last executing test programs: 11.853494125s ago: executing program 2 (id=3231): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x39}}, 0x6e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x20009, 0x20000000) io_uring_setup$auto(0x1, 0x0) r1 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r2 = openat$auto_regulator_summary_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000480)={{&(0x7f00000001c0)="4023323b52a998fc53754442197547d986396e4ac2f991ce93879e2fbeea07fa975eb48bee358e775e6a6cb2e54acee2ef0183bef6b6e7f1890e3a4c066c8369918de3254172611a83c7b6aeb53a353babee4c2ad6f12b337831bbbaf52c5983650e99a42abaacfdb9f4d6a04de3be3a512d187885106cdfcc4c1689a5595c49bd441bc56a53eb770a52e744177964638bf33f56ce4a91dcc003a9223d9747abc414590b71854d97f54ae2c7bb520a969491a5b1f005c566eac9d76e18d704e44e4c9fdffc06ca1b360105327259906d669347745a04d428b2a5c2da5e23f85ef2d02da6022bf9bbb4292b4b82bcb077f237", 0x7, &(0x7f0000000380)={&(0x7f0000000300)="8aa9a5160af8440dc90e74695da680d7674b6d62213afd39ee7c5c59891cc010fc30a6ffadf8ac01cae838", 0xd9}, 0x7, &(0x7f00000003c0)="36d426922608a1214940a348067f49ef5a4d2096455f61a11dd81b0c0527ec1674ba4f30dbe32e7da22234e8cb9c6fe2169af82540e2e52f7391e8cc3662de9bd60f64967569142153cfe766dfc79b00e70cbf2ced9db314dd2c7ccb9c52d29ada52e587c23b324fb9a0939378550faad663c872f3cf571cf7e1a437eea1d673edc290a12a2d941d2e6e9b26840bf8423611d93270b74696a8d31d18442926c0be6dd278204adc60c01f8a77", 0x0, 0x9}, 0x8}, 0x4, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_STATUS322(0xffffffffffffffff, 0x806c4120, &(0x7f0000000100)={0x0, 0xe, 0x95d7, 0x7f, 0x3, 0x1, 0x9, 0x3, 0x0, 0x7, 0xb, 0x8, 0x100, 0x2, 0x3, 0x10000, 0x400, 0x80000000, "0c1056e3480805f935e214e44f620fa9eba8238cacc3d9e6fc45cf541e509fc2457ae4ae"}) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) adjtimex$auto(&(0x7f0000000200)={0x5f95, 0x0, 0x2, 0x2000000a, 0xff7d, 0xbc58, 0x4000005, 0x0, 0x5, 0x5, 0x80000000, {0x38c8b38f, 0xfc23f}, 0x2544, 0x200000001, 0xfb, 0x1000007, 0x0, 0x203c8, 0x8, 0x8, 0xffffffffffffffff, 0x1560cc85, 0x9}) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) openat$dir(0xffffffffffffff9c, 0x0, 0x381000, 0x100) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r3, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) close_range$auto(0x2, r3, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) io_uring_setup$auto(0x2, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x403c6f2b, 0x0) read$auto(0x3, 0x0, 0x80000001) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) readv$auto(r1, &(0x7f0000000a80)={0x0, 0x8800000000000001}, 0x1) pread64$auto(r4, &(0x7f0000000340)='/dev/bus/usb/013/001\x00', 0x6f, 0xdf) close_range$auto(0x2, 0x8, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/013/001\x00', 0x208040, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/stat\x00', 0xc0802, 0x0) 10.45860123s ago: executing program 1 (id=3234): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/25/smp_affinity\x00', 0x80000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_BSDCOMPAT(r0, 0x6, 0xe, &(0x7f0000000180)='ip6tnl0\x00', 0x2) getpid() socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder0\x00', 0x101802, 0x0) dup$auto(r1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x106) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x8000e, 0x0, 0x0, &(0x7f00000002c0)={[0x6, 0x4, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x23, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x4) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) 9.335586216s ago: executing program 2 (id=3237): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40007, 0x1000000005, 0x9b72, 0x2, 0x8000) userfaultfd$auto(0x1) ioctl$auto(0x3, 0xc018aa3f, 0xf0b) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), r0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) socket(0x23, 0xa, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r2, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0xa02, 0x0) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000005, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x28800, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sg0\x00', 0x40200, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) mmap$auto(0xfffffffffffffff9, 0x400003, 0x7, 0x9b72, 0x2, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) close_range$auto(0x2, 0xa, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638828712, 0x0) sendfile$auto(r4, r3, 0x0, 0x1000202) 8.703119664s ago: executing program 0 (id=3238): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000001940), 0x80643, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_OSS_GETVERSION2(r0, 0x80044d76, &(0x7f00000001c0)) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop12\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000240)={"ef65ce7cb454168d6c0000000000002713df81000000ffffffffffffff2900", 0x3ff, 0x402, 0xffc, 0x400004, 0x200000000040000d}) ioctl$auto_BLKTRACETEARDOWN(r1, 0x1276, 0x0) prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) prctl$auto(0x41, 0x3, 0x0, 0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) socket(0xf, 0x3, 0x2) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x9, 0x0, 0x1, 0x0) r3 = open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x202, 0x3, 0xfff, 0x1, 0x948b, 0x8, 0x95f4da2d, 0x7fffffffffffffff, 0x6, 0x62, 0x7, 0x7, 0x6d3f, 0x0, 0x7, 0x5]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x4, 0x400008, 0x3, 0x9b72, r3, 0x8000) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000140), 0x60a41, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000100)={[0x1fb, 0x6, 0x1, 0xfffffffffffffff7, 0x948b, 0x9, 0xfffffffffffffffb, 0x3, 0x7, 0x63, 0x80000021, 0x4, 0x6d3e, 0x7fff, 0x2, 0x6]}, 0x0) socket(0x1d, 0x2, 0x3) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/pcrypt/pencrypt/serial_cpumask\x00', 0xa001, 0x0) write$auto(r4, &(0x7f0000000040)=',\x00^\xa2\x02\x00\x05\x00\x00\x00\xd8l\x00\x00\x00\x00\x00\x00\xb2s\x83\xbd\xc5_%\xc1\xa3\xd0\x95Hq\xf4zG\x01[{\x17\x05I\xe0\xb1d)\x06z8L\xe6&[\xa9X6\x7f\xec\x94\xdal\xa1\xbb\x86\x9c\xc2\xef\x02\r9%\x06\xc5\'b%m_\x96A\"\xdd\xe40\xa7\xc3\x9ah\xf3B\xc2\xec\xf8\r\f[\xe5\x9dK\xe1\x99\x86\xfc\xac\x9f\x8a', 0x1000) madvise$auto(0x110c230000, 0x8031ca, 0x9) r5 = socket$nl_generic(0x10, 0x3, 0x10) read$auto(r5, &(0x7f000000be80)='batadv0\x00', 0xf) r6 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f000000c180), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(r5, &(0x7f000000ca40)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1400d5c1baf9c52082bc1382a4010000", @ANYRES16=r6, @ANYBLOB="e3db28bd7000fcdbdf2510000000"], 0x14}, 0x1, 0x0, 0x0, 0x841}, 0x4) 8.337754065s ago: executing program 1 (id=3239): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x7, 0xd, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYBLOB="000326bd69dbd97f59f712780000"], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000) connect$auto(0x3, 0x0, 0x55) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) r3 = syz_clone3(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58) read$auto(0x4, 0x0, 0xfdef) clone3$auto(&(0x7f0000002c40)={0x6, 0x8, 0x100000001, 0xffff, 0x8, 0xffff, 0x4, 0x4, 0x7f, 0x0, 0x40000000000000}, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/usb/drivers/mdc800/bind\x00', 0x14b142, 0x0) msgctl$auto_IPC_STAT(0x2, 0x2, &(0x7f0000000340)={{0x2, 0x0, 0x0, 0x4, 0x11, 0x400003, 0x581}, 0x0, 0x0, 0x2, 0xa, 0x3, 0x1, 0x80000000000004, 0x1df, 0x3, 0x10, @inferred=r3, @raw=0xb9}) ptrace$auto_PTRACE_SETREGSET(0x4205, 0x0, 0x2, 0x9193) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, 0x0) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/reset\x00', 0x82, 0x0) 8.077691843s ago: executing program 3 (id=3240): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x8000, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f682, 0x0) socket(0x10, 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x1eb343, 0x100) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) r3 = socket(0xa, 0x5, 0x84) sendto$auto(r3, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/sctp/assocs\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r4, 0x0, 0xfffffe36) read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000040)=""/9, 0x9) ioctl$auto_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000140)={"2252f65ca1b92f72a92538725b0694521629e8c3e6ba91c62e2e9d42cf4aef15", 0x4, 0x3, 0x8004, 0x6, 0xff}) ioctl$auto_EVIOCGEFFECTS(r0, 0x80044584, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'batadv0\x00'}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) clone$auto(0x7fff, 0xad3, 0x0, 0x0, 0x8000004) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/2-0:1.0/usb2-port1/disable\x00', 0x102, 0x0) sendfile$auto(r6, r6, 0x0, 0x7) 7.817576517s ago: executing program 2 (id=3241): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x8000, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f682, 0x0) socket(0x10, 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x1eb343, 0x100) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9) sendto$auto(0xffffffffffffffff, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/sctp/assocs\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r3, 0x0, 0xfffffe36) read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000040)=""/9, 0x9) ioctl$auto_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000140)={"2252f65ca1b92f72a92538725b0694521629e8c3e6ba91c62e2e9d42cf4aef15", 0x4, 0x3, 0x8004, 0x6, 0xff}) ioctl$auto_EVIOCGEFFECTS(r0, 0x80044584, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'batadv0\x00'}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) clone$auto(0x7fff, 0xad3, 0x0, 0x0, 0x8000004) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/2-0:1.0/usb2-port1/disable\x00', 0x102, 0x0) sendfile$auto(r5, r5, 0x0, 0x7) 6.742038248s ago: executing program 2 (id=3242): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000180)='/proc/softirqs\x00', 0x400, 0x0) kill$auto(0x0, 0x12) preadv$auto(r0, &(0x7f0000009180)={&(0x7f0000008180), 0x7}, 0x26, 0x80, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x40242, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) writev$auto(r1, &(0x7f00000000c0)={0x0, 0x10}, 0x3) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x801, 0x0) prctl$auto(0x26, 0x1, 0x0, 0x0, 0x0) clone$auto(0x20003b46, 0x100000000000005, 0x0, 0x0, 0x2) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/input/event0\x00', 0x40000, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00') r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0xfffffffffffffffe, 0x200006, 0x6, 0x40eb1, 0x602, 0xcf05) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) madvise$auto(0x0, 0x20499d, 0x9) mmap$auto(0x0, 0xffffffffffffffff, 0xffb, 0x8000000008011, r3, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) ioctl$auto(r3, 0x541d, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x2, 0x2) 6.6960277s ago: executing program 3 (id=3243): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0)) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0x0) read$auto(r0, 0x0, 0x1000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) ioctl$auto_SNDCTL_SEQ_NRSYNTHS(r2, 0x8004510a, &(0x7f0000000040)="4be9c34cb53cb9ff3db5c7716bd839245877c148e958a37fb530720c5ab3e318f929f63122bccb112ac3693a8f6414f702bde2687f1acf41") r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x1, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x9, 0x6, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000000000000000, 0x2, 0x6d3c, 0x9, 0x2, 0x8000000000000006]}, 0x0) getpgrp(0xffffffffffffffff) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f00000000c0)="f5396e12ddc9a67bd99d90f1c035bb101b7614a1ca8730410e2e41c6a7122efa61ac6c003dc81018718e933eda70300cc80440e0a99e2d331f785e28731dd56f6254fbc941ab20dcc7bc3bc3f523bbf9dde6312821deff2f5fe81c34e137e4eacf09bd7ea88cbbd6bcd51fc840bbbd5d826a050efeb24a34a21d", 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) 6.624807284s ago: executing program 0 (id=3244): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0)) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0x0) read$auto(r0, 0x0, 0x1000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) ioctl$auto_SNDCTL_SEQ_NRSYNTHS(r2, 0x8004510a, &(0x7f0000000040)="4be9c34cb53cb9ff3db5c7716bd839245877c148e958a37fb530720c5ab3e318f929f63122bccb112ac3693a8f6414f702bde2687f1acf41") r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x1, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x9, 0x6, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000000000000000, 0x2, 0x6d3c, 0x9, 0x2, 0x8000000000000006]}, 0x0) getpgrp(0xffffffffffffffff) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f00000000c0)="f5396e12ddc9a67bd99d90f1c035bb101b7614a1ca8730410e2e41c6a7122efa61ac6c003dc81018718e933eda70300cc80440e0a99e2d331f785e28731dd56f6254fbc941ab20dcc7bc3bc3f523bbf9dde6312821deff2f5fe81c34e137e4eacf09bd7ea88cbbd6bcd51fc840bbbd5d826a050efeb24a34a21d", 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) 5.906258954s ago: executing program 1 (id=3245): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/25/smp_affinity\x00', 0x80000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_BSDCOMPAT(r0, 0x6, 0xe, &(0x7f0000000180)='ip6tnl0\x00', 0x2) getpid() socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder0\x00', 0x101802, 0x0) dup$auto(r1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x106) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x8000e, 0x0, 0x0, &(0x7f00000002c0)={[0x6, 0x4, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x23, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x4) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) 5.461392113s ago: executing program 0 (id=3246): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/25/smp_affinity\x00', 0x80000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_BSDCOMPAT(r0, 0x6, 0xe, &(0x7f0000000180)='ip6tnl0\x00', 0x2) getpid() socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder0\x00', 0x101802, 0x0) dup$auto(r1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x106) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x8000e, 0x0, 0x0, &(0x7f00000002c0)={[0x6, 0x4, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x23, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x4) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) 5.374846354s ago: executing program 3 (id=3247): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/25/smp_affinity\x00', 0x80000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_BSDCOMPAT(r0, 0x6, 0xe, &(0x7f0000000180)='ip6tnl0\x00', 0x2) getpid() socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder0\x00', 0x101802, 0x0) dup$auto(r1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x106) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x8000e, 0x0, 0x0, &(0x7f00000002c0)={[0x6, 0x4, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x23, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x4) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) 3.479614903s ago: executing program 3 (id=3248): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x39}}, 0x6e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x20009, 0x20000000) io_uring_setup$auto(0x1, 0x0) r1 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r2 = openat$auto_regulator_summary_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000480)={{&(0x7f00000001c0)="4023323b52a998fc53754442197547d986396e4ac2f991ce93879e2fbeea07fa975eb48bee358e775e6a6cb2e54acee2ef0183bef6b6e7f1890e3a4c066c8369918de3254172611a83c7b6aeb53a353babee4c2ad6f12b337831bbbaf52c5983650e99a42abaacfdb9f4d6a04de3be3a512d187885106cdfcc4c1689a5595c49bd441bc56a53eb770a52e744177964638bf33f56ce4a91dcc003a9223d9747abc414590b71854d97f54ae2c7bb520a969491a5b1f005c566eac9d76e18d704e44e4c9fdffc06ca1b360105327259906d669347745a04d428b2a5c2da5e23f85ef2d02da6022bf9bbb4292b4b82bcb077f237", 0x7, &(0x7f0000000380)={&(0x7f0000000300)="8aa9a5160af8440dc90e74695da680d7674b6d62213afd39ee7c5c59891cc010fc30a6ffadf8ac01cae838", 0xd9}, 0x7, &(0x7f00000003c0)="36d426922608a1214940a348067f49ef5a4d2096455f61a11dd81b0c0527ec1674ba4f30dbe32e7da22234e8cb9c6fe2169af82540e2e52f7391e8cc3662de9bd60f64967569142153cfe766dfc79b00e70cbf2ced9db314dd2c7ccb9c52d29ada52e587c23b324fb9a0939378550faad663c872f3cf571cf7e1a437eea1d673edc290a12a2d941d2e6e9b26840bf8423611d93270b74696a8d31d18442926c0be6dd278204adc60c01f8a77", 0x0, 0x9}, 0x8}, 0x4, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_STATUS322(0xffffffffffffffff, 0x806c4120, &(0x7f0000000100)={0x0, 0xe, 0x95d7, 0x7f, 0x3, 0x1, 0x9, 0x3, 0x0, 0x7, 0xb, 0x8, 0x100, 0x2, 0x3, 0x10000, 0x400, 0x80000000, "0c1056e3480805f935e214e44f620fa9eba8238cacc3d9e6fc45cf541e509fc2457ae4ae"}) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) adjtimex$auto(&(0x7f0000000200)={0x5f95, 0x0, 0x2, 0x2000000a, 0xff7d, 0xbc58, 0x4000005, 0x0, 0x5, 0x5, 0x80000000, {0x38c8b38f, 0xfc23f}, 0x2544, 0x200000001, 0xfb, 0x1000007, 0x0, 0x203c8, 0x8, 0x8, 0xffffffffffffffff, 0x1560cc85, 0x9}) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) openat$dir(0xffffffffffffff9c, 0x0, 0x381000, 0x100) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r3, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) close_range$auto(0x2, r3, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) io_uring_setup$auto(0x2, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x403c6f2b, 0x0) read$auto(0x3, 0x0, 0x80000001) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) readv$auto(r1, &(0x7f0000000a80)={0x0, 0x8800000000000001}, 0x1) pread64$auto(r4, &(0x7f0000000340)='/dev/bus/usb/013/001\x00', 0x6f, 0xdf) close_range$auto(0x2, 0x8, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/013/001\x00', 0x208040, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/stat\x00', 0xc0802, 0x0) 3.477818472s ago: executing program 1 (id=3256): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/25/smp_affinity\x00', 0x80000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_BSDCOMPAT(r0, 0x6, 0xe, &(0x7f0000000180)='ip6tnl0\x00', 0x2) getpid() socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder0\x00', 0x101802, 0x0) dup$auto(r1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x106) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x8000e, 0x0, 0x0, &(0x7f00000002c0)={[0x6, 0x4, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x23, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x4) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) 3.477071093s ago: executing program 2 (id=3249): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/25/smp_affinity\x00', 0x80000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_BSDCOMPAT(r0, 0x6, 0xe, &(0x7f0000000180)='ip6tnl0\x00', 0x2) getpid() socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder0\x00', 0x101802, 0x0) dup$auto(r1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x106) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x8000e, 0x0, 0x0, &(0x7f00000002c0)={[0x6, 0x4, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x23, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x4) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) 3.443609339s ago: executing program 0 (id=3250): unshare$auto(0x20000) unshare$auto(0x20000) r0 = bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0xffffffffffffffff, 0x9) pread64$auto(0xffffffffffffffff, &(0x7f0000000540)='veth1\x00\xe0,\x17\xa0\xf7\x89Pl\x84K?