last executing test programs: 9.617947814s ago: executing program 0 (id=1897): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) lseek$auto(0x3, 0x2, 0x4) unshare$auto(0x40000080) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x2280, 0x0) socket(0x1e, 0x1, 0x0) lsm_set_self_attr$auto(0x11, 0x0, 0x7e, 0x0) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/snd/controlC0\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0x40405515, &(0x7f0000001700)={@inferred, 0xc, 0x3, 0x9, "9d4724b76f4d07faf46cb94d85033d940fdf05ecff75c12163ddeab942ed73d07dadd6f419694d591eca8162"}) r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000001ec0), 0x40000, 0x0) readv$auto(r2, &(0x7f0000000140)={&(0x7f0000000280), 0xfdef}, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000) sysfs$auto(0x2, 0x2, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/ping_group_range\x00', 0x202, 0x0) write$auto(r3, &(0x7f00000000c0)='\\\xf3%\x00', 0x8) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0xc, 0x940, 0x1ffde, 0x7, 0x6, 0x3ff, 0x9, 0x1, 0x2, 0x0, 0x9, 0x8, 0x8, 0x1, 0x5, 0x7, 0x5d, 0x0, 0x3ff, 0x0, 0x0, 0x3, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c9, 0x0, 0x4, 0x0, 0x0, 0xe3a, 0x3]}, 0x400, 0x81) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x80000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000140)={{@raw=0x80000000, 0x304, 0xfffffffe, 0x8, "3112d598004a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe000900000000000755015e48d", @raw=0xfffffffc}, 0x3, 0x3, 0x4, @inferred, @integer={0x3, 0xfffffffffffffff9, 0x8}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd7327b386425608af790ada8dbdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendfile$auto(r0, r5, 0x0, 0x1) 9.226892686s ago: executing program 0 (id=1898): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) semctl$auto(0x2, 0x9, 0x939, 0x6) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000306b87000fedbdf250300000004000800040003800c0016"], 0x28}}, 0x4c810) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYRES8=r0, @ANYRES16=0x0, @ANYBLOB="01010000d07c4d0585ef06fdf864ec79e07a6b17e4ed83b253d7ab0bb9bb7f68"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000c4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mount_setattr$auto(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000640)={0x10002c, 0x7f, 0x0, @raw=0xce8}, 0x287) r1 = socket(0xa, 0x5, 0x0) getsockopt$auto(r1, 0x84, 0x1d, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) r2 = fanotify_init$auto(0x5, 0x0) fanotify_mark$auto(r2, 0xa05, 0x199, r2, 0x0) syz_clone3(&(0x7f0000000400)={0x1041100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0xffffff14) r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r3, 0x0, 0x39b8) sendfile$auto(r3, 0xffffffffffffffff, &(0x7f00000001c0)=0x3, 0xa) r4 = socket(0x2c, 0x3, 0x0) bind$auto(r4, &(0x7f0000000080)=@xdp={0x2c, 0xc, 0x0, 0x1c}, 0x6b) 9.148645432s ago: executing program 1 (id=1899): socket(0x11, 0x80003, 0x300) r0 = openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x440, 0x0) pread64$auto(r0, &(0x7f00000000c0)='/dev/nvme-fabrics\x00', 0x10, 0x9) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/set_event\x00', 0x100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x0, 0x10000, 0x2000008000, 0xeb1, r1, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x1) openat$nci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r3 = getpid() syz_clone3(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[r3], 0x1}, 0x58) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0) 6.502651918s ago: executing program 0 (id=1912): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x6, 0xff, @count=0xe35c, 0x0, 0x5, 0x6, 0x6, 0xffffffff}, 0x6f2) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, 0x0, 0x4001090) sysfs$auto(0x2, 0x23, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000080), 0xa100, 0x0) read$auto_vga_arb_device_fops_vgaarb(r0, &(0x7f0000000140)=""/16, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20804, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mincore$auto(0x1000, 0x8001, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) munmap$auto(0x20001000, 0x7fb3) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) 6.502110073s ago: executing program 1 (id=1905): madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x40000, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) read$auto(0x3, 0x0, 0x8) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket(0x2c, 0x3, 0x0) openat$auto_hpet_fops_hpet(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x50) r1 = socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) fsconfig$auto_FSCONFIG_SET_STRING(r1, 0x1, &(0x7f00000003c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', &(0x7f0000000040)="edf5c041dde4b4f2112b66479594eea20e7dc63bd3007cdfe640bd1cacd62d119c7b8a0b0d26925c04b83f3c246c96997af55d2d92240768b58ff81462c053dcbe86ff9a01", 0xc) socket(0x2b, 0xa, 0xfffffffe) eventfd$auto(0x80) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NET_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000007980)={0x0, 0x508}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setrlimit$auto(0x1000000007, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) 6.34921286s ago: executing program 2 (id=1906): socket(0x11, 0x80003, 0x300) pread64$auto(0xffffffffffffffff, &(0x7f00000000c0)='/dev/nvme-fabrics\x00', 0x10, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1842, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/set_event\x00', 0x100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x0, 0x10000, 0x2000008000, 0xeb1, r0, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x1) openat$nci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r2 = getpid() syz_clone3(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[r2], 0x1}, 0x58) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0) 6.281644512s ago: executing program 1 (id=1907): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x6, 0xff, @count=0xe35c, 0x0, 0x5, 0x6, 0x6, 0xffffffff}, 0x6f2) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, 0x0, 0x4001090) sysfs$auto(0x2, 0x23, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000080), 0xa100, 0x0) read$auto_vga_arb_device_fops_vgaarb(r0, &(0x7f0000000140)=""/16, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20804, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mincore$auto(0x1000, 0x8001, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) munmap$auto(0x20001000, 0x7fb3) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) 4.852254915s ago: executing program 3 (id=1908): madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x40000, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) read$auto(0x3, 0x0, 0x8) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket(0x2c, 0x3, 0x0) openat$auto_hpet_fops_hpet(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x50) socket(0xa, 0x1, 0x100) eventfd$auto(0x80) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NET_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000007980)={0x0, 0x508}, 0x1, 0x0, 0x0, 0x4000001}, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setrlimit$auto(0x1000000007, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) 4.538724136s ago: executing program 3 (id=1909): socket(0x11, 0x80003, 0x300) openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x440, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1842, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/set_event\x00', 0x100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x0, 0x10000, 0x2000008000, 0xeb1, r0, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x1) openat$nci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r2 = getpid() syz_clone3(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[r2], 0x1}, 0x58) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0) 4.278709894s ago: executing program 2 (id=1910): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = io_uring_setup$auto(0x8, 0x0) bpf$auto(0x7d5, &(0x7f0000000300)=@bpf_attr_4={0x8, r0, 0x7, r0}, 0x7) close_range$auto(r1, 0x8, 0x0) socket(0x5, 0x2, 0x4) socket(0x2, 0x2, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/vm/nr_overcommit_hugepages\x00', 0x100, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x8000020000020009, 0xdc, 0xeb1, r0, 0x8000) r2 = ioctl$auto_SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f0000000040)=0x10) sendfile$auto(r2, r0, &(0x7f0000000100)=0x7fff, 0x1ff) r3 = prctl$auto_SECCOMP_MODE_STRICT(0x3, 0x1, 0x0, 0x6, 0x8) write$auto_split_huge_pages_fops_huge_memory(r3, &(0x7f0000000000)="0f435dc14dfb90e6a18956949d1070a42e25c09f36660b4f6464f3a4462eae9db37f1fa666d4d0741715e484b7957c27f94fe7a0bf5fa95bea", 0x39) io_uring_register$auto(0x100000001, 0x14, 0x0, 0x5) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r4 = socket(0x1e, 0x2, 0x0) move_pages$auto(0x1, 0x3, 0x0, 0x0, 0x0, 0x8000000000000000) getsockopt$auto(r4, 0x10f, 0x7f, 0x0, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000140)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xffeb}, 0x3, 0x0, 0x200, 0x7}, 0xff}, 0xffffffff, 0xb10) 4.090690887s ago: executing program 2 (id=1911): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x6, 0xff, @count=0xe35c, 0x0, 0x5, 0x6, 0x6, 0xffffffff}, 0x6f2) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d40000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090) sysfs$auto(0x2, 0x23, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000080), 0xa100, 0x0) read$auto_vga_arb_device_fops_vgaarb(r0, &(0x7f0000000140)=""/16, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20804, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mincore$auto(0x1000, 0x8001, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) munmap$auto(0x20001000, 0x7fb3) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) 4.053633178s ago: executing program 1 (id=1913): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x6, 0xff, @count=0xe35c, 0x0, 0x5, 0x6, 0x6, 0xffffffff}, 0x6f2) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, 0x0, 0x4001090) sysfs$auto(0x2, 0x23, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000080), 0xa100, 0x0) read$auto_vga_arb_device_fops_vgaarb(r0, &(0x7f0000000140)=""/16, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20804, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mincore$auto(0x1000, 0x8001, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) munmap$auto(0x20001000, 0x7fb3) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) 3.922329566s ago: executing program 0 (id=1914): openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x20300, 0x0) r2 = socket(0xa, 0x5, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rs\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'ip6_vti0\x00'}) bpf$auto(0x40000000, &(0x7f0000000100)=@iter_create={r1, 0x81}, 0x96) connect$auto(0x3, 0x0, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) getsockopt$auto(r2, 0x84, 0x1d, 0x0, 0x0) r3 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vgem/clients\x00', 0x60000, 0x0) read$auto_drm_debugfs_entry_fops_drm_debugfs(r3, &(0x7f0000000100)=""/153, 0x99) getpid() mincore$auto(0x1000, 0x8001, 0x0) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) semctl$auto(0x7, 0x2, 0x13, 0x1) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_ipsec_dbg_fops_ipsec(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/ipsec\x00', 0xc2040, 0x0) r6 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r5, 0x4b72, r6) read$auto(r4, 0x0, 0xb4d3) 3.096575653s ago: executing program 3 (id=1915): r0 = openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x440, 0x0) pread64$auto(r0, &(0x7f00000000c0)='/dev/nvme-fabrics\x00', 0x10, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1842, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/set_event\x00', 0x100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x0, 0x10000, 0x2000008000, 0xeb1, r1, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x1) openat$nci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r3 = getpid() syz_clone3(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[r3], 0x1}, 0x58) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0) 2.184967833s ago: executing program 1 (id=1916): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x6, 0xff, @count=0xe35c, 0x0, 0x5, 0x6, 0x6, 0xffffffff}, 0x6f2) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d40000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090) sysfs$auto(0x2, 0x23, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000080), 0xa100, 0x0) read$auto_vga_arb_device_fops_vgaarb(r0, &(0x7f0000000140)=""/16, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20804, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mincore$auto(0x1000, 0x8001, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) munmap$auto(0x20001000, 0x7fb3) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) 2.182863796s ago: executing program 0 (id=1924): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x6, 0xff, @count=0xe35c, 0x0, 0x5, 0x6, 0x6, 0xffffffff}, 0x6f2) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090) sysfs$auto(0x2, 0x23, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000080), 0xa100, 0x0) read$auto_vga_arb_device_fops_vgaarb(r0, &(0x7f0000000140)=""/16, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20804, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mincore$auto(0x1000, 0x8001, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) 1.995064079s ago: executing program 3 (id=1917): socket(0x11, 0x80003, 0x300) pread64$auto(0xffffffffffffffff, &(0x7f00000000c0)='/dev/nvme-fabrics\x00', 0x10, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1842, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/set_event\x00', 0x100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x0, 0x10000, 0x2000008000, 0xeb1, r0, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x1) openat$nci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r2 = getpid() syz_clone3(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[r2], 0x1}, 0x58) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0) 1.964722301s ago: executing program 2 (id=1918): fsetxattr$auto(0xffffffffffffffff, 0x0, &(0x7f0000000280)="8d8bd71a3eb5aa32b921547a06902763baf7b9ca18a7fbdf933d6271bb2989131b719c751d2f32b6daa07fe05b467c6ec0d98783cce2a47474031d054f0459ff85d94ee60d53acf502b5", 0x3, 0x9) madvise$auto(0x0, 0x2003f0, 0x15) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/lockdep\x00', 0x2, 0x0) inotify_init1$auto(0x800) r0 = socket(0x10, 0x3, 0x15) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(r0, &(0x7f0000000000)='-\x00', 0xfdef) connect$auto(0x3, 0x0, 0x54) 689.186957ms ago: executing program 2 (id=1919): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) io_uring_setup$auto(0x8, &(0x7f0000000140)={0x0, 0x3, 0x9, 0x10001, 0xc, 0xc05, 0xffffffffffffffff, [0x7fd, 0x1001, 0x8], {0x9, 0x1, 0x6, 0x0, 0x420, 0x1001, 0x3fdc, 0x3, 0x5}, {0x2, 0x140, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0x3}}) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) semctl$auto(0x7, 0x2, 0x13, 0x1) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r2, 0x560a, 0x7) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="50000000aa1895bb80d43d38e57c17489f0c7e0197c54a08753a35b29f185a29bda40aec99d3ce6e794850a47e04e281852beedbafda35402f902da2c3e10c0084e536759b8c715c39facf6ed5fdd16eedc6a906e2496dd2167580870b900f6c3ffdcb0782f0ad2dbf690171a279168050b065e261501c2c0c08b1efa3e7e3533d6698b4e041ab872ef048e2fad0f2690700000000000000952963acb8f8777a75222863cf600000000000000000000000000000a1896f25642ae152d530de1b7e69c946eae2fc8ce6e0fee46b23dd354e5b6e61515d8fa46a390701e7b82e818d526fce06edab42ebba8b94dbcec867dd3960a584bab1c950df69fdb9f30213d6ba3584cef0280c03ed381278604b88940792835e590df553faf43da761c1cefc7054a112148c", @ANYRES16=r1, @ANYBLOB="010025bd7000f7dbdf250100003f0600020001000000050007005800000008000c000800000008000a0008000000080011000b0000001400200000000000000000000000ffffffffffff"], 0x50}, 0x1, 0x0, 0x0, 0x44000}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD_GROUP(r3, 0x5, &(0x7f0000000440)={@_si_pad}, 0x2) socket(0x10, 0x3, 0x4) pwrite64$auto(0xc8, &(0x7f0000000680)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe41\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0x96, 0xc421) r4 = openat$auto_userio_fops_userio(0xffffffffffffff9c, 0x0, 0x2000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) fcntl$auto_F_DUPFD_QUERY(r4, 0x403, r4) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x3, 0x0) r5 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002240)='/dev/cec26\x00', 0x1a9602, 0x0) ioctl$auto_CEC_DQEVENT(r5, 0xc0506107, 0x0) ioctl$auto_CEC_DQEVENT(r5, 0xc0506107, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x161200, 0x0) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x80001, 0x0) 503.150703ms ago: executing program 0 (id=1920): socket(0x11, 0x80003, 0x300) pread64$auto(0xffffffffffffffff, &(0x7f00000000c0)='/dev/nvme-fabrics\x00', 0x10, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1842, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/set_event\x00', 0x100, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)=""/192, 0xc0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) mmap$auto(0x0, 0x10000, 0x2000008000, 0xeb1, r0, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x1) openat$nci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r2 = getpid() syz_clone3(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[r2], 0x1}, 0x58) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0) 272.406534ms ago: executing program 3 (id=1921): memfd_create$auto(&(0x7f0000000300)='/sys/kernel/debug/x86/boot_params/data\x00\"F\xb6\xcd\x06\xd6\x97\\L\xe1\xb2\xee\xb8\x8e\xd6O\xa1j\x90w\xc7\x94\xb7yi\x01&\x04b/\xaa\xfb#s\xc4\xa3\xa7\xacj\xc6\x8e\xf4L\x9a\xf8\xcc\xdcy\x9f\x93\xbc\xf6\xc8\xdb\x05w,|B\xfc\x04\x97\xd3\x0f\x8b\x81\xe8\xbc\x81\x0e\xd7o\xd2\xcd\x18z\xc2\xb7|\xe1\xa6\x9a~\x96\x10rnLnt\xdb\xdb-\x1b\x99\xd4\xed;\xf8\x13a\r\xf2\a\x85%\xef\xa7\x7f#\x96\xf2S\xb0\xf1Hq\x0f;\x83\xb7\x0fz\x9dN\xc9\x1e\x15r\x97|\xbfE\xce\"', 0x4) socket(0x2, 0x2, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.net/net_prio.ifpriomap\x00', 0x10b142, 0x0) sendfile$auto(r0, r0, 0x0, 0x2) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x4) mmap$auto(0x0, 0x9, 0x40, 0x8000000008012, 0x3, 0x8000) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fallocate$auto(0x8000000000000003, 0x3, 0xf, 0x200000004) 29.960355ms ago: executing program 1 (id=1922): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) lseek$auto(0x3, 0x2, 0x4) unshare$auto(0x40000080) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x2280, 0x0) socket(0x1e, 0x1, 0x0) lsm_set_self_attr$auto(0x11, 0x0, 0x7e, 