last executing test programs: 8.614077125s ago: executing program 1 (id=4042): r0 = socket(0xa, 0x1, 0x84) setsockopt$auto(r0, 0x0, 0x60, 0x0, 0x6f7250c4) 8.498260894s ago: executing program 1 (id=4043): r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x30, r2, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x9, 0x4, 'nfsd\x00'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x30}}, 0x4000) 7.117072953s ago: executing program 2 (id=4047): mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0x7, 0x28000) socket(0xa, 0x1, 0x84) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video47\x00', 0xc0480, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fsconfig$auto_JFFS2_COMPR_MODE_NONE(r0, 0x9, 0x0, 0x0, 0x0) fcntl$auto(0xff80000000000000, 0x409, 0x3f) select$auto(0xe, 0x0, 0x0, &(0x7f00000000c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x7, 0x3, 0x10001, 0x3, 0x5e, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948e, 0xffffffffffffffff, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x6, 0x2, 0x6]}, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7ffff000) close_range$auto(0x2, 0x8, 0x0) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x82182, 0x0) 6.919610446s ago: executing program 1 (id=4050): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0xa, 0x1, 0x84) ioctl$auto_FBIOPUTCMAP(0xffffffffffffffff, 0x4605, &(0x7f0000000080)="d786d318e2f67356a6bd48591c932386d5e8cdb0c7c62c479631cf644777a36a05e2dbcffb909b66cb918c2a30703fa6e9ecceedf37c4a2294f4ec72bb492753ad3494ea98ed13be78e35813c1d49158f6f059a098c54e1c2f064862bed9371fa0a566db5b99c57c5a53f9efbb1dabcba33455268e4ba9be49d6dd8ff5434f8f9b83624ab2fd47caad8170c89448ea0af74c13fafa74bff9667a95fd1f47d098318c6a638b050036f749c57bd0a510b8976e5da62eb4601fb7771a66056eff8c93006df62522f771430d669bd73260a96b2c4a105d388bbdb695f375cf3da398437da27f55383b3769e4c394") r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) setsockopt$auto(r0, 0x0, 0x60, 0x0, 0x6f7250c4) 6.083573271s ago: executing program 1 (id=4051): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/kexec_crash_size\x00', 0x102, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) pread64$auto(r0, 0x0, 0x10000000d, 0x5) read$auto(r0, 0x0, 0x2a52) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x9, 0x2, 0xb, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptya7\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TCFLSH2(r1, 0x40087101, 0x0) msgget$auto(0xc, 0x77d9) msgrcv$auto(0x0, 0x0, 0xff9, 0x1, 0x3) msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x8, 0x9) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x80000002, 0x1d, 0x3000, 0xfffffff8, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x6, 0x29c, 0x1, 0x7f, 0x0, 0x6, 0x1}, {0x10100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) socket(0xa, 0x1, 0x7) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0x5}, 0x5, 0x5) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x20242, 0x0) socket(0x2, 0x1, 0x0) socket(0xa, 0x6, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) mmap$auto(0x8, 0x420009, 0xdf, 0x10000000000eb1, 0x40000000000a5, 0x5) 5.781334111s ago: executing program 2 (id=4052): readv$auto(0xffffffffffffffff, &(0x7f0000001680)={&(0x7f0000000680), 0x7}, 0x5) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS0\x00', 0x101e81, 0x0) write$auto_tty_fops_tty_io(r0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x20000001, 0x2, 0x3, 0x0) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/nr2/statistics/tx_heartbeat_errors\x00', 0xe0082, 0x0) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) getpid() r4 = setfsuid$auto(0xee00) getegid() shmctl$auto_SHM_STAT_ANY(0x0, 0xf, 0x0) sendmsg$auto_OVS_VPORT_CMD_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002dc0)=ANY=[@ANYBLOB='q%', @ANYRES16, @ANYBLOB, @ANYRES32, @ANYBLOB="040018800000000000d000050045b4fc4d20e461a7cfa5a692e9acf2b3211425b1c77ecbbb4817d7e0b68da870a708c4fef613df8e2a3aa4f5bc3b401ba53f4d173f1490678a31f4b0f6f0449214088328691d7e50256cca2e6d3f13f71913920379252290dcbf4737db8cda9adf78cbf905c99c3437b3820e0bd7f03eefc4a8e38fcc95b6e2ea9ed3e3bfb6834b3186942569c4eacd7fd398f9bf37a5db3c4f24ae41b3e5ba97ce24b95425ed49d5cd5e614a03cc33f80d96b0e8bf0ac6b3b656ad590f443973a975e7ca80503e4956d91a36e7f80acca3aa9300050043aca57fe51e8b49ad6c1c3e3584d5007620c2b6d07c95f6c233c628db3ebd1843c6c64df444c00461f80fa5ed", @ANYRES32=r4], 0x2550}, 0x1, 0x0, 0x0, 0x40000}, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000000000)="c80d1b5d399b50", 0xfdef) sendfile$auto(r2, r2, 0x0, 0x800400000000ef0) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) r5 = epoll_create$auto(0x4) r6 = socket(0x2, 0x5, 0x0) epoll_ctl$auto(r5, 0x1, r6, 0x0) r7 = epoll_create$auto(0x3e) epoll_ctl$auto(r7, 0x1, r5, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/memory_hotplug/parameters/online_policy\x00', 0x60302, 0x0) futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4) read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x10, 0x0) r8 = fsopen$auto(0x0, 0x1) fsconfig$auto(r8, 0x8, 0x0, 0x0, 0x0) 5.649579531s ago: executing program 3 (id=4054): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/kexec_crash_size\x00', 0x102, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) pread64$auto(r0, 0x0, 0x10000000d, 0x5) read$auto(r0, 0x0, 0x2a52) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x9, 0x2, 0xb, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptya7\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TCFLSH2(r1, 0x40087101, 0x0) msgget$auto(0xc, 0x77d9) msgrcv$auto(0x0, 0x0, 0xff9, 0x1, 0x3) msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x8, 0x9) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x80000002, 0x1d, 0x3000, 0xfffffff8, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x6, 0x29c, 0x1, 0x7f, 0x0, 0x6, 0x1}, {0x10100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) socket(0xa, 0x1, 0x7) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0x5}, 0x5, 0x5) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp1\x00', 0x20242, 0x0) socket(0x2, 0x1, 0x0) 5.231744291s ago: executing program 2 (id=4055): socket(0x15, 0x5, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x7) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/pcm0p/sub0/xrun_injection\x00', 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/raw\x00', 0x200, 0x0) read$auto(r0, 0x0, 0x7f) semctl$auto_SETALL(0x0, 0xffe0000, 0x11, 0x7) 4.765672629s ago: executing program 2 (id=4056): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), r0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000100)={{@raw=0xb, 0x3, 0xcf, 0x8, "16a0d89bf208384515b5375a677609aa1bc737276563c3d5a2fca999d5797ab7a10a4d2bc341c4bd369ae535", @raw=0x1}, 0x1, @integer=@value=[0x6d, 0x7, 0x0, 0xbb, 0x4, 0x80000000, 0x1, 0x10001, 0x1, 0x400000000009, 0xc4, 0x9, 0x6, 0x4, 0x3, 0x6, 0x1, 0x3, 0x4, 0x401, 0x6, 0x0, 0xa0, 0x5, 0x2, 0x3, 0x5, 0xa, 0x8, 0x1, 0x8, 0x7f, 0xffffffffffffdb75, 0x100000000, 0x3, 0x7, 0x7fffffffffffffff, 0x1, 0xd, 0x1, 0x71, 0x0, 0x8, 0x2, 0x3, 0x3, 0x2d7, 0x1, 0x1, 0x6, 0x2, 0x800000001, 0x6, 0x7, 0x0, 0x6, 0x4, 0x3, 0x40a, 0xd, 0x3fd, 0x8, 0x7, 0xffff, 0x50ce0883, 0xbd9, 0x5, 0x2, 0xd8f, 0x80000000, 0x0, 0x7, 0x46e, 0xa5cf, 0x8, 0x7, 0xc16b, 0x6, 0x9, 0x6, 0x8000002, 0x6, 0x1, 0x3, 0x3, 0xfffffffffffff16a, 0x6, 0xffffffffffff0001, 0x100000000, 0x4, 0x8, 0x4, 0x2, 0x2000000003, 0xfffffffffffffffe, 0x20007cf9, 0x40, 0x2, 0x7, 0x100, 0x14b, 0x2, 0x45f3, 0x0, 0x0, 0x4, 0x0, 0x8001, 0x0, 0x1, 0x7, 0xcf4, 0x1, 0x3, 0x0, 0x4, 0x7, 0x6, 0x25e2, 0xc9a, 0xd09, 0x40, 0x2, 0xffffffffffffff00, 0x7, 0x9, 0xfffffffffffffff8, 0x40], "f3fadb90a56b67d92a5b28b4b23f332550b1e5454e2027fb1a37efe81bbc27deaf7c3100aab088cdb3b40dad335c9174f18934845ac3152fef1e0f42b42471efc0225a4ebe7e05ce3d4ab429805d5921633ffbce8f1a82ff9dec6c288f431cb7005b85ca8633c55d49bbdf4bd9cac1046064001bca7ba37e4b5eacf1940c9a78"}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) io_uring_setup$auto(0x8, &(0x7f0000000140)={0x0, 0x1, 0x9, 0x210001, 0xc, 0xc05, 0xffffffffffffffff, [0x7fd, 0x1001, 0x3], {0x9, 0x3, 0x6, 0x0, 0x4, 0x895, 0x3fdc, 0x6, 0x5}, {0x2, 0x1d11, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0xb}}) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="000329bd7000fedbdf250900000008000c000100008008000300", @ANYRES32, @ANYBLOB="08002c000001000008001d"], 0x3c}, 0x1, 0x0, 0x0, 0x20000828}, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5a}, 0x80000800}, 0x7, 0x4008) r3 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000640), r2) sendmsg$auto_SMC_NETLINK_ADD_UEID(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000900)={&(0x7f0000000680)={0x234, r3, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@SMC_NLA_EID_TABLE_UNSPEC={0x8b, 0x0, "5be2fdb89a4555bc0ab8fe1b8e4b4655d23babd081a509722b09545c7ad5b15ca3467eb11f74ec1e377cded66879fbe15c54ec9992338ae2d0a419c32c522f30bc4e4370bfae178ac65e63fbd8e692413b826bc301c4542c7efb16e35c150064a9e4e8259c24b140a3a8591f066a48f8c356516fe9edbf6a68cb19153f283eb8d53190f1ccefa0"}, @SMC_NLA_EID_TABLE_UNSPEC={0x88, 0x0, "3ba25d07da672c3db6dd6dc67b9dd4a3c92a962f87b97f400b4c824450e38852c453e6975cea992a5b1a2fb3227a00c406494e75e8649b8f837b83137118a6e2f97eaf7cd4e3755e13530057b7a79b2ae4aba37bdd15b1376f983a5ac5348b8bf7157c1e8a9213dab3daf1375e34e0e2b945d59fdcfd7ba143d5b25c4266a8800671545a"}, @SMC_NLA_EID_TABLE_UNSPEC={0xd0, 0x0, "9bfd36b23676e1676a1a0880ba1bbf8888c5fd90879a8e323b23d8b34d95a2b0ebdf481ca2325ebd345e239de065fff85e60d7b879a6bf635a03eaac2f88a4e4802265a6d7e376756740aa8520f5452af53cf7ad2ec33c0f9d8810f4a6a484a5b52f52ca2af73346ba26b789e5cb65bd17513d5d232b47839ecc214b304ce6c884f01617e11f92749e8c0c685107b0315772af3773d4ebcf7bf7a6e4aa0ce18533991cb44675cd5a0879ae1cd42619bc787182703edd015004f391846b93cacb900085d7d2e32a59c9ba94f2"}, @SMC_NLA_EID_TABLE_ENTRY={0x8, 0x1, '&\'])'}, @SMC_NLA_EID_TABLE_UNSPEC={0x34, 0x0, "6b647518189034624ef645950c5c4080c4ab9c204ad1cc33d0bc224de2377c3dff6e6b835062851211dca584465acbc6"}]}, 0x234}, 0x1, 0x0, 0x0, 0x5}, 0x8000) open(0x0, 0x22040, 0x75) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3}, 0x3ef3}, 0x3, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) pivot_root$auto(0x0, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) unshare$auto(0x40000080) r5 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) ioctl$auto_SG_GET_SG_TABLESIZE(r5, 0x227f, &(0x7f00000001c0)) sendmsg$auto_OVS_FLOW_CMD_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd700000dcdf250300000004000800100001800c00108008000900fe220badcf0e4263ba92654e9ba786d984f68d50cc1889a54944e0f4c10b4377e6ba7e4f06a9c51ceaa776e606d523e73c22970e238a2a2d21d986bedd4920bc6da6858218d9d85d2bcf636ecfed11082e866e62d23e21002fb6f82397ce440cae25f8e34e13c9326e6b3692ef5535483880249acd012f3da61690cc2d4496b3d64931149cb37de563235a0e18c0eaa75dba805b0325e25241f0402aec38824e48fb813c57275d21d6a5adec89166a74737bb53bb923c016cc3aa2bbf6d483d702acae0e5b972957824365e50a1ad31f85000000", @ANYRES32, @ANYBLOB], 0x28}}, 0x810) 4.560176268s ago: executing program 1 (id=4058): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), r0) statx$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x2, 0x4, &(0x7f0000000180)={0x6, 0x0, 0xd57, 0xff, 0xee01, 0xffffffffffffffff, 0x5, 0x2, 0x444c59c2, 0x80, 0x6000000000, 0x9, {0xffffffffffffff38, 0xc78}, {0x0, 0x9}, {0x0, 0xfffffffd}, {0x7fffffff, 0x4}, 0xfffffff9, 0xfffffff9, 0x8f, 0x7c2b, 0x4, 0x0, 0x0, 0x74a, 0x9, 0x9, 0x0, 0x40, [0x0, 0x10, 0xfffffffeffffffff, 0x3, 0x8, 0x9, 0x6, 0x1, 0x9]}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000100)={{@raw=0xb, 0x3, 0xcf, 0x8, "16a0d89bf208384515b5375a677609aa1bc737276563c3d5a2fca999d5797ab7a10a4d2bc341c4bd369ae535", @raw=0x1}, 0x1, @integer=@value=[0x6d, 0x7, 0x0, 0xbb, 0x4, 0x80000000, 0x1, 0x10001, 0x1, 0x400000000009, 0xc4, 0x9, 0x6, 0x4, 0x3, 0x6, 0x1, 0x3, 0x4, 0x401, 0x6, 0x0, 0xa0, 0x5, 0x2, 0x3, 0x5, 0xa, 0x8, 0x1, 0x8, 0x7f, 0xffffffffffffdb75, 0x100000000, 0x3, 0x7, 0x7fffffffffffffff, 0x1, 0xd, 0x1, 0x71, 0x0, 0x8, 0x2, 0x3, 0x3, 0x2d7, 0x1, 0x1, 0x6, 0x2, 0x800000001, 0x6, 0x7, 0x0, 0x6, 0x4, 0x3, 0x40a, 0xd, 0x3fd, 0x8, 0x7, 0xffff, 0x50ce0883, 0xbd9, 0x5, 0x2, 0xd8f, 0x80000000, 0x0, 0x7, 0x46e, 0xa5cf, 0x8, 0x7, 0xc16b, 0x6, 0x9, 0x6, 0x8000002, 0x6, 0x1, 0x3, 0x3, 0xfffffffffffff16a, 0x6, 0xffffffffffff0001, 0x100000000, 0x4, 0x8, 0x4, 0x2, 0x2000000003, 0xfffffffffffffffe, 0x20007cf9, 0x40, 0x2, 0x7, 0x100, 0x14b, 0x2, 0x45f3, 0x0, 0x0, 0x4, 0x0, 0x8001, 0x0, 0x1, 0x7, 0xcf4, 0x1, 0x3, 0x0, 0x4, 0x7, 0x6, 0x25e2, 0xc9a, 0xd09, 0x40, 0x2, 0xffffffffffffff00, 0x7, 0x9, 0xfffffffffffffff8, 0x40], "f3fadb90a56b67d92a5b28b4b23f332550b1e5454e2027fb1a37efe81bbc27deaf7c3100aab088cdb3b40dad335c9174f18934845ac3152fef1e0f42b42471efc0225a4ebe7e05ce3d4ab429805d5921633ffbce8f1a82ff9dec6c288f431cb7005b85ca8633c55d49bbdf4bd9cac1046064001bca7ba37e4b5eacf1940c9a78"}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) io_uring_setup$auto(0x8, &(0x7f0000000140)={0x0, 0x1, 0x9, 0x210001, 0xc, 0xc05, 0xffffffffffffffff, [0x7fd, 0x1001, 0x3], {0x9, 0x3, 0x6, 0x0, 0x4, 0x895, 0x3fdc, 0x6, 0x5}, {0x2, 0x1d11, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0xb}}) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="000329bd7000fedbdf250900000008000c000100008008000300", @ANYRES32, @ANYBLOB="08002c000001000008001d"], 0x3c}, 0x1, 0x0, 0x0, 0x20000828}, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5a}, 0x80000800}, 0x7, 0x4008) r4 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000640), r3) sendmsg$auto_SMC_NETLINK_ADD_UEID(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000900)={&(0x7f0000000680)={0x260, r4, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@SMC_NLA_EID_TABLE_UNSPEC={0x8b, 0x0, "5be2fdb89a4555bc0ab8fe1b8e4b4655d23babd081a509722b09545c7ad5b15ca3467eb11f74ec1e377cded66879fbe15c54ec9992338ae2d0a419c32c522f30bc4e4370bfae178ac65e63fbd8e692413b826bc301c4542c7efb16e35c150064a9e4e8259c24b140a3a8591f066a48f8c356516fe9edbf6a68cb19153f283eb8d53190f1ccefa0"}, @SMC_NLA_EID_TABLE_UNSPEC={0xb4, 0x0, "3ba25d07da672c3db6dd6dc67b9dd4a3c92a962f87b97f400b4c824450e38852c453e6975cea992a5b1a2fb3227a00c406494e75e8649b8f837b83137118a6e2f97eaf7cd4e3755e13530057b7a79b2ae4aba37bdd15b1376f983a5ac5348b8bf7157c1e8a9213dab3daf1375e34e0e2b945d59fdcfd7ba143d5b25c4266a8800671545ab202c97370394f42bf9a8ebf5954784fb5a4f4b24a7ab978920aecea6f7ebd075fe7219616430ce1adc438fc"}, @SMC_NLA_EID_TABLE_UNSPEC={0xd0, 0x0, "9bfd36b23676e1676a1a0880ba1bbf8888c5fd90879a8e323b23d8b34d95a2b0ebdf481ca2325ebd345e239de065fff85e60d7b879a6bf635a03eaac2f88a4e4802265a6d7e376756740aa8520f5452af53cf7ad2ec33c0f9d8810f4a6a484a5b52f52ca2af73346ba26b789e5cb65bd17513d5d232b47839ecc214b304ce6c884f01617e11f92749e8c0c685107b0315772af3773d4ebcf7bf7a6e4aa0ce18533991cb44675cd5a0879ae1cd42619bc787182703edd015004f391846b93cacb900085d7d2e32a59c9ba94f2"}, @SMC_NLA_EID_TABLE_ENTRY={0x8, 0x1, '&\'])'}, @SMC_NLA_EID_TABLE_UNSPEC={0x34, 0x0, "6b647518189034624ef645950c5c4080c4ab9c204ad1cc33d0bc224de2377c3dff6e6b835062851211dca584465acbc6"}]}, 0x260}, 0x1, 0x0, 0x0, 0x5}, 0x8000) open(0x0, 0x22040, 0x75) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3}, 0x3ef3}, 0x3, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) pivot_root$auto(0x0, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) unshare$auto(0x40000080) r6 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) ioctl$auto_SG_GET_SG_TABLESIZE(r6, 0x227f, &(0x7f00000001c0)) sendmsg$auto_OVS_FLOW_CMD_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd700000dcdf250300000004000800100001800c00108008000900fe220badcf0e4263ba92654e9ba786d984f68d50cc1889a54944e0f4c10b4377e6ba7e4f06a9c51ceaa776e606d523e73c22970e238a2a2d21d986bedd4920bc6da6858218d9d85d2bcf636ecfed11082e866e62d23e21002fb6f82397ce440cae25f8e34e13c9326e6b3692ef5535483880249acd012f3da61690cc2d4496b3d64931149cb37de563235a0e18c0eaa75dba805b0325e25241f0402aec38824e48fb813c57275d21d6a5adec89166a74737bb53bb923c016cc3aa2bbf6d483d702acae0e5b972957824365e50a1ad31f85000000", @ANYRES32=r2, @ANYBLOB], 0x28}}, 0x810) 4.475312728s ago: executing program 3 (id=4060): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) keyctl$auto_KEYCTL_SETPERM(0x5, 0xfffffffffffffffb, 0x200, 0x1, 0x100) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, 0x0, 0x4800) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/swradio12\x00', 0x0, 0x0) poll$auto(&(0x7f0000000480)={r0, 0xffff, 0x29}, 0x3, 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) keyctl$auto_KEYCTL_SETPERM(0x5, 0x8001, 0xdbf7, 0x5, 0x10) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) io_uring_setup$auto(0x1, 0x0) close_range$auto(r0, r0, 0x0) socketcall$auto_SYS_SOCKETPAIR(0x8, &(0x7f0000000040)=0xfffffffffffff001) madvise$auto(0x0, 0x2003f2, 0x15) r2 = getsid$auto(0x0) process_vm_readv$auto(r2, &(0x7f00000000c0)={&(0x7f0000000000)="d611943f42bf3cdcaee3eff3d7219a48fd519450a7ac1eb4e128b8ff4c5eb82f43ec890d420e96be069ca0f89b6eff70f72d27449dd03b454cf820c51a904c89685b6a176fd2fad297ddb1b60d3b9eb018d5ec53c66a0dccb9d135b82f25023fe5e1a2adf7c8d04e9faf8050a7643dac8cbfd8bd507631e7c2a4b636b96a2272ff086c66a1aed04ece1236a324573582801ca2bba35b701d8cb0ed08b2eb", 0x4}, 0x5, &(0x7f0000000180)={&(0x7f0000000100)="5a7d13da84ebb930fc87d68075d057582cc3aaecf34446e49f0ad8331b89fb6e74172ed800e9505530df2605", 0x400}, 0x7fffffffffffffff, 0x5) 4.327686237s ago: executing program 0 (id=4061): socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0xa4, 0xc8, 0xfffffffffffffffc, 0x4) 4.139981985s ago: executing program 0 (id=4062): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) writev$auto(0x3, 0x0, 0x8) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) sendfile$auto(r0, r1, 0x0, 0x1) (fail_nth: 3) 3.207925317s ago: executing program 0 (id=4063): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), r0) statx$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x2, 0x4, &(0x7f0000000180)={0x6, 0x0, 0xd57, 0xff, 0xee01, 0xffffffffffffffff, 0x5, 0x2, 0x444c59c2, 0x80, 0x6000000000, 0x9, {0xffffffffffffff38, 0xc78}, {0x0, 0x9}, {0x0, 0xfffffffd}, {0x7fffffff, 0x4}, 0xfffffff9, 0xfffffff9, 0x8f, 0x7c2b, 0x4, 0x0, 0x0, 0x74a, 0x9, 0x9, 0x0, 0x40, [0x0, 0x10, 0xfffffffeffffffff, 0x3, 0x8, 0x9, 0x6, 0x1, 0x9]}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000100)={{@raw=0xb, 0x3, 0xcf, 0x8, "16a0d89bf208384515b5375a677609aa1bc737276563c3d5a2fca999d5797ab7a10a4d2bc341c4bd369ae535", @raw=0x1}, 0x1, @integer=@value=[0x6d, 0x7, 0x0, 0xbb, 0x4, 0x80000000, 0x1, 0x10001, 0x1, 0x400000000009, 0xc4, 0x9, 0x6, 0x4, 0x3, 0x6, 0x1, 0x3, 0x4, 0x401, 0x6, 0x0, 0xa0, 0x5, 0x2, 0x3, 0x5, 0xa, 0x8, 0x1, 0x8, 0x7f, 0xffffffffffffdb75, 0x100000000, 0x3, 0x7, 0x7fffffffffffffff, 0x1, 0xd, 0x1, 0x71, 0x0, 0x8, 0x2, 0x3, 0x3, 0x2d7, 0x1, 0x1, 0x6, 0x2, 0x800000001, 0x6, 0x7, 0x0, 0x6, 0x4, 0x3, 0x40a, 0xd, 0x3fd, 0x8, 0x7, 0xffff, 0x50ce0883, 0xbd9, 0x5, 0x2, 0xd8f, 0x80000000, 0x0, 0x7, 0x46e, 0xa5cf, 0x8, 0x7, 0xc16b, 0x6, 0x9, 0x6, 0x8000002, 0x6, 0x1, 0x3, 0x3, 0xfffffffffffff16a, 0x6, 0xffffffffffff0001, 0x100000000, 0x4, 0x8, 0x4, 0x2, 0x2000000003, 0xfffffffffffffffe, 0x20007cf9, 0x40, 0x2, 0x7, 0x100, 0x14b, 0x2, 0x45f3, 0x0, 0x0, 0x4, 0x0, 0x8001, 0x0, 0x1, 0x7, 0xcf4, 0x1, 0x3, 0x0, 0x4, 0x7, 0x6, 0x25e2, 0xc9a, 0xd09, 0x40, 0x2, 0xffffffffffffff00, 0x7, 0x9, 0xfffffffffffffff8, 0x40], "f3fadb90a56b67d92a5b28b4b23f332550b1e5454e2027fb1a37efe81bbc27deaf7c3100aab088cdb3b40dad335c9174f18934845ac3152fef1e0f42b42471efc0225a4ebe7e05ce3d4ab429805d5921633ffbce8f1a82ff9dec6c288f431cb7005b85ca8633c55d49bbdf4bd9cac1046064001bca7ba37e4b5eacf1940c9a78"}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) io_uring_setup$auto(0x8, &(0x7f0000000140)={0x0, 0x1, 0x9, 0x210001, 0xc, 0xc05, 0xffffffffffffffff, [0x7fd, 0x1001, 0x3], {0x9, 0x3, 0x6, 0x0, 0x4, 0x895, 0x3fdc, 0x6, 0x5}, {0x2, 0x1d11, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0xb}}) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="000329bd7000fedbdf250900000008000c000100008008000300", @ANYRES32, @ANYBLOB="08002c000001000008001d"], 0x3c}, 0x1, 0x0, 0x0, 0x20000828}, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5a}, 0x80000800}, 0x7, 0x4008) r4 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000640), r3) sendmsg$auto_SMC_NETLINK_ADD_UEID(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000900)={&(0x7f0000000680)={0x260, r4, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@SMC_NLA_EID_TABLE_UNSPEC={0x8b, 0x0, "5be2fdb89a4555bc0ab8fe1b8e4b4655d23babd081a509722b09545c7ad5b15ca3467eb11f74ec1e377cded66879fbe15c54ec9992338ae2d0a419c32c522f30bc4e4370bfae178ac65e63fbd8e692413b826bc301c4542c7efb16e35c150064a9e4e8259c24b140a3a8591f066a48f8c356516fe9edbf6a68cb19153f283eb8d53190f1ccefa0"}, @SMC_NLA_EID_TABLE_UNSPEC={0xb4, 0x0, "3ba25d07da672c3db6dd6dc67b9dd4a3c92a962f87b97f400b4c824450e38852c453e6975cea992a5b1a2fb3227a00c406494e75e8649b8f837b83137118a6e2f97eaf7cd4e3755e13530057b7a79b2ae4aba37bdd15b1376f983a5ac5348b8bf7157c1e8a9213dab3daf1375e34e0e2b945d59fdcfd7ba143d5b25c4266a8800671545ab202c97370394f42bf9a8ebf5954784fb5a4f4b24a7ab978920aecea6f7ebd075fe7219616430ce1adc438fc"}, @SMC_NLA_EID_TABLE_UNSPEC={0xd0, 0x0, "9bfd36b23676e1676a1a0880ba1bbf8888c5fd90879a8e323b23d8b34d95a2b0ebdf481ca2325ebd345e239de065fff85e60d7b879a6bf635a03eaac2f88a4e4802265a6d7e376756740aa8520f5452af53cf7ad2ec33c0f9d8810f4a6a484a5b52f52ca2af73346ba26b789e5cb65bd17513d5d232b47839ecc214b304ce6c884f01617e11f92749e8c0c685107b0315772af3773d4ebcf7bf7a6e4aa0ce18533991cb44675cd5a0879ae1cd42619bc787182703edd015004f391846b93cacb900085d7d2e32a59c9ba94f2"}, @SMC_NLA_EID_TABLE_ENTRY={0x8, 0x1, '&\'])'}, @SMC_NLA_EID_TABLE_UNSPEC={0x34, 0x0, "6b647518189034624ef645950c5c4080c4ab9c204ad1cc33d0bc224de2377c3dff6e6b835062851211dca584465acbc6"}]}, 0x260}, 0x1, 0x0, 0x0, 0x5}, 0x8000) open(0x0, 0x22040, 0x75) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3}, 0x3ef3}, 0x3, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) pivot_root$auto(0x0, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) unshare$auto(0x40000080) r6 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) ioctl$auto_SG_GET_SG_TABLESIZE(r6, 0x227f, &(0x7f00000001c0)) sendmsg$auto_OVS_FLOW_CMD_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd700000dcdf250300000004000800100001800c00108008000900fe220badcf0e4263ba92654e9ba786d984f68d50cc1889a54944e0f4c10b4377e6ba7e4f06a9c51ceaa776e606d523e73c22970e238a2a2d21d986bedd4920bc6da6858218d9d85d2bcf636ecfed11082e866e62d23e21002fb6f82397ce440cae25f8e34e13c9326e6b3692ef5535483880249acd012f3da61690cc2d4496b3d64931149cb37de563235a0e18c0eaa75dba805b0325e25241f0402aec38824e48fb813c57275d21d6a5adec89166a74737bb53bb923c016cc3aa2bbf6d483d702acae0e5b972957824365e50a1ad31f85000000", @ANYRES32=r2, @ANYBLOB], 0x28}}, 0x810) 3.199803836s ago: executing program 2 (id=4064): bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x40, 0x0, 0x2}}, 0x66) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000080)) mmap$auto(0x0, 0x1000, 0x3, 0x18, r0, 0x1da0000000000000) unshare$auto(0x40000080) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mtd0ro\x00', 0x10400, 0x0) close_range$auto(r1, 0xfffffffffffff000, 0x6) close_range$auto(0x0, 0x5, 0x0) r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x1, 0x54, 0xdf, 0x9b71, r1, 0x7fff) r5 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto_EVIOCSCLOCKID(r5, 0x400445a0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/nbd15/queue/io_poll\x00', 0x400040, 