last executing test programs: 6.974788654s ago: executing program 0 (id=2029): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) prctl$auto(0x8, 0x3309a665, r1, 0xc4a2, 0xdb) r2 = ioctl$auto_TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000180)=0x10) write$auto_dev_fops_plock(r2, &(0x7f0000000200)="ea579eafbef6a78ace20c66c3ed28a307811ba5a77e0d6f20eee070874ce267321ef2da8ccef77a2a57912658cfac38b23199ba898ef2c29ea039494e108e23fc3d3de801c6cdb8c585be1ec026d327ad05a0c7812805bb6d050f902f2e77e549ec276c282a2bb8c2847f2e7105018d493a4a1dc", 0x74) sendmsg$auto_IOAM6_CMD_DUMP_NAMESPACES(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0xc010) setuid$auto(0x800000000008) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 6.843440792s ago: executing program 3 (id=2030): mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/hugepages-8kB/shmem_enabled\x00', 0x1a1842, 0x0) r1 = io_uring_setup$auto(0x1, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x100) write$auto(0xffffffffffffffff, 0x0, 0x9) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/fail-nth\x00', 0x0, 0x0) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r3 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D0c\x00', 0x84440, 0x0) close_range$auto(r3, r2, 0x400) r4 = openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/comm\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = io_uring_setup$auto(0x59, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS1\x00', 0x0, 0x0) read$auto(0x3, 0x0, 0x6) read$auto(0x3, 0x0, 0x5) ioctl$auto(0x3, 0x402c542b, 0x38) sendfile$auto(r4, r5, &(0x7f0000000100)=0xe, 0x6) r7 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video26\x00', 0x43a000, 0x0) read$auto_v4l2_fops_v4l2_dev(r7, &(0x7f00000010c0)=""/22, 0x16) mmap$auto(0xffffffffffffffff, 0x7, 0x403, 0xed0, 0xfffffffffffffffa, 0x7ffe) r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/asound/card1/pcm0c/sub1/info\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r8, &(0x7f0000000140)=""/41, 0x29) ioctl$auto_TIOCSTI2(r6, 0x5412, 0x0) write$auto_proc_pid_set_comm_operations_base(r4, 0x0, 0x0) symlink$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='./file0\x00') r9 = bpf$auto(0x0, 0x0, 0x14) fcntl$auto_F_OFD_SETLKW(r1, 0x26, 0x4) fadvise64$auto_POSIX_FADV_DONTNEED(0xffffffffffffffff, 0xff, 0x0, 0x4) sendmsg$auto_NL80211_CMD_GET_PROTOCOL_FEATURES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xffffff8b, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYRESHEX=r0, @ANYRES8=r4, @ANYRES32=0x0], 0x34}, 0x1, 0x0, 0x0, 0x20000850}, 0x4c088) sendmsg$auto_NL80211_CMD_SET_WOWLAN(r1, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="06000000", @ANYRESDEC=r2, @ANYBLOB="00022cbd7000fedbdf254a000000040005010400f4000400ff0008003f000300000024005a80040039000800fe00", @ANYRES32=r9, @ANYBLOB="1400950000000000000000000000000000000001"], 0x4c}, 0x1, 0x0, 0x0, 0x804}, 0x800) 6.591433912s ago: executing program 0 (id=2031): openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r0 = socket(0x2, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10000, 0x0, 0x9, 0x0, 0x1000, 0xb}, 0x800008}, 0x5, 0x20000000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram5\x00', 0x14fa02, 0x0) sendfile$auto(0x3, r1, 0x0, 0x400000000006) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 6.407408038s ago: executing program 3 (id=2032): unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010025bd7000fcdbdf2502"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0xb000000) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, 0x0, 0x40000, 0x0) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0xd4, 0x0, 0x4) 4.402335518s ago: executing program 0 (id=2037): mmap$auto(0x100000000, 0x2000d, 0x1, 0xeb1, 0xffffffffffffffff, 0x100000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) semget$auto(0x0, 0x13c, 0x1ff) recvmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5, 0x0, 0x9, 0x0, 0x800000000005, 0x7ffffffd}, 0x8}, 0x3, 0x1, 0x0) semtimedop$auto(0x0, &(0x7f0000000140)={0x7, 0x81, 0x70}, 0x1f4, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat2$auto(0xffffffffffffffff, &(0x7f0000000480)='./file0\x00', &(0x7f0000000280)={0x982, 0x6, 0x4}, 0x7f) r2 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_IEEE802154_ADD_IFACE(r1, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00012a000b000900000005002800d4000000060010006a05001d004000"/46], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x525a05df5b8ef67a) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0) socket(0x1e, 0x80000, 0x9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x2c402, 0x0) r4 = ioctl$auto_TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000180)=0x10) write$auto_dev_fops_plock(r4, &(0x7f0000000200)="ea579eafbef6a78ace20c66c3ed28a307811ba5a77e0d6f20eee070874ce267321ef2da8ccef77a2a57912658cfac38b23199ba898ef2c29ea039494e108e23fc3d3de801c6cdb8c585be1ec026d327ad05a0c7812805bb6d050f902f2e77e549ec276c282a2bb8c2847f2e7105018d493a4a1dc", 0x74) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x16, 0x21, 0x6, 0xfffffffffffffffe, 0x5) sendfile$auto(r5, r3, 0x0, 0x1fff5) close_range$auto(0x2, 0x8, 0x0) semctl$auto_GETNCNT(0x0, 0x4, 0xe, 0x4) io_uring_setup$auto(0x4bf15e08, 0x0) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) unshare$auto(0x40000080) 3.453760056s ago: executing program 3 (id=2039): io_uring_setup$auto(0x2, 0x0) mmap$auto(0x7ffffffffffffffd, 0xb3b7, 0x4000000000e1, 0x2000000001a, 0x401, 0x7ffe) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2a01, 0x0) ioctl$auto(0x1, 0x890b, 0x8) ioctl$auto_LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xfffffffffffffffd) bpf$auto(0x1, 0x0, 0xc) unshare$auto(0x40000080) umount2$auto(0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x40000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r3 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r3, 0x10f, 0x10000, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) 2.967204771s ago: executing program 1 (id=2042): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x2000c, 0x800000000de, 0xe31, 0x40000000000a5, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x5) r1 = open(&(0x7f00000001c0)='./file0\x00', 0x8c81, 0x91) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r3 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) open(0x0, 0x62240, 0x55) statx$auto(r3, 0x0, 0x1003, 0x1, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r4, 0x400c4d01, r4) r5 = landlock_create_ruleset$auto(&(0x7f0000000000)={0xff, 0x2, 0x9}, 0x9, 0x0) landlock_restrict_self$auto(r2, 0x0) r6 = socket(0x2, 0x1, 0x0) connect$auto(r6, 0x0, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) r7 = socket(0x23, 0x5, 0x0) bind$auto(r7, &(0x7f0000000140)=@phonet={0x23, 0x6, 0x3, 0xa3}, 0x80) r8 = socket(0x23, 0x5, 0x0) bind$auto(r8, &(0x7f0000000140)=@phonet={0x23, 0x6, 0x0, 0xa3}, 0x80) close_range$auto(0x2, 0x8, 0x0) close_range$auto(r8, r0, 0xce3) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) sendfile$auto(r1, r5, 0x0, 0x40000000c07) connect$auto(0xffffffffffffffff, &(0x7f0000000000)=@generic={0x1d, "b1524ea4accf7233b1e4f8073bd3"}, 0x0) 2.523787139s ago: executing program 1 (id=2043): r0 = openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) read$auto(r0, 0x0, 0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_SET_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000009d0dcb4bb756f7ed2d68310e4fb5fd15dc9a9d34dec012832a3c5b2aa0f21bdd551bf2b20df4958960de8949eb6c86fcad92c6df113e2aebdd3943f89dc8c7bff1736bff57d79c3927762dcce7b2d5ef064b35168e41a8d240b2f9c1902a3d66291a183313b793f8dc63ebdd89e9eea25eca29f9ca4d5bfc0baf407b11e524db702fee50cfa726518c8404553b6494a1602e80c5005efa6cb461372c298d44879f59cb1cbfafb7bc0b9be6d03008ae8c7da04806d97d3a0df2dbb7417247db650e9787ab8e2ca7e914", @ANYRES16=r2, @ANYBLOB="01002abd7000fbdbdf250c000000080005009be300000800040000000000"], 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) wait4$auto(0x0, 0x0, 0xf, &(0x7f0000000140)={{0x2599}, {0xffffffffffffffff, 0x1000000009}, 0x2, 0x800080000001, 0x1, 0x1000, 0x5, 0x7, 0x5, 0x5, 0xb11c, 0x8, 0xfffffffffffffffd, 0xfffffffffffffedf, 0xffff, 0x801c0000003}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a07000000000000000e00000a0001"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000003b40)={'veth0_to_hsr\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r5], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40001) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r6 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x49402, 0x0) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x10080, 0x0) read$auto(r6, 0x0, 0x9a28) openat$auto_rfcomm_dlc_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x101201, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) r7 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages_mempolicy\x00', 0xa001, 0x0) write$auto(r8, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) preadv$auto(0xffffffffffffffff, 0x0, 0x8, 0x6, 0x9f4b) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptye4\x00', 0x763100, 0x0) writev$auto(r7, &(0x7f0000000200)={0x0, 0x7}, 0x3) memfd_secret$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty16\x00', 0x0, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) capget$auto(0x0, 0x0) 2.446686855s ago: executing program 2 (id=2044): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/drvctl\x00', 0x228003, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)='\r', 0x1) 2.364763613s ago: executing program 0 (id=2045): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptyu7\x00', 0x103040, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/drvctl\x00', 0x28001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000080)='\r', 0x1) ioctl$auto(0x3, 0x540f, 0xffffffffffffffff) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, r0, 0x8000) mmap$auto(0xffffffffffffff82, 0x20000a00007, 0x400002, 0x15, 0x602, 0x5) r2 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r3 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, 0x0, 0x8802, 0x0) write$auto(r3, 0x0, 0x80000000) socketpair$auto(0x3, 0x5, 0x7, 0x0) unshare$auto(0x427d4d91) socket(0xa, 0x801, 0x84) r4 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) ioctl$auto_SNAPSHOT_PREF_IMAGE_SIZE(r4, 0x3312, 0x0) r5 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto_VHOST_SET_OWNER(r5, 0xaf01, 0x0) ioctl$auto_VHOST_SET_VRING_NUM(r5, 0x4008af10, &(0x7f0000000040)={0x1, 0x32}) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04, 0x0) setsockopt$auto(r2, 0x84, 0x0, 0x0, 0x10) write$auto(0xca, 0x0, 0x2d9) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x96141, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0x80100, 0x0) r6 = socket(0x2, 0x4, 0xffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'ip6_vti0\x00'}) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000b00), r6) 2.233141144s ago: executing program 3 (id=2046): r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x21) r1 = openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000003500), 0x40002, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x18, 0x2, 0x7) r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) rseq$auto(&(0x7f0000000380)={0x12, 0xcf, 0x8000, 0x2, 0x8, 0xcc6, "9851ae74c66e3cf625b27ba7d61ef72abca2b0056d7338e10a1551b42a046b1811dd258e57151647982459ab63800093086d5a91ae9ffff65582282b3abb64cdf5c13babeb5b275ee41cf1de4b1b48b7045fd67371171fa598a8edf396222862eff349324875f31267bb4f8b2583b953af5955c8f61b584e9b1805bdfe8d122411094cd10cad6d3dc0e232a2022317a68410ddb00f0dcc8aa80b0256b83e40e76ad38b545d10d93994fc70213c9dceef"}, 0x8080, 0x200000, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0xfff, 0xdbde, r2, 0x8000) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x5) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) statx$auto(0xffffffffffffffff, 0x0, 0x200, 0x4005, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/vmcoreinfo\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000008c0)=""/61, 0x3d) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0) r3 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) getpid() ioctl$auto(r3, 0x400454ca, 0x38) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x1, 0xfc, 0x100000001, 0xeb1, 0xffffffffffffffff, 0x4) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) write$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(r1, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x14) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0) write$auto(r4, 0x0, 0xcd04) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/mm/lru_gen/enabled\x00', 0xb02, 0x0) sendfile$auto(r5, r5, 0x0, 0x1) 2.131961708s ago: executing program 2 (id=2047): landlock_restrict_self$auto(0xffffffffffffffff, 0x7) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/dbroot\x00', 0x109103, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x4802, 0x0) statx$auto(r0, 0x0, 0x6d7, 0x80000008, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlock$auto(0x111, 0x3) mlockall$auto(0x800000000000005) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) socket(0x27, 0x80000, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x1a1842, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r2, 0x4b72, r3) r4 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000600), 0x80141, 0x0) ioctl$auto_SNAPSHOT_GET_IMAGE_SIZE(r4, 0x8008330e, 0x0) ioctl$auto(0x3, 0x540a, 0xffffffffffffffff) 2.104371672s ago: executing program 1 (id=2048): mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r0, 0x2202, r0) quotactl$auto(0x2, &(0x7f0000000040)='/dev/sda1\x00', 0x62a0, 0x0) 1.777753868s ago: executing program 1 (id=2049): mmap$auto(0x0, 0xf211, 0x4000000000dc, 0xeb1, 0xffffffffffffffff, 0x8000) bpf$auto(0x80000400, &(0x7f0000000000)=@bpf_attr_3={0x9, 0x9, 0x6, 0xff, 0x1fe, 0x0, 0x1, 0x4, 0x4007, "0108a5172d53c2dc73bf58e1423b2178", 0x0, 0x9, 0xffffffffffffffff, 0x81, 0x7fffffffffffffff, 0x89, 0x10009, 0x10001, 0x3ff, 0x7, @attach_btf_obj_fd, 0x3, 0xa, 0x7, 0x1ff, 0x9, 0xffffffffffffffff}, 0x9) r1 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) ioctl$auto_IOC_PR_RELEASE(r0, 0x401070ca, &(0x7f00000000c0)={0xffffffffffffffff, 0x1b, 0x5}) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000040), 0x13}, 0x7, 0x0, 0x8, 0x1}, 0x5}, 0x2, 0x101) 1.397763637s ago: executing program 2 (id=2050): mmap$auto(0x0, 0x7, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r1, 0x0, 0x7) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x9}, 0x3) kexec_load$auto(0xff, 0xfff, 0x0, 0x4) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x402800, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r0, 0x80045010, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/fail-nth\x00', 0x129842, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x20) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) msgctl$auto_MSG_INFO(0xffffffff, 0xc, 0x0) msgctl$auto(0x2, 0x9, 0x0) setresuid$auto(0xee00, 0x0, 0x0) 1.216395879s ago: executing program 1 (id=2051): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/fs/orangefs/cache_timeout_msecs\x00', 0xb02, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd14/queue/iosched/prio_aging_expire\x00', 0x207a1, 0x0) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x183800, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x1a, 0xa, 0x2a3) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0) sendmsg$auto_NL80211_CMD_NEW_STATION(r0, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f00000000c0)={&(0x7f0000001d40)=ANY=[@ANYBLOB="10b51ce620ab86", @ANYBLOB="a974b6171f65c8c10000", @ANYBLOB="21002bbd7000fcdbdf2513000000f408330026eacc8c01294b0a1b08b96c82c804d83a11de3e09a0e0e17e0b555fae10d3b876ef1498e814e374027df9f63b7da920051c4309b24be4b3246568157d458ccebb28e9a6a9f303bcc3988f2e60f3d417f4ddac1db4e53647078388569719bc09466b19410d9cddc85c80dec455f8da456c3180404b149664397c6311103ac880763cd8a5314881f5ffb79499b976f200895945d391371c43e4c38d4a944445b7f7bb3c5c34c6ca648a6380eecd525742b75f5de53ed0ef26935623061aa9ff8af70d9917c5f8029b248776627f155761e578c42fed52b998af8fcdffb863914d39ef60f90b7e3a14a294c6ea40eb9e6b1ab91b0416434fd14e0cce6970b3e6706bef89abc9e205da4b9faffcad678832739114e75a5ef564da4119600f02dadfbe24e12e3319bdd10815aa9f8dbf123e5e2da74999480ebb4ee02fc5679aa33c47e3d22a44dfc59dc74a791b045b87789ca64c31337a2631e9518989b4ecab644cb8ec1c8e0429f539f46d93428470ce04e6a177775def071fa8a7b4e90c0c521eca2167de94887c61f52f7e238a1aaea43eca93744806d47864ff51f5612ac8dabc1c1c6fd41f338c38bc508dc1f39a0935409d4da04131d22284da8f25788c88d5aee184edeeb88649404cc3a4976dd30b7df3ca047437d2a7f09e15a37e82d5cfa049f4d83aef9480f74911c2b1a83d2b2c953e3d89d607595ca7c12ad673d808a8b8c171457ebb6ba119e5e41d4b87a7436990905f729c4ba00806262971c8e010a868b86a170a3ab46a25cdc3dc57ea15c8b82d4c674b07daebd768e0d05f13830dee75a9f0f1784ae8dfb240153548515b502628cb863813ad62f8c7ae6368324e5b7e85413aa3bd0c52b8c5e6762af7f5bd6ee5a7018e531ba4153de7be187e898c5ad2f285189ee232922d116f61d3d3b2c248ace2c90aadc3af59d5d78ee474867704ca6d07935f44c9781fa587d9d101a51b27b6148f546a4aca3a0622764e3a2b689db2b0e6d9d2696be5bd0815f9f51b512734e95a51868b250eaaabb1ae3c4bfa74ef6641a91508a307db1ba23280101b1eb222cb8b8d567aa8637a88605c08a1143988482af9196d8dd236ede788b198d9d5df72bbc3e56f145820be0962922b83f913ad1f1d5d870fea8d0ffdfa215119a7d83a6cceb71afccbb7e42146f242effc12f11bd675d4fa8a7a1799513d47f8fdc0e1bb9cc623ab04bff31a3d5501736b3535c114eb2b3a3f78508dad50e35f835303cd0f2c98840b57582a0f7a3feebdab2ee1dbb7549b14656218d29a1620d2b5de057dd5cf74f4428b18b3785f10f75ce50f084a28f57c24bf17efada8ee1bf790474cf02ec5d892a367d62b9a551b24a8d2d9db19ce20a79aeeac2a3388455965d0e6debc89afde6ff38e7e97b21c64677ddca03aca4c743e25f7432072d9eeb7360b3fd17ec3f8381206a044a7576e72594d81f083dea418d5009d3a7436be62d74f71a5f563811771d577691e22162b35605b52421fd514890dd7cafd2be9b1c3c39be05dde8ad704d63410e59a9e214b2f7f5f5828f84d225fcfc9494959b9b346ace8ac033333d80b96bc02639edac79fb911aa53482884aa9dc79dbf0b3e3ce73e5cf41b5020b8461768ee9a38be289bd209ef6f211f11585ce28af597960549bb87b4ae9873508d7c8b07981d9dbdb8beeb04bc459ddb3edc44e6490b094708cff88c5eaf721a9674eee291d903e20011d6a4f0cf8861d6bcd39ce46f404de816c2d7e79e3026497e1cb8a1e43c976213f02ceb83b222b6d62b7a7c27112a2d3576125831e9c59cfc0d8e796c4dfbff835f77069dca3ab722c8fbbce6c3dda317bcf6a655f35201693aed251c983541bb5662fd787a0d8d269e9e087c67b1c18569fdeed08450d5074cb9646c93c6cb66a3bb7981bc5815f152c307652aafa1a928c3d3b058a92b00e302d19183b2ccb33abbe3f01bbc89a36f91e2d65a9dac0ecd69cb12528b17d521c1b06c2b5b996f4d46812a4e1ad997310fc7d4a58ddfb6cfd4a6534266049a4cdf9de7b26c7a1db6122fc531c48dd57488c87ad83983db6af0c4b05fdb31404faf1c7ecc1e33330a3704ae3d1f6b79d4723694a7130f9895e2fb49fa97db15aa904712501b043db1d73c49b703c05f9fee6e7feab96d3188e56e769b659b15e622d661371974562bf2361849d87245ea298509b499ec2e493709a905a0655277e41f64b99cb8bde6dc9e40439f7c34f280478aed7f13fe4406416d6c088c25d9bb026ffa4452fc4fb6722df67b94f57925a81ba39e069ce566b4b193c3f85998aa327abe7731922c0767eb86584666751ac13469d22471a89d3cfb62f033f3c292a70d0bbaf8ff51ed3edf9b5f62e1d34cab622feef77acd2bd0592f244eea7dcbaee920d40d3f0ff7cdf376a236cde39538569af81863cab945629e3d5a49d8d827a24178f29486bd38ed340a79f9dd0eba5abab35c8f27258825678337d4686eaaf5bc42e6188704031b5a53f3bea0a028dd189ad68bf15f6faf9a447f4c67370b0b3da2785836452a0c52da41dffc302de0a93fe96de28aa1a933e04c61287b0289ecb4abc3d23907910adb5c38ee5c535fb1a1b27a94cd7bcf678d1d98ed936483224f92032b2f89f39022dfb79f55e2149a277ac80ea7e85bf39277a184f392f517a3226513eb047eeb4be5c1545491f557628eed89d35c5a3d87c281539a375969ab8e7bd4a616b708ef17d191ca0e0fbfcd3f62fc3fbec2307067ae9b38b93f28fb559a3646ad8db14415a1ad8430d898c17d3502e2a8259da2a219d0b527bb0866ab521faeaa601e27e0cadbbaae813fee86c0fe51d08b784ce09abb8d7be6b65423a9d5a950d73f401b68e42f434f829cf9b5ed2d5846815fed409e3d87da4a93b88c9e2025a174281af3d42fb1e445c17de249faf58ae7841a918e18aefafedc72f3a5e738dec99f5921d45f10a99cfc4c41a5ce820229e6f107c9366fa47ab5de6351d11732d228edbd875b134e3d8f811be899a624582c38c5da76b71a2d0f7da6bb45bf313366d862ca09fd468f03d16c9d1d950a1f519e5da573b94a910f1f74ca2714a0fababbb4019a2524d87caad381151482c09514f08d9439095311c98e186e6cb43dc466e1d443535dde2f983b01eaf74051aa9dae4bdffeef50ca54aa3d6acd2e7ee308183491e9918e2dd854f05ca90c51511ba25c83c7ba3b38edd8ad3c0800350000080000f602a680320008002f7379732f646576696365732f7669727475616c2f6e65742f626f6e64302f626f6e64696e672f736c61766573000000040010008346e382c3decf72f2ccfcd1f35c385604a082e72a95617ef7a0497369ad5a6b9a182d0c9f620073c28f7f54cdec8314d346a8e9dd551da591a7f113873f5141cfc3c181b177527454f4936750f1b5e8b86013a6f9ff9a0b34f608566059177c60305deef2117fc800ddcd93e9fa3bc7a3a5a4afa0e57c898cbaf8d36beb438ab34245f67b2d1852a847651e47746b80d5020b08a4a59f4cb44670a9d430cedad83600c96047b566ead466396b000095ac260669e38b376bf203ddd45652dfb8de7d99c50bb540645cb26beb523c1da8acfa0613b2fc6823ad6d6b9286877b9aea176bfe61dc5289c9eca1a618a72a4804368234b4c31c656bb125a1c5deeb55e0be718bd2fc86fd929c887fb51531f044a1ebbf994dad7a7d11e1e3f95455700d607675fb39851c3029bed104414368044be07d6958f1d3cfd769e63802019eef6b3c425d43ce2ecc5e1bf7dedfefe862f5d991464984a677ac126f9731b2569e8e7e192c9a4da502543dcb0a2147683cb8916ba09c60ee7730e5477c6c7127a7d887d68353c2299d4e21c9a7dc855978c9a31bd5da035bb45bd7f587686fa93061d0de65272afe8ad7e3ae74951df632fdc61f1730f4d1adc96fd26c32c9bc10893429941065bc27666672538206c571f566f7d78fc3cfe6f02ac20e88d3471159b041a774e698510ab359841f3c2643335d0c3ffe84483f6549ef2ec3855e60c07bb91b54bb7c794b0248b8845fa27aa3068e708e21c961d3a671dafd96f20662f6d07534b94acfbba69086dbf83ba429e29f75c705d78dc1dae846e700da0c159deb0a36f36645eee6bd236dd7236814331a62509fc1117b24c372ac40c44b841245569ad4e5687337b39a8033effc11cde4c00fb0afa965224e53089eb8052d301bb4bb63b3fa1bc2155b05682a44d6b1dc9f62996a9d060bef1b1870ca6d6aaca511c0ade77c15a32ffcdc135b2f815ee3ee5f0ea4f30c0000f900ac00fe87baa804367512d7795df505beb64f09392712a9f02696c8fd0d67d818193dcc151f032f4fbbf335cab32e7294c6a020eb7ba5b4722940b323e466f18c2d07c445abff84ddeb8c4f58114fbcca52c3588d72a79a3458c99c0dc4399f06d6567179c2cb3e710ecdac858cfaff16b3cf6263fbbb35e4bad3128fe8b84ac46d1583468e6e301f92f85d1cfaaa120ae5320256bb5b942c23d93c9de1de63f5659b31adfed91e7727ac15081497ff5d99318cc3687cb8debdc8a7c1fbf7a9ea3597e914eacd81b3eba98b539fe91b215d1f03ea8b244aecfd1c6104c7413f537037591034ccd47d428953fffbe4816261f470e517be150000000400e2000600eb0009000000080061000200000004004100"], 