0, 0x10, 0xd8) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) sendmsg$auto_NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f0000000240)=ANY=[@ANYBLOB="080100", @ANYRES16, @ANYBLOB="080027bd7000fddbdf2569000000060065000900000006004f01090000001700130013c366f9244357d432f6e44cc4bf4e5878fe5d00080002002f247b0005006000080000000500a3000200000045001f00ff8ddbe0dca3a0c40b31575a0fc89a052ad1070f85525f215dde201061c7ecbce4e876ab8d9dd571ee3b51789e3654f47243f6e34471afffdadef51ab57ef583e90000005c007580ba6aeb15a3f761572ca4eb336e5dfaa39a4e112524144c26d5a6468d0f3a3919ee7a2bf863f683c121bc3b2170c49b100b274baaf7e35af6d0f2356f99129b14dfb3c040f5", @ANYBLOB], 0x108}, 0x1, 0x0, 0x0, 0x91}, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001ec0)='/sys/power/mem_sleep\x00', 0x2402, 0x0) write$auto(r1, &(0x7f0000000cc0)='\x00\xad\xe8\xc7.\xf0\xb0f\xd2\x02\x00>\x00\xae\x1a\x13I_{\xe8\n\xd4n\x9f\xae\xed\xcd6\x9f\xf6\x01\x00s\xa6\x03y\x97\x0eR\xb8\xb7\xcc\x83\xb8O\xe5\b_\xd0\xd7\xc0+:\x17\x8d\xf4\t\x00\x00\x00`\xdb\x80E|X\xc3\xa4H\xb9\xd8\x03*\x9c\x00\x00\x00\x00\x00\x00\x00[\x1a\fX[\xb8\x91M\xdb\xe7\xdc6w\xb1\x8b9\x9a\x9a\xf9c\x95)b\xff\x80\xd5\xbb\xc9+Ed\xa16?\xab<\xee\x8b\x18\xe6\xf3a]1OZ\x9e\xa9\xb2;H\xbcn}n\xca\x0e\x0e\xd8\xce_2\xe2\xb1@\x8dy\v\xc3\xacH\x9a\t\x8e\xa1g\xa2?\x89\x01\xb9\xf1\xbb%[\xf1L<\xd8\x8c\xd9\x1f\x9e\xfe\xbf\xb2\x95\xb6Y\xba\xaf\'a\xe2\xc3\x9a$c\xad\x82\x13\x1e\xbc\xf3\x1f.\xef\x1es\xb0\xf2I$\x02\x0e\xc8\xf0\x8b\xc7\xd8\x9c\x04\xa6[\xe2Q\xd6\x13\xa8[\xbcP,\xadS\x7f}/>\x13\xbe\\\x8cq(\x06\xdb4', 0x4) sendmsg$auto_NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0xc800}, 0x40000) sendmsg$auto_NL80211_CMD_SET_WOWLAN(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={0x0, 0x8c}, 0x1, 0x0, 0x0, 0x48046}, 0x4000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) 8.301184209s ago: executing program 2 (id=706): bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x10001, 0x8, 0xc, 0xffffffffffffffff, 0x9, 0x7ff}, 0xee) openat$auto_generic(0xffffffffffffff9c, 0x0, 0x301483, 0x0) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x5, 0xfffffffd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto_F_NOTIFY(0xffffffffffffffff, 0x402, 0x9000) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) mremap$auto(0xfffffffffffffe01, 0x40000000100005, 0x843, 0x3, 0x2) fsopen$auto(0x0, 0x1) prctl$auto(0x38, 0x3, r0, 0x0, 0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, r2) setsockopt$auto(0xffffffffffffffff, 0x100, 0x5, &(0x7f0000000040)='#)@$$:]+)]\x00', 0x8001) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r4, r4, 0x0, 0x3) unshare$auto(0x2000000000000003) 8.281384535s ago: executing program 3 (id=707): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socketcall$auto(0x3, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) signalfd$auto(0xffffffffffffffff, 0x0, 0x8) r3 = epoll_create$auto(0x3e) epoll_ctl$auto(r3, 0x1, 0x8000000000000000, 0x0) timer_create$auto(0x3, 0x0, 0x0) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x0, 0x400}, {0x0, 0x87}}, 0x0) sendmsg$auto_SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x4) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) ioctl$auto(0x3, 0xae41, r0) 8.018673665s ago: executing program 0 (id=709): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video43\x00', 0x129900, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x103281, 0x0) mmap$auto(0x0, 0x20009, 0x4000000001df, 0xeb1, 0x401, 0x8000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x883, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_hcd.7/usb8/authorized_default\x00', 0x20582, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) open(0x0, 0x261c2, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 7.894615639s ago: executing program 0 (id=710): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) fstat$auto(0xffffffffffffffff, &(0x7f0000000300)={0xff, 0x7, 0x45, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x803, 0x18, 0x6, 0x0, 0x1000073, 0x1, 0x1, 0x8}) close_range$auto(0x2, r0, 0x4) openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x303101, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000080)={0x1, "36a2662b59209f6bd4aafa4ed15fdb9c791daf044ae6ff089930def80ce28999"}) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) ioctl$auto_SW_SYNC_IOC_INC(r1, 0x40045701, &(0x7f0000000040)=0x8) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, 0x0, 0x80a040, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x1, 0x4, 0x284) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/per_cpu/cpu0/trace\x00', 0x1a6b75d638838712, 0x0) r2 = openat$auto_sc_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x88080, 0x0) pread64$auto(r2, 0x0, 0xc, 0x8000) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/free_buffer\x00', 0x4c000, 0xebff) 7.777972774s ago: executing program 3 (id=711): mmap$auto(0x0, 0x400008, 0xdf, 0x2000000009b72, 0xffffffffffffffff, 0x0) getsockopt$auto(0x3, 0x200000000001, 0x1f, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x1ff, 0x40eb1, 0x401, 0x300000000001) openat$auto_tracing_stats_fops_trace(0xffffffffffffff9c, 0x0, 0x183400, 0x0) bind$auto(0xffffffffffffffff, 0x0, 0x4006b) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) unshare$auto(0x40000080) semctl$auto(0xa, 0x2, 0x13, 0xde) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS0\x00', 0x101e81, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/net/dummy0/proto_down\x00', 0x60282, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0x3, 0x0, 0xffd8) recvmmsg$auto(0x3, 0x0, 0x80000401, 0x4000, 0x0) bind$auto(0xffffffffffffffff, 0x0, 0x9) sendmsg$auto_OVS_FLOW_CMD_SET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) 5.716307733s ago: executing program 0 (id=712): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0x0) r1 = openat$auto_tk_debug_sleep_time_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x2400, 0x0) writev$auto(r1, &(0x7f00000001c0)={&(0x7f0000000140)="6f0652c6086ae0a2fe7ab4fa6240270adb45e1a618e291796886fc09ad6a0f5e589370cb94080bbef19b1e212655c621c94ee58d38b93391ee04cf580d3228d761076197a69792f3c9d55ba8aa142016aa036adb69e8", 0x7}, 0x3) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/filesystems\x00', 0x2, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f0000000280)=""/144, 0x90) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) r4 = eventfd2$auto(0x7f, 0x0) r5 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000200)={0xd, "74a517f574545f6e56dd0a76e95f7ebe732ad2c90cf711c0bb363ed3997e3e14", @inferred=r4}) ioctl$auto(r3, 0x9, r5) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0) read$auto_tracing_fops_trace(0xffffffffffffffff, &(0x7f0000001580)=""/4077, 0xfed) mmap$auto(0x4, 0x1, 0xdf, 0x9b72, 0x2, 0x40008000) close_range$auto(0x2, 0x8, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(0x0, 0xfffffffffffff000, 0x2) unshare$auto(0x40000080) statmount$auto(0x0, &(0x7f0000000180)={0x3, 0xb9, 0x44f, 0xa, 0x1, 0x1007181, 0x8a0d, 0x4, 0x10007, 0x7, 0x89, 0x29, 0x4, 0x200000000000, 0xfffffffffffff340, 0xfffffffffffffffa, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffb, 0x6, 0x401, 0x22002, 0x9, 0xfffffffd, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x70e2, 0x0, 0xe573, 0xb7, 0x0, 0x0, 0x8, 0x0, 0x9, 0x100000, 0x10000, 0x15b, 0x7, 0x1fc, 0x0, 0x10000000000002, 0x0, 0x0, 0x48, 0x0, 0x3a, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x400000000, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x3, 0xe, 0x0, 0x0, 0x0, 0xa53, 0xfffffffffffffffd, 0xfffffffffffffffd]}, 0x7, 0xd) r6 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r6, 0xfffffff7effffd04, &(0x7f00000001c0)) 5.716097329s ago: executing program 1 (id=713): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = socket(0xa, 0x3, 0x3a) mmap$auto(0x20000000000000, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/kcore\x00', 0xc40, 0x0) read$auto_proc_iter_file_ops_compat_inode(r1, 0x0, 0x4d) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket(0x18, 0x5, 0x1) write$auto(0xffffffffffffffff, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000180), 0x7112}, 0x8) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x40000, 0x0) ioctl$auto(0x3, 0x40505330, 0x38) close$auto(r0) io_uring_setup$auto(0x6, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_BTRFS_IOC_SCRUB_PROGRESS(r2, 0xc400941d, &(0x7f0000000500)={0x40a, 0x3, 0x3ac, 0x8, {0x1, 0x4, 0xb, 0x3, 0x9, 0x4, 0x9, 0x2, 0xe, 0xa5, 0x1, 0x4, 0x0, 0xf, 0xff}}) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(r2, &(0x7f0000001440)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xc020}, 0xc, &(0x7f0000001400)={&(0x7f00000001c0)=ANY=[@ANYRES16], 0x1228}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) 4.869026545s ago: executing program 2 (id=714): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x2, 0x2) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/034/001\x00', 0x201, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2401, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x73) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) socket(0xa, 0x2, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000000c0), 0x161401, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socketpair$auto(0x4004, 0x8, 0x7, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 