\x01\x84\xa1i\xe00\x81p\xa0U \f\xdbP`:\xe2\'\xa7\xbf\xbd\x04\x18\xad\x90I^\x99M\xe0W\x14\x11\xf4\xeb\x90:\v\xc5\x13*\xfe\x90\xb1\xa9O\xa5\x05\xaa\x8fTi\xd6\x88Q\xda\xca', 0x20000000003f, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) setresgid$auto(0x81, 0x800000a0, 0x8) socket(0x2, 0x2, 0x1) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/usb/drivers/usbip-host/match_busid\x00', 0x28b42, 0x0) sendfile$auto(r2, r2, 0x0, 0x4f64a1d2) madvise$auto(0x0, 0x80000001, 0x8) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000080), r1) openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/current_tracer\x00', 0x40482, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) read$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfdef) msgctl$auto_IPC_STAT(0x839c, 0x2, &(0x7f0000000240)={{0x1, 0xffffffffffffffff, 0xee01, 0x9, 0xb822, 0xffffffff, 0x5}, &(0x7f0000000180)=0x80, &(0x7f00000001c0)=0x7f, 0x4, 0x4d805b98, 0x5, 0xc1be, 0x6, 0x8d, 0x4, 0x0, @raw=0x10000, @raw=0x8}) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, 0x0, 0xa00, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) prctl$auto(0x23, 0xe, 0x0, 0x6c, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa101, 0x0) socket(0x10, 0x2, 0xc) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/usb/usbmon/36u\x00', 0x26040, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00'}) openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000140), 0x10001, 0x0) 1.470259157s ago: executing program 1 (id=3251): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000240)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x19, 0x2, 0x8000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, 0x0, 0x400c080) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000280), 0xffffffffffffffff) mmap$auto(0x2, 0x8000000000000000, 0xdf, 0x471, 0x2, 0x8000) process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, &(0x7f0000000140)={&(0x7f0000000000)="75069306718961289362e447303b5943cb6da353036498c823d4148aeeec98ef1d3c18058651f24eb225ecce17d85d22e4bae47c749fb6da2f5267c2daeb5eaec03b57c3c82ae241c3c6d0ddd2fd220443ef2cd1bde1726c1c5608763de0c70b8b2c44c6b5ff5be2fc1d7ae88f4c29e4e63f543cdc4e3122dab03c9d8934e1947870dddcfc87a9a65d0a36faa2691a4cb3c04e3e4a38cebcf6ce3ffcea8aea93617c8887bf47345489346803c41c0bac9e55d851388657f48debb807c036e0be4858", 0xd7c9}, 0x200, 0x2, 0xffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_FIOQSIZE(r2, 0x5460, 0x7) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/ip_forward\x00', 0x2002, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/ip_local_port_range\x00', 0x20202, 0x0) sendfile$auto(r3, r4, 0x0, 0x4) munlock$auto(0xffff, 0x1) mprotect$auto(0x200000000000, 0x806124, 0x8) mq_getsetattr$auto(0xffffffffffffffff, &(0x7f0000000100)={0x7, 0x101, 0x5, 0xfffffffffffffffa}, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ram7\x00', 0x14f602, 0x0) 1.461288192s ago: executing program 0 (id=3260): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x8, 0x20009, 0x8, 0xeb1, 0x7f, 0x8000) rseq$auto(0x0, 0xfffffff5, 0x0, 0x5) sysfs$auto(0x2, 0x10000000000002a, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x268041, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_STALL(r1, 0x550c, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendto$auto(0x3, 0x0, 0x2000f, 0x0, 0x0, 0x1c) sendmsg$auto_NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x8000800) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001580)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x204, 0x1a00) r2 = openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/available_tracers\x00', 0x40000, 0x0) read$auto_show_traces_fops_trace(r2, &(0x7f0000000640)=""/188, 0xbc) read$auto(r0, 0x0, 0x800006) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket(0x23, 0x6, 0x0) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x18080, 0x0) listmount$auto(0x0, 0x0, 0xf4240, 0x1) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x60040, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x40000, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x1000005, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/udp\x00', 0x4a2080, 0x0) read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000100)=""/140, 0x8c) 1.416273121s ago: executing program 3 (id=3252): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x8000, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f682, 0x0) socket(0x10, 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x1eb343, 0x100) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9) r2 = socket(0xa, 0x5, 0x84) sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/sctp/assocs\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r3, 0x0, 0xfffffe36) read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000040)=""/9, 0x9) ioctl$auto_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000140)={"2252f65ca1b92f72a92538725b0694521629e8c3e6ba91c62e2e9d42cf4aef15", 0x4, 0x3, 0x8004, 0x6, 0xff}) ioctl$auto_EVIOCGEFFECTS(r0, 0x80044584, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'batadv0\x00'}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) clone$auto(0x7fff, 0xad3, 0x0, 0x0, 0x8000004) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/2-0:1.0/usb2-port1/disable\x00', 0x102, 0x0) sendfile$auto(r5, r5, 0x0, 0x7) 506.062543ms ago: executing program 3 (id=3253): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0)) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0x0) read$auto(r0, 0x0, 0x1000) write$auto(0x3, 0x0, 0x100082) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) ioctl$auto_SNDCTL_SEQ_NRSYNTHS(r2, 0x8004510a, &(0x7f0000000040)="4be9c34cb53cb9ff3db5c7716bd839245877c148e958a37fb530720c5ab3e318f929f63122bccb112ac3693a8f6414f702bde2687f1acf41") r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x1, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x9, 0x6, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000000000000000, 0x2, 0x6d3c, 0x9, 0x2, 0x8000000000000006]}, 0x0) getpgrp(0xffffffffffffffff) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f00000000c0)="f5396e12ddc9a67bd99d90f1c035bb101b7614a1ca8730410e2e41c6a7122efa61ac6c003dc81018718e933eda70300cc80440e0a99e2d331f785e28731dd56f6254fbc941ab20dcc7bc3bc3f523bbf9dde6312821deff2f5fe81c34e137e4eacf09bd7ea88cbbd6bcd51fc840bbbd5d826a050efeb24a34a21d", 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) 244.13916ms ago: executing program 2 (id=3254): ioctl$auto_BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc018620c, 0x0) statmount$auto(0x0, 0x0, 0x1fe, 0xd) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, 0x0, 0x48002, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptyd9\x00', 0x100000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x3e00, 0x0) read$auto(r1, 0x0, 0x1f40) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x8001, 0x2, 0x5, 0x9b72, 0xffffffffffffffff, 0x28028) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_DELETE(0xffffffffffffffff, 0x0, 0x4004) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fcntl$auto(r0, 0x8, 0x0) clock_nanosleep$auto(0x2, 0x1000, 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/sctp/rto_beta_exp_divisor\x00', 0xa0081, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2, 0x0) read$auto(r4, 0x0, 0x2) r5 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x501, 0x0) r6 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r6, &(0x7f0000000440)="671d9b4a", 0x4) ioctl$auto_FUSE_DEV_IOC_CLONE(r5, 0x8004e500, 0x0) 34.347552ms ago: executing program 1 (id=3255): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x40000000000000d, 0x2009, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x19, 0x2, 0x8000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, 0x0, 0x2400c080) write$auto(0x3, 0x0, 0xfffffdef) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, &(0x7f0000000140)={&(0x7f0000000000)="75069306718961289362e447303b5943cb6da353036498c823d4148aeeec98ef1d3c18058651f24eb225ecce17d85d22e4bae47c749fb6da2f5267c2daeb5eaec03b57c3c82ae241c3c6d0ddd2fd220443ef2cd1bde1726c1c5608763de0c70b8b2c44c6b5ff5be2fc1d7ae88f4c29e4e63f543cdc4e3122dab03c9d8934e1947870dddcfc87a9a65d0a36faa2691a4cb3c04e3e4a38cebcf6ce3ffcea8aea93617c8887bf47345489346803c41c0bac9e55d851388657f48debb807c036e0be4858", 0xd7c9}, 0x200, 0x2, 0xffffffff) mmap$auto(0x100010, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x410180, 0x0) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1208}, 0x1, 0x0, 0x0, 0x4004080}, 0x40) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000) recvmmsg$auto(r3, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/ip_forward\x00', 0x2002, 0x0) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/ip_local_port_range\x00', 0x20202, 0x0) sendfile$auto(r4, r5, 0x0, 0x4) 0s ago: executing program 0 (id=3257): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/25/smp_affinity\x00', 0x80000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_BSDCOMPAT(r0, 0x6, 0xe, &(0x7f0000000180)='ip6tnl0\x00', 0x2) getpid() socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder0\x00', 0x101802, 0x0) dup$auto(r1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x106) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x8000e, 0x0, 0x0, &(0x7f00000002c0)={[0x6, 0x4, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x23, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x4) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) kernel console output (not intermixed with test programs): _highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 739.733049][T17261] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 739.738940][T17261] Node 0 DMA32 free:1395540kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:33828kB inactive_anon:36kB active_file:50280kB inactive_file:173456kB unevictable:1536kB writepending:532kB present:3129332kB managed:2539588kB mlocked:0kB bounce:0kB free_pcp:37924kB local_pcp:19156kB free_cma:0kB [ 739.771615][T17261] lowmem_reserve[]: 0 0 1 1 1 [ 739.776471][T17261] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1328kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 739.817625][T17261] lowmem_reserve[]: 0 0 0 0 0 [ 739.822435][T17261] Node 1 Normal free:3881528kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:216kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:22600kB local_pcp:15336kB free_cma:0kB [ 739.854183][T17261] lowmem_reserve[]: 0 0 0 0 0 [ 739.879545][T17261] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 739.928724][T17261] Node 0 DMA32: 2573*4kB (UM) 1612*8kB (UME) 722*16kB (UM) 707*32kB (UME) 383*64kB (UME) 257*128kB (UME) 171*256kB (UME) 98*512kB (UME) 49*1024kB (UM) 11*2048kB (UM) 272*4096kB (M) = 1395540kB [ 739.950374][T17261] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 739.962903][T17261] Node 1 Normal: 73*4kB (UME) 6*8kB (UM) 10*16kB (UME) 16*32kB (UM) 59*64kB (UM) 43*128kB (UME) 17*256kB (UME) 5*512kB (UME) 2*1024kB (UM) 4*2048kB (UME) 941*4096kB (M) = 3881780kB [ 739.981747][T17261] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 739.992515][T17261] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 740.005692][T17261] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 740.016371][T17261] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 740.026250][T17261] 58359 total pagecache pages [ 740.031065][T17261] 21 pages in swap cache [ 740.036020][T17261] Free swap = 124588kB [ 740.040300][T17261] Total swap = 124996kB [ 740.045681][T17261] 2097051 pages RAM [ 740.049536][T17261] 0 pages HighMem/MovableOnly [ 740.055047][T17261] 430192 pages reserved [ 740.059361][T17261] 0 pages cma reserved [ 740.778882][T17289] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2186'. [ 740.791527][T17289] FAULT_INJECTION: forcing a failure. [ 740.791527][T17289] name failslab, interval 1, probability 0, space 0, times 0 [ 740.811323][T17289] CPU: 1 UID: 0 PID: 17289 Comm: syz.3.2186 Tainted: G U syzkaller #0 PREEMPT(full) [ 740.811371][T17289] Tainted: [U]=USER [ 740.811382][T17289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 740.811401][T17289] Call Trace: [ 740.811412][T17289] [ 740.811424][T17289] dump_stack_lvl+0x16c/0x1f0 [ 740.811474][T17289] should_fail_ex+0x512/0x640 [ 740.811516][T17289] ? fs_reclaim_acquire+0xae/0x150 [ 740.811555][T17289] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 740.811590][T17289] should_failslab+0xc2/0x120 [ 740.811622][T17289] __kmalloc_noprof+0xd2/0x510 [ 740.811657][T17289] tomoyo_realpath_from_path+0xc2/0x6e0 [ 740.811695][T17289] ? tomoyo_profile+0x47/0x60 [ 740.811718][T17289] tomoyo_path_number_perm+0x245/0x580 [ 740.811747][T17289] ? tomoyo_path_number_perm+0x237/0x580 [ 740.811779][T17289] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 740.811807][T17289] ? futex_wake+0x1ad/0x530 [ 740.811871][T17289] ? find_held_lock+0x2b/0x80 [ 740.811893][T17289] ? hook_file_ioctl_common+0x145/0x410 [ 740.811932][T17289] ? __fget_files+0x20e/0x3c0 [ 740.811964][T17289] security_file_ioctl+0x9b/0x240 [ 740.811997][T17289] __x64_sys_ioctl+0xb7/0x210 [ 740.812037][T17289] do_syscall_64+0xcd/0x490 [ 740.812072][T17289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 740.812097][T17289] RIP: 0033:0x7fda0558ebe9 [ 740.812115][T17289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 740.812139][T17289] RSP: 002b:00007fda0646c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 740.812161][T17289] RAX: ffffffffffffffda RBX: 00007fda057b5fa0 RCX: 00007fda0558ebe9 [ 740.812177][T17289] RDX: 00002000000000c0 RSI: 0000000040107447 RDI: 0000000000000003 [ 740.812198][T17289] RBP: 00007fda05611e19 R08: 0000000000000000 R09: 0000000000000000 [ 740.812212][T17289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 740.812226][T17289] R13: 00007fda057b6038 R14: 00007fda057b5fa0 R15: 00007ffe35980d98 [ 740.812257][T17289] [ 740.812267][T17289] ERROR: Out of memory at tomoyo_realpath_from_path. [ 741.028578][T17294] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2187'. [ 742.598447][T17313] Process accounting resumed [ 749.365187][T17417] netlink: 25520 bytes leftover after parsing attributes in process `syz.1.2203'. [ 749.402660][T17417] netlink: zone id is out of range [ 749.413429][T17417] netlink: zone id is out of range [ 749.426262][T17417] netlink: zone id is out of range [ 749.431440][T17417] netlink: zone id is out of range [ 749.446685][T17417] netlink: zone id is out of range [ 749.459583][T17417] netlink: zone id is out of range [ 755.239904][T17498] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2214'. [ 757.546533][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 757.552919][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 761.869663][T17591] __vm_enough_memory: pid: 17591, comm: syz.3.2227, bytes: 4398046511104 not enough memory for the allocation [ 770.044305][T17660] kexec: Could not allocate control_code_buffer [ 772.409897][T17711] FAULT_INJECTION: forcing a failure. [ 772.409897][T17711] name failslab, interval 1, probability 0, space 0, times 0 [ 772.461091][T17711] CPU: 1 UID: 0 PID: 17711 Comm: syz.3.2247 Tainted: G U syzkaller #0 PREEMPT(full) [ 772.461148][T17711] Tainted: [U]=USER [ 772.461159][T17711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 772.461179][T17711] Call Trace: [ 772.461189][T17711] [ 772.461202][T17711] dump_stack_lvl+0x16c/0x1f0 [ 772.461253][T17711] should_fail_ex+0x512/0x640 [ 772.461300][T17711] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 772.461355][T17711] should_failslab+0xc2/0x120 [ 772.461401][T17711] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 772.461443][T17711] ? do_epoll_ctl+0x1170/0x3790 [ 772.461487][T17711] do_epoll_ctl+0x1170/0x3790 [ 772.461543][T17711] ? __pfx_do_epoll_ctl+0x10/0x10 [ 772.461579][T17711] ? find_held_lock+0x2b/0x80 [ 772.461609][T17711] ? __might_fault+0xe3/0x190 [ 772.461647][T17711] ? __might_fault+0xe3/0x190 [ 772.461703][T17711] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 772.461739][T17711] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 772.461777][T17711] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 772.461832][T17711] do_syscall_64+0xcd/0x490 [ 772.461882][T17711] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 772.461917][T17711] RIP: 0033:0x7fda0558ebe9 [ 772.461945][T17711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 772.461979][T17711] RSP: 002b:00007fda0646c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 772.462012][T17711] RAX: ffffffffffffffda RBX: 00007fda057b5fa0 RCX: 00007fda0558ebe9 [ 772.462035][T17711] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000006 [ 772.462057][T17711] RBP: 00007fda05611e19 R08: 0000000000000000 R09: 0000000000000000 [ 772.462078][T17711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 772.462099][T17711] R13: 00007fda057b6038 R14: 00007fda057b5fa0 R15: 00007ffe35980d98 [ 772.462143][T17711] [ 773.033668][T17723] netlink: 13832 bytes leftover after parsing attributes in process `syz.0.2249'. [ 773.490381][T17724] tipc: Started in network mode [ 773.495670][T17724] tipc: Node identity ee00, cluster identity 4711 [ 773.522982][T17724] tipc: Node number set to 60928 [ 773.744649][T17722] Process accounting resumed [ 774.015320][T17737] __vm_enough_memory: pid: 17737, comm: syz.0.2252, bytes: 4398046511104 not enough memory for the allocation [ 774.366544][T17744] FAULT_INJECTION: forcing a failure. [ 774.366544][T17744] name failslab, interval 1, probability 0, space 0, times 0 [ 774.382886][T17744] CPU: 1 UID: 0 PID: 17744 Comm: syz.0.2255 Tainted: G U syzkaller #0 PREEMPT(full) [ 774.382922][T17744] Tainted: [U]=USER [ 774.382929][T17744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 774.382943][T17744] Call Trace: [ 774.382950][T17744] [ 774.382959][T17744] dump_stack_lvl+0x16c/0x1f0 [ 774.382994][T17744] should_fail_ex+0x512/0x640 [ 774.383028][T17744] ? fs_reclaim_acquire+0xae/0x150 [ 774.383067][T17744] should_failslab+0xc2/0x120 [ 774.383099][T17744] __kmalloc_cache_noprof+0x6a/0x3e0 [ 774.383134][T17744] ? tomoyo_init_log+0x197/0x2140 [ 774.383202][T17744] tomoyo_init_log+0x197/0x2140 [ 774.383252][T17744] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 774.383318][T17744] ? __pfx_tomoyo_init_log+0x10/0x10 [ 774.383364][T17744] ? tomoyo_profile+0x47/0x60 [ 774.383392][T17744] ? tomoyo_domain_quota_is_ok+0x2f6/0x5a0 [ 774.383439][T17744] tomoyo_supervisor+0x302/0x13b0 [ 774.383480][T17744] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 774.383531][T17744] ? lockdep_hardirqs_on+0x7c/0x110 [ 774.383582][T17744] ? kfree+0x2b4/0x4d0 [ 774.383622][T17744] ? tomoyo_realpath_from_path+0x19f/0x6e0 [ 774.383674][T17744] ? tomoyo_check_acl+0x1f7/0x410 [ 774.383715][T17744] tomoyo_path_permission+0x270/0x3b0 [ 774.383760][T17744] tomoyo_check_open_permission+0x37b/0x3c0 [ 774.383804][T17744] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 774.383889][T17744] ? do_raw_spin_lock+0x12c/0x2b0 [ 774.383952][T17744] tomoyo_file_open+0x6b/0x90 [ 774.384004][T17744] security_file_open+0x84/0x1e0 [ 774.384051][T17744] do_dentry_open+0x596/0x1530 [ 774.384107][T17744] vfs_open+0x82/0x3f0 [ 774.384171][T17744] path_openat+0x1de4/0x2cb0 [ 774.384221][T17744] ? __pfx_path_openat+0x10/0x10 [ 774.384256][T17744] do_filp_open+0x20b/0x470 [ 774.384285][T17744] ? __pfx_do_filp_open+0x10/0x10 [ 774.384334][T17744] ? alloc_fd+0x471/0x7d0 [ 774.384367][T17744] do_sys_openat2+0x11b/0x1d0 [ 774.384403][T17744] ? __pfx_do_sys_openat2+0x10/0x10 [ 774.384452][T17744] __x64_sys_openat+0x174/0x210 [ 774.384489][T17744] ? __pfx___x64_sys_openat+0x10/0x10 [ 774.384538][T17744] do_syscall_64+0xcd/0x490 [ 774.384572][T17744] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 774.384597][T17744] RIP: 0033:0x7f1268f8ebe9 [ 774.384615][T17744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 774.384638][T17744] RSP: 002b:00007f1269d64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 774.384660][T17744] RAX: ffffffffffffffda RBX: 00007f12691b5fa0 RCX: 00007f1268f8ebe9 [ 774.384676][T17744] RDX: 0000000000000a02 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 774.384691][T17744] RBP: 