0xd1c}, 0x1, 0x0, 0x0, 0x8000}, 0x2dc548884f1b2850) listen$auto(r0, 0x5) bpf$auto(0x0, &(0x7f0000000000)=@task_fd_query={0x0, 0xffffffffffffffff, 0xb0, 0x8bd, 0x8, 0x2, 0xffffffffffffffff, 0x6, 0x6}, 0xa3) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xa, @new_map_fd=0x2, 0x7, @old_prog_fd=0x13b}, 0xa3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setfsuid$auto(0xffffffffffffffff) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x8a801, 0x0) write$auto(r1, &(0x7f0000000200)='1\x00\\\xa0\x04\x06\x00\x00\x00*\x8d\x14\xfa 3\x00\xad1\xcc\xeb&{q\xe0$\xcd\x81Zm\xeb\xe39LC{\xf8\xa09\xe9\x05\xfc\xddUw4e\xc6\t}k\x14\xcah\xba\x16\xdc\x00\x88\x11\x008\xb3z\xe4\xb9\x97\x90z\xb41&YH\xd6\xaa\x06\xbc \b\xd7\xee\x8a:\xd9\x88\x8f\x06)l\xe4\x83\xbc\xd1wOa\xb6\x93\xe7\xb7\xbb\xdc\x98\xba\\\x15\xc2\xdc1D\x8b@\x9btfi\xaf\xdf\xee\v\x8e\xa2P\x93\x19\xea\x84T]<]+\x04N5=\xc0\x9d-\xaf\xfd\xc7\x87\x00\x00\x00\x00\xa4q\xec\x82\x95\x01\xfc7\x86\xd0\xd2\x93\xa7?\xc5\xf3\xaf\xe5\x17\x96\xc6\xbd=\x9a=\xe8\xf22\xab\x83\x9f\xc2\xc2\x8f\x1fQ|\x91&\x15\x0f\x18\xbc\xd3\xd6\xd7P\bTb\xfaY\xfcio\xa3\xe1d#-R\x91}\xe4\x88\xf6\xcc\xd5e\xb1Va\xa4Z\'w\xee\x94`>\x99\x00\xef\xe5\x9csXS<\x96\xafgM\xadY\xae\xf5\xe4\xb3\x9d\x18\x0f\xcc\xbb\tGb\xf5\x8c\xf4\xbc\xaf\x7f\x87\'\x9f\x8ff\x03m\xaf+D\xee\xcd\xd9\xfe\xe2)\x830}\xcc\xadC\xdd\xea\xb1\x8d\x06xj^U\xc0<\xfe\xc3U\xf8\x1ff\xe1\xd8\x14\t\xa8l]\xeb\xb6\xef\x04\x8f\xff\xfc\x97\x91\xdbN\x81\xfd\xf2\x9e\x18\x85G\xc7\xef\x86;\xd5\xd9\xd8\x18wq.%\xa9l\xc8\xdaC\x93\xc6\xc6\xd5p8\xa5\xb1\xd7:<\x8aCP\xd08\xcf', 0x4) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r2 = prctl$auto(0x23, 0x9, 0x2008, 0x0, 0x0) ioctl$auto_OSS_ALSAEMULVER2(r2, 0x80044df9, 0x0) landlock_restrict_self$auto(0xffffffffffffffff, 0xfffffffe) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r3 = socket(0x5, 0x4, 0x73) semctl$auto(0x2, 0x5, 0x13, 0x9) fcntl$auto_F_OFD_GETLK(r3, 0x24, 0x6) mmap$auto(0xc8, 0xe2, 0x3, 0xeb1, 0xffffffffffffffff, 0x2) mmap$auto(0x0, 0x202000d, 0x8000000002, 0xeb1, 0xffffffffffffffff, 0x8) close_range$auto(0xffffffffffffffff, 0x8, 0x2000000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) 995.363457ms ago: executing program 0 (id=2052): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) write$auto_sg_fops_sg(r0, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e) r1 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) r2 = io_uring_setup$auto(0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) recvfrom$auto(0xffffffffffffffff, 0x0, 0xde, 0x8, 0x0, 0x0) timer_create$auto(0xfffffffa, &(0x7f0000000100)={@sival_int=0x9, @inferred, 0x1, @_sigev_thread={0x0, 0x0}}, &(0x7f0000000140)=0x6) timer_settime$auto(0x0, 0x2, &(0x7f00000000c0)={{0xf, 0x10007}, {0x0, 0x401}}, 0x0) ioctl$auto_IOCTL_VMCI_CTX_GET_CPT_STATE(r2, 0x7b1, 0x0) sendmsg$auto_TCP_METRICS_CMD_GET(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000040)={0x14, r1, 0x89c1beb01534ff9b, 0x70bd29, 0x25dfd3f9}, 0x14}, 0x1, 0x0, 0xf0ffff, 0x4}, 0x0) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/scsi/sg/debug\x00', 0x2000, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x3, 0x0) ioctl$auto_KVM_CHECK_EXTENSION(r5, 0xae03, 0x42) pread64$auto(r4, 0x0, 0x6, 0x3) 327.480382ms ago: executing program 0 (id=2053): close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, 0x0, 0x902, 0x0) (async) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, 0x0, 0x902, 0x0) ioctl$auto(0x3, 0x81484d11, 0x38) open(&(0x7f0000000100)='.\x00', 0x5bd0c2, 0x60c) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r1, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r1, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) unshare$auto(0x40000080) ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000040)=0x5) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x101901, 0x0) (async) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x101901, 0x0) ioctl$auto_NS_GET_TGID_FROM_PIDNS(0xffffffffffffffff, 0x8004b707, 0x0) (async) ioctl$auto_NS_GET_TGID_FROM_PIDNS(0xffffffffffffffff, 0x8004b707, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/pcm0p/sub0/xrun_injection\x00', 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0x20499d, 0x9) ptrace$auto_PTRACE_GET_SYSCALL_INFO(0x420e, 0x0, 0x90b8, 0x6) (async) ptrace$auto_PTRACE_GET_SYSCALL_INFO(0x420e, 0x0, 0x90b8, 0x6) socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) landlock_add_rule$auto_LANDLOCK_RULE_NET_PORT(r2, 0x2, &(0x7f0000000040)="d47cfec1632bf8e3b8dde471becbf36e755d809d22e7d1e1328c18e27c3251923370d656aba6a1bf167acfc516854a25d3b57e94f009263dc23212afae69c0456420f05c967f74a37e396ede8e83dc1007d463c07cbae71b6b930a65be407a3cc4c5f1d0eb2edb974403b810e1e65b0638839996835808", 0x0) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, &(0x7f00000013c0)='/proc/self/uid_map\x00', 0x200000, 0x0) (async) openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, &(0x7f00000013c0)='/proc/self/uid_map\x00', 0x200000, 0x0) 325.934238ms ago: executing program 2 (id=2054): close_range$auto(0x2, 0xffffffffffffffff, 0x0) sendmsg$auto_GTP_CMD_ECHOREQ(0xffffffffffffffff, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000d80)=ANY=[@ANYBLOB='Hdr9', @ANYRES16, @ANYBLOB="2b0228bd7000fcdbdf250300000005000d000500000008000200040000000c000300030000000000000008000700"], 0x48}, 0x1, 0x0, 0x0, 0x44010}, 0x8000) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) write$auto(r0, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9) 323.892695ms ago: executing program 3 (id=2055): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0x0) r2 = socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010337bd7000ffdbdf25100000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x80000) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r3) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000180)={0x2c, r4, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_CABLE_TEST_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40480c0}, 0x80) socket(0x10, 0x2, 0xc) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x2000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mq_getsetattr$auto(0xffffffffffffffff, &(0x7f0000000040)={0x5, 0xee, 0x6, 0x3}, 0x0) mseal$auto(0x0, 0x7dda, 0x0) madvise$auto(0x0, 0x2003f0, 0x1) r5 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r5, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) socket$nl_generic(0x10, 0x3, 0x10) connect$auto(0x3, &(0x7f0000000000)=@llc={0x1a, 0x311, 0xe, 0x6, 0xfe, 0x4, @local}, 0x55) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/dummy_hcd.0/usb1/bDeviceClass\x00', 0x101000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000240)=""/214, 0xd6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(r3, 0x200000000001, 0x18, 0x0, 0x0) write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef) 173.469264ms ago: executing program 3 (id=2056): mmap$auto(0x0, 0x200006, 0x0, 0x40eb1, 0x602, 0x300000000000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000140)=@sco, 0x3) r0 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x20004, 0x0) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x10001, 0x8, 0xc, 0xffffffffffffffff, 0x9, 0x7ff}, 0xee) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_generic(0xffffffffffffff9c, 0x0, 0x301483, 0x0) close_range$auto(0x2, r0, 0x0) unshare$auto(0x40000080) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x5, 0xfffffffd) mmap$auto(0x10, 0xfffffffffffffaee, 0xdf, 0x809b7d, r1, 0x8000) fcntl$auto_F_NOTIFY(0xffffffffffffffff, 0x402, 0x9000) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) mremap$auto(0x1ff000, 0x4, 0x843, 0x3, 0x2) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) fsopen$auto(0x0, 0x1) prctl$auto(0x8, 0x4, 0x4, 0xd73, 0x7) mmap$auto(0x0, 0x20009, 0x40000000000000df, 0xeb1, 0xffffffffffffffff, 0x2000000008000) shutdown$auto(0x200000003, 0x2) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, r3) mmap$auto(0x2, 0xffffffbffffffffd, 0x4000000000df, 0x1c, r3, 0x300000000000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r5, r5, 0x0, 0x3) 119.025703ms ago: executing program 2 (id=2057): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zram0\x00', 0x6e642, 0x0) timer_create$auto_CLOCK_REALTIME(0x0, &(0x7f0000000000)={@sival_ptr=0x0, @inferred=r0, 0x40, @_tid}, 0x0) write$auto(r0, &(0x7f0000000400)='odev/audio1\x00', 0x100000a3d9) 94.759974ms ago: executing program 1 (id=2058): r0 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0) r1 = setfsuid$auto(0x0) r2 = setfsuid$auto(0xee01) setresuid$auto(r1, r2, r1) sendmsg$auto_NL802154_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000240)=ANY=[@ANYBLOB="b300a400000000000000000300c36dab5af400000000000e000000", @ANYRES16=0x0, @ANYBLOB="100026bd7000ffdbdf2528000000"], 0x14}, 0x1, 0x0, 0x0, 0x8840}, 0x40000) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r3 = socket(0x15, 0x5, 0x0) r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) r5 = epoll_create$auto(0x8800001) epoll_ctl$auto(r3, 0x7fd, r3, 0x0) ioctl$auto_EVIOCGEFFECTS(r5, 0x80044584, &(0x7f0000000000)=0x8) ioctl$auto(r0, 0x8b35, 0x91) ioctl$auto_UBI_IOCATT(r0, 0x40186f40, &(0x7f0000000080)={0x80000000, 0x3, 0xa63e, 0x8, 0x0, 0x3}) r6 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/11/smp_affinity\x00', 0xe0182, 0x0) readv$auto(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x4}, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lsm_get_self_attr$auto(0x68, 0x0, &(0x7f0000002440)=0x8, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) listmount$auto(0xfffffffffffffffd, 0x0, 0x8, 0x0) getsockname$auto(r4, &(0x7f00000000c0)=@ethernet={0x1, @random="b6bfa83b13bb"}, &(0x7f0000000100)=0xc) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r7 = fanotify_init$auto(0x5, 0x2000000000002) fanotify_mark$auto(r7, 0x1, 0x803a, r7, 0x0) madvise$auto(0x110c230000, 0x1, 0x9) futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4) read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000180)=""/178, 0xb2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_dma_heap_fops_dma_heap(r6, 0xffffffff5fdffe00, &(0x7f0000000440)="d7") 0s ago: executing program 2 (id=2059): landlock_restrict_self$auto(0xffffffffffffffff, 0x7) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/dbroot\x00', 0x109103, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x4802, 0x0) statx$auto(r0, 0x0, 0x6d7, 0x80000008, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlock$auto(0x111, 0x3) mlockall$auto(0x800000000000005) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) socket(0x27, 0x80000, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x1a1842, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/hugetlb.2MB.rsvd.limit_in_bytes\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000040), 0xa2741, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r2, 0x4b72, r3) r4 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000600), 0x80141, 0x0) ioctl$auto_SNAPSHOT_GET_IMAGE_SIZE(r4, 0x8008330e, 0x0) ioctl$auto(0x3, 0x540a, 0xffffffffffffffff) kernel console output (not intermixed with test programs): U]=USER, [L]=SOFTLOCKUP [ 516.140721][T12666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 516.140734][T12666] Call Trace: [ 516.140742][T12666] [ 516.140750][T12666] dump_stack_lvl+0x100/0x190 [ 516.140786][T12666] warn_alloc.cold+0x95/0x1c1 [ 516.140819][T12666] ? __pfx_warn_alloc+0x10/0x10 [ 516.140853][T12666] ? __lock_acquire+0x4a5/0x2630 [ 516.140891][T12666] __vmalloc_node_range_noprof+0x1252/0x1530 [ 516.140920][T12666] ? rcu_is_watching+0x12/0xc0 [ 516.140950][T12666] ? trace_contention_end+0x140/0x180 [ 516.140979][T12666] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 516.141004][T12666] ? dvb_dvr_do_ioctl+0x7e/0x270 [ 516.141025][T12666] ? tomoyo_path_number_perm+0x28f/0x580 [ 516.141048][T12666] ? tomoyo_path_number_perm+0x28f/0x580 [ 516.141074][T12666] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 516.141098][T12666] ? __pfx___mutex_lock+0x10/0x10 [ 516.141124][T12666] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 516.141261][T12666] ? futex_wait+0x125/0x380 [ 516.141300][T12666] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 516.141326][T12666] __vmalloc_node_noprof+0xad/0xf0 [ 516.141355][T12666] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 516.141380][T12666] dvb_dvr_do_ioctl+0x15d/0x270 [ 516.141406][T12666] dvb_usercopy+0x167/0x340 [ 516.141426][T12666] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 516.141449][T12666] ? __pfx_dvb_usercopy+0x10/0x10 [ 516.141477][T12666] ? __fget_files+0x21f/0x3d0 [ 516.141503][T12666] dvb_dvr_ioctl+0x29/0x40 [ 516.141526][T12666] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 516.141548][T12666] __x64_sys_ioctl+0x18e/0x210 [ 516.141579][T12666] do_syscall_64+0x106/0xf80 [ 516.141598][T12666] ? clear_bhb_loop+0x40/0x90 [ 516.141622][T12666] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 516.141649][T12666] RIP: 0033:0x7fd15799c819 [ 516.141669][T12666] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 516.141687][T12666] RSP: 002b:00007fd155bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 516.141707][T12666] RAX: ffffffffffffffda RBX: 00007fd157c15fa0 RCX: 00007fd15799c819 [ 516.141719][T12666] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000004 [ 516.141731][T12666] RBP: 00007fd157a32c91 R08: 0000000000000000 R09: 0000000000000000 [ 516.141743][T12666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 516.141756][T12666] R13: 00007fd157c16038 R14: 00007fd157c15fa0 R15: 00007fff73c31468 [ 516.141781][T12666] [ 516.141790][T12666] Mem-Info: [ 516.415975][T12670] FAULT_INJECTION: forcing a failure. [ 516.415975][T12670] name failslab, interval 1, probability 0, space 0, times 0 [ 516.459766][T12670] CPU: 0 UID: 0 PID: 12670 Comm: syz.2.1647 Tainted: G U L syzkaller #0 PREEMPT(full) [ 516.459800][T12670] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 516.459808][T12670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 516.459819][T12670] Call Trace: [ 516.459826][T12670] [ 516.459834][T12670] dump_stack_lvl+0x100/0x190 [ 516.459867][T12670] should_fail_ex.cold+0x5/0xa [ 516.459889][T12670] ? tomoyo_realpath_from_path+0xb6/0x690 [ 516.459917][T12670] should_failslab+0xc2/0x120 [ 516.459939][T12670] __kmalloc_noprof+0xe0/0x850 [ 516.459973][T12670] tomoyo_realpath_from_path+0xb6/0x690 [ 516.460006][T12670] tomoyo_check_open_permission+0x2af/0x3c0 [ 516.460040][T12670] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 516.460085][T12670] ? do_raw_spin_lock+0x128/0x260 [ 516.460115][T12670] ? path_get+0x61/0x80 [ 516.460140][T12670] tomoyo_file_open+0x6b/0x90 [ 516.460159][T12670] security_file_open+0xb5/0x1e0 [ 516.460185][T12670] do_dentry_open+0x5aa/0x1660 [ 516.460207][T12670] ? security_inode_permission+0xbf/0x250 [ 516.460234][T12670] vfs_open+0x82/0x3f0 [ 516.460261][T12670] path_openat+0x208c/0x31a0 [ 516.460289][T12670] ? __pfx_path_openat+0x10/0x10 [ 516.460317][T12670] do_file_open+0x20e/0x430 [ 516.460339][T12670] ? __pfx_do_file_open+0x10/0x10 [ 516.460376][T12670] ? alloc_fd+0x476/0x790 [ 516.460398][T12670] ? do_getname+0x191/0x390 [ 516.460424][T12670] do_sys_openat2+0x10d/0x1e0 [ 516.460450][T12670] ? __pfx_do_sys_openat2+0x10/0x10 [ 516.460484][T12670] __x64_sys_openat+0x12d/0x210 [ 516.460511][T12670] ? __pfx___x64_sys_openat+0x10/0x10 [ 516.460546][T12670] do_syscall_64+0x106/0xf80 [ 516.460565][T12670] ? clear_bhb_loop+0x40/0x90 [ 516.460587][T12670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 516.460607][T12670] RIP: 0033:0x7f594139c819 [ 516.460623][T12670] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 516.460641][T12670] RSP: 002b:00007f594229a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 516.460660][T12670] RAX: ffffffffffffffda RBX: 00007f5941615fa0 RCX: 00007f594139c819 [ 516.460672][T12670] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 516.460684][T12670] RBP: 00007f5941432c91 R08: 0000000000000000 R09: 0000000000000000 [ 516.460695][T12670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 516.460706][T12670] R13: 00007f5941616038 R14: 00007f5941615fa0 R15: 00007fffa66393d8 [ 516.460729][T12670] [ 516.460738][T12670] ERROR: Out of memory at tomoyo_realpath_from_path. [ 516.789460][T12666] active_anon:36732 inactive_anon:8860 isolated_anon:0 [ 516.789460][T12666] active_file:7939 inactive_file:51084 isolated_file:0 [ 516.789460][T12666] unevictable:768 dirty:952 writeback:0 [ 516.789460][T12666] slab_reclaimable:12377 slab_unreclaimable:95258 [ 516.789460][T12666] mapped:32344 shmem:23531 pagetables:2018 [ 516.789460][T12666] sec_pagetables:0 bounce:0 [ 516.789460][T12666] kernel_misc_reclaimable:0 [ 516.789460][T12666] free:1276932 free_pcp:9094 free_cma:0 [ 516.978484][T12678] FAULT_INJECTION: forcing a failure. [ 516.978484][T12678] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 517.031260][T11112] Bluetooth: hci2: ACL packet too small [ 517.069682][T12666] Node 0 active_anon:117276kB inactive_anon:35440kB active_file:31756kB inactive_file:204048kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:130900kB dirty:2376kB writeback:1092kB shmem:62872kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11840kB pagetables:7960kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 517.104274][T12678] CPU: 0 UID: 0 PID: 12678 Comm: syz.1.1650 Tainted: G U L syzkaller #0 PREEMPT(full) [ 517.104311][T12678] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 517.104318][T12678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 517.104329][T12678] Call Trace: [ 517.104336][T12678] [ 517.104344][T12678] dump_stack_lvl+0x100/0x190 [ 