4.359205577s ago: executing program 0 (id=715): r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xc0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083a", 0x2f7) ioctl$auto_SNDCTL_SEQ_SYNC(r0, 0x5101, 0x0) socket(0x2, 0x80802, 0x0) r2 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) ioctl$auto_SNAPSHOT_PREF_IMAGE_SIZE(r2, 0x3312, 0x0) socket(0x2b, 0x1, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x20) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0x50b301a, 0x2c, 0x2c, 0x0, 0x2}) prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) ioctl$auto_SNDCTL_SEQ_PANIC(r0, 0x5111, 0x0) 4.33482473s ago: executing program 1 (id=716): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmallocinfo\x00', 0x0, 0x0) read$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) socketcall$auto(0xa, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x101600, 0x0) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, 0x0, 0x101002, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0xa2781, 0x0) ioctl$auto(0x3, 0x402c542d, 0xffffffffffffffff) write$auto(0x3, 0x0, 0xfffffdef) 4.013170056s ago: executing program 2 (id=717): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socketcall$auto(0x3, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) signalfd$auto(0xffffffffffffffff, 0x0, 0x8) r3 = epoll_create$auto(0x3e) epoll_ctl$auto(r3, 0x1, 0x8000000000000000, 0x0) timer_create$auto(0x3, 0x0, 0x0) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x0, 0x400}, {0x0, 0x87}}, 0x0) sendmsg$auto_SEG6_CMD_GET_TUNSRC(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x4) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) ioctl$auto(0x3, 0xae41, r0) 3.261340439s ago: executing program 2 (id=718): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video43\x00', 0x129900, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x103281, 0x0) mmap$auto(0x0, 0x20009, 0x4000000001df, 0xeb1, 0x401, 0x8000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x883, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_hcd.7/usb8/authorized_default\x00', 0x20582, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) open(0x0, 0x261c2, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 3.13503179s ago: executing program 0 (id=719): bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x10001, 0x8, 0xc, 0xffffffffffffffff, 0x9, 0x7ff}, 0xee) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x5, 0xfffffffd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto_F_NOTIFY(0xffffffffffffffff, 0x402, 0x9000) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) fsopen$auto(0x0, 0x1) prctl$auto(0x38, 0x3, r0, 0x0, 0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) shutdown$auto(0x200000003, 0x2) madvise$auto(0x0, 0x2003f2, 0x15) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, r2) setsockopt$auto(r4, 0x100, 0x5, &(0x7f0000000040)='#)@$$:]+)]\x00', 0x8001) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r5, r5, 0x0, 0x3) unshare$auto(0x2000000000000003) 2.307227254s ago: executing program 2 (id=720): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) fstat$auto(0xffffffffffffffff, &(0x7f0000000300)={0xff, 0x7, 0x45, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x803, 0x18, 0x6, 0x0, 0x1000073, 0x1, 0x1, 0x8}) close_range$auto(0x2, r0, 0x4) openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x303101, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000080)={0x1, "36a2662b59209f6bd4aafa4ed15fdb9c791daf044ae6ff089930def80ce28999"}) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) ioctl$auto_SW_SYNC_IOC_INC(r1, 0x40045701, &(0x7f0000000040)=0x8) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, 0x0, 0x80a040, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x1, 0x4, 0x284) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/per_cpu/cpu0/trace\x00', 0x1a6b75d638838712, 0x0) r2 = openat$auto_sc_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x88080, 0x0) pread64$auto(r2, 0x0, 0xc, 0x8000) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/free_buffer\x00', 0x4c000, 0xebff) 2.101760723s ago: executing program 1 (id=721): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socketcall$auto(0x3, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) signalfd$auto(0xffffffffffffffff, 0x0, 0x8) r3 = epoll_create$auto(0x3e) epoll_ctl$auto(r3, 0x1, 0x8000000000000000, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) ioctl$auto(0x3, 0xae41, r0) 1.196552838s ago: executing program 1 (id=722): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmallocinfo\x00', 0x0, 0x0) read$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) socketcall$auto(0xa, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x101600, 0x0) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_tgids\x00', 0x101002, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0xa2781, 0x0) ioctl$auto(0x3, 0x402c542d, 0xffffffffffffffff) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0x3, 0x541b, 0x74) 0s ago: executing program 0 (id=723): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x80e42, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) read$auto(r1, 0x0, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) socket(0x22, 0x3, 0x0) bind$auto(0x3, &(0x7f0000000080)=@isdn={0x22, 0x3d, 0x7, 0x64, 0x7}, 0x6b) sendfile$auto(r0, r2, 0x0, 0x1000200) mmap$auto(0x0, 0x5, 0x4000, 0xeb1, r2, 0x8001) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000b00)='/dev/cuse\x00', 0x0, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x801, 0x106) select$auto(0x5, 0x0, &(0x7f0000000140)={[0x9, 0x8, 0x3, 0x10, 0x3, 0x9, 0x9, 0xff, 0x3, 0x2, 0x2, 0x7, 0x100000001, 0x8000000000000001, 0x4, 0x9]}, 0x0, 0x0) r3 = socket(0x2, 0x1, 0x84) setsockopt$auto(r3, 0x84, 0x15, 0x0, 0x1) write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000000)="c80d1b5d399b3f", 0xfdef) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/pci0000:00/0000:00:00.0/msi_bus\x00', 0x149b01, 0x0) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000140), 0x7111}, 0x8) kernel console output (not intermixed with test programs): <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 217.054230][ T7254] RSP: 002b:00007f2a25327f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 217.054263][ T7254] RAX: ffffffffffffffda RBX: 00007f2a24615fa0 RCX: 00007f2a2439e087 [ 217.054284][ T7254] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 217.054303][ T7254] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 217.054322][ T7254] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 217.054341][ T7254] R13: 00007f2a24616038 R14: 00007f2a24615fa0 R15: 00007ffd7fe29458 [ 217.054384][ T7254] [ 217.446440][ T5141] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 222.300485][ T7312] netlink: 330 bytes leftover after parsing attributes in process `syz.0.296'. [ 222.319263][ T7312] mac80211_hwsim hwsim9 ›: renamed from wlan0 (while UP) [ 222.602712][ T7314] FAULT_INJECTION: forcing a failure. [ 222.602712][ T7314] name failslab, interval 1, probability 0, space 0, times 0 [ 222.654379][ T7314] CPU: 1 UID: 0 PID: 7314 Comm: syz.3.297 Tainted: G L syzkaller #0 PREEMPT(full) [ 222.654436][ T7314] Tainted: [L]=SOFTLOCKUP [ 222.654463][ T7314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 222.654482][ T7314] Call Trace: [ 222.654494][ T7314] [ 222.654506][ T7314] dump_stack_lvl+0x100/0x190 [ 222.654567][ T7314] should_fail_ex.cold+0x5/0xa [ 222.654608][ T7314] ? lsm_blob_alloc+0x68/0x90 [ 222.654639][ T7314] should_failslab+0xc2/0x120 [ 222.654672][ T7314] __kmalloc_noprof+0xe0/0x850 [ 222.654719][ T7314] ? trace_kmalloc+0xe3/0x110 [ 222.654758][ T7314] lsm_blob_alloc+0x68/0x90 [ 222.654792][ T7314] security_sk_alloc+0x2d/0x290 [ 222.654835][ T7314] sk_prot_alloc+0x12a/0x2a0 [ 222.654881][ T7314] sk_alloc+0x36/0xe80 [ 222.654933][ T7314] __netlink_create+0x5e/0x2c0 [ 222.654986][ T7314] ? __wake_up+0x3f/0x60 [ 222.655033][ T7314] netlink_create+0x298/0x610 [ 222.655065][ T7314] ? __pfx_genl_bind+0x10/0x10 [ 222.655105][ T7314] ? __pfx_genl_unbind+0x10/0x10 [ 222.655145][ T7314] ? __pfx_genl_release+0x10/0x10 [ 222.655191][ T7314] __sock_create+0x339/0x860 [ 222.655239][ T7314] __sys_socket+0x14d/0x260 [ 222.655281][ T7314] ? exc_page_fault+0x6f/0xd0 [ 222.655329][ T7314] ? __pfx___sys_socket+0x10/0x10 [ 222.655386][ T7314] __x64_sys_socket+0x72/0xb0 [ 222.655430][ T7314] ? lockdep_hardirqs_on+0x78/0x100 [ 222.655491][ T7314] do_syscall_64+0x10b/0xf80 [ 222.655539][ T7314] ? clear_bhb_loop+0x40/0x90 [ 222.655581][ T7314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.655616][ T7314] RIP: 0033:0x7f9a1959e087 [ 222.655643][ T7314] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 222.655674][ T7314] RSP: 002b:00007f9a1a470f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 222.655705][ T7314] RAX: ffffffffffffffda RBX: 00007f9a19815fa0 RCX: 00007f9a1959e087 [ 222.655725][ T7314] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 222.655742][ T7314] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 222.655761][ T7314] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 222.655780][ T7314] R13: 00007f9a19816038 R14: 00007f9a19815fa0 R15: 00007ffecc4a04d8 [ 222.655817][ T7314] [ 223.556525][ T7322] FAULT_INJECTION: forcing a failure. [ 