last executing test programs: 7.84879692s ago: executing program 2 (id=1888): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) socket(0xf, 0x3, 0x2) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x80e42, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000001c0)) socket(0x2, 0x1, 0x3) syz_genetlink_get_family_id$auto_taskstats(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0xa, 0x4e7) close_range$auto(r1, 0x5, 0x5f7) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) semctl$auto(0x1, 0xfdfffffe, 0xffffffff, 0x5) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) timer_create$auto(0x9, &(0x7f0000000100)={@sival_ptr=0x0, @inferred, 0x1, @_tid=0xffffffffffffffff}, &(0x7f0000000140)=0x6) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r3 = openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/netdevsim/netdevsim2/trap_flow_action_cookie\x00', 0x9a002, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd11/queue/iostats_passthrough\x00', 0x2a001, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x850) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042cbd7000fb3d89cb809172a3320003008000400088"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) write$auto(r4, &(0x7f00000000c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x101) write$auto(r3, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x3) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/adsp1\x00', 0x26940, 0x0) 6.467048882s ago: executing program 2 (id=1894): sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x1f00, 0x0, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000006c0)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdc01}, 0x14}, 0x1, 0x0, 0x0, 0x840}, 0x40d0) setitimer$auto(0x2, &(0x7f0000000040)={{0x0, 0x5}, {0x0, 0x8}}, 0x0) setitimer$auto_ITIMER_PROF(0x2, 0x0, 0x0) open_tree_attr$auto(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x100, &(0x7f00000001c0)={0x3, 0x0, 0x7fff, @raw=0x5}, 0x8) socket(0x2, 0xa, 0xe57a) socket(0x21, 0x2, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/reboot/cpu\x00', 0x4, 0x0) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x20282, 0x0) ioctl$auto_UI_DEV_SETUP(r2, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x9, 0x80}, "6a034a07c7b8edb8fc3b39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x6}) ioctl$auto_UI_DEV_CREATE(r2, 0x5501, 0x0) 5.635435571s ago: executing program 2 (id=1896): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = open(&(0x7f0000000000)='./cgroup\x00', 0x400, 0x64) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0xa, 0x1, 0x84) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x5, 0xfffffffffffffffa, 0x1ffde, 0x0, 0xa, 0x1, 0x9, 0x3, 0x9, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0xadd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf81]}, 0x1fe, 0x200d) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000380)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x6}, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x80}, 0x40000) 5.249956676s ago: executing program 2 (id=1899): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xfd}}, 0x6b) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) r2 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x288000, 0x0) ioctl$auto_OSS_ALSAEMULVER(r2, 0x40086602, &(0x7f0000000100)) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xffffffffffffffff, @new_map_fd, 0x80, @old_map_fd}, 0xa3) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000080)={0x9, &(0x7f0000000000)={0xc, 0xf1, 0xb0, @raw=0x43}}) open(0x0, 0x4242, 0x40) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0x8000000000df, 0x11, 0x2, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) socket(0x21, 0x0, 0x73) socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @private=0xa010101}, 0x54) openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/current_tracer\x00', 0x40482, 0x0) mmap$auto(0x0, 0x3, 0x780, 0xeb1, 0xfffffffffffffffa, 0x8000) rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8) rt_sigaction$auto(0x5, &(0x7f0000000140)={&(0x7f0000000040)=0x0, 0x9, 0x0, {0x81}}, 0x0, 0x8) bind$auto(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x9, "cc00000008f0ffffff000100"}, 0x6b) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) 3.596977809s ago: executing program 2 (id=1908): r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0) socket(0x2, 0x1, 0x106) ioctl$auto(0xffffffffffffffff, 0xab07, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_SET_COALESCE(0xffffffffffffffff, 0x0, 0x0) setsockopt$auto_SO_MARK(0xffffffffffffffff, 0x6, 0x24, &(0x7f0000000380)='\x00', 0x163fdb7e) r2 = socket$nl_generic(0x10, 0x3, 0x10) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) semctl$auto(0x8, 0x806, 0x13, 0x46) sendmsg$auto_NL802154_CMD_STOP_BEACONS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000844}, 0x50) msgctl$auto_IPC_INFO(0x7, 0x3, &(0x7f0000000200)={{0x13b8, 0x0, 0xee01, 0x100, 0x3, 0x7fffffff, 0x3afa}, &(0x7f0000000180)=0x3, &(0x7f00000001c0)=0xa, 0x7, 0x3, 0x9, 0x4, 0x8, 0xffff, 0xfffd, 0x6498, @raw=0x71, @raw=0xa}) setsockopt$auto(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x10000) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)={0x14, r3, 0x1, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/nbd12\x00', 0x10000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(r2, 0x0, 0x100082) read$auto(0xffffffffffffffff, 0x0, 0x1f) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/orangefs/slot_timeout_secs\x00', 0x102, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x1000000fffd}, 0x1) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xeffd) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7) write$auto_nvmf_dev_fops_fabrics(r0, 0x0, 0x0) 3.359283647s ago: executing program 3 (id=1910): mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x9000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) mmap$auto(0x0, 0x400008, 0x8, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x8, 0x80002, 0x73) socket(0x8, 0x80000, 0x7f27) bind$auto(r0, &(0x7f0000000040)=@sco={0x1f, @none}, 0x2) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) write$auto(0x3, 0x0, 0xfdef) read$auto(0x3, 0x0, 0x1f40) read$auto(0x3, 0x0, 0x1f40) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000001c0)=0x6) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x3, 0x0) userfaultfd$auto(0x1) close_range$auto(r2, r2, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) prctl$auto(0x3e, 0x2, 0x0, 0x2, 0x0) mmap$auto(0x6, 0x101, 0x7ffd, 0x3fa, r2, 0x1000008000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0xd, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x1, &(0x7f0000000000)='Q**\x00', &(0x7f00000010c0)="2b24cdedb9695dfa1dab611cbf65de02f9dabf93ebe2bd0a211713009ee488a113e980c7d3f5a70b4e275a88c56fe1edd1f4a0", 0x0) r3 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000240)='/dev/mtd0\x00', 0x80200, 0x0) ioctl$auto_OTPGETREGIONINFO(r3, 0x400c4d0f, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/serial8250/serial8250:0/serial8250:0.1/tty/ttyS1/iomem_base\x00', 0x182122, 0x0) sendfile$auto(r4, r4, 0x0, 0x2000004003) prctl$auto(0x3e, 0x4, 0x0, 0x1, 0x4) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone(0x12c11, 0x0, 0x0, 0x0, 0x0, 0x0) 3.181381998s ago: executing program 1 (id=1911): mmap$auto(0x0, 0x400008, 0x4df, 0x9b72, 0x1fe, 0x8000) madvise$auto(0x0, 0x200204, 0x15) madvise$auto(0x108000, 0x800032, 0x4) madvise$auto(0x0, 0x200007, 0x19) socket(0x2, 0x1, 0x106) ioctl$auto(0xffffffffffffffff, 0x400064c8, 0xffffffffffffffff) r0 = openat$auto_fops_u16_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim1/psample/out_tc\x00', 0x402, 0x0) fcntl$auto_F_SETPIPE_SZ(r0, 0x407, 0x10000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x31f801, 0x0) 3.049304058s ago: executing program 3 (id=1912): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) io_uring_setup$auto(0x5d, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2000, 0x6, 0x7, 0x8, 0xffffffffffffffff, [0x0, 0x0, 0x9], {0x6, 0x6, 0x8c48, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x498de616, 0x6, 0x1, 0x0, 0x76c5, 0x7e7, 0x100000000}}) r0 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, 0x0, 0x80000, 0x0) readv$auto(r0, &(0x7f0000000040)={0x0, 0x2}, 0x5) 2.843031842s ago: executing program 3 (id=1914): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(0xffffffffffffffff, 0x0, 0x20000040) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(r0, 0xc1004111, 0x0) r1 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, 0x0, 0x189000, 0x0) readv$auto(r1, &(0x7f00000018c0)={0x0, 0x1}, 0x9) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x83, &(0x7f0000000000)='\xc8\xfdV%A$\\\xf7\\\x00', &(0x7f0000000040)=0x1008) ioctl$auto_BLKFLSBUF(0xffffffffffffffff, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_RTC_UIE_ON(r3, 0x7003, 0x0) ioctl$auto_RTC_SET_TIME(r3, 0x4024700a, &(0x7f0000000040)={0x1f, 0x7, 0x5, 0x2, 0x2, 0x80000, 0xcb, 0x6c36, 0x6}) fanotify_init$auto(0x64, 0x100006) r4 = socket(0x10, 0x80002, 0x8) close_range$auto(r4, r4, 0x0) pipe$auto(0x0) splice$auto(r4, 0x0, 0x2, 0x0, 0x3fb, 0x9) write$auto(0x6, 0x0, 0x100000001) dup2$auto(0x5, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) 2.826505834s ago: executing program 0 (id=1915): r0 = openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x20400, 0x0) write$auto(r0, &(0x7f0000000000)='.[\x00', 0x6) read$auto_page_owner_stack_operations_page_owner(r0, &(0x7f0000000200)=""/196, 0xc4) 2.602260574s ago: executing program 0 (id=1916): memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x1004) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x1e3800, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) connect$auto(0x4, 0x0, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x2000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto(0x3, 0xae41, r1) r2 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/kvm/halt_poll_fail_hist\x00', 0xa2500, 0x0) read$auto_stat_fops_per_vm_kvm_main(r2, 0x0, 0x0) 2.399176062s ago: executing program 1 (id=1917): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/zram-control/hot_remove\x00', 0x80000, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv6/conf/wg0/accept_dad\x00', 0xd00, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0x101500, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) inotify_init1$auto(0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x140242, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x10}, 0x3) openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) 2.216099737s ago: executing program 0 (id=1918): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = open(&(0x7f0000000000)='./cgroup\x00', 0x400, 0x64) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0xa, 0x1, 0x84) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x5, 0xfffffffffffffffa, 0x1ffde, 0x0, 0xa, 0x1, 0x9, 0x3, 0x9, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0xadd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf81]}, 0x1fe, 0x200d) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000380)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x6}, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x80}, 0x40000) 2.111990592s ago: executing program 1 (id=1919): socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) pipe2$auto(0x0, 0x80) keyctl$auto(0x6, 0x0, 0xee00, 0x5, 0x626ca8eb) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/zswap/parameters/enabled\x00', 0x62, 0x0) write$auto(r2, &(0x7f0000000440)='ON\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf0F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\xed\'\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0xb8c5) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010027bd7000fbdbdf4304000043000800170008000000"], 0x1c}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="11000000", 0x4) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x20401, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) kill$auto(0x0, 0x11) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(r3, r4, 0x0, 0x1000200) tkill$auto(0x0, 0x7) socket(0xa, 0x1, 0x1) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) close_range$auto(0x2, 0x8000, 0x0) 2.062063871s ago: executing program 2 (id=1920): unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x7, 0x12, 0xffffffffffffffff, 0xf4e) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000001bc0)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf228cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d55745eff6aa689e859dcaeff39bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f3829c8a4c33fe0fbc81dd579bbdb44eda4f335d2bc512ca7f38f603c29033c94df2c9533f4422432f574a021e90a0fe3a4cf54de46e25986315b30956face49e26e8dcbcc9e1363627a9f38a2ee8304307dab4013d77f4c337551e2a6ac230788513cdd15e734263e4973c75757d9809c510977adc3be6c5b110597b09c7dad1f54e4506744710b53221e4a7982ac4c59bfae6370258b5af7864a4ca680addd736e35da579cc0e975e6cdefa3d082c8b4b10b205415c32797d9450c002895c9b40", 0xd4f) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0xe, 0x0, 0x20) ioctl$auto_IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0) shmctl$auto(0x0, 0xd, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001680), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000000), r2) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, r2) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x1) 1.78131594s ago: executing program 3 (id=1921): r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x300, 0x0) mmap$auto(0x0, 0x805, 0xdf, 0xeb1, 0x401, 0x7ffd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) ioctl$auto(0x3, 0x400454da, r1) read$auto(r0, 0x0, 0x1f40) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x2, 0x0) writev$auto(r2, &(0x7f00000000c0)={0x0, 0x7}, 0x3) getpgid$auto(0x0) syslog$auto(0x3, 0xfffffffffffffffd, 0x6) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x101600, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/rpc/auth.unix.gid/content\x00', 0x80000, 0x0) io_uring_register$auto_IORING_UNREGISTER_IOWQ_AFF(r2, 0x12, &(0x7f0000000080)="103d4e84fb438ff0ee71d77f127c7d85d1cd13b8569fbf123f51b19e256bfb2a355f215f0bda0f73425e0af2c13f4f8167b587ee9c452911d9af68cd5e49", 0x7f) pread64$auto(r3, &(0x7f0000000540)='veth1\x00\xe0,\x17\xa0\xf7\x89Pl\x84K?