0x0) io_uring_register$auto_IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000440)="018fac297e857e25b7371f9d3e9a350e7ac811c087f2794823b838385544315f18c78aee068e8971ca6feb7f5f21444f160ffbc6db39677d21dec99144eadfc787b697614aa78b2a09a39bcb0208ff082e47645c25907bbc783bdd342c0650e39eca7a57213fceadff804bb496b0e41c2e02a57a5ef51c54f23bf5287e1db445733328b476535b7090cb672953e1120510e1a584e9fcfc1c4808ac9cede07dd7e98c09a3995a9da60b347a878e0f225d96e77240f4a7fa722cbb4c8227aff94545ceeb882986e65511321297dbb4499c00000000000019c766a6278ff3c4630cc2a2ec836612116b9e025e852d42e7584d4a0f60125302c5c74ea60ed92538424e4622d1250cc2ce405778e9957a7cb1b94ff1f3e3817ae961cc6df39e5fd5f0f3728179ba600fc6fecf9f8d2a0b1a8f11eec6bdd4b76bc2a9016c4aa19e0050504a34252502d6d09ceadd2153c18f3b4641fec28a498a5e89a03a111cd6b127481c7de2e3cdd0b24dfdae8716990506ab3f120cdbb47350a2079a81f79cd1765cdd52bbeb74f1d2412174a9760c9781cec2b69b458f73ccae98b745dfaa4264f3701df6f9f67efb7dca62f60aab39b339eeae128beb47e77e61cbb0f1", 0x8) write$auto(r3, 0x0, 0x2) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/waiting_for_supplier\x00', 0x80800, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0305710, &(0x7f00000000c0)={0x1, 0xaa, 0x8, 0x1, 0x5, "e7227115127a1e8f00"}) r6 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), r4) sendmsg$auto_OVS_FLOW_CMD_SET(r4, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f0000000800)={0x2138, r6, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_ACTIONS={0x210f, 0x2, 0x0, 0x1, [@generic="eecf97", @nested={0x2039, 0x2f, 0x0, 0x1, [@generic="469dce9080c08f1c2dc0ab85857fe55ae764f4dab1e662e5230ef13a90fdc93273", @generic="4f89d000a2a970e69af02cbbee8860bbf79f89b3ce52a47f01c2d632ff0b569d82ed54a54c640d93ab6bc1ef80cd1cfef105b503db9eaa51e1391f9fb20377ac2a7c76a0ce8a2014beabd6eb3215fcd467b28aa54dabfc890aab4e1775d5dd75366668542ee1c6e6b9296a09abd27b37ea9cdcfe85052f53767e57cbb08f0b6a339a1b573a66a335d9be85080df31511221bbd2106314798f2f451d7cd3b71e0f99e3e7a9e199d39cc38ca2b78dd6f150c283cb0f8767b4adbec29bcb125f37bb84ab3d8bba11b3efe0d8b98834bc3d0d4bb51005b521f7b43d3858677269f3fbd57a9ca7e3e69f40b9197a6ba59d07ce8397344e8d5fe51d9286a571c2bd2d68012cb9d76012f78012ed0031849c012cc9ae8ea86180c4f0d3605d986426bb052949110a130602867550601ccf25879a31088627d4a73d2d0e97e0157e490d9229c5e0035948d5ba37c5647b8e3c92ab4109109a7b1db020b8eed7c9d1ccfd8f016044769fcd5436152472118155685fe01a436462808c6dbeec92a1aac7a70f5e1e7f75e936bda05a057e15e947874cad80c094cb39c2169ee3ce754c87e83143146b4a2a0d977cc29556395a520dbc1b6f99ce592c4d190694b34496a258ccbe7b916fada425f45c3f2989614946c95d4409a6e1422990ffcf410dc86e5a2c179ba0cd6a1935b6f4ecf78402ba87ed4d3f304efea6716d560bfb7c4e7bbb3255768af4b72f8673fe5e5495ef21f56318c2b71bdbc129da616f0433c8e69f16c841245eb38ae3c578d3af3a81eefeed65534b4f4ca71bd1f6a774d9e9a83d839322cb52329cff952b64465664cbe42c08482810f26ce1e586caec970345119b4841133b3179876f2384adb04fed7c7787acad39a0d7cd6053784462d6fb2d97352a7f09b53bcb4329ddd49f737ab6b76abe5c29608e54c13254009e4d541a2f04179da946dc85acd40d96ffd509ce6369fd6935f9f2ae4221b40ca39731a57422a0b277dac787efbfb72f706c4a21029a7e53e1c292eb8dd9d8ea328a17fc806b12b7a011149fc5894050204f29807bd7e9ac03e1d3a8550c1259db3b10ba21d124d911e8d23344e9f8b379434fdc7db62076125c6bdd45369a1966f526ed8a1e465e612d8fa11ab32ae738eff5f3dadbe856e980bb4f110dd14b119475eac45801fb2f25dbf7c4eb71031a66f166c12ac77158b217aa921bc0d619038233f548c22f8833e9fd04c2970c71230461eb39c6f974cbf67a5acf811d11e70ae2a5b0a8b6b04fa36e32b0c39513985e856eafbb5253a0f268c9eb09e352e8811cd08d4ab1a56236489c96a6df8ecae00f5b3814a208b6f6fd3e9babc778bcc298dfd3be6409035e28b366a3c58df90f91959e66151508572546cc4258da3803598f1109f44d287043359357eec37a0154aa012ba782e9d33b2ea957c59cb8275ac3904333d60189406aea524ba42d48dcd5817ae3323e35fb49d9ad3d4a2b9c1c8af9578023c68260297460237ab04be03ace17fd3fa3572090e9f428bfa73a221b667cb5b0f2b66233fdf5555ddc2c6328039840f9d5a7494dd0e6ed41962233cc37a5bc2878489b98f06066b53b08f54cc7ffddfb596db45e63c6dac557c22b3a2c6e25bd0fafcbf33e6ebb9ef0e5e847f8fbf7f3675b8554da259d8ebbc5e218816b1d84e0a087842e2150582edcad1528b56bb412541bcf57733dd2c3ec7b57ac5b4fe3824e5620c3396c1756393a107c70e804d0c0be8c3bbb069c892696c6c00d6fca40c3aa5f14a0d1dc54eecab44d6d3354db8d41859993e63c27943068b19ed4ee5f6f800f2c40479a96769ac4b0f9893dc8bfcb721ef6f5e2e5d2bcff8633f2bdf9c615aaf1091d99945caea6f94d3952b6a2104a026e92ad92bccc4b4d85c80e44431ca9e13a2467d927b609f51270a7949b1b7e4647c0907e964e345cecba39cc08fc23368460309162afe9fcadc81894558dc23309d75bdc1883039316610b7afa7867795b0fcacb5b9cf7227347b6685eb0c9c489805014ebba4059f42b1ddf5f2070d5ed40048022870ce002c3cfac8b429345043a53da52c1e5d7484daf9e0f68ee6663e460e735c7a52e95c01be9fc9925a1d05b531238defac9332127a84f037f4fd0ceaefb0e853682125110ccb99d85590803ba5d71bf580eff12a59b1419d82c6922b11c36ef687d63a79be55cae2bbaf3b9046d3f566e7314f28c8bf1632215d484fee277784b659b48fb152f0ce1ed49e345aceddbbfb0ed8a51d309d7a391e1321cbef756dd76f508b1e18f61b5f1a6c6dc9f33eb465d38f88220e4f605c091fbfdd94b6bcfbf301ee86fb752c5c073ce9bccaded99418cd18e9b047ef222567497a7bc53512b80560452ab9b526ba20ab6f4ed670363d8343a6cda92aecf29d76c8c7803bdd8aaedf0c5189cf157c33ed626b3febeb2ac2b3c0838243303abb9755ccfaf99e5b543970d526dccb531394c23026ff4035452dfbbb5ffc7946d7f5c390a80d7e6b13688733d93ed94ed5f8a64dd2706a19fa731c1443dcba6a9503286fa86e80d6ab32509a6e3715b6a3be6ad878e9bc3cd4739da4b7d6155171b1f4da75fd2df5b29d35d3a7daedd2c710e15794e3848d56599cebf7e1182bf16483477a2191cf44255df148f6147881d59a0ef50087c4be36811719e9e0649416d5339f8ac4fd666b131ec5714fcc674d1d0964ae203a1fe18be755243dede1d62e87b54d6d67adf8820ab4e7150c5041744640790e6f38eaa576f458c8c9019e3debaf76c25e48fc8d58848e8f69fca45f2cabc509a82d4aa09b14bd375c7f3c038c6adeb6c7ab4cf91860a573cdb07859defd332b056b0ce9175b9e727b4fbf497c00992674b0abb3e6c7fc44124cd8437f35adacc01df15d7a3ae79cae4e1dfacebda1719655f43cd03e782cfe10d3a8558e06e205b0a4134629549d54fcb232c652cbd3183d9313663611f41a07a3d581c921905f082c21250a9bd7fabdb6c1c9abfc04aa9e622535c44c729967963b9f3dfa1182f99dd69f8fcbbda7a3929909057cd6c13d7c8b4cf9d4991cf5dbe9ca9986bc14262e2a2a51e7ce971b5675958d1a08d5c9d1337bb673f8dc223ca40b42b05c450dca292085ed06282d1b30eab317e95ffa56029b9254723537cb927ca0144951e76a0addb8e197ae29da3916e9a6b90b97b34615c870c574453c07e166fef683e095fc400883cbdb172bf41e140feb3066b036a2cc82589326bf0e20ec37d7a9b856795c11b4eee28814a0c3bb12375a9f2942e7495063d09cb18839baa8cb334a1578be136fb2e795659fa34f2d61373e21793923f4a8b1e8bfe258c693001846384e7263b057cb0fcb337d8e488ca3c89060fb63e4e9adf26303933a1515ff1dbb7768127fb7079c9006e40dbed1bcb54a3844d6a58160660d6b12f2c1b8ab34da2142220f260acde9b65fc7c67c6eb25b01d2053fba96a8fcad097812a75e2f65bd2b5dce9fea40a6841e2dd47fa06b6bbc71179a6688fec72a25ea3adba7957c6e1b8573b9074b0cfe32076511b0bdfb89d04e08adfffc47e39ec409e0d9ec229b9c39065ea64a73c3bc2fd365a37c63a0b1281d8f1b1c8b713498227e241a0b272bfa954b5a3264abbd97af961fa646affdeaa01deb86e7404c89c5bb64a540c556a580ace20c9f3ef21870707780432ed964873d6360ef449dd67a32cd432738d5d7966ff870323be3f2ec08b0c4f91f166ea7c2a4a4534a682a3b08a994260a9ae3009238caed32c135abac6af4598bb5e03e7dc7da45e694eaf0c38261c891619974f97d1298d4beddc5daf63e47415754162a2eada26b80805826859bd4800c6edd3a774c69c559057dbc46c1549b8278cf6806817b45c1193e57793e420a4c3cd441091b98d02fa2c1fc192420c867f01f8fafe335d797b9c37938dee826dab71d9fc95571dc71b8cddeaaab209e511032e281e2ee7f056c8c19736ea583259f2f46bc374d75254b8181797b1ca7b97f6dca8225c4e14bd1e0017e89b02367df824f47c5c0fd29f243d05318ec558ec76af5f21e1381a4f00ef4510c7d84365c2f63548e540d58acc2aa987d7aca0558302996b77e53281ac996c1073d5630ca5d8a4bb84517067b6295a8d3d70e53eb46d02eea5227ec6a00dff67f6c189f259326132d7ae835c14c2701a3db01b5554225e23df5f19a51dddd202e8dbaa408ace239f9e120fac80dfbef15fbcfe4f0588a2cdb50fd006e1a7cda0138bcad0130d60597875f537feafb0cc47687e1f1bd35a71786aac2f15b6d31f44563ea7617295d9899949f5e35312b94e0ba2c1a72b347c5037a5483602b0d0f694cfb20af1c2327660dacd9ec2d84de2a179abf05b7458361726060272816f5e9382c2c3975168f23f6e8b0e391be791280716f8c824c8ea95ec232d31dbd76b4888f9425103f65e1d0b17856b170b4ac2eac54eb4b80df0088a57a2be7c4a3a5a5c49ba38a5bfb633cead7b0e83d07b63b40d1e8481133f891a1cb37c73be8982eb3d49729dcce28453f5ddb785f3aae457c2662f786027117bfb0f4196b29dcb0d94bc53a961478d8e387598ea21a4da3284ccb50868d444a4a35d1b690151f95b3e4839054190d1232ab1b8470348dee9dec7ff7b14a7d1b4a44426d5cd555d72055eb3b473feb448788cb51ac78359db701a045d700041915f784baccff15ec280954ea00b08b5c7fd240a7ec61abebc4cb89b69d9f6d2826eb31666bc7e977536e000ed2dd549115225d414d37bd50294bbce8584b66baafab2a1c6fa6a0ed388e0f56d8be6a1a178f117dc8de140698c177a6f32ee5e73d3d91c9201537d2cddc9aa783cd5526d426fca462e14a5f24326526af1fdcaf0ecbd82e72ed2a1e1ac3212f0ed1312283e49b8be0273e27f51dc98947f050cd354d512c85dcbee4a1ac89b686db10cac4825a8c97e5f3e10809745cf21567a1f3ac1e1a95df707e6e86d61608cba44ac5adcb798a67247381f9b4b27aa740fa7d338a1204dd4c2c13301293252b33b3dd966b441037d60a2d627bcd783d3085966566ec7f3932daa663e3da3fb820ffe222f374d0c8cff9dd809381c551ae8bcb9a4e1ba9241e59ecf4a28e4e25ffc0a711e73d2be24eca6811a4a82559871682708f8e35939aa8c740751981f2e00618e5dc55b05061cc08aa42561bdb38bf9e77bb1e8d312b102748de9bce5a3b91c02a6a16a74a2cd292d293e02be440b587fc4f129a4c1a778b5ea77bb6d216c460f15c97a8856e9b8da7456ebeb730f4555701590194afcdbb1b2e08ef29c101458cffc2e1310b6b388df80a958664b544ef691f303c8ab87cac93d05755515279a3955b224c1bb15057cee74a015c4515fd7406622395d74718229180a3ec7f5758abea4cb222c953752799959643f363d1b0d76dece8b056f29d11e1f116140df0f30806cddd5b2671b36a6783036b34b3d9838aef5e82de6011e89ad263e037e71ebf4f3613bb456bec53d9cb404905e97e431281b96e20534debe7119d0f9f4dc13b076b3152aa67864c19850bf5fd9d9fa955c53c8ad55c944207a738b891df1fa77f391defdcb1ff7c3a3b82627df191d6dd91c1804193e166bd7f7555d7e43d9d4a579d43c3484600c71c8cc5708a0dcb3e4872a62a9cfd1d2c28d2478366d5ca38169b488f33c22137d410fe3ed6551fd81904d847d3357bd7ebad38dc4094cc017a9bafebe2d342f034055f1d51d207484c6a35747287ddb97b23e02ab188542da14a8bf411a26a82d17022cda985", @nested={0x4, 0xc38}, @generic, @nested={0x4, 0x11f}, @generic="b7e7f7ddb9e04595e96f79382c0b8ae9dd6e06a7231a929343d2b5afcc6b6762d177cf526ee7c134d85ca5f7dfde8e8547194b9e4c9ba6e5789b0bad56862dd603279ca2b0e5d2bd9351e4c68d058f878085aaf79e24932f7c5b253abeac46d6bf66b69b14f194a8c200e2f091489b7b6499e2d96eae02b8402ca424680e400f52956c4869f8a94908a5b9a1f2749b5fcfa79d7b1c51782df7966beb719f4afedf59d775d1d21819e2830114f2a8423d719a7c7ee0d123185c54364587a279de6137a9cb0a857c4cfe9d20434af63583592aebd7e6aefbc1321e7951dee7049b1953037490e909cbffd6e4c3b97fcb8e2b852d298c4171e0d56d791872c99e86b55fb670539326a6a1cb68ef5e4527c3ff5d1294dad70c6e6830f3df0df643a18525fe3969455167a342118c04eb438066aabea387e9beace11138e68cabdf0821f7052d718e8bdaead7b95d7f5dcf7940399c0f298d9e4ee1747c964fe13330d10c7abc9a08a7649f9f28cec0ee72516d83dc93c7c2653b09ca75a04ed905fd495552ad27fed44c4a49edcf2ff2f7b75b9d7769d1252fb518d2bdb9cd565f49c3ae23308ea8e154fad9a92de5953ce76106452f74e35225980064724281232cc9586c189fa6fb3baf90c93b7fc817b32338ec370dd08bb6d1ecb61154ba675a42733554b54042b1f537705a4ca6b3a22d233882b3de8b42c8294a48f37537f7ea561813649300b676cd33e08be4f9838619e3efd21b86cec94776b5cf1c61c7d87aaf7e87f4d17256daef326470f3a7c848b76c08f9c1c4cd756abb790255486cfd559957e849d64e1546643abbc4fbfb4905988cfba391d34f283347f9ea8661381655ef6f2387be5aaca8a1d9cb109fd8b39dd62d9ceb37544ef53a275044c83cd64a7b88f63e97afc2547edc5f4d1795f49f48cee44ce856f643565cc8fadef840274fa3e3c207fc984abe5ddee0cf6da6c15421d75eaf1f1367d92b6bfb4d18a25920098c15257bf0f5bbdefd88c5ab32dbc6a25e3b6853b4324abfd7694990815630b619945b8b8da985f01a3701dfee52a62e6d3a476023e2f996a593fc05990a54ccf86dc6c93d3df035b3a99266d4f8e588ac5d0bac13ba8204c25bba30e5ee754e68846cea8ac1ab05a0baf2c352952d83b50490d02bce19690b0dfacbbc485511c5c09ab238243a459081ce9a26e2dac8c81e44c72eb82ed841795ab2b9592bb2a2455d3c3f87786fbde9e473ccf12dfcdd8bb8b13ab99fe57a50369d111de22794402d49e053e07da7b7ee87e05d333a35d850d0964e005ee580441cc2662ed3a8ce24a2b476a125d509347b076ab5edf2c5368393e82cf28dafec492a40cafc8677fdd8eed3564c7dd87f29ac691b864496df9b1c3fcfc0db47de185859da9befa9855523e42541763207c0f9527c5f6b316619445b00e43adde5240f7cfb87836813f08d0878357e079a42340deda6f2906e2a3c7fbf14617c02fe7e749fe0c35bedd5e892829ab8e693a767f2be0105397122fbde7b135fe22e281708d67034aa3c012a7875cd0c3930324d7026e1548deae5fa2b9a723c7ad7e6ad8b76db7f3fec77a7b99d285bc7933ea18c74b1806c8cd3f20fa3da36956493f254e6ff6e3365a8e49e29928d4398ed091a16a4ec62b597045a5536c613b4442137457c1083ee9735d009c45ae0ca4ab44f61d1647c1e4cd5fb708bab37414ad0f7d9d875b020e22c34c2f7022d88a0e7006d66e7becb4ccd28faa7904515557327f212c5db46a1f09b1b2f0df2dcd2b8a128bee8d7007c987940ed3c552b47e748f56021732eff6403b8dec4094b8be5639ed3e5338826586634e331cb203c9b54177abb180c5f20f75dbc9c272834da4416fe1b2bafa20733515a03017614fd98a9d79560c4fecc81cf964a61c11c7abd3744aa7b0b5fe3240e1a61083fca3ca23d1f4e1a572722eb614d1ccee0acdf921322388aecff3129be608315f7792c17dbdc36ed5616949e1444952959b62820d89b04fe049176fe0735a0870f54355f2bdb658714eebc3f9fe6b895addb26fbff0e9b554a1c4f63a84a3db49283a3df020416c2b85dd34e6b2d758fab0e3cfef3b6642d625a9ccb1a3d4738ca9abdca2702a61407ac9faea6a15f7fcdf5b2a76128eb15acdcf0f0f900af520e9f38e674d08c0c79b5f23a9f16f670d033b29d36e82558f6c1e790f5468eb15375ccb060254ae20b76faafb2b1bcb0f4cca5b7da5b109bb4289ef0b739047b40818eb4df05a8a080d3872c75c88c0ac170667af81509fc7a085acc6609743085d0997645baacbe6b98685b5a8d22fb4a73d82a492fb0bd4593a7e1ffc2ca1fcd5f207f72d77e265fd592b4c4764616bd5f6bea18e016a70f52f510b17426c35171bffe900c4640ff2f09ebcb146fd1ba5dc55c407f694f6c0e1956b1dc60907b5b669cd77f4d87ccf2d6ed8b0312d1f3340f17918370a395aa6d7728a2c3d9239d6322fe62eac9d646f9c55ea780e025d4b4d46e14645cac0b06f4e56db513c4ee2df82372abd9ace1acf9b453e1799cc3ee9ab8d94daa594fb162c54a4e38bba12a8b75ab98453b22f6aa88f77316523b763a1647e3152ed99ff45643f7d10568f398caa037573da4c3b91fc52be04df822b672c7dda91c194dc71ab11db852a9b95cda198838fbde0c13aa2b12c0bc6b3438492aed34e5c4ff9c3f8b584237e6c8efa40547bc1c668a059e9ceaf253a7a3377d8e022ec96708e30ec778bc2bbbf714c2ae41daa6dbd3c4a7fcd5e7e0cc2ff6433b87519fe35318062d1cae9bf7ff027b8f9ac0778ef97ba4ceaa413d5bed7abf0f093987fe1c944d0e19094a1f4beaf4c770c6b92a4881bbbecb1c904bbd3bbe0260ef5b4c4401fbfe2f8f355b33dfb0d39b784a684aa6da9d0263eeeaea2d06bec7f6f6fc445444f20873fd3fa3f19ecf9b05082c9d1c903bdaf947f7a01e42d9d9faa0d7ee11e7d02f3eb00f059e3cbd5bebc2ce874596b6c3c4c7b80f54c0b5b5e4332d94bdb9cf173a7f85de9787fed4575e0f53ecde1122eeeb0446ef45ff727ffae36f015a39dc6636891b945d940df9abdf73b14efb3c4d0fdd9ea34bb5a0fbe4bb56423ea2172a74e25b833c262f830150947dac9bd2392d9235ef2accaabbe300a839cd1b2c5bb87a4274b0eff9f3ea073faea529296722732248312b4de0531e70f93d6eed78a05dda60513e35690e19b2e00b9325d669b60a64cb0a6f8019ae3afaf6e2821d8d4f4a4e470442601e643810156acfeaecfab7745f1923078764bffc823b2e7ebe5587c1ac534694e8cdead05856c4fba80d5734740e7231b075a4c6be5315fe96aa1a9e802da3b0419a9d4cb967b0551264e474b2a11908f7c8c26db24bc987b3f4b033c66b8f62c5e02649109a49b3fd6e1f9670d5a92da60f7219372c4add8f1590bc9bdd45ada1f18df8f9cd4f2ea1acc332db41aa3cd24ad3caf545cd41b502756843830ddda0a87476076a8364229699cd4b19cf4c9d4f18ae2fca5325e3e6ef0f09b205a69af0145264e0dce9c6ecb28c9f9e24dfb7e9a47e3afd6c614dea63c74e79e86a46de230f952861411f449458ee546cfed117fdc1a78350519160cbcd120ce5155bed72e1f7ccc963e9bc468d89cf56e144727c3f3e32196be1ecfc3304fada9a9681df63cb2d7c6bd9acd047d0b68dcd92046137df715f0e1bf4f84bfce4d52b5bf9f760848970a64954e6d8a0e11cfefd859c984be8f7e5b0464494484d1a6370426f9d0ab4afb8729d21b7f28e62865f0a346a3c190e47f2a05fbd650cdbb259432c0255122591d52f33d39675d8e684900274c8290c003ea64a00ef372c6c0a5a8f6a80b80a95fac556351ef967400a35652e461ea503ea012d21cc1f712d5bf13bf6bf51b83f2a2ad6340f7b31ff8a0af16e8b41461272e1811021ad97cfbe2b9bf27a764b7b3eeb8eae7dee75cc259c2062b2ad52d5247bc7d17e1dd86e4e6595a95c7abd7ee3c650f59abdc7c916042740fd242782dd2c31f67d83c240e98320226867993bde04352e5f51da2db8077a1dd1b9a51dc8b40c2185051f9ce645e56ccb0447c9c52658c3566c65eed996f4ed4207a6fef694a22edde3423b633596b1031bd2e4df68baa4ae6b55a1c7303ef2d838326d0efa5fce0b38224b5349da8cc00015b7544ad5d4ccd83d8b27fe0aea566a10bc3cf0ceb4003a25198121dcbcdc797e1e64221bfda2083f2435cdc742b54a40bd8aabf91da1ae5b2c20307e76c98fd1a2710a989ef6764c173dcd0b7223092f4854bae772125529d3f01802ea3cdb70e8be36145d51cbe96a1992f5903848b7017db454d1328acb15759a1328cd3512756bbe4813eb4e6975bd6713c473b09fa064d3d65aa89f6362b92a578c21d90ded6f90b9d095a1627a2a8e025a20d5c8e62642cb83a847bb200cdc16104532fbc5625d0dfb76f104f0b3e3078cf01c55d82990f46ad03c82c1db4c77ebba0c6a90ba3c222cfd34c586ade075d4e31d86b4d0dc9bbe9e8805eb23a7930a1f55a30c1ade412f849805b550b580b9fe200f31ab4d96d2b9a10399851e5e8e74c6105a1122c96f951d39229f1dba28a4d45e2f64a9b6634bbc6cb066a46bd2f76503b25bac62ebab0434bb37559bbb90d8d7c443d1c8feaad128a65b69d06085499b0578888d7ee7ea3cad63f38ccb1448dbae8f093703957e37f4c5a9fc764943ddb2c6d4e972ca99cad64bdbc859467239fc7799df15325c7cc567f95ed3162cefc9cb3b07e6d6d99fee6cab99e3cd68eb80cff0a0da7d2c7121a5c5807dd06b5006d2b4f048721d14e0bd2c3fc8bd98081f40292f8c184e605356488c6407ad9a399f7a868e27970698c5028d740fe18e48bcec33a0b0c075af09ce02de3b7d5965b8060bfa1079b6bef39dc464c3c5736cc12600c735a434ecfa35224cbe45e9d4580310ec3e1e8fdd2f790ca0951bc506efb450a652d8589c5836cebe4377b83e971e4d65cea05d34e0a596440a2ad312acba7a6d24ce4f880411e25cbba58f2c0e19a694d6e85d50a5655427cb9506d7f5463d8eb80d04bdcf40af6944926640d1aa06d90cd5a26cc28cecb2c08900675dc0f28b2126c6eb07ca5192e91814aa070f37d68b7f73b993726c81dd45744484b2ad1a3bffad8f066e96d5be3d50aab6e34ef2a567978bb39b55b9c5886cceba278623d23e33897bd0540cfecf0e74dd893d1ada82c41dba690c0014a64dff0c76d52e2e8bf9c0c31c8eae4e1dcefdd876bcc842133a9f3d0c2922b303647fa78489b341cb99c29a09ae0a97be8bd5cace2177b93a95e7cf02c21268141e13654c6de129c0df6b2aa765c6ac00ab804311e14eda185e067ccd0ab2dbc92c891b33ddecedd38c81db74afb69aae37edf0eeeafe062a83a03e85cbe07dcad73a79a4eb5f35da81e26f03f3c8eedcef17f9beb6d2abf12fa4da8a68543ea3c1cbe9880d5195798509112e5ee417c43c5c13c0ac9e8f55e2fd40a385e16ac0dc587ccf0ee1a8b426ce2363d3f1cb784beccd1230940578ad10839339aa1d9aecdfb3ede7e371dd5c5c35b0129ffca23b33a2a49a51bc9d147f64432a9b7e37cc860dbd9f707656482b16183d232c0470193a145cab08cd79666b5cff5c16399d9eee79503af5b334e064be89fa8d030a363498ccfbd156ac57efd9d26ba2a0decbfff95a3ac5198deb305c66c9bf024dbe8eebdb94782f59a46db71b75a83a48686c76b2910e4fc768d57eab4630352fe58f272ded65a3917f1ea0d8737b0d1bf8", @nested={0x4, 0x13a}, @typed={0x5, 0x4a, 0x0, 0x0, @str='\x00'}]}, @generic="4a6508aa048d88dba949abccf6e259ea37eddbf2f3ad66aea772690eead6e8168d2dd06cdfdee60f23ff4087faedeb712363e4ca0504cb33788a9e86d15041330aa0e9a109357d5133fc7e3d83dabe8abac6f3b8144a1fe82162d329fd0a98f3952fbb7783881c49b6d614b393e2d39644942af0ea10db9e829a1b68a149f4cbe72e98abb55d7fd40232bd9a66e454823c6bf6a28c3fe87cba774f83fad1c55dbabb9f3a05df272844e5d13bb114bc553c1335bd8a3647553d5d7b700d015a35631a091f72ef1dc0fc656992"]}, @OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x8}, @OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x6}, @OVS_FLOW_ATTR_CLEAR={0x4}]}, 0x2138}, 0x1, 0x0, 0x0, 0x1}, 0x4) fsopen$auto(0x0, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181482, 0x0) mmap$auto(0x0, 0x4, 0x7f, 0x40eb1, 0xffffffffffffffff, 0x3000001ffffd) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSTI2(r7, 0x545c, 0x0) ioctl$auto_MEMGETREGIONCOUNT(r4, 0x80044d07, 0x0) 2.732230631s ago: executing program 3 (id=4065): socket(0x15, 0x5, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x7) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/pcm0p/sub0/xrun_injection\x00', 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/raw\x00', 0x200, 0x0) read$auto(r0, 0x0, 0x7f) semctl$auto_SETALL(0x0, 0xffe0000, 0x11, 0x7) 1.199523433s ago: executing program 3 (id=4066): r0 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x2, 0x0) close_range$auto(r0, 0x8, 0xfffffffc) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) socketcall$auto(0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x80582, 0x0) socket(0x1, 0x3, 0x3b) socket(0x1d, 0x3, 0x1) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptye8\x00', 0x0, 0x0) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, 0x0, 0xfd}, 0x6a) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r1, 0xfd}, 0x6a) r2 = openat$auto_fops_u32_ro_(0xffffffffffffff9c, &(0x7f0000000640)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/bpf_offloaded_id\x00', 0x20082, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x80, 0x0) r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0xff, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) unshare$auto(0x40000080) ioctl$auto(0x4000000000000c8, 0x400454d9, 0x3) r4 = dup$auto(r3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001780)='/sys/kernel/mm/hugepages/hugepages-1048576kB/demote\x00', 0xa901, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x1, 0x4, 0x948b, 0x3, 0x95f4da08, 0xffffffffffffffff, 0x800000000003, 0x62, 0x7ffffffd, 0x7, 0x6d3f, 0x9, 0x2, 0x7]}, 0x0) close$auto(r2) ioctl$auto_BINDER_THREAD_EXIT(r4, 0x40046208, 0x0) 555.526315ms ago: executing program 0 (id=4067): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = setfsuid$auto(0xee00) setreuid$auto(r0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-touch8\x00', 0x0, 0x0) read$auto_v4l2_fops_v4l2_dev(r1, &(0x7f0000002080)=""/4080, 0xff0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182b02, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000540)='/dev/snd/midiC2D0\x00', 0x40041, 0x0) r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) ioctl$auto_FS_IOC_SETFLAGS(r3, 0x40086602, 0xfffffffffffffffd) openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x215240, 0x0) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) close_range$auto(r2, 0xfffffffffffff000, 0x3) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x9, 0x2, 0x10, 0x8, 0x4, 0xffffffffffffffff, 0xa, "2af0510000000000562c00", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r5, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) 247.87941ms ago: executing program 0 (id=4068): mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_MAC802154_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, 0x0, 0x810) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xda5c}, 0x800}, 0x7, 0x4008) 198.716457ms ago: executing program 3 (id=4069): r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, 0x0, 0x55) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, 0x0, 0x4000) 188.51573ms ago: executing program 1 (id=4070): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3ff, 0x2, 0x7, 0x48, 0x7ff, 0x5, 0x7, 0x4, 0x6, 0x8, 0x3, 0x5, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x800000, 0x7, 0x8, 0x200, 0xfffffffd, 0x84, 0x0, 0x6, 0x2, 0x0, 0x0, [0x0, 0x1ff, 0x1, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x3, 0x0, 0x8003, 0x4000000, 0x0, 0x0, 0x0, 0x10000000000000, 0x0, 0x0, 0x0, 0x20000000000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xec4e, 0x0, 0x8000000000000001, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9a]}, 0x1fe, 0xd) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), 0xffffffffffffffff) r0 = inotify_init1$auto(0x2) socket(0x2, 0x3, 0x0) r1 = prctl$auto(0x3b, 0x2, 0x0, 0x4, 0x0) splice$auto(r1, 0x0, r1, 0x0, 0xb, 0x1) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_GET_RADIO(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008001}, 0x20000010) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, 0x0, 0x20000004) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r2) openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0x40440, 0x0) r4 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x180, 0x0) ioctl$auto_OSS_ALSAEMULVER(r4, 0x40086602, &(0x7f0000000100)) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r2, &(0x7f0000000100)={0x0, 0xfc, &(0x7f0000000140)={&(0x7f0000006400)={0x2e20, r3, 0x1, 0x51bd2e, 0x25dfcbfb, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x2e07}]}, 0x2e20}, 0x1, 0x0, 0x0, 0x2000c040}, 