223.556525][ T7322] name failslab, interval 1, probability 0, space 0, times 0 [ 223.573744][ T7322] CPU: 1 UID: 0 PID: 7322 Comm: syz.0.308 Tainted: G L syzkaller #0 PREEMPT(full) [ 223.573797][ T7322] Tainted: [L]=SOFTLOCKUP [ 223.573808][ T7322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 223.573828][ T7322] Call Trace: [ 223.573838][ T7322] [ 223.573851][ T7322] dump_stack_lvl+0x100/0x190 [ 223.573888][ T7322] should_fail_ex.cold+0x5/0xa [ 223.573932][ T7322] should_failslab+0xc2/0x120 [ 223.573966][ T7322] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 223.574014][ T7322] ? security_file_alloc+0x34/0x2c0 [ 223.574076][ T7322] ? trace_kmem_cache_alloc+0xd5/0x100 [ 223.574119][ T7322] security_file_alloc+0x34/0x2c0 [ 223.574171][ T7322] init_file+0x95/0x480 [ 223.574210][ T7322] alloc_empty_file+0x79/0x1c0 [ 223.574260][ T7322] alloc_file_pseudo+0x13a/0x230 [ 223.574305][ T7322] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 223.574348][ T7322] ? alloc_fd+0x476/0x790 [ 223.574387][ T7322] sock_alloc_file+0x50/0x210 [ 223.574424][ T7322] __sys_socket+0x1c0/0x260 [ 223.574467][ T7322] ? exc_page_fault+0x6f/0xd0 [ 223.574514][ T7322] ? __pfx___sys_socket+0x10/0x10 [ 223.574572][ T7322] __x64_sys_socket+0x72/0xb0 [ 223.574617][ T7322] ? lockdep_hardirqs_on+0x78/0x100 [ 223.574665][ T7322] do_syscall_64+0x10b/0xf80 [ 223.574726][ T7322] ? clear_bhb_loop+0x40/0x90 [ 223.574769][ T7322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.574805][ T7322] RIP: 0033:0x7ff34099e087 [ 223.574832][ T7322] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 223.574864][ T7322] RSP: 002b:00007ff3418cef98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 223.574896][ T7322] RAX: ffffffffffffffda RBX: 00007ff340c15fa0 RCX: 00007ff34099e087 [ 223.574918][ T7322] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 223.574943][ T7322] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 223.574961][ T7322] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 223.574987][ T7322] R13: 00007ff340c16038 R14: 00007ff340c15fa0 R15: 00007ffda5b8def8 [ 223.575028][ T7322] [ 224.887119][ T7340] random: crng reseeded on system resumption [ 227.184561][ T7361] ubi0: attaching mtd0 [ 227.212530][ T7361] ubi0: scanning is finished [ 227.217748][ T7361] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 227.409532][ T7361] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 227.809453][ T7369] FAULT_INJECTION: forcing a failure. [ 227.809453][ T7369] name failslab, interval 1, probability 0, space 0, times 0 [ 227.839723][ T7369] CPU: 1 UID: 0 PID: 7369 Comm: syz.3.313 Tainted: G L syzkaller #0 PREEMPT(full) [ 227.839777][ T7369] Tainted: [L]=SOFTLOCKUP [ 227.839790][ T7369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 227.839811][ T7369] Call Trace: [ 227.839822][ T7369] [ 227.839836][ T7369] dump_stack_lvl+0x100/0x190 [ 227.839878][ T7369] should_fail_ex.cold+0x5/0xa [ 227.839921][ T7369] ? sk_prot_alloc+0x10b/0x2a0 [ 227.839965][ T7369] should_failslab+0xc2/0x120 [ 227.840005][ T7369] __kmalloc_noprof+0xe0/0x850 [ 227.840062][ T7369] sk_prot_alloc+0x10b/0x2a0 [ 227.840105][ T7369] sk_alloc+0x36/0xe80 [ 227.840158][ T7369] __netlink_create+0x5e/0x2c0 [ 227.840210][ T7369] ? __wake_up+0x3f/0x60 [ 227.840259][ T7369] netlink_create+0x298/0x610 [ 227.840293][ T7369] ? __pfx_genl_bind+0x10/0x10 [ 227.840340][ T7369] ? __pfx_genl_unbind+0x10/0x10 [ 227.840380][ T7369] ? __pfx_genl_release+0x10/0x10 [ 227.840430][ T7369] __sock_create+0x339/0x860 [ 227.840480][ T7369] __sys_socket+0x14d/0x260 [ 227.840522][ T7369] ? exc_page_fault+0x6f/0xd0 [ 227.840568][ T7369] ? __pfx___sys_socket+0x10/0x10 [ 227.840625][ T7369] __x64_sys_socket+0x72/0xb0 [ 227.840667][ T7369] ? lockdep_hardirqs_on+0x78/0x100 [ 227.840716][ T7369] do_syscall_64+0x10b/0xf80 [ 227.840763][ T7369] ? clear_bhb_loop+0x40/0x90 [ 227.840805][ T7369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.840840][ T7369] RIP: 0033:0x7f9a1959e087 [ 227.840868][ T7369] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 227.840901][ T7369] RSP: 002b:00007f9a1a470f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 227.840934][ T7369] RAX: ffffffffffffffda RBX: 00007f9a19815fa0 RCX: 00007f9a1959e087 [ 227.840954][ T7369] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 227.840973][ T7369] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 227.840999][ T7369] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 227.841019][ T7369] R13: 00007f9a19816038 R14: 00007f9a19815fa0 R15: 00007ffecc4a04d8 [ 227.841060][ T7369] [ 229.021706][ T7381] random: crng reseeded on system resumption [ 230.563042][ T7397] netlink: 4 bytes leftover after parsing attributes in process `syz.3.318'. [ 231.230156][ T7416] FAULT_INJECTION: forcing a failure. [ 231.230156][ T7416] name failslab, interval 1, probability 0, space 0, times 0 [ 231.276309][ T7416] CPU: 0 UID: 0 PID: 7416 Comm: syz.0.323 Tainted: G L syzkaller #0 PREEMPT(full) [ 231.276361][ T7416] Tainted: [L]=SOFTLOCKUP [ 231.276373][ T7416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 231.276392][ T7416] Call Trace: [ 231.276402][ T7416] [ 231.276414][ T7416] dump_stack_lvl+0x100/0x190 [ 231.276455][ T7416] should_fail_ex.cold+0x5/0xa [ 231.276500][ T7416] should_failslab+0xc2/0x120 [ 231.276534][ T7416] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 231.276582][ T7416] ? alloc_empty_file+0x5b/0x1c0 [ 231.276632][ T7416] alloc_empty_file+0x5b/0x1c0 [ 231.276674][ T7416] alloc_file_pseudo+0x13a/0x230 [ 231.276724][ T7416] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 231.276775][ T7416] ? alloc_fd+0x476/0x790 [ 231.276813][ T7416] sock_alloc_file+0x50/0x210 [ 231.276849][ T7416] __sys_socket+0x1c0/0x260 [ 231.276892][ T7416] ? exc_page_fault+0x6f/0xd0 [ 231.276938][ T7416] ? __pfx___sys_socket+0x10/0x10 [ 231.276997][ T7416] __x64_sys_socket+0x72/0xb0 [ 231.277040][ T7416] ? lockdep_hardirqs_on+0x78/0x100 [ 231.277088][ T7416] do_syscall_64+0x10b/0xf80 [ 231.277135][ T7416] ? clear_bhb_loop+0x40/0x90 [ 231.277192][ T7416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.277228][ T7416] RIP: 0033:0x7ff34099e087 [ 231.277255][ T7416] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 231.277288][ T7416] RSP: 002b:00007ff3418cef98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 231.277321][ T7416] RAX: ffffffffffffffda RBX: 00007ff340c15fa0 RCX: 00007ff34099e087 [ 231.277343][ T7416] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 231.277362][ T7416] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 231.277382][ T7416] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 231.277402][ T7416] R13: 00007ff340c16038 R14: 00007ff340c15fa0 R15: 00007ffda5b8def8 [ 231.277445][ T7416] [ 234.983955][ T5141] Bluetooth: hci3: unexpected event 0x10 length: 11 > 1 [ 234.990414][ T5832] Bluetooth: hci3: hardware error 0x00 [ 235.578091][ T7458] ubi0: attaching mtd0 [ 235.597924][ T7458] ubi0: scanning is finished [ 235.614363][ T7458] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 235.812118][ T7466] FAULT_INJECTION: forcing a failure. [ 235.812118][ T7466] name failslab, interval 1, probability 0, space 0, times 0 [ 235.843866][ T7466] CPU: 1 UID: 0 PID: 7466 Comm: syz.1.335 Tainted: G L syzkaller #0 PREEMPT(full) [ 235.843932][ T7466] Tainted: [L]=SOFTLOCKUP [ 235.843944][ T7466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 235.843972][ T7466] Call Trace: [ 235.843982][ T7466] [ 235.844020][ T7466] dump_stack_lvl+0x100/0x190 [ 235.844060][ T7466] should_fail_ex.cold+0x5/0xa [ 235.844103][ T7466] should_failslab+0xc2/0x120 [ 235.844137][ T7466] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 235.844184][ T7466] ? security_file_alloc+0x34/0x2c0 [ 235.844234][ T7466] ? trace_kmem_cache_alloc+0xd5/0x100 [ 235.844303][ T7466] security_file_alloc+0x34/0x2c0 [ 235.844367][ T7466] init_file+0x95/0x480 [ 235.844418][ T7466] alloc_empty_file+0x79/0x1c0 [ 235.844469][ T7466] alloc_file_pseudo+0x13a/0x230 [ 235.844513][ T7466] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 235.844554][ T7466] ? alloc_fd+0x476/0x790 [ 235.844591][ T7466] sock_alloc_file+0x50/0x210 [ 235.844628][ T7466] __sys_socket+0x1c0/0x260 [ 235.844671][ T7466] ? exc_page_fault+0x6f/0xd0 [ 235.844718][ T7466] ? __pfx___sys_socket+0x10/0x10 [ 235.844775][ T7466] __x64_sys_socket+0x72/0xb0 [ 235.844817][ T7466] ? lockdep_hardirqs_on+0x78/0x100 [ 235.844864][ T7466] do_syscall_64+0x10b/0xf80 [ 235.844912][ T7466] ? clear_bhb_loop+0x40/0x90 [ 235.844954][ T7466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.844989][ T7466] RIP: 0033:0x7f31f3b9e087 [ 235.845017][ T7466] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 235.845049][ T7466] RSP: 002b:00007f31f4b1ef98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 235.845080][ T7466] RAX: ffffffffffffffda RBX: 00007f31f3e15fa0 RCX: 00007f31f3b9e087 [ 235.845101][ T7466] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 235.845119][ T7466] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 235.845138][ T7466] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 235.845158][ T7466] R13: 00007f31f3e16038 R14: 00007f31f3e15fa0 R15: 00007ffe62abf118 [ 235.845199][ T7466] [ 236.299055][ T7458] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 