\x01\x84\xa1i\xe00\x81p\xa0U \f\xdbP`:\xe2\'\xa7\xbf\xbd\x04\x18\xad\x90I^\x99M\xe0W\x14\x11\xf4\xeb\x90:\v\xc5\x13*\xfe\x90\xb1\xa9O\xa5?\xaa\x8fTi\xd6\x88Q\xda\xca', 0x20000000003f, 0x8) 1.427268754s ago: executing program 3 (id=1922): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) io_uring_setup$auto(0x5d, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2000, 0x6, 0x7, 0x8, 0xffffffffffffffff, [0x0, 0x0, 0x9], {0x6, 0x6, 0x8c48, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x498de616, 0x6, 0x1, 0x0, 0x76c5, 0x7e7, 0x100000000}}) r0 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, 0x0, 0x80000, 0x0) readv$auto(r0, &(0x7f0000000040)={0x0, 0x2}, 0x5) 1.328603794s ago: executing program 0 (id=1923): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, 0x0, 0x0) 1.16949608s ago: executing program 3 (id=1924): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlockall$auto(0xfffffff9) r0 = timerfd_create$auto(0x9, 0x0) timerfd_settime$auto(r0, 0x0, &(0x7f0000000000)={{0x10, 0x3ff}, {0x10, 0x6}}, 0x0) syslog$auto(0x3, 0x0, 0x1013) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r1, &(0x7f0000000200)="352c8efa610c0bcf83a4ebdb040000000000000021cb244b19a48bb5e0d12df9735b745b9554dfb0ad77a37be296", 0x2e) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_NEW(r2, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000001240)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x40) ioctl$auto(0xffffffffffffffff, 0x8912, 0x38) mmap$auto(0x0, 0x8, 0x4, 0x9b72, 0x2, 0x8000) kcmp$auto(0x1, 0x1, 0x7, 0x4, 0xe) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000) io_uring_setup$auto(0x4, 0x0) socket(0x2, 0x3, 0xe3) unshare$auto(0x40000080) settimeofday$auto(0x0, &(0x7f0000000100)={0x81, 0x4}) getsockopt$auto(0xffffffffffffffff, 0x10002, 0x2, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) socket(0xa, 0x5, 0x0) socket(0x2, 0x80000, 0x0) listen$auto(0x3, 0x81) 1.03055186s ago: executing program 1 (id=1925): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd5/queue/write_zeroes_max_bytes\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)=""/45, 0x2d) 853.007365ms ago: executing program 1 (id=1926): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/zram-control/hot_remove\x00', 0x80000, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv6/conf/wg0/accept_dad\x00', 0xd00, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0x101500, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) inotify_init1$auto(0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) socket(0xa, 0x1, 0x84) socket(0x18, 0x5, 0x2) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x140242, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) 599.056896ms ago: executing program 1 (id=1927): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x82000, 0x0) r0 = socket(0xa, 0x1, 0x100) mmap$auto(0x0, 0x420008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto(0x3, 0x0, 0x7f) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x5) getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, &(0x7f00000001c0)='/dev/virtual_nci\x00', 0x0) r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0040, 0x0) pread64$auto(r0, 0x0, 0x7ff, 0x400) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x281, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x400, 0xd, 0x9, 0x948b, 0x3, 0x10413d94, 0x5aacd55, 0x3, 0x62, 0x8000001f, 0xf, 0x6d3e, 0x9, 0x0, 0x6]}, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_HARDIF(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000040)={0x1c, 0x0, 0x1, 0x70b927, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x4008000) sendmsg$auto_BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380), 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x24, 0x0, 0x400, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x3a}, @BATADV_ATTR_TT_FLAGS={0x8, 0x15, 0x16000}]}, 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x480) readv$auto(0x3, &(0x7f0000000340)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/tracing/saved_cmdlines\x00', 0x88000, 0x0) pread64$auto(r5, 0x0, 0x800a, 0x100) mmap$auto(0xfffffffffffffffc, 0x40009, 0xdf, 0x9b72, r1, 0x28000) r6 = socket(0xa, 0x5, 0x84) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x1c, 0x0, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0xe0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008085}, 0x8000) write$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffffff, &(0x7f0000000000)="706f3a82d9e5cc7c2ceda8d50bfc94be9fe6c22ffaf8493a38", 0x19) sendto$auto(r6, 0x0, 0x401, 0xffff, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 299.188901ms ago: executing program 0 (id=1928): r0 = openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2202, 0x0) read$auto(r0, 0x0, 0x8) 0s ago: executing program 0 (id=1929): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000003) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x2}) r0 = socket(0x2c, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYBLOB="0400a6"], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001bc0), r2) r3 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000004a80), r2) sendmsg$auto_NET_SHAPER_CMD_DELETE(r1, &(0x7f0000004b80)={0x0, 0x0, &(0x7f0000004b40)={&(0x7f0000004ac0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x8000}, 0x10) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x10000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) prctl$auto(0x23, 0x20000000000000b, 0x7fffffffefff, 0x0, 0x0) pkey_free$auto(0x7) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80246f4d, r4) getsockopt$auto(r0, 0x11b, 0x8, 0x0, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/pagemap\x00', 0x80800, 0x0) kernel console output (not intermixed with test programs): ci1: unexpected subevent 0x0d length: 725 > 260 [ 560.941360][ T52] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 560.941389][ T52] Bluetooth: hci1: adv larger than maximum supported [ 560.948866][ T52] Bluetooth: hci1: adv larger than maximum supported [ 560.955993][ T52] Bluetooth: hci1: Malformed LE Event: 0x0d [ 561.384988][T12334] zswap: compressor not available [ 562.143408][T12357] openvswitch: netlink: Message has 8 unknown bytes. [ 562.419421][T12365] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1380'. [ 562.460125][T12365] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 562.495855][T12365] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 562.576338][T12365] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 562.637687][T12365] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 562.723795][T12371] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 562.886043][T12369] FAULT_INJECTION: forcing a failure. [ 562.886043][T12369] name failslab, interval 1, probability 0, space 0, times 0 [ 563.034020][T12369] CPU: 0 UID: 0 PID: 12369 Comm: syz.1.1380 Not tainted syzkaller #0 PREEMPT(full) [ 563.034054][T12369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 563.034068][T12369] Call Trace: [ 563.034076][T12369] [ 563.034085][T12369] dump_stack_lvl+0x16c/0x1f0 [ 563.034125][T12369] should_fail_ex+0x512/0x640 [ 563.034162][T12369] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 563.034197][T12369] should_failslab+0xc2/0x120 [ 563.034220][T12369] kmem_cache_alloc_noprof+0x75/0x6e0 [ 563.034252][T12369] ? alloc_empty_file+0x55/0x1e0 [ 563.034281][T12369] ? alloc_empty_file+0x55/0x1e0 [ 563.034303][T12369] alloc_empty_file+0x55/0x1e0 [ 563.034329][T12369] alloc_file_pseudo+0x13a/0x230 [ 563.034355][T12369] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 563.034390][T12369] ? alloc_fd+0x471/0x7d0 [ 563.034426][T12369] sock_alloc_file+0x50/0x210 [ 563.034450][T12369] __sys_socket+0x1c0/0x260 [ 563.034478][T12369] ? __pfx___sys_socket+0x10/0x10 [ 563.034507][T12369] ? xfd_validate_state+0x61/0x180 [ 563.034532][T12369] ? __pfx___do_sys_close_range+0x10/0x10 [ 563.034572][T12369] __x64_sys_socket+0x72/0xb0 [ 563.034598][T12369] ? lockdep_hardirqs_on+0x7c/0x110 [ 563.034633][T12369] do_syscall_64+0xcd/0xfa0 [ 563.034670][T12369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 563.034693][T12369] RIP: 0033:0x7fecaf38eec9 [ 563.034712][T12369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 563.034735][T12369] RSP: 002b:00007fecad5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 563.034757][T12369] RAX: ffffffffffffffda RBX: 00007fecaf5e6180 RCX: 00007fecaf38eec9 [ 563.034773][T12369] RDX: 0000000000000006 RSI: 0000000000000003 RDI: 0000000000000002 [ 563.034787][T12369] RBP: 00007fecaf411f91 R08: 0000000000000000 R09: 0000000000000000 [ 563.034801][T12369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 563.034815][T12369] R13: 00007fecaf5e6218 R14: 00007fecaf5e6180 R15: 00007fff3343a3b8 [ 563.034845][T12369] [ 563.634974][T12381] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1384'. [ 563.645166][T12381] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1384'. [ 564.108443][T12394] bond0: invalid ARP target specified [ 564.225837][T12399] FAULT_INJECTION: forcing a failure. [ 564.225837][T12399] name failslab, interval 1, probability 0, space 0, times 0 [ 564.238854][T12399] CPU: 0 UID: 0 PID: 12399 Comm: syz.1.1388 Not tainted syzkaller #0 PREEMPT(full) [ 564.238885][T12399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 564.238899][T12399] Call Trace: [ 564.238908][T12399] [ 564.238917][T12399] dump_stack_lvl+0x16c/0x1f0 [ 564.238958][T12399] should_fail_ex+0x512/0x640 [ 564.238995][T12399] ? lockdep_hardirqs_on+0x7c/0x110 [ 564.239033][T12399] should_failslab+0xc2/0x120 [ 564.239056][T12399] kmem_cache_alloc_noprof+0x75/0x6e0 [ 564.239088][T12399] ? do_raw_spin_lock+0x12c/0x2b0 [ 564.239116][T12399] ? inet_bind_bucket_create+0x2d/0x280 [ 564.239155][T12399] ? inet_bind_bucket_create+0x2d/0x280 [ 564.239189][T12399] inet_bind_bucket_create+0x2d/0x280 [ 564.239224][T12399] inet_csk_get_port+0x117d/0x2890 [ 564.239261][T12399] ? trace_inet_sock_set_state+0x194/0x220 [ 564.239302][T12399] ? __pfx_inet_csk_get_port+0x10/0x10 [ 564.239326][T12399] inet_csk_listen_start+0x158/0x380 [ 564.239352][T12399] __inet_listen_sk+0x20f/0x520 [ 564.239384][T12399] ? __pfx___inet_listen_sk+0x10/0x10 [ 564.239417][T12399] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 564.239452][T12399] ? __local_bh_enable_ip+0xa4/0x120 [ 564.239493][T12399] inet_listen+0x93/0xd0 [ 564.239525][T12399] __sys_listen_socket+0x117/0x160 [ 564.239556][T12399] __sys_listen+0xa7/0x130 [ 564.239586][T12399] __x64_sys_listen+0x53/0x80 [ 564.239616][T12399] do_syscall_64+0xcd/0xfa0 [ 564.239653][T12399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 564.239677][T12399] RIP: 0033:0x7fecaf38eec9 [ 564.239696][T12399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 564.239719][T12399] RSP: 002b:00007fecb017c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000032 [ 564.239740][T12399] RAX: ffffffffffffffda RBX: 00007fecaf5e5fa0 RCX: 00007fecaf38eec9 [ 564.239756][T12399] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 564.239770][T12399] RBP: 00007fecaf411f91 R08: 0000000000000000 R09: 0000000000000000 [ 564.239784][T12399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 564.239797][T12399] R13: 00007fecaf5e6038 R14: 00007fecaf5e5fa0 R15: 00007fff3343a3b8 [ 564.239829][T12399] [ 564.822813][T12410] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 567.194325][T12438] deleting an unspecified loop device is not supported. [ 567.867406][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 567.873940][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.067376][T12454] FAULT_INJECTION: forcing a failure. [ 568.067376][T12454] name failslab, interval 1, probability 0, space 0, times 0 [ 568.218148][T12454] CPU: 0 UID: 0 PID: 12454 Comm: syz.0.1400 Not tainted syzkaller #0 PREEMPT(full) [ 568.218179][T12454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 568.218193][T12454] Call Trace: [ 568.218200][T12454] [ 568.218209][T12454] dump_stack_lvl+0x16c/0x1f0 [ 568.218249][T12454] should_fail_ex+0x512/0x640 [ 568.218285][T12454] ? __kmalloc_cache_noprof+0x5f/0x780 [ 568.218318][T12454] should_failslab+0xc2/0x120 [ 568.218341][T12454] __kmalloc_cache_noprof+0x72/0x780 [ 568.218370][T12454] ? sw_sync_ioctl+0x548/0xfd0 [ 568.218405][T12454] ? sw_sync_ioctl+0x548/0xfd0 [ 568.218435][T12454] sw_sync_ioctl+0x548/0xfd0 [ 568.218473][T12454] ? find_held_lock+0x2b/0x80 [ 568.218504][T12454] ? __pfx_sw_sync_ioctl+0x10/0x10 [ 568.218547][T12454] ? __pfx_sw_sync_ioctl+0x10/0x10 [ 568.218580][T12454] __x64_sys_ioctl+0x18e/0x210 [ 568.218608][T12454] do_syscall_64+0xcd/0xfa0 [ 568.218644][T12454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.218667][T12454] RIP: 0033:0x7f25c918eec9 [ 568.218684][T12454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 568.218707][T12454] RSP: 002b:00007f25c73d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 568.218727][T12454] RAX: ffffffffffffffda RBX: 00007f25c93e6090 RCX: 00007f25c918eec9 [ 568.218742][T12454] RDX: 0000000000000000 RSI: 00000000c0285700 RDI: 0000000000000005 [ 568.218756][T12454] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 568.218769][T12454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 568.218782][T12454] R13: 00007f25c93e6128 R14: 00007f25c93e6090 R15: 00007fffafa1a4c8 [ 568.218812][T12454] [ 568.511768][T12452] futex_wake_op: syz.3.1401 tries to shift op by -2048; fix this program [ 568.521159][T12452] 0x000000000001-0x000000020000 : "" [ 568.601830][T12452] ftl_cs: FTL header corrupt! [ 569.058722][T12466] FAULT_INJECTION: forcing a failure. [ 569.058722][T12466] name failslab, interval 1, probability 0, space 0, times 0 [ 569.120828][T12466] CPU: 0 UID: 0 PID: 12466 Comm: syz.0.1403 Not tainted syzkaller #0 PREEMPT(full) [ 569.120860][T12466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 569.120874][T12466] Call Trace: [ 569.120882][T12466] [ 569.120891][T12466] dump_stack_lvl+0x16c/0x1f0 [ 569.120931][T12466] should_fail_ex+0x512/0x640 [ 569.120969][T12466] ? fs_reclaim_acquire+0xae/0x150 [ 569.120994][T12466] should_failslab+0xc2/0x120 [ 569.121017][T12466] __kmalloc_noprof+0xdd/0x880 [ 569.121046][T12466] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 569.121087][T12466] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 569.121120][T12466] tomoyo_realpath_from_path+0xc2/0x6e0 [ 569.121157][T12466] ? tomoyo_profile+0x47/0x60 [ 569.121196][T12466] tomoyo_path_perm+0x274/0x460 [ 569.121222][T12466] ? tomoyo_path_perm+0x260/0x460 [ 569.121251][T12466] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 569.121309][T12466] ? __pfx_ima_file_check+0x10/0x10 [ 569.121332][T12466] ? hook_file_truncate+0xc7/0x250 [ 569.121369][T12466] security_file_truncate+0x84/0x1e0 [ 569.121403][T12466] path_openat+0xc10/0x2cb0 [ 569.121446][T12466] ? __pfx_path_openat+0x10/0x10 [ 569.121482][T12466] ? __lock_acquire+0xb8a/0x1c90 [ 569.121509][T12466] do_filp_open+0x20b/0x470 [ 569.121544][T12466] ? __pfx_do_filp_open+0x10/0x10 [ 569.121599][T12466] ? alloc_fd+0x471/0x7d0 [ 569.121638][T12466] do_sys_openat2+0x11b/0x1d0 [ 569.121664][T12466] ? __pfx_do_sys_openat2+0x10/0x10 [ 569.121707][T12466] __x64_sys_openat+0x174/0x210 [ 569.121734][T12466] ? __pfx___x64_sys_openat+0x10/0x10 [ 569.121774][T12466] do_syscall_64+0xcd/0xfa0 [ 569.121818][T12466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.121842][T12466] RIP: 0033:0x7f25c918eec9 [ 569.121861][T12466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 569.121885][T12466] RSP: 002b:00007f25c73d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 569.121907][T12466] RAX: ffffffffffffffda RBX: 00007f25c93e6090 RCX: 00007f25c918eec9 [ 569.121923][T12466] RDX: 00000000000a0202 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 569.121938][T12466] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 569.121952][T12466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 569.121966][T12466] R13: 00007f25c93e6128 R14: 00007f25c93e6090 R15: 00007fffafa1a4c8 [ 569.121997][T12466] [ 569.122028][T12466] ERROR: Out of memory at tomoyo_realpath_from_path. [ 569.489058][T12471] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1405'. [ 570.176990][T12475] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1406'. [ 570.200834][T12476] openvswitch: netlink: IP tunnel dst address not specified [ 571.307699][T12498] random: crng reseeded on system resumption [ 572.057492][T12508] futex_wake_op: syz.3.1413 tries to shift op by -2048; fix this program [ 572.108372][T12508] 0x000000000001-0x000000020000 : "" [ 572.160645][T12508] ftl_cs: FTL header corrupt! [ 575.537737][T12556] FAULT_INJECTION: forcing a failure. [ 575.537737][T12556] name failslab, interval 1, probability 0, space 0, times 0 [ 575.619100][T12556] CPU: 0 UID: 0 PID: 12556 Comm: syz.1.1421 Not tainted syzkaller #0 PREEMPT(full) [ 575.619137][T12556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 575.619151][T12556] Call Trace: [ 575.619159][T12556] [ 575.619167][T12556] dump_stack_lvl+0x16c/0x1f0 [ 575.619206][T12556] should_fail_ex+0x512/0x640 [ 575.619241][T12556] ? __kmalloc_cache_noprof+0x5f/0x780 [ 575.619273][T12556] should_failslab+0xc2/0x120 [ 575.619295][T12556] __kmalloc_cache_noprof+0x72/0x780 [ 575.619324][T12556] ? sync_file_alloc+0x3c/0x160 [ 575.619353][T12556] ? find_held_lock+0x2b/0x80 [ 575.619386][T12556] ? sync_file_alloc+0x3c/0x160 [ 575.619414][T12556] sync_file_alloc+0x3c/0x160 [ 575.619442][T12556] sync_file_create+0x17/0xf0 [ 575.619472][T12556] sw_sync_ioctl+0x8a2/0xfd0 [ 575.619508][T12556] ? find_held_lock+0x2b/0x80 [ 575.619538][T12556] ? __pfx_sw_sync_ioctl+0x10/0x10 [ 575.619581][T12556] ? __pfx_sw_sync_ioctl+0x10/0x10 [ 575.619614][T12556] __x64_sys_ioctl+0x18e/0x210 [ 575.619642][T12556] do_syscall_64+0xcd/0xfa0 [ 575.619678][T12556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.619700][T12556] RIP: 0033:0x7fecaf38eec9 [ 575.619717][T12556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 575.619739][T12556] RSP: 002b:00007fecb015b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 575.619760][T12556] RAX: ffffffffffffffda RBX: 00007fecaf5e6090 RCX: 00007fecaf38eec9 [ 575.619775][T12556] RDX: 0000000000000000 RSI: 00000000c0285700 RDI: 0000000000000005 [ 575.619789][T12556] RBP: 00007fecaf411f91 R08: 0000000000000000 R09: 0000000000000000 [ 575.619802][T12556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 575.619816][T12556] R13: 00007fecaf5e6128 R14: 00007fecaf5e6090 R15: 00007fff3343a3b8 [ 575.619845][T12556] [ 575.932393][T12559] random: crng reseeded on system resumption [ 575.943897][T12559] Restarting kernel threads ... [ 575.949125][T12559] Done restarting kernel threads. [ 575.955398][T12559] FAULT_INJECTION: forcing a failure. [ 575.955398][T12559] name failslab, interval 1, probability 0, space 0, times 0 [ 575.968065][T12559] CPU: 0 UID: 0 PID: 12559 Comm: syz.3.1423 Not tainted syzkaller #0 PREEMPT(full) [ 575.968093][T12559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 575.968113][T12559] Call Trace: [ 575.968120][T12559] [ 575.968129][T12559] dump_stack_lvl+0x16c/0x1f0 [ 575.968167][T12559] should_fail_ex+0x512/0x640 [ 575.968204][T12559] ? __kmalloc_cache_noprof+0x5f/0x780 [ 575.968237][T12559] should_failslab+0xc2/0x120 [ 575.968260][T12559] __kmalloc_cache_noprof+0x72/0x780 [ 575.968289][T12559] ? do_raw_spin_lock+0x12c/0x2b0 [ 575.968315][T12559] ? alloc_fdtable+0xbd/0x2d0 [ 575.968348][T12559] ? alloc_fdtable+0xbd/0x2d0 [ 575.968374][T12559] alloc_fdtable+0xbd/0x2d0 [ 575.968404][T12559] dup_fd+0x83b/0xb90 [ 575.968443][T12559] __do_sys_close_range+0x4ca/0x730 [ 575.968482][T12559] ? __pfx___do_sys_close_range+0x10/0x10 [ 575.968523][T12559] do_syscall_64+0xcd/0xfa0 [ 575.968559][T12559] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.968582][T12559] RIP: 0033:0x7f794118eec9 [ 575.968601][T12559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 575.968623][T12559] RSP: 002b:00007f793f3f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 575.968644][T12559] RAX: ffffffffffffffda RBX: 00007f79413e5fa0 RCX: 00007f794118eec9 [ 575.968659][T12559] RDX: 0000000000000006 RSI: ffffffffffffffff RDI: ffffffffffffffff [ 575.968674][T12559] RBP: 00007f7941211f91 R08: 0000000000000000 R09: 0000000000000000 [ 575.968688][T12559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 575.968701][T12559] R13: 00007f79413e6038 R14: 00007f79413e5fa0 R15: 00007ffdd020fbb8 [ 575.968732][T12559] [ 576.338980][T12564] FAULT_INJECTION: forcing a failure. [ 576.338980][T12564] name failslab, interval 1, probability 0, space 0, times 0 [ 576.364848][T12564] CPU: 0 UID: 0 PID: 12564 Comm: syz.0.1424 Not tainted syzkaller #0 PREEMPT(full) [ 576.364880][T12564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 576.364894][T12564] Call Trace: [ 576.364901][T12564] [ 576.364909][T12564] dump_stack_lvl+0x16c/0x1f0 [ 576.364947][T12564] should_fail_ex+0x512/0x640 [ 576.364983][T12564] ? fs_reclaim_acquire+0xae/0x150 [ 576.365008][T12564] should_failslab+0xc2/0x120 [ 576.365030][T12564] __kmalloc_noprof+0xdd/0x880 [ 576.365067][T12564] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 576.365106][T12564] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 576.365138][T12564] tomoyo_realpath_from_path+0xc2/0x6e0 [ 576.365173][T12564] ? tomoyo_profile+0x47/0x60 [ 576.365212][T12564] tomoyo_path_number_perm+0x245/0x580 [ 576.365238][T12564] ? tomoyo_path_number_perm+0x237/0x580 [ 576.365267][T12564] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 576.365297][T12564] ? find_held_lock+0x2b/0x80 [ 576.365354][T12564] ? find_held_lock+0x2b/0x80 [ 576.365397][T12564] ? hook_file_ioctl_common+0x145/0x410 [ 576.365432][T12564] ? __fget_files+0x20e/0x3c0 [ 576.365466][T12564] security_file_ioctl+0x9b/0x240 [ 576.365496][T12564] __x64_sys_ioctl+0xb7/0x210 [ 576.365522][T12564] do_syscall_64+0xcd/0xfa0 [ 576.365558][T12564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.365580][T12564] RIP: 0033:0x7f25c918eec9 [ 576.365597][T12564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 576.365619][T12564] RSP: 002b:00007f25c73f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 576.365640][T12564] RAX: ffffffffffffffda RBX: 00007f25c93e5fa0 RCX: 00007f25c918eec9 [ 576.365654][T12564] RDX: 0000000000000004 RSI: 000000004048aec9 RDI: 0000000000000003 [ 576.365668][T12564] RBP: 00007f25c73f6090 R08: 0000000000000000 R09: 0000000000000000 [ 576.365681][T12564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 576.365694][T12564] R13: 00007f25c93e6038 R14: 00007f25c93e5fa0 R15: 00007fffafa1a4c8 [ 576.365723][T12564] [ 576.365732][T12564] ERROR: Out of memory at tomoyo_realpath_from_path. [ 576.783040][T12566] futex_wake_op: syz.2.1422 tries to shift op by -2048; fix this program [ 576.828706][T12566] 0x000000000001-0x000000020000 : "" [ 576.888706][T12566] ftl_cs: FTL header corrupt! [ 582.297681][T12659] FAULT_INJECTION: forcing a failure. [ 582.297681][T12659] name failslab, interval 1, probability 0, space 0, times 0 [ 582.382753][T12659] CPU: 0 UID: 0 PID: 12659 Comm: syz.0.1441 Not tainted syzkaller #0 PREEMPT(full) [ 582.382788][T12659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 582.382802][T12659] Call Trace: [ 582.382809][T12659] [ 582.382818][T12659] dump_stack_lvl+0x16c/0x1f0 [ 582.382858][T12659] should_fail_ex+0x512/0x640 [ 582.382893][T12659] ? fs_reclaim_acquire+0xae/0x150 [ 582.382917][T12659] should_failslab+0xc2/0x120 [ 582.382939][T12659] __kmalloc_noprof+0xdd/0x880 [ 582.382967][T12659] ? tomoyo_encode2+0x100/0x3e0 [ 582.383003][T12659] ? tomoyo_encode2+0x100/0x3e0 [ 582.383036][T12659] tomoyo_encode2+0x100/0x3e0 [ 582.383071][T12659] tomoyo_encode+0x29/0x50 [ 582.383104][T12659] tomoyo_realpath_from_path+0x18f/0x6e0 [ 582.383145][T12659] tomoyo_path_number_perm+0x245/0x580 [ 582.383171][T12659] ? tomoyo_path_number_perm+0x237/0x580 [ 582.383201][T12659] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 582.383230][T12659] ? find_held_lock+0x2b/0x80 [ 582.383287][T12659] ? find_held_lock+0x2b/0x80 [ 582.383317][T12659] ? hook_file_ioctl_common+0x145/0x410 [ 582.383353][T12659] ? __fget_files+0x20e/0x3c0 [ 582.383390][T12659] security_file_ioctl+0x9b/0x240 [ 582.383423][T12659] __x64_sys_ioctl+0xb7/0x210 [ 582.383451][T12659] do_syscall_64+0xcd/0xfa0 [ 582.383489][T12659] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 582.383519][T12659] RIP: 0033:0x7f25c918eec9 [ 582.383538][T12659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 582.383561][T12659] RSP: 002b:00007f25c73f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 582.383583][T12659] RAX: ffffffffffffffda RBX: 00007f25c93e5fa0 RCX: 00007f25c918eec9 [ 582.383598][T12659] RDX: 0000200000000040 RSI: 0000000080044dfb RDI: 0000000000000006 [ 582.383613][T12659] RBP: 00007f25c73f6090 R08: 0000000000000000 R09: 0000000000000000 [ 582.383627][T12659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 582.383640][T12659] R13: 00007f25c93e6038 R14: 00007f25c93e5fa0 R15: 00007fffafa1a4c8 [ 582.383671][T12659] [ 582.383689][T12659] ERROR: Out of memory at tomoyo_realpath_from_path. [ 582.848126][ T52] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 582.848158][ T52] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 582.863473][ T52] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 582.863520][ T52] Bluetooth: hci0: adv larger than maximum supported [ 582.887456][ T52] Bluetooth: hci0: adv larger than maximum supported [ 582.894681][ T52] Bluetooth: hci0: Malformed LE Event: 0x0d [ 583.058575][T12656] zswap: compressor not available [ 583.604438][T12680] Invalid ELF header magic: != ELF [ 584.689412][T12697] FAULT_INJECTION: forcing a failure. [ 584.689412][T12697] name