0x0) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/snd/controlC0\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0x40405515, &(0x7f0000001700)={@inferred, 0xc, 0x3, 0x9, "9d4724b76f4d07faf46cb94d85033d940fdf05ecff75c12163ddeab942ed73d07dadd6f419694d591eca8162"}) r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000001ec0), 0x40000, 0x0) readv$auto(r2, &(0x7f0000000140)={&(0x7f0000000280), 0xfdef}, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000) sysfs$auto(0x2, 0x2, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/ping_group_range\x00', 0x202, 0x0) write$auto(r3, &(0x7f00000000c0)='\\\xf3%\x00', 0x8) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0xc, 0x940, 0x1ffde, 0x7, 0x6, 0x3ff, 0x9, 0x1, 0x2, 0x0, 0x9, 0x8, 0x8, 0x1, 0x5, 0x7, 0x5d, 0x0, 0x3ff, 0x0, 0x0, 0x3, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c9, 0x0, 0x4, 0x0, 0x0, 0xe3a, 0x3]}, 0x400, 0x81) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x80000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000140)={{@raw=0x80000000, 0x304, 0xfffffffe, 0x8, "3112d598004a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe000900000000000755015e48d", @raw=0xfffffffc}, 0x3, 0x3, 0x4, @inferred, @integer={0x3, 0xfffffffffffffff9, 0x8}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd7327b386425608af790ada8dbdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendfile$auto(r0, r5, 0x0, 0x1) 1.115008ms ago: executing program 2 (id=1923): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x103, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:04.0/numa_node\x00', 0x1a3b02, 0x0) write$auto(r0, 0x0, 0xd) madvise$auto(0x0, 0x400053, 0x9) 0s ago: executing program 3 (id=1925): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x6, 0xff, @count=0xe35c, 0x0, 0x5, 0x6, 0x6, 0xffffffff}, 0x6f2) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8044}, 0x4001090) sysfs$auto(0x2, 0x23, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000080), 0xa100, 0x0) read$auto_vga_arb_device_fops_vgaarb(r0, &(0x7f0000000140)=""/16, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20804, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mincore$auto(0x1000, 0x8001, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) munmap$auto(0x20001000, 0x7fb3) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) kernel console output (not intermixed with test programs): 52] kernfs_fop_read_iter+0x40f/0x5a0 [ 551.898071][T13952] ? rw_verify_area+0xcf/0x6c0 [ 551.898088][T13952] vfs_read+0x8bf/0xcf0 [ 551.898107][T13952] ? __pfx___mutex_lock+0x10/0x10 [ 551.898130][T13952] ? __pfx_vfs_read+0x10/0x10 [ 551.898153][T13952] ksys_read+0x12a/0x250 [ 551.898171][T13952] ? __pfx_ksys_read+0x10/0x10 [ 551.898192][T13952] do_syscall_64+0xcd/0x490 [ 551.898215][T13952] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 551.898232][T13952] RIP: 0033:0x7f059e98ebe9 [ 551.898246][T13952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 551.898263][T13952] RSP: 002b:00007f059f835038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 551.898280][T13952] RAX: ffffffffffffffda RBX: 00007f059ebb6090 RCX: 00007f059e98ebe9 [ 551.898292][T13952] RDX: 0000000000001019 RSI: 0000200000003940 RDI: 0000000000000004 [ 551.898302][T13952] RBP: 00007f059f835090 R08: 0000000000000000 R09: 0000000000000000 [ 551.898312][T13952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 551.898322][T13952] R13: 00007f059ebb6128 R14: 00007f059ebb6090 R15: 00007ffff6eb9b48 [ 551.898337][T13952] [ 552.378509][T13949] zswap: compressor û not available [ 555.038276][T14009] ptrace attach of "./syz-executor exec"[5865] was attempted by "./syz-executor exec"[14009] [ 556.689925][T14038] FAULT_INJECTION: forcing a failure. [ 556.689925][T14038] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 556.706338][T14038] CPU: 0 UID: 0 PID: 14038 Comm: syz.2.1402 Not tainted syzkaller #0 PREEMPT(full) [ 556.706380][T14038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 556.706397][T14038] Call Trace: [ 556.706406][T14038] [ 556.706418][T14038] dump_stack_lvl+0x16c/0x1f0 [ 556.706458][T14038] should_fail_ex+0x512/0x640 [ 556.706501][T14038] should_fail_alloc_page+0xe7/0x130 [ 556.706541][T14038] prepare_alloc_pages+0x3c2/0x610 [ 556.706586][T14038] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 556.706617][T14038] ? stack_depot_save_flags+0x29/0x9c0 [ 556.706651][T14038] ? kasan_save_stack+0x33/0x60 [ 556.706679][T14038] ? kasan_save_track+0x14/0x30 [ 556.706708][T14038] ? __kasan_slab_alloc+0x89/0x90 [ 556.706742][T14038] ? kasan_save_stack+0x42/0x60 [ 556.706780][T14038] ? kasan_save_stack+0x33/0x60 [ 556.706810][T14038] ? kasan_save_track+0x14/0x30 [ 556.706841][T14038] ? __kasan_slab_alloc+0x89/0x90 [ 556.706875][T14038] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 556.706907][T14038] ? __anon_vma_prepare+0x344/0x5e0 [ 556.706938][T14038] ? __vmf_anon_prepare+0x11c/0x240 [ 556.706979][T14038] ? do_pte_missing+0x10bd/0x3ba0 [ 556.707006][T14038] ? __handle_mm_fault+0x152a/0x2a50 [ 556.707033][T14038] ? handle_mm_fault+0x589/0xd10 [ 556.707062][T14038] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 556.707096][T14038] ? vm_mmap_pgoff+0x37f/0x470 [ 556.707134][T14038] ? __x64_sys_mmap+0x125/0x190 [ 556.707177][T14038] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 556.707208][T14038] ? rcu_is_watching+0x12/0xc0 [ 556.707240][T14038] ? local_lock_release+0x99/0x140 [ 556.707277][T14038] ? rcu_is_watching+0x12/0xc0 [ 556.707305][T14038] ? lock_release+0x201/0x2f0 [ 556.707343][T14038] ? rcu_is_watching+0x12/0xc0 [ 556.707371][T14038] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 556.707414][T14038] ? policy_nodemask+0xea/0x4e0 [ 556.707451][T14038] alloc_pages_mpol+0x1fb/0x550 [ 556.707490][T14038] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 556.707525][T14038] ? __anon_vma_prepare+0x2db/0x5e0 [ 556.707554][T14038] ? rcu_is_watching+0x12/0xc0 [ 556.707583][T14038] ? lock_release+0x201/0x2f0 [ 556.707620][T14038] folio_alloc_mpol_noprof+0x36/0x2f0 [ 556.707669][T14038] vma_alloc_folio_noprof+0xed/0x1e0 [ 556.707711][T14038] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 556.707753][T14038] ? __anon_vma_prepare+0x2e2/0x5e0 [ 556.707799][T14038] do_pte_missing+0x2230/0x3ba0 [ 556.707833][T14038] __handle_mm_fault+0x152a/0x2a50 [ 556.707868][T14038] ? __pfx___handle_mm_fault+0x10/0x10 [ 556.707897][T14038] ? mt_validate+0x1d6/0x4210 [ 556.707942][T14038] ? find_vma+0xbf/0x140 [ 556.707979][T14038] ? __pfx_find_vma+0x10/0x10 [ 556.708019][T14038] handle_mm_fault+0x589/0xd10 [ 556.708053][T14038] __get_user_pages+0x551/0x34a0 [ 556.708101][T14038] ? __pfx___get_user_pages+0x10/0x10 [ 556.708144][T14038] ? __pfx___might_resched+0x10/0x10 [ 556.708172][T14038] ? cap_capable+0xb3/0x250 [ 556.708203][T14038] populate_vma_page_range+0x267/0x3f0 [ 556.708249][T14038] ? __pfx_populate_vma_page_range+0x10/0x10 [ 556.708295][T14038] ? __pfx_find_vma_intersection+0x10/0x10 [ 556.708336][T14038] ? do_mmap+0x69c/0x1210 [ 556.708377][T14038] __mm_populate+0x1d8/0x380 [ 556.708421][T14038] ? __pfx___mm_populate+0x10/0x10 [ 556.708466][T14038] ? up_write+0x1b2/0x520 [ 556.708508][T14038] vm_mmap_pgoff+0x37f/0x470 [ 556.708548][T14038] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 556.708590][T14038] ? __fget_files+0x20e/0x3c0 [ 556.708626][T14038] ksys_mmap_pgoff+0x7d/0x5c0 [ 556.708665][T14038] ? __pfx_ksys_write+0x10/0x10 [ 556.708700][T14038] __x64_sys_mmap+0x125/0x190 [ 556.708754][T14038] do_syscall_64+0xcd/0x490 [ 556.708801][T14038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 556.708831][T14038] RIP: 0033:0x7f665b38ebe9 [ 556.708854][T14038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 556.708882][T14038] RSP: 002b:00007f665c255038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 556.708911][T14038] RAX: ffffffffffffffda RBX: 00007f665b5b5fa0 RCX: 00007f665b38ebe9 [ 556.708930][T14038] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 556.708948][T14038] RBP: 00007f665c255090 R08: 0000000000000002 R09: 0000000000008000 [ 556.708966][T14038] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000002 [ 556.708983][T14038] R13: 00007f665b5b6038 R14: 00007f665b5b5fa0 R15: 00007ffed3e7ee58 [ 556.709010][T14038] [ 557.215247][T14044] FAULT_INJECTION: forcing a failure. [ 557.215247][T14044] name failslab, interval 1, probability 0, space 0, times 0 [ 557.228495][T14044] CPU: 0 UID: 0 PID: 14044 Comm: syz.1.1412 Not tainted syzkaller #0 PREEMPT(full) [ 557.228529][T14044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 557.228540][T14044] Call Trace: [ 557.228546][T14044] [ 557.228552][T14044] dump_stack_lvl+0x16c/0x1f0 [ 557.228578][T14044] should_fail_ex+0x512/0x640 [ 557.228603][T14044] should_failslab+0xc2/0x120 [ 557.228627][T14044] __kmalloc_cache_noprof+0x6a/0x3e0 [ 557.228645][T14044] ? snd_ctl_get_preferred_subdevice+0x184/0x200 [ 557.228666][T14044] ? snd_pcm_attach_substream+0x441/0xd60 [ 557.228688][T14044] snd_pcm_attach_substream+0x441/0xd60 [ 557.228710][T14044] snd_pcm_open_substream+0x8d/0x17f0 [ 557.228731][T14044] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 557.228753][T14044] snd_pcm_oss_open+0x735/0x1400 [ 557.228783][T14044] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 557.228810][T14044] ? tomoyo_check_open_permission+0x20e/0x3c0 [ 557.228832][T14044] ? __pfx_default_wake_function+0x10/0x10 [ 557.228853][T14044] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.228874][T14044] ? do_raw_spin_lock+0x12c/0x2b0 [ 557.228901][T14044] ? rcu_is_watching+0x12/0xc0 [ 557.228918][T14044] ? lock_release+0x201/0x2f0 [ 557.228939][T14044] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 557.228966][T14044] soundcore_open+0x409/0x580 [ 557.228989][T14044] ? __pfx_soundcore_open+0x10/0x10 [ 557.229011][T14044] chrdev_open+0x231/0x6a0 [ 557.229033][T14044] ? __pfx_apparmor_file_open+0x10/0x10 [ 557.229052][T14044] ? __pfx_chrdev_open+0x10/0x10 [ 557.229073][T14044] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 557.229095][T14044] do_dentry_open+0x97f/0x1530 [ 557.229115][T14044] ? __pfx_chrdev_open+0x10/0x10 [ 557.229139][T14044] vfs_open+0x82/0x3f0 [ 557.229164][T14044] path_openat+0x1de4/0x2cb0 [ 557.229186][T14044] ? __pfx_path_openat+0x10/0x10 [ 557.229208][T14044] do_filp_open+0x20b/0x470 [ 557.229227][T14044] ? __pfx_do_filp_open+0x10/0x10 [ 557.229253][T14044] ? alloc_fd+0x471/0x7d0 [ 557.229272][T14044] do_sys_openat2+0x11b/0x1d0 [ 557.229297][T14044] ? __pfx_do_sys_openat2+0x10/0x10 [ 557.229322][T14044] ? rcu_is_watching+0x12/0xc0 [ 557.229339][T14044] ? __fget_files+0x204/0x3c0 [ 557.229358][T14044] __x64_sys_openat+0x174/0x210 [ 557.229384][T14044] ? __pfx___x64_sys_openat+0x10/0x10 [ 557.229414][T14044] do_syscall_64+0xcd/0x490 [ 557.229437][T14044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.229454][T14044] RIP: 0033:0x7f23b598ebe9 [ 557.229468][T14044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 557.229486][T14044] RSP: 002b:00007f23b689c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 557.229503][T14044] RAX: ffffffffffffffda RBX: 00007f23b5bb5fa0 RCX: 00007f23b598ebe9 [ 557.229514][T14044] RDX: 0000000000080502 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 557.229535][T14044] RBP: 00007f23b5a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 557.229545][T14044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 557.229555][T14044] R13: 00007f23b5bb6038 R14: 00007f23b5bb5fa0 R15: 00007ffe4577b2c8 [ 557.229572][T14044] [ 557.979661][T14054] FAULT_INJECTION: forcing a failure. [ 557.979661][T14054] name failslab, interval 1, probability 0, space 0, times 0 [ 557.992529][T14054] CPU: 1 UID: 0 PID: 14054 Comm: syz.3.1405 Not tainted syzkaller #0 PREEMPT(full) [ 557.992570][T14054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 557.992587][T14054] Call Trace: [ 557.992597][T14054] [ 557.992607][T14054] dump_stack_lvl+0x16c/0x1f0 [ 557.992645][T14054] should_fail_ex+0x512/0x640 [ 557.992686][T14054] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 557.992724][T14054] should_failslab+0xc2/0x120 [ 557.992761][T14054] __kmalloc_noprof+0xd2/0x510 [ 557.992792][T14054] ? inode_set_ctime_current+0xa3/0x8f0 [ 557.992824][T14054] ? rcu_is_watching+0x12/0xc0 [ 557.992853][T14054] tomoyo_realpath_from_path+0xc2/0x6e0 [ 557.992897][T14054] tomoyo_check_open_permission+0x2ab/0x3c0 [ 557.992929][T14054] ? __d_add+0x403/0xa50 [ 557.992961][T14054] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 557.992994][T14054] ? lock_release+0x201/0x2f0 [ 557.993042][T14054] ? do_raw_spin_lock+0x12c/0x2b0 [ 557.993082][T14054] ? path_get+0x61/0x80 [ 557.993116][T14054] ? rcu_is_watching+0x12/0xc0 [ 557.993145][T14054] tomoyo_file_open+0x6b/0x90 [ 557.993169][T14054] security_file_open+0x84/0x1e0 [ 557.993207][T14054] do_dentry_open+0x596/0x1530 [ 557.993245][T14054] vfs_open+0x82/0x3f0 [ 557.993287][T14054] path_openat+0x1de4/0x2cb0 [ 557.993324][T14054] ? __pfx_path_openat+0x10/0x10 [ 557.993358][T14054] do_filp_open+0x20b/0x470 [ 557.993390][T14054] ? __pfx_do_filp_open+0x10/0x10 [ 557.993433][T14054] ? alloc_fd+0x471/0x7d0 [ 557.993465][T14054] do_sys_openat2+0x11b/0x1d0 [ 557.993515][T14054] ? __pfx_do_sys_openat2+0x10/0x10 [ 557.993570][T14054] __x64_sys_openat+0x174/0x210 [ 557.993612][T14054] ? __pfx___x64_sys_openat+0x10/0x10 [ 557.993661][T14054] do_syscall_64+0xcd/0x490 [ 557.993698][T14054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.993726][T14054] RIP: 0033:0x7f9260b8ebe9 [ 557.993747][T14054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 557.993774][T14054] RSP: 002b:00007f92619b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 557.993800][T14054] RAX: ffffffffffffffda RBX: 00007f9260db5fa0 RCX: 00007f9260b8ebe9 [ 557.993818][T14054] RDX: 0000000000002c40 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 557.993836][T14054] RBP: 00007f9260c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 557.993854][T14054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 557.993871][T14054] R13: 00007f9260db6038 R14: 00007f9260db5fa0 R15: 00007ffc882b73c8 [ 557.993898][T14054] [ 557.994017][T14054] ERROR: Out of memory at tomoyo_realpath_from_path. [ 558.523781][T14064] FAULT_INJECTION: forcing a failure. [ 558.523781][T14064] name failslab, interval 1, probability 0, space 0, times 0 [ 558.580676][T14064] CPU: 0 UID: 0 PID: 14064 Comm: syz.1.1408 Not tainted syzkaller #0 PREEMPT(full) [ 558.580721][T14064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 558.580740][T14064] Call Trace: [ 558.580757][T14064] [ 558.580768][T14064] dump_stack_lvl+0x16c/0x1f0 [ 558.580812][T14064] should_fail_ex+0x512/0x640 [ 558.580857][T14064] should_failslab+0xc2/0x120 [ 558.580898][T14064] __kmalloc_cache_noprof+0x6a/0x3e0 [ 558.580927][T14064] ? __asan_memset+0x23/0x50 [ 558.580956][T14064] ? alloc_netdev_mqs+0xe58/0x1530 [ 558.580998][T14064] alloc_netdev_mqs+0xe58/0x1530 [ 558.581041][T14064] slip_open+0x35c/0x1150 [ 558.581083][T14064] ? __pfx___might_resched+0x10/0x10 [ 558.581112][T14064] ? __pfx_n_tty_close+0x10/0x10 [ 558.581137][T14064] ? tty_ldisc_close+0x114/0x1a0 [ 558.581172][T14064] ? rcu_is_watching+0x12/0xc0 [ 558.581203][T14064] ? __pfx_slip_open+0x10/0x10 [ 558.581242][T14064] ? down_write+0x14d/0x200 [ 558.581280][T14064] ? __pfx_slip_open+0x10/0x10 [ 558.581317][T14064] tty_ldisc_open+0x9f/0x120 [ 558.581350][T14064] tty_set_ldisc+0x32b/0x780 [ 558.581385][T14064] tty_ioctl+0xc2e/0x1680 [ 558.581422][T14064] ? __pfx_tty_ioctl+0x10/0x10 [ 558.581462][T14064] ? rcu_is_watching+0x12/0xc0 [ 558.581491][T14064] ? __fget_files+0x204/0x3c0 [ 558.581520][T14064] ? hook_file_ioctl_common+0x145/0x410 [ 558.581563][T14064] ? __fget_files+0x20e/0x3c0 [ 558.581595][T14064] ? __pfx_tty_ioctl+0x10/0x10 [ 558.581634][T14064] __x64_sys_ioctl+0x18e/0x210 [ 558.581680][T14064] do_syscall_64+0xcd/0x490 [ 558.581719][T14064] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 558.581755][T14064] RIP: 0033:0x7f23b598ebe9 [ 558.581777][T14064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 558.581808][T14064] RSP: 002b:00007f23b689c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 558.581837][T14064] RAX: ffffffffffffffda RBX: 00007f23b5bb5fa0 RCX: 00007f23b598ebe9 [ 558.581859][T14064] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000c [ 558.581877][T14064] RBP: 00007f23b5a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 558.581895][T14064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 558.581913][T14064] R13: 00007f23b5bb6038 R14: 00007f23b5bb5fa0 R15: 00007ffe4577b2c8 [ 558.581939][T14064] [ 559.863415][T14082] ptrace attach of "./syz-executor exec"[5865] was attempted by "./syz-executor exec"[14082] [ 560.625555][T14083] ptrace attach of "./syz-executor exec"[5855] was attempted by "./syz-executor exec"[14083] [ 561.119958][T14109] ptrace attach of "./syz-executor exec"[5865] was attempted by "./syz-executor exec"[14109] [ 563.977351][T14173] program syz.3.1428 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 564.333799][T14166] ptrace attach of "./syz-executor exec"[5859] was attempted by "./syz-executor exec"[14166] [ 564.839739][T14191] FAULT_INJECTION: forcing a failure. [ 564.839739][T14191] name failslab, interval 1, probability 0, space 0, times 0 [ 564.852724][T14191] CPU: 0 UID: 0 PID: 14191 Comm: syz.2.1431 Not tainted syzkaller #0 PREEMPT(full) [ 564.852764][T14191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 564.852782][T14191] Call Trace: [ 564.852791][T14191] [ 564.852801][T14191] dump_stack_lvl+0x16c/0x1f0 [ 564.852838][T14191] should_fail_ex+0x512/0x640 [ 564.852863][T14191] should_failslab+0xc2/0x120 [ 564.852886][T14191] __kmalloc_cache_noprof+0x6a/0x3e0 [ 564.852904][T14191] ? resv_map_alloc+0x46/0x400 [ 564.852927][T14191] resv_map_alloc+0x46/0x400 [ 564.852949][T14191] hugetlbfs_get_inode+0x33f/0x730 [ 564.852967][T14191] ? __fget_files+0x20e/0x3c0 [ 564.852986][T14191] hugetlb_file_setup+0x15b/0x620 [ 564.853005][T14191] ksys_mmap_pgoff+0x189/0x5c0 [ 564.853030][T14191] __x64_sys_mmap+0x125/0x190 [ 564.853057][T14191] do_syscall_64+0xcd/0x490 [ 564.853079][T14191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 564.853097][T14191] RIP: 0033:0x7f665b38ebe9 [ 564.853111][T14191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 564.853128][T14191] RSP: 002b:00007f665c255038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 564.853146][T14191] RAX: ffffffffffffffda RBX: 00007f665b5b5fa0 RCX: 00007f665b38ebe9 [ 564.853157][T14191] RDX: 0000000000007fff RSI: 0000000000a00007 RDI: 0000000000000000 [ 564.853167][T14191] RBP: 00007f665c255090 R08: ffffffffffffffff R09: 0000300000000000 [ 564.853177][T14191] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000001 [ 564.853187][T14191] R13: 00007f665b5b6038 R14: 00007f665b5b5fa0 R15: 00007ffed3e7ee58 [ 564.853202][T14191] [ 565.046065][T14175] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[14175] [ 565.748325][ T30] audit: type=1800 audit(1755709177.056:5): pid=14206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1436" name="lu_gp_id" dev="configfs" ino=56686 res=0 errno=0 [ 568.208787][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.215201][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.464103][T14258] svc: failed to register nfsdv3 RPC service (errno 111). [ 568.472886][T14258] svc: failed to register nfsaclv3 RPC service (errno 111). [ 568.552103][T14262] FAULT_INJECTION: forcing a failure. [ 568.552103][T14262] name fail_futex, interval 1, probability 0, space 0, times 1 [ 568.606897][T14262] CPU: 0 UID: 0 PID: 14262 Comm: syz.3.1448 Not tainted syzkaller #0 PREEMPT(full) [ 568.606942][T14262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 568.606958][T14262] Call Trace: [ 568.606968][T14262] [ 568.606978][T14262] dump_stack_lvl+0x16c/0x1f0 [ 568.607019][T14262] should_fail_ex+0x512/0x640 [ 568.607057][T14262] get_futex_key+0x1d0/0x1560 [ 568.607082][T14262] ? __pfx_get_futex_key+0x10/0x10 [ 568.607102][T14262] ? __mutex_trylock_common+0xe9/0x250 [ 568.607126][T14262] ? __pfx___mutex_trylock_common+0x10/0x10 [ 568.607150][T14262] futex_wake+0xea/0x530 [ 568.607175][T14262] ? __pfx_futex_wake+0x10/0x10 [ 568.607198][T14262] ? rcu_is_watching+0x12/0xc0 [ 568.607216][T14262] ? rcu_is_watching+0x12/0xc0 [ 568.607233][T14262] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 568.607256][T14262] do_futex+0x1e3/0x350 [ 568.607277][T14262] ? __pfx_do_futex+0x10/0x10 [ 568.607297][T14262] ? lock_release+0x201/0x2f0 [ 568.607320][T14262] mm_release+0x24e/0x300 [ 568.607339][T14262] do_exit+0x68e/0x2bf0 [ 568.607363][T14262] ? __pfx_do_exit+0x10/0x10 [ 568.607386][T14262] ? do_raw_spin_lock+0x12c/0x2b0 [ 568.607411][T14262] ? get_signal+0x8f5/0x26d0 [ 568.607429][T14262] ? rcu_is_watching+0x12/0xc0 [ 568.607446][T14262] do_group_exit+0xd3/0x2a0 [ 568.607479][T14262] get_signal+0x2673/0x26d0 [ 568.607499][T14262] ? rcu_is_watching+0x12/0xc0 [ 568.607516][T14262] ? __pfx_get_signal+0x10/0x10 [ 568.607535][T14262] ? do_futex+0x122/0x350 [ 568.607555][T14262] ? __pfx_do_futex+0x10/0x10 [ 568.607576][T14262] arch_do_signal_or_restart+0x8f/0x790 [ 568.607599][T14262] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 568.607623][T14262] ? xfd_validate_state+0x61/0x180 [ 568.607659][T14262] exit_to_user_mode_loop+0x84/0x110 [ 568.607696][T14262] do_syscall_64+0x3f6/0x490 [ 568.607718][T14262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.607736][T14262] RIP: 0033:0x7f9260b8ebe9 [ 568.607750][T14262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 568.607767][T14262] RSP: 002b:00007f92619b90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 568.607785][T14262] RAX: fffffffffffffe00 RBX: 00007f9260db5fa8 RCX: 00007f9260b8ebe9 [ 568.607796][T14262] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9260db5fa8 [ 568.607807][T14262] RBP: 00007f9260db5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 568.607817][T14262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 568.607827][T14262] R13: 00007f9260db6038 R14: 00007ffc882b72e0 R15: 00007ffc882b73c8 [ 568.607842][T14262] [ 569.882691][T14293] svc: failed to register nfsdv3 RPC service (errno 111). [ 569.894522][T14293] svc: failed to register nfsaclv3 RPC service (errno 111). [ 570.429177][T14299] ptrace attach of "./syz-executor exec"[5859] was attempted by "./syz-executor exec"[14299] [ 571.136646][T14320] FAULT_INJECTION: forcing a failure. [ 571.136646][T14320] name failslab, interval 1, probability 0, space 0, times 0 [ 571.166024][T14320] CPU: 0 UID: 0 PID: 14320 Comm: syz.3.1459 Not tainted syzkaller #0 PREEMPT(full) [ 571.166062][T14320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 571.166078][T14320] Call Trace: [ 571.166088][T14320] [ 571.166098][T14320] dump_stack_lvl+0x16c/0x1f0 [ 571.166140][T14320] should_fail_ex+0x512/0x640 [ 571.166174][T14320] should_failslab+0xc2/0x120 [ 571.166203][T14320] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 571.166229][T14320] ? trace_kmem_cache_alloc+0x28/0xc0 [ 571.166260][T14320] ? sk_prot_alloc+0x60/0x2a0 [ 571.166294][T14320] sk_prot_alloc+0x60/0x2a0 [ 571.166326][T14320] sk_alloc+0x36/0xc20 [ 571.166350][T14320] unix_create1+0xa6/0x700 [ 571.166377][T14320] unix_create+0x110/0x270 [ 571.166402][T14320] __sock_create+0x338/0x8d0 [ 571.166424][T14320] __sys_socketpair+0x25c/0x5a0 [ 571.166446][T14320] ? __pfx___sys_socketpair+0x10/0x10 [ 571.166466][T14320] ? fput+0x9b/0xd0 [ 571.166495][T14320] ? __pfx_ksys_write+0x10/0x10 [ 571.166521][T14320] __x64_sys_socketpair+0x96/0x100 [ 571.166542][T14320] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 571.166575][T14320] do_syscall_64+0xcd/0x490 [ 571.166603][T14320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.166625][T14320] RIP: 0033:0x7f9260b8ebe9 [ 571.166643][T14320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 571.166665][T14320] RSP: 002b:00007f92619b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 571.166695][T14320] RAX: ffffffffffffffda RBX: 00007f9260db5fa0 RCX: 00007f9260b8ebe9 [ 571.166709][T14320] RDX: 8000000000000000 RSI: 0000000000000002 RDI: 0000000000000001 [ 571.166723][T14320] RBP: 00007f92619b9090 R08: 0000000000000000 R09: 0000000000000000 [ 571.166736][T14320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 571.166749][T14320] R13: 00007f9260db6038 R14: 00007f9260db5fa0 R15: 00007ffc882b73c8 [ 571.166769][T14320] [ 571.385543][T14320] svc: failed to register nfsdv3 RPC service (errno 111). [ 571.393821][T14320] svc: failed to register nfsaclv3 RPC service (errno 111). [ 571.547127][T14291] ptrace attach of "./syz-executor exec"[5865] was attempted by "./syz-executor exec"[14291] [ 571.698415][T14342] FAULT_INJECTION: forcing a failure. [ 571.698415][T14342] name failslab, interval 1, probability 0, space 0, times 0 [ 571.711137][T14342] CPU: 0 UID: 1 PID: 14342 Comm: syz.3.1465 Not tainted syzkaller #0 PREEMPT(full) [ 571.711162][T14342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 571.711173][T14342] Call Trace: [ 571.711179][T14342] [ 571.711187][T14342] dump_stack_lvl+0x16c/0x1f0 [ 571.711214][T14342] should_fail_ex+0x512/0x640 [ 571.711241][T14342] should_failslab+0xc2/0x120 [ 571.711264][T14342] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 571.711285][T14342] ? lock_release+0x201/0x2f0 [ 571.711308][T14342] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 571.711329][T14342] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 571.711350][T14342] idr_get_free+0x528/0xa30 [ 571.711373][T14342] idr_alloc_u32+0x190/0x2f0 [ 571.711393][T14342] ? __pfx_idr_alloc_u32+0x10/0x10 [ 571.711413][T14342] ? rcu_is_watching+0x12/0xc0 [ 571.711432][T14342] idr_alloc_cyclic+0x10b/0x230 [ 571.711461][T14342] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 571.711481][T14342] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 571.711509][T14342] map_create+0xae3/0x1f80 [ 571.711535][T14342] ? __pfx_map_create+0x10/0x10 [ 571.711557][T14342] ? __might_fault+0x13b/0x190 [ 571.711576][T14342] ? rcu_is_watching+0x12/0xc0 [ 571.711593][T14342] ? __might_fault+0xe3/0x190 [ 571.711611][T14342] ? lock_release+0x201/0x2f0 [ 571.711637][T14342] __sys_bpf+0x44d2/0x4de0 [ 571.711662][T14342] ? __pfx___sys_bpf+0x10/0x10 [ 571.711687][T14342] ? ksys_write+0x190/0x250 [ 571.711706][T14342] ? rcu_is_watching+0x12/0xc0 [ 571.711723][T14342] ? lock_release+0x201/0x2f0 [ 571.711745][T14342] ? do_futex+0x122/0x350 [ 571.711766][T14342] ? __pfx_do_futex+0x10/0x10 [ 571.711790][T14342] ? fput+0x9b/0xd0 [ 571.711813][T14342] ? xfd_validate_state+0x61/0x180 [ 571.711837][T14342] ? __pfx_ksys_write+0x10/0x10 [ 571.711858][T14342] __x64_sys_bpf+0x78/0xc0 [ 571.711883][T14342] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 571.711909][T14342] do_syscall_64+0xcd/0x490 [ 571.711932][T14342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.711950][T14342] RIP: 0033:0x7f9260b8ebe9 [ 571.711964][T14342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 571.711982][T14342] RSP: 002b:00007f92619b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 571.712000][T14342] RAX: ffffffffffffffda RBX: 00007f9260db5fa0 RCX: 00007f9260b8ebe9 [ 571.712011][T14342] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000000 [ 571.712021][T14342] RBP: 00007f9260c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 571.712031][T14342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 571.712042][T14342] R13: 00007f9260db6038 R14: 00007f9260db5fa0 R15: 00007ffc882b73c8 [ 571.712057][T14342] [ 572.319074][T14346] FAULT_INJECTION: forcing a failure. [ 572.319074][T14346] name failslab, interval 1, probability 0, space 0, times 0 [ 572.358238][T14346] CPU: 1 UID: 0 PID: 14346 Comm: syz.3.1466 Not tainted syzkaller #0 PREEMPT(full) [ 572.358271][T14346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 572.358282][T14346] Call Trace: [ 572.358287][T14346] [ 572.358294][T14346] dump_stack_lvl+0x16c/0x1f0 [ 572.358320][T14346] should_fail_ex+0x512/0x640 [ 572.358347][T14346] should_failslab+0xc2/0x120 [ 572.358371][T14346] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 572.358394][T14346] ? __alloc_workqueue+0xc5b/0x1810 [ 572.358418][T14346] ? rcu_is_watching+0x12/0xc0 [ 572.358435][T14346] ? kasprintf+0xc7/0x100 [ 572.358452][T14346] kvasprintf+0xbc/0x160 [ 572.358475][T14346] ? __pfx_kvasprintf+0x10/0x10 [ 572.358491][T14346] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 572.358515][T14346] ? rcu_is_watching+0x12/0xc0 [ 572.358532][T14346] kasprintf+0xc7/0x100 [ 572.358547][T14346] ? __pfx_kasprintf+0x10/0x10 [ 572.358563][T14346] ? __is_module_percpu_address+0x1e0/0x440 [ 572.358589][T14346] alloc_workqueue_noprof+0x114/0x200 [ 572.358612][T14346] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 572.358637][T14346] ? rcu_is_watching+0x12/0xc0 [ 572.358660][T14346] ? __kmalloc_noprof+0x242/0x510 [ 572.358690][T14346] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 572.358724][T14346] ieee80211_register_hw+0x1e8f/0x4060 [ 572.358751][T14346] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 572.358776][T14346] ? net_generic+0xea/0x2a0 [ 572.358799][T14346] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 572.358823][T14346] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 572.358845][T14346] ? __hrtimer_setup+0x176/0x280 [ 572.358877][T14346] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 572.358905][T14346] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 572.358925][T14346] hwsim_new_radio_nl+0xb51/0x12c0 [ 572.358942][T14346] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 572.358961][T14346] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 572.358990][T14346] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 572.359020][T14346] genl_family_rcv_msg_doit+0x206/0x2f0 [ 572.359046][T14346] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 572.359075][T14346] ? bpf_lsm_capable+0x9/0x10 [ 572.359091][T14346] ? security_capable+0x7e/0x260 [ 572.359109][T14346] ? ns_capable+0xd7/0x110 [ 572.359128][T14346] genl_rcv_msg+0x55c/0x800 [ 572.359154][T14346] ? __pfx_genl_rcv_msg+0x10/0x10 [ 572.359179][T14346] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 572.359198][T14346] netlink_rcv_skb+0x155/0x420 [ 572.359221][T14346] ? __pfx_genl_rcv_msg+0x10/0x10 [ 572.359246][T14346] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 572.359272][T14346] ? netlink_deliver_tap+0x1ae/0xd30 [ 572.359294][T14346] genl_rcv+0x28/0x40 [ 572.359317][T14346] netlink_unicast+0x5aa/0x870 [ 572.359340][T14346] ? __pfx_netlink_unicast+0x10/0x10 [ 572.359363][T14346] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 572.359388][T14346] netlink_sendmsg+0x8d1/0xdd0 [ 572.359412][T14346] ? __pfx_netlink_sendmsg+0x10/0x10 [ 572.359435][T14346] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 572.359455][T14346] ____sys_sendmsg+0xa95/0xc70 [ 572.359489][T14346] ? copy_msghdr_from_user+0x10a/0x160 [ 572.359510][T14346] ? __pfx_____sys_sendmsg+0x10/0x10 [ 572.359535][T14346] ? preempt_schedule_thunk+0x16/0x30 [ 572.359560][T14346] ? try_to_wake_up+0xa67/0x1870 [ 572.359578][T14346] ___sys_sendmsg+0x134/0x1d0 [ 572.359599][T14346] ? __pfx____sys_sendmsg+0x10/0x10 [ 572.359621][T14346] ? futex_private_hash_put+0x11c/0x300 [ 572.359644][T14346] ? rcu_is_watching+0x12/0xc0 [ 572.359667][T14346] __sys_sendmsg+0x16d/0x220 [ 572.359689][T14346] ? __pfx___sys_sendmsg+0x10/0x10 [ 572.359710][T14346] ? __x64_sys_futex+0x1e0/0x4c0 [ 572.359737][T14346] do_syscall_64+0xcd/0x490 [ 572.359760][T14346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 572.359777][T14346] RIP: 0033:0x7f9260b8ebe9 [ 572.359792][T14346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 572.359810][T14346] RSP: 002b:00007f92619b9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 572.359828][T14346] RAX: ffffffffffffffda RBX: 00007f9260db5fa0 RCX: 00007f9260b8ebe9 [ 572.359840][T14346] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000007 [ 572.359850][T14346] RBP: 00007f9260c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 572.359860][T14346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 572.359870][T14346] R13: 00007f9260db6038 R14: 00007f9260db5fa0 R15: 00007ffc882b73c8 [ 572.359885][T14346] [ 573.427252][T14372] : Can't lookup blockdev [ 573.442251][T14372] FAULT_INJECTION: forcing a failure. [ 573.442251][T14372] name failslab, interval 1, probability 0, space 0, times 0 [ 573.465794][T14372] CPU: 1 UID: 0 PID: 14372 Comm: syz.0.1477 Not tainted syzkaller #0 PREEMPT(full) [ 573.465836][T14372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 573.465858][T14372] Call Trace: [ 573.465867][T14372] [ 573.465877][T14372] dump_stack_lvl+0x16c/0x1f0 [ 573.465918][T14372] should_fail_ex+0x512/0x640 [ 573.465957][T14372] should_failslab+0xc2/0x120 [ 573.465992][T14372] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 573.466024][T14372] ? sctp_auth_shkey_create+0x15c/0x210 [ 573.466056][T14372] ? __d_alloc+0x32/0xae0 [ 573.466086][T14372] ? sctp_endpoint_new+0x84f/0xcd0 [ 573.466119][T14372] __d_alloc+0x32/0xae0 [ 573.466152][T14372] d_alloc_pseudo+0x1c/0xc0 [ 573.466189][T14372] alloc_file_pseudo+0xcf/0x230 [ 573.466226][T14372] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 573.466264][T14372] ? alloc_fd+0x471/0x7d0 [ 573.466293][T14372] sock_alloc_file+0x50/0x210 [ 573.466329][T14372] __sys_socket+0x1c0/0x260 [ 573.466354][T14372] ? __pfx___sys_socket+0x10/0x10 [ 573.466379][T14372] ? xfd_validate_state+0x61/0x180 [ 573.466420][T14372] __x64_sys_socket+0x72/0xb0 [ 573.466445][T14372] do_syscall_64+0xcd/0x490 [ 573.466479][T14372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.466506][T14372] RIP: 0033:0x7f059e98ebe9 [ 573.466527][T14372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 573.466555][T14372] RSP: 002b:00007f059f856038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 573.466583][T14372] RAX: ffffffffffffffda RBX: 00007f059ebb5fa0 RCX: 00007f059e98ebe9 [ 573.466602][T14372] RDX: 0000000000000084 RSI: 0000000000000801 RDI: 000000000000000a [ 573.466618][T14372] RBP: 00007f059ea11e19 R08: 0000000000000000 R09: 0000000000000000 [ 573.466635][T14372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 573.466652][T14372] R13: 00007f059ebb6038 R14: 00007f059ebb5fa0 R15: 00007ffff6eb9b48 [ 573.466678][T14372] [ 573.688413][T14353] ptrace attach of "./syz-executor exec"[5859] was attempted by "./syz-executor exec"[14353] [ 573.805383][T14379] FAULT_INJECTION: forcing a failure. [ 573.805383][T14379] name failslab, interval 1, probability 0, space 0, times 0 [ 573.819457][T14379] CPU: 1 UID: 0 PID: 14379 Comm: syz.0.1471 Not tainted syzkaller #0 PREEMPT(full) [ 573.819513][T14379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 573.819530][T14379] Call Trace: [ 573.819540][T14379] [ 573.819550][T14379] dump_stack_lvl+0x16c/0x1f0 [ 573.819593][T14379] should_fail_ex+0x512/0x640 [ 573.819638][T14379] should_failslab+0xc2/0x120 [ 573.819678][T14379] __kmalloc_cache_noprof+0x6a/0x3e0 [ 573.819709][T14379] ? snd_ctl_get_preferred_subdevice+0x184/0x200 [ 573.819740][T14379] ? snd_pcm_attach_substream+0x441/0xd60 [ 573.819772][T14379] snd_pcm_attach_substream+0x441/0xd60 [ 573.819811][T14379] snd_pcm_open_substream+0x8d/0x17f0 [ 573.819849][T14379] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 573.819884][T14379] snd_pcm_oss_open+0x735/0x1400 [ 573.819932][T14379] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 573.819976][T14379] ? tomoyo_check_open_permission+0x20e/0x3c0 [ 573.820011][T14379] ? __pfx_default_wake_function+0x10/0x10 [ 573.820040][T14379] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.820074][T14379] ? do_raw_spin_lock+0x12c/0x2b0 [ 573.820118][T14379] ? rcu_is_watching+0x12/0xc0 [ 573.820148][T14379] ? lock_release+0x201/0x2f0 [ 573.820186][T14379] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 573.820232][T14379] soundcore_open+0x409/0x580 [ 573.820271][T14379] ? __pfx_soundcore_open+0x10/0x10 [ 573.820311][T14379] chrdev_open+0x231/0x6a0 [ 573.820348][T14379] ? __pfx_apparmor_file_open+0x10/0x10 [ 573.820379][T14379] ? __pfx_chrdev_open+0x10/0x10 [ 573.820416][T14379] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 573.820449][T14379] do_dentry_open+0x97f/0x1530 [ 573.820495][T14379] ? __pfx_chrdev_open+0x10/0x10 [ 573.820533][T14379] vfs_open+0x82/0x3f0 [ 573.820578][T14379] path_openat+0x1de4/0x2cb0 [ 573.820620][T14379] ? __pfx_path_openat+0x10/0x10 [ 573.820660][T14379] do_filp_open+0x20b/0x470 [ 573.820694][T14379] ? __pfx_do_filp_open+0x10/0x10 [ 573.820739][T14379] ? alloc_fd+0x471/0x7d0 [ 573.820774][T14379] do_sys_openat2+0x11b/0x1d0 [ 573.820819][T14379] ? __pfx_do_sys_openat2+0x10/0x10 [ 573.820863][T14379] ? rcu_is_watching+0x12/0xc0 [ 573.820893][T14379] ? __fget_files+0x204/0x3c0 [ 573.820927][T14379] __x64_sys_openat+0x174/0x210 [ 573.820973][T14379] ? __pfx___x64_sys_openat+0x10/0x10 [ 573.821026][T14379] do_syscall_64+0xcd/0x490 [ 573.821067][T14379] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.821098][T14379] RIP: 0033:0x7f059e98ebe9 [ 573.821122][T14379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 573.821151][T14379] RSP: 002b:00007f059f856038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 573.821181][T14379] RAX: ffffffffffffffda RBX: 00007f059ebb5fa0 RCX: 00007f059e98ebe9 [ 573.821201][T14379] RDX: 0000000000080502 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 573.821220][T14379] RBP: 00007f059ea11e19 R08: 0000000000000000 R09: 0000000000000000 [ 573.821239][T14379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 573.821257][T14379] R13: 00007f059ebb6038 R14: 00007f059ebb5fa0 R15: 00007ffff6eb9b48 [ 573.821284][T14379] [ 575.215721][T14391] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[14391] [ 576.000078][T14419] ptrace attach of "./syz-executor exec"[14420] was attempted by "./syz-executor exec"[14419] [ 