517.104378][T12678] should_fail_ex.cold+0x5/0xa [ 517.104398][T12678] ? prepare_alloc_pages+0x16d/0x5f0 [ 517.104423][T12678] should_fail_alloc_page+0xeb/0x140 [ 517.104447][T12678] prepare_alloc_pages+0x1f0/0x5f0 [ 517.104474][T12678] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 517.104507][T12678] ? rcu_is_watching+0x12/0xc0 [ 517.104537][T12678] ? trace_mm_page_alloc+0x17a/0x1d0 [ 517.104561][T12678] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 517.104595][T12678] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 517.104629][T12678] ? find_held_lock+0x2b/0x80 [ 517.104647][T12678] ? is_bpf_text_address+0x8a/0x1a0 [ 517.104676][T12678] ? is_bpf_text_address+0x8a/0x1a0 [ 517.104707][T12678] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 517.104728][T12678] ? is_bpf_text_address+0x94/0x1a0 [ 517.104757][T12678] ? kernel_text_address+0x8d/0x100 [ 517.104786][T12678] ? __kernel_text_address+0xd/0x30 [ 517.104813][T12678] ? unwind_get_return_address+0x59/0xa0 [ 517.104841][T12678] alloc_pages_bulk_noprof+0x782/0x1490 [ 517.104880][T12678] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 517.104912][T12678] ? kasan_save_stack+0x30/0x50 [ 517.104935][T12678] ? alloc_pages_noprof+0x238/0x390 [ 517.104958][T12678] __kasan_populate_vmalloc+0xf0/0x210 [ 517.104993][T12678] alloc_vmap_area+0x95d/0x2bd0 [ 517.105031][T12678] ? __pfx_alloc_vmap_area+0x10/0x10 [ 517.105059][T12678] __get_vm_area_node+0x1ca/0x330 [ 517.105087][T12678] __vmalloc_node_range_noprof+0x213/0x1530 [ 517.105112][T12678] ? n_tty_open+0x1a/0x170 [ 517.105135][T12678] ? look_up_lock_class+0x64/0x120 [ 517.105157][T12678] ? n_tty_open+0x1a/0x170 [ 517.105184][T12678] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 517.105209][T12678] ? __ldsem_down_write_nested+0xfd/0x830 [ 517.105230][T12678] ? __ldsem_down_write_nested+0x10e/0x830 [ 517.105251][T12678] ? is_console_locked+0x9/0x20 [ 517.105283][T12678] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 517.105308][T12678] ? n_tty_open+0x1a/0x170 [ 517.105327][T12678] __vmalloc_node_noprof+0xad/0xf0 [ 517.105352][T12678] ? n_tty_open+0x1a/0x170 [ 517.105373][T12678] ? __pfx_n_tty_open+0x10/0x10 [ 517.105393][T12678] n_tty_open+0x1a/0x170 [ 517.105414][T12678] tty_ldisc_open+0xa2/0x120 [ 517.105441][T12678] tty_ldisc_setup+0x40/0xf0 [ 517.105469][T12678] tty_init_dev.part.0+0x1b5/0x470 [ 517.105491][T12678] tty_open+0xa63/0xfa0 [ 517.105514][T12678] ? __pfx_tty_open+0x10/0x10 [ 517.105532][T12678] ? chrdev_open+0x10b/0x6a0 [ 517.105552][T12678] ? chrdev_open+0x10b/0x6a0 [ 517.105575][T12678] ? __pfx_tty_open+0x10/0x10 [ 517.105594][T12678] chrdev_open+0x234/0x6a0 [ 517.105613][T12678] ? __pfx_apparmor_file_open+0x10/0x10 [ 517.105635][T12678] ? __pfx_chrdev_open+0x10/0x10 [ 517.105657][T12678] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 517.105684][T12678] do_dentry_open+0x6d8/0x1660 [ 517.105704][T12678] ? __pfx_chrdev_open+0x10/0x10 [ 517.105730][T12678] vfs_open+0x82/0x3f0 [ 517.105758][T12678] path_openat+0x208c/0x31a0 [ 517.105787][T12678] ? __pfx_path_openat+0x10/0x10 [ 517.105819][T12678] do_file_open+0x20e/0x430 [ 517.105842][T12678] ? __pfx_do_file_open+0x10/0x10 [ 517.105880][T12678] ? alloc_fd+0x476/0x790 [ 517.105902][T12678] ? do_getname+0x191/0x390 [ 517.105929][T12678] do_sys_openat2+0x10d/0x1e0 [ 517.105955][T12678] ? __pfx_do_sys_openat2+0x10/0x10 [ 517.105989][T12678] __x64_sys_openat+0x12d/0x210 [ 517.106016][T12678] ? __pfx___x64_sys_openat+0x10/0x10 [ 517.106058][T12678] do_syscall_64+0x106/0xf80 [ 517.106075][T12678] ? clear_bhb_loop+0x40/0x90 [ 517.106099][T12678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 517.106118][T12678] RIP: 0033:0x7f59da39c819 [ 517.106135][T12678] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 517.106154][T12678] RSP: 002b:00007f59db26b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 517.106173][T12678] RAX: ffffffffffffffda RBX: 00007f59da615fa0 RCX: 00007f59da39c819 [ 517.106185][T12678] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 517.106196][T12678] RBP: 00007f59da432c91 R08: 0000000000000000 R09: 0000000000000000 [ 517.106208][T12678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 517.106219][T12678] R13: 00007f59da616038 R14: 00007f59da615fa0 R15: 00007fffbfbe7138 [ 517.106244][T12678] [ 518.051016][T12678] tty tty16: ldisc open failed (-12), clearing slot 15 [ 518.211403][T12666] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:288kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:88kB dirty:80kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 518.335354][T12666] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 518.473144][T12666] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 518.478969][T12666] Node 0 DMA32 free:1086468kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:180856kB inactive_anon:35440kB active_file:31776kB inactive_file:204056kB unevictable:1536kB writepending:2396kB zspages:744kB present:3129332kB managed:2537292kB mlocked:0kB bounce:0kB free_pcp:69440kB local_pcp:69440kB free_cma:0kB [ 518.531746][T12688] ptp: physical clock is free running [ 518.640823][T12666] lowmem_reserve[]: 0 0 1 1 1 [ 518.645579][T12666] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1056kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 518.761001][T12666] lowmem_reserve[]: 0 0 0 0 0 [ 518.774728][T12666] Node 1 Normal free:3937368kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:288kB unevictable:1536kB writepending:80kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:192kB local_pcp:192kB free_cma:0kB [ 518.896635][T12666] lowmem_reserve[]: 0 0 0 0 0 [ 518.910325][T12666] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 518.951264][T12666] Node 0 DMA32: 1435*4kB (UE) 2886*8kB (UME) 1499*16kB (UME) 205*32kB (UM) 303*64kB (UM) 650*128kB (UM) 456*256kB (UM) 278*512kB (UME) 132*1024kB (UME) 1*2048kB (U) 126*4096kB (UM) = 1074348kB [ 519.021009][T12666] Node 0 Normal: 2*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 519.071046][T12666] Node 1 Normal: 8*4kB (UM) 9*8kB (UM) 9*16kB (UM) 13*32kB (UM) 9*64kB (UM) 5*128kB (UM) 5*256kB (UM) 2*512kB (UM) 3*1024kB (UM) 1*2048kB (M) 959*4096kB (M) = 3937368kB [ 519.121118][T12666] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 519.141109][T12666] Node 0 hugepages_total=4 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 519.160860][T12666] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 519.177638][T12666] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 519.197424][T12666] 93677 total pagecache pages [ 519.207277][T12666] 31 pages in swap cache [ 519.221173][T12666] Free swap = 116100kB [ 519.227829][T12666] Total swap = 124996kB [ 519.241276][T12666] 2097051 pages RAM [ 519.245733][T12666] 0 pages HighMem/MovableOnly [ 519.250513][T12666] 430849 pages reserved [ 519.265556][T12666] 0 pages cma reserved [ 520.482526][T11112] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 520.813421][T12723] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1662'. [ 521.478995][T12733] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1664'. [ 521.536942][T12733] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1664'. [ 521.766355][T12727] zswap: compressor not available [ 521.812864][T12731] Setting dangerous option i915.mitigations - tainting kernel [ 521.959106][ T30] audit: type=1800 audit(4294969771.217:35): pid=12741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1665" name="dbroot" dev="configfs" ino=41314 res=0 errno=0 [ 522.022117][T12742] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1664'. [ 522.287966][T12741] Console: switching to colour VGA+ 80x25 [ 522.338525][T12741] random: crng reseeded on system resumption [ 522.685253][T12746] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 524.715836][T12781] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(2548002816.32693.0), cmd(3) [ 525.078527][T12802] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 525.115137][T12783] sd 0:0:1:0: PR command failed: 1026 [ 525.153218][T12783] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 525.231016][T12783] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 525.491495][T12812] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1679'. [ 526.734902][T12833] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 527.581141][ T30] audit: type=1800 audit(4294969776.834:36): pid=12852 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1685" name="dbroot" dev="configfs" ino=41671 res=0 errno=0 [ 528.086447][T12858] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 528.340556][T12863] netlink: 'syz.0.1688': attribute type 1 has an invalid length. [ 528.488369][T12867] FAULT_INJECTION: forcing a failure. [ 528.488369][T12867] name failslab, interval 1, probability 0, space 0, times 0 [ 528.533320][T12867] CPU: 0 UID: 0 PID: 12867 Comm: syz.2.1689 Tainted: G U L syzkaller #0 PREEMPT(full) [ 528.533355][T12867] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 528.533363][T12867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 528.533374][T12867] Call Trace: [ 528.533380][T12867] [ 528.533393][T12867] dump_stack_lvl+0x100/0x190 [ 528.533430][T12867] should_fail_ex.cold+0x5/0xa [ 528.533453][T12867] should_failslab+0xc2/0x120 [ 528.533475][T12867] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 528.533506][T12867] ? __pmd_alloc+0xbf/0x950 [ 528.533534][T12867] __pmd_alloc+0xbf/0x950 [ 528.533560][T12867] __handle_mm_fault+0xa9e/0x2b60 [ 528.533591][T12867] ? mt_find+0x45e/0x8e0 [ 528.533614][T12867] ? __pfx___handle_mm_fault+0x10/0x10 [ 528.533640][T12867] ? __pfx_mt_find+0x10/0x10 [ 528.533673][T12867] ? find_vma+0xbf/0x140 [ 528.533692][T12867] ? __pfx_find_vma+0x10/0x10 [ 528.533714][T12867] handle_mm_fault+0x36d/0xa20 [ 528.533746][T12867] do_user_addr_fault+0x74c/0x12f0 [ 528.533773][T12867] exc_page_fault+0x6f/0xd0 [ 528.533792][T12867] asm_exc_page_fault+0x26/0x30 [ 528.533811][T12867] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 528.533837][T12867] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 cf 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 528.533863][T12867] RSP: 0018:ffffc90003447e68 EFLAGS: 00050206 [ 528.533879][T12867] RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000001000 [ 528.533891][T12867] RDX: 0000000000000001 RSI: ffff88807ec99000 RDI: 0000000000000000 [ 528.533903][T12867] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100fd933ff [ 528.533914][T12867] R10: ffff88807ec99fff R11: 0000000000000000 R12: ffff88807ec99000 [ 528.533925][T12867] R13: 0000000000001000 R14: 00007ffffffff000 R15: 0000000000000000 [ 528.533949][T12867] _copy_to_user+0xa4/0xd0 [ 528.533976][T12867] __do_sys_mincore+0x294/0x610 [ 528.534008][T12867] do_syscall_64+0x106/0xf80 [ 528.534026][T12867] ? clear_bhb_loop+0x40/0x90 [ 528.534049][T12867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 528.534068][T12867] RIP: 0033:0x7f594139c819 [ 528.534084][T12867] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 528.534101][T12867] RSP: 002b:00007f594229a028 EFLAGS: 00000246 ORIG_RAX: 000000000000001b [ 528.534118][T12867] RAX: ffffffffffffffda RBX: 00007f5941615fa0 RCX: 00007f594139c819 [ 528.534130][T12867] RDX: 0000000000000000 RSI: 0000000004000000 RDI: 0000000000001000 [ 528.534141][T12867] RBP: 00007f594229a090 R08: 0000000000000000 R09: 0000000000000000 [ 528.534151][T12867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 528.534162][T12867] R13: 00007f5941616038 R14: 00007f5941615fa0 R15: 00007fffa66393d8 [ 528.534186][T12867] [ 528.980309][T12869] i2c i2c-0: delete_device: Extra parameters [ 530.647852][T12911] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1701'. [ 531.144094][T12915] FAULT_INJECTION: forcing a failure. [ 531.144094][T12915] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 531.224988][T12915] CPU: 0 UID: 0 PID: 12915 Comm: syz.0.1702 Tainted: G U L syzkaller #0 PREEMPT(full) [ 531.225023][T12915] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 531.225031][T12915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 531.225042][T12915] Call Trace: [ 531.225049][T12915] [ 531.225057][T12915] dump_stack_lvl+0x100/0x190 [ 531.225091][T12915] should_fail_ex.cold+0x5/0xa [ 531.225110][T12915] ? prepare_alloc_pages+0x16d/0x5f0 [ 531.225136][T12915] should_fail_alloc_page+0xeb/0x140 [ 531.225160][T12915] prepare_alloc_pages+0x1f0/0x5f0 [ 531.225186][T12915] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 531.225227][T12915] ? stack_trace_save+0x8e/0xc0 [ 531.225247][T12915] ? __pfx_stack_trace_save+0x10/0x10 [ 531.225266][T12915] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 531.225295][T12915] ? stack_depot_save_flags+0x27/0x9d0 [ 531.225325][T12915] ? kasan_save_stack+0x3f/0x50 [ 531.225342][T12915] ? kasan_save_stack+0x30/0x50 [ 531.225357][T12915] ? kasan_save_track+0x14/0x30 [ 531.225374][T12915] ? __kasan_kmalloc+0xaa/0xb0 [ 531.225392][T12915] ? do_file_open+0x20e/0x430 [ 531.225411][T12915] ? do_sys_openat2+0x10d/0x1e0 [ 531.225435][T12915] ? __x64_sys_openat+0x12d/0x210 [ 531.225458][T12915] ? do_syscall_64+0x106/0xf80 [ 531.225476][T12915] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 531.225499][T12915] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 531.225520][T12915] ? policy_nodemask+0xed/0x4f0 [ 531.225543][T12915] alloc_pages_mpol+0x1fb/0x550 [ 531.225565][T12915] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 531.225591][T12915] alloc_pages_noprof+0x136/0x390 [ 531.225614][T12915] get_zeroed_page_noprof+0x18/0xb0 [ 531.225636][T12915] mon_alloc_buff+0xce/0x1b0 [ 531.225659][T12915] ? kasan_save_track+0x14/0x30 [ 531.225679][T12915] mon_bin_open+0x207/0x470 [ 531.225703][T12915] ? __pfx_mon_bin_open+0x10/0x10 [ 531.225727][T12915] chrdev_open+0x234/0x6a0 [ 531.225747][T12915] ? __pfx_apparmor_file_open+0x10/0x10 [ 531.225769][T12915] ? __pfx_chrdev_open+0x10/0x10 [ 531.225798][T12915] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 531.225826][T12915] do_dentry_open+0x6d8/0x1660 [ 531.225845][T12915] ? __pfx_chrdev_open+0x10/0x10 [ 531.225871][T12915] vfs_open+0x82/0x3f0 [ 531.225898][T12915] path_openat+0x208c/0x31a0 [ 531.225926][T12915] ? __pfx_path_openat+0x10/0x10 [ 531.225955][T12915] do_file_open+0x20e/0x430 [ 531.225979][T12915] ? __pfx_do_file_open+0x10/0x10 [ 531.226016][T12915] ? alloc_fd+0x476/0x790 [ 531.226039][T12915] ? do_getname+0x191/0x390 [ 531.226066][T12915] do_sys_openat2+0x10d/0x1e0 [ 531.226092][T12915] ? __pfx_do_sys_openat2+0x10/0x10 [ 531.226120][T12915] ? __fget_files+0x21f/0x3d0 [ 531.226143][T12915] __x64_sys_openat+0x12d/0x210 [ 531.226170][T12915] ? __pfx___x64_sys_openat+0x10/0x10 [ 531.226204][T12915] do_syscall_64+0x106/0xf80 [ 531.226222][T12915] ? clear_bhb_loop+0x40/0x90 [ 531.226244][T12915] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 531.226263][T12915] RIP: 0033:0x7fb599d9c819 [ 531.226280][T12915] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 531.226298][T12915] RSP: 002b:00007fb59abdf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 531.226317][T12915] RAX: ffffffffffffffda RBX: 00007fb59a016090 RCX: 00007fb599d9c819 [ 531.226329][T12915] RDX: 0000000000002040 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 531.226340][T12915] RBP: 00007fb599e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 531.226351][T12915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 531.226362][T12915] R13: 00007fb59a016128 R14: 00007fb59a016090 R15: 00007ffd7defbd18 [ 531.226385][T12915] [ 532.015960][T12910] input input50: cannot allocate more than FF_MAX_EFFECTS effects [ 532.627811][T12941] FAULT_INJECTION: forcing a failure. [ 532.627811][T12941] name failslab, interval 1, probability 0, space 0, times 0 [ 532.655098][T12941] CPU: 0 UID: 0 PID: 12941 Comm: syz.0.1710 Tainted: G U L syzkaller #0 PREEMPT(full) [ 532.655132][T12941] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 532.655140][T12941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 532.655151][T12941] Call Trace: [ 532.655159][T12941] [ 532.655166][T12941] dump_stack_lvl+0x100/0x190 [ 532.655199][T12941] should_fail_ex.cold+0x5/0xa [ 532.655221][T12941] ? tomoyo_realpath_from_path+0xb6/0x690 [ 532.655250][T12941] should_failslab+0xc2/0x120 [ 532.655271][T12941] __kmalloc_noprof+0xe0/0x850 [ 532.655305][T12941] tomoyo_realpath_from_path+0xb6/0x690 [ 532.655337][T12941] tomoyo_check_open_permission+0x2af/0x3c0 [ 532.655362][T12941] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 532.655407][T12941] ? lock_acquire+0x1cf/0x380 [ 532.655431][T12941] ? find_held_lock+0x2b/0x80 [ 532.655455][T12941] tomoyo_file_open+0x6b/0x90 [ 532.655474][T12941] security_file_open+0xb5/0x1e0 [ 532.655500][T12941] do_dentry_open+0x5aa/0x1660 [ 532.655526][T12941] vfs_open+0x82/0x3f0 [ 532.655554][T12941] path_openat+0x208c/0x31a0 [ 532.655578][T12941] ? entry_SYSCALL_64_after_hwframe+0x48/0x7f [ 532.655600][T12941] ? __pfx_path_openat+0x10/0x10 [ 532.655629][T12941] do_file_open+0x20e/0x430 [ 532.655652][T12941] ? __pfx_do_file_open+0x10/0x10 [ 532.655687][T12941] ? _raw_spin_unlock+0x28/0x50 [ 532.655715][T12941] ? alloc_fd+0x476/0x790 [ 532.655741][T12941] do_sys_openat2+0x10d/0x1e0 [ 532.655767][T12941] ? __pfx_do_sys_openat2+0x10/0x10 [ 532.655794][T12941] ? __fget_files+0x21f/0x3d0 [ 532.655817][T12941] __x64_sys_open+0xfe/0x1d0 [ 532.655851][T12941] ? __pfx___x64_sys_open+0x10/0x10 [ 532.655886][T12941] do_syscall_64+0x106/0xf80 [ 532.655904][T12941] ? clear_bhb_loop+0x40/0x90 [ 532.655927][T12941] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.655947][T12941] RIP: 0033:0x7fb599d9c819 [ 532.655963][T12941] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 532.655982][T12941] RSP: 002b:00007fb59ac00028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 532.656002][T12941] RAX: ffffffffffffffda RBX: 00007fb59a015fa0 RCX: 00007fb599d9c819 [ 532.656014][T12941] RDX: 5d745cb200ae4d7b RSI: 0000000000022ac2 RDI: 0000200000000080 [ 532.656026][T12941] RBP: 00007fb599e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 532.656038][T12941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 532.656050][T12941] R13: 00007fb59a016038 R14: 00007fb59a015fa0 R15: 00007ffd7defbd18 [ 532.656074][T12941] [ 532.656082][T12941] ERROR: Out of memory at tomoyo_realpath_from_path. [ 533.035123][T12948] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1712'. [ 534.546684][T12984] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1723'. [ 534.720736][T12991] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1723'. [ 534.763610][ T30] audit: type=1806 audit(4294969784.020:37): xattr="" res=-22 [ 535.223080][T13003] sd 0:0:1:0: PR command failed: 1026 [ 535.310484][T13003] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 535.359430][T13007] kfence: disabled [ 535.463399][T13003] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 536.664162][T13035] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 536.863241][T11112] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 536.863271][T11112] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 536.878568][T11112] Bluetooth: hci0: Dropping invalid advertising data [ 536.885423][T11112] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 536.885447][T11112] Bluetooth: hci0: Dropping invalid advertising data [ 536.900037][T11112] Bluetooth: hci0: Malformed LE Event: 0x02 [ 537.102356][T13045] FAULT_INJECTION: forcing a failure. [ 537.102356][T13045] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 537.173849][T13045] CPU: 0 UID: 0 PID: 13045 Comm: syz.1.1739 Tainted: G U L syzkaller #0 PREEMPT(full) [ 537.173882][T13045] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 537.173890][T13045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 537.173901][T13045] Call Trace: [ 537.173908][T13045] [ 537.173916][T13045] dump_stack_lvl+0x100/0x190 [ 537.173950][T13045] should_fail_ex.cold+0x5/0xa [ 537.173969][T13045] ? prepare_alloc_pages+0x16d/0x5f0 [ 