00007f1269011e19 R08: 0000000000000000 R09: 0000000000000000 [ 774.384705][T17744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 774.384719][T17744] R13: 00007f12691b6038 R14: 00007f12691b5fa0 R15: 00007ffe3706e9d8 [ 774.384749][T17744] [ 774.972969][T17715] Process accounting paused [ 777.101046][T17779] random: crng reseeded on system resumption [ 777.108840][T17778] FAULT_INJECTION: forcing a failure. [ 777.108840][T17778] name failslab, interval 1, probability 0, space 0, times 0 [ 777.142656][T17778] CPU: 0 UID: 0 PID: 17778 Comm: syz.1.2259 Tainted: G U syzkaller #0 PREEMPT(full) [ 777.142709][T17778] Tainted: [U]=USER [ 777.142720][T17778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 777.142739][T17778] Call Trace: [ 777.142758][T17778] [ 777.142771][T17778] dump_stack_lvl+0x16c/0x1f0 [ 777.142822][T17778] should_fail_ex+0x512/0x640 [ 777.142867][T17778] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 777.142909][T17778] should_failslab+0xc2/0x120 [ 777.142954][T17778] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 777.142994][T17778] ? do_epoll_ctl+0x1170/0x3790 [ 777.143037][T17778] do_epoll_ctl+0x1170/0x3790 [ 777.143090][T17778] ? __pfx_do_epoll_ctl+0x10/0x10 [ 777.143141][T17778] ? find_held_lock+0x2b/0x80 [ 777.143168][T17778] ? __might_fault+0xe3/0x190 [ 777.143202][T17778] ? __might_fault+0xe3/0x190 [ 777.143269][T17778] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 777.143304][T17778] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 777.143341][T17778] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 777.143390][T17778] do_syscall_64+0xcd/0x490 [ 777.143438][T17778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 777.143471][T17778] RIP: 0033:0x7f61ec78ebe9 [ 777.143496][T17778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 777.143529][T17778] RSP: 002b:00007f61ed5ab038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 777.143559][T17778] RAX: ffffffffffffffda RBX: 00007f61ec9b5fa0 RCX: 00007f61ec78ebe9 [ 777.143581][T17778] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000006 [ 777.143602][T17778] RBP: 00007f61ec811e19 R08: 0000000000000000 R09: 0000000000000000 [ 777.143621][T17778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 777.143641][T17778] R13: 00007f61ec9b6038 R14: 00007f61ec9b5fa0 R15: 00007ffc2787fc98 [ 777.143684][T17778] [ 779.089159][T17776] ptrace attach of "./syz-executor exec"[5869] was attempted by "./syz-executor exec"[17776] [ 784.853402][ T30] audit: type=1804 audit(6051354880.400:16): pid=17855 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2270" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=1051 res=1 errno=0 [ 784.893878][T17885] netlink: 13832 bytes leftover after parsing attributes in process `syz.2.2272'. [ 792.374955][T17976] hub 8-0:1.0: USB hub found [ 792.391652][T17976] hub 8-0:1.0: 1 port detected [ 792.572452][T17982] random: crng reseeded on system resumption [ 793.419801][T17966] ptrace attach of "./syz-executor exec"[5877] was attempted by "./syz-executor exec"[17966] syzkaller syzkaller login: [ 795.275339][T18012] FAULT_INJECTION: forcing a failure. [ 795.275339][T18012] name failslab, interval 1, probability 0, space 0, times 0 [ 795.323208][T18012] CPU: 1 UID: 0 PID: 18012 Comm: syz.2.2292 Tainted: G U syzkaller #0 PREEMPT(full) [ 795.323257][T18012] Tainted: [U]=USER [ 795.323268][T18012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 795.323286][T18012] Call Trace: [ 795.323297][T18012] [ 795.323310][T18012] dump_stack_lvl+0x16c/0x1f0 [ 795.323357][T18012] should_fail_ex+0x512/0x640 [ 795.323392][T18012] ? __kmalloc_noprof+0xbf/0x510 [ 795.323422][T18012] ? handler_new_ref+0x1b0/0xc60 [ 795.323455][T18012] should_failslab+0xc2/0x120 [ 795.323487][T18012] __kmalloc_noprof+0xd2/0x510 [ 795.323523][T18012] ? __asan_memcpy+0x3c/0x60 [ 795.323552][T18012] handler_new_ref+0x1b0/0xc60 [ 795.323593][T18012] v4l2_ctrl_new+0x1963/0x2180 [ 795.323637][T18012] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 795.323674][T18012] ? __mutex_trylock_common+0xe9/0x250 [ 795.323710][T18012] ? __pfx___mutex_trylock_common+0x10/0x10 [ 795.323741][T18012] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 795.323779][T18012] v4l2_ctrl_new_std+0x1be/0x290 [ 795.323821][T18012] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 795.323861][T18012] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 795.323897][T18012] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 795.323932][T18012] ? __asan_memcpy+0x3c/0x60 [ 795.323960][T18012] ? find_ref+0x20b/0x420 [ 795.323993][T18012] handler_new_ref+0x827/0xc60 [ 795.324034][T18012] v4l2_ctrl_new+0x1963/0x2180 [ 795.324078][T18012] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 795.324134][T18012] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 795.324177][T18012] v4l2_ctrl_new_std+0x1be/0x290 [ 795.324220][T18012] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 795.324258][T18012] ? rcu_is_watching+0x12/0xc0 [ 795.324282][T18012] ? trace_kmalloc+0x2b/0xd0 [ 795.324314][T18012] ? __kvmalloc_node_noprof+0x298/0x620 [ 795.324341][T18012] ? v4l2_ctrl_handler_init_class+0x1fc/0x340 [ 795.324379][T18012] ? media_request_object_init+0x100/0x180 [ 795.324423][T18012] vicodec_open+0x1d0/0xf90 [ 795.324455][T18012] v4l2_open+0x225/0x490 [ 795.324484][T18012] ? __pfx_v4l2_open+0x10/0x10 [ 795.324513][T18012] chrdev_open+0x234/0x6a0 [ 795.324544][T18012] ? __pfx_apparmor_file_open+0x10/0x10 [ 795.324570][T18012] ? __pfx_chrdev_open+0x10/0x10 [ 795.324603][T18012] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 795.324635][T18012] do_dentry_open+0x982/0x1530 [ 795.324665][T18012] ? __pfx_chrdev_open+0x10/0x10 [ 795.324703][T18012] vfs_open+0x82/0x3f0 [ 795.324741][T18012] path_openat+0x1de4/0x2cb0 [ 795.324778][T18012] ? __pfx_path_openat+0x10/0x10 [ 795.324813][T18012] do_filp_open+0x20b/0x470 [ 795.324840][T18012] ? __pfx_do_filp_open+0x10/0x10 [ 795.324888][T18012] ? alloc_fd+0x471/0x7d0 [ 795.324920][T18012] do_sys_openat2+0x11b/0x1d0 [ 795.324968][T18012] ? __pfx_do_sys_openat2+0x10/0x10 [ 795.325016][T18012] __x64_sys_openat+0x174/0x210 [ 795.325052][T18012] ? __pfx___x64_sys_openat+0x10/0x10 [ 795.325102][T18012] do_syscall_64+0xcd/0x490 [ 795.325144][T18012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 795.325178][T18012] RIP: 0033:0x7f429e78ebe9 [ 795.325203][T18012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 795.325229][T18012] RSP: 002b:00007f429f614038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 795.325251][T18012] RAX: ffffffffffffffda RBX: 00007f429e9b6180 RCX: 00007f429e78ebe9 [ 795.325285][T18012] RDX: 00000000000c0400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 795.325300][T18012] RBP: 00007f429e811e19 R08: 0000000000000000 R09: 0000000000000000 [ 795.325315][T18012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 795.325330][T18012] R13: 00007f429e9b6218 R14: 00007f429e9b6180 R15: 00007ffeb4e40248 [ 795.325361][T18012] [ 800.275724][T18072] FAULT_INJECTION: forcing a failure. [ 800.275724][T18072] name fail_futex, interval 1, probability 0, space 0, times 0 [ 800.293577][T18072] CPU: 1 UID: 0 PID: 18072 Comm: syz.0.2301 Tainted: G U syzkaller #0 PREEMPT(full) [ 800.293624][T18072] Tainted: [U]=USER [ 800.293634][T18072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 800.293653][T18072] Call Trace: [ 800.293663][T18072] [ 800.293675][T18072] dump_stack_lvl+0x16c/0x1f0 [ 800.293722][T18072] should_fail_ex+0x512/0x640 [ 800.293773][T18072] get_futex_key+0x293/0x1560 [ 800.293828][T18072] ? __pfx_get_futex_key+0x10/0x10 [ 800.293862][T18072] ? __mutex_trylock_common+0xe9/0x250 [ 800.293932][T18072] futex_wake+0xea/0x530 [ 800.293982][T18072] ? __pfx_futex_wake+0x10/0x10 [ 800.294047][T18072] do_futex+0x1e3/0x350 [ 800.294096][T18072] ? __pfx_do_futex+0x10/0x10 [ 800.294132][T18072] ? __might_fault+0xe3/0x190 [ 800.294181][T18072] mm_release+0x24e/0x300 [ 800.294218][T18072] do_exit+0x68e/0x2bf0 [ 800.294268][T18072] ? __pfx_do_exit+0x10/0x10 [ 800.294311][T18072] ? do_raw_spin_lock+0x12c/0x2b0 [ 800.294378][T18072] ? find_held_lock+0x2b/0x80 [ 800.294417][T18072] do_group_exit+0xd3/0x2a0 [ 800.294466][T18072] get_signal+0x2673/0x26d0 [ 800.294519][T18072] ? __pfx_get_signal+0x10/0x10 [ 800.294568][T18072] ? do_futex+0x122/0x350 [ 800.294609][T18072] ? __pfx_do_futex+0x10/0x10 [ 800.294651][T18072] arch_do_signal_or_restart+0x8f/0x790 [ 800.294695][T18072] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 800.294747][T18072] ? xfd_validate_state+0x61/0x180 [ 800.294810][T18072] ? __pfx___do_sys_close_range+0x10/0x10 [ 800.294859][T18072] exit_to_user_mode_loop+0x84/0x110 [ 800.294909][T18072] do_syscall_64+0x3f6/0x490 [ 800.294956][T18072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 800.294988][T18072] RIP: 0033:0x7f1268f8ebe9 [ 800.295012][T18072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 800.295043][T18072] RSP: 002b:00007f1269d220e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 800.295074][T18072] RAX: fffffffffffffe00 RBX: 00007f12691b6188 RCX: 00007f1268f8ebe9 [ 800.295112][T18072] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f12691b6188 [ 800.295146][T18072] RBP: 00007f12691b6180 R08: 0000000000000000 R09: 0000000000000000 [ 800.295165][T18072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 800.295183][T18072] R13: 00007f12691b6218 R14: 00007ffe3706e8f0 R15: 00007ffe3706e9d8 [ 800.295221][T18072] [ 801.197483][T18089] netlink: 29 bytes leftover after parsing attributes in process `syz.3.2305'. [ 801.311818][T18097] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 802.639780][T18112] ubi0: attaching mtd0 [ 802.673443][T18112] ubi0 error: ubi_attach_mtd_dev: bad VID header (536870975) or data offsets (536871039) [ 804.556869][T18122] Process accounting paused [ 806.214742][T18127] Process accounting resumed [ 806.325204][T18169] random: crng reseeded on system resumption [ 807.792271][T18195] FAULT_INJECTION: forcing a failure. [ 807.792271][T18195] name failslab, interval 1, probability 0, space 0, times 0 [ 807.983988][T18195] CPU: 0 UID: 0 PID: 18195 Comm: syz.0.2318 Tainted: G U syzkaller #0 PREEMPT(full) [ 807.984038][T18195] Tainted: [U]=USER [ 807.984048][T18195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 807.984067][T18195] Call Trace: [ 807.984076][T18195] [ 807.984084][T18195] dump_stack_lvl+0x16c/0x1f0 [ 807.984118][T18195] should_fail_ex+0x512/0x640 [ 807.984149][T18195] ? __kmalloc_noprof+0xbf/0x510 [ 807.984176][T18195] ? handler_new_ref+0x1b0/0xc60 [ 807.984206][T18195] should_failslab+0xc2/0x120 [ 807.984235][T18195] __kmalloc_noprof+0xd2/0x510 [ 807.984258][T18195] ? __asan_memcpy+0x3c/0x60 [ 807.984285][T18195] handler_new_ref+0x1b0/0xc60 [ 807.984322][T18195] v4l2_ctrl_new+0x1963/0x2180 [ 807.984363][T18195] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 807.984402][T18195] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 807.984447][T18195] v4l2_ctrl_new_std+0x1be/0x290 [ 807.984487][T18195] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 807.984522][T18195] ? rcu_is_watching+0x12/0xc0 [ 807.984544][T18195] ? trace_kmalloc+0x2b/0xd0 [ 807.984574][T18195] ? __kvmalloc_node_noprof+0x298/0x620 [ 807.984598][T18195] ? v4l2_ctrl_handler_init_class+0x1fc/0x340 [ 807.984635][T18195] ? media_request_object_init+0x100/0x180 [ 807.984674][T18195] vicodec_open+0x1d0/0xf90 [ 807.984703][T18195] v4l2_open+0x225/0x490 [ 807.984730][T18195] ? __pfx_v4l2_open+0x10/0x10 [ 807.984767][T18195] chrdev_open+0x234/0x6a0 [ 807.984793][T18195] ? __pfx_apparmor_file_open+0x10/0x10 [ 807.984815][T18195] ? __pfx_chrdev_open+0x10/0x10 [ 807.984843][T18195] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 807.984871][T18195] do_dentry_open+0x982/0x1530 [ 807.984897][T18195] ? __pfx_chrdev_open+0x10/0x10 [ 807.984928][T18195] vfs_open+0x82/0x3f0 [ 807.984961][T18195] path_openat+0x1de4/0x2cb0 [ 807.984993][T18195] ? __pfx_path_openat+0x10/0x10 [ 807.985024][T18195] do_filp_open+0x20b/0x470 [ 807.985049][T18195] ? __pfx_do_filp_open+0x10/0x10 [ 807.985091][T18195] ? alloc_fd+0x471/0x7d0 [ 807.985119][T18195] do_sys_openat2+0x11b/0x1d0 [ 807.985149][T18195] ? __pfx_do_sys_openat2+0x10/0x10 [ 807.985191][T18195] __x64_sys_openat+0x174/0x210 [ 807.985223][T18195] ? __pfx___x64_sys_openat+0x10/0x10 [ 807.985265][T18195] do_syscall_64+0xcd/0x490 [ 807.985294][T18195] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 807.985314][T18195] RIP: 0033:0x7f1268f8ebe9 [ 807.985330][T18195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 807.985350][T18195] RSP: 002b:00007f1269d43038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 807.985368][T18195] RAX: ffffffffffffffda RBX: 00007f12691b6090 RCX: 00007f1268f8ebe9 [ 807.985381][T18195] RDX: 00000000000c0400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 807.985394][T18195] RBP: 00007f1269011e19 R08: 0000000000000000 R09: 0000000000000000 [ 807.985406][T18195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 807.985440][T18195] R13: 00007f12691b6128 R14: 00007f12691b6090 R15: 00007ffe3706e9d8 [ 807.985468][T18195] [ 813.076576][T18272] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2328'. [ 813.193758][T18251] ptrace attach of "./syz-executor exec"[5873] was attempted by "./syz-executor exec"[18251] [ 813.427912][T18275] FAULT_INJECTION: forcing a failure. [ 813.427912][T18275] name failslab, interval 1, probability 0, space 0, times 0 [ 813.453305][T18275] CPU: 1 UID: 0 PID: 18275 Comm: syz.0.2329 Tainted: G U syzkaller #0 PREEMPT(full) [ 813.453341][T18275] Tainted: [U]=USER [ 813.453349][T18275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 813.453362][T18275] Call Trace: [ 813.453370][T18275] [ 813.453378][T18275] dump_stack_lvl+0x16c/0x1f0 [ 813.453413][T18275] should_fail_ex+0x512/0x640 [ 813.453446][T18275] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 813.453472][T18275] should_failslab+0xc2/0x120 [ 813.453503][T18275] __kmalloc_cache_noprof+0x6a/0x3e0 [ 813.453527][T18275] ? snd_seq_oss_open+0x55/0xa20 [ 813.453576][T18275] snd_seq_oss_open+0x55/0xa20 [ 813.453619][T18275] odev_open+0x6f/0x90 [ 813.453650][T18275] ? __pfx_odev_open+0x10/0x10 [ 813.453687][T18275] soundcore_open+0x40c/0x580 [ 813.453722][T18275] ? __pfx_soundcore_open+0x10/0x10 [ 813.453755][T18275] chrdev_open+0x234/0x6a0 [ 813.453784][T18275] ? __pfx_apparmor_file_open+0x10/0x10 [ 813.453810][T18275] ? __pfx_chrdev_open+0x10/0x10 [ 813.453841][T18275] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 813.453885][T18275] do_dentry_open+0x982/0x1530 [ 813.453913][T18275] ? __pfx_chrdev_open+0x10/0x10 [ 813.453946][T18275] vfs_open+0x82/0x3f0 [ 813.453982][T18275] path_openat+0x1de4/0x2cb0 [ 813.454016][T18275] ? __pfx_path_openat+0x10/0x10 [ 813.454049][T18275] do_filp_open+0x20b/0x470 [ 813.454075][T18275] ? __pfx_do_filp_open+0x10/0x10 [ 813.454120][T18275] ? alloc_fd+0x471/0x7d0 [ 813.454150][T18275] do_sys_openat2+0x11b/0x1d0 [ 813.454184][T18275] ? __pfx_do_sys_openat2+0x10/0x10 [ 813.454218][T18275] ? __pfx_sched_core_share_pid+0x10/0x10 [ 813.454251][T18275] __x64_sys_openat+0x174/0x210 [ 813.454285][T18275] ? __pfx___x64_sys_openat+0x10/0x10 [ 813.454321][T18275] ? syscall_user_dispatch+0x78/0x140 [ 813.454363][T18275] do_syscall_64+0xcd/0x490 [ 813.454395][T18275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 813.454417][T18275] RIP: 0033:0x7f1268f8ebe9 [ 813.454433][T18275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 813.454455][T18275] RSP: 002b:00007f1269d64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 813.454475][T18275] RAX: ffffffffffffffda RBX: 00007f12691b5fa0 RCX: 00007f1268f8ebe9 [ 813.454489][T18275] RDX: 0000000000000042 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 813.454503][T18275] RBP: 00007f1269011e19 R08: 0000000000000000 R09: 0000000000000000 [ 813.454516][T18275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 813.454529][T18275] R13: 00007f12691b6038 R14: 00007f12691b5fa0 R15: 00007ffe3706e9d8 [ 813.454556][T18275] [ 815.256135][T18308] capability: warning: `syz.1.2333' uses deprecated v2 capabilities in a way that may be insecure [ 818.991530][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 818.998068][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 820.091517][T18378] FAULT_INJECTION: forcing a failure. [ 820.091517][T18378] name fail_futex, interval 1, probability 0, space 0, times 0 [ 820.185999][T18378] CPU: 0 UID: 0 PID: 18378 Comm: syz.2.2345 Tainted: G U syzkaller #0 PREEMPT(full) [ 820.186045][T18378] Tainted: [U]=USER [ 820.186054][T18378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 820.186072][T18378] Call Trace: [ 820.186081][T18378] [ 820.186093][T18378] dump_stack_lvl+0x16c/0x1f0 [ 820.186137][T18378] should_fail_ex+0x512/0x640 [ 820.186185][T18378] get_futex_key+0x1d0/0x1560 [ 820.186227][T18378] ? __pfx_get_futex_key+0x10/0x10 [ 820.186263][T18378] ? __pfx_css_rstat_updated+0x10/0x10 [ 820.186305][T18378] futex_wake+0xea/0x530 [ 820.186352][T18378] ? __pfx_futex_wake+0x10/0x10 [ 820.186396][T18378] ? do_user_addr_fault+0x829/0x1370 [ 820.186450][T18378] ? do_user_addr_fault+0x843/0x1370 [ 820.186502][T18378] do_futex+0x1e3/0x350 [ 820.186558][T18378] ? __pfx_do_futex+0x10/0x10 [ 820.186595][T18378] ? irqentry_exit+0x3b/0x90 [ 820.186636][T18378] ? lockdep_hardirqs_on+0x7c/0x110 [ 820.186686][T18378] __x64_sys_futex+0x1e0/0x4c0 [ 820.186730][T18378] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 820.186778][T18378] ? __pfx___x64_sys_futex+0x10/0x10 [ 820.186833][T18378] ? syscall_user_dispatch+0x78/0x140 [ 820.186891][T18378] do_syscall_64+0xcd/0x490 [ 820.186934][T18378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 820.186965][T18378] RIP: 0033:0x7f429e78ebe9 [ 820.186991][T18378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 820.187023][T18378] RSP: 002b:00007f429f6140e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 820.187053][T18378] RAX: ffffffffffffffda RBX: 00007f429e9b6188 RCX: 00007f429e78ebe9 [ 820.187074][T18378] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f429e9b618c [ 820.187106][T18378] RBP: 00007f429e9b6180 R08: 00007f429f657000 R09: 0000000000000000 [ 820.187125][T18378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 820.187144][T18378] R13: 00007f429e9b6218 R14: 00007ffeb4e40160 R15: 00007ffeb4e40248 [ 820.187184][T18378] [ 820.426975][T18371] ptrace attach of "./syz-executor exec"[5882] was attempted by "./syz-executor exec"[18371] [ 822.270556][T18396] FAULT_INJECTION: forcing a failure. [ 822.270556][T18396] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 822.321211][T18396] CPU: 0 UID: 0 PID: 18396 Comm: syz.1.2349 Tainted: G U syzkaller #0 PREEMPT(full) [ 822.321247][T18396] Tainted: [U]=USER [ 822.321254][T18396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 822.321287][T18396] Call Trace: [ 822.321295][T18396] [ 822.321305][T18396] dump_stack_lvl+0x16c/0x1f0 [ 822.321341][T18396] should_fail_ex+0x512/0x640 [ 822.321379][T18396] should_fail_alloc_page+0xe7/0x130 [ 822.321415][T18396] prepare_alloc_pages+0x3c2/0x610 [ 822.321457][T18396] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 822.321490][T18396] ? do_user_addr_fault+0x843/0x1370 [ 822.321536][T18396] ? irqentry_exit+0x3b/0x90 [ 822.321568][T18396] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 822.321608][T18396] ? rep_movs_alternative+0x4a/0x90 [ 822.321635][T18396] ? _copy_from_iter+0x15d/0x1720 [ 822.321680][T18396] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 822.321719][T18396] ? policy_nodemask+0xea/0x4e0 [ 822.321753][T18396] alloc_pages_mpol+0x1fb/0x550 [ 822.321786][T18396] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 822.321826][T18396] alloc_pages_noprof+0x131/0x390 [ 822.321858][T18396] anon_pipe_write+0xbc2/0x1a90 [ 822.321895][T18396] ? futex_private_hash_put+0x176/0x300 [ 822.321924][T18396] ? __pfx_anon_pipe_write+0x10/0x10 [ 822.321960][T18396] ? common_file_perm+0x1a9/0x340 [ 822.321995][T18396] fifo_pipe_write+0x24/0x530 [ 822.322028][T18396] vfs_write+0x7d0/0x11d0 [ 822.322056][T18396] ? __pfx_fifo_pipe_write+0x10/0x10 [ 822.322089][T18396] ? __pfx_vfs_write+0x10/0x10 [ 822.322115][T18396] ? find_held_lock+0x2b/0x80 [ 822.322160][T18396] ksys_write+0x1f8/0x250 [ 822.322188][T18396] ? __pfx_ksys_write+0x10/0x10 [ 822.322223][T18396] do_syscall_64+0xcd/0x490 [ 822.322258][T18396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 822.322281][T18396] RIP: 0033:0x7f61ec78ebe9 [ 822.322300][T18396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 822.322323][T18396] RSP: 002b:00007f61ed5ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 822.322345][T18396] RAX: ffffffffffffffda RBX: 00007f61ec9b5fa0 RCX: 00007f61ec78ebe9 [ 822.322360][T18396] RDX: 0000000000008001 RSI: 0000000000000000 RDI: 0000000000000004 [ 822.322375][T18396] RBP: 00007f61ec811e19 R08: 0000000000000000 R09: 0000000000000000 [ 822.322389][T18396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 822.322403][T18396] R13: 00007f61ec9b6038 R14: 00007f61ec9b5fa0 R15: 00007ffc2787fc98 [ 822.322432][T18396] [ 825.991217][T18448] ptrace attach of "./syz-executor exec"[5873] was attempted by "./syz-executor exec"[18448] [ 826.544006][T18479] netlink: 'syz.2.2365': attribute type 1 has an invalid length. [ 828.308834][T18503] FAULT_INJECTION: forcing a failure. [ 828.308834][T18503] name failslab, interval 1, probability 0, space 0, times 0 [ 828.362321][T18503] CPU: 0 UID: 0 PID: 18503 Comm: syz.1.2370 Tainted: G U syzkaller #0 PREEMPT(full) [ 828.362372][T18503] Tainted: [U]=USER [ 828.362384][T18503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 828.362404][T18503] Call Trace: [ 828.362414][T18503] [ 828.362427][T18503] dump_stack_lvl+0x16c/0x1f0 [ 828.362476][T18503] should_fail_ex+0x512/0x640 [ 828.362522][T18503] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 828.362573][T18503] should_failslab+0xc2/0x120 [ 828.362619][T18503] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 828.362666][T18503] ? __ip_vs_sctp_init+0x37/0x80 [ 828.362706][T18503] kmemdup_noprof+0x29/0x60 [ 828.362747][T18503] ? __pfx___ip_vs_sctp_init+0x10/0x10 [ 828.362779][T18503] __ip_vs_sctp_init+0x37/0x80 [ 828.362812][T18503] ip_vs_protocol_net_init+0x191/0x300 [ 828.362873][T18503] __ip_vs_init+0x239/0x520 [ 828.362911][T18503] ? __pfx___ip_vs_init+0x10/0x10 [ 828.362945][T18503] ops_init+0x1e2/0x5f0 [ 828.362996][T18503] setup_net+0x10f/0x380 [ 828.363040][T18503] ? lockdep_init_map_type+0x5c/0x280 [ 828.363098][T18503] ? __pfx_setup_net+0x10/0x10 [ 828.363151][T18503] ? debug_mutex_init+0x37/0x70 [ 828.363190][T18503] copy_net_ns+0x2a6/0x5f0 [ 828.363246][T18503] create_new_namespaces+0x3ea/0xa90 [ 828.363294][T18503] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 828.363336][T18503] ksys_unshare+0x45b/0xa40 [ 828.363381][T18503] ? __pfx_ksys_unshare+0x10/0x10 [ 828.363428][T18503] ? xfd_validate_state+0x61/0x180 [ 828.363490][T18503] __x64_sys_unshare+0x31/0x40 [ 828.363537][T18503] do_syscall_64+0xcd/0x490 [ 828.363586][T18503] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 828.363620][T18503] RIP: 0033:0x7f61ec78ebe9 [ 828.363647][T18503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 828.363681][T18503] RSP: 002b:00007f61ed5ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 828.363713][T18503] RAX: ffffffffffffffda RBX: 00007f61ec9b5fa0 RCX: 00007f61ec78ebe9 [ 828.363735][T18503] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 828.363756][T18503] RBP: 00007f61ec811e19 R08: 0000000000000000 R09: 0000000000000000 [ 828.363777][T18503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 828.363797][T18503] R13: 00007f61ec9b6038 R14: 00007f61ec9b5fa0 R15: 00007ffc2787fc98 [ 828.363841][T18503] [ 834.978876][T18559] Process accounting resumed [ 837.864739][T18634] Process accounting paused [ 841.852330][T18723] FAULT_INJECTION: forcing a failure. [ 841.852330][T18723] name failslab, interval 1, probability 0, space 0, times 0 [ 841.873568][T18723] CPU: 1 UID: 0 PID: 18723 Comm: syz.0.2400 Tainted: G U syzkaller #0 PREEMPT(full) [ 841.873621][T18723] Tainted: [U]=USER [ 841.873633][T18723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 841.873654][T18723] Call Trace: [ 841.873665][T18723] [ 841.873679][T18723] dump_stack_lvl+0x16c/0x1f0 [ 841.873729][T18723] should_fail_ex+0x512/0x640 [ 841.873778][T18723] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 841.873815][T18723] should_failslab+0xc2/0x120 [ 841.873864][T18723] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 841.873910][T18723] ? ipv4_sysctl_init_net+0x3e/0x350 [ 841.873947][T18723] ? __pfx_ipv4_sysctl_init_net+0x10/0x10 [ 841.873984][T18723] kmemdup_noprof+0x29/0x60 [ 841.874026][T18723] ipv4_sysctl_init_net+0x3e/0x350 [ 841.874062][T18723] ? __pfx_ipv4_sysctl_init_net+0x10/0x10 [ 841.874097][T18723] ops_init+0x1e2/0x5f0 [ 841.874149][T18723] setup_net+0x10f/0x380 [ 841.874195][T18723] ? lockdep_init_map_type+0x5c/0x280 [ 841.874243][T18723] ? __pfx_setup_net+0x10/0x10 [ 841.874300][T18723] ? debug_mutex_init+0x37/0x70 [ 841.874338][T18723] copy_net_ns+0x2a6/0x5f0 [ 841.874413][T18723] create_new_namespaces+0x3ea/0xa90 [ 841.874477][T18723] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 841.874520][T18723] ksys_unshare+0x45b/0xa40 [ 841.874568][T18723] ? __pfx_ksys_unshare+0x10/0x10 [ 841.874616][T18723] ? xfd_validate_state+0x61/0x180 [ 841.874678][T18723] __x64_sys_unshare+0x31/0x40 [ 841.874724][T18723] do_syscall_64+0xcd/0x490 [ 841.874781][T18723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 841.874816][T18723] RIP: 0033:0x7f1268f8ebe9 [ 841.874842][T18723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 841.874877][T18723] RSP: 002b:00007f1269d64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 841.874907][T18723] RAX: ffffffffffffffda RBX: 00007f12691b5fa0 RCX: 00007f1268f8ebe9 [ 841.874927][T18723] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 841.874957][T18723] RBP: 00007f1269011e19 R08: 0000000000000000 R09: 0000000000000000 [ 841.874978][T18723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 841.874998][T18723] R13: 00007f12691b6038 R14: 00007f12691b5fa0 R15: 00007ffe3706e9d8 [ 841.875041][T18723] [ 847.129465][T18799] FAULT_INJECTION: forcing a failure. [ 847.129465][T18799] name failslab, interval 1, probability 0, space 0, times 0 [ 847.190521][T18799] CPU: 0 UID: 0 PID: 18799 Comm: syz.3.2412 Tainted: G U syzkaller #0 PREEMPT(full) [ 847.190572][T18799] Tainted: [U]=USER [ 847.190583][T18799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 847.190602][T18799] Call Trace: [ 847.190614][T18799] [ 847.190628][T18799] dump_stack_lvl+0x16c/0x1f0 [ 847.190675][T18799] should_fail_ex+0x512/0x640 [ 847.190721][T18799] ? fs_reclaim_acquire+0xae/0x150 [ 847.190774][T18799] should_failslab+0xc2/0x120 [ 847.190819][T18799] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 847.190862][T18799] ? security_inode_alloc+0x3b/0x2b0 [ 847.190902][T18799] security_inode_alloc+0x3b/0x2b0 [ 847.190930][T18799] inode_init_always_gfp+0xce4/0x1030 [ 847.190971][T18799] alloc_inode+0x86/0x240 [ 847.191006][T18799] sock_alloc+0x40/0x280 [ 847.191042][T18799] sock_create_lite+0x82/0x120 [ 847.191080][T18799] __netlink_kernel_create+0xbd/0x750 [ 847.191115][T18799] ? __pfx___netlink_kernel_create+0x10/0x10 [ 847.191152][T18799] ? proc_create_reg+0xe3/0x180 [ 847.191195][T18799] xfrm_user_net_init+0xc6/0x190 [ 847.191224][T18799] ? __pfx_xfrm_user_net_init+0x10/0x10 [ 847.191253][T18799] ? __pfx_xfrm_netlink_rcv+0x10/0x10 [ 847.191282][T18799] ? __pfx_tls_init_net+0x10/0x10 [ 847.191320][T18799] ? tls_proc_init+0x58/0x70 [ 847.191350][T18799] ? __pfx_xfrm_user_net_init+0x10/0x10 [ 847.191377][T18799] ops_init+0x1e2/0x5f0 [ 847.191413][T18799] setup_net+0x10f/0x380 [ 847.191444][T18799] ? lockdep_init_map_type+0x5c/0x280 [ 847.191482][T18799] ? __pfx_setup_net+0x10/0x10 [ 847.191525][T18799] ? debug_mutex_init+0x37/0x70 [ 847.191555][T18799] copy_net_ns+0x2a6/0x5f0 [ 847.191594][T18799] create_new_namespaces+0x3ea/0xa90 [ 847.191628][T18799] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 847.191659][T18799] ksys_unshare+0x45b/0xa40 [ 847.191691][T18799] ? __pfx_ksys_unshare+0x10/0x10 [ 847.191725][T18799] ? xfd_validate_state+0x61/0x180 [ 847.191769][T18799] __x64_sys_unshare+0x31/0x40 [ 847.191801][T18799] do_syscall_64+0xcd/0x490 [ 847.191836][T18799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 847.191859][T18799] RIP: 0033:0x7fda0558ebe9 [ 847.191877][T18799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 847.191900][T18799] RSP: 002b:00007fda0646c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 847.191922][T18799] RAX: ffffffffffffffda RBX: 00007fda057b5fa0 RCX: 00007fda0558ebe9 [ 847.191938][T18799] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 847.191965][T18799] RBP: 00007fda05611e19 R08: 0000000000000000 R09: 0000000000000000 [ 847.191979][T18799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 847.191994][T18799] R13: 00007fda057b6038 R14: 00007fda057b5fa0 R15: 00007ffe35980d98 [ 847.192041][T18799] [ 850.420900][T18845] netlink: 'syz.1.2419': attribute type 1 has an invalid length. [ 857.589860][T18957] ubi0: attaching mtd0 [ 857.604663][T18957] ubi0: scanning is finished [ 857.719645][T18957] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 858.348687][T18957] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 864.980887][T19053] deleting an unspecified loop device is not supported. [ 866.931631][T19054] Process accounting paused [ 867.053702][T19082] input: f¬ as /devices/virtual/input/input17 [ 868.188249][T19061] Process accounting resumed [ 869.063971][T19101] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 869.151927][T19102] ecryptfs_miscdev_write: Invalid packet size [111] [ 869.175232][T19101] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 870.195904][T19105] vivid-003: ================= START STATUS ================= [ 870.295496][T19105] vivid-003: Radio HW Seek Mode: Bounded [ 870.375033][T19105] vivid-003: Radio Programmable HW Seek: false [ 870.389499][T19105] vivid-003: RDS Rx I/O Mode: Block I/O [ 870.395349][T19105] vivid-003: Generate RBDS Instead of RDS: false [ 870.449868][T19105] vivid-003: RDS Reception: true [ 870.455407][T19105] vivid-003: RDS Program Type: 0 inactive [ 870.473277][T19105] vivid-003: RDS PS Name: inactive [ 870.478796][T19105] vivid-003: RDS Radio Text: inactive [ 870.484538][T19105] vivid-003: RDS Traffic Announcement: false inactive [ 870.491416][T19105] vivid-003: RDS Traffic Program: false inactive [ 870.500680][T19105] vivid-003: RDS Music: false inactive [ 870.507302][T19105] vivid-003: ================== END STATUS ================== [ 876.851805][T19218] vivid-003: ================= START STATUS ================= [ 876.893282][T19218] vivid-003: Radio HW Seek Mode: Bounded [ 876.903684][T19218] vivid-003: Radio Programmable HW Seek: false [ 876.923309][T19218] vivid-003: RDS Rx I/O Mode: Block I/O [ 876.928939][T19218] vivid-003: Generate RBDS Instead of RDS: false [ 876.967400][T19218] vivid-003: RDS Reception: [ 877.008847][T19230] input: f¬ as /devices/virtual/input/input18 [ 877.087083][T19218] true [ 877.113467][T19218] vivid-003: RDS Program Type: 0 inactive [ 877.148987][T19218] vivid-003: RDS PS Name: inactive [ 877.173639][T19218] vivid-003: RDS Radio Text: inactive [ 877.192238][T19218] vivid-003: RDS Traffic Announcement: false inactive [ 877.203419][T19218] vivid-003: RDS Traffic Program: false inactive [ 877.220082][T19218] vivid-003: RDS Music: false inactive [ 877.225967][T19218] vivid-003: ================== END STATUS ================== [ 880.439675][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 880.447762][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 883.575279][T19334] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 883.834293][T19338] input: f¬ as /devices/virtual/input/input20 [ 886.785344][ T5874] Bluetooth: hci0: unexpected event 0x17 length: 440 > 6 [ 888.450490][T19398] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 888.488124][T19398] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 888.531403][T19398] ecryptfs_miscdev_write: Invalid packet size [111] [ 889.561898][ T30] audit: type=1800 audit(6051354985.110:17): pid=19422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=65776 res=0 errno=0 [ 891.799446][T19443] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 895.417508][T19491] ubi0: attaching mtd0 [ 895.423446][T19491] ubi0: scanning is finished [ 895.428271][T19491] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 895.814998][T19491] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 897.127492][T19508] svc: failed to register nfsdv3 RPC service (errno 111). [ 897.350849][T19508] svc: failed to register nfsaclv3 RPC service (errno 111). [ 898.347415][T19505] Process accounting resumed [ 898.719862][T19556] Process accounting paused [ 898.889331][T19553] random: crng reseeded on system resumption [ 900.999529][T19580] vivid-003: ================= START STATUS ================= [ 901.023926][T19580] vivid-003: Radio HW Seek Mode: Bounded [ 901.032721][T19580] vivid-003: Radio Programmable HW Seek: false [ 901.041288][T19580] vivid-003: RDS Rx I/O Mode: Block I/O [ 901.047081][T19580] vivid-003: Generate RBDS Instead of RDS: false [ 901.058004][T19580] vivid-003: RDS Reception: true [ 901.068592][T19580] vivid-003: RDS Program Type: 0 inactive [ 901.075965][T19580] vivid-003: RDS PS Name: inactive [ 901.083368][T19580] vivid-003: RDS Radio Text: inactive [ 901.088914][T19580] vivid-003: RDS Traffic Announcement: false inactive [ 901.095894][T19580] vivid-003: RDS Traffic Program: false inactive [ 901.102300][T19580] vivid-003: RDS Music: false inactive [ 901.108046][T19580] vivid-003: ================== END STATUS ================== [ 901.435855][ T30] audit: type=1804 audit(6051354996.960:18): pid=19587 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2526" name="/newroot/633/file0" dev="tmpfs" ino=3289 res=1 errno=0 [ 907.619604][T19692] FAULT_INJECTION: forcing a failure. [ 907.619604][T19692] name failslab, interval 1, probability 0, space 0, times 0 [ 907.643307][T19692] CPU: 0 UID: 0 PID: 19692 Comm: syz.3.2539 Tainted: G U syzkaller #0 PREEMPT(full) [ 907.643367][T19692] Tainted: [U]=USER [ 907.643380][T19692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 907.643403][T19692] Call Trace: [ 907.643416][T19692] [ 907.643432][T19692] dump_stack_lvl+0x16c/0x1f0 [ 907.643486][T19692] should_fail_ex+0x512/0x640 [ 907.643539][T19692] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 907.643586][T19692] should_failslab+0xc2/0x120 [ 907.643634][T19692] __kmalloc_cache_noprof+0x6a/0x3e0 [ 907.643672][T19692] ? kasan_save_stack+0x42/0x60 [ 907.643713][T19692] ? kasan_save_stack+0x33/0x60 [ 907.643754][T19692] ? snd_seq_queue_alloc+0x56/0x5a0 [ 907.643803][T19692] snd_seq_queue_alloc+0x56/0x5a0 [ 907.643852][T19692] snd_seq_ioctl_create_queue+0xa9/0x380 [ 907.643910][T19692] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 907.643983][T19692] alloc_seq_queue+0xda/0x180 [ 907.644041][T19692] ? __pfx_alloc_seq_queue+0x10/0x10 [ 907.644148][T19692] ? mark_held_locks+0x49/0x80 [ 907.644198][T19692] ? _raw_spin_unlock_irq+0x23/0x50 [ 907.644247][T19692] snd_seq_oss_open+0x38c/0xa20 [ 907.644319][T19692] odev_open+0x6f/0x90 [ 907.644372][T19692] ? __pfx_odev_open+0x10/0x10 [ 907.644428][T19692] soundcore_open+0x40c/0x580 [ 907.644486][T19692] ? __pfx_soundcore_open+0x10/0x10 [ 907.644539][T19692] chrdev_open+0x234/0x6a0 [ 907.644590][T19692] ? __pfx_apparmor_file_open+0x10/0x10 [ 907.644634][T19692] ? __pfx_chrdev_open+0x10/0x10 [ 907.644687][T19692] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 907.644741][T19692] do_dentry_open+0x982/0x1530 [ 907.644791][T19692] ? __pfx_chrdev_open+0x10/0x10 [ 907.644852][T19692] vfs_open+0x82/0x3f0 [ 907.644916][T19692] path_openat+0x1de4/0x2cb0 [ 907.644988][T19692] ? __pfx_path_openat+0x10/0x10 [ 907.645047][T19692] do_filp_open+0x20b/0x470 [ 907.645094][T19692] ? __pfx_do_filp_open+0x10/0x10 [ 907.645177][T19692] ? alloc_fd+0x471/0x7d0 [ 907.645233][T19692] do_sys_openat2+0x11b/0x1d0 [ 907.645293][T19692] ? __pfx_do_sys_openat2+0x10/0x10 [ 907.645355][T19692] ? __pfx_sched_core_share_pid+0x10/0x10 [ 907.645413][T19692] __x64_sys_openat+0x174/0x210 [ 907.645474][T19692] ? __pfx___x64_sys_openat+0x10/0x10 [ 907.645537][T19692] ? syscall_user_dispatch+0x78/0x140 [ 907.645613][T19692] do_syscall_64+0xcd/0x490 [ 907.645670][T19692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 907.645709][T19692] RIP: 0033:0x7fda0558ebe9 [ 907.645742][T19692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 907.645782][T19692] RSP: 002b:00007fda0646c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 907.645820][T19692] RAX: ffffffffffffffda RBX: 00007fda057b5fa0 RCX: 00007fda0558ebe9 [ 907.645859][T19692] RDX: 0000000000000042 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 907.645883][T19692] RBP: 00007fda05611e19 R08: 0000000000000000 R09: 0000000000000000 [ 907.645908][T19692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 907.645937][T19692] R13: 00007fda057b6038 R14: 00007fda057b5fa0 R15: 00007ffe35980d98 [ 907.645986][T19692] [ 908.901946][T19717] FAULT_INJECTION: forcing a failure. [ 908.901946][T19717] name failslab, interval 1, probability 0, space 0, times 0 [ 908.978623][T19717] CPU: 0 UID: 0 PID: 19717 Comm: syz.2.2543 Tainted: G U syzkaller #0 PREEMPT(full) [ 908.978678][T19717] Tainted: [U]=USER [ 908.978690][T19717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 908.978712][T19717] Call Trace: [ 908.978729][T19717] [ 908.978743][T19717] dump_stack_lvl+0x16c/0x1f0 [ 908.978801][T19717] should_fail_ex+0x512/0x640 [ 908.978851][T19717] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 908.978898][T19717] should_failslab+0xc2/0x120 [ 908.978946][T19717] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 908.978990][T19717] ? mas_alloc_nodes+0x18b/0x8b0 [ 908.979037][T19717] mas_alloc_nodes+0x18b/0x8b0 [ 908.979088][T19717] mas_node_count_gfp+0x105/0x130 [ 908.979131][T19717] mas_preallocate+0x7e0/0xde0 [ 908.979192][T19717] ? __pfx_mas_preallocate+0x10/0x10 [ 908.979258][T19717] ? anon_vma_name+0x81/0x2f0 [ 908.979318][T19717] __split_vma+0x34a/0x1070 [ 908.979363][T19717] ? __pfx___split_vma+0x10/0x10 [ 908.979398][T19717] ? kernel_mbind+0x1e3/0x1f0 [ 908.979449][T19717] ? do_syscall_64+0xcd/0x490 [ 908.979496][T19717] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 908.979542][T19717] ? is_mergeable_anon_vma+0x11e/0x2f0 [ 908.979589][T19717] vma_modify+0xee1/0x2030 [ 908.979635][T19717] ? __lock_acquire+0xb97/0x1ce0 [ 908.979682][T19717] ? __pfx_vma_modify+0x10/0x10 [ 908.979730][T19717] vma_modify_policy+0x219/0x2d0 [ 908.979773][T19717] ? __pfx_vma_modify_policy+0x10/0x10 [ 908.979837][T19717] ? mpol_set_shared_policy+0x392/0x8c0 [ 908.979905][T19717] mbind_range+0x175/0x570 [ 908.979965][T19717] do_mbind+0x848/0xf30 [ 908.980030][T19717] ? __pfx_do_mbind+0x10/0x10 [ 908.980108][T19717] ? __pfx_get_nodes+0x10/0x10 [ 908.980163][T19717] kernel_mbind+0x1e3/0x1f0 [ 908.980221][T19717] ? __pfx_kernel_mbind+0x10/0x10 [ 908.980288][T19717] do_syscall_64+0xcd/0x490 [ 908.980339][T19717] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 908.980374][T19717] RIP: 0033:0x7f429e78ebe9 [ 908.980402][T19717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 908.980437][T19717] RSP: 002b:00007f429f635038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 908.980469][T19717] RAX: ffffffffffffffda RBX: 00007f429e9b6090 RCX: 00007f429e78ebe9 [ 908.980492][T19717] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 908.980514][T19717] RBP: 00007f429e811e19 R08: 0000000000000006 R09: 0000000000000002 [ 908.980536][T19717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 908.980558][T19717] R13: 00007f429e9b6128 R14: 00007f429e9b6090 R15: 00007ffeb4e40248 [ 908.980603][T19717] [ 909.976386][T19732] netlink: zone id is out of range [ 909.981625][T19732] netlink: zone id is out of range [ 909.993253][T19732] netlink: zone id is out of range [ 910.026602][T19732] netlink: zone id is out of range [ 910.062318][T19732] netlink: zone id is out of range [ 910.107158][T19732] netlink: zone id is out of range [ 910.176437][T19732] netlink: zone id is out of range [ 910.191975][T19732] netlink: zone id is out of range [ 910.197378][T19732] netlink: zone id is out of range [ 910.202548][T19732] netlink: zone id is out of range [ 910.539745][T19734] FAULT_INJECTION: forcing a failure. [ 910.539745][T19734] name failslab, interval 1, probability 0, space 0, times 0 [ 910.552924][T19734] CPU: 0 UID: 0 PID: 19734 Comm: syz.2.2546 Tainted: G U syzkaller #0 PREEMPT(full) [ 910.552969][T19734] Tainted: [U]=USER [ 910.552978][T19734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 910.552992][T19734] Call Trace: [ 910.553001][T19734] [ 910.553010][T19734] dump_stack_lvl+0x16c/0x1f0 [ 910.553047][T19734] should_fail_ex+0x512/0x640 [ 910.553097][T19734] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 910.553143][T19734] should_failslab+0xc2/0x120 [ 910.553190][T19734] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 910.553233][T19734] ? blk_alloc_queue+0x31/0x760 [ 910.553277][T19734] blk_alloc_queue+0x31/0x760 [ 910.553319][T19734] __blk_alloc_disk+0x9e/0x160 [ 910.553372][T19734] ? __pfx___blk_alloc_disk+0x10/0x10 [ 910.553442][T19734] ? lockdep_init_map_type+0x5c/0x280 [ 910.553478][T19734] ? lockdep_init_map_type+0x5c/0x280 [ 910.553516][T19734] dm_create+0x4bf/0x1160 [ 910.553553][T19734] dev_create+0x121/0x290 [ 910.553576][T19734] ? __pfx_dev_create+0x10/0x10 [ 910.553596][T19734] ? __might_fault+0x13b/0x190 [ 910.553632][T19734] ctl_ioctl+0x795/0xd60 [ 910.553677][T19734] ? __pfx_dev_create+0x10/0x10 [ 910.553700][T19734] ? __pfx_ctl_ioctl+0x10/0x10 [ 910.553767][T19734] ? __fget_files+0x20e/0x3c0 [ 910.553800][T19734] dm_ctl_ioctl+0x22/0x30 [ 910.553836][T19734] ? __pfx_dm_ctl_ioctl+0x10/0x10 [ 910.553874][T19734] __x64_sys_ioctl+0x18e/0x210 [ 910.553915][T19734] do_syscall_64+0xcd/0x490 [ 910.553951][T19734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 910.553976][T19734] RIP: 0033:0x7f429e78ebe9 [ 910.553996][T19734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 910.554021][T19734] RSP: 002b:00007f429f656038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 910.554044][T19734] RAX: ffffffffffffffda RBX: 00007f429e9b5fa0 RCX: 00007f429e78ebe9 [ 910.554060][T19734] RDX: 00002000000001c0 RSI: fffffffffffffd03 RDI: 0000000000000004 [ 910.554077][T19734] RBP: 00007f429e811e19 R08: 0000000000000000 R09: 0000000000000000 [ 910.554092][T19734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 910.554107][T19734] R13: 00007f429e9b6038 R14: 00007f429e9b5fa0 R15: 00007ffeb4e40248 [ 910.554136][T19734] syzkaller syzkaller login: [ 914.216375][T19781] Invalid ELF header magic: != ELF [ 914.865140][T19791] ubi0: attaching mtd0 [ 914.886227][T19791] ubi0: scanning is finished [ 914.949967][T19791] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 915.947920][T19791] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 918.220724][T19828] FAULT_INJECTION: forcing a failure. [ 918.220724][T19828] name failslab, interval 1, probability 0, space 0, times 0 [ 918.313782][T19828] CPU: 1 UID: 0 PID: 19828 Comm: syz.3.2562 Tainted: G U syzkaller #0 PREEMPT(full) [ 918.313831][T19828] Tainted: [U]=USER [ 918.313842][T19828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 918.313859][T19828] Call Trace: [ 918.313869][T19828] [ 918.313880][T19828] dump_stack_lvl+0x16c/0x1f0 [ 918.313927][T19828] should_fail_ex+0x512/0x640 [ 918.313971][T19828] ? fs_reclaim_acquire+0xae/0x150 [ 918.314021][T19828] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 918.314069][T19828] should_failslab+0xc2/0x120 [ 918.314111][T19828] __kmalloc_noprof+0xd2/0x510 [ 918.314176][T19828] tomoyo_realpath_from_path+0xc2/0x6e0 [ 918.314239][T19828] tomoyo_check_open_permission+0x2ab/0x3c0 [ 918.314284][T19828] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 918.314371][T19828] ? find_held_lock+0x2b/0x80 [ 918.314416][T19828] tomoyo_file_open+0x6b/0x90 [ 918.314449][T19828] security_file_open+0x84/0x1e0 [ 918.314496][T19828] do_dentry_open+0x596/0x1530 [ 918.314560][T19828] vfs_open+0x82/0x3f0 [ 918.314618][T19828] path_openat+0x1de4/0x2cb0 [ 918.314673][T19828] ? __pfx_path_openat+0x10/0x10 [ 918.314724][T19828] do_filp_open+0x20b/0x470 [ 918.314766][T19828] ? __pfx_do_filp_open+0x10/0x10 [ 918.314837][T19828] ? alloc_fd+0x471/0x7d0 [ 918.314885][T19828] do_sys_openat2+0x11b/0x1d0 [ 918.314936][T19828] ? __pfx_do_sys_openat2+0x10/0x10 [ 918.314986][T19828] ? __pfx_do_sys_openat2+0x10/0x10 [ 918.315054][T19828] __x64_sys_openat+0x174/0x210 [ 918.315108][T19828] ? __pfx___x64_sys_openat+0x10/0x10 [ 918.315175][T19828] do_syscall_64+0xcd/0x490 [ 918.315222][T19828] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 918.315255][T19828] RIP: 0033:0x7fda0558ebe9 [ 918.315282][T19828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 918.315315][T19828] RSP: 002b:00007fda0646c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 918.315345][T19828] RAX: ffffffffffffffda RBX: 00007fda057b5fa0 RCX: 00007fda0558ebe9 [ 918.315366][T19828] RDX: 0000000000040482 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 918.315387][T19828] RBP: 00007fda05611e19 R08: 0000000000000000 R09: 0000000000000000 [ 918.315407][T19828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 918.315427][T19828] R13: 00007fda057b6038 R14: 00007fda057b5fa0 R15: 00007ffe35980d98 [ 918.315471][T19828] [ 918.315485][T19828] ERROR: Out of memory at tomoyo_realpath_from_path. [ 919.599163][T19846] net_ratelimit: 27 callbacks suppressed [ 919.599193][T19846] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 921.136972][T19881] FAULT_INJECTION: forcing a failure. [ 921.136972][T19881] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 921.151133][T19881] CPU: 1 UID: 0 PID: 19881 Comm: syz.0.2568 Tainted: G U syzkaller #0 PREEMPT(full) [ 921.151189][T19881] Tainted: [U]=USER [ 921.151201][T19881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 921.151221][T19881] Call Trace: [ 921.151234][T19881] [ 921.151247][T19881] dump_stack_lvl+0x16c/0x1f0 [ 921.151313][T19881] should_fail_ex+0x512/0x640 [ 921.151366][T19881] should_fail_alloc_page+0xe7/0x130 [ 921.151414][T19881] prepare_alloc_pages+0x3c2/0x610 [ 921.151469][T19881] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 921.151515][T19881] ? rcu_is_watching+0x12/0xc0 [ 921.151550][T19881] ? trace_kmem_cache_alloc+0x28/0xc0 [ 921.151599][T19881] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 921.151640][T19881] ? mas_alloc_nodes+0x18b/0x8b0 [ 921.151683][T19881] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 921.151726][T19881] ? mas_destroy+0x5de/0xa20 [ 921.151776][T19881] ? perf_event_mmap+0xbb/0xd40 [ 921.151829][T19881] ? __pfx_perf_event_mmap+0x10/0x10 [ 921.151882][T19881] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 921.151936][T19881] ? policy_nodemask+0xea/0x4e0 [ 921.151984][T19881] alloc_pages_mpol+0x1fb/0x550 [ 921.152032][T19881] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 921.152089][T19881] alloc_pages_noprof+0x131/0x390 [ 921.152136][T19881] __pmd_alloc+0x3b/0x930 [ 921.152194][T19881] ? find_held_lock+0x2b/0x80 [ 921.152232][T19881] __handle_mm_fault+0xa06/0x2a50 [ 921.152280][T19881] ? __pfx___handle_mm_fault+0x10/0x10 [ 921.152352][T19881] handle_mm_fault+0x589/0xd10 [ 921.152395][T19881] __get_user_pages+0x551/0x34a0 [ 921.152465][T19881] ? __pfx___get_user_pages+0x10/0x10 [ 921.152538][T19881] populate_vma_page_range+0x267/0x3f0 [ 921.152592][T19881] ? __pfx_populate_vma_page_range+0x10/0x10 [ 921.152642][T19881] ? __pfx_find_vma_intersection+0x10/0x10 [ 921.152690][T19881] ? do_mmap+0x69c/0x1210 [ 921.152739][T19881] __mm_populate+0x1d8/0x380 [ 921.152790][T19881] ? __pfx___mm_populate+0x10/0x10 [ 921.152843][T19881] ? up_write+0x1b2/0x520 [ 921.152891][T19881] vm_mmap_pgoff+0x37f/0x470 [ 921.152940][T19881] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 921.152991][T19881] ? __x64_sys_futex+0x1e0/0x4c0 [ 921.153048][T19881] ? __x64_sys_futex+0x1e9/0x4c0 [ 921.153106][T19881] ksys_mmap_pgoff+0x7d/0x5c0 [ 921.153161][T19881] ? xfd_validate_state+0x61/0x180 [ 921.153216][T19881] __x64_sys_mmap+0x125/0x190 [ 921.153274][T19881] do_syscall_64+0xcd/0x490 [ 921.153322][T19881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 921.153355][T19881] RIP: 0033:0x7f1268f8ebe9 [ 921.153381][T19881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 921.153414][T19881] RSP: 002b:00007f1269d64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 921.153447][T19881] RAX: ffffffffffffffda RBX: 00007f12691b5fa0 RCX: 00007f1268f8ebe9 [ 921.153470][T19881] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 921.153491][T19881] RBP: 00007f1269011e19 R08: 0000000000000002 R09: 0000000000008000 [ 921.153514][T19881] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 921.153535][T19881] R13: 00007f12691b6038 R14: 00007f12691b5fa0 R15: 00007ffe3706e9d8 [ 921.153579][T19881] [ 921.529343][T19878] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2567'. [ 922.286897][T19893] nbd: couldn't find device at index 137 [ 926.553382][T19943] FAULT_INJECTION: forcing a failure. [ 926.553382][T19943] name failslab, interval 1, probability 0, space 0, times 0 [ 926.604135][T19943] CPU: 1 UID: 0 PID: 19943 Comm: syz.1.2576 Tainted: G U syzkaller #0 PREEMPT(full) [ 926.604186][T19943] Tainted: [U]=USER [ 926.604198][T19943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 926.604218][T19943] Call Trace: [ 926.604230][T19943] [ 926.604243][T19943] dump_stack_lvl+0x16c/0x1f0 [ 926.604309][T19943] should_fail_ex+0x512/0x640 [ 926.604354][T19943] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 926.604399][T19943] should_failslab+0xc2/0x120 [ 926.604445][T19943] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 926.604483][T19943] ? __pfx_acct_collect+0x10/0x10 [ 926.604534][T19943] ? taskstats_exit+0x654/0xbe0 [ 926.604588][T19943] taskstats_exit+0x654/0xbe0 [ 926.604639][T19943] ? __pfx_taskstats_exit+0x10/0x10 [ 926.604698][T19943] do_exit+0x5dc/0x2bf0 [ 926.604752][T19943] ? __pfx_do_exit+0x10/0x10 [ 926.604804][T19943] ? do_raw_spin_lock+0x12c/0x2b0 [ 926.604853][T19943] ? find_held_lock+0x2b/0x80 [ 926.604892][T19943] do_group_exit+0xd3/0x2a0 [ 926.604942][T19943] get_signal+0x2673/0x26d0 [ 926.604996][T19943] ? __pfx_get_signal+0x10/0x10 [ 926.605033][T19943] ? do_futex+0x122/0x350 [ 926.605076][T19943] ? __pfx_do_futex+0x10/0x10 [ 926.605122][T19943] arch_do_signal_or_restart+0x8f/0x790 [ 926.605169][T19943] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 926.605226][T19943] ? __pfx_kernel_mbind+0x10/0x10 [ 926.605284][T19943] exit_to_user_mode_loop+0x84/0x110 [ 926.605335][T19943] do_syscall_64+0x3f6/0x490 [ 926.605385][T19943] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 926.605418][T19943] RIP: 0033:0x7f61ec78ebe9 [ 926.605444][T19943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 926.605477][T19943] RSP: 002b:00007f61ed58a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 926.605509][T19943] RAX: fffffffffffffe00 RBX: 00007f61ec9b6098 RCX: 00007f61ec78ebe9 [ 926.605532][T19943] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f61ec9b6098 [ 926.605553][T19943] RBP: 00007f61ec9b6090 R08: 0000000000000000 R09: 0000000000000000 [ 926.605573][T19943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 926.605594][T19943] R13: 00007f61ec9b6128 R14: 00007ffc2787fbb0 R15: 00007ffc2787fc98 [ 926.605638][T19943] [ 926.838128][ C1] vkms_vblank_simulate: vblank timer overrun [ 927.158755][T19961] ubi0: attaching mtd0 [ 927.311980][T19961] ubi0: scanning is finished [ 927.321827][T19961] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 927.897129][T19961] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 928.130761][T19957] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 928.297327][T19975] block nbd9: NBD_DISCONNECT [ 929.457574][T19955] Process accounting resumed [ 930.232548][T19972] Process accounting paused [ 933.374233][T20040] netlink: zone id is out of range [ 933.379474][T20040] netlink: zone id is out of range [ 933.384796][T20040] netlink: zone id is out of range [ 933.390006][T20040] netlink: zone id is out of range [ 933.395226][T20040] netlink: zone id is out of range [ 933.400385][T20040] netlink: zone id is out of range [ 933.405640][T20040] netlink: zone id is out of range [ 933.410820][T20040] netlink: zone id is out of range [ 933.416073][T20040] netlink: zone id is out of range [ 933.421754][T20040] netlink: zone id is out of range [ 934.314432][T20039] vivid-003: ================= START STATUS ================= [ 934.432256][T20039] vivid-003: Radio HW Seek Mode: Bounded [ 934.449368][T20039] vivid-003: Radio Programmable HW Seek: false [ 934.459185][T20039] vivid-003: RDS Rx I/O Mode: Block I/O [ 934.465248][T20039] vivid-003: Generate RBDS Instead of RDS: false [ 934.471919][T20039] vivid-003: RDS Reception: true [ 934.482382][T20039] vivid-003: RDS Program Type: 0 inactive [ 934.543279][T20039] vivid-003: RDS PS Name: inactive [ 934.556952][T20039] vivid-003: RDS Radio Text: inactive [ 934.586322][T20039] vivid-003: RDS Traffic Announcement: false inactive [ 934.595231][T20039] vivid-003: RDS Traffic Program: false inactive [ 934.628137][T20039] vivid-003: RDS Music: false inactive [ 934.647825][T20039] vivid-003: ================== END STATUS ================== [ 936.391445][T20046] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 936.580257][T20046] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 936.666723][T20046] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 936.705179][T20046] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 936.728413][T20046] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 936.745548][ T5874] Bluetooth: hci0: command 0x0406 tx timeout [ 936.757236][T20046] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 936.787863][T20046] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 936.814470][T20046] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 936.859255][T20059] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 937.757882][T20094] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2597'. [ 938.089785][T20099] random: crng reseeded on system resumption [ 938.678192][T20107] can: request_module (can-proto-3) failed. [ 938.753866][ T5874] Bluetooth: hci2: command 0x0406 tx timeout [ 938.760734][ T5874] Bluetooth: hci1: command 0x0406 tx timeout [ 938.823255][ T5874] Bluetooth: hci3: command 0x0406 tx timeout [ 938.828730][T20110] Bluetooth: hci0: command 0x0406 tx timeout [ 939.291368][T20118] net_ratelimit: 27 callbacks suppressed [ 939.291388][T20118] netlink: zone id is out of range [ 939.314225][T20118] netlink: zone id is out of range [ 939.319381][T20118] netlink: zone id is out of range [ 939.352336][T20118] netlink: zone id is out of range [ 939.371761][T20118] netlink: zone id is out of range [ 939.380175][T20118] netlink: zone id is out of range [ 939.385435][T20118] netlink: zone id is out of range [ 939.407852][T20118] netlink: zone id is out of range [ 939.434555][T20118] netlink: zone id is out of range [ 939.440124][T20118] netlink: zone id is out of range [ 940.708195][T20131] vivid-003: ================= START STATUS ================= [ 940.717271][T20131] vivid-003: Radio HW Seek Mode: Bounded [ 940.724140][T20131] vivid-003: Radio Programmable HW Seek: false [ 940.732039][T20131] vivid-003: RDS Rx I/O Mode: Block I/O [ 940.739500][T20131] vivid-003: Generate RBDS Instead of RDS: false [ 940.823322][T20110] Bluetooth: hci2: command 0x0406 tx timeout [ 940.823679][ T5874] Bluetooth: hci1: command 0x0406 tx timeout [ 940.903256][ T5874] Bluetooth: hci3: command 0x0406 tx timeout [ 940.944410][T20131] vivid-003: RDS Reception: true [ 940.955796][T20131] vivid-003: RDS Program Type: 0 inactive [ 940.961678][T20131] vivid-003: RDS PS Name: inactive [ 940.967719][T20131] vivid-003: RDS Radio Text: inactive [ 940.976742][T20131] vivid-003: RDS Traffic Announcement: false inactive [ 940.994749][T20131] vivid-003: RDS Traffic Program: false inactive [ 941.009334][T20131] vivid-003: RDS Music: false inactive [ 941.019502][T20131] vivid-003: ================== END STATUS ================== [ 941.878417][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 941.884986][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 944.309015][T20179] random: crng reseeded on system resumption [ 945.860252][T20188] net_ratelimit: 27 callbacks suppressed [ 945.860278][T20188] netlink: zone id is out of range [ 945.872684][T20188] netlink: zone id is out of range [ 945.910205][T20188] netlink: zone id is out of range [ 945.917050][T20188] netlink: zone id is out of range [ 945.922399][T20188] netlink: zone id is out of range [ 945.927954][T20188] netlink: zone id is out of range [ 945.933179][T20188] netlink: zone id is out of range [ 945.938907][T20188] netlink: zone id is out of range [ 945.975559][T20188] netlink: zone id is out of range [ 945.980863][T20188] netlink: zone id is out of range [ 948.030641][T20222] FAULT_INJECTION: forcing a failure. [ 948.030641][T20222] name failslab, interval 1, probability 0, space 0, times 0 [ 948.070747][T20222] CPU: 1 UID: 0 PID: 20222 Comm: syz.3.2625 Tainted: G U syzkaller #0 PREEMPT(full) [ 948.070815][T20222] Tainted: [U]=USER [ 948.070827][T20222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 948.070848][T20222] Call Trace: [ 948.070859][T20222] [ 948.070872][T20222] dump_stack_lvl+0x16c/0x1f0 [ 948.070940][T20222] should_fail_ex+0x512/0x640 [ 948.070989][T20222] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 948.071046][T20222] should_failslab+0xc2/0x120 [ 948.071094][T20222] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 948.071138][T20222] ? __pmd_alloc+0xbf/0x930 [ 948.071197][T20222] __pmd_alloc+0xbf/0x930 [ 948.071251][T20222] ? find_held_lock+0x2b/0x80 [ 948.071290][T20222] __handle_mm_fault+0xa06/0x2a50 [ 948.071342][T20222] ? __pfx___handle_mm_fault+0x10/0x10 [ 948.071417][T20222] handle_mm_fault+0x589/0xd10 [ 948.071463][T20222] __get_user_pages+0x551/0x34a0 [ 948.071534][T20222] ? __pfx___get_user_pages+0x10/0x10 [ 948.071601][T20222] populate_vma_page_range+0x267/0x3f0 [ 948.071662][T20222] ? __pfx_populate_vma_page_range+0x10/0x10 [ 948.071733][T20222] __mm_populate+0x1d8/0x380 [ 948.071791][T20222] ? __pfx___mm_populate+0x10/0x10 [ 948.071851][T20222] ? up_write+0x1b2/0x520 [ 948.071907][T20222] vm_mmap_pgoff+0x37f/0x470 [ 948.071963][T20222] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 948.072025][T20222] ? __x64_sys_futex+0x1e0/0x4c0 [ 948.072076][T20222] ? __x64_sys_futex+0x1e9/0x4c0 [ 948.072128][T20222] ksys_mmap_pgoff+0x7d/0x5c0 [ 948.072176][T20222] ? xfd_validate_state+0x61/0x180 [ 948.072234][T20222] __x64_sys_mmap+0x125/0x190 [ 948.072293][T20222] do_syscall_64+0xcd/0x490 [ 948.072344][T20222] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 948.072380][T20222] RIP: 0033:0x7fda0558ebe9 [ 948.072407][T20222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 948.072441][T20222] RSP: 002b:00007fda0646c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 