576.740562][T14422] svc: failed to register nfsdv3 RPC service (errno 111). [ 576.750664][T14422] svc: failed to register nfsaclv3 RPC service (errno 111). [ 577.257569][T14443] FAULT_INJECTION: forcing a failure. [ 577.257569][T14443] name failslab, interval 1, probability 0, space 0, times 0 [ 577.280516][T14443] CPU: 0 UID: 0 PID: 14443 Comm: syz.0.1484 Not tainted syzkaller #0 PREEMPT(full) [ 577.280555][T14443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 577.280566][T14443] Call Trace: [ 577.280572][T14443] [ 577.280579][T14443] dump_stack_lvl+0x16c/0x1f0 [ 577.280606][T14443] should_fail_ex+0x512/0x640 [ 577.280632][T14443] should_failslab+0xc2/0x120 [ 577.280656][T14443] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 577.280679][T14443] ? rcu_is_watching+0x12/0xc0 [ 577.280697][T14443] ? snd_pcm_hw_rule_add+0x414/0x5a0 [ 577.280724][T14443] krealloc_noprof+0x1ff/0x3a0 [ 577.280744][T14443] snd_pcm_hw_rule_add+0x414/0x5a0 [ 577.280769][T14443] ? __pfx_snd_pcm_hw_rule_format+0x10/0x10 [ 577.280786][T14443] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10 [ 577.280811][T14443] ? lockdep_init_map_type+0x5c/0x280 [ 577.280835][T14443] ? debug_mutex_init+0x37/0x70 [ 577.280856][T14443] ? snd_pcm_attach_substream+0x89d/0xd60 [ 577.280878][T14443] snd_pcm_open_substream+0x534/0x17f0 [ 577.280898][T14443] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 577.280920][T14443] snd_pcm_oss_open+0x735/0x1400 [ 577.280950][T14443] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 577.280977][T14443] ? tomoyo_check_open_permission+0x20e/0x3c0 [ 577.280999][T14443] ? __pfx_default_wake_function+0x10/0x10 [ 577.281017][T14443] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.281039][T14443] ? do_raw_spin_lock+0x12c/0x2b0 [ 577.281064][T14443] ? rcu_is_watching+0x12/0xc0 [ 577.281081][T14443] ? lock_release+0x201/0x2f0 [ 577.281102][T14443] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 577.281129][T14443] soundcore_open+0x409/0x580 [ 577.281152][T14443] ? __pfx_soundcore_open+0x10/0x10 [ 577.281175][T14443] chrdev_open+0x231/0x6a0 [ 577.281196][T14443] ? __pfx_apparmor_file_open+0x10/0x10 [ 577.281215][T14443] ? __pfx_chrdev_open+0x10/0x10 [ 577.281237][T14443] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 577.281258][T14443] do_dentry_open+0x97f/0x1530 [ 577.281280][T14443] ? __pfx_chrdev_open+0x10/0x10 [ 577.281303][T14443] vfs_open+0x82/0x3f0 [ 577.281328][T14443] path_openat+0x1de4/0x2cb0 [ 577.281350][T14443] ? __pfx_path_openat+0x10/0x10 [ 577.281372][T14443] do_filp_open+0x20b/0x470 [ 577.281391][T14443] ? __pfx_do_filp_open+0x10/0x10 [ 577.281417][T14443] ? alloc_fd+0x471/0x7d0 [ 577.281437][T14443] do_sys_openat2+0x11b/0x1d0 [ 577.281469][T14443] ? __pfx_do_sys_openat2+0x10/0x10 [ 577.281495][T14443] ? __sys_sendmsg+0x18c/0x220 [ 577.281519][T14443] __x64_sys_openat+0x174/0x210 [ 577.281545][T14443] ? __pfx___x64_sys_openat+0x10/0x10 [ 577.281575][T14443] do_syscall_64+0xcd/0x490 [ 577.281598][T14443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.281615][T14443] RIP: 0033:0x7f059e98ebe9 [ 577.281630][T14443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 577.281648][T14443] RSP: 002b:00007f059f856038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 577.281666][T14443] RAX: ffffffffffffffda RBX: 00007f059ebb5fa0 RCX: 00007f059e98ebe9 [ 577.281677][T14443] RDX: 0000000000080502 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 577.281688][T14443] RBP: 00007f059ea11e19 R08: 0000000000000000 R09: 0000000000000000 [ 577.281698][T14443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 577.281708][T14443] R13: 00007f059ebb6038 R14: 00007f059ebb5fa0 R15: 00007ffff6eb9b48 [ 577.281724][T14443] [ 578.437836][T14469] random: crng reseeded on system resumption [ 579.626937][T14492] FAULT_INJECTION: forcing a failure. [ 579.626937][T14492] name failslab, interval 1, probability 0, space 0, times 0 [ 579.756075][T14492] CPU: 0 UID: 0 PID: 14492 Comm: syz.1.1495 Not tainted syzkaller #0 PREEMPT(full) [ 579.756118][T14492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 579.756142][T14492] Call Trace: [ 579.756152][T14492] [ 579.756162][T14492] dump_stack_lvl+0x16c/0x1f0 [ 579.756202][T14492] should_fail_ex+0x512/0x640 [ 579.756238][T14492] should_failslab+0xc2/0x120 [ 579.756280][T14492] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 579.756303][T14492] ? rcu_is_watching+0x12/0xc0 [ 579.756321][T14492] ? snd_pcm_hw_rule_add+0x414/0x5a0 [ 579.756347][T14492] krealloc_noprof+0x1ff/0x3a0 [ 579.756369][T14492] snd_pcm_hw_rule_add+0x414/0x5a0 [ 579.756392][T14492] ? __pfx_snd_pcm_hw_rule_format+0x10/0x10 [ 579.756413][T14492] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10 [ 579.756439][T14492] ? lockdep_init_map_type+0x5c/0x280 [ 579.756463][T14492] ? debug_mutex_init+0x37/0x70 [ 579.756480][T14492] ? snd_pcm_attach_substream+0x89d/0xd60 [ 579.756502][T14492] snd_pcm_open_substream+0x534/0x17f0 [ 579.756522][T14492] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 579.756544][T14492] snd_pcm_oss_open+0x735/0x1400 [ 579.756575][T14492] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 579.756601][T14492] ? tomoyo_check_open_permission+0x20e/0x3c0 [ 579.756623][T14492] ? __pfx_default_wake_function+0x10/0x10 [ 579.756641][T14492] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 579.756668][T14492] ? do_raw_spin_lock+0x12c/0x2b0 [ 579.756694][T14492] ? rcu_is_watching+0x12/0xc0 [ 579.756710][T14492] ? lock_release+0x201/0x2f0 [ 579.756732][T14492] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 579.756758][T14492] soundcore_open+0x409/0x580 [ 579.756783][T14492] ? __pfx_soundcore_open+0x10/0x10 [ 579.756805][T14492] chrdev_open+0x231/0x6a0 [ 579.756827][T14492] ? __pfx_apparmor_file_open+0x10/0x10 [ 579.756847][T14492] ? __pfx_chrdev_open+0x10/0x10 [ 579.756869][T14492] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 579.756891][T14492] do_dentry_open+0x97f/0x1530 [ 579.756912][T14492] ? __pfx_chrdev_open+0x10/0x10 [ 579.756935][T14492] vfs_open+0x82/0x3f0 [ 579.756960][T14492] path_openat+0x1de4/0x2cb0 [ 579.756984][T14492] ? __pfx_path_openat+0x10/0x10 [ 579.757005][T14492] do_filp_open+0x20b/0x470 [ 579.757025][T14492] ? __pfx_do_filp_open+0x10/0x10 [ 579.757051][T14492] ? alloc_fd+0x471/0x7d0 [ 579.757071][T14492] do_sys_openat2+0x11b/0x1d0 [ 579.757103][T14492] ? __pfx_do_sys_openat2+0x10/0x10 [ 579.757143][T14492] ? __sys_sendmsg+0x18c/0x220 [ 579.757170][T14492] __x64_sys_openat+0x174/0x210 [ 579.757196][T14492] ? __pfx___x64_sys_openat+0x10/0x10 [ 579.757226][T14492] do_syscall_64+0xcd/0x490 [ 579.757249][T14492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 579.757267][T14492] RIP: 0033:0x7f23b598ebe9 [ 579.757281][T14492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 579.757299][T14492] RSP: 002b:00007f23b689c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 579.757318][T14492] RAX: ffffffffffffffda RBX: 00007f23b5bb5fa0 RCX: 00007f23b598ebe9 [ 579.757330][T14492] RDX: 0000000000080502 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 579.757341][T14492] RBP: 00007f23b5a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 579.757352][T14492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 579.757362][T14492] R13: 00007f23b5bb6038 R14: 00007f23b5bb5fa0 R15: 00007ffe4577b2c8 [ 579.757377][T14492] [ 581.527729][T14521] ptrace attach of "./syz-executor exec"[5859] was attempted by "./syz-executor exec"[14521] [ 583.082918][T14565] svc: failed to register nfsdv3 RPC service (errno 111). [ 583.119027][T14565] svc: failed to register nfsaclv3 RPC service (errno 111). [ 585.819338][T14625] FAULT_INJECTION: forcing a failure. [ 585.819338][T14625] name failslab, interval 1, probability 0, space 0, times 0 [ 586.027425][T14625] CPU: 0 UID: 0 PID: 14625 Comm: syz.1.1519 Not tainted syzkaller #0 PREEMPT(full) [ 586.027467][T14625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 586.027484][T14625] Call Trace: [ 586.027494][T14625] [ 586.027505][T14625] dump_stack_lvl+0x16c/0x1f0 [ 586.027547][T14625] should_fail_ex+0x512/0x640 [ 586.027590][T14625] should_failslab+0xc2/0x120 [ 586.027626][T14625] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 586.027659][T14625] ? zswap_store+0x839/0x25a0 [ 586.027704][T14625] zswap_store+0x839/0x25a0 [ 586.027744][T14625] ? xas_nomem+0x151/0x2c0 [ 586.027780][T14625] ? add_to_swap_cache+0xa95/0xe40 [ 586.027809][T14625] ? __pfx_zswap_store+0x10/0x10 [ 586.027850][T14625] ? do_raw_spin_lock+0x12c/0x2b0 [ 586.027893][T14625] ? folio_free_swap+0x171/0x580 [ 586.027926][T14625] ? rcu_is_watching+0x12/0xc0 [ 586.027955][T14625] ? lock_release+0x201/0x2f0 [ 586.027991][T14625] ? do_raw_spin_unlock+0x172/0x230 [ 586.028032][T14625] ? swp_swap_info+0xce/0x130 [ 586.028068][T14625] ? __pfx_swp_swap_info+0x10/0x10 [ 586.028107][T14625] ? mod_memcg_lruvec_state+0x389/0x5f0 [ 586.028159][T14625] swap_writeout+0x3b2/0xfe0 [ 586.028205][T14625] shmem_writeout+0xc29/0x1140 [ 586.028237][T14625] ? __pfx_shmem_writeout+0x10/0x10 [ 586.028269][T14625] ? inode_to_bdi+0x9e/0x160 [ 586.028304][T14625] ? folio_clear_dirty_for_io+0x112/0x810 [ 586.028350][T14625] shrink_folio_list+0x2f4c/0x4880 [ 586.028391][T14625] ? __pfx_shrink_folio_list+0x10/0x10 [ 586.028452][T14625] reclaim_folio_list+0xda/0x5d0 [ 586.028478][T14625] ? __pfx_css_rstat_updated+0x10/0x10 [ 586.028509][T14625] ? __pfx_reclaim_folio_list+0x10/0x10 [ 586.028544][T14625] ? lru_gen_update_size+0x543/0xe10 [ 586.028576][T14625] ? lru_gen_del_folio+0x32b/0x540 [ 586.028603][T14625] reclaim_pages+0x47b/0x650 [ 586.028634][T14625] ? __pfx_reclaim_pages+0x10/0x10 [ 586.028663][T14625] ? rcu_is_watching+0x12/0xc0 [ 586.028691][T14625] ? lock_release+0x201/0x2f0 [ 586.028729][T14625] madvise_cold_or_pageout_pte_range+0x1546/0x2120 [ 586.028780][T14625] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 586.028828][T14625] ? __pfx_stack_trace_save+0x10/0x10 [ 586.028860][T14625] ? css_rstat_updated+0x1c2/0x510 [ 586.028888][T14625] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 586.028933][T14625] walk_pgd_range+0xc02/0x1f50 [ 586.028979][T14625] ? __pfx_walk_pgd_range+0x10/0x10 [ 586.029018][T14625] __walk_page_range+0x163/0x820 [ 586.029053][T14625] ? rcu_is_watching+0x12/0xc0 [ 586.029083][T14625] ? folio_batch_move_lru+0x2c3/0x3b0 [ 586.029122][T14625] walk_page_range_vma+0x2c7/0xa20 [ 586.029160][T14625] ? __pfx_walk_page_range_vma+0x10/0x10 [ 586.029204][T14625] madvise_pageout+0x257/0x540 [ 586.029245][T14625] ? __pfx_madvise_pageout+0x10/0x10 [ 586.029284][T14625] ? rcu_is_watching+0x12/0xc0 [ 586.029319][T14625] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 586.029356][T14625] madvise_vma_behavior+0xb22/0x2d60 [ 586.029407][T14625] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 586.029444][T14625] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 586.029486][T14625] ? __pfx_mas_prev+0x10/0x10 [ 586.029526][T14625] ? find_vma_prev+0xda/0x160 [ 586.029567][T14625] ? __pfx_find_vma_prev+0x10/0x10 [ 586.029613][T14625] ? kstrtouint+0xdd/0x130 [ 586.029647][T14625] madvise_walk_vmas+0x31f/0x9c0 [ 586.029691][T14625] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 586.029731][T14625] ? rcu_is_watching+0x12/0xc0 [ 586.029762][T14625] madvise_do_behavior+0x1e2/0x530 [ 586.029806][T14625] ? __pfx_madvise_do_behavior+0x10/0x10 [ 586.029848][T14625] ? down_read+0x13d/0x480 [ 586.029890][T14625] ? preempt_count_add+0x76/0x150 [ 586.029935][T14625] do_madvise+0x176/0x240 [ 586.029974][T14625] ? __pfx_do_madvise+0x10/0x10 [ 586.030013][T14625] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 586.030055][T14625] ? __fget_files+0x20e/0x3c0 [ 586.030092][T14625] ? __pfx_ksys_write+0x10/0x10 [ 586.030129][T14625] __x64_sys_madvise+0xa9/0x110 [ 586.030169][T14625] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 586.030213][T14625] do_syscall_64+0xcd/0x490 [ 586.030252][T14625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 586.030282][T14625] RIP: 0033:0x7f23b598ebe9 [ 586.030305][T14625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 586.030333][T14625] RSP: 002b:00007f23b6839038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 586.030361][T14625] RAX: ffffffffffffffda RBX: 00007f23b5bb6270 RCX: 00007f23b598ebe9 [ 586.030381][T14625] RDX: 0000000000000015 RSI: 000000000000f663 RDI: 0000000000000000 [ 586.030408][T14625] RBP: 00007f23b6839090 R08: 0000000000000000 R09: 0000000000000000 [ 586.030426][T14625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 586.030443][T14625] R13: 00007f23b5bb6308 R14: 00007f23b5bb6270 R15: 00007ffe4577b2c8 [ 586.030470][T14625] [ 587.052797][T14634] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1521'. [ 587.063637][T14634] FAULT_INJECTION: forcing a failure. [ 587.063637][T14634] name failslab, interval 1, probability 0, space 0, times 0 [ 587.076410][T14634] CPU: 0 UID: 0 PID: 14634 Comm: syz.3.1521 Not tainted syzkaller #0 PREEMPT(full) [ 587.076457][T14634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 587.076473][T14634] Call Trace: [ 587.076483][T14634] [ 587.076493][T14634] dump_stack_lvl+0x16c/0x1f0 [ 587.076534][T14634] should_fail_ex+0x512/0x640 [ 587.076574][T14634] should_failslab+0xc2/0x120 [ 587.076612][T14634] __kmalloc_node_noprof+0xd8/0x500 [ 587.076642][T14634] ? __get_vm_area_node+0x208/0x330 [ 587.076668][T14634] ? __vmalloc_node_range_noprof+0x3e5/0x14b0 [ 587.076686][T14634] __vmalloc_node_range_noprof+0x3e5/0x14b0 [ 587.076706][T14634] ? n_tty_open+0x1a/0x170 [ 587.076733][T14634] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 587.076752][T14634] ? n_tty_open+0x12b/0x170 [ 587.076776][T14634] ? rcu_is_watching+0x12/0xc0 [ 587.076794][T14634] ? n_tty_open+0x1a/0x170 [ 587.076819][T14634] __vmalloc_node_noprof+0xad/0xf0 [ 587.076834][T14634] ? n_tty_open+0x1a/0x170 [ 587.076859][T14634] ? __pfx_n_tty_open+0x10/0x10 [ 587.076885][T14634] n_tty_open+0x1a/0x170 [ 587.076909][T14634] ? __pfx_n_tty_open+0x10/0x10 [ 587.076934][T14634] tty_ldisc_open+0x9f/0x120 [ 587.076953][T14634] tty_ldisc_setup+0x87/0x100 [ 587.076973][T14634] tty_init_dev.part.0+0x1ec/0x500 [ 587.076998][T14634] tty_open+0xa50/0xf90 [ 587.077022][T14634] ? __pfx_tty_open+0x10/0x10 [ 587.077045][T14634] ? chrdev_open+0x58c/0x6a0 [ 587.077066][T14634] ? lock_release+0x201/0x2f0 [ 587.077090][T14634] ? __pfx_tty_open+0x10/0x10 [ 587.077113][T14634] chrdev_open+0x231/0x6a0 [ 587.077135][T14634] ? __pfx_chrdev_open+0x10/0x10 [ 587.077157][T14634] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 587.077179][T14634] do_dentry_open+0x97f/0x1530 [ 587.077199][T14634] ? __pfx_chrdev_open+0x10/0x10 [ 587.077223][T14634] vfs_open+0x82/0x3f0 [ 587.077247][T14634] path_openat+0x1de4/0x2cb0 [ 587.077269][T14634] ? __pfx_path_openat+0x10/0x10 [ 587.077291][T14634] do_filp_open+0x20b/0x470 [ 587.077310][T14634] ? __pfx_do_filp_open+0x10/0x10 [ 587.077336][T14634] ? alloc_fd+0x471/0x7d0 [ 587.077356][T14634] do_sys_openat2+0x11b/0x1d0 [ 587.077381][T14634] ? __pfx_do_sys_openat2+0x10/0x10 [ 587.077410][T14634] __x64_sys_openat+0x174/0x210 [ 587.077436][T14634] ? __pfx___x64_sys_openat+0x10/0x10 [ 587.077477][T14634] do_syscall_64+0xcd/0x490 [ 587.077501][T14634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 587.077520][T14634] RIP: 0033:0x7f9260b8ebe9 [ 587.077535][T14634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 587.077552][T14634] RSP: 002b:00007f92619b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 587.077570][T14634] RAX: ffffffffffffffda RBX: 00007f9260db5fa0 RCX: 00007f9260b8ebe9 [ 587.077582][T14634] RDX: 0000000000040001 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 587.077593][T14634] RBP: 00007f9260c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 587.077604][T14634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 587.077614][T14634] R13: 00007f9260db6038 R14: 00007f9260db5fa0 R15: 00007ffc882b73c8 [ 587.077630][T14634] [ 587.077775][T14634] syz.3.1521: vmalloc error: size 12288, failed to allocated page array size 24, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null) [ 587.429482][T14635] random: crng reseeded on system resumption [ 587.456006][T14634] ,cpuset=/,mems_allowed=0-1 [ 587.461138][T14634] CPU: 1 UID: 0 PID: 14634 Comm: syz.3.1521 Not tainted syzkaller #0 PREEMPT(full) [ 587.461178][T14634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 587.461197][T14634] Call Trace: [ 587.461206][T14634] [ 587.461216][T14634] dump_stack_lvl+0x16c/0x1f0 [ 587.461261][T14634] warn_alloc+0x248/0x3a0 [ 587.461296][T14634] ? __pfx_warn_alloc+0x10/0x10 [ 587.461329][T14634] ? dump_stack_lvl+0x1a3/0x1f0 [ 587.461369][T14634] ? rcu_is_watching+0x12/0xc0 [ 587.461400][T14634] ? trace_kmalloc+0x2b/0xd0 [ 587.461445][T14634] ? __get_vm_area_node+0x208/0x330 [ 587.461494][T14634] __vmalloc_node_range_noprof+0x101b/0x14b0 [ 587.461531][T14634] ? n_tty_open+0x1a/0x170 [ 587.461581][T14634] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 587.461614][T14634] ? n_tty_open+0x12b/0x170 [ 587.461658][T14634] ? rcu_is_watching+0x12/0xc0 [ 587.461700][T14634] ? n_tty_open+0x1a/0x170 [ 587.461743][T14634] __vmalloc_node_noprof+0xad/0xf0 [ 587.461771][T14634] ? n_tty_open+0x1a/0x170 [ 587.461815][T14634] ? __pfx_n_tty_open+0x10/0x10 [ 587.461861][T14634] n_tty_open+0x1a/0x170 [ 587.461906][T14634] ? __pfx_n_tty_open+0x10/0x10 [ 587.461950][T14634] tty_ldisc_open+0x9f/0x120 [ 587.461985][T14634] tty_ldisc_setup+0x87/0x100 [ 587.462022][T14634] tty_init_dev.part.0+0x1ec/0x500 [ 587.462067][T14634] tty_open+0xa50/0xf90 [ 587.462111][T14634] ? __pfx_tty_open+0x10/0x10 [ 587.462152][T14634] ? chrdev_open+0x58c/0x6a0 [ 587.462190][T14634] ? lock_release+0x201/0x2f0 [ 587.462231][T14634] ? __pfx_tty_open+0x10/0x10 [ 587.462272][T14634] chrdev_open+0x231/0x6a0 [ 587.462310][T14634] ? __pfx_chrdev_open+0x10/0x10 [ 587.462350][T14634] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 587.462389][T14634] do_dentry_open+0x97f/0x1530 [ 587.462424][T14634] ? __pfx_chrdev_open+0x10/0x10 [ 587.462465][T14634] vfs_open+0x82/0x3f0 [ 587.462510][T14634] path_openat+0x1de4/0x2cb0 [ 587.462550][T14634] ? __pfx_path_openat+0x10/0x10 [ 587.462589][T14634] do_filp_open+0x20b/0x470 [ 587.462625][T14634] ? __pfx_do_filp_open+0x10/0x10 [ 587.462678][T14634] ? alloc_fd+0x471/0x7d0 [ 587.462715][T14634] do_sys_openat2+0x11b/0x1d0 [ 587.462759][T14634] ? __pfx_do_sys_openat2+0x10/0x10 [ 587.462812][T14634] __x64_sys_openat+0x174/0x210 [ 587.462859][T14634] ? __pfx___x64_sys_openat+0x10/0x10 [ 587.462912][T14634] do_syscall_64+0xcd/0x490 [ 587.462954][T14634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 587.462984][T14634] RIP: 0033:0x7f9260b8ebe9 [ 587.463008][T14634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 587.463037][T14634] RSP: 002b:00007f92619b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 587.463067][T14634] RAX: ffffffffffffffda RBX: 00007f9260db5fa0 RCX: 00007f9260b8ebe9 [ 587.463087][T14634] RDX: 0000000000040001 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 587.463107][T14634] RBP: 00007f9260c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 587.463126][T14634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 587.463143][T14634] R13: 00007f9260db6038 R14: 00007f9260db5fa0 R15: 00007ffc882b73c8 [ 587.463171][T14634] [ 587.463500][T14634] Mem-Info: [ 587.950969][T14634] active_anon:69569 inactive_anon:23 isolated_anon:0 [ 587.950969][T14634] active_file:14053 inactive_file:45388 isolated_file:0 [ 587.950969][T14634] unevictable:768 dirty:965 writeback:0 [ 587.950969][T14634] slab_reclaimable:11447 slab_unreclaimable:93096 [ 587.950969][T14634] mapped:45639 shmem:54785 pagetables:1334 [ 587.950969][T14634] sec_pagetables:0 bounce:0 [ 587.950969][T14634] kernel_misc_reclaimable:0 [ 587.950969][T14634] free:1252511 free_pcp:16771 free_cma:0 [ 588.078182][T14634] Node 0 active_anon:277712kB inactive_anon:92kB active_file:56212kB inactive_file:181356kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:180880kB dirty:3864kB writeback:0kB shmem:217192kB shmem_thp:2048kB shmem_pmdmapped:2048kB anon_thp:0kB kernel_stack:11088kB pagetables:5212kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 588.233837][T14634] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 588.345097][T14634] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 588.396138][T14634] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 588.402018][T14634] Node 0 DMA32 free:1097524kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:279968kB inactive_anon:92kB active_file:56212kB inactive_file:180028kB unevictable:1536kB writepending:3864kB present:3129332kB managed:2539600kB mlocked:0kB bounce:0kB free_pcp:48688kB local_pcp:25568kB free_cma:0kB [ 588.465687][T14634] lowmem_reserve[]: 0 0 1 1 1 [ 588.470537][T14634] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1328kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 588.545609][T14634] lowmem_reserve[]: 0 0 0 0 0 [ 588.550710][T14634] Node 1 Normal free:3890056kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:24360kB local_pcp:3540kB free_cma:0kB [ 588.613143][T14634] lowmem_reserve[]: 0 0 0 0 0 [ 588.620765][T14634] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 588.643876][T14634] Node 0 DMA32: 1*4kB (M) 1130*8kB (UM) 789*16kB (U) 717*32kB (UME) 427*64kB (UME) 88*128kB (UME) 11*256kB (UME) 8*512kB (UME) 18*1024kB (UME) 16*2048kB (ME) 233*4096kB (UM) = 1095684kB [ 588.674529][T14634] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 588.696407][T14634] Node 1 Normal: 114*4kB (UE) 56*8kB (UME) 24*16kB (UME) 122*32kB (UME) 45*64kB (UME) 12*128kB (UME) 4*256kB (UME) 5*512kB (UM) 2*1024kB (ME) 2*2048kB (UE) 945*4096kB (M) = 3890056kB [ 588.735678][T14634] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 588.765331][T14634] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 588.796042][T14634] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 588.806757][T14634] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 588.825376][T14634] 118435 total pagecache pages [ 588.840490][T14634] 5 pages in swap cache [ 588.846550][T14634] Free swap = 124956kB [ 588.854944][T14634] Total swap = 124996kB [ 588.864782][T14634] 2097051 pages RAM [ 588.881334][T14634] 0 pages HighMem/MovableOnly [ 588.886349][T14634] 430189 pages reserved [ 588.890533][T14634] 0 pages cma reserved [ 588.898340][T14634] pty pty228: ldisc open failed (-12), clearing slot 228 [ 588.926243][T14635] tty tty7: ldisc open failed (-12), clearing slot 6 [ 594.301360][T14755] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[14755] [ 600.326828][T14895] ptrace attach of "./syz-executor exec"[5855] was attempted by "./syz-executor exec"[14895] [ 602.310214][T14939] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1584'. [ 602.666489][T14926] ptrace attach of "./syz-executor exec"[5865] was attempted by "./syz-executor exec"[14926] [ 606.942812][T15014] XFS: Clearing xfsstats [ 610.804949][T15074] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[15074] [ 611.931323][T15099] FAULT_INJECTION: forcing a failure. [ 611.931323][T15099] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 611.945074][T15099] CPU: 1 UID: 0 PID: 15099 Comm: syz.2.1617 Not tainted syzkaller #0 PREEMPT(full) [ 611.945114][T15099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 611.945132][T15099] Call Trace: [ 611.945141][T15099] [ 611.945151][T15099] dump_stack_lvl+0x16c/0x1f0 [ 611.945194][T15099] should_fail_ex+0x512/0x640 [ 611.945236][T15099] should_fail_alloc_page+0xe7/0x130 [ 611.945277][T15099] prepare_alloc_pages+0x3c2/0x610 [ 611.945323][T15099] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 611.945361][T15099] ? stack_trace_save+0x8e/0xc0 [ 611.945393][T15099] ? __pfx_stack_trace_save+0x10/0x10 [ 611.945424][T15099] ? is_bpf_text_address+0x94/0x1a0 [ 611.945469][T15099] ? stack_depot_save_flags+0x29/0x9c0 [ 611.945512][T15099] ? __kernel_text_address+0xd/0x40 [ 611.945540][T15099] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 611.945574][T15099] ? kasan_save_stack+0x42/0x60 [ 611.945606][T15099] ? kasan_save_track+0x14/0x30 [ 611.945636][T15099] ? snd_pcm_attach_substream+0x441/0xd60 [ 611.945669][T15099] ? snd_pcm_open_substream+0x8d/0x17f0 [ 611.945700][T15099] ? snd_pcm_oss_open+0x735/0x1400 [ 611.945742][T15099] ? soundcore_open+0x409/0x580 [ 611.945778][T15099] ? chrdev_open+0x231/0x6a0 [ 611.945813][T15099] ? do_dentry_open+0x97f/0x1530 [ 611.945850][T15099] ? vfs_open+0x82/0x3f0 [ 611.945890][T15099] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 611.945924][T15099] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 611.945970][T15099] ? policy_nodemask+0xea/0x4e0 [ 611.946005][T15099] alloc_pages_mpol+0x1fb/0x550 [ 611.946044][T15099] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 611.946087][T15099] alloc_pages_noprof+0x131/0x390 [ 611.946125][T15099] alloc_pages_exact_noprof+0x37/0xe0 [ 611.946151][T15099] snd_pcm_attach_substream+0x468/0xd60 [ 611.946187][T15099] snd_pcm_open_substream+0x8d/0x17f0 [ 611.946221][T15099] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 611.946260][T15099] snd_pcm_oss_open+0x735/0x1400 [ 611.946311][T15099] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 611.946358][T15099] ? tomoyo_check_open_permission+0x20e/0x3c0 [ 611.946396][T15099] ? __pfx_default_wake_function+0x10/0x10 [ 611.946428][T15099] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 611.946471][T15099] ? do_raw_spin_lock+0x12c/0x2b0 [ 611.946517][T15099] ? rcu_is_watching+0x12/0xc0 [ 611.946545][T15099] ? lock_release+0x201/0x2f0 [ 611.946584][T15099] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 611.946631][T15099] soundcore_open+0x409/0x580 [ 611.946672][T15099] ? __pfx_soundcore_open+0x10/0x10 [ 611.946711][T15099] chrdev_open+0x231/0x6a0 [ 611.946746][T15099] ? __pfx_apparmor_file_open+0x10/0x10 [ 611.946779][T15099] ? __pfx_chrdev_open+0x10/0x10 [ 611.946817][T15099] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 611.946854][T15099] do_dentry_open+0x97f/0x1530 [ 611.946890][T15099] ? __pfx_chrdev_open+0x10/0x10 [ 611.946931][T15099] vfs_open+0x82/0x3f0 [ 611.946977][T15099] path_openat+0x1de4/0x2cb0 [ 611.947016][T15099] ? __pfx_path_openat+0x10/0x10 [ 611.947054][T15099] do_filp_open+0x20b/0x470 [ 611.947088][T15099] ? __pfx_do_filp_open+0x10/0x10 [ 611.947135][T15099] ? alloc_fd+0x471/0x7d0 [ 611.947169][T15099] do_sys_openat2+0x11b/0x1d0 [ 611.947213][T15099] ? __pfx_do_sys_openat2+0x10/0x10 [ 611.947258][T15099] ? rcu_is_watching+0x12/0xc0 [ 611.947289][T15099] ? __fget_files+0x204/0x3c0 [ 611.947323][T15099] __x64_sys_openat+0x174/0x210 [ 611.947369][T15099] ? __pfx___x64_sys_openat+0x10/0x10 [ 611.947422][T15099] do_syscall_64+0xcd/0x490 [ 611.947469][T15099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 611.947499][T15099] RIP: 0033:0x7f665b38ebe9 [ 611.947522][T15099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 611.947552][T15099] RSP: 002b:00007f665c255038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 611.947581][T15099] RAX: ffffffffffffffda RBX: 00007f665b5b5fa0 RCX: 00007f665b38ebe9 [ 611.947601][T15099] RDX: 0000000000080502 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 611.947620][T15099] RBP: 00007f665b411e19 R08: 0000000000000000 R09: 0000000000000000 [ 611.947638][T15099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 611.947656][T15099] R13: 00007f665b5b6038 R14: 00007f665b5b5fa0 R15: 00007ffed3e7ee58 [ 611.947684][T15099] [ 612.820422][T15112] capability: warning: `syz.2.1621' uses 32-bit capabilities (legacy support in use) [ 613.726747][T15144] FAULT_INJECTION: forcing a failure. [ 613.726747][T15144] name failslab, interval 1, probability 0, space 0, times 0 [ 613.739753][T15144] CPU: 0 UID: 0 PID: 15144 Comm: syz.2.1627 Not tainted syzkaller #0 PREEMPT(full) [ 613.739780][T15144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 613.739791][T15144] Call Trace: [ 613.739797][T15144] [ 613.739804][T15144] dump_stack_lvl+0x16c/0x1f0 [ 613.739831][T15144] should_fail_ex+0x512/0x640 [ 613.739857][T15144] should_failslab+0xc2/0x120 [ 613.739880][T15144] __kmalloc_cache_noprof+0x6a/0x3e0 [ 613.739899][T15144] ? snd_ctl_get_preferred_subdevice+0x184/0x200 [ 613.739920][T15144] ? snd_pcm_attach_substream+0x441/0xd60 [ 613.739942][T15144] snd_pcm_attach_substream+0x441/0xd60 [ 613.739964][T15144] snd_pcm_open_substream+0x8d/0x17f0 [ 613.739986][T15144] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 613.740010][T15144] snd_pcm_oss_open+0x735/0x1400 [ 613.740057][T15144] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 613.740102][T15144] ? tomoyo_check_open_permission+0x20e/0x3c0 [ 613.740140][T15144] ? __pfx_default_wake_function+0x10/0x10 [ 613.740162][T15144] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 613.740183][T15144] ? do_raw_spin_lock+0x12c/0x2b0 [ 613.740210][T15144] ? rcu_is_watching+0x12/0xc0 [ 613.740227][T15144] ? lock_release+0x201/0x2f0 [ 613.740249][T15144] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 613.740275][T15144] soundcore_open+0x409/0x580 [ 613.740299][T15144] ? __pfx_soundcore_open+0x10/0x10 [ 613.740321][T15144] chrdev_open+0x231/0x6a0 [ 613.740344][T15144] ? __pfx_apparmor_file_open+0x10/0x10 [ 613.740362][T15144] ? __pfx_chrdev_open+0x10/0x10 [ 613.740385][T15144] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 613.740406][T15144] do_dentry_open+0x97f/0x1530 [ 613.740427][T15144] ? __pfx_chrdev_open+0x10/0x10 [ 613.740450][T15144] vfs_open+0x82/0x3f0 [ 613.740475][T15144] path_openat+0x1de4/0x2cb0 [ 613.740498][T15144] ? __pfx_path_openat+0x10/0x10 [ 613.740520][T15144] do_filp_open+0x20b/0x470 [ 613.740540][T15144] ? __pfx_do_filp_open+0x10/0x10 [ 613.740565][T15144] ? alloc_fd+0x471/0x7d0 [ 613.740591][T15144] do_sys_openat2+0x11b/0x1d0 [ 613.740616][T15144] ? __pfx_do_sys_openat2+0x10/0x10 [ 613.740648][T15144] ? rcu_is_watching+0x12/0xc0 [ 613.740666][T15144] ? __fget_files+0x204/0x3c0 [ 613.740685][T15144] __x64_sys_openat+0x174/0x210 [ 613.740711][T15144] ? __pfx___x64_sys_openat+0x10/0x10 [ 613.740741][T15144] do_syscall_64+0xcd/0x490 [ 613.740765][T15144] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 613.740783][T15144] RIP: 0033:0x7f665b38ebe9 [ 613.740797][T15144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 613.740814][T15144] RSP: 002b:00007f665c255038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 613.740832][T15144] RAX: ffffffffffffffda RBX: 00007f665b5b5fa0 RCX: 00007f665b38ebe9 [ 613.740843][T15144] RDX: 0000000000080502 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 613.740854][T15144] RBP: 00007f665b411e19 R08: 0000000000000000 R09: 0000000000000000 [ 613.740865][T15144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 613.740875][T15144] R13: 00007f665b5b6038 R14: 00007f665b5b5fa0 R15: 00007ffed3e7ee58 [ 613.740890][T15144] [ 614.051044][ C0] vkms_vblank_simulate: vblank timer overrun syzkaller syzkaller login: [ 614.244405][ T30] audit: type=1326 audit(1755709225.546:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15146 comm="syz.2.1628" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f665b38ebe9 code=0x0 [ 615.596893][T15184] FAULT_INJECTION: forcing a failure. [ 615.596893][T15184] name failslab, interval 1, probability 0, space 0, times 0 [ 615.648448][T15184] CPU: 1 UID: 0 PID: 15184 Comm: syz.2.1637 Not tainted syzkaller #0 PREEMPT(full) [ 615.648493][T15184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 615.648511][T15184] Call Trace: [ 615.648520][T15184] [ 615.648531][T15184] dump_stack_lvl+0x16c/0x1f0 [ 615.648574][T15184] should_fail_ex+0x512/0x640 [ 615.648617][T15184] should_failslab+0xc2/0x120 [ 615.648667][T15184] __kmalloc_cache_noprof+0x6a/0x3e0 [ 615.648696][T15184] ? snd_ctl_get_preferred_subdevice+0x184/0x200 [ 615.648731][T15184] ? snd_pcm_attach_substream+0x441/0xd60 [ 615.648769][T15184] snd_pcm_attach_substream+0x441/0xd60 [ 615.648807][T15184] snd_pcm_open_substream+0x8d/0x17f0 [ 615.648840][T15184] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 615.648885][T15184] snd_pcm_oss_open+0x735/0x1400 [ 615.648935][T15184] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 615.648977][T15184] ? tomoyo_check_open_permission+0x20e/0x3c0 [ 615.649009][T15184] ? __pfx_default_wake_function+0x10/0x10 [ 615.649038][T15184] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.649070][T15184] ? do_raw_spin_lock+0x12c/0x2b0 [ 615.649115][T15184] ? rcu_is_watching+0x12/0xc0 [ 615.649145][T15184] ? lock_release+0x201/0x2f0 [ 615.649180][T15184] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 615.649220][T15184] soundcore_open+0x409/0x580 [ 615.649258][T15184] ? __pfx_soundcore_open+0x10/0x10 [ 615.649294][T15184] chrdev_open+0x231/0x6a0 [ 615.649328][T15184] ? __pfx_apparmor_file_open+0x10/0x10 [ 615.649357][T15184] ? __pfx_chrdev_open+0x10/0x10 [ 615.649393][T15184] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 615.649426][T15184] do_dentry_open+0x97f/0x1530 [ 615.649458][T15184] ? __pfx_chrdev_open+0x10/0x10 [ 615.649499][T15184] vfs_open+0x82/0x3f0 [ 615.649536][T15184] path_openat+0x1de4/0x2cb0 [ 615.649573][T15184] ? __pfx_path_openat+0x10/0x10 [ 615.649609][T15184] do_filp_open+0x20b/0x470 [ 615.649652][T15184] ? __pfx_do_filp_open+0x10/0x10 [ 615.649697][T15184] ? alloc_fd+0x471/0x7d0 [ 615.649733][T15184] do_sys_openat2+0x11b/0x1d0 [ 615.649774][T15184] ? __pfx_do_sys_openat2+0x10/0x10 [ 615.649817][T15184] ? rcu_is_watching+0x12/0xc0 [ 615.649844][T15184] ? __fget_files+0x204/0x3c0 [ 615.649877][T15184] __x64_sys_openat+0x174/0x210 [ 615.649920][T15184] ? __pfx___x64_sys_openat+0x10/0x10 [ 615.649972][T15184] do_syscall_64+0xcd/0x490 [ 615.650011][T15184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.650043][T15184] RIP: 0033:0x7f665b38ebe9 [ 615.650066][T15184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 615.650096][T15184] RSP: 002b:00007f665c255038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 615.650127][T15184] RAX: ffffffffffffffda RBX: 00007f665b5b5fa0 RCX: 00007f665b38ebe9 [ 615.650148][T15184] RDX: 0000000000080502 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 615.650167][T15184] RBP: 00007f665b411e19 R08: 0000000000000000 R09: 0000000000000000 [ 615.650185][T15184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 615.650202][T15184] R13: 00007f665b5b6038 R14: 00007f665b5b5fa0 R15: 00007ffed3e7ee58 [ 615.650231][T15184] [ 617.677334][T15207] ptrace attach of "./syz-executor exec"[5855] was attempted by "./syz-executor exec"[15207] [ 618.202386][T15232] ptrace attach of "./syz-executor exec"[5865] was attempted by "./syz-executor exec"[15232] [ 618.865217][T15249] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1650'. [ 619.748862][T15257] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 620.410756][T15272] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1654'. [ 620.476683][T15260] ptrace attach of "./syz-executor exec"[5859] was attempted by "./syz-executor exec"[15260] [ 621.043561][T15283] blktrace: Concurrent blktraces are not allowed on loop12 [ 622.136032][T15308] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[15308] [ 622.839595][T15324] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1666'. [ 624.209391][T15348] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1670'. [ 624.257630][T15350] netlink: 13 bytes leftover after parsing attributes in process `syz.2.1671'. [ 624.887461][T15327] ptrace attach of "./syz-executor exec"[5865] was attempted by "./syz-executor exec"[15327] [ 625.460727][T15358] ptrace attach of "./syz-executor exec"[5855] was attempted by "./syz-executor exec"[15358] [ 626.163918][T15381] FAULT_INJECTION: forcing a failure. [ 626.163918][T15381] name failslab, interval 1, probability 0, space 0, times 0 [ 626.472822][T15381] CPU: 0 UID: 0 PID: 15381 Comm: syz.3.1678 Not tainted syzkaller #0 PREEMPT(full) [ 626.472858][T15381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 626.472873][T15381] Call Trace: [ 626.472882][T15381] [ 626.472892][T15381] dump_stack_lvl+0x16c/0x1f0 [ 626.472927][T15381] should_fail_ex+0x512/0x640 [ 626.472962][T15381] should_failslab+0xc2/0x120 [ 626.472995][T15381] __kmalloc_cache_node_noprof+0x6d/0x420 [ 626.473026][T15381] ? __get_vm_area_node+0x101/0x330 [ 626.473066][T15381] __get_vm_area_node+0x101/0x330 [ 626.473110][T15381] __vmalloc_node_range_noprof+0x271/0x14b0 [ 626.473136][T15381] ? create_io_thread+0xbe/0x100 [ 626.473169][T15381] ? rcu_is_watching+0x12/0xc0 [ 626.473200][T15381] ? rcu_is_watching+0x12/0xc0 [ 626.473225][T15381] ? create_io_thread+0xbe/0x100 [ 626.473263][T15381] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 626.473289][T15381] ? __memcg_slab_post_alloc_hook+0x4a0/0x960 [ 626.473332][T15381] ? create_io_thread+0xbe/0x100 [ 626.473365][T15381] __vmalloc_node_noprof+0xad/0xf0 [ 626.473400][T15381] ? create_io_thread+0xbe/0x100 [ 626.473436][T15381] copy_process+0x2c70/0x7690 [ 626.473468][T15381] ? stack_depot_save_flags+0x29/0x9c0 [ 626.473511][T15381] ? __pfx_copy_process+0x10/0x10 [ 626.473544][T15381] ? __pfx___might_resched+0x10/0x10 [ 626.473571][T15381] ? rcu_is_watching+0x12/0xc0 [ 626.473597][T15381] ? trace_contention_end+0xdd/0x130 [ 626.473635][T15381] ? __pfx_io_sq_thread+0x10/0x10 [ 626.473676][T15381] create_io_thread+0xbe/0x100 [ 626.473709][T15381] ? __pfx_create_io_thread+0x10/0x10 [ 626.473743][T15381] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 626.473784][T15381] ? __pfx_io_sq_thread+0x10/0x10 [ 626.473824][T15381] ? rcu_is_watching+0x12/0xc0 [ 626.473850][T15381] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 626.473893][T15381] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 626.473924][T15381] ? __wake_up+0x3f/0x60 [ 626.473953][T15381] io_sq_offload_create+0xcc6/0x1270 [ 626.473998][T15381] ? __pfx_io_sq_offload_create+0x10/0x10 [ 