537.173994][T13045] should_fail_alloc_page+0xeb/0x140 [ 537.174019][T13045] prepare_alloc_pages+0x1f0/0x5f0 [ 537.174046][T13045] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 537.174086][T13045] ? find_held_lock+0x2b/0x80 [ 537.174104][T13045] ? is_bpf_text_address+0x8a/0x1a0 [ 537.174134][T13045] ? is_bpf_text_address+0x8a/0x1a0 [ 537.174164][T13045] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 537.174194][T13045] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 537.174216][T13045] ? is_bpf_text_address+0x94/0x1a0 [ 537.174246][T13045] ? kernel_text_address+0x8d/0x100 [ 537.174275][T13045] ? __kernel_text_address+0xd/0x30 [ 537.174303][T13045] ? unwind_get_return_address+0x59/0xa0 [ 537.174332][T13045] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 537.174354][T13045] ? policy_nodemask+0xed/0x4f0 [ 537.174377][T13045] alloc_pages_mpol+0x1fb/0x550 [ 537.174399][T13045] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 537.174420][T13045] ? kasan_save_stack+0x30/0x50 [ 537.174436][T13045] ? kasan_save_track+0x14/0x30 [ 537.174453][T13045] ? __kasan_kmalloc+0xaa/0xb0 [ 537.174468][T13045] ? __get_vm_area_node+0x101/0x330 [ 537.174489][T13045] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 537.174517][T13045] alloc_pages_noprof+0x136/0x390 [ 537.174539][T13045] get_free_pages_noprof+0x10/0xb0 [ 537.174559][T13045] __kasan_populate_vmalloc+0xa0/0x210 [ 537.174594][T13045] alloc_vmap_area+0x95d/0x2bd0 [ 537.174624][T13045] ? __pfx_alloc_vmap_area+0x10/0x10 [ 537.174652][T13045] __get_vm_area_node+0x1ca/0x330 [ 537.174679][T13045] __vmalloc_node_range_noprof+0x213/0x1530 [ 537.174704][T13045] ? n_tty_open+0x1a/0x170 [ 537.174742][T13045] ? look_up_lock_class+0x64/0x120 [ 537.174764][T13045] ? n_tty_open+0x1a/0x170 [ 537.174791][T13045] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 537.174818][T13045] ? __ldsem_down_write_nested+0xfd/0x830 [ 537.174840][T13045] ? __ldsem_down_write_nested+0x10e/0x830 [ 537.174861][T13045] ? is_console_locked+0x9/0x20 [ 537.174888][T13045] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 537.174913][T13045] ? n_tty_open+0x1a/0x170 [ 537.174933][T13045] __vmalloc_node_noprof+0xad/0xf0 [ 537.174958][T13045] ? n_tty_open+0x1a/0x170 [ 537.174980][T13045] ? __pfx_n_tty_open+0x10/0x10 [ 537.175001][T13045] n_tty_open+0x1a/0x170 [ 537.175022][T13045] tty_ldisc_open+0xa2/0x120 [ 537.175049][T13045] tty_ldisc_setup+0x40/0xf0 [ 537.175077][T13045] tty_init_dev.part.0+0x1b5/0x470 [ 537.175099][T13045] tty_open+0xa63/0xfa0 [ 537.175121][T13045] ? __pfx_tty_open+0x10/0x10 [ 537.175138][T13045] ? chrdev_open+0x10b/0x6a0 [ 537.175157][T13045] ? chrdev_open+0x10b/0x6a0 [ 537.175181][T13045] ? __pfx_tty_open+0x10/0x10 [ 537.175199][T13045] chrdev_open+0x234/0x6a0 [ 537.175219][T13045] ? __pfx_apparmor_file_open+0x10/0x10 [ 537.175240][T13045] ? __pfx_chrdev_open+0x10/0x10 [ 537.175262][T13045] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 537.175288][T13045] do_dentry_open+0x6d8/0x1660 [ 537.175307][T13045] ? __pfx_chrdev_open+0x10/0x10 [ 537.175334][T13045] vfs_open+0x82/0x3f0 [ 537.175361][T13045] path_openat+0x208c/0x31a0 [ 537.175389][T13045] ? __pfx_path_openat+0x10/0x10 [ 537.175419][T13045] do_file_open+0x20e/0x430 [ 537.175442][T13045] ? __pfx_do_file_open+0x10/0x10 [ 537.175479][T13045] ? alloc_fd+0x476/0x790 [ 537.175502][T13045] ? do_getname+0x191/0x390 [ 537.175528][T13045] do_sys_openat2+0x10d/0x1e0 [ 537.175554][T13045] ? __pfx_do_sys_openat2+0x10/0x10 [ 537.175588][T13045] __x64_sys_openat+0x12d/0x210 [ 537.175615][T13045] ? __pfx___x64_sys_openat+0x10/0x10 [ 537.175650][T13045] do_syscall_64+0x106/0xf80 [ 537.175668][T13045] ? clear_bhb_loop+0x40/0x90 [ 537.175691][T13045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 537.175710][T13045] RIP: 0033:0x7f59da39c819 [ 537.175736][T13045] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 537.175754][T13045] RSP: 002b:00007f59db26b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 537.175774][T13045] RAX: ffffffffffffffda RBX: 00007f59da615fa0 RCX: 00007f59da39c819 [ 537.175787][T13045] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 537.175799][T13045] RBP: 00007f59da432c91 R08: 0000000000000000 R09: 0000000000000000 [ 537.175810][T13045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 537.175822][T13045] R13: 00007f59da616038 R14: 00007f59da615fa0 R15: 00007fffbfbe7138 [ 537.175846][T13045] [ 537.175891][T13045] warn_alloc: 1 callbacks suppressed [ 537.175902][T13045] syz.1.1739: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 537.729822][T13037] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 537.761473][T13037] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 537.767513][T13037] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 537.790638][T13037] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 538.430696][ T30] audit: type=1800 audit(4294969787.598:38): pid=13059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1743" name="dbroot" dev="configfs" ino=42936 res=0 errno=0 [ 538.826393][T12689] Bluetooth: hci0: command 0x0c1a tx timeout [ 539.088641][T13045] ,cpuset=/,mems_allowed=0-1 [ 539.113599][T13045] CPU: 0 UID: 0 PID: 13045 Comm: syz.1.1739 Tainted: G U L syzkaller #0 PREEMPT(full) [ 539.113634][T13045] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 539.113641][T13045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 539.113653][T13045] Call Trace: [ 539.113660][T13045] [ 539.113667][T13045] dump_stack_lvl+0x100/0x190 [ 539.113701][T13045] warn_alloc.cold+0x95/0x1c1 [ 539.113734][T13045] ? __pfx_warn_alloc+0x10/0x10 [ 539.113769][T13045] ? lockdep_hardirqs_on+0x78/0x100 [ 539.113791][T13045] ? __get_vm_area_node+0x2c5/0x330 [ 539.113820][T13045] ? __get_vm_area_node+0x208/0x330 [ 539.113847][T13045] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 539.113875][T13045] ? look_up_lock_class+0x64/0x120 [ 539.113897][T13045] ? n_tty_open+0x1a/0x170 [ 539.113926][T13045] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 539.113952][T13045] ? __ldsem_down_write_nested+0xfd/0x830 [ 539.113974][T13045] ? __ldsem_down_write_nested+0x10e/0x830 [ 539.113995][T13045] ? is_console_locked+0x9/0x20 [ 539.114022][T13045] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 539.114048][T13045] ? n_tty_open+0x1a/0x170 [ 539.114068][T13045] __vmalloc_node_noprof+0xad/0xf0 [ 539.114093][T13045] ? n_tty_open+0x1a/0x170 [ 539.114114][T13045] ? __pfx_n_tty_open+0x10/0x10 [ 539.114136][T13045] n_tty_open+0x1a/0x170 [ 539.114157][T13045] tty_ldisc_open+0xa2/0x120 [ 539.114184][T13045] tty_ldisc_setup+0x40/0xf0 [ 539.114218][T13045] tty_init_dev.part.0+0x1b5/0x470 [ 539.114241][T13045] tty_open+0xa63/0xfa0 [ 539.114263][T13045] ? __pfx_tty_open+0x10/0x10 [ 539.114281][T13045] ? chrdev_open+0x10b/0x6a0 [ 539.114301][T13045] ? chrdev_open+0x10b/0x6a0 [ 539.114325][T13045] ? __pfx_tty_open+0x10/0x10 [ 539.114344][T13045] chrdev_open+0x234/0x6a0 [ 539.114364][T13045] ? __pfx_apparmor_file_open+0x10/0x10 [ 539.114386][T13045] ? __pfx_chrdev_open+0x10/0x10 [ 539.114409][T13045] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 539.114436][T13045] do_dentry_open+0x6d8/0x1660 [ 539.114456][T13045] ? __pfx_chrdev_open+0x10/0x10 [ 539.114483][T13045] vfs_open+0x82/0x3f0 [ 539.114511][T13045] path_openat+0x208c/0x31a0 [ 539.114541][T13045] ? __pfx_path_openat+0x10/0x10 [ 539.114571][T13045] do_file_open+0x20e/0x430 [ 539.114594][T13045] ? __pfx_do_file_open+0x10/0x10 [ 539.114637][T13045] ? alloc_fd+0x476/0x790 [ 539.114659][T13045] ? do_getname+0x191/0x390 [ 539.114687][T13045] do_sys_openat2+0x10d/0x1e0 [ 539.114714][T13045] ? __pfx_do_sys_openat2+0x10/0x10 [ 539.114755][T13045] __x64_sys_openat+0x12d/0x210 [ 539.114783][T13045] ? __pfx___x64_sys_openat+0x10/0x10 [ 539.114820][T13045] do_syscall_64+0x106/0xf80 [ 539.114838][T13045] ? clear_bhb_loop+0x40/0x90 [ 539.114862][T13045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 539.114882][T13045] RIP: 0033:0x7f59da39c819 [ 539.114899][T13045] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 539.114918][T13045] RSP: 002b:00007f59db26b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 539.114938][T13045] RAX: ffffffffffffffda RBX: 00007f59da615fa0 RCX: 00007f59da39c819 [ 539.114950][T13045] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 539.114962][T13045] RBP: 00007f59da432c91 R08: 0000000000000000 R09: 0000000000000000 [ 539.114973][T13045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 539.114984][T13045] R13: 00007f59da616038 R14: 00007f59da615fa0 R15: 00007fffbfbe7138 [ 539.115009][T13045] [ 539.118180][T13045] Mem-Info: [ 539.749689][ T30] audit: type=1800 audit(4294969788.948:39): pid=13068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1745" name="dbroot" dev="configfs" ino=42981 res=0 errno=0 [ 539.873964][T13071] random: crng reseeded on system resumption [ 539.979398][T12689] Bluetooth: hci3: command 0x0c1a tx timeout [ 539.986259][T12689] Bluetooth: hci2: command 0x0c1a tx timeout [ 539.992609][T12689] Bluetooth: hci1: command 0x0c1a tx timeout [ 540.096702][ T30] audit: type=1800 audit(4294969789.298:40): pid=13078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1748" name="dbroot" dev="configfs" ino=43001 res=0 errno=0 [ 540.286915][T13080] random: crng reseeded on system resumption [ 540.618705][T13045] active_anon:42539 inactive_anon:8860 isolated_anon:0 [ 540.618705][T13045] active_file:10042 inactive_file:48609 isolated_file:0 [ 540.618705][T13045] unevictable:1955 dirty:397 writeback:0 [ 540.618705][T13045] slab_reclaimable:12422 slab_unreclaimable:95067 [ 540.618705][T13045] mapped:45357 shmem:30999 pagetables:2079 [ 540.618705][T13045] sec_pagetables:0 bounce:0 [ 540.618705][T13045] kernel_misc_reclaimable:0 [ 540.618705][T13045] free:1268722 free_pcp:6797 free_cma:0 [ 540.766236][T13045] Node 0 active_anon:174628kB inactive_anon:35440kB active_file:40168kB inactive_file:194236kB unevictable:6176kB isolated(anon):0kB isolated(file):0kB mapped:185792kB dirty:1504kB writeback:0kB shmem:126932kB shmem_thp:6144kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11840kB pagetables:8152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 540.880540][T13045] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1644kB isolated(anon):0kB isolated(file):0kB mapped:108kB dirty:84kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 540.982486][T13045] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 541.076938][T13045] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 541.093935][T13045] Node 0 DMA32 free:1110904kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:178572kB inactive_anon:35440kB active_file:40168kB inactive_file:194340kB unevictable:4668kB writepending:1504kB zspages:744kB present:3129332kB managed:2537292kB mlocked:3132kB bounce:0kB free_pcp:41316kB local_pcp:41316kB free_cma:0kB [ 541.176893][T13083] kexec: Could not allocate control_code_buffer [ 541.212172][T13045] lowmem_reserve[]: 0 0 1 1 1 [ 541.222422][T13045] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1056kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 541.355090][T13045] lowmem_reserve[]: 0 0 0 0 0 [ 541.370547][T13045] Node 1 Normal free:3937540kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:304kB unevictable:1540kB writepending:84kB zspages:0kB present:4194300kB managed:4111100kB mlocked:4kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 541.467885][T13045] lowmem_reserve[]: 0 0 0 0 0 [ 541.484756][T13045] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 541.525163][T13045] Node 0 DMA32: 840*4kB (UE) 2979*8kB (UE) 1558*16kB (UME) 385*32kB (U) 361*64kB (UM) 715*128kB (UM) 451*256kB (UM) 274*512kB (UME) 132*1024kB (UME) 1*2048kB (M) 131*4096kB (UM) = 1108600kB [ 541.588264][T13045] Node 0 Normal: 2*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 541.624566][T13045] Node 1 Normal: 11*4kB (UM) 13*8kB (UM) 13*16kB (UM) 13*32kB (UM) 10*64kB (UM) 7*128kB (UM) 4*256kB (UM) 2*512kB (UM) 3*1024kB (UM) 1*2048kB (M) 959*4096kB (M) = 3937540kB [ 541.681560][T13045] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 541.713241][T13045] Node 0 hugepages_total=4 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 541.743074][T13045] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 541.774764][T13045] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 541.806293][T13045] 95744 total pagecache pages [ 541.819440][T13045] 31 pages in swap cache [ 541.836909][T13045] Free swap = 116100kB [ 541.856251][T13045] Total swap = 124996kB [ 541.867071][T13045] 2097051 pages RAM [ 541.883716][T13045] 0 pages HighMem/MovableOnly [ 541.898718][T13045] 430849 pages reserved [ 541.909906][T13045] 0 pages cma reserved [ 541.922505][T13045] tty tty16: ldisc open failed (-12), clearing slot 15 [ 542.977137][T13123] random: crng reseeded on system resumption [ 543.188420][T13126] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1759'. [ 543.433713][ T30] audit: type=1800 audit(4294969792.686:41): pid=13136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1761" name="dbroot" dev="configfs" ino=43200 res=0 errno=0 [ 543.675526][T13136] random: crng reseeded on system resumption [ 543.716094][T13142] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 544.262449][T13151] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1763'. [ 544.594597][T13147] input input51: cannot allocate more than FF_MAX_EFFECTS effects [ 544.658461][T13157] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1766'. [ 545.926597][ T30] audit: type=1800 audit(4294969795.175:42): pid=13183 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1772" name="dbroot" dev="configfs" ino=43349 res=0 errno=0 [ 546.045246][T13185] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 546.108826][T13183] random: crng reseeded on system resumption [ 546.735354][T13193] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1776'. [ 547.886672][T13226] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 548.762821][T13234] Invalid ELF header magic: != ELF [ 548.980023][T13244] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1787'. [ 550.352375][T13267] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1791'. [ 551.448574][T13298] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 551.517508][T13300] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1795'. [ 551.605263][T13300] HfR: entered promiscuous mode [ 552.188485][T13312] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 552.188485][T13312] The task syz.0.1800 (13312) triggered the difference, watch for misbehavior. [ 552.737905][T11112] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 552.758632][T13332] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 553.049126][ T30] audit: type=1800 audit(4294969802.291:43): pid=13336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1806" name="dbroot" dev="configfs" ino=44046 res=0 errno=0 [ 553.461592][T13336] random: crng reseeded on system resumption [ 554.705684][T13364] FAULT_INJECTION: forcing a failure. [ 554.705684][T13364] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 554.779993][T13364] CPU: 0 UID: 0 PID: 13364 Comm: syz.0.1816 Tainted: G U L syzkaller #0 PREEMPT(full) [ 554.780029][T13364] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 554.780037][T13364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 554.780048][T13364] Call Trace: [ 554.780055][T13364] [ 554.780063][T13364] dump_stack_lvl+0x100/0x190 [ 554.780096][T13364] should_fail_ex.cold+0x5/0xa [ 554.780116][T13364] ? prepare_alloc_pages+0x16d/0x5f0 [ 554.780141][T13364] should_fail_alloc_page+0xeb/0x140 [ 554.780165][T13364] prepare_alloc_pages+0x1f0/0x5f0 [ 554.780192][T13364] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 554.780233][T13364] ? stack_trace_save+0x8e/0xc0 [ 554.780253][T13364] ? __pfx_stack_trace_save+0x10/0x10 [ 554.780272][T13364] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 554.780301][T13364] ? stack_depot_save_flags+0x27/0x9d0 [ 554.780332][T13364] ? kasan_save_stack+0x3f/0x50 [ 554.780348][T13364] ? kasan_save_stack+0x30/0x50 [ 554.780364][T13364] ? kasan_save_track+0x14/0x30 [ 554.780380][T13364] ? __kasan_kmalloc+0xaa/0xb0 [ 554.780399][T13364] ? do_file_open+0x20e/0x430 [ 554.780418][T13364] ? do_sys_openat2+0x10d/0x1e0 [ 554.780442][T13364] ? __x64_sys_openat+0x12d/0x210 [ 554.780466][T13364] ? do_syscall_64+0x106/0xf80 [ 554.780485][T13364] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 554.780508][T13364] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 554.780530][T13364] ? policy_nodemask+0xed/0x4f0 [ 554.780552][T13364] alloc_pages_mpol+0x1fb/0x550 [ 554.780574][T13364] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 554.780609][T13364] alloc_pages_noprof+0x136/0x390 [ 554.780631][T13364] get_zeroed_page_noprof+0x18/0xb0 [ 554.780654][T13364] mon_alloc_buff+0xce/0x1b0 [ 554.780678][T13364] ? kasan_save_track+0x14/0x30 [ 554.780698][T13364] mon_bin_open+0x207/0x470 [ 554.780722][T13364] ? __pfx_mon_bin_open+0x10/0x10 [ 554.780747][T13364] chrdev_open+0x234/0x6a0 [ 554.780767][T13364] ? __pfx_apparmor_file_open+0x10/0x10 [ 554.780788][T13364] ? __pfx_chrdev_open+0x10/0x10 [ 554.780810][T13364] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 554.780836][T13364] do_dentry_open+0x6d8/0x1660 [ 554.780855][T13364] ? __pfx_chrdev_open+0x10/0x10 [ 554.780881][T13364] vfs_open+0x82/0x3f0 [ 554.780909][T13364] path_openat+0x208c/0x31a0 [ 554.780937][T13364] ? __pfx_path_openat+0x10/0x10 [ 554.780965][T13364] do_file_open+0x20e/0x430 [ 554.780988][T13364] ? __pfx_do_file_open+0x10/0x10 [ 554.781029][T13364] ? alloc_fd+0x476/0x790 [ 554.781051][T13364] ? do_getname+0x191/0x390 [ 554.781077][T13364] do_sys_openat2+0x10d/0x1e0 [ 554.781103][T13364] ? __pfx_do_sys_openat2+0x10/0x10 [ 554.781130][T13364] ? __fget_files+0x21f/0x3d0 [ 554.781153][T13364] __x64_sys_openat+0x12d/0x210 [ 554.781180][T13364] ? __pfx___x64_sys_openat+0x10/0x10 [ 554.781215][T13364] do_syscall_64+0x106/0xf80 [ 554.781232][T13364] ? clear_bhb_loop+0x40/0x90 [ 554.781255][T13364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 554.781274][T13364] RIP: 0033:0x7fb599d9c819 [ 554.781291][T13364] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 554.781308][T13364] RSP: 002b:00007fb59abdf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 554.781327][T13364] RAX: ffffffffffffffda RBX: 00007fb59a016090 RCX: 00007fb599d9c819 [ 554.781339][T13364] RDX: 0000000000002040 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 554.781350][T13364] RBP: 00007fb599e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 554.781361][T13364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 554.781371][T13364] R13: 00007fb59a016128 R14: 00007fb59a016090 R15: 00007ffd7defbd18 [ 554.781394][T13364] [ 554.782723][T13369] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1817'. [ 555.678166][T13372] zswap: compressor not available [ 556.155000][ T30] audit: type=1806 audit(4294969805.399:44): xattr="" res=-22 [ 556.199377][T13394] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1823'. [ 556.375198][T13401] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1823'. [ 556.469299][T13405] ptp: physical clock is free running [ 556.509716][T13398] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1823'. [ 557.103103][T13411] FAULT_INJECTION: forcing a failure. [ 557.103103][T13411] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 557.173846][T13411] CPU: 0 UID: 0 PID: 13411 Comm: syz.2.1827 Tainted: G U L syzkaller #0 PREEMPT(full) [ 557.173880][T13411] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 557.173888][T13411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 557.173899][T13411] Call Trace: [ 557.173906][T13411] [ 557.173914][T13411] dump_stack_lvl+0x100/0x190 [ 557.173948][T13411] should_fail_ex.cold+0x5/0xa [ 557.173967][T13411] ? prepare_alloc_pages+0x16d/0x5f0 [ 557.173992][T13411] should_fail_alloc_page+0xeb/0x140 [ 