0x4) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000080), 0xffffffffffffffff) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_DETACH(r0, 0x7aa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x200403, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1000"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_setup$auto(0x80000000, 0x0) 59.513643ms ago: executing program 0 (id=4071): r0 = prctl$auto(0x9, 0x9, 0x0, 0xc, 0x7) r1 = pipe$auto(&(0x7f0000000000)=r0) read$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(r2, &(0x7f0000000040)=""/136, 0x88) ioctl$auto_BCH_IOCTL_FS_USAGE(r1, 0xc040bc0b, &(0x7f0000000100)={0x3, 0x3, 0x0, '\x00', 0x6, 0x0, [{0x4, {0xe5, 0x1e, 0x6, "b00637bfebe521da60d52a369a96e3f2f0e423cb3aced4966849a8112c0d"}}, {0x5, {0xe, 0x6e, 0x7, "7a1309afd55bcfea88b4dea03687d00b4f4c1acc47c48ce333d3fa2a8eb84c612afdd4b3968e3c8ab7242f0f8ecf8f6101f9648c9bbfe5f185520b331db932bb298be795bd9c9ff67c31c80562fae9c9290b859bb8624da07be203aeb589b7b76a670e6d4b3973d9942ec7081aae"}}, {0xf, {0x8, 0xd5, 0x2, "c922623571134c92ffda57e06e8a0d5987b4b948b7a0591c642ef0d7499e80a3aa1b7e38ae45ba81d08eab518cbfbd1396b89cecc260697de157eda468a55b06083d6b41d373a1d94fb318984d16f046bcf7c72e2399b850a34f4a34e823b7eed8033bc661ea7c1084c20ea8056331478db2e45d9fd10736f1db145fe6730a912db97c5f1acccc2c2933b92e8719c525cf45afdce03c4d59326d89d02b61e4fef4fca8458884b98d62d96bca76d9bb4bb58489d8e1241890d5e3a9c3d0e578a8e6b036cbfddae7576facfe36ad52a485f0c8eacc17"}}, {0x8, {0x7f, 0x63, 0xb5, "15410a8b2cfb12b33a4093124c692c9494c96da6f7e5c0a4016aa7c8398d8122700b0a10c47e84f9a7e59cc477e21a9b3d31cd53b27c67fe97c39a1296d283ca7bbcdd46e7f56ea53c3dd507596f054d6d56fd82d32993a99bd935e0ec0b87e5f85d3b"}}, {0x371a, {0x2, 0x12, 0x6, "166df3f5775deb1146870e84423815d74408"}}]}) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000003c0), r0) sendmsg$auto_NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x20, r3, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@NL80211_ATTR_CNTDWN_OFFS_PRESP={0x9, 0xbb, "c2e864ec26"}]}, 0x20}, 0x1, 0x0, 0x0, 0x40084}, 0x4) read$auto_tracing_buffers_fops_trace(r1, &(0x7f00000004c0)=""/166, 0xa6) prctl$auto_PR_RISCV_V_SET_CONTROL(0x45, 0x4, 0x2ad8, 0x6, 0x10000) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000680)={&(0x7f00000005c0)={0x94, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x1}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x4}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x2}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x8}, @ETHTOOL_A_LINKINFO_HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7c48}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000) sendfile$auto(r2, r0, &(0x7f0000000700)=0xffffffffffff00ed, 0x7fffffff) ioctl$auto_FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f0000000740)={0x4, 0x4, 0x1, 0x4, "7e50e511115b9ba4"}) r4 = bpf$auto(0x100, &(0x7f0000000780)=@enable_stats={0x400}, 0xe) ioprio_get$auto_IOPRIO_WHO_PGRP(0x2, 0x0) r5 = openat$auto_debug_help_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000840), 0x410000, 0x0) fsconfig$auto_HIDEPID_OFF(r4, 0x2, &(0x7f0000000880)='@$\x00', &(0x7f00000008c0)="6448d657fd744188d56a34edd6208228958e11874a887e133f71b5047cb5a2a2db81bf47f4e76072e7361f740811a5eea914ef2d7710e5296bddc203e069c2bcb6f338a7d060684015529755c77551cd0d06f7fd1d581ba374cac884bb7390100497bda69ac4b30d823296c32efc692b9524fa7015a0b578e0192d27efbea4aaf8a471ac8bb80f528c3ee96853546d41", 0x0) prctl$auto_PR_RISCV_V_SET_CONTROL(0x45, 0x9, 0x174, 0x635, 0x0) prctl$auto_PR_RISCV_V_SET_CONTROL(0x45, 0xffff, 0x7fffffff, 0xc00000000, 0x8) prctl$auto_PR_RISCV_V_SET_CONTROL(0x45, 0x8, 0x0, 0x10000, 0x632) prctl$auto_PR_RISCV_V_SET_CONTROL(0x45, 0x2, 0x4, 0xfff, 0x8) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000980)='/dev/bus/usb/013/001\x00', 0x80400, 0x0) io_uring_register$auto_IORING_REGISTER_FILES_UPDATE2(r5, 0xe, &(0x7f00000009c0)="9caff9f04566598169eb9627303b43232b88f9dfc5b3f256b5875351223c31a9a3e1a04f78155d4861d27b2b4466fdaf673af0dc0cf0da596bfd954209172d3a0f583903581c16a0885ab62eb45f8e25c848a4d6c7d3d9fb0e37990cccc7eecebe218f026dc2dba9ca88f76a688b7637c8416926562ec036f5474fc5c223fece5f95", 0xe) prctl$auto_PR_RISCV_V_SET_CONTROL(0x45, 0xdb, 0xffffffffffffffff, 0x3, 0x8000000000000001) r6 = fsopen$auto(&(0x7f0000000a80)='\xe6\x00', 0xa545) sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(r0, &(0x7f0000000c40)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000b00)={0xec, r3, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_HE_OBSS_PD={0xa4, 0x117, 0x0, 0x1, [@NL80211_HE_OBSS_PD_ATTR_SR_CTRL={0x5, 0x6, 0x6}, @NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET={0x5}, @NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP={0x8d, 0x5, "4eccc778fa98dd523e82a00de1e31b802a27f55ab6206111a137817c3d0330fd94f84a9efc737fdb2aab67ca0eb1577fed301a9fd243e9e6ae4dc7456ea1e3ec8c8053d664e2a6ffa1c0e6b21bd914eb5bc429cdb756ccd2d87ed29bf4ca0b5a2741867823ec3c4e31eca28c85b1d4d0ad9db2d8c49ef45c23a3c6ab93164f6ce1fd934406ea787e4b"}]}, @NL80211_ATTR_SSID={0x19, 0x34, "889a5e3f65249e5c3ff33934e3f8ca72c739875b26"}, @NL80211_ATTR_TWT_RESPONDER={0x4}, @NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0x9c68}, @NL80211_ATTR_MLO_LINK_DISABLED={0x4}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0xfffff800}]}, 0xec}, 0x1, 0x0, 0x0, 0x40000}, 0x20000810) r7 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000cc0), r6) sendmsg$auto_KSMBD_EVENT_SHUTTING_DOWN(r4, &(0x7f0000000d80)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000d40)={&(0x7f0000000d00)={0x14, r7, 0x20, 0x70bd2c, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x2000c880}, 0x8000) prctl$auto_PR_RISCV_V_SET_CONTROL(0x45, 0x4, 0x4, 0x5, 0x7fffffff) r8 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000e00), r0) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f0000000ec0)={&(0x7f0000000dc0), 0xc, &(0x7f0000000e80)={&(0x7f0000000e40)={0x34, r8, 0x20, 0x70bd2d, 0x25dfdbfe, {}, [@BATADV_ATTR_TT_LAST_TTVN={0x5, 0x12, 0x34}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x7}, @BATADV_ATTR_BLA_CRC={0x6, 0x22, 0x40}, @BATADV_ATTR_TT_LAST_TTVN={0x5, 0x12, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x24008011}, 0x11) ioctl$auto_BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000000f00)={0x8, 0x4, 0x1, 0x770, {0x81, 0x9, 0x7fff, 0xe7, 0x10000, 0x400, 0x0, 0xfffffffffffffffb, 0x68d, 0x0, 0x81, 0x7e21, 0x4, 0x2}}) 34.096583ms ago: executing program 2 (id=4072): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) writev$auto(0x3, 0x0, 0x8) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) sendfile$auto(r0, r1, 0x0, 0x1) 0s ago: executing program 3 (id=4073): close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80582, 0x0) socket(0xa, 0x3, 0x3b) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC1\x00', 0x80, 0x0) ioctl$auto(r0, 0x40045532, 0xffffffffffffffff) openat$auto_fops_u32_ro_(0xffffffffffffff9c, &(0x7f0000000640)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/bpf_offloaded_id\x00', 0x20082, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x80, 0x0) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) r2 = dup$auto(r1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001780)='/sys/kernel/mm/hugepages/hugepages-1048576kB/demote\x00', 0xa901, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x1, 0x4, 0x948b, 0x3, 0x95f4da08, 0xffffffffffffffff, 0x800000000003, 0x62, 0x7ffffffd, 0x7, 0x6d3f, 0x9, 0x2, 0x7]}, 0x0) ioctl$auto_BINDER_THREAD_EXIT(r2, 0x40046208, 0x0) kernel console output (not intermixed with test programs): , [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1258.502516][T23519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1258.502530][T23519] Call Trace: [ 1258.502538][T23519] [ 1258.502548][T23519] dump_stack_lvl+0x16c/0x1f0 [ 1258.502586][T23519] should_fail_ex+0x512/0x640 [ 1258.502624][T23519] ? fs_reclaim_acquire+0xae/0x150 [ 1258.502662][T23519] should_failslab+0xc2/0x120 [ 1258.502696][T23519] __kmalloc_noprof+0xdd/0x880 [ 1258.502720][T23519] ? kfree+0x252/0x6d0 [ 1258.502741][T23519] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1258.502779][T23519] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1258.502809][T23519] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1258.502852][T23519] tomoyo_check_open_permission+0x2ab/0x3c0 [ 1258.502882][T23519] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1258.502949][T23519] ? do_raw_spin_lock+0x12c/0x2b0 [ 1258.503000][T23519] tomoyo_file_open+0x6b/0x90 [ 1258.503036][T23519] security_file_open+0x84/0x1e0 [ 1258.503075][T23519] do_dentry_open+0x596/0x1530 [ 1258.503119][T23519] vfs_open+0x82/0x3f0 [ 1258.503163][T23519] path_openat+0x1de4/0x2cb0 [ 1258.503207][T23519] ? __pfx_path_openat+0x10/0x10 [ 1258.503238][T23519] ? __lock_acquire+0xb8a/0x1c90 [ 1258.503276][T23519] do_filp_open+0x20b/0x470 [ 1258.503306][T23519] ? __pfx_do_filp_open+0x10/0x10 [ 1258.503354][T23519] ? alloc_fd+0x471/0x7d0 [ 1258.503388][T23519] do_sys_openat2+0x11b/0x1d0 [ 1258.503423][T23519] ? __pfx_do_sys_openat2+0x10/0x10 [ 1258.503458][T23519] ? find_held_lock+0x2b/0x80 [ 1258.503493][T23519] __x64_sys_openat+0x174/0x210 [ 1258.503528][T23519] ? __pfx___x64_sys_openat+0x10/0x10 [ 1258.503578][T23519] do_syscall_64+0xcd/0xfa0 [ 1258.503611][T23519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1258.503638][T23519] RIP: 0033:0x7ffa7998f7c9 [ 1258.503660][T23519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1258.503688][T23519] RSP: 002b:00007ffa7a8a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1258.503716][T23519] RAX: ffffffffffffffda RBX: 00007ffa79be5fa0 RCX: 00007ffa7998f7c9 [ 1258.503734][T23519] RDX: 0000000000121900 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1258.503750][T23519] RBP: 00007ffa79a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1258.503766][T23519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1258.503781][T23519] R13: 00007ffa79be6038 R14: 00007ffa79be5fa0 R15: 00007ffd81ec3398 [ 1258.503817][T23519] [ 1258.504011][T23519] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1261.251124][T23561] openvswitch: netlink: IP tunnel dst address not specified [ 1261.588263][T23568] FAULT_INJECTION: forcing a failure. [ 1261.588263][T23568] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1261.693081][T23568] CPU: 0 UID: 0 PID: 23568 Comm: syz.0.3503 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1261.693140][T23568] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1261.693155][T23568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1261.693171][T23568] Call Trace: [ 1261.693180][T23568] [ 1261.693190][T23568] dump_stack_lvl+0x16c/0x1f0 [ 1261.693228][T23568] should_fail_ex+0x512/0x640 [ 1261.693270][T23568] _copy_from_user+0x2e/0xd0 [ 1261.693310][T23568] blkdev_common_ioctl+0x13e2/0x2470 [ 1261.693338][T23568] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1261.693384][T23568] ? __pfx_blkdev_common_ioctl+0x10/0x10 [ 1261.693418][T23568] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1261.693462][T23568] ? do_vfs_ioctl+0x128/0x14f0 [ 1261.693500][T23568] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1261.693547][T23568] ? find_held_lock+0x2b/0x80 [ 1261.693580][T23568] blkdev_ioctl+0x1cb/0x6d0 [ 1261.693607][T23568] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1261.693641][T23568] ? __pfx_blkdev_ioctl+0x10/0x10 [ 1261.693670][T23568] __x64_sys_ioctl+0x18e/0x210 [ 1261.693709][T23568] do_syscall_64+0xcd/0xfa0 [ 1261.693743][T23568] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1261.693770][T23568] RIP: 0033:0x7ffa7998f7c9 [ 1261.693791][T23568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1261.693815][T23568] RSP: 002b:00007ffa7a888038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1261.693839][T23568] RAX: ffffffffffffffda RBX: 00007ffa79be6090 RCX: 00007ffa7998f7c9 [ 1261.693857][T23568] RDX: 0000000000000000 RSI: 000000000000127f RDI: 0000000000000005 [ 1261.693873][T23568] RBP: 00007ffa7a888090 R08: 0000000000000000 R09: 0000000000000000 [ 1261.693889][T23568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1261.693904][T23568] R13: 00007ffa79be6128 R14: 00007ffa79be6090 R15: 00007ffd81ec3398 [ 1261.693940][T23568] [ 1262.729224][T23574] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3504'. [ 1262.796319][T23575] FAULT_INJECTION: forcing a failure. [ 1262.796319][T23575] name failslab, interval 1, probability 0, space 0, times 0 [ 1262.810157][T23575] CPU: 1 UID: 0 PID: 23575 Comm: syz.3.3504 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1262.810219][T23575] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1262.810235][T23575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1262.810252][T23575] Call Trace: [ 1262.810261][T23575] [ 1262.810272][T23575] dump_stack_lvl+0x16c/0x1f0 [ 1262.810312][T23575] should_fail_ex+0x512/0x640 [ 1262.810351][T23575] ? fs_reclaim_acquire+0xae/0x150 [ 1262.810391][T23575] should_failslab+0xc2/0x120 [ 1262.810427][T23575] __kmalloc_noprof+0xdd/0x880 [ 1262.810452][T23575] ? kfree+0x252/0x6d0 [ 1262.810474][T23575] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1262.810513][T23575] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1262.810542][T23575] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1262.810584][T23575] tomoyo_check_open_permission+0x2ab/0x3c0 [ 1262.810614][T23575] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1262.810687][T23575] ? do_raw_spin_lock+0x12c/0x2b0 [ 1262.810741][T23575] tomoyo_file_open+0x6b/0x90 [ 1262.810779][T23575] security_file_open+0x84/0x1e0 [ 1262.810810][T23575] do_dentry_open+0x596/0x1530 [ 1262.810862][T23575] vfs_open+0x82/0x3f0 [ 1262.810907][T23575] path_openat+0x1de4/0x2cb0 [ 1262.810949][T23575] ? __pfx_path_openat+0x10/0x10 [ 1262.810982][T23575] ? __lock_acquire+0xb8a/0x1c90 [ 1262.811021][T23575] do_filp_open+0x20b/0x470 [ 1262.811051][T23575] ? __pfx_do_filp_open+0x10/0x10 [ 1262.811109][T23575] ? alloc_fd+0x471/0x7d0 [ 1262.811148][T23575] do_sys_openat2+0x11b/0x1d0 [ 1262.811186][T23575] ? __pfx_do_sys_openat2+0x10/0x10 [ 1262.811226][T23575] ? find_held_lock+0x2b/0x80 [ 1262.811264][T23575] __x64_sys_openat+0x174/0x210 [ 1262.811302][T23575] ? __pfx___x64_sys_openat+0x10/0x10 [ 1262.811356][T23575] do_syscall_64+0xcd/0xfa0 [ 1262.811393][T23575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1262.811420][T23575] RIP: 0033:0x7ff38c38f7c9 [ 1262.811443][T23575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1262.811468][T23575] RSP: 002b:00007ff38d217038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1262.811494][T23575] RAX: ffffffffffffffda RBX: 00007ff38c5e6090 RCX: 00007ff38c38f7c9 [ 1262.811513][T23575] RDX: 0000000000121900 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1262.811531][T23575] RBP: 00007ff38c413f91 R08: 0000000000000000 R09: 0000000000000000 [ 1262.811549][T23575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1262.811565][T23575] R13: 00007ff38c5e6128 R14: 00007ff38c5e6090 R15: 00007ffc46d64148 [ 1262.811603][T23575] [ 1262.811615][T23575] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1263.592361][T23579] sd 0:0:1:0: PR command failed: 1026 [ 1263.597964][T23579] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1263.604724][T23579] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1266.184142][T23606] FAULT_INJECTION: forcing a failure. [ 1266.184142][T23606] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1266.276869][T23606] CPU: 1 UID: 0 PID: 23606 Comm: syz.2.3514 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1266.276924][T23606] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1266.276937][T23606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1266.276951][T23606] Call Trace: [ 1266.276959][T23606] [ 1266.276969][T23606] dump_stack_lvl+0x16c/0x1f0 [ 1266.277005][T23606] should_fail_ex+0x512/0x640 [ 1266.277045][T23606] _copy_to_user+0x32/0xd0 [ 1266.277073][T23606] simple_read_from_buffer+0xcb/0x170 [ 1266.277114][T23606] proc_fail_nth_read+0x197/0x240 [ 1266.277145][T23606] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1266.277176][T23606] ? rw_verify_area+0xcf/0x6c0 [ 1266.277219][T23606] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1266.277249][T23606] vfs_read+0x1e4/0xcf0 [ 1266.277282][T23606] ? __pfx___mutex_lock+0x10/0x10 [ 1266.277314][T23606] ? __pfx_vfs_read+0x10/0x10 [ 1266.277351][T23606] ? __fget_files+0x20e/0x3c0 [ 1266.277388][T23606] ksys_read+0x12a/0x250 [ 1266.277416][T23606] ? __pfx_ksys_read+0x10/0x10 [ 1266.277454][T23606] do_syscall_64+0xcd/0xfa0 [ 1266.277488][T23606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1266.277515][T23606] RIP: 0033:0x7fbec2b8e1dc [ 1266.277537][T23606] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1266.277562][T23606] RSP: 002b:00007fbec3ad9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1266.277593][T23606] RAX: ffffffffffffffda RBX: 00007fbec2de5fa0 RCX: 00007fbec2b8e1dc [ 1266.277611][T23606] RDX: 000000000000000f RSI: 00007fbec3ad90a0 RDI: 0000000000000006 [ 1266.277628][T23606] RBP: 00007fbec3ad9090 R08: 0000000000000000 R09: 0000000000000000 [ 1266.277644][T23606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1266.277660][T23606] R13: 00007fbec2de6038 R14: 00007fbec2de5fa0 R15: 00007ffe0eec8a38 [ 1266.277697][T23606] [ 1267.602886][T23624] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3518'. [ 1267.689426][T23627] FAULT_INJECTION: forcing a failure. [ 1267.689426][T23627] name failslab, interval 1, probability 0, space 0, times 0 [ 1267.905353][T23627] CPU: 1 UID: 0 PID: 23627 Comm: syz.2.3518 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1267.905418][T23627] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1267.905441][T23627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1267.905458][T23627] Call Trace: [ 1267.905468][T23627] [ 1267.905480][T23627] dump_stack_lvl+0x16c/0x1f0 [ 1267.905519][T23627] should_fail_ex+0x512/0x640 [ 1267.905561][T23627] ? fs_reclaim_acquire+0xae/0x150 [ 1267.905602][T23627] should_failslab+0xc2/0x120 [ 1267.905640][T23627] __kmalloc_noprof+0xdd/0x880 [ 1267.905666][T23627] ? kfree+0x252/0x6d0 [ 1267.905688][T23627] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1267.905728][T23627] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1267.905763][T23627] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1267.905807][T23627] tomoyo_check_open_permission+0x2ab/0x3c0 [ 1267.905837][T23627] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1267.905903][T23627] ? do_raw_spin_lock+0x12c/0x2b0 [ 1267.905955][T23627] tomoyo_file_open+0x6b/0x90 [ 1267.905992][T23627] security_file_open+0x84/0x1e0 [ 1267.906023][T23627] do_dentry_open+0x596/0x1530 [ 1267.906065][T23627] vfs_open+0x82/0x3f0 [ 1267.906106][T23627] path_openat+0x1de4/0x2cb0 [ 1267.906148][T23627] ? __pfx_path_openat+0x10/0x10 [ 1267.906180][T23627] ? __lock_acquire+0xb8a/0x1c90 [ 1267.906219][T23627] do_filp_open+0x20b/0x470 [ 1267.906249][T23627] ? __pfx_do_filp_open+0x10/0x10 [ 1267.906307][T23627] ? alloc_fd+0x471/0x7d0 [ 1267.906344][T23627] do_sys_openat2+0x11b/0x1d0 [ 1267.906382][T23627] ? __pfx_do_sys_openat2+0x10/0x10 [ 1267.906423][T23627] ? find_held_lock+0x2b/0x80 [ 1267.906467][T23627] __x64_sys_openat+0x174/0x210 [ 1267.906510][T23627] ? __pfx___x64_sys_openat+0x10/0x10 [ 1267.906566][T23627] do_syscall_64+0xcd/0xfa0 [ 1267.906600][T23627] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1267.906623][T23627] RIP: 0033:0x7fbec2b8f7c9 [ 1267.906643][T23627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1267.906668][T23627] RSP: 002b:00007fbec3ab8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1267.906693][T23627] RAX: ffffffffffffffda RBX: 00007fbec2de6090 RCX: 00007fbec2b8f7c9 [ 1267.906717][T23627] RDX: 0000000000121900 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1267.906736][T23627] RBP: 00007fbec2c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1267.906753][T23627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1267.906770][T23627] R13: 00007fbec2de6128 R14: 00007fbec2de6090 R15: 00007ffe0eec8a38 [ 1267.906813][T23627] [ 1268.437816][T23627] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1272.809923][T23705] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1272.833416][T23705] FAULT_INJECTION: forcing a failure. [ 1272.833416][T23705] name failslab, interval 1, probability 0, space 0, times 0 [ 1272.846718][T23705] CPU: 0 UID: 0 PID: 23705 Comm: syz.3.3537 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1272.846780][T23705] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1272.846793][T23705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1272.846808][T23705] Call Trace: [ 1272.846817][T23705] [ 1272.846827][T23705] dump_stack_lvl+0x16c/0x1f0 [ 1272.846864][T23705] should_fail_ex+0x512/0x640 [ 1272.846899][T23705] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1272.846932][T23705] should_failslab+0xc2/0x120 [ 1272.846967][T23705] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1272.846993][T23705] ? seq_open+0x55/0x170 [ 1272.847034][T23705] ? __pfx_proc_dma_show+0x10/0x10 [ 1272.847058][T23705] ? seq_open+0x55/0x170 [ 1272.847089][T23705] seq_open+0x55/0x170 [ 1272.847122][T23705] ? __pfx_proc_dma_show+0x10/0x10 [ 1272.847146][T23705] single_open+0xfc/0x1f0 [ 1272.847176][T23705] ? __pfx_proc_single_open+0x10/0x10 [ 1272.847199][T23705] proc_reg_open+0x2ab/0x5f0 [ 1272.847219][T23705] do_dentry_open+0x982/0x1530 [ 1272.847235][T23705] ? __pfx_proc_reg_open+0x10/0x10 [ 1272.847256][T23705] vfs_open+0x82/0x3f0 [ 1272.847277][T23705] path_openat+0x1de4/0x2cb0 [ 1272.847299][T23705] ? __pfx_path_openat+0x10/0x10 [ 1272.847315][T23705] ? __lock_acquire+0xb8a/0x1c90 [ 1272.847335][T23705] do_filp_open+0x20b/0x470 [ 1272.847351][T23705] ? __pfx_do_filp_open+0x10/0x10 [ 1272.847380][T23705] ? alloc_fd+0x471/0x7d0 [ 1272.847399][T23705] do_sys_openat2+0x11b/0x1d0 [ 1272.847418][T23705] ? __pfx_do_sys_openat2+0x10/0x10 [ 1272.847444][T23705] __x64_sys_openat+0x174/0x210 [ 1272.847474][T23705] ? __pfx___x64_sys_openat+0x10/0x10 [ 1272.847495][T23705] ? syscall_user_dispatch+0x78/0x140 [ 1272.847515][T23705] do_syscall_64+0xcd/0xfa0 [ 1272.847534][T23705] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1272.847548][T23705] RIP: 0033:0x7ff38c38f7c9 [ 1272.847561][T23705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1272.847575][T23705] RSP: 002b:00007ff38d238038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1272.847589][T23705] RAX: ffffffffffffffda RBX: 00007ff38c5e5fa0 RCX: 00007ff38c38f7c9 [ 1272.847599][T23705] RDX: 0000000000008340 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 1272.847609][T23705] RBP: 00007ff38c413f91 R08: 0000000000000000 R09: 0000000000000000 [ 1272.847618][T23705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1272.847626][T23705] R13: 00007ff38c5e6038 R14: 00007ff38c5e5fa0 R15: 00007ffc46d64148 [ 1272.847646][T23705] [ 1273.295810][T23717] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3539'. [ 1274.157205][T23733] FAULT_INJECTION: forcing a failure. [ 1274.157205][T23733] name failslab, interval 1, probability 0, space 0, times 0 [ 1274.213695][T23733] CPU: 0 UID: 0 PID: 23733 Comm: syz.0.3544 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1274.213755][T23733] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1274.213770][T23733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1274.213785][T23733] Call Trace: [ 1274.213793][T23733] [ 1274.213803][T23733] dump_stack_lvl+0x16c/0x1f0 [ 