failslab, interval 1, probability 0, space 0, times 0 [ 584.971752][T12697] CPU: 0 UID: 0 PID: 12697 Comm: syz.0.1445 Not tainted syzkaller #0 PREEMPT(full) [ 584.971784][T12697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 584.971798][T12697] Call Trace: [ 584.971805][T12697] [ 584.971813][T12697] dump_stack_lvl+0x16c/0x1f0 [ 584.971853][T12697] should_fail_ex+0x512/0x640 [ 584.971889][T12697] ? __kmalloc_cache_noprof+0x5f/0x780 [ 584.971921][T12697] should_failslab+0xc2/0x120 [ 584.971944][T12697] __kmalloc_cache_noprof+0x72/0x780 [ 584.971973][T12697] ? snd_seq_prioq_new+0x3f/0x110 [ 584.972011][T12697] ? snd_seq_prioq_new+0x3f/0x110 [ 584.972044][T12697] snd_seq_prioq_new+0x3f/0x110 [ 584.972076][T12697] snd_seq_queue_alloc+0x12b/0x5a0 [ 584.972111][T12697] snd_seq_ioctl_create_queue+0xa9/0x390 [ 584.972138][T12697] call_seq_client_ctl+0x9f/0x110 [ 584.972177][T12697] snd_seq_kernel_client_ctl+0x77/0xd0 [ 584.972200][T12697] alloc_seq_queue+0xda/0x180 [ 584.972229][T12697] ? __pfx_alloc_seq_queue+0x10/0x10 [ 584.972269][T12697] ? mark_held_locks+0x49/0x80 [ 584.972291][T12697] ? _raw_spin_unlock_irq+0x23/0x50 [ 584.972322][T12697] ? lockdep_hardirqs_on+0x7c/0x110 [ 584.972359][T12697] snd_seq_oss_open+0x38c/0xa20 [ 584.972390][T12697] odev_open+0x79/0xc0 [ 584.972410][T12697] ? __pfx_odev_open+0x10/0x10 [ 584.972432][T12697] soundcore_open+0x40c/0x580 [ 584.972457][T12697] ? __pfx_soundcore_open+0x10/0x10 [ 584.972480][T12697] chrdev_open+0x234/0x6a0 [ 584.972515][T12697] ? __pfx_apparmor_file_open+0x10/0x10 [ 584.972539][T12697] ? __pfx_chrdev_open+0x10/0x10 [ 584.972576][T12697] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 584.972614][T12697] do_dentry_open+0x982/0x1530 [ 584.972659][T12697] ? __pfx_chrdev_open+0x10/0x10 [ 584.972698][T12697] vfs_open+0x82/0x3f0 [ 584.972723][T12697] path_openat+0x1de4/0x2cb0 [ 584.972762][T12697] ? __pfx_path_openat+0x10/0x10 [ 584.972794][T12697] ? __lock_acquire+0xb8a/0x1c90 [ 584.972818][T12697] do_filp_open+0x20b/0x470 [ 584.972849][T12697] ? __pfx_do_filp_open+0x10/0x10 [ 584.972899][T12697] ? alloc_fd+0x471/0x7d0 [ 584.972934][T12697] do_sys_openat2+0x11b/0x1d0 [ 584.972957][T12697] ? __pfx_do_sys_openat2+0x10/0x10 [ 584.972991][T12697] __x64_sys_openat+0x174/0x210 [ 584.973015][T12697] ? __pfx___x64_sys_openat+0x10/0x10 [ 584.973050][T12697] do_syscall_64+0xcd/0xfa0 [ 584.973103][T12697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 584.973126][T12697] RIP: 0033:0x7f25c918eec9 [ 584.973144][T12697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 584.973166][T12697] RSP: 002b:00007f25c73b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 584.973187][T12697] RAX: ffffffffffffffda RBX: 00007f25c93e6180 RCX: 00007f25c918eec9 [ 584.973202][T12697] RDX: 00000000001c8740 RSI: 0000200000000540 RDI: ffffffffffffff9c [ 584.973217][T12697] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 584.973237][T12697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 584.973250][T12697] R13: 00007f25c93e6218 R14: 00007f25c93e6180 R15: 00007fffafa1a4c8 [ 584.973280][T12697] [ 585.711569][T12708] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1448'. [ 586.210301][T12725] FAULT_INJECTION: forcing a failure. [ 586.210301][T12725] name failslab, interval 1, probability 0, space 0, times 0 [ 586.295797][T12725] CPU: 0 UID: 0 PID: 12725 Comm: syz.2.1450 Not tainted syzkaller #0 PREEMPT(full) [ 586.295829][T12725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 586.295842][T12725] Call Trace: [ 586.295849][T12725] [ 586.295857][T12725] dump_stack_lvl+0x16c/0x1f0 [ 586.295896][T12725] should_fail_ex+0x512/0x640 [ 586.295932][T12725] ? __kmalloc_noprof+0xca/0x880 [ 586.295963][T12725] should_failslab+0xc2/0x120 [ 586.295990][T12725] __kmalloc_noprof+0xdd/0x880 [ 586.296018][T12725] ? iter_file_splice_write+0x1cc/0x12e0 [ 586.296060][T12725] ? iter_file_splice_write+0x1cc/0x12e0 [ 586.296090][T12725] iter_file_splice_write+0x1cc/0x12e0 [ 586.296127][T12725] ? kfree+0x2b8/0x6d0 [ 586.296151][T12725] ? copy_splice_read+0x897/0xc20 [ 586.296185][T12725] ? copy_splice_read+0x897/0xc20 [ 586.296213][T12725] ? __pfx_iter_file_splice_write+0x10/0x10 [ 586.296246][T12725] ? __lock_acquire+0xb8a/0x1c90 [ 586.296272][T12725] ? __pfx_copy_splice_read+0x10/0x10 [ 586.296319][T12725] ? __pfx_iter_file_splice_write+0x10/0x10 [ 586.296353][T12725] direct_splice_actor+0x192/0x6c0 [ 586.296387][T12725] splice_direct_to_actor+0x345/0xa30 [ 586.296418][T12725] ? __pfx_direct_splice_actor+0x10/0x10 [ 586.296454][T12725] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 586.296484][T12725] ? get_pid_task+0xfc/0x250 [ 586.296516][T12725] do_splice_direct+0x174/0x240 [ 586.296546][T12725] ? __pfx_do_splice_direct+0x10/0x10 [ 586.296577][T12725] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 586.296615][T12725] ? rw_verify_area+0xcf/0x6c0 [ 586.296647][T12725] do_sendfile+0xb06/0xe50 [ 586.296683][T12725] ? __pfx_do_sendfile+0x10/0x10 [ 586.296715][T12725] ? __fget_files+0x20e/0x3c0 [ 586.296753][T12725] __x64_sys_sendfile64+0x1d8/0x220 [ 586.296774][T12725] ? ksys_write+0x1ac/0x250 [ 586.296805][T12725] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 586.296841][T12725] do_syscall_64+0xcd/0xfa0 [ 586.296878][T12725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 586.296901][T12725] RIP: 0033:0x7f19c738eec9 [ 586.296918][T12725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 586.296940][T12725] RSP: 002b:00007f19c8179038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 586.296962][T12725] RAX: ffffffffffffffda RBX: 00007f19c75e5fa0 RCX: 00007f19c738eec9 [ 586.296977][T12725] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 586.296990][T12725] RBP: 00007f19c8179090 R08: 0000000000000000 R09: 0000000000000000 [ 586.297004][T12725] R10: 000000000000004a R11: 0000000000000246 R12: 0000000000000001 [ 586.297017][T12725] R13: 00007f19c75e6038 R14: 00007f19c75e5fa0 R15: 00007ffd0c6c4fc8 [ 586.297048][T12725] [ 586.936381][T12722] can: request_module (can-proto-0) failed. [ 587.097430][T12727] CIFS: VFS: Invalid SecurityFlags: 0x00 [ 593.524668][T12852] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1468'. [ 593.588652][T12853] random: crng reseeded on system resumption [ 593.665668][T12856] FAULT_INJECTION: forcing a failure. [ 593.665668][T12856] name failslab, interval 1, probability 0, space 0, times 0 [ 593.741205][T12856] CPU: 0 UID: 0 PID: 12856 Comm: syz.0.1469 Not tainted syzkaller #0 PREEMPT(full) [ 593.741236][T12856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 593.741250][T12856] Call Trace: [ 593.741257][T12856] [ 593.741265][T12856] dump_stack_lvl+0x16c/0x1f0 [ 593.741316][T12856] should_fail_ex+0x512/0x640 [ 593.741352][T12856] ? __kmalloc_cache_noprof+0x5f/0x780 [ 593.741384][T12856] should_failslab+0xc2/0x120 [ 593.741406][T12856] __kmalloc_cache_noprof+0x72/0x780 [ 593.741435][T12856] ? do_raw_spin_lock+0x12c/0x2b0 [ 593.741462][T12856] ? alloc_fdtable+0xbd/0x2d0 [ 593.741494][T12856] ? alloc_fdtable+0xbd/0x2d0 [ 593.741520][T12856] alloc_fdtable+0xbd/0x2d0 [ 593.741550][T12856] dup_fd+0x83b/0xb90 [ 593.741589][T12856] __do_sys_close_range+0x4ca/0x730 [ 593.741626][T12856] ? __pfx___do_sys_close_range+0x10/0x10 [ 593.741667][T12856] do_syscall_64+0xcd/0xfa0 [ 593.741703][T12856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.741737][T12856] RIP: 0033:0x7f25c918eec9 [ 593.741753][T12856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 593.741774][T12856] RSP: 002b:00007f25c73d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 593.741794][T12856] RAX: ffffffffffffffda RBX: 00007f25c93e6090 RCX: 00007f25c918eec9 [ 593.741808][T12856] RDX: 0000000000000006 RSI: ffffffffffffffff RDI: ffffffffffffffff [ 593.741821][T12856] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 593.741834][T12856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 593.741846][T12856] R13: 00007f25c93e6128 R14: 00007f25c93e6090 R15: 00007fffafa1a4c8 [ 593.741874][T12856] [ 593.918308][T12848] futex_wake_op: syz.3.1468 tries to shift op by -2048; fix this program [ 593.928122][T12848] 0x000000000001-0x000000020000 : "" [ 593.943435][T12848] ftl_cs: FTL header corrupt! [ 597.390050][T12907] binder: 12906:12907 unknown command 0 [ 597.460730][T12907] binder: 12906:12907 ioctl c0306201 2000000000c0 returned -22 [ 597.780962][T12913] FAULT_INJECTION: forcing a failure. [ 597.780962][T12913] name failslab, interval 1, probability 0, space 0, times 0 [ 597.864626][T12913] CPU: 0 UID: 0 PID: 12913 Comm: syz.2.1479 Not tainted syzkaller #0 PREEMPT(full) [ 597.864657][T12913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 597.864670][T12913] Call Trace: [ 597.864677][T12913] [ 597.864685][T12913] dump_stack_lvl+0x16c/0x1f0 [ 597.864722][T12913] should_fail_ex+0x512/0x640 [ 597.864757][T12913] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 597.864790][T12913] should_failslab+0xc2/0x120 [ 597.864812][T12913] kmem_cache_alloc_noprof+0x75/0x6e0 [ 597.864841][T12913] ? taskstats_exit+0x654/0xbe0 [ 597.864873][T12913] ? taskstats_exit+0x654/0xbe0 [ 597.864899][T12913] ? acct_update_integrals+0x2ce/0x4a0 [ 597.864926][T12913] taskstats_exit+0x654/0xbe0 [ 597.864963][T12913] ? __pfx_taskstats_exit+0x10/0x10 [ 597.864994][T12913] ? exit_signals+0x38e/0xb40 [ 597.865030][T12913] do_exit+0x5dc/0x2bf0 [ 597.865076][T12913] ? __pfx_do_exit+0x10/0x10 [ 597.865099][T12913] ? do_raw_spin_lock+0x12c/0x2b0 [ 597.865126][T12913] ? find_held_lock+0x2b/0x80 [ 597.865161][T12913] do_group_exit+0xd3/0x2a0 [ 597.865186][T12913] get_signal+0x2671/0x26d0 [ 597.865224][T12913] ? __lock_acquire+0x622/0x1c90 [ 597.865249][T12913] ? __pfx_get_signal+0x10/0x10 [ 597.865282][T12913] ? do_futex+0x122/0x350 [ 597.865305][T12913] ? __pfx_do_futex+0x10/0x10 [ 597.865330][T12913] arch_do_signal_or_restart+0x8f/0x790 [ 597.865367][T12913] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 597.865420][T12913] exit_to_user_mode_loop+0x85/0x130 [ 597.865447][T12913] do_syscall_64+0x426/0xfa0 [ 597.865483][T12913] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 597.865505][T12913] RIP: 0033:0x7f19c738eec9 [ 597.865522][T12913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 597.865545][T12913] RSP: 002b:00007f19c81790e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 597.865566][T12913] RAX: fffffffffffffe00 RBX: 00007f19c75e5fa8 RCX: 00007f19c738eec9 [ 597.865581][T12913] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f19c75e5fa8 [ 597.865595][T12913] RBP: 00007f19c75e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 597.865609][T12913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 597.865622][T12913] R13: 00007f19c75e6038 R14: 00007ffd0c6c4ee0 R15: 00007ffd0c6c4fc8 [ 597.865652][T12913] [ 598.099870][ C0] vkms_vblank_simulate: vblank timer overrun syzkaller syzkaller login: [ 598.810073][T12933] FAULT_INJECTION: forcing a failure. [ 598.810073][T12933] name failslab, interval 1, probability 0, space 0, times 0 [ 598.909509][T12933] CPU: 0 UID: 0 PID: 12933 Comm: syz.3.1483 Not tainted syzkaller #0 PREEMPT(full) [ 598.909539][T12933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 598.909551][T12933] Call Trace: [ 598.909558][T12933] [ 598.909565][T12933] dump_stack_lvl+0x16c/0x1f0 [ 598.909601][T12933] should_fail_ex+0x512/0x640 [ 598.909634][T12933] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 598.909657][T12933] should_failslab+0xc2/0x120 [ 598.909678][T12933] kmem_cache_alloc_noprof+0x75/0x6e0 [ 598.909706][T12933] ? skb_clone+0x190/0x3f0 [ 598.909743][T12933] ? skb_clone+0x190/0x3f0 [ 598.909773][T12933] skb_clone+0x190/0x3f0 [ 598.909805][T12933] netlink_deliver_tap+0xabd/0xd30 [ 598.909844][T12933] netlink_dump+0x881/0xd30 [ 598.909885][T12933] ? __pfx_netlink_dump+0x10/0x10 [ 598.909931][T12933] ? genl_start+0x67f/0x980 [ 598.909956][T12933] __netlink_dump_start+0x6d6/0x990 [ 598.909996][T12933] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 598.910021][T12933] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 598.910051][T12933] ? aa_get_newest_label+0xd2/0x250 [ 598.910073][T12933] ? __pfx_genl_start+0x10/0x10 [ 598.910092][T12933] ? __pfx_genl_dumpit+0x10/0x10 [ 598.910112][T12933] ? __pfx_genl_done+0x10/0x10 [ 598.910135][T12933] ? bpf_lsm_capable+0x9/0x10 [ 598.910174][T12933] ? security_capable+0x7e/0x260 [ 598.910200][T12933] genl_rcv_msg+0x46e/0x800 [ 598.910231][T12933] ? __pfx_genl_rcv_msg+0x10/0x10 [ 598.910256][T12933] ? __pfx_ioam6_genl_dumpns_start+0x10/0x10 [ 598.910278][T12933] ? __pfx_ioam6_genl_dumpns+0x10/0x10 [ 598.910299][T12933] ? __pfx_ioam6_genl_dumpns_done+0x10/0x10 [ 598.910332][T12933] netlink_rcv_skb+0x158/0x420 [ 598.910353][T12933] ? __pfx_genl_rcv_msg+0x10/0x10 [ 598.910379][T12933] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 598.910412][T12933] ? netlink_deliver_tap+0x1ae/0xd30 [ 598.910453][T12933] genl_rcv+0x28/0x40 [ 598.910474][T12933] netlink_unicast+0x5aa/0x870 [ 598.910518][T12933] ? __pfx_netlink_unicast+0x10/0x10 [ 598.910565][T12933] netlink_sendmsg+0x8c8/0xdd0 [ 598.910605][T12933] ? __pfx_netlink_sendmsg+0x10/0x10 [ 598.910645][T12933] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 598.910673][T12933] ____sys_sendmsg+0xa98/0xc70 [ 598.910699][T12933] ? copy_msghdr_from_user+0x10a/0x160 [ 598.910733][T12933] ? __pfx_____sys_sendmsg+0x10/0x10 [ 598.910771][T12933] ___sys_sendmsg+0x134/0x1d0 [ 598.910806][T12933] ? __pfx____sys_sendmsg+0x10/0x10 [ 598.910838][T12933] ? __lock_acquire+0x622/0x1c90 [ 598.910906][T12933] __sys_sendmsg+0x16d/0x220 [ 598.910941][T12933] ? __pfx___sys_sendmsg+0x10/0x10 [ 598.910994][T12933] do_syscall_64+0xcd/0xfa0 [ 598.911029][T12933] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 598.911052][T12933] RIP: 0033:0x7f794118eec9 [ 598.911069][T12933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 598.911091][T12933] RSP: 002b:00007f793f3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 598.911112][T12933] RAX: ffffffffffffffda RBX: 00007f79413e5fa0 RCX: 00007f794118eec9 [ 598.911127][T12933] RDX: 000000000000c840 RSI: 0000200000000100 RDI: 0000000000000003 [ 598.911140][T12933] RBP: 00007f793f3f6090 R08: 0000000000000000 R09: 0000000000000000 [ 598.911154][T12933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 598.911167][T12933] R13: 00007f79413e6038 R14: 00007f79413e5fa0 R15: 00007ffdd020fbb8 [ 598.911196][T12933] [ 599.247095][ C0] vkms_vblank_simulate: vblank timer overrun [ 599.455058][T12935] futex_wake_op: syz.1.1486 tries to shift op by -2048; fix this program [ 599.465201][T12935] 0x000000000001-0x000000020000 : "" [ 599.667297][T12935] ftl_cs: FTL header corrupt! [ 599.696226][ T5147] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 601.184013][T12960] can: request_module (can-proto-0) failed. [ 601.559522][T12965] CIFS: VFS: Invalid SecurityFlags: 0x00 [ 602.236832][T12974] FAULT_INJECTION: forcing a failure. [ 602.236832][T12974] name failslab, interval 1, probability 0, space 0, times 0 [ 602.301540][T12974] CPU: 0 UID: 0 PID: 12974 Comm: syz.0.1493 Not tainted syzkaller #0 PREEMPT(full) [ 602.301569][T12974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 602.301582][T12974] Call Trace: [ 602.301589][T12974] [ 602.301596][T12974] dump_stack_lvl+0x16c/0x1f0 [ 602.301633][T12974] should_fail_ex+0x512/0x640 [ 602.301667][T12974] ? __kmalloc_noprof+0xca/0x880 [ 602.301697][T12974] should_failslab+0xc2/0x120 [ 602.301718][T12974] __kmalloc_noprof+0xdd/0x880 [ 602.301742][T12974] ? __pfx___mutex_lock+0x10/0x10 [ 602.301776][T12974] ? kvm_io_bus_register_dev+0x1cf/0x720 [ 602.301815][T12974] ? kvm_io_bus_register_dev+0x1cf/0x720 [ 602.301848][T12974] kvm_io_bus_register_dev+0x1cf/0x720 [ 602.301890][T12974] kvm_ioapic_init+0x429/0x590 [ 602.301923][T12974] kvm_arch_vm_ioctl+0x912/0x18b0 [ 602.301957][T12974] ? register_lock_class+0x41/0x4c0 [ 602.301979][T12974] ? find_held_lock+0x2b/0x80 [ 602.302007][T12974] ? __pfx_kvm_arch_vm_ioctl+0x10/0x10 [ 602.302040][T12974] ? ima_match_policy+0x7f9/0x22e0 [ 602.302071][T12974] ? __lock_acquire+0x622/0x1c90 [ 602.302096][T12974] ? __lock_acquire+0x622/0x1c90 [ 602.302125][T12974] ? __lock_acquire+0x622/0x1c90 [ 602.302152][T12974] ? __lock_acquire+0x622/0x1c90 [ 602.302190][T12974] ? bpf_ksym_find+0x124/0x1c0 [ 602.302222][T12974] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 602.302256][T12974] ? is_bpf_text_address+0x94/0x1a0 [ 602.302278][T12974] ? kernel_text_address+0x8d/0x100 [ 602.302304][T12974] ? widen_string+0xdc/0x2d0 [ 602.302326][T12974] ? __kernel_text_address+0xd/0x40 [ 602.302352][T12974] ? unwind_get_return_address+0x59/0xa0 [ 602.302383][T12974] ? arch_stack_walk+0xa6/0x100 [ 602.302431][T12974] ? stack_trace_save+0x8e/0xc0 [ 602.302464][T12974] ? __pfx_stack_trace_save+0x10/0x10 [ 602.302497][T12974] ? stack_depot_save_flags+0x29/0x9c0 [ 602.302533][T12974] ? __lock_acquire+0xb8a/0x1c90 [ 602.302557][T12974] ? kasan_save_stack+0x42/0x60 [ 602.302588][T12974] ? kasan_save_stack+0x33/0x60 [ 602.302619][T12974] ? kasan_save_track+0x14/0x30 [ 602.302650][T12974] ? __kasan_save_free_info+0x3b/0x60 [ 602.302675][T12974] ? __kasan_slab_free+0x5f/0x80 [ 602.302707][T12974] ? kfree+0x2b8/0x6d0 [ 602.302729][T12974] ? tomoyo_path_number_perm+0x470/0x580 [ 602.302759][T12974] kvm_vm_ioctl+0x1a91/0x3fd0 [ 602.302822][T12974] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 602.302873][T12974] ? kasan_quarantine_put+0x10a/0x240 [ 602.302906][T12974] ? lockdep_hardirqs_on+0x7c/0x110 [ 602.302943][T12974] ? find_held_lock+0x2b/0x80 [ 602.302975][T12974] ? tomoyo_path_number_perm+0x295/0x580 [ 602.303006][T12974] ? tomoyo_path_number_perm+0x18d/0x580 [ 602.303036][T12974] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 602.303074][T12974] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 602.303106][T12974] ? do_vfs_ioctl+0x128/0x14f0 [ 602.303132][T12974] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 602.303165][T12974] ? find_held_lock+0x2b/0x80 [ 602.303196][T12974] ? hook_file_ioctl_common+0x145/0x410 [ 602.303231][T12974] ? __fget_files+0x20e/0x3c0 [ 602.303266][T12974] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 602.303300][T12974] __x64_sys_ioctl+0x18e/0x210 [ 602.303328][T12974] do_syscall_64+0xcd/0xfa0 [ 602.303364][T12974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 602.303387][T12974] RIP: 0033:0x7f25c918eec9 [ 602.303405][T12974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 602.303434][T12974] RSP: 002b:00007f25c73d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 602.303456][T12974] RAX: ffffffffffffffda RBX: 00007f25c93e6090 RCX: 00007f25c918eec9 [ 602.303472][T12974] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003 [ 602.303486][T12974] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 602.303499][T12974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 602.303540][T12974] R13: 00007f25c93e6128 R14: 00007f25c93e6090 R15: 00007fffafa1a4c8 [ 602.303572][T12974] [ 603.720476][T12982] futex_wake_op: syz.2.1496 tries to shift op by -2048; fix this program [ 603.761358][T12982] 0x000000000001-0x000000020000 : "" [ 603.836203][T12982] ftl_cs: FTL header corrupt! [ 607.179092][T13026] can: request_module (can-proto-0) failed. [ 607.480336][T13031] CIFS: VFS: Invalid SecurityFlags: 0x00 [ 609.602860][T13058] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1511'. [ 610.176383][T13063] snd_aloop snd_aloop.0: control 7:-2147483391:4::2 is already present [ 616.030059][T13151] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1529'. [ 616.100939][T13149] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1529'. [ 616.158707][T13149] futex_wake_op: syz.1.1529 tries to shift op by -2048; fix this program [ 616.196995][T13149] 0x000000000001-0x000000020000 : "" [ 616.224805][T13149] ftl_cs: FTL header corrupt! [ 617.462814][T13174] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1533'. [ 620.104868][ T5147] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 620.104899][ T5147] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 620.121096][ T5147] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 620.121143][ T5147] Bluetooth: hci3: adv larger than maximum supported [ 620.129080][ T5147] Bluetooth: hci3: adv larger than maximum supported [ 620.136608][ T5147] Bluetooth: hci3: Malformed LE Event: 0x0d [ 620.533522][T13206] zswap: compressor not available [ 621.423718][T13234] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1544'. [ 621.636717][T13233] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1544'. [ 621.705251][T13233] futex_wake_op: syz.3.1544 tries to shift op by -2048; fix this program [ 621.759935][T13233] 0x000000000001-0x000000020000 : "" [ 621.801973][T13233] ftl_cs: FTL header corrupt! [ 621.961331][T13243] openvswitch: netlink: Message has 8 unknown bytes. [ 622.000439][T13244] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1546'. [ 622.021190][T13243] FAULT_INJECTION: forcing a failure. [ 622.021190][T13243] name failslab, interval 1, probability 0, space 0, times 0 [ 622.085495][T13243] CPU: 0 UID: 0 PID: 13243 Comm: syz.2.1547 Not tainted syzkaller #0 PREEMPT(full) [ 622.085525][T13243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 622.085546][T13243] Call Trace: [ 622.085553][T13243] [ 622.085562][T13243] dump_stack_lvl+0x16c/0x1f0 [ 622.085601][T13243] should_fail_ex+0x512/0x640 [ 622.085637][T13243] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 622.085663][T13243] should_failslab+0xc2/0x120 [ 622.085686][T13243] kmem_cache_alloc_noprof+0x75/0x6e0 [ 622.085718][T13243] ? skb_clone+0x190/0x3f0 [ 622.085758][T13243] ? skb_clone+0x190/0x3f0 [ 622.085791][T13243] skb_clone+0x190/0x3f0 [ 622.085827][T13243] netlink_deliver_tap+0xabd/0xd30 [ 622.085870][T13243] netlink_unicast+0x71f/0x870 [ 622.085911][T13243] ? __pfx_netlink_unicast+0x10/0x10 [ 622.085949][T13243] ? genl_rcv_msg+0x4bb/0x800 [ 622.085981][T13243] netlink_ack+0x696/0xb80 [ 622.086014][T13243] netlink_rcv_skb+0x332/0x420 [ 622.086035][T13243] ? __pfx_genl_rcv_msg+0x10/0x10 [ 622.086061][T13243] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 622.086095][T13243] ? netlink_deliver_tap+0x1ae/0xd30 [ 622.086134][T13243] genl_rcv+0x28/0x40 [ 622.086155][T13243] netlink_unicast+0x5aa/0x870 [ 622.086197][T13243] ? __pfx_netlink_unicast+0x10/0x10 [ 622.086245][T13243] netlink_sendmsg+0x8c8/0xdd0 [ 622.086287][T13243] ? __pfx_netlink_sendmsg+0x10/0x10 [ 622.086328][T13243] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 622.086359][T13243] ____sys_sendmsg+0xa98/0xc70 [ 622.086386][T13243] ? copy_msghdr_from_user+0x10a/0x160 [ 622.086420][T13243] ? __pfx_____sys_sendmsg+0x10/0x10 [ 622.086451][T13243] ? update_curr+0x71/0x550 [ 622.086486][T13243] ___sys_sendmsg+0x134/0x1d0 [ 622.086525][T13243] ? __pfx____sys_sendmsg+0x10/0x10 [ 622.086563][T13243] ? __lock_acquire+0x622/0x1c90 [ 622.086623][T13243] __sys_sendmsg+0x16d/0x220 [ 622.086658][T13243] ? __pfx___sys_sendmsg+0x10/0x10 [ 622.086692][T13243] ? sched_clock_cpu+0x6c/0x530 [ 622.086731][T13243] do_syscall_64+0xcd/0xfa0 [ 622.086768][T13243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 622.086791][T13243] RIP: 0033:0x7f19c738eec9 [ 622.086809][T13243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 622.086831][T13243] RSP: 002b:00007f19c8179038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 622.086853][T13243] RAX: ffffffffffffffda RBX: 00007f19c75e5fa0 RCX: 00007f19c738eec9 [ 622.086868][T13243] RDX: 0000000000000800 RSI: 0000200000000080 RDI: 0000000000000003 [ 622.086882][T13243] RBP: 00007f19c8179090 R08: 0000000000000000 R09: 0000000000000000 [ 622.086896][T13243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 622.086910][T13243] R13: 00007f19c75e6038 R14: 00007f19c75e5fa0 R15: 00007ffd0c6c4fc8 [ 622.086940][T13243] [ 622.867072][T13258] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 623.101508][T13259] CIFS: VFS: Invalid SecurityFlags: [ 623.245877][T13253] can: request_module (can-proto-0) failed. [ 623.541061][T13271] random: crng reseeded on system resumption [ 623.592462][T13271] Restarting kernel threads ... [ 623.603627][T13271] Done restarting kernel threads. [ 625.163646][T13300] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1561'. [ 627.290741][T13344] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1570'. [ 627.413608][T13344] futex_wake_op: syz.0.1570 tries to shift op by -2048; fix this program [ 627.466557][T13348] 0x000000000001-0x000000020000 : "" [ 627.557111][T13348] ftl_cs: FTL header corrupt! [ 628.026895][T13357] openvswitch: netlink: Message has 8 unknown bytes. [ 628.985724][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.003914][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.122859][T13374] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1577'. [ 629.240558][T13378] snd_aloop snd_aloop.0: control 7:-2147483391:4::2 is already present [ 634.220833][T13452] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1593'. [ 635.564315][T13469] FAULT_INJECTION: forcing a failure. [ 635.564315][T13469] name failslab, interval 1, probability 0, space 0, times 0 [ 635.684760][T13469] CPU: 0 UID: 0 PID: 13469 Comm: syz.0.1598 Not tainted syzkaller #0 PREEMPT(full) [ 635.684791][T13469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 635.684805][T13469] Call Trace: [ 635.684812][T13469] [ 635.684820][T13469] dump_stack_lvl+0x16c/0x1f0 [ 635.684861][T13469] should_fail_ex+0x512/0x640 [ 635.684896][T13469] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 635.684932][T13469] should_failslab+0xc2/0x120 [ 635.684955][T13469] kmem_cache_alloc_node_noprof+0x78/0x770 [ 635.684987][T13469] ? copy_process+0x4b5/0x76a0 [ 635.685029][T13469] ? copy_process+0x4b5/0x76a0 [ 635.685064][T13469] copy_process+0x4b5/0x76a0 [ 635.685113][T13469] ? __pfx_copy_process+0x10/0x10 [ 635.685163][T13469] ? _copy_from_user+0x59/0xd0 [ 635.685189][T13469] kernel_clone+0xfc/0x930 [ 635.685224][T13469] ? get_pid_task+0xfc/0x250 [ 635.685248][T13469] ? __pfx_kernel_clone+0x10/0x10 [ 635.685300][T13469] __do_sys_clone3+0x212/0x290 [ 635.685321][T13469] ? __pfx___do_sys_clone3+0x10/0x10 [ 635.685356][T13469] ? __fget_files+0x20e/0x3c0 [ 635.685407][T13469] do_syscall_64+0xcd/0xfa0 [ 635.685442][T13469] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.685465][T13469] RIP: 0033:0x7f25c918eec9 [ 635.685483][T13469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 635.685506][T13469] RSP: 002b:00007f25c73b3f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 635.685527][T13469] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f25c918eec9 [ 635.685542][T13469] RDX: 00007f25c73b3f20 RSI: 0000000000000058 RDI: 00007f25c73b3f20 [ 635.685556][T13469] RBP: 00007f25c73b4090 R08: 0000000000000000 R09: 0000000000000058 [ 635.685570][T13469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 635.685584][T13469] R13: 00007f25c93e6218 R14: 00007f25c93e6180 R15: 00007fffafa1a4c8 [ 635.685614][T13469] [ 637.104503][T13490] random: crng reseeded on system resumption [ 637.472411][T13497] random: crng reseeded on system resumption [ 637.535205][T13497] FAULT_INJECTION: forcing a failure. [ 637.535205][T13497] name failslab, interval 1, probability 0, space 0, times 0 [ 637.589552][T13497] CPU: 0 UID: 0 PID: 13497 Comm: syz.0.1607 Not tainted syzkaller #0 PREEMPT(full) [ 637.589581][T13497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 637.589594][T13497] Call Trace: [ 637.589601][T13497] [ 637.589609][T13497] dump_stack_lvl+0x16c/0x1f0 [ 637.589672][T13497] should_fail_ex+0x512/0x640 [ 637.589709][T13497] ? __kmalloc_cache_noprof+0x5f/0x780 [ 637.589741][T13497] should_failslab+0xc2/0x120 [ 637.589775][T13497] __kmalloc_cache_noprof+0x72/0x780 [ 637.589802][T13497] ? do_raw_spin_lock+0x12c/0x2b0 [ 637.589846][T13497] ? alloc_fdtable+0xbd/0x2d0 [ 637.589876][T13497] ? alloc_fdtable+0xbd/0x2d0 [ 637.589909][T13497] alloc_fdtable+0xbd/0x2d0 [ 637.589939][T13497] dup_fd+0x83b/0xb90 [ 637.589978][T13497] __do_sys_close_range+0x4ca/0x730 [ 637.590015][T13497] ? __pfx___do_sys_close_range+0x10/0x10 [ 637.590057][T13497] do_syscall_64+0xcd/0xfa0 [ 637.590093][T13497] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.590117][T13497] RIP: 0033:0x7f25c918eec9 [ 637.590134][T13497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 637.590157][T13497] RSP: 002b:00007f25c73f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 637.590178][T13497] RAX: ffffffffffffffda RBX: 00007f25c93e5fa0 RCX: 00007f25c918eec9 [ 637.590194][T13497] RDX: 0000000000000006 RSI: ffffffffffffffff RDI: ffffffffffffffff [ 637.590208][T13497] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 637.590221][T13497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 637.590239][T13497] R13: 00007f25c93e6038 R14: 00007f25c93e5fa0 R15: 00007fffafa1a4c8 [ 637.590268][T13497] [ 637.764209][ C0] vkms_vblank_simulate: vblank timer overrun [ 638.524901][T13504] can: request_module (can-proto-0) failed. [ 638.813925][T13508] CIFS: VFS: Invalid SecurityFlags: 0x00 [ 639.262311][T13520] overlayfs: "check_copy_up" module option is obsolete [ 639.671088][T13524] Line length is too long: Should be less than 4094 [ 642.655984][T13572] Console: switching to colour frame buffer device 4x6 [ 643.068861][T13589] FAULT_INJECTION: forcing a failure. [ 643.068861][T13589] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 643.133934][T13589] CPU: 0 UID: 0 PID: 13589 Comm: syz.0.1628 Not tainted syzkaller #0 PREEMPT(full) [ 643.133965][T13589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 643.133978][T13589] Call Trace: [ 643.133985][T13589] [ 643.133994][T13589] dump_stack_lvl+0x16c/0x1f0 [ 643.134033][T13589] should_fail_ex+0x512/0x640 [ 643.134075][T13589] _copy_to_user+0x32/0xd0 [ 643.134099][T13589] simple_read_from_buffer+0xcb/0x170 [ 643.134130][T13589] proc_fail_nth_read+0x197/0x240 [ 643.134165][T13589] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 643.134200][T13589] ? rw_verify_area+0xcf/0x6c0 [ 643.134228][T13589] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 643.134261][T13589] vfs_read+0x1e4/0xcf0 [ 643.134296][T13589] ? __pfx___mutex_lock+0x10/0x10 [ 643.134333][T13589] ? __pfx_vfs_read+0x10/0x10 [ 643.134394][T13589] ? __fget_files+0x20e/0x3c0 [ 643.134432][T13589] ksys_read+0x12a/0x250 [ 643.134463][T13589] ? __pfx_ksys_read+0x10/0x10 [ 643.134494][T13589] ? fput+0x9b/0xd0 [ 643.134519][T13589] do_syscall_64+0xcd/0xfa0 [ 643.134555][T13589] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.134577][T13589] RIP: 0033:0x7f25c918d8dc [ 643.134595][T13589] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 643.134615][T13589] RSP: 002b:00007f25c73f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 643.134636][T13589] RAX: ffffffffffffffda RBX: 00007f25c93e5fa0 RCX: 00007f25c918d8dc [ 643.134650][T13589] RDX: 000000000000000f RSI: 00007f25c73f60a0 RDI: 0000000000000007 [ 643.134664][T13589] RBP: 00007f25c73f6090 R08: 0000000000000000 R09: 0000000000000000 [ 643.134677][T13589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 643.134689][T13589] R13: 00007f25c93e6038 R14: 00007f25c93e5fa0 R15: 00007fffafa1a4c8 [ 643.134718][T13589] [ 643.318018][ C0] vkms_vblank_simulate: vblank timer overrun [ 643.383555][T13594] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1629'. [ 643.393585][T13594] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1629'. [ 643.404719][T13594] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1629'. [ 643.416644][T13594] futex_wake_op: syz.1.1629 tries to shift op by -2048; fix this program [ 643.425822][T13594] 0x000000000001-0x000000020000 : "" [ 643.610812][T13594] ftl_cs: FTL header corrupt! [ 644.151107][T13607] usb usb23: usbfs: interface 0 claimed by hub while 'syz.1.1632' sets config #0 [ 645.989186][ T5147] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 645.989217][ T5147] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 646.004524][ T5147] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 646.004549][ T5147] Bluetooth: hci0: adv larger than maximum supported [ 646.012390][ T5147] Bluetooth: hci0: adv larger than maximum supported [ 646.019095][ T5147] Bluetooth: hci0: Malformed LE Event: 0x0d [ 646.479157][T13651] netlink: zone id is out of range [ 646.536135][T13651] netlink: zone id is out of range [ 646.550934][T13631] zswap: compressor not available [ 646.693579][T13651] netlink: zone id is out of range [ 646.767891][T13655] ubi0: attaching mtd0 [ 646.832852][T13655] ubi0: scanning is finished [ 646.889203][T13655] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 646.897901][T13651] netlink: zone id is out of range [ 647.046710][T13651] netlink: zone id is out of range [ 647.135148][T13651] netlink: zone id is out of range [ 647.193884][T13655] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 647.248372][T13664] can: request_module (can-proto-0) failed. [ 647.272410][T13651] netlink: zone id is out of range [ 647.308376][T13651] netlink: zone id is out of range [ 647.313534][T13651] netlink: zone id is out of range [ 647.369107][T13651] netlink: zone id is out of range [ 647.626741][T13667] CIFS: VFS: Invalid SecurityFlags: 0x00 [ 647.936891][T13676] can: request_module (can-proto-0) failed. [ 648.224521][T13684] CIFS: VFS: Invalid SecurityFlags: 0x00 [ 649.119463][T13698] FAULT_INJECTION: forcing a failure. [ 649.119463][T13698] name failslab, interval 1, probability 0, space 0, times 0 [ 649.230365][T13698] CPU: 0 UID: 0 PID: 13698 Comm: syz.3.1650 Not tainted syzkaller #0 PREEMPT(full) [ 649.230396][T13698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 649.230409][T13698] Call Trace: [ 649.230417][T13698] [ 649.230425][T13698] dump_stack_lvl+0x16c/0x1f0 [ 649.230464][T13698] should_fail_ex+0x512/0x640 [ 649.230500][T13698] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 649.230539][T13698] should_failslab+0xc2/0x120 [ 649.230561][T13698] __kvmalloc_node_noprof+0x141/0x9c0 [ 649.230598][T13698] ? alloc_fdtable+0x17f/0x2d0 [ 649.230632][T13698] ? alloc_fdtable+0x17f/0x2d0 [ 649.230659][T13698] alloc_fdtable+0x17f/0x2d0 [ 649.230688][T13698] dup_fd+0x83b/0xb90 [ 649.230733][T13698] __do_sys_close_range+0x4ca/0x730 [ 649.230769][T13698] ? __pfx___do_sys_close_range+0x10/0x10 [ 649.230811][T13698] do_syscall_64+0xcd/0xfa0 [ 649.230848][T13698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 649.230871][T13698] RIP: 0033:0x7f794118eec9 [ 649.230889][T13698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 649.230911][T13698] RSP: 002b:00007f793f3f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 649.230932][T13698] RAX: ffffffffffffffda RBX: 00007f79413e5fa0 RCX: 00007f794118eec9 [ 649.230947][T13698] RDX: 0000000000000006 RSI: ffffffffffffffff RDI: ffffffffffffffff [ 649.230961][T13698] RBP: 00007f7941211f91 R08: 0000000000000000 R09: 0000000000000000 [ 649.230975][T13698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 649.230988][T13698] R13: 00007f79413e6038 R14: 00007f79413e5fa0 R15: 00007ffdd020fbb8 [ 649.231017][T13698] [ 652.242869][T13764] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1659'. [ 652.917736][T13776] FAULT_INJECTION: forcing a failure. [ 652.917736][T13776] name failslab, interval 1, probability 0, space 0, times 0 [ 652.977990][T13776] CPU: 0 UID: 0 PID: 13776 Comm: syz.1.1663 Not tainted syzkaller #0 PREEMPT(full) [ 652.978023][T13776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 652.978038][T13776] Call Trace: [ 652.978045][T13776] [ 652.978054][T13776] dump_stack_lvl+0x16c/0x1f0 [ 652.978094][T13776] should_fail_ex+0x512/0x640 [ 652.978131][T13776] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 652.978165][T13776] ? __pfx_ptdump_open+0x10/0x10 [ 652.978190][T13776] should_failslab+0xc2/0x120 [ 652.978213][T13776] kmem_cache_alloc_noprof+0x75/0x6e0 [ 652.978244][T13776] ? seq_open+0x55/0x170 [ 652.978270][T13776] ? __pfx_ptdump_open+0x10/0x10 [ 652.978294][T13776] ? __pfx_ptdump_show+0x10/0x10 [ 652.978318][T13776] ? seq_open+0x55/0x170 [ 652.978337][T13776] seq_open+0x55/0x170 [ 652.978358][T13776] ? __pfx_ptdump_show+0x10/0x10 [ 652.978383][T13776] single_open+0xfc/0x1f0 [ 652.978407][T13776] full_proxy_open_regular+0x1b9/0x360 [ 652.978435][T13776] do_dentry_open+0x982/0x1530 [ 652.978481][T13776] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 652.978512][T13776] vfs_open+0x82/0x3f0 [ 652.978541][T13776] path_openat+0x1de4/0x2cb0 [ 652.978587][T13776] ? __pfx_path_openat+0x10/0x10 [ 652.978623][T13776] ? __lock_acquire+0xb8a/0x1c90 [ 652.978650][T13776] do_filp_open+0x20b/0x470 [ 652.978687][T13776] ? __pfx_do_filp_open+0x10/0x10 [ 652.978743][T13776] ? alloc_fd+0x471/0x7d0 [ 652.978783][T13776] do_sys_openat2+0x11b/0x1d0 [ 652.978811][T13776] ? __pfx_do_sys_openat2+0x10/0x10 [ 652.978849][T13776] __x64_sys_openat+0x174/0x210 [ 652.978875][T13776] ? __pfx___x64_sys_openat+0x10/0x10 [ 652.978914][T13776] do_syscall_64+0xcd/0xfa0 [ 652.978951][T13776] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.978975][T13776] RIP: 0033:0x7fecaf38eec9 [ 652.978994][T13776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 652.979017][T13776] RSP: 002b:00007fecb017c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 652.979039][T13776] RAX: ffffffffffffffda RBX: 00007fecaf5e5fa0 RCX: 00007fecaf38eec9 [ 652.979055][T13776] RDX: 0000000000000102 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 652.979069][T13776] RBP: 00007fecaf411f91 R08: 0000000000000000 R09: 0000000000000000 [ 652.979083][T13776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 652.979097][T13776] R13: 00007fecaf5e6038 R14: 00007fecaf5e5fa0 R15: 00007fff3343a3b8 [ 652.979127][T13776] [ 654.909198][T13804] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1671'. [ 655.045226][T13801] futex_wake_op: syz.0.1671 tries to shift op by -2048; fix this program [ 655.074500][T13801] 0x000000000001-0x000000020000 : "" [ 655.110753][T13801] ftl_cs: FTL header corrupt! [ 656.830103][T13830] netlink: 'syz.2.1677': attribute type 6 has an invalid length. [ 656.928135][T13830] netlink: 13 bytes leftover after parsing attributes in process `syz.2.1677'. [ 657.408584][T13839] FAULT_INJECTION: forcing a failure. [ 657.408584][T13839] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 657.476512][T13839] CPU: 0 UID: 0 PID: 13839 Comm: syz.0.1681 Not tainted syzkaller #0 PREEMPT(full) [ 657.476543][T13839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 657.476557][T13839] Call Trace: [ 657.476564][T13839] [ 657.476573][T13839] dump_stack_lvl+0x16c/0x1f0 [ 657.476612][T13839] should_fail_ex+0x512/0x640 [ 657.476653][T13839] _copy_to_user+0x32/0xd0 [ 657.476677][T13839] simple_read_from_buffer+0xcb/0x170 [ 657.476708][T13839] proc_fail_nth_read+0x197/0x240 [ 657.476742][T13839] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 657.476776][T13839] ? rw_verify_area+0xcf/0x6c0 [ 657.476805][T13839] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 657.476837][T13839] vfs_read+0x1e4/0xcf0 [ 657.476873][T13839] ? __pfx___mutex_lock+0x10/0x10 [ 657.476910][T13839] ? __pfx_vfs_read+0x10/0x10 [ 657.476949][T13839] ? __fget_files+0x20e/0x3c0 [ 657.476988][T13839] ksys_read+0x12a/0x250 [ 657.477019][T13839] ? __pfx_ksys_read+0x10/0x10 [ 657.477060][T13839] do_syscall_64+0xcd/0xfa0 [ 657.477097][T13839] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 657.477121][T13839] RIP: 0033:0x7f25c918d8dc [ 657.477139][T13839] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 657.477168][T13839] RSP: 002b:00007f25c73f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 657.477190][T13839] RAX: ffffffffffffffda RBX: 00007f25c93e5fa0 RCX: 00007f25c918d8dc [ 657.477205][T13839] RDX: 000000000000000f RSI: 00007f25c73f60a0 RDI: 0000000000000004 [ 657.477219][T13839] RBP: 00007f25c73f6090 R08: 0000000000000000 R09: 0000000000000000 [ 657.477233][T13839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 657.477259][T13839] R13: 00007f25c93e6038 R14: 00007f25c93e5fa0 R15: 00007fffafa1a4c8 [ 657.477288][T13839] [ 