626.474040][T15381] ? bpf_lsm_capable+0x9/0x10 [ 626.474064][T15381] ? security_capable+0x7e/0x260 [ 626.474092][T15381] io_uring_setup+0x1493/0x2080 [ 626.474127][T15381] ? __pfx_io_uring_setup+0x10/0x10 [ 626.474158][T15381] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 626.474193][T15381] ? __fget_files+0x204/0x3c0 [ 626.474219][T15381] ? rcu_is_watching+0x12/0xc0 [ 626.474248][T15381] ? __fget_files+0x20e/0x3c0 [ 626.474279][T15381] ? ksys_write+0x1ac/0x250 [ 626.474309][T15381] ? __pfx_ksys_write+0x10/0x10 [ 626.474341][T15381] __x64_sys_io_uring_setup+0xc2/0x170 [ 626.474383][T15381] do_syscall_64+0xcd/0x490 [ 626.474419][T15381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 626.474445][T15381] RIP: 0033:0x7f9260b8ebe9 [ 626.474466][T15381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 626.474492][T15381] RSP: 002b:00007f9261977038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 626.474518][T15381] RAX: ffffffffffffffda RBX: 00007f9260db6180 RCX: 00007f9260b8ebe9 [ 626.474535][T15381] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000059 [ 626.474551][T15381] RBP: 00007f9261977090 R08: 0000000000000000 R09: 0000000000000000 [ 626.474567][T15381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 626.474583][T15381] R13: 00007f9260db6218 R14: 00007f9260db6180 R15: 00007ffc882b73c8 [ 626.474607][T15381] [ 626.813362][ C0] vkms_vblank_simulate: vblank timer overrun [ 627.212829][T15381] syz.3.1678: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 627.285886][T15381] CPU: 0 UID: 0 PID: 15381 Comm: syz.3.1678 Not tainted syzkaller #0 PREEMPT(full) [ 627.285918][T15381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 627.285929][T15381] Call Trace: [ 627.285935][T15381] [ 627.285942][T15381] dump_stack_lvl+0x16c/0x1f0 [ 627.285980][T15381] warn_alloc+0x248/0x3a0 [ 627.286012][T15381] ? __pfx_warn_alloc+0x10/0x10 [ 627.286036][T15381] ? rcu_is_watching+0x12/0xc0 [ 627.286055][T15381] ? trace_kmalloc+0x2b/0xd0 [ 627.286078][T15381] ? __kmalloc_cache_node_noprof+0x272/0x420 [ 627.286098][T15381] ? __kasan_kmalloc+0x8a/0xb0 [ 627.286117][T15381] ? __get_vm_area_node+0x208/0x330 [ 627.286144][T15381] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 627.286161][T15381] ? rcu_is_watching+0x12/0xc0 [ 627.286179][T15381] ? rcu_is_watching+0x12/0xc0 [ 627.286195][T15381] ? create_io_thread+0xbe/0x100 [ 627.286219][T15381] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 627.286235][T15381] ? __memcg_slab_post_alloc_hook+0x4a0/0x960 [ 627.286262][T15381] ? create_io_thread+0xbe/0x100 [ 627.286283][T15381] __vmalloc_node_noprof+0xad/0xf0 [ 627.286298][T15381] ? create_io_thread+0xbe/0x100 [ 627.286319][T15381] copy_process+0x2c70/0x7690 [ 627.286344][T15381] ? stack_depot_save_flags+0x29/0x9c0 [ 627.286387][T15381] ? __pfx_copy_process+0x10/0x10 [ 627.286411][T15381] ? __pfx___might_resched+0x10/0x10 [ 627.286428][T15381] ? rcu_is_watching+0x12/0xc0 [ 627.286445][T15381] ? trace_contention_end+0xdd/0x130 [ 627.286469][T15381] ? __pfx_io_sq_thread+0x10/0x10 [ 627.286495][T15381] create_io_thread+0xbe/0x100 [ 627.286515][T15381] ? __pfx_create_io_thread+0x10/0x10 [ 627.286537][T15381] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 627.286561][T15381] ? __pfx_io_sq_thread+0x10/0x10 [ 627.286586][T15381] ? rcu_is_watching+0x12/0xc0 [ 627.286602][T15381] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 627.286629][T15381] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 627.286656][T15381] ? __wake_up+0x3f/0x60 [ 627.286675][T15381] io_sq_offload_create+0xcc6/0x1270 [ 627.286702][T15381] ? __pfx_io_sq_offload_create+0x10/0x10 [ 627.286729][T15381] ? bpf_lsm_capable+0x9/0x10 [ 627.286745][T15381] ? security_capable+0x7e/0x260 [ 627.286763][T15381] io_uring_setup+0x1493/0x2080 [ 627.286785][T15381] ? __pfx_io_uring_setup+0x10/0x10 [ 627.286805][T15381] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 627.286827][T15381] ? __fget_files+0x204/0x3c0 [ 627.286845][T15381] ? rcu_is_watching+0x12/0xc0 [ 627.286862][T15381] ? __fget_files+0x20e/0x3c0 [ 627.286882][T15381] ? ksys_write+0x1ac/0x250 [ 627.286901][T15381] ? __pfx_ksys_write+0x10/0x10 [ 627.286921][T15381] __x64_sys_io_uring_setup+0xc2/0x170 [ 627.286944][T15381] do_syscall_64+0xcd/0x490 [ 627.286966][T15381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 627.286983][T15381] RIP: 0033:0x7f9260b8ebe9 [ 627.286997][T15381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 627.287014][T15381] RSP: 002b:00007f9261977038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 627.287031][T15381] RAX: ffffffffffffffda RBX: 00007f9260db6180 RCX: 00007f9260b8ebe9 [ 627.287042][T15381] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000059 [ 627.287058][T15381] RBP: 00007f9261977090 R08: 0000000000000000 R09: 0000000000000000 [ 627.287074][T15381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 627.287090][T15381] R13: 00007f9260db6218 R14: 00007f9260db6180 R15: 00007ffc882b73c8 [ 627.287115][T15381] [ 627.288102][T15381] Mem-Info: [ 627.691725][T15381] active_anon:54417 inactive_anon:7 isolated_anon:0 [ 627.691725][T15381] active_file:5796 inactive_file:53682 isolated_file:0 [ 627.691725][T15381] unevictable:768 dirty:746 writeback:0 [ 627.691725][T15381] slab_reclaimable:11676 slab_unreclaimable:92234 [ 627.691725][T15381] mapped:28882 shmem:40368 pagetables:1315 [ 627.691725][T15381] sec_pagetables:0 bounce:0 [ 627.691725][T15381] kernel_misc_reclaimable:0 [ 627.691725][T15381] free:1251033 free_pcp:32544 free_cma:0 [ 627.766536][T15381] Node 0 active_anon:214468kB inactive_anon:28kB active_file:22984kB inactive_file:212424kB unevictable:5036kB isolated(anon):0kB isolated(file):0kB mapped:115528kB dirty:2984kB writeback:0kB shmem:157836kB shmem_thp:4096kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11576kB pagetables:5132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 627.801025][T15381] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 627.831110][T15381] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 627.864000][T15381] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 627.871833][T15381] Node 0 DMA32 free:1104832kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:213124kB inactive_anon:28kB active_file:22984kB inactive_file:211096kB unevictable:5036kB writepending:2984kB present:3129332kB managed:2539600kB mlocked:3600kB bounce:0kB free_pcp:107224kB local_pcp:19344kB free_cma:0kB [ 627.945915][T15381] lowmem_reserve[]: 0 0 1 1 1 [ 627.950647][T15381] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1328kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 628.030721][T15381] lowmem_reserve[]: 0 0 0 0 0 [ 628.037292][T15381] Node 1 Normal free:3886532kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:27880kB local_pcp:8172kB free_cma:0kB [ 628.078364][T15381] lowmem_reserve[]: 0 0 0 0 0 [ 628.083112][T15381] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 628.114359][T15381] Node 0 DMA32: 13381*4kB (UME) 784*8kB (UM) 859*16kB (UM) 707*32kB (UME) 445*64kB (UME) 101*128kB (UME) 12*256kB (UE) 10*512kB (UME) 8*1024kB (UME) 7*2048kB (ME) 232*4096kB (M) = 1118564kB [ 628.146175][T15381] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 628.203532][T15381] Node 1 Normal: 127*4kB (UME) 57*8kB (UME) 16*16kB (UME) 118*32kB (UME) 47*64kB (UME) 11*128kB (UME) 3*256kB (UME) 1*512kB (U) 1*1024kB (E) 2*2048kB (UE) 945*4096kB (M) = 3886532kB [ 628.285935][T15381] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 628.305966][T15381] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 628.350949][T15381] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 628.353513][T15396] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1680'. [ 628.393821][T15381] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 628.424246][T15381] 93702 total pagecache pages [ 628.435240][T15381] 5 pages in swap cache [ 628.454969][T15381] Free swap = 124976kB [ 628.484471][T15381] Total swap = 124996kB [ 628.499164][T15381] 2097051 pages RAM [ 628.503031][T15381] 0 pages HighMem/MovableOnly [ 628.545953][T15381] 430189 pages reserved [ 628.550162][T15381] 0 pages cma reserved [ 628.731611][T15402] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1681'. [ 628.929454][T15408] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 629.648984][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.655281][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.854023][T15429] FAULT_INJECTION: forcing a failure. [ 629.854023][T15429] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 629.898198][T15429] CPU: 1 UID: 0 PID: 15429 Comm: syz.0.1688 Not tainted syzkaller #0 PREEMPT(full) [ 629.898240][T15429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 629.898259][T15429] Call Trace: [ 629.898269][T15429] [ 629.898280][T15429] dump_stack_lvl+0x16c/0x1f0 [ 629.898321][T15429] should_fail_ex+0x512/0x640 [ 629.898365][T15429] should_fail_alloc_page+0xe7/0x130 [ 629.898404][T15429] prepare_alloc_pages+0x3c2/0x610 [ 629.898447][T15429] ? rcu_is_watching+0x12/0xc0 [ 629.898481][T15429] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 629.898518][T15429] ? css_rstat_updated+0x1c2/0x510 [ 629.898549][T15429] ? __pfx_css_rstat_updated+0x10/0x10 [ 629.898580][T15429] ? kasan_save_stack+0x42/0x60 [ 629.898613][T15429] ? kasan_save_stack+0x33/0x60 [ 629.898653][T15429] ? kasan_save_track+0x14/0x30 [ 629.898688][T15429] ? rcu_is_watching+0x12/0xc0 [ 629.898716][T15429] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 629.898747][T15429] ? __mod_zone_page_state+0xcc/0x1a0 [ 629.898778][T15429] ? lru_gen_add_folio+0x1a4/0xef0 [ 629.898815][T15429] ? rcu_is_watching+0x12/0xc0 [ 629.898845][T15429] ? lock_acquire+0x2cd/0x350 [ 629.898883][T15429] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 629.898925][T15429] ? policy_nodemask+0xea/0x4e0 [ 629.898966][T15429] alloc_pages_mpol+0x1fb/0x550 [ 629.899003][T15429] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 629.899040][T15429] ? lock_release+0x201/0x2f0 [ 629.899082][T15429] folio_alloc_mpol_noprof+0x36/0x2f0 [ 629.899126][T15429] vma_alloc_folio_noprof+0xed/0x1e0 [ 629.899171][T15429] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 629.899216][T15429] ? rcu_is_watching+0x12/0xc0 [ 629.899248][T15429] do_pte_missing+0x2230/0x3ba0 [ 629.899284][T15429] __handle_mm_fault+0x152a/0x2a50 [ 629.899320][T15429] ? __pfx___handle_mm_fault+0x10/0x10 [ 629.899349][T15429] ? __pte_offset_map_lock+0x174/0x310 [ 629.899391][T15429] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 629.899436][T15429] handle_mm_fault+0x589/0xd10 [ 629.899466][T15429] __get_user_pages+0x551/0x34a0 [ 629.899512][T15429] ? __pfx___get_user_pages+0x10/0x10 [ 629.899551][T15429] ? __pfx___might_resched+0x10/0x10 [ 629.899578][T15429] ? cap_capable+0xb3/0x250 [ 629.899608][T15429] populate_vma_page_range+0x267/0x3f0 [ 629.899665][T15429] ? __pfx_populate_vma_page_range+0x10/0x10 [ 629.899711][T15429] ? __pfx_find_vma_intersection+0x10/0x10 [ 629.899753][T15429] ? do_mmap+0x69c/0x1210 [ 629.899795][T15429] __mm_populate+0x1d8/0x380 [ 629.899841][T15429] ? __pfx___mm_populate+0x10/0x10 [ 629.899889][T15429] ? up_write+0x1b2/0x520 [ 629.899958][T15429] vm_mmap_pgoff+0x37f/0x470 [ 629.900001][T15429] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 629.900044][T15429] ? __x64_sys_futex+0x1e0/0x4c0 [ 629.900078][T15429] ? __x64_sys_futex+0x1e9/0x4c0 [ 629.900114][T15429] ksys_mmap_pgoff+0x7d/0x5c0 [ 629.900151][T15429] ? xfd_validate_state+0x61/0x180 [ 629.900192][T15429] ? __pfx_do_writev+0x10/0x10 [ 629.900225][T15429] __x64_sys_mmap+0x125/0x190 [ 629.900272][T15429] do_syscall_64+0xcd/0x490 [ 629.900308][T15429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 629.900335][T15429] RIP: 0033:0x7f059e98ebe9 [ 629.900358][T15429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 629.900384][T15429] RSP: 002b:00007f059f856038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 629.900415][T15429] RAX: ffffffffffffffda RBX: 00007f059ebb5fa0 RCX: 00007f059e98ebe9 [ 629.900435][T15429] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 629.900453][T15429] RBP: 00007f059ea11e19 R08: 0000000000000002 R09: 0000000000008000 [ 629.900470][T15429] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 629.900489][T15429] R13: 00007f059ebb6038 R14: 00007f059ebb5fa0 R15: 00007ffff6eb9b48 [ 629.900517][T15429] [ 630.283230][ C1] vkms_vblank_simulate: vblank timer overrun [ 630.925094][ T30] audit: type=1800 audit(1755709242.226:7): pid=15436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1688" name="dbroot" dev="configfs" ino=62717 res=0 errno=0 [ 631.176634][T15440] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1691'. [ 632.175572][T15454] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1693'. [ 632.268260][T15457] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1694'. [ 633.603450][T15454] random: crng reseeded on system resumption [ 635.189360][T15479] ptrace attach of "./syz-executor exec"[5855] was attempted by "./syz-executor exec"[15479] [ 635.202877][T15483] ptrace attach of "./syz-executor exec"[5859] was attempted by ""[15483] [ 635.997636][T15511] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1705'. [ 636.142167][T15516] FAULT_INJECTION: forcing a failure. [ 636.142167][T15516] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 636.344911][T15516] CPU: 1 UID: 0 PID: 15516 Comm: syz.2.1715 Not tainted syzkaller #0 PREEMPT(full) [ 636.344949][T15516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 636.344965][T15516] Call Trace: [ 636.344974][T15516] [ 636.344983][T15516] dump_stack_lvl+0x16c/0x1f0 [ 636.345022][T15516] should_fail_ex+0x512/0x640 [ 636.345057][T15516] should_fail_alloc_page+0xe7/0x130 [ 636.345088][T15516] prepare_alloc_pages+0x3c2/0x610 [ 636.345124][T15516] ? unwind_next_frame+0x3f4/0x20a0 [ 636.345148][T15516] ? rcu_is_watching+0x12/0xc0 [ 636.345178][T15516] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 636.345211][T15516] ? is_bpf_text_address+0x8a/0x1a0 [ 636.345245][T15516] ? rcu_is_watching+0x12/0xc0 [ 636.345272][T15516] ? lock_release+0x201/0x2f0 [ 636.345307][T15516] ? bpf_ksym_find+0x124/0x1c0 [ 636.345332][T15516] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 636.345366][T15516] ? is_bpf_text_address+0x94/0x1a0 [ 636.345410][T15516] ? kernel_text_address+0x8d/0x100 [ 636.345438][T15516] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 636.345472][T15516] ? unwind_get_return_address+0x59/0xa0 [ 636.345508][T15516] ? stack_trace_save+0x8e/0xc0 [ 636.345535][T15516] ? __pfx_stack_trace_save+0x10/0x10 [ 636.345563][T15516] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 636.345603][T15516] ? policy_nodemask+0xea/0x4e0 [ 636.345640][T15516] alloc_pages_mpol+0x1fb/0x550 [ 636.345676][T15516] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 636.345711][T15516] ? insert_vm_struct+0xf4/0x2d0 [ 636.345744][T15516] ? alloc_bprm+0x420/0x710 [ 636.345773][T15516] ? __x64_sys_execveat+0xda/0x120 [ 636.345804][T15516] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 636.345836][T15516] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 636.345875][T15516] alloc_pages_noprof+0x131/0x390 [ 636.345910][T15516] __pud_alloc+0x3b/0x750 [ 636.345951][T15516] __handle_mm_fault+0x13de/0x2a50 [ 636.345981][T15516] ? mt_find+0x3ef/0xa30 [ 636.346015][T15516] ? __pfx___handle_mm_fault+0x10/0x10 [ 636.346052][T15516] ? find_vma+0xbf/0x140 [ 636.346089][T15516] ? __pfx_find_vma+0x10/0x10 [ 636.346127][T15516] handle_mm_fault+0x589/0xd10 [ 636.346158][T15516] __get_user_pages+0x551/0x34a0 [ 636.346204][T15516] ? __pfx_validate_mm+0x10/0x10 [ 636.346233][T15516] ? __vma_enter_locked+0x163/0x3f0 [ 636.346262][T15516] ? __pfx___get_user_pages+0x10/0x10 [ 636.346304][T15516] ? rcu_is_watching+0x12/0xc0 [ 636.346332][T15516] ? lock_acquire+0x2cd/0x350 [ 636.346372][T15516] get_user_pages_remote+0x243/0xab0 [ 636.346427][T15516] ? __pfx_get_user_pages_remote+0x10/0x10 [ 636.346469][T15516] ? __pfx_vma_link+0x10/0x10 [ 636.346506][T15516] get_arg_page+0xf4/0x310 [ 636.346534][T15516] ? __pfx_get_arg_page+0x10/0x10 [ 636.346562][T15516] ? up_write+0x1b2/0x520 [ 636.346601][T15516] ? insert_vm_struct+0x10c/0x2d0 [ 636.346635][T15516] copy_string_kernel+0x182/0x520 [ 636.346667][T15516] do_execveat_common.isra.0+0x2ed/0x610 [ 636.346700][T15516] __x64_sys_execveat+0xda/0x120 [ 636.346733][T15516] do_syscall_64+0xcd/0x490 [ 636.346771][T15516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 636.346799][T15516] RIP: 0033:0x7f665b38ebe9 [ 636.346820][T15516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 636.346846][T15516] RSP: 002b:00007f665c255038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 636.346873][T15516] RAX: ffffffffffffffda RBX: 00007f665b5b5fa0 RCX: 00007f665b38ebe9 [ 636.346891][T15516] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 636.346908][T15516] RBP: 00007f665c255090 R08: 0000000000011000 R09: 0000000000000000 [ 636.346924][T15516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 636.346939][T15516] R13: 00007f665b5b6038 R14: 00007f665b5b5fa0 R15: 00007ffed3e7ee58 [ 636.346966][T15516] [ 637.504904][T15540] FAULT_INJECTION: forcing a failure. [ 637.504904][T15540] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 637.586241][T15540] CPU: 1 UID: 0 PID: 15540 Comm: syz.2.1707 Not tainted syzkaller #0 PREEMPT(full) [ 637.586281][T15540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 637.586296][T15540] Call Trace: [ 637.586304][T15540] [ 637.586314][T15540] dump_stack_lvl+0x16c/0x1f0 [ 637.586351][T15540] should_fail_ex+0x512/0x640 [ 637.586388][T15540] should_fail_alloc_page+0xe7/0x130 [ 637.586441][T15540] prepare_alloc_pages+0x3c2/0x610 [ 637.586482][T15540] ? rcu_is_watching+0x12/0xc0 [ 637.586513][T15540] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 637.586550][T15540] ? stack_trace_save+0x8e/0xc0 [ 637.586583][T15540] ? __pfx_stack_trace_save+0x10/0x10 [ 637.586614][T15540] ? stack_depot_save_flags+0x29/0x9c0 [ 637.586656][T15540] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 637.586690][T15540] ? kasan_save_stack+0x42/0x60 [ 637.586724][T15540] ? kasan_save_track+0x14/0x30 [ 637.586755][T15540] ? snd_pcm_attach_substream+0x441/0xd60 [ 637.586791][T15540] ? snd_pcm_open_substream+0x8d/0x17f0 [ 637.586823][T15540] ? snd_pcm_oss_open+0x735/0x1400 [ 637.586866][T15540] ? soundcore_open+0x409/0x580 [ 637.586903][T15540] ? chrdev_open+0x231/0x6a0 [ 637.586939][T15540] ? do_dentry_open+0x97f/0x1530 [ 637.586971][T15540] ? vfs_open+0x82/0x3f0 [ 637.587012][T15540] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.587045][T15540] ? rcu_is_watching+0x12/0xc0 [ 637.587074][T15540] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 637.587117][T15540] ? policy_nodemask+0xea/0x4e0 [ 637.587155][T15540] alloc_pages_mpol+0x1fb/0x550 [ 637.587193][T15540] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 