1274.213840][T23733] should_fail_ex+0x512/0x640 [ 1274.213877][T23733] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 1274.213911][T23733] should_failslab+0xc2/0x120 [ 1274.213944][T23733] __kvmalloc_node_noprof+0x141/0x9c0 [ 1274.213974][T23733] ? v4l2_ctrl_new+0x982/0x2190 [ 1274.214004][T23733] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1274.214050][T23733] ? v4l2_ctrl_new+0x982/0x2190 [ 1274.214077][T23733] v4l2_ctrl_new+0x982/0x2190 [ 1274.214119][T23733] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 1274.214147][T23733] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 1274.214189][T23733] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1274.214235][T23733] v4l2_ctrl_new_std+0x1be/0x290 [ 1274.214280][T23733] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 1274.214310][T23733] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 1274.214344][T23733] ? trace_kmalloc+0x2b/0xd0 [ 1274.214376][T23733] ? v4l2_ctrl_handler_init_class+0x201/0x350 [ 1274.214412][T23733] ? media_request_object_init+0x100/0x180 [ 1274.214443][T23733] vicodec_open+0x1d9/0xf70 [ 1274.214469][T23733] ? kobject_get_unless_zero+0x156/0x1e0 [ 1274.214510][T23733] v4l2_open+0x1d2/0x5e0 [ 1274.214541][T23733] ? __pfx_v4l2_open+0x10/0x10 [ 1274.214569][T23733] chrdev_open+0x234/0x6a0 [ 1274.214598][T23733] ? __pfx_apparmor_file_open+0x10/0x10 [ 1274.214634][T23733] ? __pfx_chrdev_open+0x10/0x10 [ 1274.214674][T23733] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1274.214708][T23733] do_dentry_open+0x982/0x1530 [ 1274.214740][T23733] ? __pfx_chrdev_open+0x10/0x10 [ 1274.214779][T23733] vfs_open+0x82/0x3f0 [ 1274.214821][T23733] path_openat+0x1de4/0x2cb0 [ 1274.214864][T23733] ? __pfx_path_openat+0x10/0x10 [ 1274.214895][T23733] ? __lock_acquire+0xb8a/0x1c90 [ 1274.214935][T23733] do_filp_open+0x20b/0x470 [ 1274.214965][T23733] ? __pfx_do_filp_open+0x10/0x10 [ 1274.215016][T23733] ? alloc_fd+0x471/0x7d0 [ 1274.215053][T23733] do_sys_openat2+0x11b/0x1d0 [ 1274.215091][T23733] ? __pfx_do_sys_openat2+0x10/0x10 [ 1274.215141][T23733] __x64_sys_openat+0x174/0x210 [ 1274.215179][T23733] ? __pfx___x64_sys_openat+0x10/0x10 [ 1274.215232][T23733] do_syscall_64+0xcd/0xfa0 [ 1274.215266][T23733] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1274.215294][T23733] RIP: 0033:0x7ffa7998f7c9 [ 1274.215317][T23733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1274.215345][T23733] RSP: 002b:00007ffa7a888038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1274.215371][T23733] RAX: ffffffffffffffda RBX: 00007ffa79be6090 RCX: 00007ffa7998f7c9 [ 1274.215391][T23733] RDX: 000000000000001b RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1274.215406][T23733] RBP: 00007ffa79a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1274.215421][T23733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1274.215433][T23733] R13: 00007ffa79be6128 R14: 00007ffa79be6090 R15: 00007ffd81ec3398 [ 1274.215466][T23733] [ 1275.065592][T23747] FAULT_INJECTION: forcing a failure. [ 1275.065592][T23747] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1275.135787][T23747] CPU: 0 UID: 0 PID: 23747 Comm: syz.0.3549 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1275.135845][T23747] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1275.135870][T23747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1275.135887][T23747] Call Trace: [ 1275.135896][T23747] [ 1275.135907][T23747] dump_stack_lvl+0x16c/0x1f0 [ 1275.135944][T23747] should_fail_ex+0x512/0x640 [ 1275.135984][T23747] get_futex_key+0x1d0/0x1560 [ 1275.136024][T23747] ? __pfx_get_futex_key+0x10/0x10 [ 1275.136057][T23747] ? stack_trace_save+0x8e/0xc0 [ 1275.136085][T23747] ? __pfx_stack_trace_save+0x10/0x10 [ 1275.136118][T23747] ? stack_depot_save_flags+0x29/0x9c0 [ 1275.136167][T23747] futex_wait_setup+0x9d/0x550 [ 1275.136203][T23747] __futex_wait+0x193/0x2f0 [ 1275.136228][T23747] ? __pfx___futex_wait+0x10/0x10 [ 1275.136260][T23747] ? __pfx_futex_wake_mark+0x10/0x10 [ 1275.136305][T23747] ? futex_hash+0x2c5/0x380 [ 1275.136355][T23747] ? futex_private_hash_put+0xd5/0x190 [ 1275.136392][T23747] futex_wait+0xe8/0x380 [ 1275.136416][T23747] ? __pfx_futex_wait+0x10/0x10 [ 1275.136449][T23747] ? kmem_cache_free+0x2d4/0x6c0 [ 1275.136478][T23747] ? putname+0x154/0x1a0 [ 1275.136519][T23747] do_futex+0x229/0x350 [ 1275.136552][T23747] ? __pfx_do_futex+0x10/0x10 [ 1275.136597][T23747] __x64_sys_futex+0x1e0/0x4c0 [ 1275.136632][T23747] ? __x64_sys_openat+0x174/0x210 [ 1275.136665][T23747] ? __pfx___x64_sys_futex+0x10/0x10 [ 1275.136699][T23747] ? syscall_user_dispatch+0x78/0x140 [ 1275.136735][T23747] do_syscall_64+0xcd/0xfa0 [ 1275.136769][T23747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1275.136803][T23747] RIP: 0033:0x7ffa7998f7c9 [ 1275.136825][T23747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1275.136852][T23747] RSP: 002b:00007ffa7a8a90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1275.136877][T23747] RAX: ffffffffffffffda RBX: 00007ffa79be5fa8 RCX: 00007ffa7998f7c9 [ 1275.136896][T23747] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ffa79be5fa8 [ 1275.136913][T23747] RBP: 00007ffa79be5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1275.136930][T23747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1275.136946][T23747] R13: 00007ffa79be6038 R14: 00007ffd81ec32b0 R15: 00007ffd81ec3398 [ 1275.136983][T23747] [ 1275.738764][T23745] Console: switching to colour VGA+ 80x25 [ 1276.496809][T23773] FAULT_INJECTION: forcing a failure. [ 1276.496809][T23773] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1276.586923][T23773] CPU: 0 UID: 0 PID: 23773 Comm: syz.2.3553 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1276.586982][T23773] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1276.586996][T23773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1276.587011][T23773] Call Trace: [ 1276.587020][T23773] [ 1276.587031][T23773] dump_stack_lvl+0x16c/0x1f0 [ 1276.587067][T23773] should_fail_ex+0x512/0x640 [ 1276.587110][T23773] _copy_to_user+0x32/0xd0 [ 1276.587137][T23773] simple_read_from_buffer+0xcb/0x170 [ 1276.587180][T23773] proc_fail_nth_read+0x197/0x240 [ 1276.587210][T23773] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1276.587241][T23773] ? rw_verify_area+0xcf/0x6c0 [ 1276.587265][T23773] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1276.587294][T23773] vfs_read+0x1e4/0xcf0 [ 1276.587327][T23773] ? __pfx___mutex_lock+0x10/0x10 [ 1276.587355][T23773] ? __pfx_vfs_read+0x10/0x10 [ 1276.587389][T23773] ? __fget_files+0x20e/0x3c0 [ 1276.587423][T23773] ksys_read+0x12a/0x250 [ 1276.587449][T23773] ? __pfx_ksys_read+0x10/0x10 [ 1276.587484][T23773] do_syscall_64+0xcd/0xfa0 [ 1276.587518][T23773] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1276.587545][T23773] RIP: 0033:0x7fbec2b8e1dc [ 1276.587566][T23773] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1276.587589][T23773] RSP: 002b:00007fbec3ab8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1276.587619][T23773] RAX: ffffffffffffffda RBX: 00007fbec2de6090 RCX: 00007fbec2b8e1dc [ 1276.587635][T23773] RDX: 000000000000000f RSI: 00007fbec3ab80a0 RDI: 0000000000000005 [ 1276.587650][T23773] RBP: 00007fbec3ab8090 R08: 0000000000000000 R09: 0000000000000000 [ 1276.587664][T23773] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 1276.587680][T23773] R13: 00007fbec2de6128 R14: 00007fbec2de6090 R15: 00007ffe0eec8a38 [ 1276.587717][T23773] syzkaller syzkaller login: [ 1277.499320][T23799] FAULT_INJECTION: forcing a failure. [ 1277.499320][T23799] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1277.532879][T23799] CPU: 0 UID: 0 PID: 23799 Comm: syz.0.3556 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1277.532932][T23799] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1277.532945][T23799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1277.532959][T23799] Call Trace: [ 1277.532968][T23799] [ 1277.532978][T23799] dump_stack_lvl+0x16c/0x1f0 [ 1277.533011][T23799] should_fail_ex+0x512/0x640 [ 1277.533050][T23799] _copy_to_user+0x32/0xd0 [ 1277.533074][T23799] rng_dev_read+0x1ea/0x810 [ 1277.533104][T23799] ? __pfx_virtio_read+0x10/0x10 [ 1277.533132][T23799] ? __pfx_rng_dev_read+0x10/0x10 [ 1277.533166][T23799] ? bpf_lsm_file_permission+0x9/0x10 [ 1277.533192][T23799] ? security_file_permission+0x71/0x210 [ 1277.533218][T23799] ? rw_verify_area+0xcf/0x6c0 [ 1277.533256][T23799] ? __pfx_rng_dev_read+0x10/0x10 [ 1277.533285][T23799] vfs_read+0x1e4/0xcf0 [ 1277.533317][T23799] ? __pfx_vfs_read+0x10/0x10 [ 1277.533338][T23799] ? find_held_lock+0x2b/0x80 [ 1277.533362][T23799] ? __fget_files+0x204/0x3c0 [ 1277.533390][T23799] ? __fget_files+0x20e/0x3c0 [ 1277.533422][T23799] ksys_read+0x12a/0x250 [ 1277.533446][T23799] ? __pfx_ksys_read+0x10/0x10 [ 1277.533480][T23799] do_syscall_64+0xcd/0xfa0 [ 1277.533510][T23799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1277.533534][T23799] RIP: 0033:0x7ffa7998f7c9 [ 1277.533561][T23799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1277.533582][T23799] RSP: 002b:00007ffa7a888038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1277.533604][T23799] RAX: ffffffffffffffda RBX: 00007ffa79be6090 RCX: 00007ffa7998f7c9 [ 1277.533619][T23799] RDX: 00000000fffffe82 RSI: 0000200000000040 RDI: 0000000000000004 [ 1277.533634][T23799] RBP: 00007ffa7a888090 R08: 0000000000000000 R09: 0000000000000000 [ 1277.533647][T23799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1277.533660][T23799] R13: 00007ffa79be6128 R14: 00007ffa79be6090 R15: 00007ffd81ec3398 [ 1277.533694][T23799] [ 1278.687955][T23821] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3562'. [ 1280.182272][T23848] FAULT_INJECTION: forcing a failure. [ 1280.182272][T23848] name failslab, interval 1, probability 0, space 0, times 0 [ 1280.231634][T23848] CPU: 0 UID: 0 PID: 23848 Comm: syz.1.3569 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1280.231692][T23848] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1280.231705][T23848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1280.231718][T23848] Call Trace: [ 1280.231727][T23848] [ 1280.231737][T23848] dump_stack_lvl+0x16c/0x1f0 [ 1280.231772][T23848] should_fail_ex+0x512/0x640 [ 1280.231808][T23848] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1280.231835][T23848] should_failslab+0xc2/0x120 [ 1280.231868][T23848] __kmalloc_cache_noprof+0x72/0x780 [ 1280.231893][T23848] ? __io_uring_add_tctx_node+0x132/0x500 [ 1280.231935][T23848] ? __io_uring_add_tctx_node+0x132/0x500 [ 1280.231970][T23848] __io_uring_add_tctx_node+0x132/0x500 [ 1280.232009][T23848] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 1280.232049][T23848] ? __fget_files+0x20e/0x3c0 [ 1280.232079][T23848] __io_uring_add_tctx_node_from_submit+0x89/0x130 [ 1280.232132][T23848] __do_sys_io_uring_enter+0x1239/0x1630 [ 1280.232167][T23848] ? __fget_files+0x20e/0x3c0 [ 1280.232192][T23848] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 1280.232227][T23848] ? fput+0x9b/0xd0 [ 1280.232258][T23848] ? ksys_write+0x1ac/0x250 [ 1280.232285][T23848] ? __pfx_ksys_write+0x10/0x10 [ 1280.232323][T23848] do_syscall_64+0xcd/0xfa0 [ 1280.232355][T23848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1280.232382][T23848] RIP: 0033:0x7fcc1bf8f7c9 [ 1280.232402][T23848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1280.232426][T23848] RSP: 002b:00007fcc1cd47038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 1280.232450][T23848] RAX: ffffffffffffffda RBX: 00007fcc1c1e6090 RCX: 00007fcc1bf8f7c9 [ 1280.232467][T23848] RDX: 0000000000002688 RSI: 0000000000000001 RDI: 0000000000000003 [ 1280.232482][T23848] RBP: 00007fcc1cd47090 R08: 0000000000000000 R09: 0000000000000007 [ 1280.232497][T23848] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 1280.232512][T23848] R13: 00007fcc1c1e6128 R14: 00007fcc1c1e6090 R15: 00007ffd464d3e88 [ 1280.232546][T23848] [ 1281.076395][ T5842] Bluetooth: hci3: unknown advertising packet type: 0xea [ 1281.330853][T23869] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3576'. [ 1281.735018][T23876] FAULT_INJECTION: forcing a failure. [ 1281.735018][T23876] name failslab, interval 1, probability 0, space 0, times 0 [ 1281.800482][T23877] FAULT_INJECTION: forcing a failure. [ 1281.800482][T23877] name failslab, interval 1, probability 0, space 0, times 0 [ 1281.814156][T23877] CPU: 1 UID: 0 PID: 23877 Comm: syz.1.3577 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1281.814191][T23877] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1281.814200][T23877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1281.814209][T23877] Call Trace: [ 1281.814214][T23877] [ 1281.814220][T23877] dump_stack_lvl+0x16c/0x1f0 [ 1281.814242][T23877] should_fail_ex+0x512/0x640 [ 1281.814262][T23877] ? __kmalloc_noprof+0xca/0x880 [ 1281.814278][T23877] should_failslab+0xc2/0x120 [ 1281.814297][T23877] __kmalloc_noprof+0xdd/0x880 [ 1281.814310][T23877] ? handler_new_ref+0x1b0/0xc60 [ 1281.814332][T23877] ? handler_new_ref+0x1b0/0xc60 [ 1281.814348][T23877] ? handler_new_ref+0x827/0xc60 [ 1281.814363][T23877] handler_new_ref+0x1b0/0xc60 [ 1281.814385][T23877] v4l2_ctrl_new+0x196c/0x2190 [ 1281.814410][T23877] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 1281.814433][T23877] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1281.814457][T23877] v4l2_ctrl_new_std+0x1be/0x290 [ 1281.814480][T23877] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 1281.814499][T23877] ? rcu_is_watching+0x12/0xc0 [ 1281.814513][T23877] ? trace_kmalloc+0x2b/0xd0 [ 1281.814529][T23877] ? __kvmalloc_node_noprof+0x3c0/0x9c0 [ 1281.814546][T23877] ? v4l2_ctrl_handler_init_class+0x201/0x350 [ 1281.814567][T23877] ? media_request_object_init+0x100/0x180 [ 1281.814584][T23877] vicodec_open+0x1b2/0xf70 [ 1281.814598][T23877] ? kobject_get_unless_zero+0x156/0x1e0 [ 1281.814620][T23877] v4l2_open+0x1d2/0x5e0 [ 1281.814636][T23877] ? __pfx_v4l2_open+0x10/0x10 [ 1281.814651][T23877] chrdev_open+0x234/0x6a0 [ 1281.814668][T23877] ? __pfx_apparmor_file_open+0x10/0x10 [ 1281.814687][T23877] ? __pfx_chrdev_open+0x10/0x10 [ 1281.814705][T23877] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1281.814724][T23877] do_dentry_open+0x982/0x1530 [ 1281.814741][T23877] ? __pfx_chrdev_open+0x10/0x10 [ 1281.814761][T23877] vfs_open+0x82/0x3f0 [ 1281.814782][T23877] path_openat+0x1de4/0x2cb0 [ 1281.814803][T23877] ? __pfx_path_openat+0x10/0x10 [ 1281.814820][T23877] ? __lock_acquire+0xb8a/0x1c90 [ 1281.814840][T23877] do_filp_open+0x20b/0x470 [ 1281.814863][T23877] ? __pfx_do_filp_open+0x10/0x10 [ 1281.814893][T23877] ? alloc_fd+0x471/0x7d0 [ 1281.814913][T23877] do_sys_openat2+0x11b/0x1d0 [ 1281.814932][T23877] ? __pfx_do_sys_openat2+0x10/0x10 [ 1281.814960][T23877] __x64_sys_openat+0x174/0x210 [ 1281.814981][T23877] ? __pfx___x64_sys_openat+0x10/0x10 [ 1281.815008][T23877] do_syscall_64+0xcd/0xfa0 [ 1281.815026][T23877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1281.815045][T23877] RIP: 0033:0x7fcc1bf8f7c9 [ 1281.815059][T23877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1281.815073][T23877] RSP: 002b:00007fcc1cd47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1281.815088][T23877] RAX: ffffffffffffffda RBX: 00007fcc1c1e6090 RCX: 00007fcc1bf8f7c9 [ 1281.815098][T23877] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1281.815107][T23877] RBP: 00007fcc1c013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1281.815115][T23877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1281.815124][T23877] R13: 00007fcc1c1e6128 R14: 00007fcc1c1e6090 R15: 00007ffd464d3e88 [ 1281.815144][T23877] [ 1282.186646][T23876] CPU: 0 UID: 0 PID: 23876 Comm: syz.3.3578 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1282.186706][T23876] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1282.186720][T23876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1282.186736][T23876] Call Trace: [ 1282.186744][T23876] [ 1282.186756][T23876] dump_stack_lvl+0x16c/0x1f0 [ 1282.186791][T23876] should_fail_ex+0x512/0x640 [ 1282.186825][T23876] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1282.186854][T23876] should_failslab+0xc2/0x120 [ 1282.186885][T23876] __kmalloc_cache_noprof+0x72/0x780 [ 1282.186912][T23876] ? misc_read+0x80/0x240 [ 1282.186952][T23876] ? misc_read+0x80/0x240 [ 1282.186984][T23876] misc_read+0x80/0x240 [ 1282.187024][T23876] short_proxy_read+0x12c/0x190 [ 1282.187058][T23876] ? __pfx_short_proxy_read+0x10/0x10 [ 1282.187092][T23876] vfs_read+0x1e4/0xcf0 [ 1282.187131][T23876] ? __pfx___mutex_lock+0x10/0x10 [ 1282.187161][T23876] ? __pfx_vfs_read+0x10/0x10 [ 1282.187198][T23876] ? __fget_files+0x20e/0x3c0 [ 1282.187235][T23876] ksys_read+0x12a/0x250 [ 1282.187261][T23876] ? __pfx_ksys_read+0x10/0x10 [ 1282.187299][T23876] do_syscall_64+0xcd/0xfa0 [ 1282.187332][T23876] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1282.187358][T23876] RIP: 0033:0x7ff38c38f7c9 [ 1282.187378][T23876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1282.187400][T23876] RSP: 002b:00007ff38d238038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1282.187424][T23876] RAX: ffffffffffffffda RBX: 00007ff38c5e5fa0 RCX: 00007ff38c38f7c9 [ 1282.187441][T23876] RDX: 0000000000000040 RSI: 0000200000000000 RDI: 0000000000000003 [ 1282.187458][T23876] RBP: 00007ff38d238090 R08: 0000000000000000 R09: 0000000000000000 [ 1282.187473][T23876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1282.187489][T23876] R13: 00007ff38c5e6038 R14: 00007ff38c5e5fa0 R15: 00007ffc46d64148 [ 1282.187525][T23876] [ 1282.817495][T23895] aoe: copy from user failed [ 1282.822125][T23895] aoe: could not set interface list: too many interfaces [ 1282.845275][ T30] audit: type=1800 audit(4294967359.150:390): pid=23890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3581" name="lu_gp_id" dev="configfs" ino=146639 res=0 errno=0 [ 1283.718105][ T30] audit: type=1800 audit(4294967360.030:391): pid=23923 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3590" name="lu_gp_id" dev="configfs" ino=147665 res=0 errno=0 [ 1286.690235][T23971] WARNING! power/level is deprecated; use power/control instead [ 1286.810637][T23971] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3599'. [ 1288.354374][T23958] kexec: Could not allocate control_code_buffer [ 1288.428203][T23992] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3604'. [ 1288.960085][T24005] FAULT_INJECTION: forcing a failure. [ 1288.960085][T24005] name failslab, interval 1, probability 0, space 0, times 0 [ 1288.973818][T24005] CPU: 1 UID: 0 PID: 24005 Comm: syz.2.3609 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1288.973877][T24005] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1288.973893][T24005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1288.973909][T24005] Call Trace: [ 1288.973919][T24005] [ 1288.973930][T24005] dump_stack_lvl+0x16c/0x1f0 [ 1288.973970][T24005] should_fail_ex+0x512/0x640 [ 1288.974010][T24005] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1288.974042][T24005] should_failslab+0xc2/0x120 [ 1288.974080][T24005] __kmalloc_cache_noprof+0x72/0x780 [ 1288.974107][T24005] ? rcu_is_watching+0x12/0xc0 [ 1288.974135][T24005] ? single_open+0x4d/0x1f0 [ 1288.974173][T24005] ? __pfx_proc_dma_show+0x10/0x10 [ 1288.974196][T24005] ? single_open+0x4d/0x1f0 [ 1288.974229][T24005] single_open+0x4d/0x1f0 [ 1288.974263][T24005] ? __pfx_proc_single_open+0x10/0x10 [ 1288.974302][T24005] proc_reg_open+0x2ab/0x5f0 [ 1288.974340][T24005] do_dentry_open+0x982/0x1530 [ 1288.974373][T24005] ? __pfx_proc_reg_open+0x10/0x10 [ 1288.974416][T24005] vfs_open+0x82/0x3f0 [ 1288.974471][T24005] path_openat+0x1de4/0x2cb0 [ 1288.974516][T24005] ? __pfx_path_openat+0x10/0x10 [ 1288.974549][T24005] ? __lock_acquire+0xb8a/0x1c90 [ 1288.974590][T24005] do_filp_open+0x20b/0x470 [ 1288.974622][T24005] ? __pfx_do_filp_open+0x10/0x10 [ 1288.974679][T24005] ? alloc_fd+0x471/0x7d0 [ 1288.974717][T24005] do_sys_openat2+0x11b/0x1d0 [ 1288.974755][T24005] ? __pfx_do_sys_openat2+0x10/0x10 [ 1288.974813][T24005] __x64_sys_openat+0x174/0x210 [ 1288.974850][T24005] ? __pfx___x64_sys_openat+0x10/0x10 [ 1288.974888][T24005] ? syscall_user_dispatch+0x78/0x140 [ 1288.974921][T24005] do_syscall_64+0xcd/0xfa0 [ 1288.974956][T24005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1288.974983][T24005] RIP: 0033:0x7fbec2b8f7c9 [ 1288.975003][T24005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1288.975029][T24005] RSP: 002b:00007fbec3ad9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1288.975072][T24005] RAX: ffffffffffffffda RBX: 00007fbec2de5fa0 RCX: 00007fbec2b8f7c9 [ 1288.975090][T24005] RDX: 0000000000008340 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 1288.975109][T24005] RBP: 00007fbec2c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1288.975126][T24005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1288.975142][T24005] R13: 00007fbec2de6038 R14: 00007fbec2de5fa0 R15: 00007ffe0eec8a38 [ 1288.975181][T24005] [ 1293.334874][ T30] audit: type=1804 audit(4294967369.640:392): pid=24061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3622" name="/newroot/316/file0" dev="tmpfs" ino=1698 res=1 errno=0 [ 1293.592790][T24065] FAULT_INJECTION: forcing a failure. [ 1293.592790][T24065] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1293.607156][T24065] CPU: 0 UID: 0 PID: 24065 Comm: syz.2.3626 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1293.607222][T24065] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1293.607237][T24065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1293.607254][T24065] Call Trace: [ 1293.607264][T24065] [ 1293.607274][T24065] dump_stack_lvl+0x16c/0x1f0 [ 1293.607314][T24065] should_fail_ex+0x512/0x640 [ 1293.607361][T24065] get_futex_key+0x1d0/0x1560 [ 1293.607399][T24065] ? __pfx_get_futex_key+0x10/0x10 [ 1293.607431][T24065] ? stack_trace_save+0x8e/0xc0 [ 1293.607461][T24065] ? __pfx_stack_trace_save+0x10/0x10 [ 1293.607493][T24065] ? stack_depot_save_flags+0x29/0x9c0 [ 1293.607538][T24065] futex_wait_setup+0x9d/0x550 [ 1293.607573][T24065] __futex_wait+0x193/0x2f0 [ 1293.607601][T24065] ? __pfx___futex_wait+0x10/0x10 [ 1293.607632][T24065] ? __pfx_futex_wake_mark+0x10/0x10 [ 1293.607678][T24065] ? futex_hash+0x2c5/0x380 [ 1293.607716][T24065] ? futex_private_hash_put+0xd5/0x190 [ 1293.607753][T24065] futex_wait+0xe8/0x380 [ 1293.607778][T24065] ? __pfx_futex_wait+0x10/0x10 [ 1293.607809][T24065] ? kmem_cache_free+0x2d4/0x6c0 [ 1293.607838][T24065] ? putname+0x154/0x1a0 [ 1293.607880][T24065] do_futex+0x229/0x350 [ 1293.607917][T24065] ? __pfx_do_futex+0x10/0x10 [ 1293.607962][T24065] __x64_sys_futex+0x1e0/0x4c0 [ 1293.608001][T24065] ? __x64_sys_openat+0x174/0x210 [ 1293.608040][T24065] ? __pfx___x64_sys_futex+0x10/0x10 [ 1293.608087][T24065] ? syscall_user_dispatch+0x78/0x140 [ 1293.608125][T24065] do_syscall_64+0xcd/0xfa0 [ 1293.608161][T24065] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1293.608189][T24065] RIP: 0033:0x7fbec2b8f7c9 [ 1293.608211][T24065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1293.608238][T24065] RSP: 002b:00007fbec3ad90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1293.608265][T24065] RAX: ffffffffffffffda RBX: 00007fbec2de5fa8 RCX: 00007fbec2b8f7c9 [ 1293.608284][T24065] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbec2de5fa8 [ 1293.608302][T24065] RBP: 00007fbec2de5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1293.608324][T24065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1293.608341][T24065] R13: 