657.939742][T13847] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1680'. [ 658.122690][T13854] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1683'. [ 658.205361][T13852] futex_wake_op: syz.1.1683 tries to shift op by -2048; fix this program [ 658.226668][T13852] 0x000000000001-0x000000020000 : "" [ 658.246408][T13852] ftl_cs: FTL header corrupt! [ 660.141286][T13890] ptrace attach of "./syz-executor exec"[5824] was attempted by "./syz-executor exec"[13890] [ 661.321920][T13903] ubi0: attaching mtd0 [ 661.327435][T13903] ubi0: scanning is finished [ 661.375358][T13903] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 661.580919][T13903] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 662.090974][T13920] FAULT_INJECTION: forcing a failure. [ 662.090974][T13920] name failslab, interval 1, probability 0, space 0, times 0 [ 662.145650][T13920] CPU: 0 UID: 0 PID: 13920 Comm: syz.1.1701 Not tainted syzkaller #0 PREEMPT(full) [ 662.145681][T13920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 662.145693][T13920] Call Trace: [ 662.145700][T13920] [ 662.145709][T13920] dump_stack_lvl+0x16c/0x1f0 [ 662.145751][T13920] should_fail_ex+0x512/0x640 [ 662.145784][T13920] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 662.145820][T13920] should_failslab+0xc2/0x120 [ 662.145840][T13920] __kvmalloc_node_noprof+0x141/0x9c0 [ 662.145875][T13920] ? alloc_fdtable+0x17f/0x2d0 [ 662.145907][T13920] ? alloc_fdtable+0x17f/0x2d0 [ 662.145932][T13920] alloc_fdtable+0x17f/0x2d0 [ 662.145959][T13920] dup_fd+0x83b/0xb90 [ 662.145996][T13920] __do_sys_close_range+0x4ca/0x730 [ 662.146033][T13920] ? __pfx___do_sys_close_range+0x10/0x10 [ 662.146091][T13920] do_syscall_64+0xcd/0xfa0 [ 662.146129][T13920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 662.146154][T13920] RIP: 0033:0x7fecaf38eec9 [ 662.146172][T13920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 662.146195][T13920] RSP: 002b:00007fecb017c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 662.146218][T13920] RAX: ffffffffffffffda RBX: 00007fecaf5e5fa0 RCX: 00007fecaf38eec9 [ 662.146233][T13920] RDX: 0000000000000006 RSI: ffffffffffffffff RDI: ffffffffffffffff [ 662.146248][T13920] RBP: 00007fecaf411f91 R08: 0000000000000000 R09: 0000000000000000 [ 662.146262][T13920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 662.146276][T13920] R13: 00007fecaf5e6038 R14: 00007fecaf5e5fa0 R15: 00007fff3343a3b8 [ 662.146306][T13920] [ 662.762085][T13925] FAULT_INJECTION: forcing a failure. [ 662.762085][T13925] name failslab, interval 1, probability 0, space 0, times 0 [ 662.878678][T13925] CPU: 0 UID: 0 PID: 13925 Comm: syz.2.1703 Not tainted syzkaller #0 PREEMPT(full) [ 662.878707][T13925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 662.878720][T13925] Call Trace: [ 662.878727][T13925] [ 662.878735][T13925] dump_stack_lvl+0x16c/0x1f0 [ 662.878772][T13925] should_fail_ex+0x512/0x640 [ 662.878805][T13925] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 662.878837][T13925] should_failslab+0xc2/0x120 [ 662.878858][T13925] kmem_cache_alloc_noprof+0x75/0x6e0 [ 662.878886][T13925] ? security_file_alloc+0x34/0x2b0 [ 662.878919][T13925] ? security_file_alloc+0x34/0x2b0 [ 662.878946][T13925] security_file_alloc+0x34/0x2b0 [ 662.878974][T13925] init_file+0x93/0x4c0 [ 662.878995][T13925] alloc_empty_file+0x73/0x1e0 [ 662.879017][T13925] path_openat+0xda/0x2cb0 [ 662.879056][T13925] ? __pfx_path_openat+0x10/0x10 [ 662.879087][T13925] ? __lock_acquire+0xb8a/0x1c90 [ 662.879112][T13925] do_filp_open+0x20b/0x470 [ 662.879161][T13925] ? __pfx_do_filp_open+0x10/0x10 [ 662.879214][T13925] ? alloc_fd+0x471/0x7d0 [ 662.879251][T13925] do_sys_openat2+0x11b/0x1d0 [ 662.879276][T13925] ? __pfx_do_sys_openat2+0x10/0x10 [ 662.879299][T13925] ? fput+0x9b/0xd0 [ 662.879320][T13925] ? __sys_sendmsg+0x18c/0x220 [ 662.879362][T13925] __x64_sys_openat+0x174/0x210 [ 662.879388][T13925] ? __pfx___x64_sys_openat+0x10/0x10 [ 662.879453][T13925] do_syscall_64+0xcd/0xfa0 [ 662.879490][T13925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 662.879514][T13925] RIP: 0033:0x7f19c738eec9 [ 662.879531][T13925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 662.879553][T13925] RSP: 002b:00007f19c8179038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 662.879574][T13925] RAX: ffffffffffffffda RBX: 00007f19c75e5fa0 RCX: 00007f19c738eec9 [ 662.879589][T13925] RDX: 0000000000109001 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 662.879604][T13925] RBP: 00007f19c7411f91 R08: 0000000000000000 R09: 0000000000000000 [ 662.879617][T13925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 662.879631][T13925] R13: 00007f19c75e6038 R14: 00007f19c75e5fa0 R15: 00007ffd0c6c4fc8 [ 662.879666][T13925] [ 664.310011][T13956] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input23 [ 664.672912][ T5147] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 664.672940][ T5147] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 664.688062][ T5147] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 664.688086][ T5147] Bluetooth: hci0: adv larger than maximum supported [ 664.695381][ T5147] Bluetooth: hci0: Malformed LE Event: 0x0d [ 665.035370][T13961] zswap: compressor not available [ 668.118071][ T5147] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 668.118102][ T5147] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 668.133283][ T5147] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 668.133307][ T5147] Bluetooth: hci1: adv larger than maximum supported [ 668.142199][ T5147] Bluetooth: hci1: adv larger than maximum supported [ 668.149113][ T5147] Bluetooth: hci1: Malformed LE Event: 0x0d [ 668.424572][T14026] netlink: 'syz.3.1725': attribute type 1 has an invalid length. [ 668.645362][T14020] zswap: compressor not available [ 669.512570][T14026] syz.3.1725: vmalloc error: size 268435456, failed to allocated page array size 524288, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 669.623222][T14026] CPU: 0 UID: 0 PID: 14026 Comm: syz.3.1725 Not tainted syzkaller #0 PREEMPT(full) [ 669.623254][T14026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 669.623268][T14026] Call Trace: [ 669.623276][T14026] [ 669.623284][T14026] dump_stack_lvl+0x16c/0x1f0 [ 669.623337][T14026] warn_alloc+0x248/0x3a0 [ 669.623369][T14026] ? __pfx_warn_alloc+0x10/0x10 [ 669.623410][T14026] ? packet_set_ring+0xb4c/0x17e0 [ 669.623436][T14026] ? __vmalloc_node_noprof+0xad/0xf0 [ 669.623466][T14026] __vmalloc_node_range_noprof+0xfe2/0x1480 [ 669.623501][T14026] ? packet_set_ring+0xb4c/0x17e0 [ 669.623534][T14026] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 669.623560][T14026] ? alloc_pages_mpol+0x25a/0x550 [ 669.623583][T14026] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 669.623605][T14026] ? rcu_is_watching+0x12/0xc0 [ 669.623640][T14026] ? packet_set_ring+0xb4c/0x17e0 [ 669.623672][T14026] __vmalloc_node_noprof+0xad/0xf0 [ 669.623696][T14026] ? packet_set_ring+0xb4c/0x17e0 [ 669.623725][T14026] packet_set_ring+0xb4c/0x17e0 [ 669.623762][T14026] packet_setsockopt+0x121b/0x33c0 [ 669.623792][T14026] ? __pfx___might_resched+0x10/0x10 [ 669.623825][T14026] ? __lock_acquire+0x622/0x1c90 [ 669.623849][T14026] ? __pfx_packet_setsockopt+0x10/0x10 [ 669.623878][T14026] ? aa_sk_perm+0x2f4/0xb10 [ 669.623908][T14026] ? file_init_path+0x4fe/0x760 [ 669.623932][T14026] ? __pfx_aa_sk_perm+0x10/0x10 [ 669.623962][T14026] ? find_held_lock+0x2b/0x80 [ 669.623994][T14026] ? aa_sock_opt_perm+0xfd/0x1c0 [ 669.624030][T14026] ? __pfx_packet_setsockopt+0x10/0x10 [ 669.624061][T14026] do_sock_setsockopt+0xf3/0x1d0 [ 669.624087][T14026] __sys_setsockopt+0x120/0x1a0 [ 669.624123][T14026] __x64_sys_setsockopt+0xbd/0x160 [ 669.624174][T14026] ? do_syscall_64+0x91/0xfa0 [ 669.624208][T14026] ? lockdep_hardirqs_on+0x7c/0x110 [ 669.624244][T14026] do_syscall_64+0xcd/0xfa0 [ 669.624281][T14026] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 669.624305][T14026] RIP: 0033:0x7f794118eec9 [ 669.624323][T14026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 669.624347][T14026] RSP: 002b:00007f793f3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 669.624369][T14026] RAX: ffffffffffffffda RBX: 00007f79413e5fa0 RCX: 00007f794118eec9 [ 669.624384][T14026] RDX: 0000000000000005 RSI: 0000000000000107 RDI: 000000000000000a [ 669.624399][T14026] RBP: 00007f7941211f91 R08: 000000000000ce24 R09: 0000000000000000 [ 669.624413][T14026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 669.624427][T14026] R13: 00007f79413e6038 R14: 00007f79413e5fa0 R15: 00007ffdd020fbb8 [ 669.624458][T14026] [ 669.624466][T14026] Mem-Info: [ 670.413946][T14046] can: request_module (can-proto-0) failed. [ 670.767208][T14026] active_anon:9184 inactive_anon:13205 isolated_anon:0 [ 670.767208][T14026] active_file:21592 inactive_file:39028 isolated_file:0 [ 670.767208][T14026] unevictable:1851 dirty:909 writeback:0 [ 670.767208][T14026] slab_reclaimable:11817 slab_unreclaimable:96783 [ 670.767208][T14026] mapped:36044 shmem:11360 pagetables:1194 [ 670.767208][T14026] sec_pagetables:0 bounce:0 [ 670.767208][T14026] kernel_misc_reclaimable:0 [ 670.767208][T14026] free:1275494 free_pcp:31448 free_cma:0 [ 670.952321][T14055] CIFS: VFS: Invalid SecurityFlags: 0x00 [ 670.963362][T14026] Node 0 active_anon:36736kB inactive_anon:53080kB active_file:86364kB inactive_file:155972kB unevictable:5868kB isolated(anon):0kB isolated(file):0kB mapped:145940kB dirty:3632kB writeback:0kB shmem:44216kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11088kB pagetables:4648kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 671.144590][T14026] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:140kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 671.307815][T14026] Node 0 DMA free:15356kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 671.424483][T14064] can: request_module (can-proto-0) failed. [ 671.453246][T14026] lowmem_reserve[]: 0 2483 2485 2485 2485 [ 671.488422][T14026] Node 0 DMA32 free:1244500kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36736kB inactive_anon:60200kB active_file:89052kB inactive_file:156252kB unevictable:1536kB writepending:3648kB zspages:0kB present:3129332kB managed:2543608kB mlocked:0kB bounce:0kB free_pcp:54288kB local_pcp:54288kB free_cma:0kB [ 671.660011][T14026] lowmem_reserve[]: 0 0 1 1 1 [ 671.686469][T14026] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 671.733779][T14067] CIFS: VFS: Invalid SecurityFlags: 0x00 [ 671.835344][T14026] lowmem_reserve[]: 0 0 0 0 0 [ 671.850379][T14026] Node 1 Normal free:3843124kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:144kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:64128kB local_pcp:64128kB free_cma:0kB [ 672.001636][T14026] lowmem_reserve[]: 0 0 0 0 0 [ 672.046145][T14026] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15356kB [ 672.141378][T14026] Node 0 DMA32: 7431*4kB (ME) 860*8kB (UME) 2089*16kB (UME) 1710*32kB (UM) 876*64kB (UM) 517*128kB (UME) 321*256kB (UM) 189*512kB (UME) 79*1024kB (UME) 6*2048kB (UM) 178*4096kB (M) = 1248204kB [ 672.235955][T14026] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 672.290998][T14026] Node 1 Normal: 193*4kB (UE) 26*8kB (UE) 22*16kB (UE) 186*32kB (UE) 115*64kB (UE) 36*128kB (UE) 17*256kB (UME) 10*512kB (UME) 5*1024kB (UM) 2*2048kB (UE) 929*4096kB (UM) = 3843124kB [ 672.393941][T14026] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 672.438777][T14026] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 672.483193][T14026] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 672.533083][T14026] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 672.576838][T14026] 75447 total pagecache pages [ 672.599960][T14026] 0 pages in swap cache [ 672.626720][T14026] Free swap = 124996kB [ 672.650323][T14026] Total swap = 124996kB [ 672.671567][T14026] 2097051 pages RAM [ 672.702061][T14026] 0 pages HighMem/MovableOnly [ 672.721985][T14026] 429059 pages reserved [ 672.737113][T14026] 0 pages cma reserved [ 674.901564][T14108] futex_wake_op: syz.1.1745 tries to shift op by -2048; fix this program [ 674.944740][T14108] 0x000000000001-0x000000020000 : "" [ 674.979482][T14108] ftl_cs: FTL header corrupt! [ 675.428423][T14118] net_ratelimit: 35 callbacks suppressed [ 675.428442][T14118] openvswitch: netlink: Message has 8 unknown bytes. [ 676.735541][T14137] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1752'. [ 676.801148][T14135] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1752'. [ 677.332411][T14142] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1754'. [ 677.581895][T14142] HfR: entered promiscuous mode [ 678.601092][T14160] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 678.834220][T14168] HfR: entered promiscuous mode [ 680.053125][T14183] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1762'. [ 680.475816][T14190] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 682.975012][T14233] netlink: 'syz.0.1771': attribute type 33 has an invalid length. [ 683.201649][T14245] ICMPv6: process `syz.2.1774' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 683.380597][T14242] futex_wake_op: syz.3.1775 tries to shift op by -2048; fix this program [ 683.415607][T14242] 0x000000000001-0x000000020000 : "" [ 683.476363][T14242] ftl_cs: FTL header corrupt! [ 683.553122][T14248] FAULT_INJECTION: forcing a failure. [ 