948.072473][T20222] RAX: ffffffffffffffda RBX: 00007fda057b5fa0 RCX: 00007fda0558ebe9 [ 948.072509][T20222] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 948.072529][T20222] RBP: 00007fda05611e19 R08: 0000000000000002 R09: 0000000000008000 [ 948.072550][T20222] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 948.072570][T20222] R13: 00007fda057b6038 R14: 00007fda057b5fa0 R15: 00007ffe35980d98 [ 948.072612][T20222] [ 953.522680][T20284] random: crng reseeded on system resumption [ 956.496825][T20309] Console: switching to colour frame buffer device 128x48 [ 958.301751][T20335] Console: switching to colour VGA+ 80x25 [ 960.338953][T20343] Process accounting paused [ 960.435478][T20359] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2639'. [ 961.118094][T20355] Process accounting resumed [ 961.442714][T20388] block nbd9: NBD_DISCONNECT [ 963.915077][T20418] FAULT_INJECTION: forcing a failure. [ 963.915077][T20418] name failslab, interval 1, probability 0, space 0, times 0 [ 963.982285][T20418] CPU: 0 UID: 0 PID: 20418 Comm: syz.1.2648 Tainted: G U syzkaller #0 PREEMPT(full) [ 963.982339][T20418] Tainted: [U]=USER [ 963.982351][T20418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 963.982372][T20418] Call Trace: [ 963.982384][T20418] [ 963.982398][T20418] dump_stack_lvl+0x16c/0x1f0 [ 963.982462][T20418] should_fail_ex+0x512/0x640 [ 963.982518][T20418] ? __kmalloc_noprof+0xbf/0x510 [ 963.982558][T20418] ? constrain_params_by_rules+0x175/0xca0 [ 963.982590][T20418] should_failslab+0xc2/0x120 [ 963.982632][T20418] __kmalloc_noprof+0xd2/0x510 [ 963.982667][T20418] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 963.982712][T20418] constrain_params_by_rules+0x175/0xca0 [ 963.982746][T20418] ? arch_stack_walk+0xa6/0x100 [ 963.982795][T20418] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 963.982828][T20418] ? stack_trace_save+0x8e/0xc0 [ 963.982863][T20418] ? __pfx_stack_trace_save+0x10/0x10 [ 963.982903][T20418] ? stack_trace_save+0x8e/0xc0 [ 963.982945][T20418] ? snd_pcm_oss_change_params_locked+0x9cd/0x3a30 [ 963.982977][T20418] ? snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 963.983008][T20418] ? snd_pcm_oss_get_formats+0x7e/0x340 [ 963.983036][T20418] ? snd_pcm_oss_ioctl+0x2efb/0x37a0 [ 963.983064][T20418] ? __x64_sys_ioctl+0x18e/0x210 [ 963.983110][T20418] ? do_syscall_64+0xcd/0x490 [ 963.983150][T20418] ? snd_interval_refine+0x2fa/0x580 [ 963.983207][T20418] snd_pcm_hw_refine+0x7de/0xad0 [ 963.983246][T20418] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 963.983318][T20418] snd_pcm_hw_param_first+0x334/0x6f0 [ 963.983358][T20418] snd_pcm_hw_param_near.constprop.0+0x702/0x8e0 [ 963.983399][T20418] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 963.983436][T20418] ? snd_pcm_oss_change_params_locked+0x958/0x3a30 [ 963.983479][T20418] snd_pcm_oss_change_params_locked+0x9cd/0x3a30 [ 963.983533][T20418] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 963.983572][T20418] ? __pfx___mutex_lock+0x10/0x10 [ 963.983643][T20418] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 963.983686][T20418] snd_pcm_oss_get_formats+0x7e/0x340 [ 963.983717][T20418] ? find_held_lock+0x2b/0x80 [ 963.983751][T20418] ? __pfx_snd_pcm_oss_get_formats+0x10/0x10 [ 963.983781][T20418] ? __might_fault+0x13b/0x190 [ 963.983830][T20418] snd_pcm_oss_ioctl+0x2efb/0x37a0 [ 963.983865][T20418] ? find_held_lock+0x2b/0x80 [ 963.983898][T20418] ? hook_file_ioctl_common+0x145/0x410 [ 963.983945][T20418] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 963.983986][T20418] ? __fget_files+0x20e/0x3c0 [ 963.984030][T20418] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 963.984084][T20418] __x64_sys_ioctl+0x18e/0x210 [ 963.984162][T20418] do_syscall_64+0xcd/0x490 [ 963.984221][T20418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 963.984258][T20418] RIP: 0033:0x7f61ec78ebe9 [ 963.984287][T20418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 963.984324][T20418] RSP: 002b:00007f61ed5ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 963.984358][T20418] RAX: ffffffffffffffda RBX: 00007f61ec9b5fa0 RCX: 00007f61ec78ebe9 [ 963.984382][T20418] RDX: 0000200000000180 RSI: 00000000c0045005 RDI: 0000000000000009 [ 963.984405][T20418] RBP: 00007f61ec811e19 R08: 0000000000000000 R09: 0000000000000000 [ 963.984427][T20418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 963.984449][T20418] R13: 00007f61ec9b6038 R14: 00007f61ec9b5fa0 R15: 00007ffc2787fc98 [ 963.984494][T20418] [ 965.006555][ T30] audit: type=1804 audit(6051355060.550:19): pid=20438 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2652" name="/newroot/651/file0" dev="tmpfs" ino=3365 res=1 errno=0 [ 965.236072][T20442] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 965.279353][T20442] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 965.412743][T20446] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2651'. [ 965.452551][T20446] veth0_macvtap: left promiscuous mode [ 967.878772][T20482] block nbd9: NBD_DISCONNECT [ 971.569281][T20527] ubi0: attaching mtd0 [ 971.581524][T20527] ubi0: scanning is finished [ 971.594143][T20527] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 971.772000][T20527] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 972.259317][T20529] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 972.283463][T20529] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 972.289575][T20529] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 972.299297][T20529] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 973.038777][T20532] svc: failed to register nfsdv3 RPC service (errno 111). [ 973.070116][T20532] svc: failed to register nfsaclv3 RPC service (errno 111). [ 974.183323][ T5874] Bluetooth: hci0: command 0x0406 tx timeout [ 974.353329][ T5874] Bluetooth: hci3: command 0x0406 tx timeout [ 974.358698][T20110] Bluetooth: hci1: command 0x0406 tx timeout [ 974.375504][ T5874] Bluetooth: hci2: command 0x0406 tx timeout [ 977.781960][T20605] random: crng reseeded on system resumption [ 978.028122][T20608] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 978.930070][T20621] can: request_module (can-proto-3) failed. [ 979.263680][T20624] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.0.2676: bg 1: bad block bitmap checksum [ 979.337248][T20624] EXT4-fs error (device sda1) in ext4_mb_clear_bb:6657: Filesystem failed CRC [ 979.552224][T20628] vivid-007: ================= START STATUS ================= [ 979.583485][T20628] vivid-007: Generate PTS: true [ 979.588747][T20628] vivid-007: Generate SCR: true [ 979.612162][T20628] tpg source WxH: 320x240 (Y'CbCr) [ 979.703267][T20628] tpg field: 1 [ 979.732587][T20628] tpg crop: (0,0)/320x240 [ 979.763829][T20628] tpg compose: (0,0)/320x240 [ 979.780859][T20628] tpg colorspace: 8 [ 979.793233][T20628] tpg transfer function: 0/0 [ 979.798005][T20628] tpg Y'CbCr encoding: 0/0 [ 979.802519][T20628] tpg quantization: 0/0 [ 979.809003][T20628] tpg RGB range: 0/2 [ 979.812964][T20628] vivid-007: ================== END STATUS ================== [ 985.214690][T20689] ICMPv6: process `syz.3.2688' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 987.733482][T20708] NFSD: Unable to initialize client recovery tracking! (-110) [ 987.883446][T20708] NFSD: Is nfsdcld running? If not, enable CONFIG_NFSD_LEGACY_CLIENT_TRACKING. [ 987.892443][T20708] NFSD: starting 90-second grace period (net f000044e) [ 989.339698][T20735] block nbd9: NBD_DISCONNECT [ 989.423521][T20726] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2694'. [ 989.584106][T20731] FAULT_INJECTION: forcing a failure. [ 989.584106][T20731] name failslab, interval 1, probability 0, space 0, times 0 [ 989.762886][T20731] CPU: 0 UID: 0 PID: 20731 Comm: syz.0.2695 Tainted: G U syzkaller #0 PREEMPT(full) [ 989.762942][T20731] Tainted: [U]=USER [ 989.762955][T20731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 989.762975][T20731] Call Trace: [ 989.762988][T20731] [ 989.763002][T20731] dump_stack_lvl+0x16c/0x1f0 [ 989.763057][T20731] should_fail_ex+0x512/0x640 [ 989.763104][T20731] ? __kvmalloc_node_noprof+0x124/0x620 [ 989.763146][T20731] should_failslab+0xc2/0x120 [ 989.763199][T20731] __kvmalloc_node_noprof+0x137/0x620 [ 989.763244][T20731] ? lockdep_init_map_type+0x5c/0x280 [ 989.763294][T20731] ? alloc_netdev_mqs+0xae5/0x1530 [ 989.763349][T20731] ? alloc_netdev_mqs+0xae5/0x1530 [ 989.763392][T20731] alloc_netdev_mqs+0xae5/0x1530 [ 989.763449][T20731] slip_open+0x35c/0x1150 [ 989.763505][T20731] ? __pfx___might_resched+0x10/0x10 [ 989.763540][T20731] ? __pfx_n_tty_close+0x10/0x10 [ 989.763572][T20731] ? find_held_lock+0x2b/0x80 [ 989.763605][T20731] ? __pfx_slip_open+0x10/0x10 [ 989.763654][T20731] ? down_write+0x14d/0x200 [ 989.763707][T20731] ? __pfx_slip_open+0x10/0x10 [ 989.763755][T20731] tty_ldisc_open+0x9f/0x120 [ 989.763797][T20731] tty_set_ldisc+0x32b/0x780 [ 989.763845][T20731] tty_ioctl+0xc2e/0x1680 [ 989.763893][T20731] ? __pfx_tty_ioctl+0x10/0x10 [ 989.763952][T20731] ? find_held_lock+0x2b/0x80 [ 989.763985][T20731] ? hook_file_ioctl_common+0x145/0x410 [ 989.764040][T20731] ? __fget_files+0x20e/0x3c0 [ 989.764084][T20731] ? __pfx_tty_ioctl+0x10/0x10 [ 989.764132][T20731] __x64_sys_ioctl+0x18e/0x210 [ 989.764189][T20731] do_syscall_64+0xcd/0x490 [ 989.764252][T20731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 989.764288][T20731] RIP: 0033:0x7f1268f8ebe9 [ 989.764316][T20731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 989.764349][T20731] RSP: 002b:00007f1269d64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 989.764382][T20731] RAX: ffffffffffffffda RBX: 00007f12691b5fa0 RCX: 00007f1268f8ebe9 [ 989.764405][T20731] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000a [ 989.764425][T20731] RBP: 00007f1269011e19 R08: 0000000000000000 R09: 0000000000000000 [ 989.764446][T20731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 989.764466][T20731] R13: 00007f12691b6038 R14: 00007f12691b5fa0 R15: 00007ffe3706e9d8 [ 989.764509][T20731] [ 990.498549][T20722] Process accounting resumed [ 991.322144][ T5874] Bluetooth: hci1: unexpected subevent 0x03 length: 253 > 9 [ 991.836739][T20751] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2699'. [ 991.912631][T20751] Process accounting paused [ 993.582388][T20770] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 994.309450][T20775] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 996.869417][T20796] svc: failed to register nfsdv3 RPC service (errno 111). [ 996.885951][T20796] svc: failed to register nfsaclv3 RPC service (errno 111). [ 997.841691][T20803] random: crng reseeded on system resumption [ 1003.311173][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 1003.321864][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 1008.951151][T20971] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 1011.830418][T21013] random: crng reseeded on system resumption [ 1013.328625][T21022] ICMPv6: process `syz.0.2738' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 1013.653342][ T5874] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1014.448364][T21039] blktrace: Concurrent blktraces are not allowed on ram7 [ 1017.458354][T21073] blktrace: Concurrent blktraces are not allowed on ram7 [ 1017.488125][T21076] bond0: option all_slaves_active: invalid value () [ 1021.946005][T21110] Process accounting paused [ 1022.292435][T21113] Process accounting resumed [ 1022.424893][T21137] blktrace: Concurrent blktraces are not allowed on ram7 [ 1024.203746][T21171] random: crng reseeded on system resumption [ 1025.000196][T21181] can: request_module (can-proto-3) failed. [ 1028.424028][ T5874] Bluetooth: hci2: unexpected subevent 0x03 length: 253 > 9 [ 1030.109083][T21259] FAULT_INJECTION: forcing a failure. [ 1030.109083][T21259] name failslab, interval 1, probability 0, space 0, times 0 [ 1030.173232][T21259] CPU: 0 UID: 0 PID: 21259 Comm: syz.3.2774 Tainted: G U syzkaller #0 PREEMPT(full) [ 1030.173272][T21259] Tainted: [U]=USER [ 1030.173280][T21259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1030.173295][T21259] Call Trace: [ 1030.173304][T21259] [ 1030.173314][T21259] dump_stack_lvl+0x16c/0x1f0 [ 1030.173352][T21259] should_fail_ex+0x512/0x640 [ 1030.173387][T21259] ? fs_reclaim_acquire+0xae/0x150 [ 1030.173428][T21259] should_failslab+0xc2/0x120 [ 1030.173461][T21259] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1030.173493][T21259] ? security_inode_alloc+0x3b/0x2b0 [ 1030.173525][T21259] security_inode_alloc+0x3b/0x2b0 [ 1030.173554][T21259] inode_init_always_gfp+0xce4/0x1030 [ 1030.173589][T21259] alloc_inode+0x86/0x240 [ 1030.173625][T21259] alloc_anon_inode+0x28/0x3e0 [ 1030.173654][T21259] anon_inode_make_secure_inode+0x31/0x140 [ 1030.173688][T21259] __anon_inode_getfile+0x1cf/0x280 [ 1030.173717][T21259] ? _copy_to_user+0x48/0xd0 [ 1030.173741][T21259] io_uring_setup+0x154d/0x2080 [ 1030.173777][T21259] ? __pfx_io_uring_setup+0x10/0x10 [ 1030.173817][T21259] ? __pfx___might_resched+0x10/0x10 [ 1030.173862][T21259] ? xfd_validate_state+0x61/0x180 [ 1030.173906][T21259] __x64_sys_io_uring_setup+0xc2/0x170 [ 1030.173940][T21259] do_syscall_64+0xcd/0x490 [ 1030.173977][T21259] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1030.174002][T21259] RIP: 0033:0x7fda0558ebe9 [ 1030.174022][T21259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1030.174047][T21259] RSP: 002b:00007fda0646c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1030.174070][T21259] RAX: ffffffffffffffda RBX: 00007fda057b5fa0 RCX: 00007fda0558ebe9 [ 1030.174087][T21259] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 1030.174101][T21259] RBP: 00007fda05611e19 R08: 0000000000000000 R09: 0000000000000000 [ 1030.174116][T21259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1030.174131][T21259] R13: 00007fda057b6038 R14: 00007fda057b5fa0 R15: 00007ffe35980d98 [ 1030.174161][T21259] [ 1031.315923][ T30] audit: type=1800 audit(6051355126.770:20): pid=21280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2776" name="members" dev="configfs" ino=72702 res=0 errno=0 [ 1037.490175][T21344] blktrace: Concurrent blktraces are not allowed on ram7 [ 1038.454755][T21363] FAULT_INJECTION: forcing a failure. [ 1038.454755][T21363] name failslab, interval 1, probability 0, space 0, times 0 [ 1038.503091][T21363] CPU: 0 UID: 0 PID: 21363 Comm: syz.3.2787 Tainted: G U syzkaller #0 PREEMPT(full) [ 1038.503146][T21363] Tainted: [U]=USER [ 1038.503157][T21363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1038.503178][T21363] Call Trace: [ 1038.503190][T21363] [ 1038.503204][T21363] dump_stack_lvl+0x16c/0x1f0 [ 1038.503245][T21363] should_fail_ex+0x512/0x640 [ 1038.503281][T21363] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1038.503309][T21363] ? __pfx_mon_text_open+0x10/0x10 [ 1038.503335][T21363] should_failslab+0xc2/0x120 [ 1038.503368][T21363] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1038.503394][T21363] ? lockdep_init_map_type+0x5c/0x280 [ 1038.503427][T21363] ? mon_text_open+0xd5/0x4f0 [ 1038.503458][T21363] ? __pfx_mon_text_open+0x10/0x10 [ 1038.503485][T21363] mon_text_open+0xd5/0x4f0 [ 1038.503513][T21363] ? __pfx_mon_text_open+0x10/0x10 [ 1038.503539][T21363] ? __debugfs_file_get+0x1fe/0x840 [ 1038.503578][T21363] ? __pfx___debugfs_file_get+0x10/0x10 [ 1038.503617][T21363] ? __pfx_apparmor_file_open+0x10/0x10 [ 1038.503642][T21363] ? lockdown_is_locked_down+0x3f/0x130 [ 1038.503666][T21363] ? bpf_lsm_locked_down+0x9/0x10 [ 1038.503693][T21363] ? __pfx_mon_text_open+0x10/0x10 [ 1038.503719][T21363] full_proxy_open_regular+0x1b6/0x360 [ 1038.503749][T21363] do_dentry_open+0x982/0x1530 [ 1038.503782][T21363] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 1038.503813][T21363] vfs_open+0x82/0x3f0 [ 1038.503860][T21363] path_openat+0x1de4/0x2cb0 [ 1038.503900][T21363] ? __pfx_path_openat+0x10/0x10 [ 1038.503937][T21363] do_filp_open+0x20b/0x470 [ 1038.503967][T21363] ? __pfx_do_filp_open+0x10/0x10 [ 1038.504018][T21363] ? alloc_fd+0x471/0x7d0 [ 1038.504052][T21363] do_sys_openat2+0x11b/0x1d0 [ 1038.504090][T21363] ? __pfx_do_sys_openat2+0x10/0x10 [ 1038.504139][T21363] __x64_sys_openat+0x174/0x210 [ 1038.504178][T21363] ? __pfx___x64_sys_openat+0x10/0x10 [ 1038.504229][T21363] do_syscall_64+0xcd/0x490 [ 1038.504265][T21363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1038.504290][T21363] RIP: 0033:0x7fda0558ebe9 [ 1038.504311][T21363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1038.504335][T21363] RSP: 002b:00007fda063e8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1038.504359][T21363] RAX: ffffffffffffffda RBX: 00007fda057b6360 RCX: 00007fda0558ebe9 [ 1038.504376][T21363] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1038.504392][T21363] RBP: 00007fda05611e19 R08: 0000000000000000 R09: 0000000000000000 [ 1038.504407][T21363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1038.504422][T21363] R13: 00007fda057b63f8 R14: 00007fda057b6360 R15: 00007ffe35980d98 [ 1038.504453][T21363] [ 1039.883944][T21354] NFSD: Unable to initialize client recovery tracking! (-110) [ 1039.893269][T21354] NFSD: Is nfsdcld running? If not, enable CONFIG_NFSD_LEGACY_CLIENT_TRACKING. [ 1039.902365][T21354] NFSD: starting 90-second grace period (net f000044e) [ 1040.035987][ T30] audit: type=1800 audit(6051355135.530:21): pid=21376 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2789" name="members" dev="configfs" ino=73884 res=0 errno=0 [ 1044.652967][T21401] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1045.813876][T21434] FAULT_INJECTION: forcing a failure. [ 1045.813876][T21434] name failslab, interval 1, probability 0, space 0, times 0 [ 1045.831742][T21434] CPU: 1 UID: 0 PID: 21434 Comm: syz.2.2799 Tainted: G U syzkaller #0 PREEMPT(full) [ 1045.831800][T21434] Tainted: [U]=USER [ 1045.831815][T21434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1045.831835][T21434] Call Trace: [ 1045.831847][T21434] [ 1045.831860][T21434] dump_stack_lvl+0x16c/0x1f0 [ 1045.831915][T21434] should_fail_ex+0x512/0x640 [ 1045.831966][T21434] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1045.832008][T21434] ? __pfx_mon_text_open+0x10/0x10 [ 1045.832056][T21434] should_failslab+0xc2/0x120 [ 1045.832105][T21434] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1045.832142][T21434] ? mon_text_open+0x1cb/0x4f0 [ 1045.832184][T21434] ? __pfx_mon_text_open+0x10/0x10 [ 1045.832222][T21434] mon_text_open+0x1cb/0x4f0 [ 1045.832263][T21434] ? __pfx_mon_text_open+0x10/0x10 [ 1045.832301][T21434] ? __debugfs_file_get+0x1fe/0x840 [ 1045.832356][T21434] ? __pfx___debugfs_file_get+0x10/0x10 [ 1045.832410][T21434] ? __pfx_apparmor_file_open+0x10/0x10 [ 1045.832449][T21434] ? lockdown_is_locked_down+0x3f/0x130 [ 1045.832483][T21434] ? bpf_lsm_locked_down+0x9/0x10 [ 1045.832521][T21434] ? __pfx_mon_text_open+0x10/0x10 [ 1045.832559][T21434] full_proxy_open_regular+0x1b6/0x360 [ 1045.832599][T21434] do_dentry_open+0x982/0x1530 [ 1045.832645][T21434] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 1045.832691][T21434] vfs_open+0x82/0x3f0 [ 1045.832752][T21434] path_openat+0x1de4/0x2cb0 [ 1045.832812][T21434] ? __pfx_path_openat+0x10/0x10 [ 1045.832867][T21434] do_filp_open+0x20b/0x470 [ 1045.832910][T21434] ? __pfx_do_filp_open+0x10/0x10 [ 1045.832985][T21434] ? alloc_fd+0x471/0x7d0 [ 1045.833038][T21434] do_sys_openat2+0x11b/0x1d0 [ 1045.833102][T21434] ? __pfx_do_sys_openat2+0x10/0x10 [ 1045.833180][T21434] __x64_sys_openat+0x174/0x210 [ 1045.833231][T21434] ? __pfx___x64_sys_openat+0x10/0x10 [ 1045.833303][T21434] do_syscall_64+0xcd/0x490 [ 1045.833355][T21434] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1045.833389][T21434] RIP: 0033:0x7f429e78ebe9 [ 1045.833417][T21434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1045.833452][T21434] RSP: 