637.587235][T15540] alloc_pages_noprof+0x131/0x390 [ 637.587273][T15540] alloc_pages_exact_noprof+0x37/0xe0 [ 637.587300][T15540] ? __asan_memset+0x23/0x50 [ 637.587326][T15540] snd_pcm_attach_substream+0x4bb/0xd60 [ 637.587361][T15540] snd_pcm_open_substream+0x8d/0x17f0 [ 637.587394][T15540] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 637.587432][T15540] ? lockdep_init_map_type+0x5c/0x280 [ 637.587472][T15540] ? __raw_spin_lock_init+0x3a/0x110 [ 637.587514][T15540] ? lockdep_init_map_type+0x5c/0x280 [ 637.587555][T15540] snd_pcm_oss_open+0x735/0x1400 [ 637.587605][T15540] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 637.587648][T15540] ? tomoyo_check_open_permission+0x20e/0x3c0 [ 637.587684][T15540] ? __pfx_default_wake_function+0x10/0x10 [ 637.587714][T15540] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.587746][T15540] ? do_raw_spin_lock+0x12c/0x2b0 [ 637.587790][T15540] ? rcu_is_watching+0x12/0xc0 [ 637.587818][T15540] ? lock_release+0x201/0x2f0 [ 637.587855][T15540] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 637.587900][T15540] soundcore_open+0x409/0x580 [ 637.587939][T15540] ? __pfx_soundcore_open+0x10/0x10 [ 637.587977][T15540] chrdev_open+0x231/0x6a0 [ 637.588011][T15540] ? __pfx_apparmor_file_open+0x10/0x10 [ 637.588042][T15540] ? __pfx_chrdev_open+0x10/0x10 [ 637.588080][T15540] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 637.588116][T15540] do_dentry_open+0x97f/0x1530 [ 637.588152][T15540] ? __pfx_chrdev_open+0x10/0x10 [ 637.588192][T15540] vfs_open+0x82/0x3f0 [ 637.588234][T15540] path_openat+0x1de4/0x2cb0 [ 637.588271][T15540] ? __pfx_path_openat+0x10/0x10 [ 637.588307][T15540] do_filp_open+0x20b/0x470 [ 637.588339][T15540] ? __pfx_do_filp_open+0x10/0x10 [ 637.588384][T15540] ? alloc_fd+0x471/0x7d0 [ 637.588427][T15540] do_sys_openat2+0x11b/0x1d0 [ 637.588470][T15540] ? __pfx_do_sys_openat2+0x10/0x10 [ 637.588515][T15540] ? __fget_files+0x20e/0x3c0 [ 637.588549][T15540] __x64_sys_openat+0x174/0x210 [ 637.588594][T15540] ? __pfx___x64_sys_openat+0x10/0x10 [ 637.588638][T15540] ? ksys_write+0x1ac/0x250 [ 637.588673][T15540] do_syscall_64+0xcd/0x490 [ 637.588712][T15540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.588740][T15540] RIP: 0033:0x7f665b38ebe9 [ 637.588764][T15540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 637.588793][T15540] RSP: 002b:00007f665c234038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 637.588823][T15540] RAX: ffffffffffffffda RBX: 00007f665b5b6090 RCX: 00007f665b38ebe9 [ 637.588842][T15540] RDX: 0000000000080502 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 637.588859][T15540] RBP: 00007f665c234090 R08: 0000000000000000 R09: 0000000000000000 [ 637.588877][T15540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 637.588900][T15540] R13: 00007f665b5b6128 R14: 00007f665b5b6090 R15: 00007ffed3e7ee58 [ 637.588928][T15540] [ 639.200756][T15562] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 639.888051][T15558] FAULT_INJECTION: forcing a failure. [ 639.888051][T15558] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 640.069634][T15558] CPU: 0 UID: 0 PID: 15558 Comm: syz.2.1716 Not tainted syzkaller #0 PREEMPT(full) [ 640.069669][T15558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 640.069681][T15558] Call Trace: [ 640.069687][T15558] [ 640.069693][T15558] dump_stack_lvl+0x16c/0x1f0 [ 640.069720][T15558] should_fail_ex+0x512/0x640 [ 640.069745][T15558] _copy_from_user+0x2e/0xd0 [ 640.069771][T15558] copy_clone_args_from_user+0x150/0x7e0 [ 640.069793][T15558] ? __pfx_copy_clone_args_from_user+0x10/0x10 [ 640.069818][T15558] __do_sys_clone3+0xbd/0x290 [ 640.069839][T15558] ? __pfx___do_sys_clone3+0x10/0x10 [ 640.069861][T15558] ? sigprocmask+0x22e/0x330 [ 640.069897][T15558] do_syscall_64+0xcd/0x490 [ 640.069920][T15558] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 640.069939][T15558] RIP: 0033:0x7f665b3c3449 [ 640.069953][T15558] Code: d7 08 00 48 8d 3d 5c d7 08 00 e8 02 29 f6 ff 66 90 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7 [ 640.069971][T15558] RSP: 002b:00007ffed3e7ed28 EFLAGS: 00000206 ORIG_RAX: 00000000000001b3 [ 640.069988][T15558] RAX: ffffffffffffffda RBX: 00007f665b345850 RCX: 00007f665b3c3449 [ 640.069999][T15558] RDX: 00007f665b345850 RSI: 0000000000000058 RDI: 00007ffed3e7ed70 [ 640.070010][T15558] RBP: 00007f665c1b06c0 R08: 00007f665c1b06c0 R09: 00007ffed3e7ee57 [ 640.070020][T15558] R10: 0000000000000008 R11: 0000000000000206 R12: ffffffffffffffa8 [ 640.070030][T15558] R13: 000000000000006e R14: 00007ffed3e7ed70 R15: 00007ffed3e7ee58 [ 640.070045][T15558] [ 641.252808][T15393] syz.2.1675 (15393) used greatest stack depth: 19704 bytes left [ 641.358360][T15582] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[15582] [ 643.191691][T15604] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1723'. [ 643.421893][ T30] audit: type=1804 audit(1755709254.726:8): pid=15611 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1727" name="/newroot/sys/kernel/debug/tracing/set_event" dev="tracefs" ino=16 res=1 errno=0 [ 644.066106][T15618] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 645.044031][T15604] random: crng reseeded on system resumption [ 645.347755][T15643] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[15643] [ 646.063235][T15663] Console: switching to colour VGA+ 80x25 [ 647.578749][T15685] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1742'. [ 648.862798][T15696] ptrace attach of "./syz-executor exec"[5859] was attempted by "./syz-executor exec"[15696] [ 649.037685][T15685] random: crng reseeded on system resumption [ 649.332932][T15710] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 650.551774][T15739] random: crng reseeded on system resumption [ 651.144096][T15750] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1755'. [ 653.077723][T15750] random: crng reseeded on system resumption [ 653.489527][T15783] ptrace attach of "./syz-executor exec"[5855] was attempted by "./syz-executor exec"[15783] [ 653.721468][T15787] FAULT_INJECTION: forcing a failure. [ 653.721468][T15787] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 653.736200][T15787] CPU: 0 UID: 0 PID: 15787 Comm: syz.1.1761 Not tainted syzkaller #0 PREEMPT(full) [ 653.736238][T15787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 653.736255][T15787] Call Trace: [ 653.736264][T15787] [ 653.736274][T15787] dump_stack_lvl+0x16c/0x1f0 [ 653.736309][T15787] should_fail_ex+0x512/0x640 [ 653.736335][T15787] _copy_from_user+0x2e/0xd0 [ 653.736363][T15787] copy_msghdr_from_user+0x98/0x160 [ 653.736386][T15787] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 653.736409][T15787] ? __pfx__kstrtoull+0x10/0x10 [ 653.736429][T15787] ? rcu_is_watching+0x12/0xc0 [ 653.736449][T15787] ___sys_sendmsg+0xfe/0x1d0 [ 653.736470][T15787] ? __pfx____sys_sendmsg+0x10/0x10 [ 653.736495][T15787] ? rcu_is_watching+0x12/0xc0 [ 653.736518][T15787] __sys_sendmmsg+0x200/0x420 [ 653.736541][T15787] ? __pfx___sys_sendmmsg+0x10/0x10 [ 653.736570][T15787] ? lock_release+0x201/0x2f0 [ 653.736595][T15787] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 653.736621][T15787] ? fput+0x9b/0xd0 [ 653.736644][T15787] ? ksys_write+0x1ac/0x250 [ 653.736663][T15787] ? __pfx_ksys_write+0x10/0x10 [ 653.736684][T15787] __x64_sys_sendmmsg+0x9c/0x100 [ 653.736706][T15787] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 653.736733][T15787] do_syscall_64+0xcd/0x490 [ 653.736756][T15787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 653.736774][T15787] RIP: 0033:0x7f23b598ebe9 [ 653.736788][T15787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 653.736806][T15787] RSP: 002b:00007f23b685a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 653.736823][T15787] RAX: ffffffffffffffda RBX: 00007f23b5bb6180 RCX: 00007f23b598ebe9 [ 653.736835][T15787] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000004 [ 653.736845][T15787] RBP: 00007f23b685a090 R08: 0000000000000000 R09: 0000000000000000 [ 653.736855][T15787] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 653.736865][T15787] R13: 00007f23b5bb6218 R14: 00007f23b5bb6180 R15: 00007ffe4577b2c8 [ 653.736880][T15787] [ 654.512171][T15799] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1764'. [ 654.570579][T15804] __vm_enough_memory: pid: 15804, comm: syz.1.1767, bytes: 4398046511104 not enough memory for the allocation [ 656.429397][T15824] ptrace attach of "./syz-executor exec"[5865] was attempted by "./syz-executor exec"[15824] [ 657.745978][T15868] ptrace attach of "./syz-executor exec"[5855] was attempted by "./syz-executor exec"[15868] [ 665.435250][T15987] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[15987] [ 666.379987][T16027] ptrace attach of "./syz-executor exec"[5855] was attempted by "./syz-executor exec"[16027] [ 668.020641][T16040] ptrace attach of "./syz-executor exec"[5865] was attempted by "./syz-executor exec"[16040] [ 670.209297][T16093] ptrace attach of "./syz-executor exec"[5855] was attempted by "./syz-executor exec"[16093] [ 671.321698][T16106] ptrace attach of "./syz-executor exec"[5855] was attempted by "./syz-executor exec"[16106] [ 675.031200][T16209] FAULT_INJECTION: forcing a failure. [ 675.031200][T16209] name failslab, interval 1, probability 0, space 0, times 0 [ 675.077074][T16209] CPU: 0 UID: 0 PID: 16209 Comm: syz.0.1849 Not tainted syzkaller #0 PREEMPT(full) [ 675.077110][T16209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 675.077125][T16209] Call Trace: [ 675.077134][T16209] [ 675.077145][T16209] dump_stack_lvl+0x16c/0x1f0 [ 675.077182][T16209] should_fail_ex+0x512/0x640 [ 675.077222][T16209] should_failslab+0xc2/0x120 [ 675.077260][T16209] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 675.077292][T16209] ? __pfx_acct_collect+0x10/0x10 [ 675.077332][T16209] ? taskstats_exit+0x654/0xbe0 [ 675.077373][T16209] taskstats_exit+0x654/0xbe0 [ 675.077411][T16209] ? do_exit+0x2db/0x2bf0 [ 675.077445][T16209] ? __pfx_taskstats_exit+0x10/0x10 [ 675.077479][T16209] ? lock_release+0x201/0x2f0 [ 675.077510][T16209] ? preempt_count_add+0x76/0x150 [ 675.077548][T16209] do_exit+0x5dc/0x2bf0 [ 675.077594][T16209] ? __pfx_do_exit+0x10/0x10 [ 675.077627][T16209] ? do_raw_spin_lock+0x12c/0x2b0 [ 675.077683][T16209] ? get_signal+0x8f5/0x26d0 [ 675.077712][T16209] ? rcu_is_watching+0x12/0xc0 [ 675.077741][T16209] do_group_exit+0xd3/0x2a0 [ 675.077778][T16209] get_signal+0x2673/0x26d0 [ 675.077810][T16209] ? kmem_cache_free+0x2d1/0x4d0 [ 675.077843][T16209] ? __pfx_get_signal+0x10/0x10 [ 675.077874][T16209] ? do_futex+0x122/0x350 [ 675.077907][T16209] ? __pfx_do_futex+0x10/0x10 [ 675.077942][T16209] arch_do_signal_or_restart+0x8f/0x790 [ 675.077973][T16209] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 675.078016][T16209] exit_to_user_mode_loop+0x84/0x110 [ 675.078057][T16209] do_syscall_64+0x3f6/0x490 [ 675.078094][T16209] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 675.078120][T16209] RIP: 0033:0x7f059e98ebe9 [ 675.078142][T16209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 675.078168][T16209] RSP: 002b:00007f059f8560e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 675.078194][T16209] RAX: fffffffffffffe00 RBX: 00007f059ebb5fa8 RCX: 00007f059e98ebe9 [ 675.078212][T16209] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f059ebb5fa8 [ 675.078229][T16209] RBP: 00007f059ebb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 675.078245][T16209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 675.078260][T16209] R13: 00007f059ebb6038 R14: 00007ffff6eb9a60 R15: 00007ffff6eb9b48 [ 675.078286][T16209] [ 675.616096][T16215] FAULT_INJECTION: forcing a failure. [ 675.616096][T16215] name fail_futex, interval 1, probability 0, space 0, times 0 [ 675.629085][T16215] CPU: 0 UID: 0 PID: 16215 Comm: syz.0.1851 Not tainted syzkaller #0 PREEMPT(full) [ 675.629110][T16215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 675.629120][T16215] Call Trace: [ 675.629126][T16215] [ 675.629132][T16215] dump_stack_lvl+0x16c/0x1f0 [ 675.629157][T16215] should_fail_ex+0x512/0x640 [ 675.629182][T16215] get_futex_key+0xff0/0x1560 [ 675.629204][T16215] ? __pfx_get_futex_key+0x10/0x10 [ 675.629223][T16215] ? __mutex_trylock_common+0xe9/0x250 [ 675.629246][T16215] ? __pfx___mutex_trylock_common+0x10/0x10 [ 675.629271][T16215] futex_wake+0xea/0x530 [ 675.629296][T16215] ? __pfx_futex_wake+0x10/0x10 [ 675.629319][T16215] ? rcu_is_watching+0x12/0xc0 [ 675.629337][T16215] ? rcu_is_watching+0x12/0xc0 [ 675.629354][T16215] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 675.629385][T16215] do_futex+0x1e3/0x350 [ 675.629405][T16215] ? __pfx_do_futex+0x10/0x10 [ 675.629425][T16215] ? lock_release+0x201/0x2f0 [ 675.629448][T16215] mm_release+0x24e/0x300 [ 675.629467][T16215] do_exit+0x68e/0x2bf0 [ 675.629492][T16215] ? __pfx_do_exit+0x10/0x10 [ 675.629514][T16215] ? do_raw_spin_lock+0x12c/0x2b0 [ 675.629540][T16215] ? get_signal+0x8f5/0x26d0 [ 675.629558][T16215] ? rcu_is_watching+0x12/0xc0 [ 675.629575][T16215] do_group_exit+0xd3/0x2a0 [ 675.629599][T16215] get_signal+0x2673/0x26d0 [ 675.629618][T16215] ? kmem_cache_free+0x2d1/0x4d0 [ 675.629639][T16215] ? __pfx_get_signal+0x10/0x10 [ 675.629658][T16215] ? do_futex+0x122/0x350 [ 675.629678][T16215] ? __pfx_do_futex+0x10/0x10 [ 675.629699][T16215] arch_do_signal_or_restart+0x8f/0x790 [ 675.629722][T16215] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 675.629746][T16215] ? xfd_validate_state+0x61/0x180 [ 675.629772][T16215] exit_to_user_mode_loop+0x84/0x110 [ 675.629798][T16215] do_syscall_64+0x3f6/0x490 [ 675.629820][T16215] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 675.629838][T16215] RIP: 0033:0x7f059e98ebe9 [ 675.629851][T16215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 675.629870][T16215] RSP: 002b:00007f059f8560e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 675.629887][T16215] RAX: fffffffffffffe00 RBX: 00007f059ebb5fa8 RCX: 00007f059e98ebe9 [ 675.629898][T16215] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f059ebb5fa8 [ 675.629908][T16215] RBP: 00007f059ebb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 675.629918][T16215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 675.629928][T16215] R13: 00007f059ebb6038 R14: 00007ffff6eb9a60 R15: 00007ffff6eb9b48 [ 675.629943][T16215] [ 675.997986][T16169] ptrace attach of "./syz-executor exec"[5859] was attempted by "./syz-executor exec"[16169] [ 677.318853][T16248] ptrace attach of "./syz-executor exec"[5865] was attempted by "./syz-executor exec"[16248] [ 677.488667][T16253] svc: failed to register nfsdv3 RPC service (errno 111). [ 677.519096][T16253] svc: failed to register nfsaclv3 RPC service (errno 111). [ 677.997472][T16256] svc: failed to register nfsdv3 RPC service (errno 111). [ 678.006164][T16256] svc: failed to register nfsaclv3 RPC service (errno 111). [ 678.201017][T16275] FAULT_INJECTION: forcing a failure. [ 678.201017][T16275] name fail_futex, interval 1, probability 0, space 0, times 0 [ 678.264769][T16275] CPU: 0 UID: 0 PID: 16275 Comm: syz.1.1854 Not tainted syzkaller #0 PREEMPT(full) [ 678.264809][T16275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 678.264826][T16275] Call Trace: [ 678.264834][T16275] [ 678.264845][T16275] dump_stack_lvl+0x16c/0x1f0 [ 678.264881][T16275] should_fail_ex+0x512/0x640 [ 678.264918][T16275] get_futex_key+0x1d0/0x1560 [ 678.264949][T16275] ? __pfx_get_futex_key+0x10/0x10 [ 678.264975][T16275] ? __mutex_trylock_common+0xe9/0x250 [ 678.265009][T16275] ? __pfx___mutex_trylock_common+0x10/0x10 [ 678.265043][T16275] futex_wake+0xea/0x530 [ 678.265078][T16275] ? __pfx_futex_wake+0x10/0x10 [ 678.265112][T16275] ? rcu_is_watching+0x12/0xc0 [ 678.265137][T16275] ? rcu_is_watching+0x12/0xc0 [ 678.265160][T16275] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 678.265193][T16275] do_futex+0x1e3/0x350 [ 678.265225][T16275] ? __pfx_do_futex+0x10/0x10 [ 678.265256][T16275] ? lock_release+0x201/0x2f0 [ 678.265294][T16275] mm_release+0x24e/0x300 [ 678.265325][T16275] do_exit+0x68e/0x2bf0 [ 678.265365][T16275] ? __pfx_do_exit+0x10/0x10 [ 678.265401][T16275] ? do_raw_spin_lock+0x12c/0x2b0 [ 678.265442][T16275] ? get_signal+0x8f5/0x26d0 [ 678.265471][T16275] ? rcu_is_watching+0x12/0xc0 [ 678.265500][T16275] do_group_exit+0xd3/0x2a0 [ 678.265539][T16275] get_signal+0x2673/0x26d0 [ 678.265578][T16275] ? kmem_cache_free+0x2d1/0x4d0 [ 678.265612][T16275] ? __pfx_get_signal+0x10/0x10 [ 678.265650][T16275] ? do_futex+0x122/0x350 [ 678.265685][T16275] ? __pfx_do_futex+0x10/0x10 [ 678.265720][T16275] arch_do_signal_or_restart+0x8f/0x790 [ 678.265757][T16275] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 678.265804][T16275] exit_to_user_mode_loop+0x84/0x110 [ 678.265840][T16275] do_syscall_64+0x3f6/0x490 [ 678.265877][T16275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 678.265905][T16275] RIP: 0033:0x7f23b598ebe9 [ 678.265927][T16275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 678.265954][T16275] RSP: 002b:00007f23b689c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 678.265981][T16275] RAX: fffffffffffffe00 RBX: 00007f23b5bb5fa8 RCX: 00007f23b598ebe9 [ 678.265997][T16275] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f23b5bb5fa8 [ 678.266013][T16275] RBP: 00007f23b5bb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 678.266030][T16275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 678.266046][T16275] R13: 00007f23b5bb6038 R14: 00007ffe4577b1e0 R15: 00007ffe4577b2c8 [ 678.266071][T16275] [ 678.817814][T16282] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1855'. [ 679.826060][T16298] ERROR: Out of memory at tomoyo_memory_ok. [ 679.832044][T16298] ERROR: Domain ' /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /sbin/start-stop-daemon /usr/sbin/sshd /usr/libexec/sshd-session /bin/sh /root/syz-executor /root/syz-executor /newroot/456/:,' not defined. [ 680.038975][T16298] FAULT_INJECTION: forcing a failure. [ 680.038975][T16298] name failslab, interval 1, probability 0, space 0, times 0 [ 680.062590][T16298] CPU: 1 UID: 0 PID: 16298 Comm: syz.3.1859 Not tainted syzkaller #0 PREEMPT(full) [ 680.062640][T16298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 680.062656][T16298] Call Trace: [ 680.062665][T16298] [ 680.062676][T16298] dump_stack_lvl+0x16c/0x1f0 [ 680.062718][T16298] should_fail_ex+0x512/0x640 [ 680.062761][T16298] should_failslab+0xc2/0x120 [ 680.062798][T16298] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 680.062833][T16298] ? skb_clone+0x190/0x3f0 [ 680.062872][T16298] skb_clone+0x190/0x3f0 [ 680.062909][T16298] netlink_deliver_tap+0xabd/0xd30 [ 680.062948][T16298] netlink_unicast+0x71f/0x870 [ 680.062983][T16298] ? __pfx_netlink_unicast+0x10/0x10 [ 680.063021][T16298] ? genl_rcv_msg+0x4bb/0x800 [ 680.063068][T16298] netlink_ack+0x696/0xb80 [ 680.063109][T16298] netlink_rcv_skb+0x332/0x420 [ 680.063146][T16298] ? __pfx_genl_rcv_msg+0x10/0x10 [ 680.063190][T16298] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 