237.037730][ T5832] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 239.968440][ T7518] random: crng reseeded on system resumption [ 240.860950][ T7532] random: crng reseeded on system resumption [ 241.161698][ T7538] random: crng reseeded on system resumption [ 241.848828][ T7555] random: crng reseeded on system resumption [ 242.300444][ T7560] random: crng reseeded on system resumption [ 243.044989][ T7573] random: crng reseeded on system resumption [ 243.164166][ T7575] random: crng reseeded on system resumption [ 243.844469][ T7585] random: crng reseeded on system resumption [ 244.103970][ T7593] random: crng reseeded on system resumption [ 244.205644][ T7597] random: crng reseeded on system resumption [ 245.030028][ T7612] random: crng reseeded on system resumption [ 245.752086][ T7623] netlink: 28 bytes leftover after parsing attributes in process `syz.2.379'. [ 246.247719][ T7625] random: crng reseeded on system resumption [ 246.662380][ T7630] random: crng reseeded on system resumption [ 247.583901][ T7643] random: crng reseeded on system resumption [ 247.832783][ T30] audit: type=1804 audit(1776342059.209:5): pid=7649 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.384" name="/newroot/sys/kernel/debug/tracing/saved_tgids" dev="tracefs" ino=4046 res=1 errno=0 [ 248.943372][ T7662] netlink: 28 bytes leftover after parsing attributes in process `syz.0.390'. [ 249.153198][ T7660] random: crng reseeded on system resumption [ 249.342373][ T7669] netlink: 4 bytes leftover after parsing attributes in process `syz.1.393'. [ 249.412448][ T7669] netlink: 354 bytes leftover after parsing attributes in process `syz.1.393'. [ 250.391170][ T7682] netlink: 4 bytes leftover after parsing attributes in process `syz.1.397'. [ 251.524243][ T7699] random: crng reseeded on system resumption [ 251.978607][ T7707] netlink: 20 bytes leftover after parsing attributes in process `syz.1.404'. [ 252.035033][ T7708] netlink: 8 bytes leftover after parsing attributes in process `syz.2.403'. [ 253.083120][ T7725] netlink: 4 bytes leftover after parsing attributes in process `syz.0.408'. [ 253.615683][ T7731] random: crng reseeded on system resumption [ 255.343063][ T7762] netlink: 4 bytes leftover after parsing attributes in process `syz.3.419'. [ 256.154499][ T7772] random: crng reseeded on system resumption [ 256.324263][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.334975][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.977178][ T7783] netlink: 342 bytes leftover after parsing attributes in process `syz.3.425'. [ 257.326216][ T7793] FAULT_INJECTION: forcing a failure. [ 257.326216][ T7793] name failslab, interval 1, probability 0, space 0, times 0 [ 257.350345][ T7793] CPU: 1 UID: 0 PID: 7793 Comm: syz.1.427 Tainted: G L syzkaller #0 PREEMPT(full) [ 257.350396][ T7793] Tainted: [L]=SOFTLOCKUP [ 257.350407][ T7793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 257.350441][ T7793] Call Trace: [ 257.350452][ T7793] [ 257.350465][ T7793] dump_stack_lvl+0x100/0x190 [ 257.350509][ T7793] should_fail_ex.cold+0x5/0xa [ 257.350553][ T7793] should_failslab+0xc2/0x120 [ 257.350587][ T7793] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 257.350636][ T7793] ? security_file_alloc+0x34/0x2c0 [ 257.350688][ T7793] ? trace_kmem_cache_alloc+0xd5/0x100 [ 257.350731][ T7793] security_file_alloc+0x34/0x2c0 [ 257.350790][ T7793] init_file+0x95/0x480 [ 257.350830][ T7793] alloc_empty_file+0x79/0x1c0 [ 257.350873][ T7793] alloc_file_pseudo+0x13a/0x230 [ 257.350917][ T7793] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 257.350960][ T7793] ? alloc_fd+0x476/0x790 [ 257.350999][ T7793] sock_alloc_file+0x50/0x210 [ 257.351036][ T7793] __sys_socket+0x1c0/0x260 [ 257.351079][ T7793] ? exc_page_fault+0x6f/0xd0 [ 257.351126][ T7793] ? __pfx___sys_socket+0x10/0x10 [ 257.351183][ T7793] __x64_sys_socket+0x72/0xb0 [ 257.351227][ T7793] ? lockdep_hardirqs_on+0x78/0x100 [ 257.351275][ T7793] do_syscall_64+0x10b/0xf80 [ 257.351321][ T7793] ? clear_bhb_loop+0x40/0x90 [ 257.351362][ T7793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.351396][ T7793] RIP: 0033:0x7f31f3b9e087 [ 257.351438][ T7793] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 257.351472][ T7793] RSP: 002b:00007f31f4b1ef98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 257.351506][ T7793] RAX: ffffffffffffffda RBX: 00007f31f3e15fa0 RCX: 00007f31f3b9e087 [ 257.351527][ T7793] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 257.351546][ T7793] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 257.351565][ T7793] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 257.351584][ T7793] R13: 00007f31f3e16038 R14: 00007f31f3e15fa0 R15: 00007ffe62abf118 [ 257.351626][ T7793] [ 258.612274][ T7809] netlink: 330 bytes leftover after parsing attributes in process `syz.3.431'. [ 258.688627][ T7809] mac80211_hwsim hwsim7 ›: renamed from wlan0 (while UP) [ 259.165755][ T7813] random: crng reseeded on system resumption [ 259.730155][ T7821] random: crng reseeded on system resumption [ 260.647622][ T7842] FAULT_INJECTION: forcing a failure. [ 260.647622][ T7842] name failslab, interval 1, probability 0, space 0, times 0 [ 260.665358][ T7842] CPU: 1 UID: 0 PID: 7842 Comm: syz.1.441 Tainted: G L syzkaller #0 PREEMPT(full) [ 260.665407][ T7842] Tainted: [L]=SOFTLOCKUP [ 260.665417][ T7842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 260.665435][ T7842] Call Trace: [ 260.665445][ T7842] [ 260.665456][ T7842] dump_stack_lvl+0x100/0x190 [ 260.665498][ T7842] should_fail_ex.cold+0x5/0xa [ 260.665541][ T7842] should_failslab+0xc2/0x120 [ 260.665573][ T7842] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 260.665619][ T7842] ? security_file_alloc+0x34/0x2c0 [ 260.665668][ T7842] ? trace_kmem_cache_alloc+0xd5/0x100 [ 260.665708][ T7842] security_file_alloc+0x34/0x2c0 [ 260.665759][ T7842] init_file+0x95/0x480 [ 260.665799][ T7842] alloc_empty_file+0x79/0x1c0 [ 260.665842][ T7842] alloc_file_pseudo+0x13a/0x230 [ 260.665892][ T7842] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 260.665935][ T7842] ? alloc_fd+0x476/0x790 [ 260.665973][ T7842] sock_alloc_file+0x50/0x210 [ 260.666010][ T7842] __sys_socket+0x1c0/0x260 [ 260.666054][ T7842] ? exc_page_fault+0x6f/0xd0 [ 260.666101][ T7842] ? __pfx___sys_socket+0x10/0x10 [ 260.666158][ T7842] __x64_sys_socket+0x72/0xb0 [ 260.666203][ T7842] ? lockdep_hardirqs_on+0x78/0x100 [ 260.666252][ T7842] do_syscall_64+0x10b/0xf80 [ 260.666309][ T7842] ? clear_bhb_loop+0x40/0x90 [ 260.666350][ T7842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.666385][ T7842] RIP: 0033:0x7f31f3b9e087 [ 260.666414][ T7842] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 260.666447][ T7842] RSP: 002b:00007f31f4b1ef98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 260.666481][ T7842] RAX: ffffffffffffffda RBX: 00007f31f3e15fa0 RCX: 00007f31f3b9e087 [ 260.666503][ T7842] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 260.666522][ T7842] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 260.666542][ T7842] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 260.666560][ T7842] R13: 00007f31f3e16038 R14: 00007f31f3e15fa0 R15: 00007ffe62abf118 [ 260.666603][ T7842] [ 260.913302][ T7840] FAULT_INJECTION: forcing a failure. [ 260.913302][ T7840] name failslab, interval 1, probability 0, space 0, times 0 [ 260.927053][ T7840] CPU: 1 UID: 0 PID: 7840 Comm: syz.2.440 Tainted: G L syzkaller #0 PREEMPT(full) [ 260.927106][ T7840] Tainted: [L]=SOFTLOCKUP [ 260.927119][ T7840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 260.927138][ T7840] Call Trace: [ 260.927151][ T7840] [ 260.927164][ T7840] dump_stack_lvl+0x100/0x190 [ 260.927206][ T7840] should_fail_ex.cold+0x5/0xa [ 260.927250][ T7840] should_failslab+0xc2/0x120 [ 260.927283][ T7840] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 260.927338][ T7840] ? security_file_alloc+0x34/0x2c0 [ 260.927388][ T7840] ? trace_kmem_cache_alloc+0xd5/0x100 [ 260.927430][ T7840] security_file_alloc+0x34/0x2c0 [ 260.927479][ T7840] init_file+0x95/0x480 [ 260.927517][ T7840] alloc_empty_file+0x79/0x1c0 [ 260.927559][ T7840] alloc_file_pseudo+0x13a/0x230 [ 260.927602][ T7840] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 260.927643][ T7840] ? alloc_fd+0x476/0x790 [ 260.927681][ T7840] sock_alloc_file+0x50/0x210 [ 260.927717][ T7840] __sys_socket+0x1c0/0x260 [ 260.927760][ T7840] ? exc_page_fault+0x6f/0xd0 [ 260.927807][ T7840] ? __pfx___sys_socket+0x10/0x10 [ 260.927864][ T7840] __x64_sys_socket+0x72/0xb0 [ 260.927906][ T7840] ? lockdep_hardirqs_on+0x78/0x100 [ 260.927955][ T7840] do_syscall_64+0x10b/0xf80 [ 260.928003][ T7840] ? clear_bhb_loop+0x40/0x90 [ 260.928044][ T7840] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.928078][ T7840] RIP: 0033:0x7f2a2439e087 [ 260.928108][ T7840] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 260.928140][ T7840] RSP: 002b:00007f2a25327f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 260.928172][ T7840] RAX: ffffffffffffffda RBX: 00007f2a24615fa0 RCX: 00007f2a2439e087 [ 260.928194][ T7840] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 260.928215][ T7840] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 260.928234][ T7840] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 260.928253][ T7840] R13: 