557.174016][T13411] prepare_alloc_pages+0x1f0/0x5f0 [ 557.174043][T13411] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 557.174084][T13411] ? stack_trace_save+0x8e/0xc0 [ 557.174104][T13411] ? __pfx_stack_trace_save+0x10/0x10 [ 557.174123][T13411] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 557.174152][T13411] ? stack_depot_save_flags+0x27/0x9d0 [ 557.174182][T13411] ? kasan_save_stack+0x3f/0x50 [ 557.174198][T13411] ? kasan_save_stack+0x30/0x50 [ 557.174218][T13411] ? kasan_save_track+0x14/0x30 [ 557.174234][T13411] ? __kasan_kmalloc+0xaa/0xb0 [ 557.174252][T13411] ? do_file_open+0x20e/0x430 [ 557.174271][T13411] ? do_sys_openat2+0x10d/0x1e0 [ 557.174295][T13411] ? __x64_sys_openat+0x12d/0x210 [ 557.174319][T13411] ? do_syscall_64+0x106/0xf80 [ 557.174337][T13411] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.174359][T13411] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 557.174380][T13411] ? policy_nodemask+0xed/0x4f0 [ 557.174403][T13411] alloc_pages_mpol+0x1fb/0x550 [ 557.174424][T13411] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 557.174452][T13411] alloc_pages_noprof+0x136/0x390 [ 557.174474][T13411] get_zeroed_page_noprof+0x18/0xb0 [ 557.174496][T13411] mon_alloc_buff+0xce/0x1b0 [ 557.174519][T13411] ? kasan_save_track+0x14/0x30 [ 557.174538][T13411] mon_bin_open+0x207/0x470 [ 557.174563][T13411] ? __pfx_mon_bin_open+0x10/0x10 [ 557.174587][T13411] chrdev_open+0x234/0x6a0 [ 557.174606][T13411] ? __pfx_apparmor_file_open+0x10/0x10 [ 557.174628][T13411] ? __pfx_chrdev_open+0x10/0x10 [ 557.174649][T13411] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 557.174676][T13411] do_dentry_open+0x6d8/0x1660 [ 557.174695][T13411] ? __pfx_chrdev_open+0x10/0x10 [ 557.174721][T13411] vfs_open+0x82/0x3f0 [ 557.174748][T13411] path_openat+0x208c/0x31a0 [ 557.174775][T13411] ? __pfx_path_openat+0x10/0x10 [ 557.174813][T13411] do_file_open+0x20e/0x430 [ 557.174836][T13411] ? __pfx_do_file_open+0x10/0x10 [ 557.174874][T13411] ? alloc_fd+0x476/0x790 [ 557.174896][T13411] ? do_getname+0x191/0x390 [ 557.174923][T13411] do_sys_openat2+0x10d/0x1e0 [ 557.174949][T13411] ? __pfx_do_sys_openat2+0x10/0x10 [ 557.174977][T13411] ? __fget_files+0x21f/0x3d0 [ 557.175001][T13411] __x64_sys_openat+0x12d/0x210 [ 557.175028][T13411] ? __pfx___x64_sys_openat+0x10/0x10 [ 557.175062][T13411] do_syscall_64+0x106/0xf80 [ 557.175080][T13411] ? clear_bhb_loop+0x40/0x90 [ 557.175103][T13411] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.175123][T13411] RIP: 0033:0x7f594139c819 [ 557.175139][T13411] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 557.175156][T13411] RSP: 002b:00007f5942279028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 557.175175][T13411] RAX: ffffffffffffffda RBX: 00007f5941616090 RCX: 00007f594139c819 [ 557.175187][T13411] RDX: 0000000000002040 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 557.175198][T13411] RBP: 00007f5941432c91 R08: 0000000000000000 R09: 0000000000000000 [ 557.175210][T13411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 557.175220][T13411] R13: 00007f5941616128 R14: 00007f5941616090 R15: 00007fffa66393d8 [ 557.175243][T13411] [ 559.512061][T11116] netdevsim netdevsim1074 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 561.055124][T13457] nvme_fcloop: unknown parameter or missing value '7=";&L=j"Yq'R"' [ 561.098930][T13455] FAULT_INJECTION: forcing a failure. [ 561.098930][T13455] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 561.146749][T13455] CPU: 0 UID: 0 PID: 13455 Comm: syz.1.1840 Tainted: G U L syzkaller #0 PREEMPT(full) [ 561.146786][T13455] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 561.146794][T13455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 561.146805][T13455] Call Trace: [ 561.146812][T13455] [ 561.146820][T13455] dump_stack_lvl+0x100/0x190 [ 561.146853][T13455] should_fail_ex.cold+0x5/0xa [ 561.146873][T13455] ? prepare_alloc_pages+0x16d/0x5f0 [ 561.146898][T13455] should_fail_alloc_page+0xeb/0x140 [ 561.146921][T13455] prepare_alloc_pages+0x1f0/0x5f0 [ 561.146948][T13455] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 561.146993][T13455] ? stack_trace_save+0x8e/0xc0 [ 561.147013][T13455] ? __pfx_stack_trace_save+0x10/0x10 [ 561.147033][T13455] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 561.147062][T13455] ? stack_depot_save_flags+0x27/0x9d0 [ 561.147093][T13455] ? kasan_save_stack+0x3f/0x50 [ 561.147109][T13455] ? kasan_save_stack+0x30/0x50 [ 561.147125][T13455] ? kasan_save_track+0x14/0x30 [ 561.147142][T13455] ? __kasan_kmalloc+0xaa/0xb0 [ 561.147160][T13455] ? do_file_open+0x20e/0x430 [ 561.147179][T13455] ? do_sys_openat2+0x10d/0x1e0 [ 561.147204][T13455] ? __x64_sys_openat+0x12d/0x210 [ 561.147228][T13455] ? do_syscall_64+0x106/0xf80 [ 561.147246][T13455] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 561.147269][T13455] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 561.147290][T13455] ? policy_nodemask+0xed/0x4f0 [ 561.147313][T13455] alloc_pages_mpol+0x1fb/0x550 [ 561.147335][T13455] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 561.147362][T13455] alloc_pages_noprof+0x136/0x390 [ 561.147385][T13455] get_zeroed_page_noprof+0x18/0xb0 [ 561.147407][T13455] mon_alloc_buff+0xce/0x1b0 [ 561.147431][T13455] ? kasan_save_track+0x14/0x30 [ 561.147451][T13455] mon_bin_open+0x207/0x470 [ 561.147501][T13455] ? __pfx_mon_bin_open+0x10/0x10 [ 561.147532][T13455] chrdev_open+0x234/0x6a0 [ 561.147553][T13455] ? __pfx_apparmor_file_open+0x10/0x10 [ 561.147575][T13455] ? __pfx_chrdev_open+0x10/0x10 [ 561.147597][T13455] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 561.147623][T13455] do_dentry_open+0x6d8/0x1660 [ 561.147643][T13455] ? __pfx_chrdev_open+0x10/0x10 [ 561.147670][T13455] vfs_open+0x82/0x3f0 [ 561.147698][T13455] path_openat+0x208c/0x31a0 [ 561.147727][T13455] ? __pfx_path_openat+0x10/0x10 [ 561.147756][T13455] do_file_open+0x20e/0x430 [ 561.147781][T13455] ? __pfx_do_file_open+0x10/0x10 [ 561.147819][T13455] ? alloc_fd+0x476/0x790 [ 561.147840][T13455] ? do_getname+0x191/0x390 [ 561.147867][T13455] do_sys_openat2+0x10d/0x1e0 [ 561.147893][T13455] ? __pfx_do_sys_openat2+0x10/0x10 [ 561.147920][T13455] ? __fget_files+0x21f/0x3d0 [ 561.147944][T13455] __x64_sys_openat+0x12d/0x210 [ 561.147971][T13455] ? __pfx___x64_sys_openat+0x10/0x10 [ 561.148006][T13455] do_syscall_64+0x106/0xf80 [ 561.148024][T13455] ? clear_bhb_loop+0x40/0x90 [ 561.148047][T13455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 561.148066][T13455] RIP: 0033:0x7f59da39c819 [ 561.148082][T13455] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 561.148100][T13455] RSP: 002b:00007f59db24a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 561.148120][T13455] RAX: ffffffffffffffda RBX: 00007f59da616090 RCX: 00007f59da39c819 [ 561.148132][T13455] RDX: 0000000000002040 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 561.148143][T13455] RBP: 00007f59da432c91 R08: 0000000000000000 R09: 0000000000000000 [ 561.148154][T13455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 561.148165][T13455] R13: 00007f59da616128 R14: 00007f59da616090 R15: 00007fffbfbe7138 [ 561.148189][T13455] [ 561.667463][T13463] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 561.785561][T13466] FAULT_INJECTION: forcing a failure. [ 561.785561][T13466] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 561.799212][T13466] CPU: 0 UID: 0 PID: 13466 Comm: syz.2.1845 Tainted: G U L syzkaller #0 PREEMPT(full) [ 561.799245][T13466] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 561.799253][T13466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 561.799264][T13466] Call Trace: [ 561.799271][T13466] [ 561.799279][T13466] dump_stack_lvl+0x100/0x190 [ 561.799313][T13466] should_fail_ex.cold+0x5/0xa [ 561.799332][T13466] ? prepare_alloc_pages+0x16d/0x5f0 [ 561.799357][T13466] should_fail_alloc_page+0xeb/0x140 [ 561.799381][T13466] prepare_alloc_pages+0x1f0/0x5f0 [ 561.799408][T13466] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 561.799449][T13466] ? find_held_lock+0x2b/0x80 [ 561.799467][T13466] ? is_bpf_text_address+0x8a/0x1a0 [ 561.799496][T13466] ? is_bpf_text_address+0x8a/0x1a0 [ 561.799526][T13466] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 561.799556][T13466] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 561.799578][T13466] ? is_bpf_text_address+0x94/0x1a0 [ 561.799608][T13466] ? kernel_text_address+0x8d/0x100 [ 561.799636][T13466] ? __kernel_text_address+0xd/0x30 [ 561.799663][T13466] ? unwind_get_return_address+0x59/0xa0 [ 561.799693][T13466] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 561.799714][T13466] ? policy_nodemask+0xed/0x4f0 [ 561.799748][T13466] alloc_pages_mpol+0x1fb/0x550 [ 561.799770][T13466] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 561.799791][T13466] ? kasan_save_stack+0x30/0x50 [ 561.799807][T13466] ? kasan_save_track+0x14/0x30 [ 561.799824][T13466] ? __kasan_kmalloc+0xaa/0xb0 [ 561.799840][T13466] ? __get_vm_area_node+0x101/0x330 [ 561.799862][T13466] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 561.799891][T13466] alloc_pages_noprof+0x136/0x390 [ 561.799914][T13466] get_free_pages_noprof+0x10/0xb0 [ 561.799935][T13466] __kasan_populate_vmalloc+0xa0/0x210 [ 561.799970][T13466] alloc_vmap_area+0x95d/0x2bd0 [ 561.800001][T13466] ? __pfx_alloc_vmap_area+0x10/0x10 [ 561.800028][T13466] __get_vm_area_node+0x1ca/0x330 [ 561.800055][T13466] __vmalloc_node_range_noprof+0x213/0x1530 [ 561.800081][T13466] ? n_tty_open+0x1a/0x170 [ 561.800103][T13466] ? look_up_lock_class+0x64/0x120 [ 561.800125][T13466] ? n_tty_open+0x1a/0x170 [ 561.800152][T13466] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 561.800178][T13466] ? __ldsem_down_write_nested+0xfd/0x830 [ 561.800199][T13466] ? __ldsem_down_write_nested+0x10e/0x830 [ 561.800219][T13466] ? is_console_locked+0x9/0x20 [ 561.800246][T13466] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 561.800271][T13466] ? n_tty_open+0x1a/0x170 [ 561.800291][T13466] __vmalloc_node_noprof+0xad/0xf0 [ 561.800316][T13466] ? n_tty_open+0x1a/0x170 [ 561.800337][T13466] ? __pfx_n_tty_open+0x10/0x10 [ 561.800358][T13466] n_tty_open+0x1a/0x170 [ 561.800378][T13466] tty_ldisc_open+0xa2/0x120 [ 561.800404][T13466] tty_ldisc_setup+0x40/0xf0 [ 561.800432][T13466] tty_init_dev.part.0+0x1b5/0x470 [ 561.800453][T13466] tty_open+0xa63/0xfa0 [ 561.800475][T13466] ? __pfx_tty_open+0x10/0x10 [ 561.800492][T13466] ? chrdev_open+0x10b/0x6a0 [ 561.800511][T13466] ? chrdev_open+0x10b/0x6a0 [ 561.800534][T13466] ? __pfx_tty_open+0x10/0x10 [ 561.800552][T13466] chrdev_open+0x234/0x6a0 [ 561.800571][T13466] ? __pfx_apparmor_file_open+0x10/0x10 [ 561.800593][T13466] ? __pfx_chrdev_open+0x10/0x10 [ 561.800615][T13466] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 561.800641][T13466] do_dentry_open+0x6d8/0x1660 [ 561.800661][T13466] ? __pfx_chrdev_open+0x10/0x10 [ 561.800686][T13466] vfs_open+0x82/0x3f0 [ 561.800713][T13466] path_openat+0x208c/0x31a0 [ 561.800750][T13466] ? __pfx_path_openat+0x10/0x10 [ 561.800779][T13466] do_file_open+0x20e/0x430 [ 561.800802][T13466] ? __pfx_do_file_open+0x10/0x10 [ 561.800840][T13466] ? alloc_fd+0x476/0x790 [ 561.800862][T13466] ? do_getname+0x191/0x390 [ 561.800891][T13466] do_sys_openat2+0x10d/0x1e0 [ 561.800917][T13466] ? __pfx_do_sys_openat2+0x10/0x10 [ 561.800952][T13466] __x64_sys_openat+0x12d/0x210 [ 561.800979][T13466] ? __pfx___x64_sys_openat+0x10/0x10 [ 561.801014][T13466] do_syscall_64+0x106/0xf80 [ 561.801032][T13466] ? clear_bhb_loop+0x40/0x90 [ 561.801055][T13466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 561.801075][T13466] RIP: 0033:0x7f594139c819 [ 561.801092][T13466] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 561.801111][T13466] RSP: 002b:00007f594229a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 561.801130][T13466] RAX: ffffffffffffffda RBX: 00007f5941615fa0 RCX: 00007f594139c819 [ 561.801142][T13466] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 561.801153][T13466] RBP: 00007f5941432c91 R08: 0000000000000000 R09: 0000000000000000 [ 561.801165][T13466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 561.801176][T13466] R13: 00007f5941616038 R14: 00007f5941615fa0 R15: 00007fffa66393d8 [ 561.801200][T13466] [ 561.801244][T13466] syz.2.1845: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 563.297060][T13466] CPU: 0 UID: 0 PID: 13466 Comm: syz.2.1845 Tainted: G U L syzkaller #0 PREEMPT(full) [ 563.297095][T13466] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 563.297103][T13466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 563.297115][T13466] Call Trace: [ 563.297122][T13466] [ 563.297129][T13466] dump_stack_lvl+0x100/0x190 [ 563.297164][T13466] warn_alloc.cold+0x95/0x1c1 [ 563.297197][T13466] ? __pfx_warn_alloc+0x10/0x10 [ 563.297226][T13466] ? lockdep_hardirqs_on+0x78/0x100 [ 563.297248][T13466] ? __get_vm_area_node+0x2c5/0x330 [ 563.297276][T13466] ? __get_vm_area_node+0x208/0x330 [ 563.297305][T13466] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 563.297333][T13466] ? look_up_lock_class+0x64/0x120 [ 563.297355][T13466] ? n_tty_open+0x1a/0x170 [ 563.297383][T13466] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 563.297409][T13466] ? __ldsem_down_write_nested+0xfd/0x830 [ 563.297431][T13466] ? __ldsem_down_write_nested+0x10e/0x830 [ 563.297452][T13466] ? is_console_locked+0x9/0x20 [ 563.297481][T13466] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 563.297506][T13466] ? n_tty_open+0x1a/0x170 [ 563.297532][T13466] __vmalloc_node_noprof+0xad/0xf0 [ 563.297557][T13466] ? n_tty_open+0x1a/0x170 [ 563.297578][T13466] ? __pfx_n_tty_open+0x10/0x10 [ 563.297599][T13466] n_tty_open+0x1a/0x170 [ 563.297620][T13466] tty_ldisc_open+0xa2/0x120 [ 563.297648][T13466] tty_ldisc_setup+0x40/0xf0 [ 563.297677][T13466] tty_init_dev.part.0+0x1b5/0x470 [ 563.297699][T13466] tty_open+0xa63/0xfa0 [ 563.297722][T13466] ? __pfx_tty_open+0x10/0x10 [ 563.297739][T13466] ? chrdev_open+0x10b/0x6a0 [ 563.297759][T13466] ? chrdev_open+0x10b/0x6a0 [ 563.297783][T13466] ? __pfx_tty_open+0x10/0x10 [ 563.297801][T13466] chrdev_open+0x234/0x6a0 [ 563.297821][T13466] ? __pfx_apparmor_file_open+0x10/0x10 [ 563.297843][T13466] ? __pfx_chrdev_open+0x10/0x10 [ 563.297865][T13466] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 563.297893][T13466] do_dentry_open+0x6d8/0x1660 [ 563.297914][T13466] ? __pfx_chrdev_open+0x10/0x10 [ 563.297940][T13466] vfs_open+0x82/0x3f0 [ 563.297969][T13466] path_openat+0x208c/0x31a0 [ 563.297998][T13466] ? __pfx_path_openat+0x10/0x10 [ 563.298027][T13466] do_file_open+0x20e/0x430 [ 563.298050][T13466] ? __pfx_do_file_open+0x10/0x10 [ 563.298092][T13466] ? alloc_fd+0x476/0x790 [ 563.298114][T13466] ? do_getname+0x191/0x390 [ 563.298141][T13466] do_sys_openat2+0x10d/0x1e0 [ 563.298168][T13466] ? __pfx_do_sys_openat2+0x10/0x10 [ 563.298203][T13466] __x64_sys_openat+0x12d/0x210 [ 563.298231][T13466] ? __pfx___x64_sys_openat+0x10/0x10 [ 563.298267][T13466] do_syscall_64+0x106/0xf80 [ 563.298285][T13466] ? clear_bhb_loop+0x40/0x90 [ 563.298308][T13466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 563.298328][T13466] RIP: 0033:0x7f594139c819 [ 563.298345][T13466] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 563.298363][T13466] RSP: 002b:00007f594229a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 563.298382][T13466] RAX: ffffffffffffffda RBX: 00007f5941615fa0 RCX: 00007f594139c819 [ 563.298394][T13466] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 563.298406][T13466] RBP: 00007f5941432c91 R08: 0000000000000000 R09: 0000000000000000 [ 563.298416][T13466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 563.298427][T13466] R13: 00007f5941616038 R14: 00007f5941615fa0 R15: 00007fffa66393d8 [ 563.298451][T13466] [ 563.865152][T13466] Mem-Info: [ 563.868318][T13466] active_anon:42807 inactive_anon:8860 isolated_anon:0 [ 563.868318][T13466] active_file:5961 inactive_file:53298 isolated_file:0 [ 563.868318][T13466] unevictable:768 dirty:991 writeback:0 [ 563.868318][T13466] slab_reclaimable:12455 slab_unreclaimable:95131 [ 563.868318][T13466] mapped:39474 shmem:30384 pagetables:2037 [ 563.868318][T13466] sec_pagetables:0 bounce:0 [ 563.868318][T13466] kernel_misc_reclaimable:0 [ 563.868318][T13466] free:1268835 free_pcp:11016 free_cma:0 [ 563.914628][T13466] Node 0 active_anon:171228kB inactive_anon:35440kB active_file:23844kB inactive_file:212884kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:157788kB dirty:3880kB writeback:0kB shmem:120000kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11712kB pagetables:7984kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 563.947618][T13466] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:308kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:108kB dirty:84kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 563.977988][T13466] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 564.016211][T13466] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 564.028605][T13466] Node 0 DMA32 free:1122432kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:171696kB inactive_anon:35440kB active_file:23844kB inactive_file:212884kB unevictable:1536kB writepending:3880kB zspages:744kB present:3129332kB managed:2537292kB mlocked:0kB bounce:0kB free_pcp:43564kB local_pcp:43564kB free_cma:0kB [ 564.080280][T13466] lowmem_reserve[]: 0 0 1 1 1 [ 564.085504][T13466] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1056kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 564.142626][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 564.159970][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.176807][T13466] lowmem_reserve[]: 0 0 0 0 0 [ 564.190145][T13466] Node 1 Normal free:3937540kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:308kB unevictable:1536kB writepending:84kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 564.255006][T13466] lowmem_reserve[]: 0 0 0 0 0 [ 564.260110][T13466] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 564.272906][T13466] Node 0 DMA32: 3574*4kB (UE) 3089*8kB (UE) 1685*16kB (UE) 313*32kB (U) 204*64kB (UME) 713*128kB (UM) 463*256kB (UME) 276*512kB (UM) 132*1024kB (UME) 3*2048kB (UM) 132*4096kB (UM) = 1122128kB [ 564.292364][T13466] Node 0 Normal: 2*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 564.304502][T13466] Node 1 Normal: 11*4kB (UM) 13*8kB (UM) 13*16kB (UM) 13*32kB (UM) 10*64kB (UM) 7*128kB (UM) 4*256kB (UM) 2*512kB (UM) 3*1024kB (UM) 1*2048kB (M) 959*4096kB (M) = 3937540kB [ 564.364194][T13466] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 564.383723][T13466] Node 0 hugepages_total=4 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 564.403733][T13466] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 564.421427][T13466] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 564.442129][T13466] 90178 total pagecache pages [ 564.451773][T13466] 31 pages in swap cache [ 564.461036][T13466] Free swap = 116100kB [ 564.469356][T13466] Total swap = 124996kB [ 564.483757][T13466] 2097051 pages RAM [ 564.487613][T13466] 0 pages HighMem/MovableOnly [ 564.492286][T13466] 430849 pages reserved [ 564.504571][T13466] 0 pages cma reserved [ 564.512921][T13466] tty tty16: ldisc open failed (-12), clearing slot 15 [ 564.693905][T13493] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input53 [ 564.921948][T13498] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 565.794516][T13505] zswap: compressor not available [ 565.889671][T13519] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1858'. [ 565.963623][T13524] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1858'. [ 566.032778][T13519] netlink: 134 bytes leftover after parsing attributes in process `syz.2.1858'. [ 569.577593][T13594] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input54 [ 570.089794][ T30] audit: type=1800 audit(4294969819.323:45): pid=13608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1878" name="dbroot" dev="configfs" ino=45514 res=0 