680.063232][T16298] ? netlink_deliver_tap+0x1ae/0xd30 [ 680.063269][T16298] genl_rcv+0x28/0x40 [ 680.063307][T16298] netlink_unicast+0x5aa/0x870 [ 680.063346][T16298] ? __pfx_netlink_unicast+0x10/0x10 [ 680.063383][T16298] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 680.063424][T16298] netlink_sendmsg+0x8d1/0xdd0 [ 680.063463][T16298] ? __pfx_netlink_sendmsg+0x10/0x10 [ 680.063504][T16298] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 680.063537][T16298] __sys_sendto+0x4a3/0x520 [ 680.063572][T16298] ? __pfx___sys_sendto+0x10/0x10 [ 680.063622][T16298] ? handle_mm_fault+0x2ab/0xd10 [ 680.063651][T16298] ? rcu_is_watching+0x12/0xc0 [ 680.063685][T16298] ? rcu_watching_snap_stopped_since+0x101/0x110 [ 680.063721][T16298] __x64_sys_sendto+0xe0/0x1c0 [ 680.063756][T16298] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 680.063804][T16298] do_syscall_64+0xcd/0x490 [ 680.063844][T16298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 680.063875][T16298] RIP: 0033:0x7f9260b90a7c [ 680.063899][T16298] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 680.063931][T16298] RSP: 002b:00007f92619b7ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 680.063961][T16298] RAX: ffffffffffffffda RBX: 00007f92619b7fc0 RCX: 00007f9260b90a7c [ 680.063982][T16298] RDX: 000000000000001c RSI: 00007f92619b8010 RDI: 000000000000000b [ 680.064000][T16298] RBP: 0000000000000000 R08: 00007f92619b7f14 R09: 000000000000000c [ 680.064018][T16298] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000000000b [ 680.064037][T16298] R13: 00007f92619b7f68 R14: 00007f92619b8010 R15: 0000000000000000 [ 680.064064][T16298] [ 682.915929][T16332] netlink: 8816 bytes leftover after parsing attributes in process `syz.2.1865'. [ 684.244119][T16365] svc: failed to register nfsdv3 RPC service (errno 111). [ 684.279430][T16365] svc: failed to register nfsaclv3 RPC service (errno 111). [ 684.853456][T16366] usb usb36: usbfs: process 16366 (syz.3.1874) did not claim interface 0 before use [ 685.793000][T16362] ptrace attach of "./syz-executor exec"[5859] was attempted by "./syz-executor exec"[16362] [ 686.456474][T16394] ptrace attach of "./syz-executor exec"[5855] was attempted by "./syz-executor exec"[16394] [ 686.521387][T16399] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[16399] [ 686.894078][T16403] svc: failed to register nfsdv3 RPC service (errno 111). [ 686.903074][T16403] svc: failed to register nfsaclv3 RPC service (errno 111). [ 687.837873][T16422] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1883'. [ 688.103933][T16424] usb usb36: usbfs: process 16424 (syz.2.1884) did not claim interface 0 before use [ 689.160226][T16448] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[16448] [ 691.089301][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.095611][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.577578][T16455] ptrace attach of "./syz-executor exec"[5865] was attempted by "./syz-executor exec"[16455] [ 691.834363][T16458] ptrace attach of "./syz-executor exec"[5859] was attempted by "./syz-executor exec"[16458] [ 692.343456][T16486] ptrace attach of "./syz-executor exec"[5859] was attempted by "./syz-executor exec"[16486] [ 692.371169][T16487] ERROR: Out of memory at tomoyo_memory_ok. [ 692.787037][T16492] svc: failed to register nfsdv3 RPC service (errno 111). [ 692.798070][T16492] svc: failed to register nfsaclv3 RPC service (errno 111). [ 693.974685][T16507] Console: switching to colour frame buffer device 128x48 [ 695.237176][T16529] ptrace attach of "./syz-executor exec"[5859] was attempted by "./syz-executor exec"[16529] [ 696.686055][T16530] ptrace attach of "./syz-executor exec"[5855] was attempted by "./syz-executor exec"[16530] [ 696.731126][T16534] ptrace attach of "./syz-executor exec"[5859] was attempted by "./syz-executor exec"[16534] [ 697.314491][T16548] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1904'. [ 698.363846][T16554] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[16554] [ 698.411411][T16562] ptrace attach of "./syz-executor exec"[5865] was attempted by "./syz-executor exec"[16562] [ 700.839012][T16596] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[16596] [ 701.015993][T16628] ptrace attach of "./syz-executor exec"[5859] was attempted by "./syz-executor exec"[16628] [ 701.499932][T16637] [U] - [ 701.508420][T16637] [U] [ 701.511297][T16637] [U] S¬õµ [ 701.514471][T16637] [U] [ 701.528038][T16637] [U] [ 701.530812][T16637] [U] [ 701.533543][T16637] [U] [ 701.536287][T16637] [U] [ 701.566795][T16637] [U] [ 701.569653][T16637] [U] [ 701.572387][T16637] [U] [ 701.575131][T16637] [U] [ 701.591021][T16637] [U] [ 701.593780][T16637] [U] [ 701.596506][T16637] [U] [ 701.599216][T16637] [U] [ 701.614347][T16637] [U] [ 701.617117][T16637] [U] [ 701.619856][T16637] [U] [ 701.622586][T16637] [U] [ 701.636738][T16637] [U] [ 701.639496][T16637] [U] [ 701.642208][T16637] [U] [ 701.644920][T16637] [U] [ 701.656156][T16637] [U] [ 701.658929][T16637] [U] [ 701.661658][T16637] [U] [ 701.664397][T16637] [U] [ 701.687537][T16637] [U] [ 701.690316][T16637] [U] [ 701.693053][T16637] [U] [ 701.695794][T16637] [U] [ 701.704140][T16637] [U] [ 701.706900][T16637] [U] [ 701.709635][T16637] [U] [ 701.712384][T16637] [U] [ 701.716859][T16637] [U] [ 701.719600][T16637] [U] [ 701.722334][T16637] [U] [ 701.725067][T16637] [U] [ 701.736455][T16637] [U] [ 701.739222][T16637] [U] [ 701.741956][T16637] [U] [ 701.744697][T16637] [U] [ 701.747761][T16637] [U] [ 701.750516][T16637] [U] [ 701.753250][T16637] [U] [ 701.755979][T16637] [U] [ 701.759006][T16637] [U] [ 701.761755][T16637] [U] [ 701.764556][T16637] [U] [ 701.767310][T16637] [U] [ 701.770033][T16637] [U] [ 701.773032][T16637] [U] [ 701.775772][T16637] [U] [ 701.778525][T16637] [U] [ 701.781259][T16637] [U] [ 701.784270][T16637] [U] [ 701.787001][T16637] [U] [ 701.789733][T16637] [U] [ 701.792464][T16637] [U] [ 701.796170][T16637] [U] [ 701.798908][T16637] [U] [ 701.801628][T16637] [U] [ 701.804331][T16637] [U] [ 701.807361][T16637] [U] [ 701.810105][T16637] [U] [ 701.812810][T16637] [U] [ 701.815501][T16637] [U] [ 701.819552][T16637] [U] [ 701.822293][T16637] [U] [ 701.825048][T16637] [U] [ 701.827756][T16637] [U] [ 701.845293][T16637] [U] [ 701.848036][T16637] [U] [ 701.850740][T16637] [U] [ 701.853453][T16637] [U] [ 701.946100][T16637] [U] [ 701.948880][T16637] [U] [ 701.951616][T16637] [U] [ 701.954348][T16637] [U] [ 701.978288][T16637] [U] [ 701.981052][T16637] [U] [ 701.983758][T16637] [U] [ 701.986454][T16637] [U] [ 702.097540][T16637] [U] [ 702.100294][T16637] [U] [ 702.103008][T16637] [U] [ 702.105701][T16637] [U] [ 702.148908][T16637] [U] [ 702.151852][T16637] [U] [ 702.154578][T16637] [U] [ 702.157301][T16637] [U] [ 702.181694][T16637] [U] [ 702.184552][T16637] [U] [ 702.187291][T16637] [U] [ 702.190033][T16637] [U] [ 702.217206][T16637] [U] [ 702.219975][T16637] [U] [ 702.222696][T16637] [U] [ 702.225414][T16637] [U] [ 702.248807][T16637] [U] [ 702.251571][T16637] [U] [ 702.254345][T16637] [U] [ 702.257050][T16637] [U] [ 702.320181][T16637] [U] [ 702.322954][T16637] [U] [ 702.325687][T16637] [U] [ 702.328419][T16637] [U] [ 702.348074][T16649] ptrace attach of "./syz-executor exec"[5865] was attempted by "./syz-executor exec"[16649] [ 702.393113][T16637] [U] [ 702.395877][T16637] [U] [ 702.398620][T16637] [U] [ 702.401345][T16637] [U] [ 702.447866][T16637] [U] [ 702.451066][T16637] [U] [ 702.453777][T16637] [U] [ 702.456484][T16637] [U] [ 702.528250][T16637] [U] [ 702.531029][T16637] [U] [ 702.533764][T16637] [U] [ 702.536492][T16637] [U] [ 702.690810][T16637] [U] [ 703.112535][T16638] ptrace attach of "./syz-executor exec"[5860] was attempted by "./syz-executor exec"[16638] [ 703.419041][T16669] Console: switching to colour VGA+ 15x48 [ 703.595506][T16679] ================================================================== [ 703.595522][T16679] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70 [ 703.595553][T16679] Read of size 256 at addr ffff88807a6d2fe2 by task syz.1.1922/16679 [ 703.595580][T16679] [ 703.595591][T16679] CPU: 0 UID: 0 PID: 16679 Comm: syz.1.1922 Not tainted syzkaller #0 PREEMPT(full) [ 703.595612][T16679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 703.595623][T16679] Call Trace: [ 703.595629][T16679] [ 703.595636][T16679] dump_stack_lvl+0x116/0x1f0 [ 703.595660][T16679] print_report+0xcd/0x630 [ 703.595683][T16679] ? __virt_addr_valid+0x81/0x610 [ 703.595704][T16679] ? __phys_addr+0xe8/0x180 [ 703.595726][T16679] ? fbcon_prepare_logo+0xa03/0xc70 [ 703.595748][T16679] kasan_report+0xe0/0x110 [ 703.595769][T16679] ? fbcon_prepare_logo+0xa03/0xc70 [ 703.595800][T16679] kasan_check_range+0x100/0x1b0 [ 703.595836][T16679] __asan_memcpy+0x23/0x60 [ 703.595862][T16679] fbcon_prepare_logo+0xa03/0xc70 [ 703.595899][T16679] fbcon_init+0xd77/0x1900 [ 703.595931][T16679] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 703.595960][T16679] visual_init+0x320/0x620 [ 703.595989][T16679] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 703.596028][T16679] store_bind+0x61d/0x760 [ 703.596063][T16679] ? __pfx_store_bind+0x10/0x10 [ 703.596085][T16679] dev_attr_store+0x58/0x80 [ 703.596110][T16679] ? __pfx_dev_attr_store+0x10/0x10 [ 703.596151][T16679] sysfs_kf_write+0xf2/0x150 [ 703.596172][T16679] kernfs_fop_write_iter+0x354/0x510 [ 703.596189][T16679] ? __pfx_sysfs_kf_write+0x10/0x10 [ 703.596210][T16679] iter_file_splice_write+0xa24/0x12e0 [ 703.596235][T16679] ? copy_splice_read+0x89c/0xc20 [ 703.596252][T16679] ? __pfx_iter_file_splice_write+0x10/0x10 [ 703.596273][T16679] ? __pfx_copy_splice_read+0x10/0x10 [ 703.596291][T16679] ? look_up_lock_class+0x59/0x150 [ 703.596315][T16679] ? __pfx___might_resched+0x10/0x10 [ 703.596332][T16679] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 703.596352][T16679] ? __pfx_iter_file_splice_write+0x10/0x10 [ 703.596372][T16679] direct_splice_actor+0x192/0x6c0 [ 703.596391][T16679] splice_direct_to_actor+0x345/0xa30 [ 703.596409][T16679] ? __pfx_direct_splice_actor+0x10/0x10 [ 703.596428][T16679] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 703.596447][T16679] ? futex_private_hash_put+0x11c/0x300 [ 703.596469][T16679] do_splice_direct+0x174/0x240 [ 703.596486][T16679] ? __pfx_do_splice_direct+0x10/0x10 [ 703.596503][T16679] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 703.596521][T16679] ? bpf_lsm_file_permission+0x9/0x10 [ 703.596546][T16679] ? security_file_permission+0x71/0x210 [ 703.596577][T16679] ? rw_verify_area+0xcf/0x6c0 [ 703.596595][T16679] do_sendfile+0xb06/0xe50 [ 703.596615][T16679] ? __pfx_do_sendfile+0x10/0x10 [ 703.596633][T16679] ? __sys_sendmsg+0x18c/0x220 [ 703.596656][T16679] ? __x64_sys_futex+0x1e0/0x4c0 [ 703.596677][T16679] ? __x64_sys_futex+0x1e9/0x4c0 [ 703.596700][T16679] __x64_sys_sendfile64+0x1d8/0x220 [ 703.596725][T16679] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 703.596752][T16679] do_syscall_64+0xcd/0x490 [ 703.596775][T16679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 703.596793][T16679] RIP: 0033:0x7f23b598ebe9 [ 703.596808][T16679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 703.596826][T16679] RSP: 002b:00007f23b687b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 703.596843][T16679] RAX: ffffffffffffffda RBX: 00007f23b5bb6090 RCX: 00007f23b598ebe9 [ 703.596854][T16679] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000003 [ 703.596865][T16679] RBP: 00007f23b5a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 703.596875][T16679] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 703.596885][T16679] R13: 00007f23b5bb6128 R14: 00007f23b5bb6090 R15: 00007ffe4577b2c8 [ 703.596901][T16679] [ 703.596907][T16679] [ 703.596912][T16679] The buggy address belongs to the physical page: [ 703.596921][T16679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x30 pfn:0x7a6d0 [ 703.596936][T16679] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 703.596950][T16679] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 703.596967][T16679] page_type: f8(unknown) [ 703.596982][T16679] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000 [ 703.596997][T16679] raw: 0000000000000030 0000000000000000 00000000f8000000 0000000000000000 [ 703.597013][T16679] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000 [ 703.597028][T16679] head: 0000000000000030 0000000000000000 00000000f8000000 0000000000000000 [ 703.597043][T16679] head: 00fff00000000002 ffffea0001e9b401 00000000ffffffff 00000000ffffffff [ 703.597058][T16679] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 703.597068][T16679] page dumped because: kasan: bad access detected [ 703.597076][T16679] page_owner tracks the page as allocated [ 703.597082][T16679] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x140dc0(GFP_USER|__GFP_ZERO|__GFP_COMP), pid 16679, tgid 16668 (syz.1.1922), ts 703572606466, free_ts 703167842223 [ 703.597111][T16679] post_alloc_hook+0x1c0/0x230 [ 703.597129][T16679] get_page_from_freelist+0x132b/0x38e0 [ 703.597148][T16679] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 703.597168][T16679] alloc_pages_mpol+0x1fb/0x550 [ 703.597188][T16679] ___kmalloc_large_node+0xed/0x160 [ 703.597212][T16679] __kmalloc_large_node_noprof+0x1c/0x70 [ 703.597237][T16679] __kmalloc_noprof.cold+0xc/0x61 [ 703.597260][T16679] vc_do_resize+0x1de/0x10e0 [ 703.597278][T16679] fbcon_init+0xd53/0x1900 [ 703.597298][T16679] visual_init+0x320/0x620 [ 703.597313][T16679] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 703.597333][T16679] store_bind+0x61d/0x760 [ 703.597352][T16679] dev_attr_store+0x58/0x80 [ 703.597375][T16679] sysfs_kf_write+0xf2/0x150 [ 703.597391][T16679] kernfs_fop_write_iter+0x354/0x510 [ 703.597406][T16679] iter_file_splice_write+0xa24/0x12e0 [ 703.597422][T16679] page last free pid 16659 tgid 16658 stack trace: [ 703.597432][T16679] __free_frozen_pages+0x7d5/0x10f0 [ 703.597447][T16679] vc_do_resize+0x972/0x10e0 [ 703.597465][T16679] vt_ioctl+0x2ca4/0x30a0 [ 703.597480][T16679] tty_ioctl+0x65e/0x1680 [ 703.597501][T16679] __x64_sys_ioctl+0x18e/0x210 [ 703.597525][T16679] do_syscall_64+0xcd/0x490 [ 703.597545][T16679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 703.597561][T16679] [ 703.597571][T16679] Memory state around the buggy address: [ 703.597580][T16679] ffff88807a6d2f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 703.597592][T16679] ffff88807a6d2f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 703.597603][T16679] >ffff88807a6d3000: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 703.597612][T16679] ^ [ 703.597621][T16679] ffff88807a6d3080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 703.597632][T16679] ffff88807a6d3100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 703.597641][T16679] ================================================================== [ 703.597770][T16679] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 703.597794][T16679] CPU: 0 UID: 0 PID: 16679 Comm: syz.1.1922 Not tainted syzkaller #0 PREEMPT(full) [ 703.597832][T16679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 703.597852][T16679] Call Trace: [ 703.597863][T16679] [ 703.597875][T16679] dump_stack_lvl+0x3d/0x1f0 [ 703.597912][T16679] vpanic+0x6e8/0x7a0 [ 703.597949][T16679] ? __pfx_vpanic+0x10/0x10 [ 703.597986][T16679] ? __pfx_vprintk_emit+0x10/0x10 [ 703.598017][T16679] ? fbcon_prepare_logo+0xa03/0xc70 [ 703.598047][T16679] panic+0xca/0xd0 [ 703.598084][T16679] ? __pfx_panic+0x10/0x10 [ 703.598125][T16679] ? fbcon_prepare_logo+0xa03/0xc70 [ 703.598162][T16679] ? preempt_schedule_common+0x44/0xc0 [ 703.598202][T16679] ? preempt_schedule_thunk+0x16/0x30 [ 703.598244][T16679] check_panic_on_warn+0xab/0xb0 [ 703.598289][T16679] end_report+0x107/0x170 [ 703.598323][T16679] kasan_report+0xee/0x110 [ 703.598360][T16679] ? fbcon_prepare_logo+0xa03/0xc70 [ 703.598400][T16679] kasan_check_range+0x100/0x1b0 [ 703.598444][T16679] __asan_memcpy+0x23/0x60 [ 703.598474][T16679] fbcon_prepare_logo+0xa03/0xc70 [ 703.598517][T16679] fbcon_init+0xd77/0x1900 [ 703.598554][T16679] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 703.598597][T16679] visual_init+0x320/0x620 [ 703.598629][T16679] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 703.598669][T16679] store_bind+0x61d/0x760 [ 703.598710][T16679] ? __pfx_store_bind+0x10/0x10 [ 703.598743][T16679] dev_attr_store+0x58/0x80 [ 703.598786][T16679] ? __pfx_dev_attr_store+0x10/0x10 [ 703.598827][T16679] sysfs_kf_write+0xf2/0x150 [ 703.598860][T16679] kernfs_fop_write_iter+0x354/0x510 [ 703.598888][T16679] ? __pfx_sysfs_kf_write+0x10/0x10 [ 703.598920][T16679] iter_file_splice_write+0xa24/0x12e0 [ 703.598962][T16679] ? copy_splice_read+0x89c/0xc20 [ 703.598989][T16679] ? __pfx_iter_file_splice_write+0x10/0x10 [ 703.599016][T16679] ? __pfx_copy_splice_read+0x10/0x10 [ 703.599033][T16679] ? look_up_lock_class+0x59/0x150 [ 703.599056][T16679] ? __pfx___might_resched+0x10/0x10 [ 703.599074][T16679] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 703.599094][T16679] ? __pfx_iter_file_splice_write+0x10/0x10 [ 703.599114][T16679] direct_splice_actor+0x192/0x6c0 [ 703.599133][T16679] splice_direct_to_actor+0x345/0xa30 [ 703.599152][T16679] ? __pfx_direct_splice_actor+0x10/0x10 [ 703.599171][T16679] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 703.599190][T16679] ? futex_private_hash_put+0x11c/0x300 [ 703.599211][T16679] do_splice_direct+0x174/0x240 [ 703.599229][T16679] ? __pfx_do_splice_direct+0x10/0x10 [ 703.599246][T16679] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 703.599264][T16679] ? bpf_lsm_file_permission+0x9/0x10 [ 703.599290][T16679] ? security_file_permission+0x71/0x210 [ 703.599314][T16679] ? rw_verify_area+0xcf/0x6c0 [ 703.599331][T16679] do_sendfile+0xb06/0xe50 [ 703.599351][T16679] ? __pfx_do_sendfile+0x10/0x10 [ 703.599369][T16679] ? __sys_sendmsg+0x18c/0x220 [ 703.599392][T16679] ? __x64_sys_futex+0x1e0/0x4c0 [ 703.599413][T16679] ? __x64_sys_futex+0x1e9/0x4c0 [ 703.599435][T16679] __x64_sys_sendfile64+0x1d8/0x220 [ 703.599459][T16679] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 703.599485][T16679] do_syscall_64+0xcd/0x490 [ 703.599508][T16679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 703.599526][T16679] RIP: 0033:0x7f23b598ebe9 [ 703.599540][T16679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 703.599558][T16679] RSP: 002b:00007f23b687b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 703.599583][T16679] RAX: ffffffffffffffda RBX: 00007f23b5bb6090 RCX: 00007f23b598ebe9 [ 703.599595][T16679] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000003 [ 703.599605][T16679] RBP: 00007f23b5a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 703.599616][T16679] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 703.599626][T16679] R13: 00007f23b5bb6128 R14: 00007f23b5bb6090 R15: 00007ffe4577b2c8 [ 703.599641][T16679] [ 703.599948][T16679] Kernel Offset: disabled