00007fbec2de6038 R14: 00007ffe0eec8950 R15: 00007ffe0eec8a38 [ 1293.608380][T24065] [ 1298.241530][T24145] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3645'. [ 1299.168938][T24163] FAULT_INJECTION: forcing a failure. [ 1299.168938][T24163] name failslab, interval 1, probability 0, space 0, times 0 [ 1299.233932][T24163] CPU: 1 UID: 0 PID: 24163 Comm: syz.0.3650 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1299.233988][T24163] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1299.234000][T24163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1299.234014][T24163] Call Trace: [ 1299.234023][T24163] [ 1299.234033][T24163] dump_stack_lvl+0x16c/0x1f0 [ 1299.234079][T24163] should_fail_ex+0x512/0x640 [ 1299.234120][T24163] should_failslab+0xc2/0x120 [ 1299.234151][T24163] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1299.234181][T24163] ? xas_split_alloc+0x11c/0x490 [ 1299.234219][T24163] ? xas_split_alloc+0x11c/0x490 [ 1299.234246][T24163] xas_split_alloc+0x11c/0x490 [ 1299.234287][T24163] __folio_split+0xce5/0x4d30 [ 1299.234346][T24163] ? __mem_cgroup_try_charge_swap+0x8c/0x400 [ 1299.234385][T24163] ? find_held_lock+0x2b/0x80 [ 1299.234412][T24163] ? __pfx___folio_split+0x10/0x10 [ 1299.234457][T24163] ? folio_alloc_swap+0x8af/0xd00 [ 1299.234497][T24163] shmem_writeout+0x42e/0x1140 [ 1299.234537][T24163] ? __pfx_shmem_writeout+0x10/0x10 [ 1299.234558][T24163] ? __pfx_try_to_unmap+0x10/0x10 [ 1299.234579][T24163] ? find_held_lock+0x2b/0x80 [ 1299.234606][T24163] ? inode_to_bdi+0x9e/0x160 [ 1299.234635][T24163] ? folio_clear_dirty_for_io+0x112/0x790 [ 1299.234673][T24163] shrink_folio_list+0x2f45/0x4800 [ 1299.234725][T24163] ? __pfx_shrink_folio_list+0x10/0x10 [ 1299.234770][T24163] ? __lock_acquire+0xb8a/0x1c90 [ 1299.234815][T24163] ? lock_acquire+0x179/0x350 [ 1299.234844][T24163] ? find_held_lock+0x2b/0x80 [ 1299.234908][T24163] reclaim_folio_list+0xda/0x5d0 [ 1299.234943][T24163] ? __pfx_css_rstat_updated+0x10/0x10 [ 1299.234973][T24163] ? __pfx_reclaim_folio_list+0x10/0x10 [ 1299.235021][T24163] ? lru_gen_update_size+0x543/0xe10 [ 1299.235064][T24163] ? lru_gen_del_folio+0x32b/0x540 [ 1299.235102][T24163] reclaim_pages+0x3ec/0x570 [ 1299.235130][T24163] ? __pfx_reclaim_pages+0x10/0x10 [ 1299.235152][T24163] ? madvise_cold_or_pageout_pte_range+0x1e2f/0x20d0 [ 1299.235195][T24163] madvise_cold_or_pageout_pte_range+0x14d1/0x20d0 [ 1299.235239][T24163] ? __lock_acquire+0xb8a/0x1c90 [ 1299.235273][T24163] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 1299.235318][T24163] ? lock_acquire+0x179/0x350 [ 1299.235349][T24163] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 1299.235384][T24163] walk_pgd_range+0xc05/0x1f50 [ 1299.235437][T24163] ? __pfx_walk_pgd_range+0x10/0x10 [ 1299.235463][T24163] ? __schedule+0x11a3/0x5de0 [ 1299.235498][T24163] __walk_page_range+0x163/0x820 [ 1299.235540][T24163] ? __lock_acquire+0xb8a/0x1c90 [ 1299.235582][T24163] walk_page_range_vma+0x2c7/0xa20 [ 1299.235613][T24163] ? lockdep_hardirqs_on+0x7c/0x110 [ 1299.235645][T24163] ? __pfx_walk_page_range_vma+0x10/0x10 [ 1299.235683][T24163] ? mlock_drain_local+0x24c/0x4f0 [ 1299.235716][T24163] madvise_pageout+0x257/0x540 [ 1299.235751][T24163] ? __pfx_madvise_pageout+0x10/0x10 [ 1299.235813][T24163] madvise_vma_behavior+0xb14/0x2d50 [ 1299.235854][T24163] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 1299.235886][T24163] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1299.235923][T24163] ? mas_prev+0x9b/0xf0 [ 1299.235954][T24163] ? __pfx_mas_prev+0x10/0x10 [ 1299.235995][T24163] ? find_vma_prev+0xd3/0x150 [ 1299.236028][T24163] ? __pfx_find_vma_prev+0x10/0x10 [ 1299.236071][T24163] ? rcu_is_watching+0x12/0xc0 [ 1299.236107][T24163] madvise_walk_vmas+0x31f/0x9c0 [ 1299.236149][T24163] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1299.236194][T24163] madvise_do_behavior+0x1e2/0x530 [ 1299.236233][T24163] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1299.236270][T24163] ? down_read+0x13d/0x480 [ 1299.236309][T24163] ? trace_sched_exit_tp+0xd1/0x120 [ 1299.236356][T24163] do_madvise+0x176/0x240 [ 1299.236391][T24163] ? __pfx_do_madvise+0x10/0x10 [ 1299.236436][T24163] ? __pfx___schedule+0x10/0x10 [ 1299.236463][T24163] ? __fget_files+0x20e/0x3c0 [ 1299.236515][T24163] ? syscall_user_dispatch+0x78/0x140 [ 1299.236548][T24163] __x64_sys_madvise+0xa9/0x110 [ 1299.236585][T24163] do_syscall_64+0xcd/0xfa0 [ 1299.236619][T24163] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1299.236646][T24163] RIP: 0033:0x7ffa7998f7c9 [ 1299.236667][T24163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1299.236692][T24163] RSP: 002b:00007ffa7a867038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1299.236717][T24163] RAX: ffffffffffffffda RBX: 00007ffa79be6180 RCX: 00007ffa7998f7c9 [ 1299.236735][T24163] RDX: 0000000000000015 RSI: 00000000002003f2 RDI: 0000000000000000 [ 1299.236751][T24163] RBP: 00007ffa7a867090 R08: 0000000000000000 R09: 0000000000000000 [ 1299.236767][T24163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1299.236781][T24163] R13: 00007ffa79be6218 R14: 00007ffa79be6180 R15: 00007ffd81ec3398 [ 1299.236818][T24163] [ 1299.252242][T24167] random: crng reseeded on system resumption [ 1299.259567][ C1] vkms_vblank_simulate: vblank timer overrun [ 1299.717276][ C1] vkms_vblank_simulate: vblank timer overrun [ 1299.823377][ C1] vkms_vblank_simulate: vblank timer overrun [ 1300.319655][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1300.326947][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1301.486117][T24173] svc: failed to register nfsdv3 RPC service (errno 101). [ 1301.519434][T24173] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1302.225446][T24182] FAULT_INJECTION: forcing a failure. [ 1302.225446][T24182] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1302.266990][T24182] CPU: 1 UID: 0 PID: 24182 Comm: syz.3.3653 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1302.267048][T24182] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1302.267062][T24182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1302.267078][T24182] Call Trace: [ 1302.267087][T24182] [ 1302.267097][T24182] dump_stack_lvl+0x16c/0x1f0 [ 1302.267131][T24182] should_fail_ex+0x512/0x640 [ 1302.267174][T24182] _copy_from_user+0x2e/0xd0 [ 1302.267220][T24182] generic_map_update_batch+0x38a/0x610 [ 1302.267256][T24182] ? __pfx_generic_map_update_batch+0x10/0x10 [ 1302.267289][T24182] ? __pfx_generic_map_update_batch+0x10/0x10 [ 1302.267319][T24182] bpf_map_do_batch+0x5be/0x680 [ 1302.267355][T24182] __sys_bpf+0x482c/0x4980 [ 1302.267386][T24182] ? __pfx___sys_bpf+0x10/0x10 [ 1302.267411][T24182] ? find_held_lock+0x2b/0x80 [ 1302.267445][T24182] ? find_held_lock+0x2b/0x80 [ 1302.267478][T24182] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1302.267529][T24182] ? fput+0x9b/0xd0 [ 1302.267562][T24182] ? ksys_write+0x1ac/0x250 [ 1302.267588][T24182] ? __pfx_ksys_write+0x10/0x10 [ 1302.267619][T24182] __x64_sys_bpf+0x78/0xc0 [ 1302.267644][T24182] ? lockdep_hardirqs_on+0x7c/0x110 [ 1302.267674][T24182] do_syscall_64+0xcd/0xfa0 [ 1302.267706][T24182] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1302.267732][T24182] RIP: 0033:0x7ff38c38f7c9 [ 1302.267754][T24182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1302.267778][T24182] RSP: 002b:00007ff38d238038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1302.267803][T24182] RAX: ffffffffffffffda RBX: 00007ff38c5e5fa0 RCX: 00007ff38c38f7c9 [ 1302.267821][T24182] RDX: 0000000000000092 RSI: 0000200000000380 RDI: 000000000000001a [ 1302.267837][T24182] RBP: 00007ff38d238090 R08: 0000000000000000 R09: 0000000000000000 [ 1302.267853][T24182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1302.267868][T24182] R13: 00007ff38c5e6038 R14: 00007ff38c5e5fa0 R15: 00007ffc46d64148 [ 1302.267900][T24182] [ 1302.594972][T24186] FAULT_INJECTION: forcing a failure. [ 1302.594972][T24186] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1302.631210][T24186] CPU: 0 UID: 0 PID: 24186 Comm: syz.1.3654 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1302.631274][T24186] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1302.631290][T24186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1302.631306][T24186] Call Trace: [ 1302.631315][T24186] [ 1302.631325][T24186] dump_stack_lvl+0x16c/0x1f0 [ 1302.631374][T24186] should_fail_ex+0x512/0x640 [ 1302.631420][T24186] get_futex_key+0x1d0/0x1560 [ 1302.631461][T24186] ? __pfx_get_futex_key+0x10/0x10 [ 1302.631498][T24186] ? __pick_eevdf+0x30a/0x670 [ 1302.631545][T24186] futex_wait_setup+0x9d/0x550 [ 1302.631584][T24186] __futex_wait+0x193/0x2f0 [ 1302.631611][T24186] ? __pfx___futex_wait+0x10/0x10 [ 1302.631639][T24186] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1302.631669][T24186] ? lockdep_hardirqs_on+0x7c/0x110 [ 1302.631707][T24186] ? __pfx_futex_wake_mark+0x10/0x10 [ 1302.631754][T24186] ? find_held_lock+0x2b/0x80 [ 1302.631787][T24186] ? futex_private_hash_put+0xd5/0x190 [ 1302.631823][T24186] futex_wait+0xe8/0x380 [ 1302.631847][T24186] ? __pfx_futex_wait+0x10/0x10 [ 1302.631880][T24186] ? kmem_cache_free+0x2d4/0x6c0 [ 1302.631908][T24186] ? putname+0x154/0x1a0 [ 1302.631958][T24186] do_futex+0x229/0x350 [ 1302.631994][T24186] ? __pfx_do_futex+0x10/0x10 [ 1302.632040][T24186] __x64_sys_futex+0x1e0/0x4c0 [ 1302.632078][T24186] ? __x64_sys_openat+0x174/0x210 [ 1302.632116][T24186] ? __pfx___x64_sys_futex+0x10/0x10 [ 1302.632155][T24186] ? syscall_user_dispatch+0x78/0x140 [ 1302.632189][T24186] do_syscall_64+0xcd/0xfa0 [ 1302.632224][T24186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1302.632252][T24186] RIP: 0033:0x7fcc1bf8f7c9 [ 1302.632274][T24186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1302.632300][T24186] RSP: 002b:00007fcc1cd680e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1302.632325][T24186] RAX: ffffffffffffffda RBX: 00007fcc1c1e5fa8 RCX: 00007fcc1bf8f7c9 [ 1302.632344][T24186] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fcc1c1e5fa8 [ 1302.632361][T24186] RBP: 00007fcc1c1e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1302.632378][T24186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1302.632394][T24186] R13: 00007fcc1c1e6038 R14: 00007ffd464d3da0 R15: 00007ffd464d3e88 [ 1302.632432][T24186] [ 1306.520936][T24231] random: crng reseeded on system resumption [ 1306.686192][ T5842] Bluetooth: hci0: unexpected event 0x2f length: 721 > 260 [ 1306.686219][ T5842] Bluetooth: hci0: Malformed Event: 0x2f [ 1307.884828][T24261] random: crng reseeded on system resumption [ 1309.826940][T24275] netlink: 217 bytes leftover after parsing attributes in process `syz.2.3676'. [ 1309.860682][T24285] vhci_hcd: not connected 4 [ 1310.086101][T24290] FAULT_INJECTION: forcing a failure. [ 1310.086101][T24290] name failslab, interval 1, probability 0, space 0, times 0 [ 1310.132702][T24290] CPU: 1 UID: 0 PID: 24290 Comm: syz.2.3682 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1310.132761][T24290] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1310.132776][T24290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1310.132792][T24290] Call Trace: [ 1310.132802][T24290] [ 1310.132813][T24290] dump_stack_lvl+0x16c/0x1f0 [ 1310.132851][T24290] should_fail_ex+0x512/0x640 [ 1310.132891][T24290] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1310.132922][T24290] should_failslab+0xc2/0x120 [ 1310.132959][T24290] __kmalloc_cache_noprof+0x72/0x780 [ 1310.132986][T24290] ? snd_hrtimer_open+0x43/0xf0 [ 1310.133045][T24290] ? snd_hrtimer_open+0x43/0xf0 [ 1310.133083][T24290] ? __pfx_snd_hrtimer_open+0x10/0x10 [ 1310.133120][T24290] snd_hrtimer_open+0x43/0xf0 [ 1310.133160][T24290] snd_timer_open+0xb56/0x1060 [ 1310.133294][T24290] ? __pfx_snd_timer_open+0x10/0x10 [ 1310.133335][T24290] ? kstrdup+0xb5/0x100 [ 1310.133370][T24290] snd_seq_timer_open+0x280/0x600 [ 1310.133400][T24290] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 1310.133430][T24290] ? find_held_lock+0x2b/0x80 [ 1310.133458][T24290] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1310.133491][T24290] ? lockdep_hardirqs_on+0x7c/0x110 [ 1310.133524][T24290] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1310.133560][T24290] queue_use+0xe3/0x250 [ 1310.133599][T24290] snd_seq_queue_alloc+0x2e5/0x5a0 [ 1310.133643][T24290] snd_seq_ioctl_create_queue+0xa9/0x390 [ 1310.133680][T24290] call_seq_client_ctl+0x9f/0x110 [ 1310.133716][T24290] snd_seq_kernel_client_ctl+0x77/0xd0 [ 1310.133749][T24290] alloc_seq_queue+0xda/0x180 [ 1310.133778][T24290] ? __pfx_alloc_seq_queue+0x10/0x10 [ 1310.133830][T24290] ? mark_held_locks+0x49/0x80 [ 1310.133864][T24290] ? _raw_spin_unlock_irq+0x23/0x50 [ 1310.133892][T24290] ? lockdep_hardirqs_on+0x7c/0x110 [ 1310.133928][T24290] snd_seq_oss_open+0x38c/0xa20 [ 1310.133963][T24290] odev_open+0x79/0xc0 [ 1310.133991][T24290] ? __pfx_odev_open+0x10/0x10 [ 1310.134021][T24290] soundcore_open+0x40c/0x580 [ 1310.134056][T24290] ? __pfx_soundcore_open+0x10/0x10 [ 1310.134087][T24290] chrdev_open+0x234/0x6a0 [ 1310.134119][T24290] ? __pfx_apparmor_file_open+0x10/0x10 [ 1310.134158][T24290] ? __pfx_chrdev_open+0x10/0x10 [ 1310.134202][T24290] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1310.134241][T24290] do_dentry_open+0x982/0x1530 [ 1310.134276][T24290] ? __pfx_chrdev_open+0x10/0x10 [ 1310.134317][T24290] vfs_open+0x82/0x3f0 [ 1310.134358][T24290] path_openat+0x1de4/0x2cb0 [ 1310.134401][T24290] ? __pfx_path_openat+0x10/0x10 [ 1310.134433][T24290] ? __lock_acquire+0xb8a/0x1c90 [ 1310.134472][T24290] do_filp_open+0x20b/0x470 [ 1310.134503][T24290] ? __pfx_do_filp_open+0x10/0x10 [ 1310.134560][T24290] ? alloc_fd+0x471/0x7d0 [ 1310.134598][T24290] do_sys_openat2+0x11b/0x1d0 [ 1310.134636][T24290] ? __pfx_do_sys_openat2+0x10/0x10 [ 1310.134677][T24290] ? __pfx___might_resched+0x10/0x10 [ 1310.134715][T24290] __x64_sys_openat+0x174/0x210 [ 1310.134755][T24290] ? __pfx___x64_sys_openat+0x10/0x10 [ 1310.134809][T24290] do_syscall_64+0xcd/0xfa0 [ 1310.134844][T24290] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1310.134871][T24290] RIP: 0033:0x7fbec2b8f7c9 [ 1310.134894][T24290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1310.134920][T24290] RSP: 002b:00007fbec3ad9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1310.134945][T24290] RAX: ffffffffffffffda RBX: 00007fbec2de5fa0 RCX: 00007fbec2b8f7c9 [ 1310.134964][T24290] RDX: 0000000000040000 RSI: 0000200000000380 RDI: ffffffffffffff9c [ 1310.134982][T24290] RBP: 00007fbec2c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1310.134999][T24290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1310.135017][T24290] R13: 00007fbec2de6038 R14: 00007fbec2de5fa0 R15: 00007ffe0eec8a38 [ 1310.135055][T24290] [ 1311.813646][T24324] svc: failed to register nfsdv3 RPC service (errno 111). [ 1311.829299][T24324] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1312.179659][T24338] random: crng reseeded on system resumption [ 1312.384980][ T5842] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5 [ 1312.504655][T24344] random: crng reseeded on system resumption [ 1312.676631][ T5842] Bluetooth: hci1: unexpected event 0x2f length: 721 > 260 [ 1312.676656][ T5842] Bluetooth: hci1: Malformed Event: 0x2f [ 1313.157793][T24359] random: crng reseeded on system resumption [ 1314.386469][T24376] netlink: 217 bytes leftover after parsing attributes in process `syz.3.3703'. [ 1314.711588][T24382] random: crng reseeded on system resumption [ 1314.819515][T24347] Bluetooth: hci1: unexpected event 0x2f length: 721 > 260 [ 1314.819555][T24347] Bluetooth: hci1: Malformed Event: 0x2f [ 1314.965074][T24390] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3707'. [ 1316.455140][T24426] random: crng reseeded on system resumption [ 1316.590910][T24347] Bluetooth: hci3: unexpected event 0x2f length: 721 > 260 [ 1316.590936][T24347] Bluetooth: hci3: Malformed Event: 0x2f [ 1316.634262][T24428] FAULT_INJECTION: forcing a failure. [ 1316.634262][T24428] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1316.703108][T24428] CPU: 0 UID: 0 PID: 24428 Comm: syz.3.3718 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1316.703202][T24428] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1316.703219][T24428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1316.703237][T24428] Call Trace: [ 1316.703247][T24428] [ 1316.703258][T24428] dump_stack_lvl+0x16c/0x1f0 [ 1316.703297][T24428] should_fail_ex+0x512/0x640 [ 1316.703342][T24428] _copy_from_user+0x2e/0xd0 [ 1316.703385][T24428] memdup_user+0x6b/0xe0 [ 1316.703416][T24428] strndup_user+0x78/0xe0 [ 1316.703448][T24428] __x64_sys_fsopen+0x9c/0x240 [ 1316.703486][T24428] do_syscall_64+0xcd/0xfa0 [ 1316.703523][T24428] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1316.703549][T24428] RIP: 0033:0x7ff38c38f7c9 [ 1316.703572][T24428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1316.703597][T24428] RSP: 002b:00007ff38d238038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 1316.703623][T24428] RAX: ffffffffffffffda RBX: 00007ff38c5e5fa0 RCX: 00007ff38c38f7c9 [ 1316.703642][T24428] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1316.703658][T24428] RBP: 00007ff38c413f91 R08: 0000000000000000 R09: 0000000000000000 [ 1316.703674][T24428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1316.703690][T24428] R13: 00007ff38c5e6038 R14: 00007ff38c5e5fa0 R15: 00007ffc46d64148 [ 1316.703726][T24428] [ 1317.238527][T24439] FAULT_INJECTION: forcing a failure. [ 1317.238527][T24439] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1317.270298][T24439] CPU: 0 UID: 0 PID: 24439 Comm: syz.1.3722 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1317.270358][T24439] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1317.270375][T24439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1317.270389][T24439] Call Trace: [ 1317.270398][T24439] [ 1317.270408][T24439] dump_stack_lvl+0x16c/0x1f0 [ 1317.270447][T24439] should_fail_ex+0x512/0x640 [ 1317.270492][T24439] get_futex_key+0x1d0/0x1560 [ 1317.270540][T24439] ? __pfx_get_futex_key+0x10/0x10 [ 1317.270573][T24439] ? stack_trace_save+0x8e/0xc0 [ 1317.270605][T24439] ? __pfx_stack_trace_save+0x10/0x10 [ 1317.270637][T24439] ? stack_depot_save_flags+0x29/0x9c0 [ 1317.270681][T24439] futex_wait_setup+0x9d/0x550 [ 1317.270716][T24439] __futex_wait+0x193/0x2f0 [ 1317.270740][T24439] ? __pfx___futex_wait+0x10/0x10 [ 1317.270772][T24439] ? __pfx_futex_wake_mark+0x10/0x10 [ 1317.270815][T24439] ? futex_hash+0x2c5/0x380 [ 1317.270848][T24439] ? futex_private_hash_put+0xd5/0x190 [ 1317.270883][T24439] futex_wait+0xe8/0x380 [ 1317.270907][T24439] ? __pfx_futex_wait+0x10/0x10 [ 1317.270938][T24439] ? kmem_cache_free+0x2d4/0x6c0 [ 1317.270967][T24439] ? putname+0x154/0x1a0 [ 1317.271008][T24439] do_futex+0x229/0x350 [ 1317.271043][T24439] ? __pfx_do_futex+0x10/0x10 [ 1317.271087][T24439] __x64_sys_futex+0x1e0/0x4c0 [ 1317.271125][T24439] ? __x64_sys_openat+0x174/0x210 [ 1317.271164][T24439] ? __pfx___x64_sys_futex+0x10/0x10 [ 1317.271200][T24439] ? syscall_user_dispatch+0x78/0x140 [ 1317.271235][T24439] do_syscall_64+0xcd/0xfa0 [ 1317.271270][T24439] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1317.271298][T24439] RIP: 0033:0x7fcc1bf8f7c9 [ 1317.271320][T24439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1317.271345][T24439] RSP: 002b:00007fcc1cd680e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1317.271371][T24439] RAX: ffffffffffffffda RBX: 00007fcc1c1e5fa8 RCX: 00007fcc1bf8f7c9 [ 1317.271389][T24439] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fcc1c1e5fa8 [ 1317.271406][T24439] RBP: 00007fcc1c1e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1317.271424][T24439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1317.271441][T24439] R13: 00007fcc1c1e6038 R14: 00007ffd464d3da0 R15: 00007ffd464d3e88 [ 1317.271479][T24439] [ 1317.553020][T24443] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3723'. [ 1317.651356][T24428] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3718'. [ 1318.371078][T24470] openvswitch: netlink: Tunnel attr 9 has unexpected len 4 expected 2 [ 1318.689549][T24474] random: crng reseeded on system resumption [ 1319.665124][T24499] random: crng reseeded on system resumption [ 1320.909279][T24527] bonding: no command found in bonding_masters - use +ifname or -ifname [ 1320.980048][T24527] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(791418124.25.1), cmd(6) [ 1321.155187][T24530] svc: failed to register nfsdv3 RPC service (errno 111). [ 1321.190779][T24535] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3749'. [ 1321.200361][T24530] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1321.593030][T24541] random: crng reseeded on system resumption [ 1321.714780][T24347] Bluetooth: hci0: unexpected event 0x2f length: 721 > 260 [ 1321.714806][T24347] Bluetooth: hci0: Malformed Event: 0x2f [ 1321.986687][T24550] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3754'. [ 1322.484522][T24567] netlink: 206 bytes leftover after parsing attributes in process `syz.0.3757'. [ 1324.143006][T24593] svc: failed to register nfsdv3 RPC service (errno 101). [ 1324.163846][T24593] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1324.254020][T24601] FAULT_INJECTION: forcing a failure. [ 1324.254020][T24601] name failslab, interval 1, probability 0, space 0, times 0 [ 1324.269961][T24601] CPU: 0 UID: 0 PID: 24601 Comm: syz.0.3767 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1324.269994][T24601] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1324.270002][T24601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1324.270011][T24601] Call Trace: [ 1324.270017][T24601] [ 1324.270023][T24601] dump_stack_lvl+0x16c/0x1f0 [ 1324.270045][T24601] should_fail_ex+0x512/0x640 [ 1324.270067][T24601] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1324.270084][T24601] should_failslab+0xc2/0x120 [ 1324.270103][T24601] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1324.270117][T24601] ? taskstats_exit+0x654/0xbe0 [ 1324.270134][T24601] ? taskstats_exit+0x654/0xbe0 [ 1324.270145][T24601] ? acct_update_integrals+0x2ce/0x4a0 [ 1324.270157][T24601] taskstats_exit+0x654/0xbe0 [ 1324.270171][T24601] ? __pfx_taskstats_exit+0x10/0x10 [ 1324.270188][T24601] ? exit_signals+0x38e/0xb40 [ 1324.270206][T24601] do_exit+0x5dc/0x2bf0 [ 1324.270229][T24601] ? __pfx_do_exit+0x10/0x10 [ 1324.270247][T24601] ? do_raw_spin_lock+0x12c/0x2b0 [ 1324.270269][T24601] ? find_held_lock+0x2b/0x80 [ 1324.270286][T24601] do_group_exit+0xd3/0x2a0 [ 1324.270306][T24601] get_signal+0x2671/0x26d0 [ 1324.270331][T24601] ? kmem_cache_free+0x2d4/0x6c0 [ 1324.270350][T24601] ? __pfx_get_signal+0x10/0x10 [ 1324.270365][T24601] ? do_futex+0x122/0x350 [ 1324.270385][T24601] ? __pfx_do_futex+0x10/0x10 [ 1324.270404][T24601] arch_do_signal_or_restart+0x8f/0x790 [ 1324.270424][T24601] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1324.270447][T24601] ? syscall_user_dispatch+0x78/0x140 [ 1324.270463][T24601] exit_to_user_mode_loop+0x85/0x130 [ 1324.270486][T24601] do_syscall_64+0x426/0xfa0 [ 1324.270505][T24601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1324.270519][T24601] RIP: 0033:0x7ffa7998f7c9 [ 1324.270531][T24601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1324.270545][T24601] RSP: 002b:00007ffa7a8a90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1324.270559][T24601] RAX: fffffffffffffe00 RBX: 00007ffa79be5fa8 RCX: 00007ffa7998f7c9 [ 