errno=0 [ 570.169665][T13597] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input55 [ 570.604151][T13608] random: crng reseeded on system resumption [ 571.357137][ T30] audit: type=1800 audit(4294969820.592:46): pid=13638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1884" name="dbroot" dev="configfs" ino=45637 res=0 errno=0 [ 571.711109][T13643] openvswitch: netlink: Message has 16 unknown bytes. [ 571.773078][T13638] random: crng reseeded on system resumption [ 572.454053][T13654] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1888'. [ 572.484661][T13654] openvswitch: HfR: Dropping previously announced user features [ 573.782714][T13669] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78400 [ 573.839734][T13670] sd 0:0:1:0: PR command failed: 1026 [ 573.875955][T13670] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 573.944205][T13669] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 574.017997][T13670] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 574.059830][T13669] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 574.067428][T13669] page_type: f5(slab) [ 574.185373][T13669] raw: 00fff00000000040 ffff88813fe3a140 dead000000000100 dead000000000122 [ 574.315959][T13669] raw: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 574.336297][ T30] audit: type=1800 audit(4294969823.570:47): pid=13693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1898" name="dbroot" dev="configfs" ino=45925 res=0 errno=0 [ 574.476271][T13669] head: 00fff00000000040 ffff88813fe3a140 dead000000000100 dead000000000122 [ 574.545918][T13693] random: crng reseeded on system resumption [ 574.729519][T13669] head: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 574.847413][T13669] head: 00fff00000000003 ffffea0001e10001 00000000ffffffff 00000000ffffffff [ 574.999623][T13669] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 575.145753][T13669] page dumped because: unmovable page [ 575.251744][T13669] page_owner tracks the page as allocated [ 575.257532][T13669] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 12, tgid 12 (kworker/u8:0), ts 140572147441, free_ts 140554756714 [ 575.461300][T13703] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1900'. [ 575.590406][T13669] post_alloc_hook+0x153/0x170 [ 575.652040][T13669] get_page_from_freelist+0x111d/0x3140 [ 575.687641][T13669] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 575.727525][T13669] new_slab+0xa6/0x6b0 [ 575.756908][T13669] refill_objects+0x26b/0x400 [ 575.784959][T13669] __pcs_replace_empty_main+0x1ab/0x660 [ 575.825510][T13669] __kmalloc_node_track_caller_noprof+0x694/0x850 [ 575.875656][T13669] kmalloc_reserve+0xe8/0x350 [ 575.895454][T13669] __alloc_skb+0x185/0x710 [ 575.919414][T13669] nsim_dev_trap_report_work+0x2af/0xd10 [ 575.946932][T13669] process_one_work+0xa23/0x19a0 [ 575.967194][T13669] worker_thread+0x5ef/0xe50 [ 575.989818][T13669] kthread+0x370/0x450 [ 576.011314][T13669] ret_from_fork+0x754/0xd80 [ 576.031760][T13669] ret_from_fork_asm+0x1a/0x30 [ 576.054498][T13669] page last free pid 0 tgid 0 stack trace: [ 576.082884][T13669] __free_frozen_pages+0x7e1/0x10d0 [ 576.098642][T13669] __folio_put+0x3b4/0x540 [ 576.109001][T13669] page_to_skb+0x84e/0xc40 [ 576.118634][T13669] receive_buf+0x85b/0x4670 [ 576.129431][T13669] virtnet_poll+0x1cec/0x3a20 [ 576.140551][T13669] __napi_poll.constprop.0+0xaf/0x450 [ 576.152340][T13669] net_rx_action+0xa40/0xf20 [ 576.162552][T13669] handle_softirqs+0x1eb/0x9e0 [ 576.173800][T13669] __irq_exit_rcu+0xef/0x150 [ 576.188699][T13669] irq_exit_rcu+0x9/0x30 [ 576.193897][T13669] common_interrupt+0xbe/0xe0 [ 576.198604][T13669] asm_common_interrupt+0x26/0x40 [ 576.320956][T13708] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 576.337375][T13708] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 576.372932][T13708] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 576.409813][T13708] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 576.865213][T13736] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1902'. [ 576.970285][T13737] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 577.026511][T13742] nvme_fcloop: unknown parameter or missing value '7=";&L=j"Yq'R"' [ 577.276842][T13749] FAULT_INJECTION: forcing a failure. [ 577.276842][T13749] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 577.361059][T13749] CPU: 0 UID: 0 PID: 13749 Comm: syz.2.1906 Tainted: G U L syzkaller #0 PREEMPT(full) [ 577.361095][T13749] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 577.361103][T13749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 577.361114][T13749] Call Trace: [ 577.361121][T13749] [ 577.361129][T13749] dump_stack_lvl+0x100/0x190 [ 577.361162][T13749] should_fail_ex.cold+0x5/0xa [ 577.361182][T13749] ? prepare_alloc_pages+0x16d/0x5f0 [ 577.361208][T13749] should_fail_alloc_page+0xeb/0x140 [ 577.361233][T13749] prepare_alloc_pages+0x1f0/0x5f0 [ 577.361260][T13749] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 577.361294][T13749] ? __pfx_css_rstat_updated+0x10/0x10 [ 577.361317][T13749] ? kasan_save_stack+0x3f/0x50 [ 577.361334][T13749] ? kasan_save_stack+0x30/0x50 [ 577.361350][T13749] ? kasan_save_track+0x14/0x30 [ 577.361372][T13749] ? rcu_is_watching+0x12/0xc0 [ 577.361402][T13749] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 577.361445][T13749] ? __asan_memcpy+0x3c/0x60 [ 577.361475][T13749] ? __pfx_interleave_nid+0x10/0x10 [ 577.361504][T13749] ? lock_acquire+0x1cf/0x380 [ 577.361529][T13749] ? find_held_lock+0x2b/0x80 [ 577.361547][T13749] ? page_table_check_set+0x49a/0xa10 [ 577.361569][T13749] ? policy_nodemask+0xed/0x4f0 [ 577.361592][T13749] alloc_pages_mpol+0x1fb/0x550 [ 577.361614][T13749] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 577.361642][T13749] folio_alloc_mpol_noprof+0x36/0x340 [ 577.361668][T13749] vma_alloc_folio_noprof+0xed/0x1d0 [ 577.361693][T13749] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 577.361724][T13749] do_anonymous_page+0xb3a/0x1fb0 [ 577.361759][T13749] __handle_mm_fault+0x1d48/0x2b60 [ 577.361791][T13749] ? __pfx___handle_mm_fault+0x10/0x10 [ 577.361819][T13749] ? pte_offset_map_lock+0x174/0x320 [ 577.361839][T13749] ? find_held_lock+0x2b/0x80 [ 577.361864][T13749] ? follow_page_pte+0x5b3/0x1400 [ 577.361891][T13749] handle_mm_fault+0x36d/0xa20 [ 577.361921][T13749] __get_user_pages+0xf9c/0x34d0 [ 577.361952][T13749] ? __pfx___get_user_pages+0x10/0x10 [ 577.361981][T13749] populate_vma_page_range+0x267/0x3f0 [ 577.362007][T13749] ? __pfx_populate_vma_page_range+0x10/0x10 [ 577.362030][T13749] ? __pfx_find_vma_intersection+0x10/0x10 [ 577.362052][T13749] ? do_mmap+0x93f/0x12f0 [ 577.362076][T13749] __mm_populate+0x107/0x3a0 [ 577.362104][T13749] ? __pfx___mm_populate+0x10/0x10 [ 577.362130][T13749] ? up_write+0x290/0x4f0 [ 577.362159][T13749] vm_mmap_pgoff+0x37f/0x470 [ 577.362185][T13749] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 577.362209][T13749] ? do_futex+0x192/0x350 [ 577.362235][T13749] ? __pfx_do_futex+0x10/0x10 [ 577.362264][T13749] ksys_mmap_pgoff+0xe1/0x650 [ 577.362285][T13749] ? __x64_sys_futex+0x34f/0x4d0 [ 577.362309][T13749] ? __x64_sys_futex+0x358/0x4d0 [ 577.362334][T13749] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 577.362356][T13749] ? xfd_validate_state+0x129/0x190 [ 577.362388][T13749] __x64_sys_mmap+0x125/0x190 [ 577.362425][T13749] do_syscall_64+0x106/0xf80 [ 577.362444][T13749] ? clear_bhb_loop+0x40/0x90 [ 577.362468][T13749] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.362488][T13749] RIP: 0033:0x7f594139c819 [ 577.362505][T13749] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 577.362524][T13749] RSP: 002b:00007f594229a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 577.362544][T13749] RAX: ffffffffffffffda RBX: 00007f5941615fa0 RCX: 00007f594139c819 [ 577.362556][T13749] RDX: 00000000000000df RSI: 0000000000400008 RDI: 00000000f4000000 [ 577.362567][T13749] RBP: 00007f5941432c91 R08: 0000000000000002 R09: 0000000000008000 [ 577.362579][T13749] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 577.362591][T13749] R13: 00007f5941616038 R14: 00007f5941615fa0 R15: 00007fffa66393d8 [ 577.362615][T13749] [ 578.202171][ T30] audit: type=1800 audit(4294969827.368:48): pid=13757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1908" name="dbroot" dev="configfs" ino=46269 res=0 errno=0 [ 578.346740][T13757] random: crng reseeded on system resumption [ 578.463439][T11112] Bluetooth: hci1: command 0x0c1a tx timeout [ 578.470084][T11112] Bluetooth: hci0: command 0x0c1a tx timeout [ 578.477084][T11112] Bluetooth: hci3: command 0x0c1a tx timeout [ 578.483324][T11112] Bluetooth: hci2: command 0x0c1a tx timeout [ 578.711787][T13767] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1909'. [ 579.034302][T13772] ptrace attach of "./syz-executor exec"[5827] was attempted by "./syz-executor exec"[13772] [ 579.273191][T13777] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 580.560771][ T10] Process accounting resumed [ 581.185148][T13820] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 581.487039][T13826] ptp: physical clock is free running [ 581.840670][T13830] FAULT_INJECTION: forcing a failure. [ 581.840670][T13830] name failslab, interval 1, probability 0, space 0, times 0 [ 582.042522][T13830] CPU: 0 UID: 0 PID: 13830 Comm: syz.0.1928 Tainted: G U L syzkaller #0 PREEMPT(full) [ 582.042557][T13830] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 582.042572][T13830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 582.042584][T13830] Call Trace: [ 582.042591][T13830] [ 582.042599][T13830] dump_stack_lvl+0x100/0x190 [ 582.042632][T13830] should_fail_ex.cold+0x5/0xa [ 582.042656][T13830] should_failslab+0xc2/0x120 [ 582.042679][T13830] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 582.042714][T13830] ? alloc_vmap_area+0x640/0x2bd0 [ 582.042740][T13830] alloc_vmap_area+0x640/0x2bd0 [ 582.042771][T13830] ? __pfx_alloc_vmap_area+0x10/0x10 [ 582.042798][T13830] __get_vm_area_node+0x1ca/0x330 [ 582.042826][T13830] __vmalloc_node_range_noprof+0x213/0x1530 [ 582.042853][T13830] ? n_tty_open+0x1a/0x170 [ 582.042875][T13830] ? look_up_lock_class+0x64/0x120 [ 582.042897][T13830] ? n_tty_open+0x1a/0x170 [ 582.042924][T13830] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 582.042949][T13830] ? __ldsem_down_write_nested+0xfd/0x830 [ 582.042970][T13830] ? __ldsem_down_write_nested+0x10e/0x830 [ 582.042991][T13830] ? is_console_locked+0x9/0x20 [ 582.043018][T13830] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 582.043044][T13830] ? n_tty_open+0x1a/0x170 [ 582.043063][T13830] __vmalloc_node_noprof+0xad/0xf0 [ 582.043088][T13830] ? n_tty_open+0x1a/0x170 [ 582.043110][T13830] ? __pfx_n_tty_open+0x10/0x10 [ 582.043131][T13830] n_tty_open+0x1a/0x170 [ 582.043152][T13830] tty_ldisc_open+0xa2/0x120 [ 582.043179][T13830] tty_ldisc_setup+0x40/0xf0 [ 582.043207][T13830] tty_init_dev.part.0+0x1b5/0x470 [ 582.043228][T13830] tty_open+0xa63/0xfa0 [ 582.043251][T13830] ? __pfx_tty_open+0x10/0x10 [ 582.043268][T13830] ? chrdev_open+0x10b/0x6a0 [ 582.043287][T13830] ? chrdev_open+0x10b/0x6a0 [ 582.043310][T13830] ? __pfx_tty_open+0x10/0x10 [ 582.043328][T13830] chrdev_open+0x234/0x6a0 [ 582.043348][T13830] ? __pfx_apparmor_file_open+0x10/0x10 [ 582.043370][T13830] ? __pfx_chrdev_open+0x10/0x10 [ 582.043391][T13830] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 582.043418][T13830] do_dentry_open+0x6d8/0x1660 [ 582.043438][T13830] ? __pfx_chrdev_open+0x10/0x10 [ 582.043464][T13830] vfs_open+0x82/0x3f0 [ 582.043491][T13830] path_openat+0x208c/0x31a0 [ 582.043521][T13830] ? __pfx_path_openat+0x10/0x10 [ 582.043552][T13830] do_file_open+0x20e/0x430 [ 582.043582][T13830] ? __pfx_do_file_open+0x10/0x10 [ 582.043620][T13830] ? alloc_fd+0x476/0x790 [ 582.043642][T13830] ? do_getname+0x191/0x390 [ 582.043668][T13830] do_sys_openat2+0x10d/0x1e0 [ 582.043694][T13830] ? __pfx_do_sys_openat2+0x10/0x10 [ 582.043728][T13830] __x64_sys_openat+0x12d/0x210 [ 582.043755][T13830] ? __pfx___x64_sys_openat+0x10/0x10 [ 582.043792][T13830] do_syscall_64+0x106/0xf80 [ 582.043810][T13830] ? clear_bhb_loop+0x40/0x90 [ 582.043834][T13830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 582.043854][T13830] RIP: 0033:0x7fb599d9c819 [ 582.043871][T13830] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 582.043890][T13830] RSP: 002b:00007fb59ac00028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 582.043908][T13830] RAX: ffffffffffffffda RBX: 00007fb59a015fa0 RCX: 00007fb599d9c819 [ 582.043921][T13830] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 582.043932][T13830] RBP: 00007fb599e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 582.043943][T13830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 582.043954][T13830] R13: 00007fb59a016038 R14: 00007fb59a015fa0 R15: 00007ffd7defbd18 [ 582.043978][T13830] [ 582.050667][T13830] syz.0.1928: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 582.950501][ T30] audit: type=1800 audit(4294969832.126:49): pid=13848 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1933" name="dbroot" dev="configfs" ino=47792 res=0 errno=0 [ 583.079358][T13848] random: crng reseeded on system resumption [ 584.074489][T13830] ,cpuset=/,mems_allowed=0-1 [ 584.079159][T13830] CPU: 0 UID: 0 PID: 13830 Comm: syz.0.1928 Tainted: G U L syzkaller #0 PREEMPT(full) [ 584.079191][T13830] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 584.079198][T13830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 584.079210][T13830] Call Trace: [ 584.079217][T13830] [ 584.079225][T13830] dump_stack_lvl+0x100/0x190 [ 584.079264][T13830] warn_alloc.cold+0x95/0x1c1 [ 584.079297][T13830] ? __pfx_warn_alloc+0x10/0x10 [ 584.079325][T13830] ? lockdep_hardirqs_on+0x78/0x100 [ 584.079348][T13830] ? __get_vm_area_node+0x2c5/0x330 [ 584.079376][T13830] ? __get_vm_area_node+0x208/0x330 [ 584.079403][T13830] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 584.079431][T13830] ? look_up_lock_class+0x64/0x120 [ 584.079453][T13830] ? n_tty_open+0x1a/0x170 [ 584.079482][T13830] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 584.079508][T13830] ? __ldsem_down_write_nested+0xfd/0x830 [ 584.079530][T13830] ? __ldsem_down_write_nested+0x10e/0x830 [ 584.079551][T13830] ? is_console_locked+0x9/0x20 [ 584.079579][T13830] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 584.079604][T13830] ? n_tty_open+0x1a/0x170 [ 584.079624][T13830] __vmalloc_node_noprof+0xad/0xf0 [ 584.079649][T13830] ? n_tty_open+0x1a/0x170 [ 584.079671][T13830] ? __pfx_n_tty_open+0x10/0x10 [ 584.079692][T13830] n_tty_open+0x1a/0x170 [ 584.079713][T13830] tty_ldisc_open+0xa2/0x120 [ 584.079741][T13830] tty_ldisc_setup+0x40/0xf0 [ 584.079770][T13830] tty_init_dev.part.0+0x1b5/0x470 [ 584.079792][T13830] tty_open+0xa63/0xfa0 [ 584.079815][T13830] ? __pfx_tty_open+0x10/0x10 [ 584.079833][T13830] ? chrdev_open+0x10b/0x6a0 [ 584.079853][T13830] ? chrdev_open+0x10b/0x6a0 [ 584.079877][T13830] ? __pfx_tty_open+0x10/0x10 [ 584.079895][T13830] chrdev_open+0x234/0x6a0 [ 584.079915][T13830] ? __pfx_apparmor_file_open+0x10/0x10 [ 584.079937][T13830] ? __pfx_chrdev_open+0x10/0x10 [ 584.079960][T13830] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 584.079987][T13830] do_dentry_open+0x6d8/0x1660 [ 584.080007][T13830] ? __pfx_chrdev_open+0x10/0x10 [ 584.080034][T13830] vfs_open+0x82/0x3f0 [ 584.080062][T13830] path_openat+0x208c/0x31a0 [ 584.080091][T13830] ? __pfx_path_openat+0x10/0x10 [ 584.080121][T13830] do_file_open+0x20e/0x430 [ 584.080144][T13830] ? __pfx_do_file_open+0x10/0x10 [ 584.080182][T13830] ? alloc_fd+0x476/0x790 [ 584.080205][T13830] ? do_getname+0x191/0x390 [ 584.080232][T13830] do_sys_openat2+0x10d/0x1e0 [ 584.080265][T13830] ? __pfx_do_sys_openat2+0x10/0x10 [ 584.080300][T13830] __x64_sys_openat+0x12d/0x210 [ 584.080328][T13830] ? __pfx___x64_sys_openat+0x10/0x10 [ 584.080364][T13830] do_syscall_64+0x106/0xf80 [ 584.080382][T13830] ? clear_bhb_loop+0x40/0x90 [ 584.080406][T13830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 584.080426][T13830] RIP: 0033:0x7fb599d9c819 [ 584.080443][T13830] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 584.080462][T13830] RSP: 002b:00007fb59ac00028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 584.080480][T13830] RAX: ffffffffffffffda RBX: 00007fb59a015fa0 RCX: 00007fb599d9c819 [ 584.080492][T13830] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 584.080504][T13830] RBP: 00007fb599e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 584.080515][T13830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 584.080526][T13830] R13: 00007fb59a016038 R14: 00007fb59a015fa0 R15: 00007ffd7defbd18 [ 584.080550][T13830] [ 584.080557][T13830] Mem-Info: [ 584.895600][T13851] FAULT_INJECTION: forcing a failure. [ 584.895600][T13851] name failslab, interval 1, probability 0, space 0, times 0 [ 584.968120][T13851] CPU: 0 UID: 0 PID: 13851 Comm: syz.2.1934 Tainted: G U L syzkaller #0 PREEMPT(full) [ 584.968155][T13851] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 584.968163][T13851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 584.968173][T13851] Call Trace: [ 584.968180][T13851] [ 584.968189][T13851] dump_stack_lvl+0x100/0x190 [ 584.968221][T13851] should_fail_ex.cold+0x5/0xa [ 584.968243][T13851] should_failslab+0xc2/0x120 [ 584.968265][T13851] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 584.968303][T13851] ? __d_alloc+0x34/0xa80 [ 584.968324][T13851] ? lockdep_init_map_type+0x5c/0x250 [ 584.968354][T13851] __d_alloc+0x34/0xa80 [ 584.968378][T13851] d_alloc_pseudo+0x1c/0xc0 [ 584.968406][T13851] alloc_file_pseudo+0xcf/0x230 [ 584.968432][T13851] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 584.968458][T13851] ? alloc_fd+0x476/0x790 [ 584.968480][T13851] sock_alloc_file+0x50/0x210 [ 584.968500][T13851] __sys_socket+0x1c0/0x260 [ 584.968523][T13851] ? exc_page_fault+0x6f/0xd0 [ 584.968541][T13851] ? __pfx___sys_socket+0x10/0x10 [ 584.968567][T13851] ? do_user_addr_fault+0x8d6/0x12f0 [ 584.968589][T13851] __x64_sys_socket+0x72/0xb0 [ 584.968612][T13851] ? lockdep_hardirqs_on+0x78/0x100 [ 584.968631][T13851] do_syscall_64+0x106/0xf80 [ 584.968649][T13851] ? clear_bhb_loop+0x40/0x90 [ 584.968672][T13851] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 584.968691][T13851] RIP: 0033:0x7f594139e087 [ 584.968707][T13851] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 584.968726][T13851] RSP: 002b:00007f5942298f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 584.968744][T13851] RAX: ffffffffffffffda RBX: 00007f5941615fa0 RCX: 00007f594139e087 [ 584.968756][T13851] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 584.968767][T13851] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 584.968778][T13851] R10: 0000200000001940 R11: 0000000000000286 R12: 0000000000000000 [ 584.968789][T13851] R13: 00007f5941616038 R14: 00007f5941615fa0 R15: 00007fffa66393d8 [ 584.968812][T13851] [ 585.714414][T13830] active_anon:41581 inactive_anon:8860 isolated_anon:0 [ 585.714414][T13830] active_file:7652 inactive_file:53313 isolated_file:0 [ 585.714414][T13830] unevictable:768 dirty:824 writeback:0 [ 585.714414][T13830] slab_reclaimable:13115 slab_unreclaimable:96616 [ 585.714414][T13830] mapped:43469 shmem:28325 pagetables:2144 [ 585.714414][T13830] sec_pagetables:0 bounce:0 [ 585.714414][T13830] kernel_misc_reclaimable:0 [ 585.714414][T13830] free:1273015 free_pcp:3628 free_cma:0 [ 585.848043][T13857] vivid-007: ================= START STATUS ================= [ 585.864910][T13857] vivid-007: Generate PTS: true [ 585.896468][T13857] vivid-007: Generate SCR: true [ 585.920867][T13857] tpg source WxH: 320x240 (Y'CbCr) [ 585.950624][T13857] tpg field: 1 [ 585.954198][T13857] tpg crop: (0,0)/320x240 [ 585.965705][T13830] Node 0 active_anon:169964kB inactive_anon:35440kB active_file:31284kB inactive_file:212972kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:183676kB dirty:3212kB writeback:0kB