002b:00007f429f5d2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1045.833486][T21434] RAX: ffffffffffffffda RBX: 00007f429e9b6360 RCX: 00007f429e78ebe9 [ 1045.833510][T21434] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1045.833531][T21434] RBP: 00007f429e811e19 R08: 0000000000000000 R09: 0000000000000000 [ 1045.833553][T21434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1045.833573][T21434] R13: 00007f429e9b63f8 R14: 00007f429e9b6360 R15: 00007ffeb4e40248 [ 1045.833617][T21434] [ 1053.344229][T21496] Process accounting paused [ 1054.032658][T21514] Process accounting resumed [ 1055.494532][T21550] random: crng reseeded on system resumption [ 1055.934371][T21556] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 1058.760621][T21584] blktrace: Concurrent blktraces are not allowed on ram7 [ 1058.837389][T21585] svc: failed to register nfsdv3 RPC service (errno 111). [ 1058.882676][T21585] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1062.366916][T21602] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1063.530544][T21650] random: crng reseeded on system resumption [ 1064.750535][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 1064.756986][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 1066.605099][T21687] blktrace: Concurrent blktraces are not allowed on ram7 [ 1067.955849][T21706] syz.2.2844 (21706): /proc/21700/oom_adj is deprecated, please use /proc/21700/oom_score_adj instead. [ 1067.974149][T21710] blktrace: Concurrent blktraces are not allowed on ram7 [ 1073.167899][T21753] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1077.429446][T21809] blktrace: Concurrent blktraces are not allowed on ram7 [ 1079.143213][ T5874] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1079.949819][T21841] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2864'. [ 1080.001942][T21841] veth0_macvtap: left promiscuous mode [ 1080.292558][T21851] blktrace: Concurrent blktraces are not allowed on ram7 [ 1081.142000][T21868] blktrace: Concurrent blktraces are not allowed on ram7 [ 1084.338127][T21888] Process accounting paused [ 1084.638570][T21909] blktrace: Concurrent blktraces are not allowed on ram7 [ 1085.511652][T21899] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1085.538643][T21878] Process accounting resumed [ 1086.570839][T21925] FAULT_INJECTION: forcing a failure. [ 1086.570839][T21925] name failslab, interval 1, probability 0, space 0, times 0 [ 1086.640776][T21925] CPU: 0 UID: 0 PID: 21925 Comm: syz.3.2875 Tainted: G U syzkaller #0 PREEMPT(full) [ 1086.640816][T21925] Tainted: [U]=USER [ 1086.640824][T21925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1086.640840][T21925] Call Trace: [ 1086.640850][T21925] [ 1086.640860][T21925] dump_stack_lvl+0x16c/0x1f0 [ 1086.640897][T21925] should_fail_ex+0x512/0x640 [ 1086.640933][T21925] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1086.640967][T21925] should_failslab+0xc2/0x120 [ 1086.641001][T21925] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1086.641032][T21925] ? sock_alloc_inode+0x25/0x1c0 [ 1086.641081][T21925] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1086.641120][T21925] sock_alloc_inode+0x25/0x1c0 [ 1086.641156][T21925] alloc_inode+0x64/0x240 [ 1086.641193][T21925] sock_alloc+0x40/0x280 [ 1086.641229][T21925] __sock_create+0xc1/0x8d0 [ 1086.641259][T21925] __sys_socket+0x14d/0x260 [ 1086.641282][T21925] ? __x64_sys_openat+0x174/0x210 [ 1086.641327][T21925] ? __pfx___sys_socket+0x10/0x10 [ 1086.641351][T21925] ? xfd_validate_state+0x61/0x180 [ 1086.641395][T21925] __x64_sys_socket+0x72/0xb0 [ 1086.641419][T21925] ? lockdep_hardirqs_on+0x7c/0x110 [ 1086.641450][T21925] do_syscall_64+0xcd/0x490 [ 1086.641489][T21925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1086.641515][T21925] RIP: 0033:0x7fda0558ebe9 [ 1086.641540][T21925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1086.641565][T21925] RSP: 002b:00007fda0646c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1086.641588][T21925] RAX: ffffffffffffffda RBX: 00007fda057b5fa0 RCX: 00007fda0558ebe9 [ 1086.641605][T21925] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002 [ 1086.641623][T21925] RBP: 00007fda05611e19 R08: 0000000000000000 R09: 0000000000000000 [ 1086.641638][T21925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1086.641653][T21925] R13: 00007fda057b6038 R14: 00007fda057b5fa0 R15: 00007ffe35980d98 [ 1086.641684][T21925] [ 1086.641700][T21925] net_ratelimit: 27 callbacks suppressed [ 1086.641712][T21925] socket: no more sockets [ 1088.195012][T21956] queue_state_write: operation too long [ 1088.201020][T21956] queue_state_write: use 'run', 'start' or 'kick' [ 1091.295446][T21992] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2892'. [ 1091.872380][ T5874] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1095.237061][T22046] Invalid ELF header magic: != ELF [ 1095.598220][T22058] blktrace: Concurrent blktraces are not allowed on ram7 [ 1096.515585][T22068] blktrace: Concurrent blktraces are not allowed on ram7 [ 1098.351666][T22071] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1099.217053][T22104] random: crng reseeded on system resumption [ 1099.976740][T22104] can: request_module (can-proto-3) failed. [ 1100.558140][T22121] blktrace: Concurrent blktraces are not allowed on ram7 [ 1101.548669][T22135] FAULT_INJECTION: forcing a failure. [ 1101.548669][T22135] name failslab, interval 1, probability 0, space 0, times 0 [ 1101.606756][T22135] CPU: 0 UID: 0 PID: 22135 Comm: syz.2.2905 Tainted: G U syzkaller #0 PREEMPT(full) [ 1101.606813][T22135] Tainted: [U]=USER [ 1101.606825][T22135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1101.606846][T22135] Call Trace: [ 1101.606859][T22135] [ 1101.606873][T22135] dump_stack_lvl+0x16c/0x1f0 [ 1101.606925][T22135] should_fail_ex+0x512/0x640 [ 1101.606973][T22135] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1101.607020][T22135] should_failslab+0xc2/0x120 [ 1101.607066][T22135] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1101.607127][T22135] ? security_file_alloc+0x34/0x2b0 [ 1101.607184][T22135] security_file_alloc+0x34/0x2b0 [ 1101.607233][T22135] init_file+0x93/0x4c0 [ 1101.607286][T22135] alloc_empty_file+0x73/0x1e0 [ 1101.607341][T22135] path_openat+0xda/0x2cb0 [ 1101.607380][T22135] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1101.607431][T22135] ? __pfx_path_openat+0x10/0x10 [ 1101.607485][T22135] do_filp_open+0x20b/0x470 [ 1101.607528][T22135] ? __pfx_do_filp_open+0x10/0x10 [ 1101.607613][T22135] ? alloc_fd+0x471/0x7d0 [ 1101.607666][T22135] do_sys_openat2+0x11b/0x1d0 [ 1101.607725][T22135] ? __pfx_do_sys_openat2+0x10/0x10 [ 1101.607797][T22135] __x64_sys_openat+0x174/0x210 [ 1101.607853][T22135] ? __pfx___x64_sys_openat+0x10/0x10 [ 1101.607924][T22135] do_syscall_64+0xcd/0x490 [ 1101.607978][T22135] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1101.608013][T22135] RIP: 0033:0x7f429e78ebe9 [ 1101.608042][T22135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1101.608077][T22135] RSP: 002b:00007f429f656038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1101.608110][T22135] RAX: ffffffffffffffda RBX: 00007f429e9b5fa0 RCX: 00007f429e78ebe9 [ 1101.608134][T22135] RDX: 0000000000101041 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1101.608158][T22135] RBP: 00007f429e811e19 R08: 0000000000000000 R09: 0000000000000000 [ 1101.608196][T22135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1101.608219][T22135] R13: 00007f429e9b6038 R14: 00007f429e9b5fa0 R15: 00007ffeb4e40248 [ 1101.608264][T22135] [ 1102.285246][T22131] zswap: compressor not available [ 1102.925497][T22119] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1103.909684][T22145] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1106.179846][T22179] blktrace: Concurrent blktraces are not allowed on ram7 [ 1107.751383][T22193] blktrace: Concurrent blktraces are not allowed on ram7 [ 1110.931682][T22223] blktrace: Concurrent blktraces are not allowed on ram7 [ 1113.003830][T22243] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 1114.184912][T22266] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2930'. [ 1114.373162][T22268] Process accounting resumed [ 1115.670965][T22259] Process accounting paused [ 1116.470723][T22293] blktrace: Concurrent blktraces are not allowed on ram7 [ 1116.771393][T22301] ubi0: attaching mtd0 [ 1116.791328][T22301] ubi0: scanning is finished [ 1116.818576][T22301] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1117.296245][T22301] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1118.504403][T22327] blktrace: Concurrent blktraces are not allowed on ram7 [ 1120.097962][T22350] queue_state_write: operation too long [ 1120.105575][T22350] queue_state_write: use 'run', 'start' or 'kick' [ 1124.776158][T22404] ACPI: Can not change Invalid GPE/Fixed Event status [ 1126.202897][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 1126.212697][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 1126.277603][T22415] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2952'. [ 1127.208057][T22439] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2955'. [ 1127.459127][T22448] blktrace: Concurrent blktraces are not allowed on ram7 [ 1132.919806][T22523] queue_state_write: operation too long [ 1132.963081][T22523] queue_state_write: use 'run', 'start' or 'kick' [ 1134.716680][T22542] zswap: compressor not available [ 1137.792765][T22576] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2974'. [ 1138.199944][T22583] random: crng reseeded on system resumption [ 1139.113178][T22585] can: request_module (can-proto-3) failed. [ 1143.247340][T22648] blktrace: Concurrent blktraces are not allowed on ram7 [ 1144.923198][ T30] audit: type=1800 audit(6051355240.460:22): pid=22678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2990" name="members" dev="configfs" ino=78636 res=0 errno=0 [ 1145.234558][T22682] blktrace: Concurrent blktraces are not allowed on ram7 [ 1146.390431][T22655] Process accounting paused [ 1146.525499][T22671] Process accounting resumed [ 1149.323934][T22745] blktrace: Concurrent blktraces are not allowed on ram7 [ 1150.992614][T22765] blktrace: Concurrent blktraces are not allowed on ram7 [ 1153.804178][T22798] random: crng reseeded on system resumption [ 1154.941311][T22804] blktrace: Concurrent blktraces are not allowed on ram7 [ 1157.451304][T22843] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 1161.115844][T22886] netlink: 268 bytes leftover after parsing attributes in process `syz.3.3020'. [ 1162.820187][T22905] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1163.775860][T22935] can: request_module (can-proto-3) failed. [ 1164.162385][ T5874] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 1166.360091][T22994] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3033'. [ 1166.384368][T22994] ipvlan0: entered allmulticast mode [ 1166.391424][T22994] veth0_vlan: entered allmulticast mode [ 1167.791594][T23013] ubi0: attaching mtd0 [ 1167.798303][T23013] ubi0: scanning is finished [ 1167.806376][T23013] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1168.147928][T23013] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1172.731313][T23076] blktrace: Concurrent blktraces are not allowed on ram7 [ 1174.472498][T23090] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3048'. [ 1175.178890][T23092] udevd[23092]: inotify_add_watch(7, /dev/nbd0, 10) failed: No such file or directory [ 1177.571119][T23135] Invalid ELF header magic: != ELF [ 1178.806342][T23148] blktrace: Concurrent blktraces are not allowed on ram7 [ 1182.596689][T23201] blktrace: Concurrent blktraces are not allowed on ram7 [ 1183.100251][T23208] blktrace: Concurrent blktraces are not allowed on ram7 [ 1184.080139][T23220] blktrace: Concurrent blktraces are not allowed on ram7 [ 1185.265363][T23242] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31 [ 1185.482080][T23249] blktrace: Concurrent blktraces are not allowed on ram7 [ 1187.628775][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 1187.635240][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 1187.873512][T23276] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32 [ 1188.219307][T23277] random: crng reseeded on system resumption [ 1188.970761][T23290] blktrace: Concurrent blktraces are not allowed on ram7 [ 1191.694304][ T30] audit: type=1800 audit(6051355287.230:23): pid=23329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3084" name="dbroot" dev="configfs" ino=80978 res=0 errno=0 [ 1191.871988][T23332] blktrace: Concurrent blktraces are not allowed on ram7 [ 1196.197418][T23394] blktrace: Concurrent blktraces are not allowed on ram7 [ 1197.069662][T23406] kAFS: bad VL server IP address [ 1197.208012][T23410] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3098'. [ 1197.328281][T23409] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1197.340669][T23409] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1198.233365][T23420] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1198.287469][T23424] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1199.653791][T23442] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1199.671146][T23442] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1200.079802][T23452] blktrace: Concurrent blktraces are not allowed on ram7 [ 1202.163803][T23489] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 1202.278252][T23479] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1202.630434][T23496] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1203.560289][T23508] FAULT_INJECTION: forcing a failure. [ 1203.560289][T23508] name failslab, interval 1, probability 0, space 0, times 0 [ 1203.574324][T23508] CPU: 0 UID: 0 PID: 23508 Comm: syz.0.3112 Tainted: G U syzkaller #0 PREEMPT(full) [ 1203.574361][T23508] Tainted: [U]=USER [ 1203.574369][T23508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1203.574384][T23508] Call Trace: [ 1203.574392][T23508] [ 1203.574401][T23508] dump_stack_lvl+0x16c/0x1f0 [ 1203.574438][T23508] should_fail_ex+0x512/0x640 [ 1203.574473][T23508] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1203.574506][T23508] should_failslab+0xc2/0x120 [ 1203.574538][T23508] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1203.574566][T23508] ? mark_held_locks+0x49/0x80 [ 1203.574597][T23508] ? key_alloc+0x3e0/0x1330 [ 1203.574632][T23508] key_alloc+0x3e0/0x1330 [ 1203.574674][T23508] ? __pfx_key_alloc+0x10/0x10 [ 1203.574705][T23508] ? __pfx_key_default_cmp+0x10/0x10 [ 1203.574742][T23508] ? __pfx_keyring_search_iterator+0x10/0x10 [ 1203.574782][T23508] keyring_alloc+0x44/0xc0 [ 1203.574830][T23508] look_up_user_keyrings+0x510/0x760 [ 1203.574864][T23508] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 1203.574904][T23508] lookup_user_key+0x1a3/0x1300 [ 1203.574936][T23508] ? __pfx_lookup_user_key+0x10/0x10 [ 1203.574964][T23508] ? do_futex+0x122/0x350 [ 1203.575001][T23508] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 1203.575036][T23508] ? fput+0x9b/0xd0 [ 1203.575074][T23508] keyctl_keyring_clear+0x24/0x1a0 [ 1203.575100][T23508] __do_sys_keyctl+0x355/0x590 [ 1203.575128][T23508] do_syscall_64+0xcd/0x490 [ 1203.575162][T23508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1203.575186][T23508] RIP: 0033:0x7f1268f8ebe9 [ 1203.575205][T23508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1203.575229][T23508] RSP: 002b:00007f1269d64038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1203.575251][T23508] RAX: ffffffffffffffda RBX: 00007f12691b5fa0 RCX: 00007f1268f8ebe9 [ 1203.575267][T23508] RDX: 0000000000000002 RSI: 00000000fffffffb RDI: 0000000000000007 [ 1203.575281][T23508] RBP: 00007f1269011e19 R08: 0000000000000008 R09: 0000000000000000 [ 1203.575296][T23508] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 1203.575311][T23508] R13: 00007f12691b6038 R14: 00007f12691b5fa0 R15: 00007ffe3706e9d8 [ 1203.575341][T23508] [ 1204.489353][T23515] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 1205.344311][ T30] audit: type=1800 audit(6051355300.830:24): pid=23524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3114" name="features" dev="configfs" ino=81458 res=0 errno=0 [ 1207.242086][T23545] netlink: 496 bytes leftover after parsing attributes in process `syz.3.3121'. [ 1207.483621][T23547] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1207.503435][T23547] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1208.129294][T23548] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1209.622280][T23576] blktrace: Concurrent blktraces are not allowed on ram7 [ 1212.553540][T23620] FAULT_INJECTION: forcing a failure. [ 1212.553540][T23620] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1212.576141][T23620] CPU: 0 UID: 0 PID: 23620 Comm: syz.1.3129 Tainted: G U syzkaller #0 PREEMPT(full) [ 1212.576193][T23620] Tainted: [U]=USER [ 1212.576206][T23620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1212.576226][T23620] Call Trace: [ 1212.576238][T23620] [ 1212.576252][T23620] dump_stack_lvl+0x16c/0x1f0 [ 1212.576312][T23620] should_fail_ex+0x512/0x640 [ 1212.576368][T23620] get_futex_key+0x1d0/0x1560 [ 1212.576425][T23620] ? __pfx_get_futex_key+0x10/0x10 [ 1212.576480][T23620] futex_wake+0xea/0x530 [ 1212.576541][T23620] ? lockdep_hardirqs_on+0x7c/0x110 [ 1212.576589][T23620] ? __pfx_futex_wake+0x10/0x10 [ 1212.576646][T23620] ? __sanitizer_cov_trace_switch+0x40/0x90 [ 1212.576701][T23620] do_futex+0x1e3/0x350 [ 1212.576763][T23620] ? __pfx_do_futex+0x10/0x10 [ 1212.576808][T23620] ? __pfx_get_nodes+0x10/0x10 [ 1212.576856][T23620] __x64_sys_futex+0x1e0/0x4c0 [ 1212.576903][T23620] ? kernel_mbind+0x155/0x1f0 [ 1212.576955][T23620] ? __pfx___x64_sys_futex+0x10/0x10 [ 1212.577001][T23620] ? xfd_validate_state+0x61/0x180 [ 1212.577050][T23620] ? __pfx_kernel_mbind+0x10/0x10 [ 1212.577116][T23620] do_syscall_64+0xcd/0x490 [ 1212.577167][T23620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1212.577204][T23620] RIP: 0033:0x7f61ec78ebe9 [ 1212.577231][T23620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1212.577267][T23620] RSP: 002b:00007f61ed58a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1212.577300][T23620] RAX: ffffffffffffffda RBX: 00007f61ec9b6098 RCX: 00007f61ec78ebe9 [ 1212.577325][T23620] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f61ec9b609c [ 1212.577347][T23620] RBP: 00007f61ec9b6090 R08: 00007f61ed5ac000 R09: 0000000000000000 [ 1212.577369][T23620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1212.577391][T23620] R13: 00007f61ec9b6128 R14: 00007ffc2787fbb0 R15: 00007ffc2787fc98 [ 1212.577436][T23620] [ 1215.159110][T23651] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1215.197791][T23651] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1215.733115][T23666] blktrace: Concurrent blktraces are not allowed on ram7 [ 1216.602121][T23677] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 1217.396840][T23682] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1217.831067][T23697] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1217.930614][T23693] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1218.975602][T23710] FAULT_INJECTION: forcing a failure. [ 1218.975602][T23710] name failslab, interval 1, probability 0, space 0, times 0 [ 1219.023193][T23710] CPU: 0 UID: 0 PID: 23710 Comm: syz.3.3145 Tainted: G U syzkaller #0 PREEMPT(full) [ 1219.023250][T23710] Tainted: [U]=USER [ 1219.023261][T23710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1219.023281][T23710] Call Trace: [ 1219.023293][T23710] [ 1219.023306][T23710] dump_stack_lvl+0x16c/0x1f0 [ 1219.023356][T23710] should_fail_ex+0x512/0x640 [ 1219.023402][T23710] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1219.023445][T23710] should_failslab+0xc2/0x120 [ 