1324.270569][T24601] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ffa79be5fa8 [ 1324.270578][T24601] RBP: 00007ffa79be5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1324.270586][T24601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1324.270595][T24601] R13: 00007ffa79be6038 R14: 00007ffd81ec32b0 R15: 00007ffd81ec3398 [ 1324.270614][T24601] [ 1324.773624][T24607] random: crng reseeded on system resumption [ 1324.856543][T24347] Bluetooth: hci4: unexpected event 0x2f length: 721 > 260 [ 1324.856568][T24347] Bluetooth: hci4: Malformed Event: 0x2f [ 1325.486085][T24612] zswap: compressor not available [ 1326.529707][T24640] FAULT_INJECTION: forcing a failure. [ 1326.529707][T24640] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1326.561223][T24640] CPU: 0 UID: 0 PID: 24640 Comm: syz.2.3777 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1326.561281][T24640] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1326.561296][T24640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1326.561311][T24640] Call Trace: [ 1326.561320][T24640] [ 1326.561329][T24640] dump_stack_lvl+0x16c/0x1f0 [ 1326.561366][T24640] should_fail_ex+0x512/0x640 [ 1326.561410][T24640] get_futex_key+0x1d0/0x1560 [ 1326.561449][T24640] ? __pfx_get_futex_key+0x10/0x10 [ 1326.561492][T24640] futex_wake+0xea/0x530 [ 1326.561527][T24640] ? rcu_is_watching+0x12/0xc0 [ 1326.561557][T24640] ? __pfx_futex_wake+0x10/0x10 [ 1326.561596][T24640] ? kmem_cache_free+0x2d4/0x6c0 [ 1326.561621][T24640] ? putname+0x154/0x1a0 [ 1326.561670][T24640] do_futex+0x1e3/0x350 [ 1326.561703][T24640] ? __pfx_do_futex+0x10/0x10 [ 1326.561745][T24640] __x64_sys_futex+0x1e0/0x4c0 [ 1326.561780][T24640] ? __x64_sys_openat+0x174/0x210 [ 1326.561814][T24640] ? __pfx___x64_sys_futex+0x10/0x10 [ 1326.561851][T24640] ? syscall_user_dispatch+0x78/0x140 [ 1326.561887][T24640] do_syscall_64+0xcd/0xfa0 [ 1326.561918][T24640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1326.561951][T24640] RIP: 0033:0x7fbec2b8f7c9 [ 1326.561974][T24640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1326.562000][T24640] RSP: 002b:00007fbec3ad90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1326.562024][T24640] RAX: ffffffffffffffda RBX: 00007fbec2de5fa8 RCX: 00007fbec2b8f7c9 [ 1326.562039][T24640] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fbec2de5fac [ 1326.562054][T24640] RBP: 00007fbec2de5fa0 R08: 00007fbec3ada000 R09: 0000000000000000 [ 1326.562070][T24640] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 1326.562083][T24640] R13: 00007fbec2de6038 R14: 00007ffe0eec8950 R15: 00007ffe0eec8a38 [ 1326.562119][T24640] [ 1326.971574][T24649] FAULT_INJECTION: forcing a failure. [ 1326.971574][T24649] name failslab, interval 1, probability 0, space 0, times 0 [ 1326.997523][T24649] CPU: 0 UID: 0 PID: 24649 Comm: syz.1.3778 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1326.997562][T24649] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1326.997569][T24649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1326.997578][T24649] Call Trace: [ 1326.997583][T24649] [ 1326.997589][T24649] dump_stack_lvl+0x16c/0x1f0 [ 1326.997612][T24649] should_fail_ex+0x512/0x640 [ 1326.997636][T24649] should_failslab+0xc2/0x120 [ 1326.997662][T24649] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1326.997679][T24649] ? xas_split_alloc+0x11c/0x490 [ 1326.997700][T24649] ? xas_split_alloc+0x11c/0x490 [ 1326.997715][T24649] xas_split_alloc+0x11c/0x490 [ 1326.997737][T24649] __folio_split+0xce5/0x4d30 [ 1326.997769][T24649] ? __mem_cgroup_try_charge_swap+0x8c/0x400 [ 1326.997791][T24649] ? find_held_lock+0x2b/0x80 [ 1326.997807][T24649] ? __pfx___folio_split+0x10/0x10 [ 1326.997832][T24649] ? folio_alloc_swap+0x8af/0xd00 [ 1326.997855][T24649] shmem_writeout+0x42e/0x1140 [ 1326.997872][T24649] ? __pfx_shmem_writeout+0x10/0x10 [ 1326.997885][T24649] ? __pfx_try_to_unmap+0x10/0x10 [ 1326.997899][T24649] ? find_held_lock+0x2b/0x80 [ 1326.997916][T24649] ? inode_to_bdi+0x9e/0x160 [ 1326.997932][T24649] ? folio_clear_dirty_for_io+0x112/0x790 [ 1326.997954][T24649] shrink_folio_list+0x2f45/0x4800 [ 1326.997982][T24649] ? __pfx_shrink_folio_list+0x10/0x10 [ 1326.998039][T24649] reclaim_folio_list+0xda/0x5d0 [ 1326.998060][T24649] ? __pfx_css_rstat_updated+0x10/0x10 [ 1326.998078][T24649] ? __pfx_reclaim_folio_list+0x10/0x10 [ 1326.998107][T24649] ? lru_gen_update_size+0x543/0xe10 [ 1326.998132][T24649] ? lru_gen_del_folio+0x32b/0x540 [ 1326.998153][T24649] reclaim_pages+0x3ec/0x570 [ 1326.998168][T24649] ? __pfx_reclaim_pages+0x10/0x10 [ 1326.998182][T24649] ? madvise_cold_or_pageout_pte_range+0x1e2f/0x20d0 [ 1326.998206][T24649] madvise_cold_or_pageout_pte_range+0x14d1/0x20d0 [ 1326.998235][T24649] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 1326.998257][T24649] ? __lock_acquire+0x622/0x1c90 [ 1326.998277][T24649] ? __pfx_stack_trace_save+0x10/0x10 [ 1326.998293][T24649] ? css_rstat_updated+0x1c2/0x510 [ 1326.998310][T24649] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 1326.998330][T24649] walk_pgd_range+0xc05/0x1f50 [ 1326.998359][T24649] ? __pfx_walk_pgd_range+0x10/0x10 [ 1326.998379][T24649] __walk_page_range+0x163/0x820 [ 1326.998397][T24649] ? __lock_acquire+0xb8a/0x1c90 [ 1326.998420][T24649] walk_page_range_vma+0x2c7/0xa20 [ 1326.998438][T24649] ? __pfx_walk_page_range_vma+0x10/0x10 [ 1326.998454][T24649] ? find_held_lock+0x2b/0x80 [ 1326.998475][T24649] madvise_pageout+0x257/0x540 [ 1326.998495][T24649] ? __pfx_madvise_pageout+0x10/0x10 [ 1326.998527][T24649] madvise_vma_behavior+0xb14/0x2d50 [ 1326.998549][T24649] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 1326.998566][T24649] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1326.998586][T24649] ? mas_prev+0x9b/0xf0 [ 1326.998603][T24649] ? __pfx_mas_prev+0x10/0x10 [ 1326.998635][T24649] ? find_vma_prev+0xd3/0x150 [ 1326.998669][T24649] ? __pfx_find_vma_prev+0x10/0x10 [ 1326.998703][T24649] ? __lock_acquire+0x622/0x1c90 [ 1326.998723][T24649] madvise_walk_vmas+0x31f/0x9c0 [ 1326.998752][T24649] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1326.998795][T24649] madvise_do_behavior+0x1e2/0x530 [ 1326.998830][T24649] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1326.998867][T24649] ? down_read+0x13d/0x480 [ 1326.998914][T24649] do_madvise+0x176/0x240 [ 1326.998941][T24649] ? __pfx_do_madvise+0x10/0x10 [ 1326.998969][T24649] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1326.999012][T24649] ? __fget_files+0x20e/0x3c0 [ 1326.999051][T24649] ? __pfx_ksys_write+0x10/0x10 [ 1326.999086][T24649] __x64_sys_madvise+0xa9/0x110 [ 1326.999111][T24649] ? lockdep_hardirqs_on+0x7c/0x110 [ 1326.999128][T24649] do_syscall_64+0xcd/0xfa0 [ 1326.999146][T24649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1326.999161][T24649] RIP: 0033:0x7fcc1bf8f7c9 [ 1326.999174][T24649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1326.999188][T24649] RSP: 002b:00007fcc1a1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1326.999202][T24649] RAX: ffffffffffffffda RBX: 00007fcc1c1e6180 RCX: 00007fcc1bf8f7c9 [ 1326.999212][T24649] RDX: 0000000000000015 RSI: 00000000002003f2 RDI: 0000000000000000 [ 1326.999221][T24649] RBP: 00007fcc1a1f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1326.999230][T24649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1326.999239][T24649] R13: 00007fcc1c1e6218 R14: 00007fcc1c1e6180 R15: 00007ffd464d3e88 [ 1326.999258][T24649] [ 1328.121109][T24657] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3782'. [ 1328.134762][T24655] FAULT_INJECTION: forcing a failure. [ 1328.134762][T24655] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1328.151498][T24655] CPU: 1 UID: 0 PID: 24655 Comm: syz.1.3781 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1328.151564][T24655] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1328.151580][T24655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1328.151596][T24655] Call Trace: [ 1328.151605][T24655] [ 1328.151615][T24655] dump_stack_lvl+0x16c/0x1f0 [ 1328.151652][T24655] should_fail_ex+0x512/0x640 [ 1328.151695][T24655] _copy_from_user+0x2e/0xd0 [ 1328.151734][T24655] memdup_user+0x6b/0xe0 [ 1328.151763][T24655] strndup_user+0x78/0xe0 [ 1328.151795][T24655] __x64_sys_fsopen+0x9c/0x240 [ 1328.151844][T24655] do_syscall_64+0xcd/0xfa0 [ 1328.151880][T24655] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1328.151908][T24655] RIP: 0033:0x7fcc1bf8f7c9 [ 1328.151931][T24655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1328.151957][T24655] RSP: 002b:00007fcc1cd68038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 1328.151984][T24655] RAX: ffffffffffffffda RBX: 00007fcc1c1e5fa0 RCX: 00007fcc1bf8f7c9 [ 1328.152002][T24655] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1328.152018][T24655] RBP: 00007fcc1c013f91 R08: 0000000000000000 R09: 0000000000000000 [ 1328.152034][T24655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1328.152052][T24655] R13: 00007fcc1c1e6038 R14: 00007fcc1c1e5fa0 R15: 00007ffd464d3e88 [ 1328.152099][T24655] [ 1328.381940][T24655] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3781'. [ 1330.970140][T24705] nvme_fcloop: unknown parameter or missing value '7' [ 1332.212265][T24724] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3795'. [ 1332.486742][ T30] audit: type=1800 audit(4294967319.180:393): pid=24730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3797" name="lu_gp_id" dev="configfs" ino=151308 res=0 errno=0 [ 1333.835894][ T30] audit: type=1326 audit(4294967320.519:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24757 comm="syz.2.3807" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbec2b8f7c9 code=0x0 [ 1333.915349][ T30] audit: type=1800 audit(4294967320.599:395): pid=24760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3804" name="lu_gp_id" dev="configfs" ino=151375 res=0 errno=0 [ 1336.576620][T24800] FAULT_INJECTION: forcing a failure. [ 1336.576620][T24800] name failslab, interval 1, probability 0, space 0, times 0 [ 1336.607318][T24800] CPU: 0 UID: 0 PID: 24800 Comm: syz.3.3817 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1336.607380][T24800] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1336.607395][T24800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1336.607410][T24800] Call Trace: [ 1336.607418][T24800] [ 1336.607429][T24800] dump_stack_lvl+0x16c/0x1f0 [ 1336.607469][T24800] should_fail_ex+0x512/0x640 [ 1336.607509][T24800] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 1336.607546][T24800] should_failslab+0xc2/0x120 [ 1336.607585][T24800] __kvmalloc_node_noprof+0x141/0x9c0 [ 1336.607622][T24800] ? v4l2_ctrl_new+0x982/0x2190 [ 1336.607653][T24800] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1336.607698][T24800] ? v4l2_ctrl_new+0x982/0x2190 [ 1336.607723][T24800] v4l2_ctrl_new+0x982/0x2190 [ 1336.607763][T24800] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 1336.607795][T24800] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 1336.607835][T24800] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1336.607875][T24800] v4l2_ctrl_new_std+0x1be/0x290 [ 1336.607919][T24800] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 1336.607959][T24800] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 1336.608004][T24800] ? trace_kmalloc+0x2b/0xd0 [ 1336.608036][T24800] ? v4l2_ctrl_handler_init_class+0x201/0x350 [ 1336.608073][T24800] ? media_request_object_init+0x100/0x180 [ 1336.608102][T24800] vicodec_open+0x1d9/0xf70 [ 1336.608127][T24800] ? kobject_get_unless_zero+0x156/0x1e0 [ 1336.608168][T24800] v4l2_open+0x1d2/0x5e0 [ 1336.608197][T24800] ? __pfx_v4l2_open+0x10/0x10 [ 1336.608225][T24800] chrdev_open+0x234/0x6a0 [ 1336.608255][T24800] ? __pfx_apparmor_file_open+0x10/0x10 [ 1336.608294][T24800] ? __pfx_chrdev_open+0x10/0x10 [ 1336.608326][T24800] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1336.608363][T24800] do_dentry_open+0x982/0x1530 [ 1336.608394][T24800] ? __pfx_chrdev_open+0x10/0x10 [ 1336.608431][T24800] vfs_open+0x82/0x3f0 [ 1336.608471][T24800] path_openat+0x1de4/0x2cb0 [ 1336.608513][T24800] ? __pfx_path_openat+0x10/0x10 [ 1336.608545][T24800] ? __lock_acquire+0xb8a/0x1c90 [ 1336.608584][T24800] do_filp_open+0x20b/0x470 [ 1336.608614][T24800] ? __pfx_do_filp_open+0x10/0x10 [ 1336.608672][T24800] ? alloc_fd+0x471/0x7d0 [ 1336.608708][T24800] do_sys_openat2+0x11b/0x1d0 [ 1336.608745][T24800] ? __pfx_do_sys_openat2+0x10/0x10 [ 1336.608797][T24800] __x64_sys_openat+0x174/0x210 [ 1336.608836][T24800] ? __pfx___x64_sys_openat+0x10/0x10 [ 1336.608889][T24800] do_syscall_64+0xcd/0xfa0 [ 1336.608923][T24800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1336.608960][T24800] RIP: 0033:0x7ff38c38f7c9 [ 1336.608983][T24800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1336.609009][T24800] RSP: 002b:00007ff38d238038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1336.609036][T24800] RAX: ffffffffffffffda RBX: 00007ff38c5e5fa0 RCX: 00007ff38c38f7c9 [ 1336.609055][T24800] RDX: 0000000000001b00 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1336.609082][T24800] RBP: 00007ff38c413f91 R08: 0000000000000000 R09: 0000000000000000 [ 1336.609099][T24800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1336.609117][T24800] R13: 00007ff38c5e6038 R14: 00007ff38c5e5fa0 R15: 00007ffc46d64148 [ 1336.609157][T24800] [ 1337.138556][T24811] FAULT_INJECTION: forcing a failure. [ 1337.138556][T24811] name failslab, interval 1, probability 0, space 0, times 0 [ 1337.180732][T24811] CPU: 1 UID: 0 PID: 24811 Comm: syz.3.3820 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1337.180789][T24811] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1337.180805][T24811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1337.180820][T24811] Call Trace: [ 1337.180828][T24811] [ 1337.180838][T24811] dump_stack_lvl+0x16c/0x1f0 [ 1337.180874][T24811] should_fail_ex+0x512/0x640 [ 1337.180918][T24811] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 1337.180952][T24811] should_failslab+0xc2/0x120 [ 1337.180987][T24811] __kvmalloc_node_noprof+0x141/0x9c0 [ 1337.181020][T24811] ? v4l2_ctrl_handler_init_class+0x201/0x350 [ 1337.181061][T24811] ? v4l2_ctrl_handler_init_class+0x201/0x350 [ 1337.181092][T24811] ? v4l2_ctrl_handler_init_class+0x113/0x350 [ 1337.181122][T24811] v4l2_ctrl_handler_init_class+0x201/0x350 [ 1337.181159][T24811] vicodec_open+0x18b/0xf70 [ 1337.181183][T24811] ? kobject_get_unless_zero+0x156/0x1e0 [ 1337.181224][T24811] v4l2_open+0x1d2/0x5e0 [ 1337.181255][T24811] ? __pfx_v4l2_open+0x10/0x10 [ 1337.181283][T24811] chrdev_open+0x234/0x6a0 [ 1337.181317][T24811] ? __pfx_apparmor_file_open+0x10/0x10 [ 1337.181356][T24811] ? __pfx_chrdev_open+0x10/0x10 [ 1337.181389][T24811] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1337.181425][T24811] do_dentry_open+0x982/0x1530 [ 1337.181456][T24811] ? __pfx_chrdev_open+0x10/0x10 [ 1337.181493][T24811] vfs_open+0x82/0x3f0 [ 1337.181532][T24811] path_openat+0x1de4/0x2cb0 [ 1337.181574][T24811] ? __pfx_path_openat+0x10/0x10 [ 1337.181604][T24811] ? __lock_acquire+0xb8a/0x1c90 [ 1337.181641][T24811] do_filp_open+0x20b/0x470 [ 1337.181670][T24811] ? __pfx_do_filp_open+0x10/0x10 [ 1337.181725][T24811] ? alloc_fd+0x471/0x7d0 [ 1337.181763][T24811] do_sys_openat2+0x11b/0x1d0 [ 1337.181798][T24811] ? __pfx_do_sys_openat2+0x10/0x10 [ 1337.181838][T24811] ? __fget_files+0x20e/0x3c0 [ 1337.181871][T24811] __x64_sys_openat+0x174/0x210 [ 1337.181915][T24811] ? __pfx___x64_sys_openat+0x10/0x10 [ 1337.181950][T24811] ? ksys_write+0x1ac/0x250 [ 1337.181990][T24811] do_syscall_64+0xcd/0xfa0 [ 1337.182025][T24811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1337.182052][T24811] RIP: 0033:0x7ff38c38f7c9 [ 1337.182074][T24811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1337.182097][T24811] RSP: 002b:00007ff38d238038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1337.182122][T24811] RAX: ffffffffffffffda RBX: 00007ff38c5e5fa0 RCX: 00007ff38c38f7c9 [ 1337.182139][T24811] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1337.182156][T24811] RBP: 00007ff38d238090 R08: 0000000000000000 R09: 0000000000000000 [ 1337.182172][T24811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1337.182187][T24811] R13: 00007ff38c5e6038 R14: 00007ff38c5e5fa0 R15: 00007ffc46d64148 [ 1337.182225][T24811] [ 1337.471303][ C1] vkms_vblank_simulate: vblank timer overrun [ 1337.809295][T24815] random: crng reseeded on system resumption [ 1337.930340][T24347] Bluetooth: hci3: unexpected event 0x2f length: 721 > 260 [ 1337.930367][T24347] Bluetooth: hci3: Malformed Event: 0x2f [ 1338.206154][T24347] Bluetooth: hci1: command 0x0406 tx timeout [ 1339.165471][T24838] svc: failed to register nfsdv3 RPC service (errno 101). [ 1339.214635][T24838] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1340.275184][T24862] random: crng reseeded on system resumption [ 1340.461439][T18066] Bluetooth: hci0: unexpected event 0x2f length: 721 > 260 [ 1340.461466][T18066] Bluetooth: hci0: Malformed Event: 0x2f [ 1340.621780][T24871] netlink: 'syz.0.3837': attribute type 1 has an invalid length. [ 1340.629662][T24871] netlink: 13 bytes leftover after parsing attributes in process `syz.0.3837'. [ 1340.651610][T24871] FAULT_INJECTION: forcing a failure. [ 1340.651610][T24871] name failslab, interval 1, probability 0, space 0, times 0 [ 1340.713569][T24871] CPU: 0 UID: 0 PID: 24871 Comm: syz.0.3837 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1340.713636][T24871] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1340.713650][T24871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1340.713666][T24871] Call Trace: [ 1340.713675][T24871] [ 1340.713686][T24871] dump_stack_lvl+0x16c/0x1f0 [ 1340.713719][T24871] should_fail_ex+0x512/0x640 [ 1340.713760][T24871] should_failslab+0xc2/0x120 [ 1340.713794][T24871] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1340.713823][T24871] ? skb_clone+0x190/0x3f0 [ 1340.713854][T24871] ? skb_clone+0x190/0x3f0 [ 1340.713876][T24871] skb_clone+0x190/0x3f0 [ 1340.713904][T24871] netlink_deliver_tap+0xabd/0xd30 [ 1340.713939][T24871] netlink_unicast+0x71f/0x870 [ 1340.713973][T24871] ? __pfx_netlink_unicast+0x10/0x10 [ 1340.714001][T24871] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1340.714044][T24871] netlink_ack+0x696/0xb80 [ 1340.714083][T24871] nfnetlink_rcv_batch+0x1b18/0x2350 [ 1340.714127][T24871] ? irq_work_queue+0xce/0x100 [ 1340.714161][T24871] ? __pfx_nfnetlink_rcv_batch+0x10/0x10 [ 1340.714197][T24871] ? find_held_lock+0x2b/0x80 [ 1340.714244][T24871] ? __pfx____ratelimit+0x10/0x10 [ 1340.714274][T24871] ? rcu_is_watching+0x12/0xc0 [ 1340.714301][T24871] ? do_trace_netlink_extack+0x164/0x1e0 [ 1340.714340][T24871] ? __nla_validate_parse+0x600/0x2880 [ 1340.714379][T24871] ? __pfx___nla_validate_parse+0x10/0x10 [ 1340.714409][T24871] ? aa_get_newest_label+0xd2/0x250 [ 1340.714446][T24871] ? apparmor_capable+0x114/0x1d0 [ 1340.714491][T24871] ? __nla_parse+0x40/0x60 [ 1340.714524][T24871] nfnetlink_rcv+0x3c1/0x430 [ 1340.714558][T24871] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 1340.714608][T24871] netlink_unicast+0x5aa/0x870 [ 1340.714639][T24871] ? __pfx_netlink_unicast+0x10/0x10 [ 1340.714677][T24871] netlink_sendmsg+0x8c8/0xdd0 [ 1340.714707][T24871] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1340.714734][T24871] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1340.714776][T24871] ____sys_sendmsg+0xa98/0xc70 [ 1340.714807][T24871] ? copy_msghdr_from_user+0x10a/0x160 [ 1340.714833][T24871] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1340.714882][T24871] ___sys_sendmsg+0x134/0x1d0 [ 1340.714909][T24871] ? __pfx____sys_sendmsg+0x10/0x10 [ 1340.714967][T24871] ? __pfx_vfs_write+0x10/0x10 [ 1340.714996][T24871] ? do_sys_openat2+0x157/0x1d0 [ 1340.715037][T24871] __sys_sendmsg+0x16d/0x220 [ 1340.715065][T24871] ? __pfx___sys_sendmsg+0x10/0x10 [ 1340.715103][T24871] ? syscall_user_dispatch+0x78/0x140 [ 1340.715140][T24871] do_syscall_64+0xcd/0xfa0 [ 1340.715174][T24871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1340.715202][T24871] RIP: 0033:0x7ffa7998f7c9 [ 1340.715223][T24871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1340.715248][T24871] RSP: 002b:00007ffa7a8a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1340.715273][T24871] RAX: ffffffffffffffda RBX: 00007ffa79be5fa0 RCX: 00007ffa7998f7c9 [ 1340.715292][T24871] RDX: 0000000010004010 RSI: 0000200000000100 RDI: 0000000000000002 [ 1340.715309][T24871] RBP: 00007ffa7a8a9090 R08: 0000000000000000 R09: 0000000000000000 [ 1340.715325][T24871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1340.715341][T24871] R13: 00007ffa79be6038 R14: 00007ffa79be5fa0 R15: 00007ffd81ec3398 [ 1340.715379][T24871] [ 1341.362373][T24882] svc: failed to register nfsdv3 RPC service (errno 101). [ 1341.396129][T24882] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1342.029725][T24890] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3843'. [ 1342.152506][T24890] netlink: 'syz.2.3843': attribute type 4 has an invalid length. [ 1342.191887][T24890] netlink: 314 bytes leftover after parsing attributes in process `syz.2.3843'. [ 1342.262612][T24890] IPv6: NLM_F_CREATE should be specified when creating new route [ 1342.759671][T24911] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3846'. [ 1343.548593][T18066] Bluetooth: hci3: unknown advertising packet type: 0xea [ 1343.558766][T24925] svc: failed to register nfsdv3 RPC service (errno 111). [ 1343.621062][T24925] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1343.942341][T24932] FAULT_INJECTION: forcing a failure. [ 1343.942341][T24932] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1343.955734][T24932] CPU: 1 UID: 0 PID: 24932 Comm: syz.1.3852 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1343.955769][T24932] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1343.955777][T24932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1343.955786][T24932] Call Trace: [ 1343.955792][T24932] [ 1343.955798][T24932] dump_stack_lvl+0x16c/0x1f0 [ 1343.955821][T24932] should_fail_ex+0x512/0x640 [ 1343.955853][T24932] get_futex_key+0x1d0/0x1560 [ 1343.955891][T24932] ? __pfx_get_futex_key+0x10/0x10 [ 1343.955919][T24932] ? stack_trace_save+0x8e/0xc0 [ 1343.955937][T24932] ? __pfx_stack_trace_save+0x10/0x10 [ 1343.955955][T24932] ? stack_depot_save_flags+0x29/0x9c0 [ 1343.955978][T24932] futex_wait_setup+0x9d/0x550 [ 1343.955998][T24932] __futex_wait+0x193/0x2f0 [ 1343.956012][T24932] ? __pfx___futex_wait+0x10/0x10 [ 1343.956028][T24932] ? __pfx_futex_wake_mark+0x10/0x10 [ 1343.956051][T24932] ? futex_hash+0x2c5/0x380 [ 1343.956069][T24932] ? futex_private_hash_put+0xd5/0x190 [ 1343.956088][T24932] futex_wait+0xe8/0x380 [ 1343.956100][T24932] ? __pfx_futex_wait+0x10/0x10 [ 1343.956117][T24932] ? kmem_cache_free+0x2d4/0x6c0 [ 1343.956131][T24932] ? putname+0x154/0x1a0 [ 1343.956153][T24932] do_futex+0x229/0x350 [ 1343.956171][T24932] ? __pfx_do_futex+0x10/0x10 [ 1343.956193][T24932] __x64_sys_futex+0x1e0/0x4c0 [ 1343.956213][T24932] ? __x64_sys_openat+0x174/0x210 [ 1343.956232][T24932] ? __pfx___x64_sys_futex+0x10/0x10 [ 1343.956251][T24932] ? syscall_user_dispatch+0x78/0x140 [ 1343.956277][T24932] do_syscall_64+0xcd/0xfa0 [ 1343.956297][T24932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1343.956313][T24932] RIP: 0033:0x7fcc1bf8f7c9 [ 1343.956325][T24932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1343.956338][T24932] RSP: 002b:00007fcc1cd680e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1343.956352][T24932] RAX: ffffffffffffffda RBX: 00007fcc1c1e5fa8 RCX: 00007fcc1bf8f7c9 [ 1343.956362][T24932] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fcc1c1e5fa8 [ 1343.956371][T24932] RBP: 00007fcc1c1e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1343.956380][T24932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1343.956388][T24932] R13: 00007fcc1c1e6038 R14: 00007ffd464d3da0 R15: 00007ffd464d3e88 [ 1343.956407][T24932] [ 1345.388140][T24959] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3860'. [ 1345.776284][T24970] FAULT_INJECTION: forcing a failure. [ 1345.776284][T24970] name failslab, interval 1, probability 0, space 0, times 0 [ 1345.786182][T24972] FAULT_INJECTION: forcing a failure. [ 1345.786182][T24972] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1345.799825][T24970] CPU: 0 UID: 0 PID: 24970 Comm: syz.3.3864 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1345.799883][T24970] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1345.799897][T24970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1345.799911][T24970] Call Trace: [ 1345.799920][T24970] [ 1345.799930][T24970] dump_stack_lvl+0x16c/0x1f0 [ 1345.799966][T24970] should_fail_ex+0x512/0x640 [ 1345.800002][T24970] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1345.800032][T24970] should_failslab+0xc2/0x120 [ 1345.800073][T24970] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1345.800099][T24970] ? taskstats_exit+0x654/0xbe0 [ 1345.800129][T24970] ? taskstats_exit+0x654/0xbe0 [ 1345.800150][T24970] taskstats_exit+0x654/0xbe0 [ 1345.800176][T24970] ? __pfx_taskstats_exit+0x10/0x10 [ 1345.800210][T24970] do_exit+0x5dc/0x2bf0 [ 1345.800250][T24970] ? __pfx_do_exit+0x10/0x10 [ 1345.800283][T24970] ? do_raw_spin_lock+0x12c/0x2b0 [ 1345.800320][T24970] ? find_held_lock+0x2b/0x80 [ 1345.800351][T24970] do_group_exit+0xd3/0x2a0 [ 1345.800387][T24970] get_signal+0x2671/0x26d0 [ 1345.800418][T24970] ? kmem_cache_free+0x2d4/0x6c0 [ 1345.800452][T24970] ? __pfx_get_signal+0x10/0x10 [ 1345.800480][T24970] ? do_futex+0x122/0x350 [ 1345.800513][T24970] ? __pfx_do_futex+0x10/0x10 [ 1345.800549][T24970] arch_do_signal_or_restart+0x8f/0x790 [ 1345.800582][T24970] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1345.800627][T24970] ? syscall_user_dispatch+0x78/0x140 [ 1345.800658][T24970] exit_to_user_mode_loop+0x85/0x130 [ 1345.800696][T24970] do_syscall_64+0x426/0xfa0 [ 1345.800729][T24970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1345.800754][T24970] RIP: 0033:0x7ff38c38f7c9 [ 1345.800775][T24970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1345.800799][T24970] RSP: 002b:00007ff38d2380e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1345.800822][T24970] RAX: fffffffffffffe00 RBX: 00007ff38c5e5fa8 RCX: 00007ff38c38f7c9 [ 1345.800840][T24970] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff38c5e5fa8 [ 1345.800856][T24970] RBP: 00007ff38c5e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1345.800872][T24970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1345.800887][T24970] R13: 00007ff38c5e6038 R14: 00007ffc46d64060 R15: 00007ffc46d64148 [ 1345.800922][T24970] [ 1346.112418][T24972] CPU: 0 UID: 0 PID: 24972 Comm: syz.0.3865 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1346.112477][T24972] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1346.112493][T24972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1346.112510][T24972] Call Trace: [ 1346.112520][T24972] [ 1346.112531][T24972] dump_stack_lvl+0x16c/0x1f0 [ 1346.112570][T24972] should_fail_ex+0x512/0x640 [ 1346.112615][T24972] _copy_from_user+0x2e/0xd0 [ 1346.112658][T24972] memdup_user+0x6b/0xe0 [ 1346.112688][T24972] strndup_user+0x78/0xe0 [ 1346.112719][T24972] __x64_sys_fsopen+0x9c/0x240 [ 1346.112758][T24972] do_syscall_64+0xcd/0xfa0 [ 1346.112794][T24972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1346.112822][T24972] RIP: 0033:0x7ffa7998f7c9 [ 1346.112844][T24972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1346.112871][T24972] RSP: 002b:00007ffa7a8a9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 1346.112897][T24972] RAX: ffffffffffffffda RBX: 00007ffa79be5fa0 RCX: 00007ffa7998f7c9 [ 1346.112917][T24972] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1346.112934][T24972] RBP: 00007ffa79a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1346.112950][T24972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1346.112968][T24972] R13: 00007ffa79be6038 R14: 00007ffa79be5fa0 R15: 00007ffd81ec3398 [ 1346.113006][T24972] [ 1346.334313][ T30] audit: type=1800 audit(4294967333.023:396): pid=24981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=153030 res=0 errno=0 [ 1346.899400][T24997] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3869'. [ 1347.016906][T24999] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3872'. [ 1348.733146][T25023] FAULT_INJECTION: forcing a failure. [ 1348.733146][T25023] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1348.767296][T25023] CPU: 1 UID: 0 PID: 25023 Comm: syz.2.3878 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1348.767360][T25023] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1348.767376][T25023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1348.767393][T25023] Call Trace: [ 1348.767404][T25023] [ 1348.767415][T25023] dump_stack_lvl+0x16c/0x1f0 [ 1348.767455][T25023] should_fail_ex+0x512/0x640 [ 1348.767500][T25023] should_fail_alloc_page+0xe7/0x130 [ 1348.767540][T25023] prepare_alloc_pages+0x3c2/0x610 [ 1348.767575][T25023] ? page_table_check_set+0x627/0x750 [ 1348.767609][T25023] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1348.767640][T25023] ? page_table_check_set+0x631/0x750 [ 1348.767669][T25023] ? xas_move_index+0xb0/0x110 [ 1348.767703][T25023] ? xas_find+0x303/0x890 [ 1348.767737][T25023] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 1348.767773][T25023] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1348.767806][T25023] ? find_held_lock+0x2b/0x80 [ 1348.767842][T25023] ? filemap_map_pages+0x1260/0x1e30 [ 1348.767876][T25023] ? filemap_map_pages+0x12dd/0x1e30 [ 1348.767907][T25023] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1348.767952][T25023] ? policy_nodemask+0xea/0x4e0 [ 1348.767992][T25023] alloc_pages_mpol+0x1fb/0x550 [ 1348.768030][T25023] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1348.768071][T25023] alloc_pages_noprof+0x131/0x390 [ 1348.768103][T25023] pte_alloc_one+0x1e/0x350 [ 1348.768132][T25023] do_pte_missing+0x1acf/0x3ba0 [ 1348.768169][T25023] ? __thp_vma_allowable_orders+0x1c8/0xcd0 [ 1348.768211][T25023] __handle_mm_fault+0x1556/0x2aa0 [ 1348.768258][T25023] ? __pfx___handle_mm_fault+0x10/0x10 [ 1348.768298][T25023] ? folio_mark_accessed+0xc1/0xc00 [ 1348.768331][T25023] ? __pfx_folio_mark_accessed+0x10/0x10 [ 1348.768363][T25023] ? find_held_lock+0x2b/0x80 [ 1348.768414][T25023] handle_mm_fault+0x589/0xd10 [ 1348.768463][T25023] __get_user_pages+0x54e/0x3530 [ 1348.768517][T25023] ? __pfx___get_user_pages+0x10/0x10 [ 1348.768564][T25023] populate_vma_page_range+0x267/0x3f0 [ 1348.768604][T25023] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1348.768643][T25023] ? __pfx_find_vma_intersection+0x10/0x10 [ 1348.768679][T25023] ? __pfx_apply_mlockall_flags+0x10/0x10 [ 1348.768714][T25023] __mm_populate+0x1d8/0x380 [ 1348.768754][T25023] ? __pfx___mm_populate+0x10/0x10 [ 1348.768794][T25023] ? up_write+0x1b2/0x520 [ 1348.768844][T25023] __do_sys_mlockall+0x516/0x5d0 [ 1348.768876][T25023] do_syscall_64+0xcd/0xfa0 [ 1348.768912][T25023] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1348.768941][T25023] RIP: 0033:0x7fbec2b8f7c9 [ 1348.768964][T25023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1348.768991][T25023] RSP: 002b:00007fbec3ad9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 1348.769018][T25023] RAX: ffffffffffffffda RBX: 00007fbec2de5fa0 RCX: 00007fbec2b8f7c9 [ 1348.769038][T25023] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1348.769055][T25023] RBP: 00007fbec2c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1348.769073][T25023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1348.769090][T25023] R13: 00007fbec2de6038 R14: 00007fbec2de5fa0 R15: 00007ffe0eec8a38 [ 1348.769130][T25023] [ 1350.236303][T25041] random: crng reseeded on system resumption [ 1353.037644][T25079] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3887'. [ 1353.663834][T25085] FAULT_INJECTION: forcing a failure. [ 1353.663834][T25085] name failslab, interval 1, probability 0, space 0, times 0 [ 1353.722257][T25085] CPU: 1 UID: 0 PID: 25085 Comm: syz.0.3892 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1353.722328][T25085] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1353.722344][T25085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1353.722361][T25085] Call Trace: [ 1353.722370][T25085] [ 1353.722381][T25085] dump_stack_lvl+0x16c/0x1f0 [ 1353.722419][T25085] should_fail_ex+0x512/0x640 [ 1353.722458][T25085] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1353.722488][T25085] should_failslab+0xc2/0x120 [ 1353.722523][T25085] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1353.722551][T25085] ? ptlock_alloc+0x1f/0x70 [ 1353.722597][T25085] ? ptlock_alloc+0x1f/0x70 [ 1353.722634][T25085] ptlock_alloc+0x1f/0x70 [ 1353.722672][T25085] pte_alloc_one+0x84/0x350 [ 1353.722703][T25085] do_pte_missing+0x1acf/0x3ba0 [ 1353.722743][T25085] ? __thp_vma_allowable_orders+0x1c8/0xcd0 [ 1353.722790][T25085] __handle_mm_fault+0x1556/0x2aa0 [ 1353.722838][T25085] ? __pfx___handle_mm_fault+0x10/0x10 [ 1353.722878][T25085] ? folio_mark_accessed+0xc1/0xc00 [ 1353.722911][T25085] ? __pfx_folio_mark_accessed+0x10/0x10 [ 1353.722945][T25085] ? find_held_lock+0x2b/0x80 [ 1353.722996][T25085] handle_mm_fault+0x589/0xd10 [ 1353.723044][T25085] __get_user_pages+0x54e/0x3530 [ 1353.723096][T25085] ? __pfx___get_user_pages+0x10/0x10 [ 1353.723143][T25085] populate_vma_page_range+0x267/0x3f0 [ 1353.723183][T25085] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1353.723221][T25085] ? __pfx_find_vma_intersection+0x10/0x10 [ 1353.723257][T25085] ? __pfx_apply_mlockall_flags+0x10/0x10 [ 1353.723290][T25085] __mm_populate+0x1d8/0x380 [ 1353.723331][T25085] ? __pfx___mm_populate+0x10/0x10 [ 1353.723369][T25085] ? up_write+0x1b2/0x520 [ 1353.723409][T25085] __do_sys_mlockall+0x516/0x5d0 [ 1353.723438][T25085] do_syscall_64+0xcd/0xfa0 [ 1353.723473][T25085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1353.723501][T25085] RIP: 0033:0x7ffa7998f7c9 [ 1353.723523][T25085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1353.723550][T25085] RSP: 002b:00007ffa7a8a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 1353.723577][T25085] RAX: ffffffffffffffda RBX: 00007ffa79be5fa0 RCX: 00007ffa7998f7c9 [ 1353.723596][T25085] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1353.723613][T25085] RBP: 00007ffa79a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1353.723630][T25085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1353.723647][T25085] R13: 00007ffa79be6038 R14: 00007ffa79be5fa0 R15: 00007ffd81ec3398 [ 1353.723686][T25085] [ 1355.335600][T25110] svc: failed to register nfsdv3 RPC service (errno 101). [ 1355.349146][T25110] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1355.824369][T25115] svc: failed to register nfsdv3 RPC service (errno 101). [ 1355.837952][T25119] FAULT_INJECTION: forcing a failure. [ 1355.837952][T25119] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1355.851171][T25119] CPU: 0 UID: 0 PID: 25119 Comm: syz.2.3901 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1355.851206][T25119] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1355.851214][T25119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1355.851223][T25119] Call Trace: [ 1355.851229][T25119] [ 1355.851235][T25119] dump_stack_lvl+0x16c/0x1f0 [ 1355.851257][T25119] should_fail_ex+0x512/0x640 [ 1355.851282][T25119] get_futex_key+0x1d0/0x1560 [ 1355.851303][T25119] ? __pfx_get_futex_key+0x10/0x10 [ 1355.851322][T25119] ? __pfx___schedule+0x10/0x10 [ 1355.851337][T25119] ? trace_sched_set_need_resched_tp+0xf3/0x150 [ 1355.851355][T25119] futex_wait_setup+0x9d/0x550 [ 1355.851373][T25119] __futex_wait+0x193/0x2f0 [ 1355.851387][T25119] ? __pfx___futex_wait+0x10/0x10 [ 1355.851402][T25119] ? __pfx_futex_wake_mark+0x10/0x10 [ 1355.851426][T25119] ? find_held_lock+0x2b/0x80 [ 1355.851443][T25119] ? futex_private_hash_put+0xd5/0x190 [ 1355.851461][T25119] futex_wait+0xe8/0x380 [ 1355.851473][T25119] ? __pfx_futex_wait+0x10/0x10 [ 1355.851489][T25119] ? kmem_cache_free+0x2d4/0x6c0 [ 1355.851504][T25119] ? putname+0x154/0x1a0 [ 1355.851525][T25119] do_futex+0x229/0x350 [ 1355.851543][T25119] ? __pfx_do_futex+0x10/0x10 [ 1355.851566][T25119] __x64_sys_futex+0x1e0/0x4c0 [ 1355.851585][T25119] ? __x64_sys_openat+0x174/0x210 [ 1355.851605][T25119] ? __pfx___x64_sys_futex+0x10/0x10 [ 1355.851624][T25119] ? syscall_user_dispatch+0x78/0x140 [ 1355.851647][T25119] do_syscall_64+0xcd/0xfa0 [ 1355.851665][T25119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1355.851680][T25119] RIP: 0033:0x7fbec2b8f7c9 [ 1355.851693][T25119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1355.851706][T25119] RSP: 002b:00007fbec3ad90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1355.851720][T25119] RAX: ffffffffffffffda RBX: 00007fbec2de5fa8 RCX: 00007fbec2b8f7c9 [ 1355.851729][T25119] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbec2de5fa8 [ 1355.851738][T25119] RBP: 00007fbec2de5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1355.851746][T25119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1355.851755][T25119] R13: 00007fbec2de6038 R14: 00007ffe0eec8950 R15: 00007ffe0eec8a38 [ 1355.851773][T25119] [ 1356.117858][T25115] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1356.584056][T25129] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3903'. [ 1356.602443][T25130] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3905'. [ 1357.302642][ T30] audit: type=1800 audit(4294967343.978:397): pid=25149 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=153598 res=0 errno=0 [ 1357.715778][T25155] random: crng reseeded on system resumption [ 1357.759847][T18066] Bluetooth: hci0: unexpected event 0x2f length: 721 > 260 [ 1357.759883][T18066] Bluetooth: hci0: Malformed Event: 0x2f [ 1358.992860][T25180] svc: failed to register nfsdv3 RPC service (errno 101). [ 1359.029661][T25180] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1359.219870][T25187] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3918'. [ 1359.264992][T25189] random: crng reseeded on system resumption [ 1359.280056][T18066] Bluetooth: hci4: unexpected event 0x2f length: 721 > 260 [ 1359.280090][T18066] Bluetooth: hci4: Malformed Event: 0x2f [ 1359.701185][T25201] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 1359.799310][T25199] vhci_hcd: invalid port number 252 [ 1359.804586][T25199] vhci_hcd: default hub control req: 040f v0772 i00fc l2 [ 1360.004547][T25202] ALSA: mixer_oss: invalid OSS volume '0' [ 1360.029161][T25202] ALSA: mixer_oss: invalid OSS volume 'PHONET' [ 1360.035559][T25202] ALSA: mixer_oss: invalid OSS volume 'L2TP/IPv6' [ 1360.113322][T25205] FAULT_INJECTION: forcing a failure. [ 1360.113322][T25205] name failslab, interval 1, probability 0, space 0, times 0 [ 1360.146971][T25205] CPU: 0 UID: 0 PID: 25205 Comm: syz.0.3927 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1360.147004][T25205] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1360.147012][T25205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1360.147021][T25205] Call Trace: [ 1360.147026][T25205] [ 1360.147032][T25205] dump_stack_lvl+0x16c/0x1f0 [ 1360.147055][T25205] should_fail_ex+0x512/0x640 [ 1360.147075][T25205] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1360.147092][T25205] should_failslab+0xc2/0x120 [ 1360.147112][T25205] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1360.147126][T25205] ? taskstats_exit+0x654/0xbe0 [ 1360.147142][T25205] ? taskstats_exit+0x654/0xbe0 [ 1360.147154][T25205] ? acct_update_integrals+0x2ce/0x4a0 [ 1360.147166][T25205] taskstats_exit+0x654/0xbe0 [ 1360.147179][T25205] ? __pfx_taskstats_exit+0x10/0x10 [ 1360.147195][T25205] ? exit_signals+0x38e/0xb40 [ 1360.147213][T25205] do_exit+0x5dc/0x2bf0 [ 1360.147235][T25205] ? __pfx_do_exit+0x10/0x10 [ 1360.147253][T25205] ? do_raw_spin_lock+0x12c/0x2b0 [ 1360.147275][T25205] ? find_held_lock+0x2b/0x80 [ 1360.147292][T25205] do_group_exit+0xd3/0x2a0 [ 1360.147312][T25205] get_signal+0x2671/0x26d0 [ 1360.147330][T25205] ? kmem_cache_free+0x2d4/0x6c0 [ 1360.147349][T25205] ? __pfx_get_signal+0x10/0x10 [ 1360.147364][T25205] ? do_futex+0x122/0x350 [ 1360.147383][T25205] ? __pfx_do_futex+0x10/0x10 [ 1360.147403][T25205] arch_do_signal_or_restart+0x8f/0x790 [ 1360.147422][T25205] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1360.147445][T25205] ? syscall_user_dispatch+0x78/0x140 [ 1360.147470][T25205] exit_to_user_mode_loop+0x85/0x130 [ 1360.147492][T25205] do_syscall_64+0x426/0xfa0 [ 1360.147510][T25205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1360.147532][T25205] RIP: 0033:0x7ffa7998f7c9 [ 1360.147544][T25205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1360.147558][T25205] RSP: 002b:00007ffa7a8a90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1360.147573][T25205] RAX: fffffffffffffe00 RBX: 00007ffa79be5fa8 RCX: 00007ffa7998f7c9 [ 1360.147583][T25205] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ffa79be5fa8 [ 1360.147592][T25205] RBP: 00007ffa79be5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1360.147601][T25205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1360.147610][T25205] R13: 00007ffa79be6038 R14: 00007ffd81ec32b0 R15: 00007ffd81ec3398 [ 1360.147632][T25205] [ 1361.167636][T25228] svc: failed to register nfsdv3 RPC service (errno 101). [ 1361.177878][T25228] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1361.501973][T25235] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3932'. [ 1361.734438][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1361.741253][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1362.750185][T25265] svc: failed to register nfsdv3 RPC service (errno 101). [ 1362.814068][T25265] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1363.274825][T18066] Bluetooth: hci3: unknown advertising packet type: 0xea [ 1363.303533][T25272] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3942'. [ 1363.751776][T25285] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3944'. [ 1365.893327][T25329] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3955'. [ 1367.364098][T25364] FAULT_INJECTION: forcing a failure. [ 1367.364098][T25364] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1367.378483][T25364] CPU: 0 UID: 0 PID: 25364 Comm: syz.1.3964 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1367.378522][T25364] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1367.378530][T25364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1367.378539][T25364] Call Trace: [ 1367.378545][T25364] [ 1367.378551][T25364] dump_stack_lvl+0x16c/0x1f0 [ 1367.378573][T25364] should_fail_ex+0x512/0x640 [ 1367.378597][T25364] get_futex_key+0x1d0/0x1560 [ 1367.378619][T25364] ? __pfx_get_futex_key+0x10/0x10 [ 1367.378637][T25364] ? stack_trace_save+0x8e/0xc0 [ 1367.378652][T25364] ? __pfx_stack_trace_save+0x10/0x10 [ 1367.378669][T25364] ? stack_depot_save_flags+0x29/0x9c0 [ 1367.378693][T25364] futex_wait_setup+0x9d/0x550 [ 1367.378712][T25364] __futex_wait+0x193/0x2f0 [ 1367.378725][T25364] ? __pfx___futex_wait+0x10/0x10 [ 1367.378741][T25364] ? __pfx_futex_wake_mark+0x10/0x10 [ 1367.378763][T25364] ? futex_hash+0x2c5/0x380 [ 1367.378782][T25364] ? futex_private_hash_put+0xd5/0x190 [ 1367.378808][T25364] futex_wait+0xe8/0x380 [ 1367.378822][T25364] ? __pfx_futex_wait+0x10/0x10 [ 1367.378839][T25364] ? kmem_cache_free+0x2d4/0x6c0 [ 1367.378855][T25364] ? putname+0x154/0x1a0 [ 1367.378877][T25364] do_futex+0x229/0x350 [ 1367.378896][T25364] ? __pfx_do_futex+0x10/0x10 [ 1367.378918][T25364] __x64_sys_futex+0x1e0/0x4c0 [ 1367.378937][T25364] ? __x64_sys_openat+0x174/0x210 [ 1367.378957][T25364] ? __pfx___x64_sys_futex+0x10/0x10 [ 1367.378976][T25364] ? syscall_user_dispatch+0x78/0x140 [ 1367.378994][T25364] do_syscall_64+0xcd/0xfa0 [ 1367.379012][T25364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1367.379027][T25364] RIP: 0033:0x7fcc1bf8f7c9 [ 1367.379041][T25364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1367.379055][T25364] RSP: 002b:00007fcc1cd680e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1367.379069][T25364] RAX: ffffffffffffffda RBX: 00007fcc1c1e5fa8 RCX: 00007fcc1bf8f7c9 [ 1367.379079][T25364] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fcc1c1e5fa8 [ 1367.379088][T25364] RBP: 00007fcc1c1e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1367.379098][T25364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1367.379106][T25364] R13: 00007fcc1c1e6038 R14: 00007ffd464d3da0 R15: 00007ffd464d3e88 [ 1367.379126][T25364] [ 1368.049973][T25372] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3966'. [ 1368.805636][T25383] svc: failed to register nfsdv3 RPC service (errno 101). [ 1368.814301][T25383] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1371.315983][T25437] FAULT_INJECTION: forcing a failure. [ 1371.315983][T25437] name failslab, interval 1, probability 0, space 0, times 0 [ 1371.385047][T25437] CPU: 1 UID: 0 PID: 25437 Comm: syz.0.3979 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1371.385098][T25437] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1371.385112][T25437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1371.385125][T25437] Call Trace: [ 1371.385134][T25437] [ 1371.385144][T25437] dump_stack_lvl+0x16c/0x1f0 [ 1371.385183][T25437] should_fail_ex+0x512/0x640 [ 1371.385218][T25437] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1371.385248][T25437] should_failslab+0xc2/0x120 [ 1371.385281][T25437] __kmalloc_cache_noprof+0x72/0x780 [ 1371.385306][T25437] ? alloc_fs_context+0x57/0x9c0 [ 1371.385342][T25437] ? alloc_fs_context+0x57/0x9c0 [ 1371.385384][T25437] alloc_fs_context+0x57/0x9c0 [ 1371.385420][T25437] path_mount+0xe1b/0x23a0 [ 1371.385456][T25437] ? __pfx_path_mount+0x10/0x10 [ 1371.385486][T25437] ? kmem_cache_free+0x2d4/0x6c0 [ 1371.385509][T25437] ? putname+0x154/0x1a0 [ 1371.385558][T25437] ? putname+0x154/0x1a0 [ 1371.385583][T25437] ? putname+0x154/0x1a0 [ 1371.385614][T25437] ? __x64_sys_mount+0x293/0x310 [ 1371.385640][T25437] __x64_sys_mount+0x293/0x310 [ 1371.385670][T25437] ? __pfx___x64_sys_mount+0x10/0x10 [ 1371.385709][T25437] do_syscall_64+0xcd/0xfa0 [ 1371.385742][T25437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1371.385769][T25437] RIP: 0033:0x7ffa7998f7c9 [ 1371.385791][T25437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1371.385815][T25437] RSP: 002b:00007ffa7a8a9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 1371.385837][T25437] RAX: ffffffffffffffda RBX: 00007ffa79be5fa0 RCX: 00007ffa7998f7c9 [ 1371.385854][T25437] RDX: 0000200000000140 RSI: 0000200000000080 RDI: 0000200000000000 [ 1371.385870][T25437] RBP: 00007ffa7a8a9090 R08: 0000000000000000 R09: 0000000000000000 [ 1371.385885][T25437] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000002 [ 1371.385900][T25437] R13: 00007ffa79be6038 R14: 00007ffa79be5fa0 R15: 00007ffd81ec3398 [ 1371.385935][T25437] [ 1372.464107][T25449] svc: failed to register nfsdv3 RPC service (errno 101). [ 