shmem:115352kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11744kB pagetables:8204kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 586.036033][T13857] tpg compose: (0,0)/320x240 [ 586.084841][T13857] tpg colorspace: 8 [ 586.098654][T13857] tpg transfer function: 0/0 [ 586.140341][T13830] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:280kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:80kB dirty:84kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 586.217102][T13857] tpg Y'CbCr encoding: 0/0 [ 586.221568][T13857] tpg quantization: 0/0 [ 586.309639][T13830] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 586.344085][T13857] tpg RGB range: 0/2 [ 586.355695][T13857] vivid-007: ================== END STATUS ================== [ 586.466378][T13830] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 586.506415][T13830] Node 0 DMA32 free:1124076kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:181748kB inactive_anon:35440kB active_file:31324kB inactive_file:212972kB unevictable:1536kB writepending:3224kB zspages:744kB present:3129332kB managed:2537292kB mlocked:0kB bounce:0kB free_pcp:13504kB local_pcp:13504kB free_cma:0kB [ 586.728234][T13830] lowmem_reserve[]: 0 0 1 1 1 [ 586.758090][T13830] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1056kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 586.954969][T13830] lowmem_reserve[]: 0 0 0 0 0 [ 586.978153][T13830] Node 1 Normal free:3934072kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:280kB unevictable:1536kB writepending:84kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:3452kB local_pcp:3452kB free_cma:0kB [ 587.189767][T13830] lowmem_reserve[]: 0 0 0 0 0 [ 587.218017][T13830] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 587.302616][T13830] Node 0 DMA32: 3706*4kB (UME) 2861*8kB (UME) 1858*16kB (UME) 293*32kB (UM) 203*64kB (UE) 667*128kB (UM) 448*256kB (UME) 279*512kB (UM) 134*1024kB (UME) 1*2048kB (U) 131*4096kB (UM) = 1108560kB [ 587.408808][T13830] Node 0 Normal: 2*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 587.489534][T13830] Node 1 Normal: 5*4kB (UM) 6*8kB (UM) 8*16kB (U) 11*32kB (UM) 8*64kB (UM) 5*128kB (UM) 3*256kB (U) 1*512kB (U) 3*1024kB (UM) 0*2048kB 959*4096kB (M) = 3934116kB [ 587.585930][T13830] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 587.637286][T13830] Node 0 hugepages_total=4 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 587.685405][T13830] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 587.731144][T13830] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 587.796812][T13830] 96970 total pagecache pages [ 587.819371][T13830] 31 pages in swap cache [ 587.853161][T13830] Free swap = 116100kB [ 587.866007][T13830] Total swap = 124996kB [ 587.895721][T13830] 2097051 pages RAM [ 587.912153][T13830] 0 pages HighMem/MovableOnly [ 587.947830][T13830] 430849 pages reserved [ 587.965799][T13830] 0 pages cma reserved [ 587.985792][T13830] tty tty16: ldisc open failed (-12), clearing slot 15 [ 588.702695][T13873] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 589.727220][T13892] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1941'. [ 590.645725][T13914] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1946'. [ 590.777564][T13914] veth1_macvtap: left promiscuous mode [ 591.697328][T13908] netlink: 792 bytes leftover after parsing attributes in process `syz.1.1944'. [ 591.751227][T13929] snd_virmidi snd_virmidi.0: control 61678:131081:3:y:0 is already present [ 592.058620][T13932] netlink: 4394 bytes leftover after parsing attributes in process `syz.0.1950'. [ 592.058849][T13935] netlink: 4394 bytes leftover after parsing attributes in process `syz.0.1950'. [ 592.342347][ T30] audit: type=1800 audit(4294969841.571:50): pid=13940 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1951" name="dbroot" dev="configfs" ino=53370 res=0 errno=0 [ 592.670729][T13947] random: crng reseeded on system resumption [ 593.081121][T13948] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1953'. [ 593.702936][T13957] FAULT_INJECTION: forcing a failure. [ 593.702936][T13957] name failslab, interval 1, probability 0, space 0, times 0 [ 593.799452][T13957] CPU: 0 UID: 0 PID: 13957 Comm: syz.2.1955 Tainted: G U L syzkaller #0 PREEMPT(full) [ 593.799488][T13957] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 593.799495][T13957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 593.799506][T13957] Call Trace: [ 593.799513][T13957] [ 593.799521][T13957] dump_stack_lvl+0x100/0x190 [ 593.799554][T13957] should_fail_ex.cold+0x5/0xa [ 593.799577][T13957] should_failslab+0xc2/0x120 [ 593.799599][T13957] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 593.799631][T13957] ? alloc_vmap_area+0x640/0x2bd0 [ 593.799657][T13957] alloc_vmap_area+0x640/0x2bd0 [ 593.799687][T13957] ? __pfx_alloc_vmap_area+0x10/0x10 [ 593.799714][T13957] __get_vm_area_node+0x1ca/0x330 [ 593.799742][T13957] __vmalloc_node_range_noprof+0x213/0x1530 [ 593.799768][T13957] ? n_tty_open+0x1a/0x170 [ 593.799790][T13957] ? look_up_lock_class+0x64/0x120 [ 593.799812][T13957] ? n_tty_open+0x1a/0x170 [ 593.799839][T13957] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 593.799865][T13957] ? __ldsem_down_write_nested+0xfd/0x830 [ 593.799886][T13957] ? __ldsem_down_write_nested+0x10e/0x830 [ 593.799906][T13957] ? is_console_locked+0x9/0x20 [ 593.799935][T13957] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 593.799960][T13957] ? n_tty_open+0x1a/0x170 [ 593.799980][T13957] __vmalloc_node_noprof+0xad/0xf0 [ 593.800004][T13957] ? n_tty_open+0x1a/0x170 [ 593.800024][T13957] ? __pfx_n_tty_open+0x10/0x10 [ 593.800045][T13957] n_tty_open+0x1a/0x170 [ 593.800065][T13957] tty_ldisc_open+0xa2/0x120 [ 593.800093][T13957] tty_ldisc_setup+0x40/0xf0 [ 593.800121][T13957] tty_init_dev.part.0+0x1b5/0x470 [ 593.800143][T13957] tty_open+0xa63/0xfa0 [ 593.800165][T13957] ? __pfx_tty_open+0x10/0x10 [ 593.800191][T13957] ? chrdev_open+0x10b/0x6a0 [ 593.800210][T13957] ? chrdev_open+0x10b/0x6a0 [ 593.800234][T13957] ? __pfx_tty_open+0x10/0x10 [ 593.800252][T13957] chrdev_open+0x234/0x6a0 [ 593.800273][T13957] ? __pfx_apparmor_file_open+0x10/0x10 [ 593.800295][T13957] ? __pfx_chrdev_open+0x10/0x10 [ 593.800317][T13957] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 593.800343][T13957] do_dentry_open+0x6d8/0x1660 [ 593.800363][T13957] ? __pfx_chrdev_open+0x10/0x10 [ 593.800389][T13957] vfs_open+0x82/0x3f0 [ 593.800417][T13957] path_openat+0x208c/0x31a0 [ 593.800446][T13957] ? __pfx_path_openat+0x10/0x10 [ 593.800475][T13957] do_file_open+0x20e/0x430 [ 593.800498][T13957] ? __pfx_do_file_open+0x10/0x10 [ 593.800536][T13957] ? alloc_fd+0x476/0x790 [ 593.800558][T13957] ? do_getname+0x191/0x390 [ 593.800584][T13957] do_sys_openat2+0x10d/0x1e0 [ 593.800610][T13957] ? __pfx_do_sys_openat2+0x10/0x10 [ 593.800645][T13957] __x64_sys_openat+0x12d/0x210 [ 593.800671][T13957] ? __pfx___x64_sys_openat+0x10/0x10 [ 593.800707][T13957] do_syscall_64+0x106/0xf80 [ 593.800725][T13957] ? clear_bhb_loop+0x40/0x90 [ 593.800748][T13957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.800768][T13957] RIP: 0033:0x7f594139c819 [ 593.800784][T13957] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 593.800802][T13957] RSP: 002b:00007f594229a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 593.800822][T13957] RAX: ffffffffffffffda RBX: 00007f5941615fa0 RCX: 00007f594139c819 [ 593.800834][T13957] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 593.800846][T13957] RBP: 00007f5941432c91 R08: 0000000000000000 R09: 0000000000000000 [ 593.800857][T13957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 593.800868][T13957] R13: 00007f5941616038 R14: 00007f5941615fa0 R15: 00007fffa66393d8 [ 593.800892][T13957] [ 593.800916][T13957] syz.2.1955: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 593.801007][T13957] CPU: 0 UID: 0 PID: 13957 Comm: syz.2.1955 Tainted: G U L syzkaller #0 PREEMPT(full) [ 593.801035][T13957] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 593.801042][T13957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 593.801054][T13957] Call Trace: [ 593.801060][T13957] [ 593.801067][T13957] dump_stack_lvl+0x100/0x190 [ 593.801096][T13957] warn_alloc.cold+0x95/0x1c1 [ 593.801129][T13957] ? __pfx_warn_alloc+0x10/0x10 [ 593.801155][T13957] ? lockdep_hardirqs_on+0x78/0x100 [ 593.801182][T13957] ? __get_vm_area_node+0x2c5/0x330 [ 593.801211][T13957] ? __get_vm_area_node+0x208/0x330 [ 593.801238][T13957] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 593.801265][T13957] ? look_up_lock_class+0x64/0x120 [ 593.801287][T13957] ? n_tty_open+0x1a/0x170 [ 593.801314][T13957] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 593.801340][T13957] ? __ldsem_down_write_nested+0xfd/0x830 [ 593.801362][T13957] ? __ldsem_down_write_nested+0x10e/0x830 [ 593.801383][T13957] ? is_console_locked+0x9/0x20 [ 593.801411][T13957] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 593.801435][T13957] ? n_tty_open+0x1a/0x170 [ 593.801454][T13957] __vmalloc_node_noprof+0xad/0xf0 [ 593.801478][T13957] ? n_tty_open+0x1a/0x170 [ 593.801498][T13957] ? __pfx_n_tty_open+0x10/0x10 [ 593.801518][T13957] n_tty_open+0x1a/0x170 [ 593.801539][T13957] tty_ldisc_open+0xa2/0x120 [ 593.801565][T13957] tty_ldisc_setup+0x40/0xf0 [ 593.801593][T13957] tty_init_dev.part.0+0x1b5/0x470 [ 593.801615][T13957] tty_open+0xa63/0xfa0 [ 593.801637][T13957] ? __pfx_tty_open+0x10/0x10 [ 593.801654][T13957] ? chrdev_open+0x10b/0x6a0 [ 593.801673][T13957] ? chrdev_open+0x10b/0x6a0 [ 593.801696][T13957] ? __pfx_tty_open+0x10/0x10 [ 593.801713][T13957] chrdev_open+0x234/0x6a0 [ 593.801733][T13957] ? __pfx_apparmor_file_open+0x10/0x10 [ 593.801754][T13957] ? __pfx_chrdev_open+0x10/0x10 [ 593.801776][T13957] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 593.801802][T13957] do_dentry_open+0x6d8/0x1660 [ 593.801821][T13957] ? __pfx_chrdev_open+0x10/0x10 [ 593.801847][T13957] vfs_open+0x82/0x3f0 [ 593.801874][T13957] path_openat+0x208c/0x31a0 [ 593.801902][T13957] ? __pfx_path_openat+0x10/0x10 [ 593.801931][T13957] do_file_open+0x20e/0x430 [ 593.801954][T13957] ? __pfx_do_file_open+0x10/0x10 [ 593.801990][T13957] ? alloc_fd+0x476/0x790 [ 593.802012][T13957] ? do_getname+0x191/0x390 [ 593.802039][T13957] do_sys_openat2+0x10d/0x1e0 [ 593.802065][T13957] ? __pfx_do_sys_openat2+0x10/0x10 [ 593.802100][T13957] __x64_sys_openat+0x12d/0x210 [ 593.802126][T13957] ? __pfx___x64_sys_openat+0x10/0x10 [ 593.802161][T13957] do_syscall_64+0x106/0xf80 [ 593.802185][T13957] ? clear_bhb_loop+0x40/0x90 [ 593.802208][T13957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.802227][T13957] RIP: 0033:0x7f594139c819 [ 593.802241][T13957] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 593.802258][T13957] RSP: 002b:00007f594229a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 593.802274][T13957] RAX: ffffffffffffffda RBX: 00007f5941615fa0 RCX: 00007f594139c819 [ 593.802285][T13957] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 593.802296][T13957] RBP: 00007f5941432c91 R08: 0000000000000000 R09: 0000000000000000 [ 593.802307][T13957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 593.802318][T13957] R13: 00007f5941616038 R14: 00007f5941615fa0 R15: 00007fffa66393d8 [ 593.802341][T13957] [ 593.802348][T13957] Mem-Info: [ 593.802357][T13957] active_anon:23825 inactive_anon:8867 isolated_anon:0 [ 593.802357][T13957] active_file:7831 inactive_file:53306 isolated_file:0 [ 593.802357][T13957] unevictable:779 dirty:845 writeback:0 [ 593.802357][T13957] slab_reclaimable:14711 slab_unreclaimable:96790 [ 593.802357][T13957] mapped:30190 shmem:11180 pagetables:2046 [ 593.802357][T13957] sec_pagetables:0 bounce:0 [ 593.802357][T13957] kernel_misc_reclaimable:0 [ 593.802357][T13957] free:1278968 free_pcp:12508 free_cma:0 [ 593.802403][T13957] Node 0 active_anon:95300kB inactive_anon:35468kB active_file:31324kB inactive_file:212944kB unevictable:1580kB isolated(anon):0kB isolated(file):0kB mapped:120680kB dirty:3296kB writeback:0kB shmem:43184kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12000kB pagetables:8020kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 593.802448][T13957] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:280kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:80kB dirty:84kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 593.802493][T13957] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 593.802546][T13957] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 593.802587][T13957] Node 0 DMA32 free:1166428kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:95300kB inactive_anon:35468kB active_file:31324kB inactive_file:212944kB unevictable:1580kB writepending:3296kB zspages:744kB present:3129332kB managed:2537292kB mlocked:44kB bounce:0kB free_pcp:46584kB local_pcp:46584kB free_cma:0kB [ 593.802644][T13957] lowmem_reserve[]: 0 0 1 1 1 [ 593.802683][T13957] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1056kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 593.802735][T13957] lowmem_reserve[]: 0 0 0 0 0 [ 593.802772][T13957] Node 1 Normal free:3934076kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:280kB unevictable:1536kB writepending:84kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:3448kB local_pcp:3448kB free_cma:0kB [ 593.802825][T13957] lowmem_reserve[]: 0 0 0 0 0 [ 593.802862][T13957] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 593.802980][T13957] Node 0 DMA32: 9135*4kB (UME) 4322*8kB (UME) 2263*16kB (UME) 690*32kB (UME) 335*64kB (UM) 666*128kB (UM) 448*256kB (UME) 279*512kB (UM) 133*1024kB (UM) 2*2048kB (UM) 130*4096kB (UM) = 1166396kB [ 593.803146][T13957] Node 0 Normal: 2*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 593.803258][T13957] Node 1 Normal: 4*4kB (U) 7*8kB (UM) 10*16kB (UM) 2*32kB (U) 8*64kB (UM) 5*128kB (UM) 4*256kB (UM) 1*512kB (U) 3*1024kB (UM) 0*2048kB 959*4096kB (M) = 3934120kB [ 593.803414][T13957] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 593.803429][T13957] Node 0 hugepages_total=4 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 593.803444][T13957] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 593.803459][T13957] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 593.803474][T13957] 72369 total pagecache pages [ 593.803482][T13957] 56 pages in swap cache [ 593.803490][T13957] Free swap = 115144kB [ 593.803497][T13957] Total swap = 124996kB [ 593.803506][T13957] 2097051 pages RAM [ 593.803513][T13957] 0 pages HighMem/MovableOnly [ 593.803522][T13957] 430849 pages reserved [ 593.803529][T13957] 0 pages cma reserved [ 593.803541][T13957] tty tty16: ldisc open failed (-12), clearing slot 15 [ 596.070484][T13969] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(8.16.0), cmd(12) [ 597.102694][T13973] ptp: physical clock is free running [ 597.459944][T13976] can: request_module (can-proto-4) failed. [ 599.518105][ T30] audit: type=1800 audit(4294969848.738:51): pid=13987 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1964" name="dbroot" dev="configfs" ino=59390 res=0 errno=0 [ 599.746466][T13987] random: crng reseeded on system resumption [ 600.273831][T13983] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78400 [ 600.391013][T13983] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 600.493081][T13983] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 600.549445][T13983] page_type: f5(slab) [ 600.577957][T13983] raw: 00fff00000000040 ffff88813fe3a140 dead000000000100 dead000000000122 [ 600.652344][T13983] raw: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 600.712563][T13983] head: 00fff00000000040 ffff88813fe3a140 dead000000000100 dead000000000122 [ 600.813183][T13983] head: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 600.864509][T13983] head: 00fff00000000003 ffffea0001e10001 00000000ffffffff 00000000ffffffff [ 600.929885][T13983] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 600.983398][T13983] page dumped because: unmovable page [ 601.042513][T13983] page_owner tracks the page as allocated [ 601.074192][T13983] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 12, tgid 12 (kworker/u8:0), ts 140572147441, free_ts 140554756714 [ 601.212120][T13983] post_alloc_hook+0x153/0x170 [ 601.247718][T13983] get_page_from_freelist+0x111d/0x3140 [ 601.274309][T13983] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 601.313250][T13983] new_slab+0xa6/0x6b0 [ 601.317418][T13983] refill_objects+0x26b/0x400 [ 601.392204][T13983] __pcs_replace_empty_main+0x1ab/0x660 [ 601.397822][T13983] __kmalloc_node_track_caller_noprof+0x694/0x850 [ 601.482656][T13983] kmalloc_reserve+0xe8/0x350 [ 601.487410][T13983] __alloc_skb+0x185/0x710 [ 601.491859][T13983] nsim_dev_trap_report_work+0x2af/0xd10 [ 601.569633][T13983] process_one_work+0xa23/0x19a0 [ 601.592427][T13983] worker_thread+0x5ef/0xe50 [ 601.597285][T13983] kthread+0x370/0x450 [ 601.661264][T13983] ret_from_fork+0x754/0xd80 [ 601.682785][T13983] ret_from_fork_asm+0x1a/0x30 [ 601.722672][T13983] page last free pid 0 tgid 0 stack trace: [ 601.751355][T13983] __free_frozen_pages+0x7e1/0x10d0 [ 601.794598][T13983] __folio_put+0x3b4/0x540 [ 601.799079][T13983] page_to_skb+0x84e/0xc40 [ 601.882681][T13983] receive_buf+0x85b/0x4670 [ 601.887262][T13983] virtnet_poll+0x1cec/0x3a20 [ 601.943994][T13983] __napi_poll.constprop.0+0xaf/0x450 [ 601.982599][T13983] net_rx_action+0xa40/0xf20 [ 601.987291][T13983] handle_softirqs+0x1eb/0x9e0 [ 602.038787][T13983] __irq_exit_rcu+0xef/0x150 [ 602.080410][T13983] irq_exit_rcu+0x9/0x30 [ 602.102655][T13983] common_interrupt+0xbe/0xe0 [ 602.107414][T13983] asm_common_interrupt+0x26/0x40 [ 602.924499][T14027] FAULT_INJECTION: forcing a failure. [ 602.924499][T14027] name failslab, interval 1, probability 0, space 0, times 0 [ 603.015101][T14027] CPU: 0 UID: 0 PID: 14027 Comm: syz.0.1976 Tainted: G U L syzkaller #0 PREEMPT(full) [ 603.015136][T14027] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 603.015144][T14027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 603.015155][T14027] Call Trace: [ 603.015162][T14027] [ 603.015170][T14027] dump_stack_lvl+0x100/0x190 [ 603.015203][T14027] should_fail_ex.cold+0x5/0xa [ 603.015226][T14027] should_failslab+0xc2/0x120 [ 603.015248][T14027] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 603.015277][T14027] ? fcntl_setlk+0xaa/0xe40 [ 603.015298][T14027] ? __lock_acquire+0x4a5/0x2630 [ 603.015327][T14027] fcntl_setlk+0xaa/0xe40 [ 603.015350][T14027] ? __pfx_fcntl_setlk+0x10/0x10 [ 603.015382][T14027] ? find_held_lock+0x2b/0x80 [ 603.015404][T14027] ? __might_fault+0xc5/0x140 [ 603.015432][T14027] ? __might_fault+0xc5/0x140 [ 603.015467][T14027] do_fcntl+0xf39/0x1670 [ 603.015494][T14027] ? __pfx_do_fcntl+0x10/0x10 [ 603.015520][T14027] ? __x64_sys_futex+0x34f/0x4d0 [ 603.015546][T14027] ? __x64_sys_futex+0x358/0x4d0 [ 603.015573][T14027] ? xfd_validate_state+0x129/0x190 [ 603.015601][T14027] ? tomoyo_file_fcntl+0x6c/0xc0 [ 603.015622][T14027] __x64_sys_fcntl+0x163/0x200 [ 603.015650][T14027] do_syscall_64+0x106/0xf80 [ 603.015669][T14027] ? clear_bhb_loop+0x40/0x90 [ 603.015692][T14027] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 603.015711][T14027] RIP: 0033:0x7fb599d9c819 [ 603.015727][T14027] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 603.015745][T14027] RSP: 002b:00007fb59ac00028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 603.015764][T14027] RAX: ffffffffffffffda RBX: 00007fb59a015fa0 RCX: 00007fb599d9c819 [ 603.015776][T14027] RDX: 0000000000000004 RSI: 0000000000000026 RDI: 0000000000000004 [ 603.015787][T14027] RBP: 00007fb599e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 603.015797][T14027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 603.015809][T14027] R13: 00007fb59a016038 R14: 00007fb59a015fa0 R15: 00007ffd7defbd18 [ 603.015832][T14027] [ 605.210427][T14057] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1985'. [ 605.441159][T14061] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1988'. [ 