00007f2a24616038 R14: 00007f2a24615fa0 R15: 00007ffd7fe29458 [ 260.928305][ T7840] [ 263.585077][ T7868] random: crng reseeded on system resumption [ 264.648673][ T7885] FAULT_INJECTION: forcing a failure. [ 264.648673][ T7885] name failslab, interval 1, probability 0, space 0, times 0 [ 264.675212][ T7882] futex_wake_op: syz.1.451 tries to shift op by -2048; fix this program [ 264.710526][ T7882] 0x000000000001-0x000000020000 : "" [ 264.723237][ T7885] CPU: 1 UID: 0 PID: 7885 Comm: syz.2.452 Tainted: G L syzkaller #0 PREEMPT(full) [ 264.723292][ T7885] Tainted: [L]=SOFTLOCKUP [ 264.723316][ T7885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 264.723336][ T7885] Call Trace: [ 264.723347][ T7885] [ 264.723359][ T7885] dump_stack_lvl+0x100/0x190 [ 264.723401][ T7885] should_fail_ex.cold+0x5/0xa [ 264.723450][ T7885] should_failslab+0xc2/0x120 [ 264.723484][ T7885] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 264.723533][ T7885] ? security_file_alloc+0x34/0x2c0 [ 264.723583][ T7885] ? trace_kmem_cache_alloc+0xd5/0x100 [ 264.723625][ T7885] security_file_alloc+0x34/0x2c0 [ 264.723677][ T7885] init_file+0x95/0x480 [ 264.723716][ T7885] alloc_empty_file+0x79/0x1c0 [ 264.723758][ T7885] alloc_file_pseudo+0x13a/0x230 [ 264.723802][ T7885] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 264.723844][ T7885] ? alloc_fd+0x476/0x790 [ 264.723882][ T7885] sock_alloc_file+0x50/0x210 [ 264.723919][ T7885] __sys_socket+0x1c0/0x260 [ 264.723963][ T7885] ? exc_page_fault+0x6f/0xd0 [ 264.724011][ T7885] ? __pfx___sys_socket+0x10/0x10 [ 264.724068][ T7885] __x64_sys_socket+0x72/0xb0 [ 264.724112][ T7885] ? lockdep_hardirqs_on+0x78/0x100 [ 264.724159][ T7885] do_syscall_64+0x10b/0xf80 [ 264.724206][ T7885] ? clear_bhb_loop+0x40/0x90 [ 264.724249][ T7885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.724283][ T7885] RIP: 0033:0x7f2a2439e087 [ 264.724318][ T7885] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 264.724374][ T7885] RSP: 002b:00007f2a25327f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 264.724406][ T7885] RAX: ffffffffffffffda RBX: 00007f2a24615fa0 RCX: 00007f2a2439e087 [ 264.724427][ T7885] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 264.724447][ T7885] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 264.724465][ T7885] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 264.724483][ T7885] R13: 00007f2a24616038 R14: 00007f2a24615fa0 R15: 00007ffd7fe29458 [ 264.724523][ T7885] [ 265.002947][ T7888] netlink: 350 bytes leftover after parsing attributes in process `syz.0.453'. [ 265.030668][ T7882] ftl_cs: FTL header corrupt! [ 268.262308][ T7921] random: crng reseeded on system resumption [ 269.690781][ T7940] netlink: 28 bytes leftover after parsing attributes in process `syz.3.463'. [ 270.161438][ T7942] FAULT_INJECTION: forcing a failure. [ 270.161438][ T7942] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 270.233001][ T7942] CPU: 0 UID: 0 PID: 7942 Comm: syz.1.464 Tainted: G L syzkaller #0 PREEMPT(full) [ 270.233056][ T7942] Tainted: [L]=SOFTLOCKUP [ 270.233069][ T7942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 270.233089][ T7942] Call Trace: [ 270.233100][ T7942] [ 270.233114][ T7942] dump_stack_lvl+0x100/0x190 [ 270.233158][ T7942] should_fail_ex.cold+0x5/0xa [ 270.233205][ T7942] _copy_to_user+0x32/0xd0 [ 270.233257][ T7942] snd_pcm_oss_read2+0x294/0x400 [ 270.233309][ T7942] ? __pfx_snd_pcm_oss_read2+0x10/0x10 [ 270.233359][ T7942] ? snd_pcm_kernel_ioctl+0x14a/0x2e0 [ 270.233426][ T7942] snd_pcm_oss_read+0x5aa/0x730 [ 270.233480][ T7942] ? __pfx_snd_pcm_oss_read+0x10/0x10 [ 270.233530][ T7942] vfs_read+0x1e4/0xb30 [ 270.233589][ T7942] ? __pfx_vfs_read+0x10/0x10 [ 270.233642][ T7942] ? find_held_lock+0x2b/0x80 [ 270.233809][ T7942] ? __fget_files+0x215/0x3d0 [ 270.233865][ T7942] ? __fget_files+0x215/0x3d0 [ 270.233928][ T7942] ? __fget_files+0x21f/0x3d0 [ 270.233993][ T7942] ksys_read+0x12a/0x250 [ 270.234056][ T7942] ? __pfx_ksys_read+0x10/0x10 [ 270.234118][ T7942] ? rcu_is_watching+0x12/0xc0 [ 270.234164][ T7942] do_syscall_64+0x10b/0xf80 [ 270.234216][ T7942] ? clear_bhb_loop+0x40/0x90 [ 270.234261][ T7942] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.234300][ T7942] RIP: 0033:0x7f31f3b9c819 [ 270.234329][ T7942] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 270.234364][ T7942] RSP: 002b:00007f31f4b20028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 270.234398][ T7942] RAX: ffffffffffffffda RBX: 00007f31f3e15fa0 RCX: 00007f31f3b9c819 [ 270.234428][ T7942] RDX: 0000000000008080 RSI: 0000000000000000 RDI: 0000000000000003 [ 270.234448][ T7942] RBP: 00007f31f3c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 270.234476][ T7942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 270.234499][ T7942] R13: 00007f31f3e16038 R14: 00007f31f3e15fa0 R15: 00007ffe62abf118 [ 270.234543][ T7942] [ 271.914098][ T7963] netlink: 350 bytes leftover after parsing attributes in process `syz.2.473'. [ 274.437008][ T8012] FAULT_INJECTION: forcing a failure. [ 274.437008][ T8012] name failslab, interval 1, probability 0, space 0, times 0 [ 274.492611][ T8012] CPU: 1 UID: 0 PID: 8012 Comm: syz.3.487 Tainted: G L syzkaller #0 PREEMPT(full) [ 274.492649][ T8012] Tainted: [L]=SOFTLOCKUP [ 274.492658][ T8012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 274.492671][ T8012] Call Trace: [ 274.492680][ T8012] [ 274.492689][ T8012] dump_stack_lvl+0x100/0x190 [ 274.492718][ T8012] should_fail_ex.cold+0x5/0xa [ 274.492749][ T8012] should_failslab+0xc2/0x120 [ 274.492773][ T8012] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 274.492808][ T8012] ? __d_alloc+0x34/0xa80 [ 274.492832][ T8012] ? lockdep_init_map_type+0x5c/0x250 [ 274.492877][ T8012] __d_alloc+0x34/0xa80 [ 274.492904][ T8012] d_alloc_pseudo+0x1c/0xc0 [ 274.492945][ T8012] alloc_file_pseudo+0xcf/0x230 [ 274.492977][ T8012] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 274.493007][ T8012] ? alloc_fd+0x476/0x790 [ 274.493033][ T8012] sock_alloc_file+0x50/0x210 [ 274.493058][ T8012] __sys_socket+0x1c0/0x260 [ 274.493089][ T8012] ? exc_page_fault+0x6f/0xd0 [ 274.493122][ T8012] ? __pfx___sys_socket+0x10/0x10 [ 274.493162][ T8012] __x64_sys_socket+0x72/0xb0 [ 274.493193][ T8012] ? lockdep_hardirqs_on+0x78/0x100 [ 274.493268][ T8012] do_syscall_64+0x10b/0xf80 [ 274.493331][ T8012] ? clear_bhb_loop+0x40/0x90 [ 274.493362][ T8012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.493387][ T8012] RIP: 0033:0x7f9a1959e087 [ 274.493407][ T8012] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 274.493430][ T8012] RSP: 002b:00007f9a1a470f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 274.493451][ T8012] RAX: ffffffffffffffda RBX: 00007f9a19815fa0 RCX: 00007f9a1959e087 [ 274.493466][ T8012] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 274.493480][ T8012] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 274.493494][ T8012] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 274.493508][ T8012] R13: 00007f9a19816038 R14: 00007f9a19815fa0 R15: 00007ffecc4a04d8 [ 274.493537][ T8012] [ 276.262659][ T30] audit: type=1804 audit(1776342087.539:6): pid=8027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.488" name="/newroot/sys/kernel/tracing/saved_tgids" dev="tracefs" ino=4046 res=1 errno=0 [ 277.282273][ T8037] random: crng reseeded on system resumption [ 277.830922][ T8048] FAULT_INJECTION: forcing a failure. [ 277.830922][ T8048] name failslab, interval 1, probability 0, space 0, times 0 [ 277.875824][ T8048] CPU: 1 UID: 0 PID: 8048 Comm: syz.3.497 Tainted: G L syzkaller #0 PREEMPT(full) [ 277.876215][ T8048] Tainted: [L]=SOFTLOCKUP [ 277.876228][ T8048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 277.876248][ T8048] Call Trace: [ 277.876263][ T8048] [ 277.876276][ T8048] dump_stack_lvl+0x100/0x190 [ 277.876325][ T8048] should_fail_ex.cold+0x5/0xa [ 277.876370][ T8048] ? sk_prot_alloc+0x10b/0x2a0 [ 277.876412][ T8048] should_failslab+0xc2/0x120 [ 277.876446][ T8048] __kmalloc_noprof+0xe0/0x850 [ 277.876507][ T8048] sk_prot_alloc+0x10b/0x2a0 [ 277.876561][ T8048] sk_alloc+0x36/0xe80 [ 277.876625][ T8048] __netlink_create+0x5e/0x2c0 [ 277.876684][ T8048] ? __wake_up+0x3f/0x60 [ 277.876736][ T8048] netlink_create+0x298/0x610 [ 277.876773][ T8048] ? __pfx_genl_bind+0x10/0x10 [ 277.876819][ T8048] ? __pfx_genl_unbind+0x10/0x10 [ 277.876865][ T8048] ? __pfx_genl_release+0x10/0x10 [ 277.876920][ T8048] __sock_create+0x339/0x860 [ 277.876978][ T8048] __sys_socket+0x14d/0x260 [ 277.877027][ T8048] ? exc_page_fault+0x6f/0xd0 [ 277.877093][ T8048] ? __pfx___sys_socket+0x10/0x10 [ 277.877160][ T8048] __x64_sys_socket+0x72/0xb0 [ 277.877210][ T8048] ? lockdep_hardirqs_on+0x78/0x100 [ 277.877266][ T8048] do_syscall_64+0x10b/0xf80 [ 277.877322][ T8048] ? clear_bhb_loop+0x40/0x90 [ 277.877377][ T8048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.877418][ T8048] RIP: 0033:0x7f9a1959e087 [ 277.877451][ T8048] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 277.877488][ T8048] RSP: 002b:00007f9a1a470f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 277.877526][ T8048] RAX: ffffffffffffffda RBX: 00007f9a19815fa0 RCX: 00007f9a1959e087 [ 277.877550][ T8048] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 277.877573][ T8048] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 277.877594][ T8048] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 277.877617][ T8048] R13: 00007f9a19816038 R14: 00007f9a19815fa0 R15: 00007ffecc4a04d8 [ 277.877666][ T8048] [ 279.014611][ T8061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.498'. [ 279.549055][ T8070] random: crng reseeded on system resumption [ 280.359300][ T8079] random: crng reseeded on system resumption [ 281.056971][ T8089] FAULT_INJECTION: forcing a failure. [ 281.056971][ T8089] name failslab, interval 1, probability 0, space 0, times 0 [ 281.086797][ T8089] CPU: 0 UID: 0 PID: 8089 Comm: syz.3.507 Tainted: G L syzkaller #0 PREEMPT(full) [ 281.086847][ T8089] Tainted: [L]=SOFTLOCKUP [ 281.086858][ T8089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 281.086876][ T8089] Call Trace: [ 281.086886][ T8089] [ 281.086897][ T8089] dump_stack_lvl+0x100/0x190 [ 281.086936][ T8089] should_fail_ex.cold+0x5/0xa [ 281.086976][ T8089] ? sk_prot_alloc+0x10b/0x2a0 [ 281.087013][ T8089] should_failslab+0xc2/0x120 [ 281.087045][ T8089] __kmalloc_noprof+0xe0/0x850 [ 281.087099][ T8089] sk_prot_alloc+0x10b/0x2a0 [ 281.087140][ T8089] sk_alloc+0x36/0xe80 [ 281.087191][ T8089] __netlink_create+0x5e/0x2c0 [ 281.087242][ T8089] ? __wake_up+0x3f/0x60 [ 281.087288][ T8089] netlink_create+0x298/0x610 [ 281.087320][ T8089] ? __pfx_genl_bind+0x10/0x10 [ 281.087358][ T8089] ? __pfx_genl_unbind+0x10/0x10 [ 281.087397][ T8089] ? __pfx_genl_release+0x10/0x10 [ 281.087461][ T8089] __sock_create+0x339/0x860 [ 281.087520][ T8089] __sys_socket+0x14d/0x260 [ 281.087562][ T8089] ? exc_page_fault+0x6f/0xd0 [ 281.087607][ T8089] ? __pfx___sys_socket+0x10/0x10 [ 281.087662][ T8089] __x64_sys_socket+0x72/0xb0 [ 281.087704][ T8089] ? lockdep_hardirqs_on+0x78/0x100 [ 281.087756][ T8089] do_syscall_64+0x10b/0xf80 [ 281.087802][ T8089] ? clear_bhb_loop+0x40/0x90 [ 281.087843][ T8089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.087876][ T8089] RIP: 0033:0x7f9a1959e087 [ 281.087903][ T8089] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 281.087932][ T8089] RSP: 002b:00007f9a1a470f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 281.087962][ T8089] RAX: ffffffffffffffda RBX: 00007f9a19815fa0 RCX: 00007f9a1959e087 [ 281.087983][ T8089] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 281.088002][ T8089] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 281.088020][ T8089] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 281.088039][ T8089] R13: 00007f9a19816038 R14: 00007f9a19815fa0 R15: 00007ffecc4a04d8 [ 281.088080][ T8089] [ 281.981783][ T8102] ubi0: attaching mtd0 [ 281.999814][ T8102] ubi0: scanning is finished [ 282.028082][ T8102] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 282.140662][ T8104] netlink: 4 bytes leftover after parsing attributes in process `syz.0.509'. [ 282.284003][ T8106] random: crng reseeded on system resumption [ 282.290829][ T8102] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 283.297302][ T8125] futex_wake_op: syz.3.515 tries to shift op by -2048; fix this program [ 283.300476][ T8133] FAULT_INJECTION: forcing a failure. [ 283.300476][ T8133] name failslab, interval 1, probability 0, space 0, times 0 [ 283.340284][ T8125] 0x000000000001-0x000000020000 : "" [ 283.360999][ T8133] CPU: 1 UID: 0 PID: 8133 Comm: syz.0.519 Tainted: G L syzkaller #0 PREEMPT(full) [ 283.361053][ T8133] Tainted: [L]=SOFTLOCKUP [ 283.361066][ T8133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 283.361085][ T8133] Call Trace: [ 283.361095][ T8133] [ 283.361108][ T8133] dump_stack_lvl+0x100/0x190 [ 283.361150][ T8133] should_fail_ex.cold+0x5/0xa [ 283.361194][ T8133] should_failslab+0xc2/0x120 [ 283.361228][ T8133] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 283.361275][ T8133] ? security_file_alloc+0x34/0x2c0 [ 283.361325][ T8133] ? trace_kmem_cache_alloc+0xd5/0x100 [ 283.361367][ T8133] security_file_alloc+0x34/0x2c0 [ 283.361420][ T8133] init_file+0x95/0x480 [ 283.361460][ T8133] alloc_empty_file+0x79/0x1c0 [ 283.361503][ T8133] alloc_file_pseudo+0x13a/0x230 [ 283.361547][ T8133] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 283.361591][ T8133] ? alloc_fd+0x476/0x790 [ 283.361627][ T8133] sock_alloc_file+0x50/0x210 [ 283.361665][ T8133] __sys_socket+0x1c0/0x260 [ 283.361709][ T8133] ? exc_page_fault+0x6f/0xd0 [ 283.361757][ T8133] ? __pfx___sys_socket+0x10/0x10 [ 283.361816][ T8133] __x64_sys_socket+0x72/0xb0 [ 283.361868][ T8133] ? lockdep_hardirqs_on+0x78/0x100 [ 283.361917][ T8133] do_syscall_64+0x10b/0xf80 [ 283.361965][ T8133] ? clear_bhb_loop+0x40/0x90 [ 283.362008][ T8133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.362042][ T8133] RIP: 0033:0x7ff34099e087 [ 283.362071][ T8133] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 283.362104][ T8133] RSP: 002b:00007ff3418cef98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 283.362136][ T8133] RAX: ffffffffffffffda RBX: 00007ff340c15fa0 RCX: 00007ff34099e087 [ 283.362158][ T8133] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 283.362177][ T8133] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 283.362196][ T8133] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 283.362215][ T8133] R13: 00007ff340c16038 R14: 00007ff340c15fa0 R15: 00007ffda5b8def8 [ 283.362257][ T8133] [ 283.919961][ T8125] ftl_cs: FTL header corrupt! [ 284.818994][ T8151] netlink: 4 bytes leftover after parsing attributes in process `syz.0.520'. [ 285.418196][ T8164] random: crng reseeded on system resumption [ 287.034349][ T8184] FAULT_INJECTION: forcing a failure. [ 287.034349][ T8184] name failslab, interval 1, probability 0, space 0, times 0 [ 287.126655][ T8184] CPU: 1 UID: 0 PID: 8184 Comm: syz.0.531 Tainted: G L syzkaller #0 PREEMPT(full) [ 287.126708][ T8184] Tainted: [L]=SOFTLOCKUP [ 287.126721][ T8184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 287.126740][ T8184] Call Trace: [ 287.126750][ T8184] [ 287.126761][ T8184] dump_stack_lvl+0x100/0x190 [ 287.126804][ T8184] should_fail_ex.cold+0x5/0xa [ 287.126848][ T8184] ? tomoyo_encode2+0xfb/0x3c0 [ 287.126900][ T8184] should_failslab+0xc2/0x120 [ 287.126933][ T8184] __kmalloc_noprof+0xe0/0x850 [ 287.126979][ T8184] ? d_absolute_path+0x136/0x1b0 [ 287.127033][ T8184] tomoyo_encode2+0xfb/0x3c0 [ 287.127093][ T8184] tomoyo_encode+0x29/0x50 [ 287.127144][ T8184] tomoyo_realpath_from_path+0x18c/0x690 [ 287.127217][ T8184] tomoyo_check_open_permission+0x2af/0x3c0 [ 287.127267][ T8184] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 287.127331][ T8184] ? hook_file_open+0x24e/0x7a0 [ 287.127406][ T8184] ? path_get+0x61/0x80 [ 287.127446][ T8184] tomoyo_file_open+0x6b/0x90 [ 287.127484][ T8184] security_file_open+0xb5/0x1e0 [ 287.127535][ T8184] do_dentry_open+0x5aa/0x1660 [ 287.127603][ T8184] ? security_inode_permission+0xbf/0x250 [ 287.127659][ T8184] vfs_open+0x82/0x3f0 [ 287.127705][ T8184] path_openat+0x208c/0x31a0 [ 287.127753][ T8184] ? __pfx_path_openat+0x10/0x10 [ 287.127803][ T8184] do_file_open+0x20e/0x430 [ 287.127840][ T8184] ? __pfx_do_file_open+0x10/0x10 [ 287.127904][ T8184] ? alloc_fd+0x476/0x790 [ 287.127940][ T8184] ? do_getname+0x191/0x390 [ 287.127986][ T8184] do_sys_openat2+0x10d/0x1e0 [ 287.128048][ T8184] ? __pfx_do_sys_openat2+0x10/0x10 [ 287.128108][ T8184] __x64_sys_openat+0x12d/0x210 [ 287.128153][ T8184] ? __pfx___x64_sys_openat+0x10/0x10 [ 287.128207][ T8184] ? rcu_is_watching+0x12/0xc0 [ 287.128251][ T8184] do_syscall_64+0x10b/0xf80 [ 287.128300][ T8184] ? clear_bhb_loop+0x40/0x90 [ 287.128343][ T8184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.128379][ T8184] RIP: 0033:0x7ff34099c819 [ 287.128407][ T8184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 287.128439][ T8184] RSP: 002b:00007ff3418d0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 287.128471][ T8184] RAX: ffffffffffffffda RBX: 00007ff340c15fa0 RCX: 00007ff34099c819 [ 287.128506][ T8184] RDX: 0000000000000001 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 287.128527][ T8184] RBP: 00007ff340a32c91 R08: 0000000000000000 R09: 0000000000000000 [ 287.128553][ T8184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.128574][ T8184] R13: 00007ff340c16038 R14: 00007ff340c15fa0 R15: 00007ffda5b8def8 [ 287.128615][ T8184] [ 287.767450][ T8184] ERROR: Out of memory at tomoyo_realpath_from_path. [ 289.651508][ T8201] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 289.704321][ T8201] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 290.072355][ T8215] random: crng reseeded on system resumption [ 290.885456][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 291.676555][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 294.261534][ T8248] random: crng reseeded on system resumption [ 294.621464][ T8259] netlink: 28 bytes leftover after parsing attributes in process `syz.0.549'. [ 294.835192][ T8262] FAULT_INJECTION: forcing a failure. [ 294.835192][ T8262] name failslab, interval 1, probability 0, space 0, times 0 [ 294.866144][ T8262] CPU: 0 UID: 0 PID: 8262 Comm: syz.1.550 Tainted: G L syzkaller #0 PREEMPT(full) [ 294.866201][ T8262] Tainted: [L]=SOFTLOCKUP [ 294.866214][ T8262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 294.866233][ T8262] Call Trace: [ 294.866244][ T8262] [ 294.866257][ T8262] dump_stack_lvl+0x100/0x190 [ 294.866301][ T8262] should_fail_ex.cold+0x5/0xa [ 294.866343][ T8262] should_failslab+0xc2/0x120 [ 294.866376][ T8262] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 294.866425][ T8262] ? __d_alloc+0x34/0xa80 [ 294.866459][ T8262] ? lockdep_init_map_type+0x5c/0x250 [ 294.866529][ T8262] __d_alloc+0x34/0xa80 [ 294.866573][ T8262] d_alloc_pseudo+0x1c/0xc0 [ 294.866622][ T8262] alloc_file_pseudo+0xcf/0x230 [ 294.866666][ T8262] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 294.866710][ T8262] ? alloc_fd+0x476/0x790 [ 294.866763][ T8262] sock_alloc_file+0x50/0x210 [ 294.866801][ T8262] __sys_socket+0x1c0/0x260 [ 294.866846][ T8262] ? exc_page_fault+0x6f/0xd0 [ 294.866893][ T8262] ? __pfx___sys_socket+0x10/0x10 [ 294.866951][ T8262] __x64_sys_socket+0x72/0xb0 [ 294.866995][ T8262] ? lockdep_hardirqs_on+0x78/0x100 [ 294.867042][ T8262] do_syscall_64+0x10b/0xf80 [ 294.867087][ T8262] ? clear_bhb_loop+0x40/0x90 [ 294.867125][ T8262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 294.867157][ T8262] RIP: 0033:0x7f31f3b9e087 [ 294.867184][ T8262] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 294.867217][ T8262] RSP: 002b:00007f31f4b1ef98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 294.867247][ T8262] RAX: ffffffffffffffda RBX: 00007f31f3e15fa0 RCX: 00007f31f3b9e087 [ 294.867268][ T8262] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 294.867287][ T8262] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 294.867305][ T8262] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 294.867324][ T8262] R13: 00007f31f3e16038 R14: 00007f31f3e15fa0 R15: 00007ffe62abf118 [ 294.867367][ T8262] [ 297.445258][ T8292] random: crng reseeded on system resumption [ 299.940051][ T8307] FAULT_INJECTION: forcing a failure. [ 299.940051][ T8307] name failslab, interval 1, probability 0, space 0, times 0 [ 300.057386][ T8307] CPU: 1 UID: 0 PID: 8307 Comm: syz.0.563 Tainted: G L syzkaller #0 PREEMPT(full) [ 300.057538][ T8307] Tainted: [L]=SOFTLOCKUP [ 300.057571][ T8307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 300.057592][ T8307] Call Trace: [ 300.057603][ T8307] [ 300.057615][ T8307] dump_stack_lvl+0x100/0x190 [ 300.057831][ T8307] should_fail_ex.cold+0x5/0xa [ 300.057896][ T8307] should_failslab+0xc2/0x120 [ 300.057929][ T8307] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 300.057998][ T8307] ? security_file_alloc+0x34/0x2c0 [ 300.058048][ T8307] ? trace_kmem_cache_alloc+0xd5/0x100 [ 300.058090][ T8307] security_file_alloc+0x34/0x2c0 [ 300.058143][ T8307] init_file+0x95/0x480 [ 300.058181][ T8307] alloc_empty_file+0x79/0x1c0 [ 300.058223][ T8307] alloc_file_pseudo+0x13a/0x230 [ 300.058266][ T8307] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 300.058309][ T8307] ? alloc_fd+0x476/0x790 [ 300.058348][ T8307] sock_alloc_file+0x50/0x210 [ 300.058385][ T8307] __sys_socket+0x1c0/0x260 [ 300.058430][ T8307] ? exc_page_fault+0x6f/0xd0 [ 300.058481][ T8307] ? __pfx___sys_socket+0x10/0x10 [ 300.058546][ T8307] __x64_sys_socket+0x72/0xb0 [ 300.058608][ T8307] ? lockdep_hardirqs_on+0x78/0x100 [ 300.058667][ T8307] do_syscall_64+0x10b/0xf80 [ 300.058716][ T8307] ? clear_bhb_loop+0x40/0x90 [ 300.058760][ T8307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.058795][ T8307] RIP: 0033:0x7ff34099e087 [ 300.058823][ T8307] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 300.058855][ T8307] RSP: 002b:00007ff3418cef98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 300.058886][ T8307] RAX: ffffffffffffffda RBX: 00007ff340c15fa0 RCX: 00007ff34099e087 [ 300.058906][ T8307] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 300.058925][ T8307] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 300.058945][ T8307] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 300.058965][ T8307] R13: 00007ff340c16038 R14: 00007ff340c15fa0 R15: 00007ffda5b8def8 [ 300.059009][ T8307] [ 301.874103][ T8322] netlink: 16 bytes leftover after parsing attributes in process `syz.3.567'. [ 301.956750][ T8321] random: crng reseeded on system resumption [ 304.130351][ T8346] FAULT_INJECTION: forcing a failure. [ 304.130351][ T8346] name failslab, interval 1, probability 0, space 0, times 0 [ 304.156591][ T8346] CPU: 1 UID: 0 PID: 8346 Comm: syz.1.574 Tainted: G L syzkaller #0 PREEMPT(full) [ 304.156646][ T8346] Tainted: [L]=SOFTLOCKUP [ 304.156658][ T8346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 304.156679][ T8346] Call Trace: [ 304.156689][ T8346] [ 304.156703][ T8346] dump_stack_lvl+0x100/0x190 [ 304.156754][ T8346] should_fail_ex.cold+0x5/0xa [ 304.156797][ T8346] ? sk_prot_alloc+0x10b/0x2a0 [ 304.156852][ T8346] should_failslab+0xc2/0x120 [ 304.156886][ T8346] __kmalloc_noprof+0xe0/0x850 [ 304.156975][ T8346] sk_prot_alloc+0x10b/0x2a0 [ 304.157034][ T8346] sk_alloc+0x36/0xe80 [ 304.157088][ T8346] __netlink_create+0x5e/0x2c0 [ 304.157142][ T8346] ? __wake_up+0x3f/0x60 [ 304.157192][ T8346] netlink_create+0x298/0x610 [ 304.157226][ T8346] ? __pfx_genl_bind+0x10/0x10 [ 304.157268][ T8346] ? __pfx_genl_unbind+0x10/0x10 [ 304.157317][ T8346] ? __pfx_genl_release+0x10/0x10 [ 304.157373][ T8346] __sock_create+0x339/0x860 [ 304.157424][ T8346] __sys_socket+0x14d/0x260 [ 304.157467][ T8346] ? exc_page_fault+0x6f/0xd0 [ 304.157515][ T8346] ? __pfx___sys_socket+0x10/0x10 [ 304.157573][ T8346] __x64_sys_socket+0x72/0xb0 [ 304.157617][ T8346] ? lockdep_hardirqs_on+0x78/0x100 [ 304.157666][ T8346] do_syscall_64+0x10b/0xf80 [ 304.157712][ T8346] ? clear_bhb_loop+0x40/0x90 [ 304.157754][ T8346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.157789][ T8346] RIP: 0033:0x7f31f3b9e087 [ 304.157818][ T8346] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 304.157851][ T8346] RSP: 002b:00007f31f4b1ef98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 304.157880][ T8346] RAX: ffffffffffffffda RBX: 00007f31f3e15fa0 RCX: 00007f31f3b9e087 [ 304.157899][ T8346] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 304.157916][ T8346] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 304.157934][ T8346] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 304.157951][ T8346] R13: 00007f31f3e16038 R14: 00007f31f3e15fa0 R15: 00007ffe62abf118 [ 304.157987][ T8346] [ 304.786205][ T8351] rnbd_client L213: map_device: Parameters missing [ 305.452951][ T8359] random: crng reseeded on system resumption [ 306.366892][ T8375] ubi0: attaching mtd0 [ 306.391651][ T8375] ubi0: scanning is finished [ 306.418309][ T8375] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 306.615779][ T8375] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 308.392020][ T8399] random: crng reseeded on system resumption [ 310.672701][ T8426] FAULT_INJECTION: forcing a failure. [ 310.672701][ T8426] name failslab, interval 1, probability 0, space 0, times 0 [ 310.698167][ T8426] CPU: 0 UID: 0 PID: 8426 Comm: syz.3.595 Tainted: G L syzkaller #0 PREEMPT(full) [ 310.698218][ T8426] Tainted: [L]=SOFTLOCKUP [ 310.698229][ T8426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 310.698248][ T8426] Call Trace: [ 310.698259][ T8426] [ 310.698272][ T8426] dump_stack_lvl+0x100/0x190 [ 310.698315][ T8426] should_fail_ex.cold+0x5/0xa [ 310.698352][ T8426] should_failslab+0xc2/0x120 [ 310.698399][ T8426] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 310.698440][ T8426] ? security_inode_alloc+0x3b/0x2c0 [ 310.698477][ T8426] ? lockdep_init_map_type+0x5c/0x250 [ 310.698546][ T8426] security_inode_alloc+0x3b/0x2c0 [ 310.698595][ T8426] inode_init_always_gfp+0xcc0/0x1000 [ 310.698650][ T8426] alloc_inode+0x8e/0x250 [ 310.698688][ T8426] path_from_stashed+0x25b/0x750 [ 310.698719][ T8426] ? do_raw_spin_unlock+0x145/0x1e0 [ 310.698755][ T8426] ns_get_path+0x60/0x80 [ 310.698784][ T8426] proc_ns_get_link+0x121/0x230 [ 310.698828][ T8426] ? __pfx_proc_ns_get_link+0x10/0x10 [ 310.698873][ T8426] ? atime_needs_update+0x8b/0x6b0 [ 310.698915][ T8426] pick_link+0xd17/0x13c0 [ 310.698954][ T8426] ? __pfx_proc_ns_get_link+0x10/0x10 [ 310.699000][ T8426] step_into_slowpath+0x9ba/0xf90 [ 310.699049][ T8426] ? __pfx_step_into_slowpath+0x10/0x10 [ 310.699089][ T8426] ? find_held_lock+0x2b/0x80 [ 310.699144][ T8426] path_openat+0xf95/0x31a0 [ 310.699186][ T8426] ? __pfx_path_openat+0x10/0x10 [ 310.699226][ T8426] do_file_open+0x20e/0x430 [ 310.699256][ T8426] ? __pfx_do_file_open+0x10/0x10 [ 310.699307][ T8426] ? alloc_fd+0x476/0x790 [ 310.699336][ T8426] ? do_getname+0x191/0x390 [ 310.699372][ T8426] do_sys_openat2+0x10d/0x1e0 [ 310.699409][ T8426] ? __pfx_do_sys_openat2+0x10/0x10 [ 310.699447][ T8426] ? __fget_files+0x21f/0x3d0 [ 310.699498][ T8426] __x64_sys_openat+0x12d/0x210 [ 310.699535][ T8426] ? __pfx___x64_sys_openat+0x10/0x10 [ 310.699584][ T8426] ? rcu_is_watching+0x12/0xc0 [ 310.699620][ T8426] do_syscall_64+0x10b/0xf80 [ 310.699661][ T8426] ? clear_bhb_loop+0x40/0x90 [ 310.699696][ T8426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.699726][ T8426] RIP: 0033:0x7f9a1955d04e [ 310.699751][ T8426] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 310.699785][ T8426] RSP: 002b:00007f9a1a471ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 310.699814][ T8426] RAX: ffffffffffffffda RBX: 00007f9a1a4726c0 RCX: 00007f9a1955d04e [ 310.699834][ T8426] RDX: 0000000000000002 RSI: 00007f9a1a471f90 RDI: ffffffffffffff9c [ 310.699852][ T8426] RBP: 00007f9a19632c91 R08: 0000000000000000 R09: 0000000000000000 [ 310.699869][ T8426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 310.699886][ T8426] R13: 00007f9a19816038 R14: 00007f9a19815fa0 R15: 00007ffecc4a04d8 [ 310.699922][ T8426] [ 311.690317][ T8432] netlink: 330 bytes leftover after parsing attributes in process `syz.1.596'. [ 311.860690][ T8434] random: crng reseeded on system resumption [ 311.907959][ T8432] mac80211_hwsim hwsim2 ›: renamed from wlan0 (while UP) [ 314.343537][ T8476] random: crng reseeded on system resumption [ 317.763060][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.771970][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.580833][ T8538] netlink: 8 bytes leftover after parsing attributes in process `syz.0.622'. [ 319.753626][ T8554] netlink: 16 bytes leftover after parsing attributes in process `syz.3.627'. [ 319.799372][ T8554] mac80211_hwsim hwsim8 wlan1: entered promiscuous mode [ 319.844537][ T8554] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode [ 322.329957][ T8589] netlink: 16 bytes leftover after parsing attributes in process `syz.1.634'. [ 323.800083][ T8612] netlink: 330 bytes leftover after parsing attributes in process `syz.2.639'. [ 324.514588][ T8621] random: crng reseeded on system resumption [ 327.825065][ T8667] random: crng reseeded on system resumption [ 331.490951][ T8726] random: crng reseeded on system resumption [ 334.328496][ T8755] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 334.380962][ T8755] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 336.157177][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 336.397771][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 337.963867][ T8813] random: crng reseeded on system resumption [ 338.439313][ T8823] netlink: 4 bytes leftover after parsing attributes in process `syz.1.693'. [ 340.197832][ T8848] random: crng reseeded on system resumption [ 340.225539][ T8854] netlink: 'syz.0.703': attribute type 1 has an invalid length. [ 340.267932][ T8854] netlink: 9 bytes leftover after parsing attributes in process `syz.0.703'. [ 345.386529][ T8902] random: crng reseeded on system resumption [ 347.843893][ T8882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807c0bcc01 pfn:0x7c0bd [ 347.967699][ T8882] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 348.048571][ T8882] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 348.087016][ T8882] page_type: f5(slab) [ 348.139981][ T8882] raw: 00fff00000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff [ 348.213769][ T8882] raw: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 348.320095][ T8882] head: 00fff00000000240 ffff88813fe5dc80 ffff88813fe5cc48 ffff88813fe5cc48 [ 348.414294][ T8882] head: ffff88807c0bcc00 0000000800100006 00000000f5000000 0000000000000000 [ 348.520809][ T8882] head: 00fff00000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff [ 348.582072][ T8882] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 348.640455][ T8882] page dumped because: VM_BUG_ON_PAGE(page->compound_info & 1) [ 348.674855][ T8882] page_owner tracks the page as allocated [ 348.692335][ T8882] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 8936, tgid 8936 (dhcpcd-run-hook), ts 347824352978, free_ts 339462283051 [ 348.773069][ T8882] post_alloc_hook+0x153/0x170 [ 348.810762][ T8882] get_page_from_freelist+0x11a6/0x33b0 [ 348.845696][ T8882] __alloc_frozen_pages_noprof+0x27c/0x2bc0 [ 348.897637][ T8882] new_slab+0xa6/0x6c0 [ 348.908268][ T8882] refill_objects+0x277/0x420 [ 348.931830][ T8882] __prefill_sheaf_pfmemalloc+0x5f/0xb0 [ 348.957586][ T8882] kmem_cache_prefill_sheaf+0x1ba/0x4b0 [ 348.989296][ T8882] mas_dup_alloc.isra.0+0x863/0xbd0 [ 349.015329][ T8882] __mt_dup+0x636/0xc40 [ 349.045291][ T8882] dup_mmap+0x3d0/0x2180 [ 349.059561][ T8882] copy_process+0x6f6c/0x7f50 [ 349.072398][ T8882] kernel_clone+0x12e/0x9c0 [ 349.098062][ T8882] __do_sys_clone+0xd9/0x120 [ 349.113247][ T8882] do_syscall_64+0x10b/0xf80 [ 349.150360][ T8882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.174015][ T8882] page last free pid 5808 tgid 5808 stack trace: [ 349.206346][ T8882] __free_frozen_pages+0x747/0x1040 [ 349.222666][ T8882] qlist_free_all+0x47/0xf0 [ 349.241853][ T8882] kasan_quarantine_reduce+0x1a0/0x1f0 [ 349.265528][ T8882] __kasan_slab_alloc+0x69/0x90 [ 349.285333][ T8882] __kmalloc_noprof+0x2b9/0x850 [ 349.316045][ T8882] tomoyo_realpath_from_path+0xb6/0x690 [ 349.335587][ T8882] tomoyo_path_perm+0x276/0x460 [ 349.347659][ T8882] security_inode_getattr+0x116/0x280 [ 349.360094][ T8882] vfs_fstat+0x4b/0xe0 [ 349.369282][ T8882] __do_sys_newfstat+0x8b/0x110 [ 349.381787][ T8882] do_syscall_64+0x10b/0xf80 [ 349.398838][ T8882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.417804][ T8882] ------------[ cut here ]------------ [ 349.424207][ T8882] kernel BUG at ./include/linux/page-flags.h:345! [ 349.488868][ T8882] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI [ 349.496329][ T8882] CPU: 0 UID: 0 PID: 8882 Comm: syz.3.711 Tainted: G L syzkaller #0 PREEMPT(full) [ 349.507623][ T8882] Tainted: [L]=SOFTLOCKUP [ 349.512364][ T8882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 349.524046][ T8882] RIP: 0010:set_ps_flags+0x242/0x290 [ 349.530343][ T8882] Code: 03 80 3c 02 00 0f 84 5f fe ff ff e8 a8 b9 23 00 e9 55 fe ff ff e8 5e ff b7 ff 48 c7 c6 00 6e be 8b 48 89 df e8 5f 6f 05 00 90 <0f> 0b e8 57 b9 23 00 e9 ed fd ff ff e8 7d b9 23 00 e9 57 fe ff ff [ 349.552282][ T8882] RSP: 0018:ffffc90007c9f8f8 EFLAGS: 00010246 [ 349.559214][ T8882] RAX: 0000000000080000 RBX: ffffea0001f02f40 RCX: ffffc90011771000 [ 349.567692][ T8882] RDX: 0000000000080000 RSI: ffffffff8255a158 RDI: ffff8880292e6104 [ 349.576157][ T8882] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 349.584629][ T8882] R10: 0000000000000001 R11: 0000000000000000 R12: ffffc90007c9f9d0 [ 349.593267][ T8882] R13: 0000000000000000 R14: ffffea0001f02f74 R15: dffffc0000000000 [ 349.602442][ T8882] FS: 00007f9a1a4306c0(0000) GS:ffff88812430a000(0000) knlGS:0000000000000000 [ 349.612313][ T8882] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 349.619413][ T8882] CR2: 00007f75fd440ab2 CR3: 000000007d3fa000 CR4: 00000000003526f0 [ 349.628360][ T8882] Call Trace: [ 349.632313][ T8882] [ 349.635825][ T8882] snapshot_page+0x463/0x560 [ 349.641199][ T8882] get_kpage_count+0x94/0x240 [ 349.646301][ T8882] ? __pfx_get_kpage_count+0x10/0x10 [ 349.652014][ T8882] ? __pfx___might_resched+0x10/0x10 [ 349.657777][ T8882] ? __nr_to_section+0xaa/0x100 [ 349.663122][ T8882] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 349.670405][ T8882] kpage_read.isra.0+0x1b8/0x2b0 [ 349.677847][ T8882] ? __pfx_kpagecount_read+0x10/0x10 [ 349.683825][ T8882] proc_reg_read+0x120/0x330 [ 349.689835][ T8882] ? __pfx_proc_reg_read+0x10/0x10 [ 349.696660][ T8882] vfs_readv+0x5d8/0x8d0 [ 349.701841][ T8882] ? __pfx_vfs_readv+0x10/0x10 [ 349.707035][ T8882] ? __fget_files+0x21f/0x3d0 [ 349.712236][ T8882] ? do_readv+0x13e/0x340 [ 349.717336][ T8882] do_readv+0x13e/0x340 [ 349.722980][ T8882] ? __pfx_do_readv+0x10/0x10 [ 349.730114][ T8882] ? rcu_is_watching+0x12/0xc0 [ 349.735022][ T8882] do_syscall_64+0x10b/0xf80 [ 349.740376][ T8882] ? clear_bhb_loop+0x40/0x90 [ 349.745770][ T8882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.752939][ T8882] RIP: 0033:0x7f9a1959c819 [ 349.757762][ T8882] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 349.781356][ T8882] RSP: 002b:00007f9a1a430028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 349.791914][ T8882] RAX: ffffffffffffffda RBX: 00007f9a19816180 RCX: 00007f9a1959c819 [ 349.801155][ T8882] RDX: 0000000100000007 RSI: 00002000000001c0 RDI: 0000000000000003 [ 349.809909][ T8882] RBP: 00007f9a19632c91 R08: 0000000000000000 R09: 0000000000000000 [ 349.818209][ T8882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 349.826831][ T8882] R13: 00007f9a19816218 R14: 00007f9a19816180 R15: 00007ffecc4a04d8 [ 349.835554][ T8882] [ 349.838897][ T8882] Modules linked in: [ 349.844172][ T8882] ---[ end trace 0000000000000000 ]--- [ 349.898999][ T8882] RIP: 0010:set_ps_flags+0x242/0x290 [ 349.904860][ T8882] Code: 03 80 3c 02 00 0f 84 5f fe ff ff e8 a8 b9 23 00 e9 55 fe ff ff e8 5e ff b7 ff 48 c7 c6 00 6e be 8b 48 89 df e8 5f 6f 05 00 90 <0f> 0b e8 57 b9 23 00 e9 ed fd ff ff e8 7d b9 23 00 e9 57 fe ff ff [ 349.930564][ T8882] RSP: 0018:ffffc90007c9f8f8 EFLAGS: 00010246 [ 349.937968][ T8882] RAX: 0000000000080000 RBX: ffffea0001f02f40 RCX: ffffc90011771000 [ 349.947423][ T8882] RDX: 0000000000080000 RSI: ffffffff8255a158 RDI: ffff8880292e6104 [ 349.981430][ T8882] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 350.011061][ T8882] R10: 0000000000000001 R11: 0000000000000000 R12: ffffc90007c9f9d0 [ 350.035505][ T8882] R13: 0000000000000000 R14: ffffea0001f02f74 R15: dffffc0000000000 [ 350.052004][ T8882] FS: 00007f9a1a4306c0(0000) GS:ffff88812430a000(0000) knlGS:0000000000000000 [ 350.068030][ T8882] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 350.082364][ T8882] CR2: 0000555555acc4e8 CR3: 000000007d3fa000 CR4: 00000000003526f0 [ 350.099383][ T8882] Kernel panic - not syncing: Fatal exception [ 350.107162][ T8882] Kernel Offset: disabled [ 350.112419][ T8882] Rebooting in 86400 seconds..