1372.506887][T25449] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1374.493943][T25479] netlink: 'syz.3.3990': attribute type 1 has an invalid length. [ 1374.526239][T25479] netlink: 13 bytes leftover after parsing attributes in process `syz.3.3990'. [ 1376.459120][T18066] Bluetooth: hci4: unknown advertising packet type: 0xea [ 1376.524772][T25524] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3999'. [ 1377.400267][T18066] Bluetooth: hci0: unexpected event 0x2f length: 721 > 260 [ 1377.400306][T18066] Bluetooth: hci0: Malformed Event: 0x2f [ 1380.481515][T18066] Bluetooth: hci0: unexpected event 0x2f length: 721 > 260 [ 1380.481554][T18066] Bluetooth: hci0: Malformed Event: 0x2f [ 1383.234584][T25616] random: crng reseeded on system resumption [ 1383.280793][T18066] Bluetooth: hci4: unexpected event 0x2f length: 721 > 260 [ 1383.280833][T18066] Bluetooth: hci4: Malformed Event: 0x2f [ 1384.448560][T25631] svc: failed to register nfsdv3 RPC service (errno 101). [ 1384.480283][T25631] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1385.116007][T25634] svc: failed to register nfsdv3 RPC service (errno 101). [ 1385.124582][T25634] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1385.927801][T25652] FAULT_INJECTION: forcing a failure. [ 1385.927801][T25652] name failslab, interval 1, probability 0, space 0, times 0 [ 1385.945159][T25652] CPU: 1 UID: 0 PID: 25652 Comm: syz.3.4032 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1385.945216][T25652] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1385.945230][T25652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1385.945246][T25652] Call Trace: [ 1385.945255][T25652] [ 1385.945266][T25652] dump_stack_lvl+0x16c/0x1f0 [ 1385.945309][T25652] should_fail_ex+0x512/0x640 [ 1385.945352][T25652] should_failslab+0xc2/0x120 [ 1385.945386][T25652] kmem_cache_alloc_node_noprof+0x78/0x770 [ 1385.945414][T25652] ? zswap_store+0x850/0x2830 [ 1385.945446][T25652] ? zswap_store+0x850/0x2830 [ 1385.945468][T25652] zswap_store+0x850/0x2830 [ 1385.945490][T25652] ? smp_call_function_many_cond+0x3b1/0x1600 [ 1385.945535][T25652] ? __pfx_zswap_store+0x10/0x10 [ 1385.945557][T25652] ? folio_free_swap+0x141/0x4b0 [ 1385.945588][T25652] ? do_raw_spin_unlock+0x172/0x230 [ 1385.945612][T25652] ? _raw_spin_unlock+0x28/0x50 [ 1385.945638][T25652] ? folio_free_swap+0x19d/0x4b0 [ 1385.945677][T25652] swap_writeout+0x3f4/0x1090 [ 1385.945722][T25652] shrink_folio_list+0x3e50/0x4800 [ 1385.945773][T25652] ? __pfx_shrink_folio_list+0x10/0x10 [ 1385.945807][T25652] ? mark_held_locks+0x49/0x80 [ 1385.945843][T25652] ? __lock_acquire+0x622/0x1c90 [ 1385.945902][T25652] ? lock_acquire+0x179/0x350 [ 1385.945936][T25652] ? find_held_lock+0x2b/0x80 [ 1385.945990][T25652] ? __pfx___folio_put+0x10/0x10 [ 1385.946020][T25652] ? __folio_batch_add_and_move+0x5d0/0xc40 [ 1385.946048][T25652] ? __pfx_lru_add+0x10/0x10 [ 1385.946080][T25652] reclaim_folio_list+0xda/0x5d0 [ 1385.946117][T25652] ? __pfx_css_rstat_updated+0x10/0x10 [ 1385.946150][T25652] ? __pfx_reclaim_folio_list+0x10/0x10 [ 1385.946203][T25652] ? lru_gen_update_size+0x543/0xe10 [ 1385.946248][T25652] ? lru_gen_del_folio+0x32b/0x540 [ 1385.946296][T25652] reclaim_pages+0x3ec/0x570 [ 1385.946324][T25652] ? __pfx_reclaim_pages+0x10/0x10 [ 1385.946349][T25652] ? madvise_cold_or_pageout_pte_range+0x1e2f/0x20d0 [ 1385.946396][T25652] madvise_cold_or_pageout_pte_range+0x14d1/0x20d0 [ 1385.946442][T25652] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 1385.946472][T25652] ? __lock_acquire+0x622/0x1c90 [ 1385.946508][T25652] ? __pfx_stack_trace_save+0x10/0x10 [ 1385.946537][T25652] ? css_rstat_updated+0x1c2/0x510 [ 1385.946568][T25652] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 1385.946606][T25652] walk_pgd_range+0xc05/0x1f50 [ 1385.946661][T25652] ? __pfx_walk_pgd_range+0x10/0x10 [ 1385.946696][T25652] __walk_page_range+0x163/0x820 [ 1385.946731][T25652] ? __lock_acquire+0xb8a/0x1c90 [ 1385.946768][T25652] walk_page_range_vma+0x2c7/0xa20 [ 1385.946802][T25652] ? __pfx_walk_page_range_vma+0x10/0x10 [ 1385.946829][T25652] ? find_held_lock+0x2b/0x80 [ 1385.946868][T25652] madvise_pageout+0x257/0x540 [ 1385.946901][T25652] ? __pfx_madvise_pageout+0x10/0x10 [ 1385.946951][T25652] ? mtree_range_walk+0x718/0xc00 [ 1385.946984][T25652] madvise_vma_behavior+0xb14/0x2d50 [ 1385.947028][T25652] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1385.947066][T25652] ? __pfx_mt_find+0x10/0x10 [ 1385.947106][T25652] ? find_vma_prev+0xd3/0x150 [ 1385.947147][T25652] ? find_vma+0xbf/0x140 [ 1385.947176][T25652] ? __pfx_find_vma+0x10/0x10 [ 1385.947206][T25652] ? __lock_acquire+0x622/0x1c90 [ 1385.947243][T25652] madvise_walk_vmas+0x31f/0x9c0 [ 1385.947291][T25652] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1385.947339][T25652] madvise_do_behavior+0x1e2/0x530 [ 1385.947375][T25652] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1385.947408][T25652] ? down_read+0x13d/0x480 [ 1385.947456][T25652] do_madvise+0x176/0x240 [ 1385.947486][T25652] ? __pfx_do_madvise+0x10/0x10 [ 1385.947518][T25652] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1385.947558][T25652] ? __fget_files+0x20e/0x3c0 [ 1385.947598][T25652] ? __pfx_ksys_write+0x10/0x10 [ 1385.947634][T25652] __x64_sys_madvise+0xa9/0x110 [ 1385.947668][T25652] ? lockdep_hardirqs_on+0x7c/0x110 [ 1385.947699][T25652] do_syscall_64+0xcd/0xfa0 [ 1385.947733][T25652] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1385.947760][T25652] RIP: 0033:0x7ff38c38f7c9 [ 1385.947783][T25652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1385.947808][T25652] RSP: 002b:00007ff38d1d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1385.947833][T25652] RAX: ffffffffffffffda RBX: 00007ff38c5e6270 RCX: 00007ff38c38f7c9 [ 1385.947851][T25652] RDX: 0000000000000015 RSI: ffffffffffff0001 RDI: 0000000000000000 [ 1385.947868][T25652] RBP: 00007ff38d1d5090 R08: 0000000000000000 R09: 0000000000000000 [ 1385.947885][T25652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1385.947900][T25652] R13: 00007ff38c5e6308 R14: 00007ff38c5e6270 R15: 00007ffc46d64148 [ 1385.947939][T25652] [ 1385.963413][T25639] svc: failed to register nfsdv3 RPC service (errno 101). [ 1386.069363][T25651] random: crng reseeded on system resumption [ 1386.516088][T25639] svc: failed to register nfsaclv3 RPC service (errno 512). [ 1390.008383][T25707] svc: failed to register nfsdv3 RPC service (errno 101). [ 1390.032858][T25707] svc: failed to register nfsaclv3 RPC service (errno 101). [ 1394.356308][T25782] FAULT_INJECTION: forcing a failure. [ 1394.356308][T25782] name failslab, interval 1, probability 0, space 0, times 0 [ 1394.431200][T25782] CPU: 0 UID: 0 PID: 25782 Comm: syz.0.4062 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1394.431247][T25782] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1394.431255][T25782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1394.431264][T25782] Call Trace: [ 1394.431269][T25782] [ 1394.431276][T25782] dump_stack_lvl+0x16c/0x1f0 [ 1394.431299][T25782] should_fail_ex+0x512/0x640 [ 1394.431320][T25782] ? __kmalloc_noprof+0xca/0x880 [ 1394.431335][T25782] should_failslab+0xc2/0x120 [ 1394.431354][T25782] __kmalloc_noprof+0xdd/0x880 [ 1394.431367][T25782] ? copy_splice_read+0x1a8/0xc20 [ 1394.431383][T25782] ? copy_splice_read+0x1a8/0xc20 [ 1394.431395][T25782] copy_splice_read+0x1a8/0xc20 [ 1394.431413][T25782] ? __pfx_copy_splice_read+0x10/0x10 [ 1394.431428][T25782] ? look_up_lock_class+0x59/0x150 [ 1394.431453][T25782] ? lockdep_init_map_type+0x5c/0x280 [ 1394.431474][T25782] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1394.431492][T25782] ? __pfx_copy_splice_read+0x10/0x10 [ 1394.431504][T25782] do_splice_read+0x285/0x370 [ 1394.431520][T25782] splice_direct_to_actor+0x2a1/0xa30 [ 1394.431535][T25782] ? __pfx_direct_splice_actor+0x10/0x10 [ 1394.431553][T25782] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1394.431566][T25782] ? get_pid_task+0xfc/0x250 [ 1394.431589][T25782] do_splice_direct+0x174/0x240 [ 1394.431604][T25782] ? __pfx_do_splice_direct+0x10/0x10 [ 1394.431618][T25782] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1394.431647][T25782] ? rw_verify_area+0xcf/0x6c0 [ 1394.431663][T25782] do_sendfile+0xb06/0xe50 [ 1394.431680][T25782] ? __pfx_do_sendfile+0x10/0x10 [ 1394.431695][T25782] ? __fget_files+0x20e/0x3c0 [ 1394.431714][T25782] __x64_sys_sendfile64+0x1d8/0x220 [ 1394.431732][T25782] ? ksys_write+0x1ac/0x250 [ 1394.431747][T25782] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1394.431770][T25782] do_syscall_64+0xcd/0xfa0 [ 1394.431788][T25782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1394.431803][T25782] RIP: 0033:0x7ffa7998f7c9 [ 1394.431815][T25782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1394.431829][T25782] RSP: 002b:00007ffa7a8a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1394.431843][T25782] RAX: ffffffffffffffda RBX: 00007ffa79be5fa0 RCX: 00007ffa7998f7c9 [ 1394.431852][T25782] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 1394.431861][T25782] RBP: 00007ffa7a8a9090 R08: 0000000000000000 R09: 0000000000000000 [ 1394.431869][T25782] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 1394.431878][T25782] R13: 00007ffa79be6038 R14: 00007ffa79be5fa0 R15: 00007ffd81ec3398 [ 1394.431896][T25782] [ 1398.513090][T25822] ================================================================== [ 1398.513112][T25822] BUG: KASAN: slab-use-after-free in fbcon_prepare_logo+0xa03/0xc70 [ 1398.513163][T25822] Read of size 62 at addr ffff88807da2156e by task syz.2.4072/25822 [ 1398.513189][T25822] [ 1398.513206][T25822] CPU: 1 UID: 0 PID: 25822 Comm: syz.2.4072 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1398.513266][T25822] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1398.513282][T25822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1398.513300][T25822] Call Trace: [ 1398.513310][T25822] [ 1398.513321][T25822] dump_stack_lvl+0x116/0x1f0 [ 1398.513356][T25822] print_report+0xcd/0x630 [ 1398.513393][T25822] ? __virt_addr_valid+0x81/0x610 [ 1398.513430][T25822] ? __phys_addr+0xe8/0x180 [ 1398.513466][T25822] ? fbcon_prepare_logo+0xa03/0xc70 [ 1398.513516][T25822] kasan_report+0xe0/0x110 [ 1398.513553][T25822] ? fbcon_prepare_logo+0xa03/0xc70 [ 1398.513598][T25822] kasan_check_range+0x100/0x1b0 [ 1398.513640][T25822] __asan_memcpy+0x23/0x60 [ 1398.513670][T25822] fbcon_prepare_logo+0xa03/0xc70 [ 1398.513717][T25822] fbcon_init+0xd77/0x1900 [ 1398.513758][T25822] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 1398.513802][T25822] visual_init+0x320/0x620 [ 1398.513855][T25822] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1398.513892][T25822] store_bind+0x61d/0x760 [ 1398.513923][T25822] ? sysfs_file_kobj+0xe4/0x290 [ 1398.513955][T25822] ? __pfx_store_bind+0x10/0x10 [ 1398.513982][T25822] dev_attr_store+0x58/0x80 [ 1398.514021][T25822] ? __pfx_dev_attr_store+0x10/0x10 [ 1398.514060][T25822] sysfs_kf_write+0xf2/0x150 [ 1398.514091][T25822] kernfs_fop_write_iter+0x3af/0x570 [ 1398.514118][T25822] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1398.514151][T25822] iter_file_splice_write+0xa24/0x12e0 [ 1398.514193][T25822] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1398.514227][T25822] ? __pfx_copy_splice_read+0x10/0x10 [ 1398.514264][T25822] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1398.514296][T25822] direct_splice_actor+0x192/0x6c0 [ 1398.514327][T25822] splice_direct_to_actor+0x345/0xa30 [ 1398.514358][T25822] ? __pfx_direct_splice_actor+0x10/0x10 [ 1398.514392][T25822] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1398.514426][T25822] do_splice_direct+0x174/0x240 [ 1398.514455][T25822] ? __pfx_do_splice_direct+0x10/0x10 [ 1398.514483][T25822] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1398.514531][T25822] ? rw_verify_area+0xcf/0x6c0 [ 1398.514560][T25822] do_sendfile+0xb06/0xe50 [ 1398.514593][T25822] ? __pfx_do_sendfile+0x10/0x10 [ 1398.514625][T25822] ? __x64_sys_futex+0x1e0/0x4c0 [ 1398.514662][T25822] ? __x64_sys_futex+0x1e9/0x4c0 [ 1398.514700][T25822] __x64_sys_sendfile64+0x1d8/0x220 [ 1398.514738][T25822] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1398.514779][T25822] do_syscall_64+0xcd/0xfa0 [ 1398.514811][T25822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1398.514850][T25822] RIP: 0033:0x7fbec2b8f7c9 [ 1398.514873][T25822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1398.514901][T25822] RSP: 002b:00007fbec3ad9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1398.514929][T25822] RAX: ffffffffffffffda RBX: 00007fbec2de5fa0 RCX: 00007fbec2b8f7c9 [ 1398.514950][T25822] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 1398.514968][T25822] RBP: 00007fbec2c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1398.514987][T25822] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1398.515005][T25822] R13: 00007fbec2de6038 R14: 00007fbec2de5fa0 R15: 00007ffe0eec8a38 [ 1398.515035][T25822] [ 1398.515045][T25822] [ 1398.515053][T25822] Allocated by task 25822: [ 1398.515067][T25822] kasan_save_stack+0x33/0x60 [ 1398.515102][T25822] kasan_save_track+0x14/0x30 [ 1398.515134][T25822] __kasan_kmalloc+0xaa/0xb0 [ 1398.515163][T25822] vkms_plane_duplicate_state+0x45/0x130 [ 1398.515203][T25822] drm_atomic_get_plane_state+0x20e/0x590 [ 1398.515239][T25822] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 1398.515278][T25822] drm_client_modeset_commit_locked+0x14d/0x580 [ 1398.515317][T25822] drm_client_modeset_commit+0x4f/0x80 [ 1398.515353][T25822] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 1398.515388][T25822] drm_fb_helper_set_par+0xd8/0x120 [ 1398.515414][T25822] fbcon_init+0x8ab/0x1900 [ 1398.515441][T25822] visual_init+0x320/0x620 [ 1398.515470][T25822] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1398.515496][T25822] store_bind+0x61d/0x760 [ 1398.515516][T25822] dev_attr_store+0x58/0x80 [ 1398.515547][T25822] sysfs_kf_write+0xf2/0x150 [ 1398.515582][T25822] kernfs_fop_write_iter+0x3af/0x570 [ 1398.515603][T25822] iter_file_splice_write+0xa24/0x12e0 [ 1398.515628][T25822] direct_splice_actor+0x192/0x6c0 [ 1398.515651][T25822] splice_direct_to_actor+0x345/0xa30 [ 1398.515672][T25822] do_splice_direct+0x174/0x240 [ 1398.515695][T25822] do_sendfile+0xb06/0xe50 [ 1398.515719][T25822] __x64_sys_sendfile64+0x1d8/0x220 [ 1398.515751][T25822] do_syscall_64+0xcd/0xfa0 [ 1398.515780][T25822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1398.515806][T25822] [ 1398.515822][T25822] Freed by task 25822: [ 1398.515835][T25822] kasan_save_stack+0x33/0x60 [ 1398.515864][T25822] kasan_save_track+0x14/0x30 [ 1398.515892][T25822] __kasan_save_free_info+0x3b/0x60 [ 1398.515915][T25822] __kasan_slab_free+0x5f/0x80 [ 1398.515950][T25822] kfree+0x2b8/0x6d0 [ 1398.515971][T25822] drm_atomic_state_default_clear+0x69e/0xe40 [ 1398.516008][T25822] __drm_atomic_state_free+0x185/0x2b0 [ 1398.516044][T25822] drm_client_modeset_commit_atomic+0x6b2/0x7e0 [ 1398.516080][T25822] drm_client_modeset_commit_locked+0x14d/0x580 [ 1398.516118][T25822] drm_fb_helper_pan_display+0x32d/0xa40 [ 1398.516156][T25822] fb_pan_display+0x47c/0x7d0 [ 1398.516190][T25822] bit_update_start+0x49/0x1f0 [ 1398.516227][T25822] fbcon_switch+0xbf8/0x1420 [ 1398.516261][T25822] redraw_screen+0x2c1/0x760 [ 1398.516290][T25822] vc_do_resize+0xed0/0x10e0 [ 1398.516313][T25822] fbcon_init+0xd53/0x1900 [ 1398.516346][T25822] visual_init+0x320/0x620 [ 1398.516380][T25822] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1398.516406][T25822] store_bind+0x61d/0x760 [ 1398.516429][T25822] dev_attr_store+0x58/0x80 [ 1398.516463][T25822] sysfs_kf_write+0xf2/0x150 [ 1398.516489][T25822] kernfs_fop_write_iter+0x3af/0x570 [ 1398.516512][T25822] iter_file_splice_write+0xa24/0x12e0 [ 1398.516538][T25822] direct_splice_actor+0x192/0x6c0 [ 1398.516572][T25822] splice_direct_to_actor+0x345/0xa30 [ 1398.516598][T25822] do_splice_direct+0x174/0x240 [ 1398.516621][T25822] do_sendfile+0xb06/0xe50 [ 1398.516645][T25822] __x64_sys_sendfile64+0x1d8/0x220 [ 1398.516678][T25822] do_syscall_64+0xcd/0xfa0 [ 1398.516707][T25822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1398.516732][T25822] [ 1398.516740][T25822] The buggy address belongs to the object at ffff88807da21400 [ 1398.516740][T25822] which belongs to the cache kmalloc-512 of size 512 [ 1398.516762][T25822] The buggy address is located 366 bytes inside of [ 1398.516762][T25822] freed 512-byte region [ffff88807da21400, ffff88807da21600) [ 1398.516791][T25822] [ 1398.516799][T25822] The buggy address belongs to the physical page: [ 1398.516827][T25822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7da20 [ 1398.516852][T25822] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1398.516875][T25822] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1398.516901][T25822] page_type: f5(slab) [ 1398.516925][T25822] raw: 00fff00000000040 ffff88813ffa6c80 0000000000000000 dead000000000001 [ 1398.516950][T25822] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1398.516976][T25822] head: 00fff00000000040 ffff88813ffa6c80 0000000000000000 dead000000000001 [ 1398.517001][T25822] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1398.517026][T25822] head: 00fff00000000002 ffffea0001f68801 00000000ffffffff 00000000ffffffff [ 1398.517051][T25822] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 1398.517065][T25822] page dumped because: kasan: bad access detected [ 1398.517083][T25822] page_owner tracks the page as allocated [ 1398.517094][T25822] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5484, tgid 5484 (S40network), ts 52031679522, free_ts 43357686212 [ 1398.517142][T25822] post_alloc_hook+0x1af/0x220 [ 1398.517179][T25822] get_page_from_freelist+0x10a3/0x3a30 [ 1398.517205][T25822] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 1398.517232][T25822] alloc_pages_mpol+0x1fb/0x550 [ 1398.517263][T25822] new_slab+0x24a/0x360 [ 1398.517298][T25822] ___slab_alloc+0xd79/0x1a50 [ 1398.517335][T25822] __slab_alloc.constprop.0+0x63/0x110 [ 1398.517373][T25822] __kmalloc_noprof+0x501/0x880 [ 1398.517394][T25822] tomoyo_init_log+0x1385/0x2140 [ 1398.517422][T25822] tomoyo_supervisor+0x302/0x13b0 [ 1398.517454][T25822] tomoyo_path_permission+0x270/0x3b0 [ 1398.517491][T25822] tomoyo_path_perm+0x362/0x460 [ 1398.517512][T25822] security_inode_getattr+0x116/0x290 [ 1398.517537][T25822] vfs_statx+0x121/0x3f0 [ 1398.517568][T25822] vfs_fstatat+0x7b/0xf0 [ 1398.517600][T25822] __do_sys_newfstatat+0x97/0x120 [ 1398.517634][T25822] page last free pid 5209 tgid 5209 stack trace: [ 1398.517650][T25822] __free_frozen_pages+0x7df/0x1160 [ 1398.517685][T25822] qlist_free_all+0x4d/0x120 [ 1398.517711][T25822] kasan_quarantine_reduce+0x195/0x1e0 [ 1398.517740][T25822] __kasan_slab_alloc+0x69/0x90 [ 1398.517771][T25822] __kvmalloc_node_noprof+0x35c/0x9c0 [ 1398.517800][T25822] seq_read_iter+0x830/0x12d0 [ 1398.517842][T25822] kernfs_fop_read_iter+0x46c/0x610 [ 1398.517867][T25822] vfs_read+0x8bf/0xcf0 [ 1398.517892][T25822] ksys_read+0x12a/0x250 [ 1398.517917][T25822] do_syscall_64+0xcd/0xfa0 [ 1398.517947][T25822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1398.517973][T25822] [ 1398.517979][T25822] Memory state around the buggy address: [ 1398.517994][T25822] ffff88807da21400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1398.518014][T25822] ffff88807da21480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1398.518039][T25822] >ffff88807da21500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1398.518054][T25822] ^ [ 1398.518070][T25822] ffff88807da21580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1398.518089][T25822] ffff88807da21600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1398.518104][T25822] ================================================================== [ 1398.558282][T25822] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1398.558309][T25822] CPU: 0 UID: 0 PID: 25822 Comm: syz.2.4072 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1398.558368][T25822] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1398.558404][T25822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1398.558422][T25822] Call Trace: [ 1398.558431][T25822] [ 1398.558443][T25822] dump_stack_lvl+0x3d/0x1f0 [ 1398.558482][T25822] vpanic+0x640/0x6f0 [ 1398.558520][T25822] panic+0xca/0xd0 [ 1398.558556][T25822] ? __pfx_panic+0x10/0x10 [ 1398.558592][T25822] ? fbcon_prepare_logo+0xa03/0xc70 [ 1398.558631][T25822] ? preempt_schedule_common+0x44/0xc0 [ 1398.558664][T25822] ? preempt_schedule_thunk+0x16/0x30 [ 1398.558707][T25822] ? check_panic_on_warn+0x1f/0xb0 [ 1398.558746][T25822] check_panic_on_warn+0xab/0xb0 [ 1398.558785][T25822] end_report+0x107/0x170 [ 1398.558819][T25822] kasan_report+0xee/0x110 [ 1398.558845][T25822] ? fbcon_prepare_logo+0xa03/0xc70 [ 1398.558878][T25822] kasan_check_range+0x100/0x1b0 [ 1398.558909][T25822] __asan_memcpy+0x23/0x60 [ 1398.558933][T25822] fbcon_prepare_logo+0xa03/0xc70 [ 1398.558985][T25822] fbcon_init+0xd77/0x1900 [ 1398.559024][T25822] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 1398.559119][T25822] visual_init+0x320/0x620 [ 1398.559163][T25822] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1398.559194][T25822] store_bind+0x61d/0x760 [ 1398.559221][T25822] ? sysfs_file_kobj+0xe4/0x290 [ 1398.559251][T25822] ? __pfx_store_bind+0x10/0x10 [ 1398.559277][T25822] dev_attr_store+0x58/0x80 [ 1398.559317][T25822] ? __pfx_dev_attr_store+0x10/0x10 [ 1398.559354][T25822] sysfs_kf_write+0xf2/0x150 [ 1398.559384][T25822] kernfs_fop_write_iter+0x3af/0x570 [ 1398.559414][T25822] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1398.559455][T25822] iter_file_splice_write+0xa24/0x12e0 [ 1398.559495][T25822] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1398.559527][T25822] ? __pfx_copy_splice_read+0x10/0x10 [ 1398.559562][T25822] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1398.559591][T25822] direct_splice_actor+0x192/0x6c0 [ 1398.559622][T25822] splice_direct_to_actor+0x345/0xa30 [ 1398.559647][T25822] ? __pfx_direct_splice_actor+0x10/0x10 [ 1398.559675][T25822] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1398.559706][T25822] do_splice_direct+0x174/0x240 [ 1398.559733][T25822] ? __pfx_do_splice_direct+0x10/0x10 [ 1398.559761][T25822] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1398.559805][T25822] ? rw_verify_area+0xcf/0x6c0 [ 1398.559830][T25822] do_sendfile+0xb06/0xe50 [ 1398.559860][T25822] ? __pfx_do_sendfile+0x10/0x10 [ 1398.559889][T25822] ? __x64_sys_futex+0x1e0/0x4c0 [ 1398.559924][T25822] ? __x64_sys_futex+0x1e9/0x4c0 [ 1398.559961][T25822] __x64_sys_sendfile64+0x1d8/0x220 [ 1398.559997][T25822] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1398.560038][T25822] do_syscall_64+0xcd/0xfa0 [ 1398.560079][T25822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1398.560115][T25822] RIP: 0033:0x7fbec2b8f7c9 [ 1398.560137][T25822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1398.560165][T25822] RSP: 002b:00007fbec3ad9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1398.560193][T25822] RAX: ffffffffffffffda RBX: 00007fbec2de5fa0 RCX: 00007fbec2b8f7c9 [ 1398.560212][T25822] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 1398.560228][T25822] RBP: 00007fbec2c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1398.560245][T25822] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1398.560262][T25822] R13: 00007fbec2de6038 R14: 00007fbec2de5fa0 R15: 00007ffe0eec8a38 [ 1398.560290][T25822] [ 1398.560720][T25822] Kernel Offset: disabled