609.049611][T14123] loop6: detected capacity change from 0 to 8 [ 609.855087][ T30] audit: type=1800 audit(4294969859.063:52): pid=14130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2008" name="features" dev="configfs" ino=65419 res=0 errno=0 [ 612.139901][T14168] usbip-vudc usbip-vudc.0: gadget not bound [ 613.193307][T14197] ptp: physical clock is free running [ 613.729989][T14205] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 613.736056][T14205] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 613.841112][T14205] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 613.897755][T14205] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 614.553946][T14225] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2028'. [ 614.950259][T14235] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2028'. [ 615.185799][T14247] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2032'. [ 615.565970][T14256] FAULT_INJECTION: forcing a failure. [ 615.565970][T14256] name failslab, interval 1, probability 0, space 0, times 0 [ 615.651472][T14256] CPU: 0 UID: 0 PID: 14256 Comm: syz.2.2035 Tainted: G U L syzkaller #0 PREEMPT(full) [ 615.651507][T14256] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 615.651514][T14256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 615.651525][T14256] Call Trace: [ 615.651532][T14256] [ 615.651539][T14256] dump_stack_lvl+0x100/0x190 [ 615.651573][T14256] should_fail_ex.cold+0x5/0xa [ 615.651596][T14256] should_failslab+0xc2/0x120 [ 615.651618][T14256] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 615.651650][T14256] ? __alloc_skb+0x140/0x710 [ 615.651679][T14256] ? unwind_get_return_address+0x59/0xa0 [ 615.651705][T14256] __alloc_skb+0x140/0x710 [ 615.651734][T14256] ? __pfx___alloc_skb+0x10/0x10 [ 615.651769][T14256] tipc_buf_acquire+0x26/0xe0 [ 615.651798][T14256] tipc_msg_build+0x112/0x1100 [ 615.651832][T14256] ? __pfx_tipc_msg_build+0x10/0x10 [ 615.651871][T14256] tipc_send_group_bcast+0x736/0xa20 [ 615.651900][T14256] ? __pfx_tipc_send_group_bcast+0x10/0x10 [ 615.651925][T14256] ? __pfx_woken_wake_function+0x10/0x10 [ 615.651959][T14256] ? aa_label_sk_perm+0x194/0x5f0 [ 615.652004][T14256] __tipc_sendmsg+0x4a3/0x1ae0 [ 615.652035][T14256] ? __pfx___tipc_sendmsg+0x10/0x10 [ 615.652060][T14256] ? __lock_acquire+0x4a5/0x2630 [ 615.652085][T14256] ? __lock_acquire+0x4a5/0x2630 [ 615.652111][T14256] ? __lock_acquire+0x4a5/0x2630 [ 615.652150][T14256] ? __local_bh_enable_ip+0x9e/0x120 [ 615.652174][T14256] tipc_sendmsg+0x4f/0x70 [ 615.652200][T14256] ____sys_sendmsg+0x9e1/0xb70 [ 615.652227][T14256] ? __pfx_tipc_sendmsg+0x10/0x10 [ 615.652254][T14256] ? __pfx_____sys_sendmsg+0x10/0x10 [ 615.652281][T14256] ? __pfx__kstrtoull+0x10/0x10 [ 615.652316][T14256] ___sys_sendmsg+0x190/0x1e0 [ 615.652342][T14256] ? __pfx____sys_sendmsg+0x10/0x10 [ 615.652378][T14256] ? find_held_lock+0x2b/0x80 [ 615.652411][T14256] __sys_sendmmsg+0x205/0x430 [ 615.652432][T14256] ? __pfx___sys_sendmmsg+0x10/0x10 [ 615.652457][T14256] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 615.652488][T14256] ? fput+0x79/0x100 [ 615.652511][T14256] ? ksys_write+0x1ac/0x250 [ 615.652530][T14256] ? __pfx_ksys_write+0x10/0x10 [ 615.652553][T14256] __x64_sys_sendmmsg+0x9c/0x100 [ 615.652570][T14256] ? lockdep_hardirqs_on+0x78/0x100 [ 615.652589][T14256] do_syscall_64+0x106/0xf80 [ 615.652608][T14256] ? clear_bhb_loop+0x40/0x90 [ 615.652631][T14256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.652651][T14256] RIP: 0033:0x7f594139c819 [ 615.652668][T14256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 615.652687][T14256] RSP: 002b:00007f5942279028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 615.652707][T14256] RAX: ffffffffffffffda RBX: 00007f5941616090 RCX: 00007f594139c819 [ 615.652719][T14256] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 615.652730][T14256] RBP: 00007f5942279090 R08: 0000000000000000 R09: 0000000000000000 [ 615.652742][T14256] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000001 [ 615.652753][T14256] R13: 00007f5941616128 R14: 00007f5941616090 R15: 00007fffa66393d8 [ 615.652777][T14256] [ 616.743118][T11112] Bluetooth: hci1: command 0x0c1a tx timeout [ 616.749568][T11112] Bluetooth: hci0: command 0x0c1a tx timeout [ 616.755751][T11112] Bluetooth: hci2: command 0x0c1a tx timeout [ 616.761800][T11112] Bluetooth: hci3: command 0x0c1a tx timeout [ 618.608400][T14280] mtrr: base(0x1000) is not aligned on a size(0x0000) boundary [ 619.360707][ T30] audit: type=1800 audit(4294969868.568:53): pid=14295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2047" name="dbroot" dev="configfs" ino=71881 res=0 errno=0 [ 619.456497][T14298] random: crng reseeded on system resumption [ 619.744271][T14302] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 619.750701][T14302] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 619.972921][T12689] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 620.139674][T14306] FAULT_INJECTION: forcing a failure. [ 620.139674][T14306] name failslab, interval 1, probability 0, space 0, times 0 [ 620.254488][T14309] FAULT_INJECTION: forcing a failure. [ 620.254488][T14309] name fail_futex, interval 1, probability 0, space 0, times 0 [ 620.375375][T14306] CPU: 0 UID: 0 PID: 14306 Comm: syz.2.2050 Tainted: G U L syzkaller #0 PREEMPT(full) [ 620.375410][T14306] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 620.375418][T14306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 620.375429][T14306] Call Trace: [ 620.375435][T14306] [ 620.375443][T14306] dump_stack_lvl+0x100/0x190 [ 620.375476][T14306] should_fail_ex.cold+0x5/0xa [ 620.375499][T14306] should_failslab+0xc2/0x120 [ 620.375521][T14306] __kmalloc_cache_noprof+0x7a/0x6f0 [ 620.375547][T14306] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 620.375578][T14306] snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 620.375607][T14306] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 620.375634][T14306] ? calc_src_frames.isra.0+0x17c/0x1c0 [ 620.375659][T14306] ? calc_dst_frames.constprop.0.isra.0+0xed/0x120 [ 620.375691][T14306] snd_pcm_oss_change_params_locked+0x18d9/0x39f0 [ 620.375727][T14306] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 620.375753][T14306] ? __pfx___mutex_lock+0x10/0x10 [ 620.375789][T14306] snd_pcm_oss_make_ready+0xeb/0x1b0 [ 620.375816][T14306] snd_pcm_oss_set_trigger.isra.0+0x32/0x6c0 [ 620.375846][T14306] snd_pcm_oss_ioctl+0x1fb9/0x3720 [ 620.375872][T14306] ? find_held_lock+0x2b/0x80 [ 620.375890][T14306] ? __fget_files+0x215/0x3d0 [ 620.375908][T14306] ? hook_file_ioctl_common+0x146/0x410 [ 620.375933][T14306] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 620.375971][T14306] ? __fget_files+0x21f/0x3d0 [ 620.375994][T14306] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 620.376021][T14306] __x64_sys_ioctl+0x18e/0x210 [ 620.376052][T14306] do_syscall_64+0x106/0xf80 [ 620.376070][T14306] ? clear_bhb_loop+0x40/0x90 [ 620.376098][T14306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.376117][T14306] RIP: 0033:0x7f594139c819 [ 620.376135][T14306] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 620.376153][T14306] RSP: 002b:00007f594229a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 620.376172][T14306] RAX: ffffffffffffffda RBX: 00007f5941615fa0 RCX: 00007f594139c819 [ 620.376184][T14306] RDX: 0000000000000000 RSI: 0000000040045010 RDI: 0000000000000003 [ 620.376195][T14306] RBP: 00007f5941432c91 R08: 0000000000000000 R09: 0000000000000000 [ 620.376207][T14306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 620.376217][T14306] R13: 00007f5941616038 R14: 00007f5941615fa0 R15: 00007fffa66393d8 [ 620.376243][T14306] [ 620.662540][T14309] CPU: 0 UID: 0 PID: 14309 Comm: syz.2.2050 Tainted: G U L syzkaller #0 PREEMPT(full) [ 620.662575][T14309] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 620.662583][T14309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 620.662595][T14309] Call Trace: [ 620.662601][T14309] [ 620.662609][T14309] dump_stack_lvl+0x100/0x190 [ 620.662644][T14309] should_fail_ex.cold+0x5/0xa [ 620.662667][T14309] get_futex_key+0x1d2/0x1620 [ 620.662695][T14309] ? __pfx_get_futex_key+0x10/0x10 [ 620.662726][T14309] futex_wait_setup+0x83/0x510 [ 620.662761][T14309] __futex_wait+0x19f/0x300 [ 620.662792][T14309] ? __pfx___futex_wait+0x10/0x10 [ 620.662824][T14309] ? __pfx_futex_wake_mark+0x10/0x10 [ 620.662857][T14309] ? find_held_lock+0x2b/0x80 [ 620.662876][T14309] ? futex_wake+0x456/0x530 [ 620.662909][T14309] futex_wait+0xed/0x380 [ 620.662938][T14309] ? __pfx_futex_wait+0x10/0x10 [ 620.662984][T14309] ? proc_id_connector+0x2ed/0x650 [ 620.663015][T14309] do_futex+0x1ef/0x350 [ 620.663042][T14309] ? __pfx_do_futex+0x10/0x10 [ 620.663073][T14309] __x64_sys_futex+0x34f/0x4d0 [ 620.663102][T14309] ? __pfx___x64_sys_futex+0x10/0x10 [ 620.663136][T14309] do_syscall_64+0x106/0xf80 [ 620.663155][T14309] ? clear_bhb_loop+0x40/0x90 [ 620.663177][T14309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.663196][T14309] RIP: 0033:0x7f594139c819 [ 620.663213][T14309] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 620.663231][T14309] RSP: 002b:00007f59422790e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 620.663250][T14309] RAX: ffffffffffffffda RBX: 00007f5941616098 RCX: 00007f594139c819 [ 620.663262][T14309] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5941616098 [ 620.663273][T14309] RBP: 00007f5941616090 R08: 0000000000000000 R09: 0000000000000000 [ 620.663284][T14309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 620.663295][T14309] R13: 00007f5941616128 R14: 00007fffa66392f0 R15: 00007fffa66393d8 [ 620.663317][T14309] [ 621.462540][ T30] audit: type=1800 audit(4294969870.627:54): pid=14332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2059" name="dbroot" dev="configfs" ino=72438 res=0 errno=0 [ 621.585530][T14332] ================================================================== [ 621.585547][T14332] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60 [ 621.585579][T14332] Read of size 26 at addr ffff888079228bea by task syz.2.2059/14332 [ 621.585596][T14332] [ 621.585608][T14332] CPU: 0 UID: 0 PID: 14332 Comm: syz.2.2059 Tainted: G U L syzkaller #0 PREEMPT(full) [ 621.585636][T14332] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 621.585644][T14332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 621.585655][T14332] Call Trace: [ 621.585662][T14332] [ 621.585670][T14332] dump_stack_lvl+0x100/0x190 [ 621.585699][T14332] print_report+0x156/0x4c9 [ 621.585724][T14332] ? __virt_addr_valid+0x81/0x620 [ 621.585749][T14332] ? __phys_addr+0xe8/0x180 [ 621.585773][T14332] ? fbcon_prepare_logo+0x94e/0xc60 [ 621.585794][T14332] kasan_report+0xdf/0x1e0 [ 621.585814][T14332] ? fbcon_prepare_logo+0x94e/0xc60 [ 621.585837][T14332] kasan_check_range+0x10f/0x1e0 [ 621.585860][T14332] __asan_memcpy+0x23/0x60 [ 621.585896][T14332] fbcon_prepare_logo+0x94e/0xc60 [ 621.585922][T14332] fbcon_init+0x10a0/0x1820 [ 621.585945][T14332] visual_init+0x320/0x620 [ 621.585969][T14332] do_bind_con_driver.isra.0+0x636/0x9c0 [ 621.586000][T14332] store_bind+0x609/0x730 [ 621.586029][T14332] ? __pfx_store_bind+0x10/0x10 [ 621.586054][T14332] dev_attr_store+0x58/0x80 [ 621.586077][T14332] ? __pfx_dev_attr_store+0x10/0x10 [ 621.586100][T14332] sysfs_kf_write+0xf2/0x150 [ 621.586126][T14332] kernfs_fop_write_iter+0x3e0/0x5f0 [ 621.586146][T14332] ? __pfx_sysfs_kf_write+0x10/0x10 [ 621.586171][T14332] do_iter_readv_writev+0x6ee/0x920 [ 621.586200][T14332] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 621.586232][T14332] vfs_writev+0x360/0xe10 [ 621.586259][T14332] ? rcu_is_watching+0x12/0xc0 [ 621.586302][T14332] ? __pfx_vfs_writev+0x10/0x10 [ 621.586330][T14332] ? fdget_pos+0x2aa/0x380 [ 621.586357][T14332] ? __fget_files+0x21f/0x3d0 [ 621.586378][T14332] ? do_writev+0x13e/0x340 [ 621.586394][T14332] do_writev+0x13e/0x340 [ 621.586410][T14332] ? __pfx_do_writev+0x10/0x10 [ 621.586428][T14332] do_syscall_64+0x106/0xf80 [ 621.586447][T14332] ? clear_bhb_loop+0x40/0x90 [ 621.586468][T14332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 621.586487][T14332] RIP: 0033:0x7f594139c819 [ 621.586502][T14332] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 621.586520][T14332] RSP: 002b:00007f594229a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 621.586538][T14332] RAX: ffffffffffffffda RBX: 00007f5941615fa0 RCX: 00007f594139c819 [ 621.586550][T14332] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 621.586562][T14332] RBP: 00007f5941432c91 R08: 0000000000000000 R09: 0000000000000000 [ 621.586573][T14332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 621.586584][T14332] R13: 00007f5941616038 R14: 00007f5941615fa0 R15: 00007fffa66393d8 [ 621.586601][T14332] [ 621.586609][T14332] [ 621.586613][T14332] Allocated by task 5827: [ 621.586623][T14332] kasan_save_stack+0x30/0x50 [ 621.586639][T14332] kasan_save_track+0x14/0x30 [ 621.586655][T14332] __kasan_kmalloc+0xaa/0xb0 [ 621.586669][T14332] __kmalloc_node_noprof+0x307/0x850 [ 621.586697][T14332] alloc_slab_obj_exts+0xae/0x260 [ 621.586720][T14332] __memcg_slab_post_alloc_hook+0x246/0x990 [ 621.586741][T14332] kmem_cache_alloc_noprof+0x58a/0x6e0 [ 621.586768][T14332] alloc_empty_file+0x55/0x1c0 [ 621.586790][T14332] alloc_file_pseudo+0x13a/0x230 [ 621.586812][T14332] sock_alloc_file+0x50/0x210 [ 621.586829][T14332] __sys_socket+0x1c0/0x260 [ 621.586851][T14332] __x64_sys_socket+0x72/0xb0 [ 621.586890][T14332] do_syscall_64+0x106/0xf80 [ 621.586907][T14332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 621.586925][T14332] [ 621.586929][T14332] The buggy address belongs to the object at ffff888079228b00 [ 621.586929][T14332] which belongs to the cache kmalloc-192 of size 192 [ 621.586945][T14332] The buggy address is located 90 bytes to the right of [ 621.586945][T14332] allocated 144-byte region [ffff888079228b00, ffff888079228b90) [ 621.586964][T14332] [ 621.586969][T14332] The buggy address belongs to the physical page: [ 621.586978][T14332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888079228800 pfn:0x79228 [ 621.586996][T14332] flags: 0xfff00000000200(workingset|node=0|zone=1|lastcpupid=0x7ff) [ 621.587013][T14332] page_type: f5(slab) [ 621.587029][T14332] raw: 00fff00000000200 ffff88813fe393c0 ffff88813fe38288 ffffea0000d9fb50 [ 621.587046][T14332] raw: ffff888079228800 000000080010000f 00000000f5000000 0000000000000000 [ 621.587057][T14332] page dumped because: kasan: bad access detected [ 621.587065][T14332] page_owner tracks the page as allocated [ 621.587072][T14332] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6006, tgid 6005 (syz.1.19), ts 97775230412, free_ts 97756044278 [ 621.587102][T14332] post_alloc_hook+0x153/0x170 [ 621.587126][T14332] get_page_from_freelist+0x111d/0x3140 [ 621.587153][T14332] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 621.587180][T14332] new_slab+0xa6/0x6b0 [ 621.587201][T14332] refill_objects+0x26b/0x400 [ 621.587225][T14332] __pcs_replace_empty_main+0x1ab/0x660 [ 621.587252][T14332] __kmalloc_node_noprof+0x69a/0x850 [ 621.587279][T14332] alloc_slab_obj_exts+0xae/0x260 [ 621.587302][T14332] __memcg_slab_post_alloc_hook+0x246/0x990 [ 621.587323][T14332] kmem_cache_alloc_lru_noprof+0x592/0x6e0 [ 621.587350][T14332] __d_alloc+0x34/0xa80 [ 621.587369][T14332] d_alloc_pseudo+0x1c/0xc0 [ 621.587393][T14332] alloc_file_pseudo+0xcf/0x230 [ 621.587415][T14332] sock_alloc_file+0x50/0x210 [ 621.587431][T14332] __sys_socketpair+0x321/0x5b0 [ 621.587453][T14332] __x64_sys_socketpair+0x96/0x100 [ 621.587475][T14332] page last free pid 13 tgid 13 stack trace: [ 621.587485][T14332] __free_frozen_pages+0x7e1/0x10d0 [ 621.587507][T14332] qlist_free_all+0x47/0xe0 [ 621.587533][T14332] kasan_quarantine_reduce+0x1a0/0x1f0 [ 621.587561][T14332] __kasan_slab_alloc+0x69/0x90 [ 621.587577][T14332] __kmalloc_noprof+0x2b9/0x850 [ 621.587603][T14332] unregister_netdevice_many_notify+0x903/0x2580 [ 621.587622][T14332] ops_undo_list+0x8ff/0xab0 [ 621.587638][T14332] cleanup_net+0x499/0x920 [ 621.587656][T14332] process_one_work+0xa23/0x19a0 [ 621.587681][T14332] worker_thread+0x5ef/0xe50 [ 621.587706][T14332] kthread+0x370/0x450 [ 621.587729][T14332] ret_from_fork+0x754/0xd80 [ 621.587754][T14332] ret_from_fork_asm+0x1a/0x30 [ 621.587773][T14332] [ 621.587778][T14332] Memory state around the buggy address: [ 621.587787][T14332] ffff888079228a80: 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc fc [ 621.587800][T14332] ffff888079228b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 621.587812][T14332] >ffff888079228b80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 621.587822][T14332] ^ [ 621.587832][T14332] ffff888079228c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 621.587845][T14332] ffff888079228c80: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 621.587856][T14332] ================================================================== [ 621.587866][T14332] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 621.587889][T14332] CPU: 0 UID: 0 PID: 14332 Comm: syz.2.2059 Tainted: G U L syzkaller #0 PREEMPT(full) [ 621.587917][T14332] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 621.587925][T14332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 621.587937][T14332] Call Trace: [ 621.587944][T14332] [ 621.587951][T14332] dump_stack_lvl+0x100/0x190 [ 621.587979][T14332] vpanic+0x552/0x970 [ 621.587997][T14332] ? __pfx_vpanic+0x10/0x10 [ 621.588015][T14332] ? __pfx_vprintk_emit+0x10/0x10 [ 621.588035][T14332] ? fbcon_prepare_logo+0x94e/0xc60 [ 621.588057][T14332] panic+0xd1/0xe0 [ 621.588074][T14332] ? __pfx_panic+0x10/0x10 [ 621.588094][T14332] ? fbcon_prepare_logo+0x94e/0xc60 [ 621.588117][T14332] check_panic_on_warn.cold+0x19/0x34 [ 621.588137][T14332] end_report.part.0+0x3a/0x90 [ 621.588162][T14332] kasan_report.cold+0xe/0x18 [ 621.588189][T14332] ? fbcon_prepare_logo+0x94e/0xc60 [ 621.588212][T14332] kasan_check_range+0x10f/0x1e0 [ 621.588237][T14332] __asan_memcpy+0x23/0x60 [ 621.588263][T14332] fbcon_prepare_logo+0x94e/0xc60 [ 621.588288][T14332] fbcon_init+0x10a0/0x1820 [ 621.588312][T14332] visual_init+0x320/0x620 [ 621.588335][T14332] do_bind_con_driver.isra.0+0x636/0x9c0 [ 621.588366][T14332] store_bind+0x609/0x730 [ 621.588394][T14332] ? __pfx_store_bind+0x10/0x10 [ 621.588420][T14332] dev_attr_store+0x58/0x80 [ 621.588443][T14332] ? __pfx_dev_attr_store+0x10/0x10 [ 621.588467][T14332] sysfs_kf_write+0xf2/0x150 [ 621.588492][T14332] kernfs_fop_write_iter+0x3e0/0x5f0 [ 621.588512][T14332] ? __pfx_sysfs_kf_write+0x10/0x10 [ 621.588537][T14332] do_iter_readv_writev+0x6ee/0x920 [ 621.588566][T14332] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 621.588599][T14332] vfs_writev+0x360/0xe10 [ 621.588632][T14332] ? rcu_is_watching+0x12/0xc0 [ 621.588663][T14332] ? __pfx_vfs_writev+0x10/0x10 [ 621.588691][T14332] ? fdget_pos+0x2aa/0x380 [ 621.588717][T14332] ? __fget_files+0x21f/0x3d0 [ 621.588738][T14332] ? do_writev+0x13e/0x340 [ 621.588753][T14332] do_writev+0x13e/0x340 [ 621.588769][T14332] ? __pfx_do_writev+0x10/0x10 [ 621.588788][T14332] do_syscall_64+0x106/0xf80 [ 621.588806][T14332] ? clear_bhb_loop+0x40/0x90 [ 621.588828][T14332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 621.588847][T14332] RIP: 0033:0x7f594139c819 [ 621.588861][T14332] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 621.588880][T14332] RSP: 002b:00007f594229a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 621.588907][T14332] RAX: ffffffffffffffda RBX: 00007f5941615fa0 RCX: 00007f594139c819 [ 621.588919][T14332] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 621.588932][T14332] RBP: 00007f5941432c91 R08: 0000000000000000 R09: 0000000000000000 [ 621.588944][T14332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 621.588956][T14332] R13: 00007f5941616038 R14: 00007f5941615fa0 R15: 00007fffa66393d8 [ 621.588973][T14332] [ 621.589039][T14332] Kernel Offset: disabled