1219.023488][T23710] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1219.023526][T23710] ? __kernfs_new_node+0xd2/0x8e0 [ 1219.023591][T23710] __kernfs_new_node+0xd2/0x8e0 [ 1219.023640][T23710] ? __pfx___kernfs_new_node+0x10/0x10 [ 1219.023694][T23710] ? find_held_lock+0x2b/0x80 [ 1219.023729][T23710] ? kernfs_root+0xee/0x2a0 [ 1219.023788][T23710] kernfs_new_node+0x13c/0x1e0 [ 1219.023846][T23710] __kernfs_create_file+0x53/0x350 [ 1219.023886][T23710] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1219.023949][T23710] internal_create_group+0x578/0xf30 [ 1219.024029][T23710] ? __pfx_internal_create_group+0x10/0x10 [ 1219.024068][T23710] ? kernfs_create_link+0x1bd/0x240 [ 1219.024098][T23710] internal_create_groups+0x9d/0x150 [ 1219.024134][T23710] device_add+0x731/0x1aa0 [ 1219.024161][T23710] ? __pfx_device_add+0x10/0x10 [ 1219.024186][T23710] ? lockdep_init_map_type+0x5c/0x280 [ 1219.024226][T23710] input_register_device+0x7e8/0x1180 [ 1219.024252][T23710] ? input_ff_create+0x256/0x350 [ 1219.024285][T23710] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 1219.024320][T23710] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1219.024359][T23710] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 1219.024400][T23710] ? find_held_lock+0x2b/0x80 [ 1219.024438][T23710] ? __pfx_uinput_ioctl+0x10/0x10 [ 1219.024471][T23710] __x64_sys_ioctl+0x18e/0x210 [ 1219.024512][T23710] do_syscall_64+0xcd/0x490 [ 1219.024548][T23710] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1219.024572][T23710] RIP: 0033:0x7fda0558ebe9 [ 1219.024592][T23710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1219.024616][T23710] RSP: 002b:00007fda0646c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1219.024639][T23710] RAX: ffffffffffffffda RBX: 00007fda057b5fa0 RCX: 00007fda0558ebe9 [ 1219.024655][T23710] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000004 [ 1219.024670][T23710] RBP: 00007fda05611e19 R08: 0000000000000000 R09: 0000000000000000 [ 1219.024685][T23710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1219.024699][T23710] R13: 00007fda057b6038 R14: 00007fda057b5fa0 R15: 00007ffe35980d98 [ 1219.024729][T23710] [ 1220.565893][T23712] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1221.517141][T23723] Invalid ELF header magic: != ELF [ 1222.490645][T23753] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1222.642721][T23744] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1222.906942][T23758] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1222.984832][T23758] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1223.938893][T23776] blktrace: Concurrent blktraces are not allowed on ram7 [ 1225.036842][T23796] blktrace: Concurrent blktraces are not allowed on ram7 [ 1226.710205][T23822] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1226.731006][T23820] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1227.997502][T23831] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1228.036070][T23831] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1229.586946][T23854] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1229.650393][T23854] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1230.810648][T23868] vhci_hcd: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 1230.983572][T23877] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1230.989764][T23877] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1231.003989][T23877] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1231.031514][T23877] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1233.063613][ T5874] Bluetooth: hci2: command 0x0406 tx timeout [ 1233.063632][T20556] Bluetooth: hci1: command 0x0406 tx timeout [ 1233.063683][T20556] Bluetooth: hci0: command 0x0406 tx timeout [ 1233.069895][T20110] Bluetooth: hci3: command 0x0406 tx timeout [ 1234.605856][T23942] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1234.659807][T23936] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1235.899320][T23966] blktrace: Concurrent blktraces are not allowed on ram7 [ 1237.232250][T23984] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1237.258791][T23984] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1237.609491][T23993] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3185'. [ 1239.449899][T24028] FAULT_INJECTION: forcing a failure. [ 1239.449899][T24028] name failslab, interval 1, probability 0, space 0, times 0 [ 1239.463618][T24021] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1239.470147][T24021] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1239.484113][T24021] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1239.498550][T24021] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1239.546770][T24028] CPU: 1 UID: 0 PID: 24028 Comm: syz.3.3190 Tainted: G U syzkaller #0 PREEMPT(full) [ 1239.546819][T24028] Tainted: [U]=USER [ 1239.546827][T24028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1239.546843][T24028] Call Trace: [ 1239.546852][T24028] [ 1239.546862][T24028] dump_stack_lvl+0x16c/0x1f0 [ 1239.546910][T24028] should_fail_ex+0x512/0x640 [ 1239.546945][T24028] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1239.546978][T24028] should_failslab+0xc2/0x120 [ 1239.547011][T24028] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1239.547040][T24028] ? alloc_empty_file+0x55/0x1e0 [ 1239.547088][T24028] alloc_empty_file+0x55/0x1e0 [ 1239.547126][T24028] path_openat+0xda/0x2cb0 [ 1239.547154][T24028] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1239.547189][T24028] ? __pfx_path_openat+0x10/0x10 [ 1239.547225][T24028] do_filp_open+0x20b/0x470 [ 1239.547255][T24028] ? __pfx_do_filp_open+0x10/0x10 [ 1239.547305][T24028] ? alloc_fd+0x471/0x7d0 [ 1239.547338][T24028] do_sys_openat2+0x11b/0x1d0 [ 1239.547378][T24028] ? __pfx_do_sys_openat2+0x10/0x10 [ 1239.547430][T24028] __x64_sys_openat+0x174/0x210 [ 1239.547469][T24028] ? __pfx___x64_sys_openat+0x10/0x10 [ 1239.547519][T24028] do_syscall_64+0xcd/0x490 [ 1239.547555][T24028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1239.547582][T24028] RIP: 0033:0x7fda0558ebe9 [ 1239.547601][T24028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1239.547625][T24028] RSP: 002b:00007fda0644b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1239.547653][T24028] RAX: ffffffffffffffda RBX: 00007fda057b6090 RCX: 00007fda0558ebe9 [ 1239.547670][T24028] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1239.547686][T24028] RBP: 00007fda05611e19 R08: 0000000000000000 R09: 0000000000000000 [ 1239.547702][T24028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1239.547717][T24028] R13: 00007fda057b6128 R14: 00007fda057b6090 R15: 00007ffe35980d98 [ 1239.547748][T24028] [ 1240.496279][T24040] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1240.820107][T24050] blktrace: Concurrent blktraces are not allowed on ram7 [ 1240.846653][T24039] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1241.544327][T20110] Bluetooth: hci3: command 0x0406 tx timeout [ 1241.544349][T20556] Bluetooth: hci2: command 0x0406 tx timeout [ 1241.544398][T20556] Bluetooth: hci1: command 0x0406 tx timeout [ 1241.550644][T20110] Bluetooth: hci0: command 0x0406 tx timeout [ 1243.024066][T24075] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1243.066128][T24075] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1243.569990][T24082] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1243.614239][T24082] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1245.426187][T24114] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1245.510060][T24117] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1247.176404][T24143] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1247.203681][T24143] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1248.563885][T24159] vhci_hcd: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 1249.068257][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 1249.074784][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 1251.380830][T24207] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1251.423623][T24207] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1252.641113][T24222] blktrace: Concurrent blktraces are not allowed on ram7 [ 1253.705335][T24238] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1253.766441][T24238] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1255.809203][T24276] blktrace: Concurrent blktraces are not allowed on ram7 [ 1258.212234][T24303] blktrace: Concurrent blktraces are not allowed on ram7 [ 1259.378299][T24324] blktrace: Concurrent blktraces are not allowed on ram7 [ 1259.876912][T24335] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1259.993849][T24330] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1262.371581][T24372] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1262.492298][T24374] random: crng reseeded on system resumption [ 1263.312883][T24380] can: request_module (can-proto-3) failed. [ 1263.583102][T24387] blktrace: Concurrent blktraces are not allowed on ram7 [ 1264.725173][T24401] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1264.772283][T24405] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1264.825639][T24401] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1264.876464][T24408] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1265.700228][T24404] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1269.849688][T24472] blktrace: Concurrent blktraces are not allowed on ram7 [ 1270.949208][T24485] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1270.958149][T24485] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1271.336133][T24495] ================================================================== [ 1271.336157][T24495] BUG: KASAN: slab-out-of-bounds in do_con_write+0x3839/0x8280 [ 1271.336214][T24495] Write of size 2 at addr ffff8880790e5fda by task syz.2.3254/24495 [ 1271.336244][T24495] [ 1271.336264][T24495] CPU: 0 UID: 0 PID: 24495 Comm: syz.2.3254 Tainted: G U syzkaller #0 PREEMPT(full) [ 1271.336311][T24495] Tainted: [U]=USER [ 1271.336323][T24495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1271.336344][T24495] Call Trace: [ 1271.336355][T24495] [ 1271.336369][T24495] dump_stack_lvl+0x116/0x1f0 [ 1271.336416][T24495] print_report+0xcd/0x630 [ 1271.336458][T24495] ? __virt_addr_valid+0x81/0x610 [ 1271.336502][T24495] ? __phys_addr+0xe8/0x180 [ 1271.336551][T24495] ? do_con_write+0x3839/0x8280 [ 1271.336597][T24495] kasan_report+0xe0/0x110 [ 1271.336643][T24495] ? do_con_write+0x3839/0x8280 [ 1271.336695][T24495] do_con_write+0x3839/0x8280 [ 1271.336744][T24495] ? srcu_gp_start_if_needed+0xda0/0xe70 [ 1271.336806][T24495] ? __pfx___mutex_lock+0x10/0x10 [ 1271.336855][T24495] ? __pfx_do_con_write+0x10/0x10 [ 1271.336914][T24495] con_write+0x23/0xb0 [ 1271.336962][T24495] n_tty_write+0x41c/0x11e0 [ 1271.337005][T24495] ? __pfx_n_tty_write+0x10/0x10 [ 1271.337056][T24495] ? rcu_is_watching+0x12/0xc0 [ 1271.337091][T24495] ? __pfx_woken_wake_function+0x10/0x10 [ 1271.337145][T24495] ? kfree+0x24f/0x4d0 [ 1271.337176][T24495] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 1271.337226][T24495] ? __pfx_n_tty_write+0x10/0x10 [ 1271.337259][T24495] file_tty_write.constprop.0+0x504/0x9b0 [ 1271.337312][T24495] redirected_tty_write+0xd4/0x150 [ 1271.337357][T24495] vfs_write+0x7d0/0x11d0 [ 1271.337396][T24495] ? __pfx_redirected_tty_write+0x10/0x10 [ 1271.337444][T24495] ? __pfx_vfs_write+0x10/0x10 [ 1271.337482][T24495] ? find_held_lock+0x2b/0x80 [ 1271.337528][T24495] ksys_write+0x12a/0x250 [ 1271.337566][T24495] ? __pfx_ksys_write+0x10/0x10 [ 1271.337611][T24495] do_syscall_64+0xcd/0x490 [ 1271.337657][T24495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1271.337693][T24495] RIP: 0033:0x7f429e78ebe9 [ 1271.337718][T24495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1271.337753][T24495] RSP: 002b:00007f429f635038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1271.337804][T24495] RAX: ffffffffffffffda RBX: 00007f429e9b6090 RCX: 00007f429e78ebe9 [ 1271.337826][T24495] RDX: 0000000000000004 RSI: 0000200000000440 RDI: 0000000000000005 [ 1271.337848][T24495] RBP: 00007f429e811e19 R08: 0000000000000000 R09: 0000000000000000 [ 1271.337870][T24495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1271.337891][T24495] R13: 00007f429e9b6128 R14: 00007f429e9b6090 R15: 00007ffeb4e40248 [ 1271.337925][T24495] [ 1271.337938][T24495] [ 1271.337947][T24495] Allocated by task 20335: [ 1271.337964][T24495] kasan_save_stack+0x33/0x60 [ 1271.338003][T24495] kasan_save_track+0x14/0x30 [ 1271.338047][T24495] __kasan_kmalloc+0xaa/0xb0 [ 1271.338083][T24495] __kmalloc_noprof+0x223/0x510 [ 1271.338121][T24495] vc_do_resize+0x1de/0x10e0 [ 1271.338160][T24495] vgacon_init+0x37c/0x440 [ 1271.338211][T24495] visual_init+0x320/0x620 [ 1271.338244][T24495] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1271.338287][T24495] do_unbind_con_driver+0x571/0x6d0 [ 1271.338329][T24495] store_bind+0x421/0x760 [ 1271.338368][T24495] dev_attr_store+0x58/0x80 [ 1271.338417][T24495] sysfs_kf_write+0xf2/0x150 [ 1271.338452][T24495] kernfs_fop_write_iter+0x354/0x510 [ 1271.338484][T24495] do_iter_readv_writev+0x65f/0x9e0 [ 1271.338518][T24495] vfs_writev+0x35f/0xde0 [ 1271.338552][T24495] do_writev+0x132/0x340 [ 1271.338585][T24495] do_syscall_64+0xcd/0x490 [ 1271.338630][T24495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1271.338664][T24495] [ 1271.338673][T24495] The buggy address belongs to the object at ffff8880790e4000 [ 1271.338673][T24495] which belongs to the cache kmalloc-4k of size 4096 [ 1271.338702][T24495] The buggy address is located 4154 bytes to the right of [ 1271.338702][T24495] allocated 4000-byte region [ffff8880790e4000, ffff8880790e4fa0) [ 1271.338738][T24495] [ 1271.338747][T24495] The buggy address belongs to the physical page: [ 1271.338772][T24495] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x790e0 [ 1271.338803][T24495] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1271.338831][T24495] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1271.338861][T24495] page_type: f5(slab) [ 1271.338897][T24495] raw: 00fff00000000040 ffff88801b842140 dead000000000100 dead000000000122 [ 1271.338928][T24495] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 1271.338960][T24495] head: 00fff00000000040 ffff88801b842140 dead000000000100 dead000000000122 [ 1271.338989][T24495] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 1271.339033][T24495] head: 00fff00000000003 ffffea0001e43801 00000000ffffffff 00000000ffffffff [ 1271.339068][T24495] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 1271.339084][T24495] page dumped because: kasan: bad access detected [ 1271.339096][T24495] page_owner tracks the page as allocated [ 1271.339105][T24495] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 16093, tgid 16092 (syz.3.1996), ts 660513891155, free_ts 660324387286 [ 1271.339149][T24495] post_alloc_hook+0x1c0/0x230 [ 1271.339175][T24495] get_page_from_freelist+0x132b/0x38e0 [ 1271.339203][T24495] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1271.339231][T24495] alloc_pages_mpol+0x1fb/0x550 [ 1271.339272][T24495] new_slab+0x247/0x330 [ 1271.339298][T24495] ___slab_alloc+0xcf2/0x1740 [ 1271.339327][T24495] __slab_alloc.constprop.0+0x56/0xb0 [ 1271.339358][T24495] __kvmalloc_node_noprof+0x3b1/0x620 [ 1271.339393][T24495] open_substream+0x30c/0x990 [ 1271.339428][T24495] rawmidi_open_priv+0x543/0x6e0 [ 1271.339464][T24495] snd_rawmidi_open+0x4cc/0xbf0 [ 1271.339501][T24495] snd_open+0x22d/0x4c0 [ 1271.339548][T24495] chrdev_open+0x234/0x6a0 [ 1271.339589][T24495] do_dentry_open+0x982/0x1530 [ 1271.339625][T24495] vfs_open+0x82/0x3f0 [ 1271.339669][T24495] path_openat+0x1de4/0x2cb0 [ 1271.339705][T24495] page last free pid 16087 tgid 16086 stack trace: [ 1271.339724][T24495] __free_frozen_pages+0x7d5/0x10f0 [ 1271.339753][T24495] sg_remove_scat+0x1bb/0x560 [ 1271.339780][T24495] sg_finish_rem_req+0x322/0x590 [ 1271.339809][T24495] sg_common_write.constprop.0+0xa5e/0x1c90 [ 1271.339846][T24495] sg_write+0x813/0xe10 [ 1271.339879][T24495] vfs_write+0x2a0/0x11d0 [ 1271.339913][T24495] ksys_write+0x12a/0x250 [ 1271.339949][T24495] do_syscall_64+0xcd/0x490 [ 1271.339980][T24495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1271.340003][T24495] [ 1271.340009][T24495] Memory state around the buggy address: [ 1271.340022][T24495] ffff8880790e5e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1271.340048][T24495] ffff8880790e5f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1271.340066][T24495] >ffff8880790e5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1271.340079][T24495] ^ [ 1271.340093][T24495] ffff8880790e6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1271.340111][T24495] ffff8880790e6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1271.340125][T24495] ================================================================== [ 1271.457903][T24495] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1271.457938][T24495] CPU: 0 UID: 0 PID: 24495 Comm: syz.2.3254 Tainted: G U syzkaller #0 PREEMPT(full) [ 1271.457975][T24495] Tainted: [U]=USER [ 1271.457983][T24495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1271.457998][T24495] Call Trace: [ 1271.458007][T24495] [ 1271.458022][T24495] dump_stack_lvl+0x3d/0x1f0 [ 1271.458059][T24495] vpanic+0x6e8/0x7a0 [ 1271.458096][T24495] ? __pfx_vpanic+0x10/0x10 [ 1271.458134][T24495] ? do_con_write+0x3839/0x8280 [ 1271.458168][T24495] panic+0xca/0xd0 [ 1271.458201][T24495] ? __pfx_panic+0x10/0x10 [ 1271.458235][T24495] ? do_con_write+0x3839/0x8280 [ 1271.458268][T24495] ? preempt_schedule_common+0x44/0xc0 [ 1271.458299][T24495] ? preempt_schedule_thunk+0x16/0x30 [ 1271.458335][T24495] check_panic_on_warn+0xab/0xb0 [ 1271.458372][T24495] end_report+0x107/0x170 [ 1271.458406][T24495] kasan_report+0xee/0x110 [ 1271.458437][T24495] ? do_con_write+0x3839/0x8280 [ 1271.458474][T24495] do_con_write+0x3839/0x8280 [ 1271.458507][T24495] ? srcu_gp_start_if_needed+0xda0/0xe70 [ 1271.458551][T24495] ? __pfx___mutex_lock+0x10/0x10 [ 1271.458583][T24495] ? __pfx_do_con_write+0x10/0x10 [ 1271.458623][T24495] con_write+0x23/0xb0 [ 1271.458655][T24495] n_tty_write+0x41c/0x11e0 [ 1271.458683][T24495] ? __pfx_n_tty_write+0x10/0x10 [ 1271.458704][T24495] ? rcu_is_watching+0x12/0xc0 [ 1271.458728][T24495] ? __pfx_woken_wake_function+0x10/0x10 [ 1271.458766][T24495] ? kfree+0x24f/0x4d0 [ 1271.458786][T24495] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 1271.458820][T24495] ? __pfx_n_tty_write+0x10/0x10 [ 1271.458843][T24495] file_tty_write.constprop.0+0x504/0x9b0 [ 1271.458880][T24495] redirected_tty_write+0xd4/0x150 [ 1271.458912][T24495] vfs_write+0x7d0/0x11d0 [ 1271.458939][T24495] ? __pfx_redirected_tty_write+0x10/0x10 [ 1271.458974][T24495] ? __pfx_vfs_write+0x10/0x10 [ 1271.458999][T24495] ? find_held_lock+0x2b/0x80 [ 1271.459037][T24495] ksys_write+0x12a/0x250 [ 1271.459064][T24495] ? __pfx_ksys_write+0x10/0x10 [ 1271.459096][T24495] do_syscall_64+0xcd/0x490 [ 1271.459131][T24495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1271.459155][T24495] RIP: 0033:0x7f429e78ebe9 [ 1271.459173][T24495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1271.459197][T24495] RSP: 002b:00007f429f635038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1271.459221][T24495] RAX: ffffffffffffffda RBX: 00007f429e9b6090 RCX: 00007f429e78ebe9 [ 1271.459238][T24495] RDX: 0000000000000004 RSI: 0000200000000440 RDI: 0000000000000005 [ 1271.459254][T24495] RBP: 00007f429e811e19 R08: 0000000000000000 R09: 0000000000000000 [ 1271.459270][T24495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1271.459285][T24495] R13: 00007f429e9b6128 R14: 00007f429e9b6090 R15: 00007ffeb4e40248 [ 1271.459309][T24495] [ 1271.459709][T24495] Kernel Offset: disabled