683.553122][T14248] name failslab, interval 1, probability 0, space 0, times 0 [ 683.675738][T14248] CPU: 0 UID: 0 PID: 14248 Comm: syz.0.1776 Not tainted syzkaller #0 PREEMPT(full) [ 683.675768][T14248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 683.675799][T14248] Call Trace: [ 683.675805][T14248] [ 683.675813][T14248] dump_stack_lvl+0x16c/0x1f0 [ 683.675850][T14248] should_fail_ex+0x512/0x640 [ 683.675884][T14248] ? fs_reclaim_acquire+0xae/0x150 [ 683.675908][T14248] should_failslab+0xc2/0x120 [ 683.675929][T14248] __kmalloc_noprof+0xdd/0x880 [ 683.675956][T14248] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 683.675993][T14248] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 683.676023][T14248] tomoyo_realpath_from_path+0xc2/0x6e0 [ 683.676058][T14248] ? tomoyo_profile+0x47/0x60 [ 683.676095][T14248] tomoyo_path_number_perm+0x245/0x580 [ 683.676119][T14248] ? tomoyo_path_number_perm+0x237/0x580 [ 683.676167][T14248] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 683.676196][T14248] ? find_held_lock+0x2b/0x80 [ 683.676253][T14248] ? find_held_lock+0x2b/0x80 [ 683.676289][T14248] ? hook_file_ioctl_common+0x145/0x410 [ 683.676326][T14248] ? __fget_files+0x20e/0x3c0 [ 683.676361][T14248] security_file_ioctl+0x9b/0x240 [ 683.676391][T14248] __x64_sys_ioctl+0xb7/0x210 [ 683.676419][T14248] do_syscall_64+0xcd/0xfa0 [ 683.676456][T14248] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 683.676480][T14248] RIP: 0033:0x7f25c918eec9 [ 683.676497][T14248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 683.676520][T14248] RSP: 002b:00007f25c73f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 683.676542][T14248] RAX: ffffffffffffffda RBX: 00007f25c93e5fa0 RCX: 00007f25c918eec9 [ 683.676557][T14248] RDX: 00002000000012c0 RSI: 00000000c4c85512 RDI: 0000000000000006 [ 683.676572][T14248] RBP: 00007f25c73f6090 R08: 0000000000000000 R09: 0000000000000000 [ 683.676586][T14248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 683.676599][T14248] R13: 00007f25c93e6038 R14: 00007f25c93e5fa0 R15: 00007fffafa1a4c8 [ 683.676630][T14248] [ 683.676638][T14248] ERROR: Out of memory at tomoyo_realpath_from_path. [ 684.279782][T14255] can: request_module (can-proto-0) failed. [ 684.458135][T14261] CIFS: VFS: Invalid SecurityFlags: 0x00 [ 684.753338][ T5147] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 684.753370][ T5147] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 684.768503][ T5147] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 684.768527][ T5147] Bluetooth: hci0: adv larger than maximum supported [ 684.778341][ T5147] Bluetooth: hci0: adv larger than maximum supported [ 684.785276][ T5147] Bluetooth: hci0: Malformed LE Event: 0x0d [ 685.243117][T14279] FAULT_INJECTION: forcing a failure. [ 685.243117][T14279] name failslab, interval 1, probability 0, space 0, times 0 [ 685.306603][T14272] zswap: compressor not available [ 685.336767][T14279] CPU: 0 UID: 0 PID: 14279 Comm: syz.0.1780 Not tainted syzkaller #0 PREEMPT(full) [ 685.336799][T14279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 685.336813][T14279] Call Trace: [ 685.336821][T14279] [ 685.336829][T14279] dump_stack_lvl+0x16c/0x1f0 [ 685.336868][T14279] should_fail_ex+0x512/0x640 [ 685.336906][T14279] ? __kmalloc_cache_noprof+0x5f/0x780 [ 685.336939][T14279] should_failslab+0xc2/0x120 [ 685.336962][T14279] __kmalloc_cache_noprof+0x72/0x780 [ 685.336992][T14279] ? sw_sync_ioctl+0x548/0xfd0 [ 685.337029][T14279] ? sw_sync_ioctl+0x548/0xfd0 [ 685.337060][T14279] sw_sync_ioctl+0x548/0xfd0 [ 685.337104][T14279] ? find_held_lock+0x2b/0x80 [ 685.337136][T14279] ? __pfx_sw_sync_ioctl+0x10/0x10 [ 685.337182][T14279] ? __pfx_sw_sync_ioctl+0x10/0x10 [ 685.337216][T14279] __x64_sys_ioctl+0x18e/0x210 [ 685.337245][T14279] do_syscall_64+0xcd/0xfa0 [ 685.337294][T14279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 685.337317][T14279] RIP: 0033:0x7f25c918eec9 [ 685.337335][T14279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 685.337357][T14279] RSP: 002b:00007f25c73d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 685.337389][T14279] RAX: ffffffffffffffda RBX: 00007f25c93e6090 RCX: 00007f25c918eec9 [ 685.337403][T14279] RDX: 0000000000000000 RSI: 00000000c0285700 RDI: 0000000000000008 [ 685.337416][T14279] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 685.337429][T14279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 685.337442][T14279] R13: 00007f25c93e6128 R14: 00007f25c93e6090 R15: 00007fffafa1a4c8 [ 685.337469][T14279] [ 687.812891][T14328] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1788'. [ 687.878139][T14325] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1788'. [ 689.730042][T14357] futex_wake_op: syz.0.1793 tries to shift op by -2048; fix this program [ 689.782812][T14357] 0x000000000001-0x000000020000 : "" [ 689.825155][ T5147] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 689.825183][ T5147] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 689.840275][ T5147] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 689.840318][ T5147] Bluetooth: hci2: adv larger than maximum supported [ 689.848545][ T5147] Bluetooth: hci2: adv larger than maximum supported [ 689.855430][ T5147] Bluetooth: hci2: Malformed LE Event: 0x0d [ 689.885357][T14357] ftl_cs: FTL header corrupt! [ 690.106020][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 690.112647][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 690.258848][T14360] zswap: compressor not available [ 693.565078][T14433] FAULT_INJECTION: forcing a failure. [ 693.565078][T14433] name failslab, interval 1, probability 0, space 0, times 0 [ 693.635798][T14433] CPU: 0 UID: 0 PID: 14433 Comm: syz.3.1807 Not tainted syzkaller #0 PREEMPT(full) [ 693.635828][T14433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 693.635841][T14433] Call Trace: [ 693.635848][T14433] [ 693.635856][T14433] dump_stack_lvl+0x16c/0x1f0 [ 693.635893][T14433] should_fail_ex+0x512/0x640 [ 693.635927][T14433] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 693.635962][T14433] should_failslab+0xc2/0x120 [ 693.635983][T14433] __kvmalloc_node_noprof+0x141/0x9c0 [ 693.636017][T14433] ? alloc_fdtable+0x17f/0x2d0 [ 693.636053][T14433] ? alloc_fdtable+0x17f/0x2d0 [ 693.636097][T14433] alloc_fdtable+0x17f/0x2d0 [ 693.636128][T14433] dup_fd+0x83b/0xb90 [ 693.636169][T14433] __do_sys_close_range+0x4ca/0x730 [ 693.636206][T14433] ? __pfx___do_sys_close_range+0x10/0x10 [ 693.636256][T14433] do_syscall_64+0xcd/0xfa0 [ 693.636294][T14433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.636318][T14433] RIP: 0033:0x7f794118eec9 [ 693.636337][T14433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 693.636360][T14433] RSP: 002b:00007f793f3f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 693.636383][T14433] RAX: ffffffffffffffda RBX: 00007f79413e5fa0 RCX: 00007f794118eec9 [ 693.636399][T14433] RDX: 0000000000000006 RSI: ffffffffffffffff RDI: ffffffffffffffff [ 693.636413][T14433] RBP: 00007f7941211f91 R08: 0000000000000000 R09: 0000000000000000 [ 693.636428][T14433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 693.636442][T14433] R13: 00007f79413e6038 R14: 00007f79413e5fa0 R15: 00007ffdd020fbb8 [ 693.636473][T14433] [ 694.766325][T14452] can: request_module (can-proto-0) failed. [ 695.882649][T14474] vhci_hcd: invalid port number 16 [ 695.894061][T14477] FAULT_INJECTION: forcing a failure. [ 695.894061][T14477] name failslab, interval 1, probability 0, space 0, times 0 [ 695.913624][T14474] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 695.949052][T14477] CPU: 0 UID: 0 PID: 14477 Comm: syz.0.1816 Not tainted syzkaller #0 PREEMPT(full) [ 695.949081][T14477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 695.949094][T14477] Call Trace: [ 695.949101][T14477] [ 695.949110][T14477] dump_stack_lvl+0x16c/0x1f0 [ 695.949161][T14477] should_fail_ex+0x512/0x640 [ 695.949195][T14477] ? __kmalloc_noprof+0xca/0x880 [ 695.949223][T14477] should_failslab+0xc2/0x120 [ 695.949245][T14477] __kmalloc_noprof+0xdd/0x880 [ 695.949271][T14477] ? sk_prot_alloc+0x1a8/0x2a0 [ 695.949298][T14477] ? sk_prot_alloc+0x1a8/0x2a0 [ 695.949318][T14477] sk_prot_alloc+0x1a8/0x2a0 [ 695.949343][T14477] sk_alloc+0x36/0xc20 [ 695.949374][T14477] __netlink_create+0x5e/0x2c0 [ 695.949402][T14477] ? __wake_up+0x3f/0x60 [ 695.949443][T14477] netlink_create+0x39e/0x620 [ 695.949472][T14477] ? __pfx_genl_bind+0x10/0x10 [ 695.949492][T14477] ? __pfx_genl_unbind+0x10/0x10 [ 695.949531][T14477] ? __pfx_genl_release+0x10/0x10 [ 695.949558][T14477] __sock_create+0x338/0x8d0 [ 695.949589][T14477] __sys_socket+0x14d/0x260 [ 695.949619][T14477] ? __pfx___sys_socket+0x10/0x10 [ 695.949646][T14477] ? xfd_validate_state+0x61/0x180 [ 695.949677][T14477] __x64_sys_socket+0x72/0xb0 [ 695.949703][T14477] ? lockdep_hardirqs_on+0x7c/0x110 [ 695.949737][T14477] do_syscall_64+0xcd/0xfa0 [ 695.949773][T14477] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.949796][T14477] RIP: 0033:0x7f25c918eec9 [ 695.949813][T14477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 695.949836][T14477] RSP: 002b:00007f25c73f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 695.949857][T14477] RAX: ffffffffffffffda RBX: 00007f25c93e5fa0 RCX: 00007f25c918eec9 [ 695.949872][T14477] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 695.949885][T14477] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 695.949899][T14477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 695.949912][T14477] R13: 00007f25c93e6038 R14: 00007f25c93e5fa0 R15: 00007fffafa1a4c8 [ 695.949942][T14477] [ 696.435916][T14488] futex_wake_op: syz.2.1818 tries to shift op by -2048; fix this program [ 696.467078][T14485] 0x000000000001-0x000000020000 : "" [ 696.514517][T14485] ftl_cs: FTL header corrupt! [ 697.564250][T14506] FAULT_INJECTION: forcing a failure. [ 697.564250][T14506] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 697.640566][T14506] CPU: 0 UID: 0 PID: 14506 Comm: syz.0.1823 Not tainted syzkaller #0 PREEMPT(full) [ 697.640596][T14506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 697.640610][T14506] Call Trace: [ 697.640617][T14506] [ 697.640625][T14506] dump_stack_lvl+0x16c/0x1f0 [ 697.640661][T14506] should_fail_ex+0x512/0x640 [ 697.640700][T14506] should_fail_alloc_page+0xe7/0x130 [ 697.640723][T14506] prepare_alloc_pages+0x3c2/0x610 [ 697.640743][T14506] ? rcu_is_watching+0x12/0xc0 [ 697.640777][T14506] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 697.640810][T14506] ? rcu_is_watching+0x12/0xc0 [ 697.640840][T14506] ? trace_mm_page_alloc+0x11f/0x1a0 [ 697.640867][T14506] ? __alloc_frozen_pages_noprof+0x292/0x2470 [ 697.640897][T14506] ? stack_trace_save+0x8e/0xc0 [ 697.640930][T14506] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 697.640970][T14506] ? kmem_cache_alloc_node_noprof+0x28a/0x770 [ 697.641000][T14506] ? __get_vm_area_node+0x1ca/0x330 [ 697.641020][T14506] ? __vmalloc_node_noprof+0xad/0xf0 [ 697.641041][T14506] ? __snd_dma_alloc_pages+0x53/0x90 [ 697.641072][T14506] ? snd_dma_alloc_dir_pages+0x151/0x240 [ 697.641103][T14506] ? do_alloc_pages+0x136/0x2d0 [ 697.641130][T14506] ? snd_pcm_lib_malloc_pages+0x3df/0x980 [ 697.641159][T14506] ? snd_pcm_hw_params+0x1656/0x1ba0 [ 697.641189][T14506] ? snd_pcm_kernel_ioctl+0x147/0x2e0 [ 697.641222][T14506] ? do_syscall_64+0xcd/0xfa0 [ 697.641252][T14506] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.641280][T14506] alloc_pages_bulk_noprof+0x71c/0x1410 [ 697.641308][T14506] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 697.641338][T14506] ? policy_nodemask+0xea/0x4e0 [ 697.641362][T14506] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 697.641393][T14506] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 697.641426][T14506] kasan_populate_vmalloc+0x112/0x2d0 [ 697.641457][T14506] ? alloc_vmap_area+0x8b5/0x29e0 [ 697.641495][T14506] alloc_vmap_area+0x960/0x29e0 [ 697.641541][T14506] ? __pfx_alloc_vmap_area+0x10/0x10 [ 697.641582][T14506] __get_vm_area_node+0x1ca/0x330 [ 697.641609][T14506] __vmalloc_node_range_noprof+0x271/0x1480 [ 697.641633][T14506] ? __snd_dma_alloc_pages+0x53/0x90 [ 697.641669][T14506] ? __pfx___mutex_trylock_common+0x10/0x10 [ 697.641694][T14506] ? __snd_dma_alloc_pages+0x53/0x90 [ 697.641726][T14506] ? rcu_is_watching+0x12/0xc0 [ 697.641755][T14506] ? trace_contention_end+0xdd/0x130 [ 697.641781][T14506] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 697.641810][T14506] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 697.641853][T14506] ? __snd_dma_alloc_pages+0x53/0x90 [ 697.641885][T14506] __vmalloc_node_noprof+0xad/0xf0 [ 697.641908][T14506] ? __snd_dma_alloc_pages+0x53/0x90 [ 697.641939][T14506] ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10 [ 697.641976][T14506] __snd_dma_alloc_pages+0x53/0x90 [ 697.642009][T14506] snd_dma_alloc_dir_pages+0x151/0x240 [ 697.642044][T14506] do_alloc_pages+0x136/0x2d0 [ 697.642078][T14506] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 697.642114][T14506] snd_pcm_hw_params+0x1656/0x1ba0 [ 697.642154][T14506] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 697.642184][T14506] ? snd_pcm_hw_param_near.constprop.0+0x72f/0x8e0 [ 697.642211][T14506] ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0 [ 697.642242][T14506] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 697.642269][T14506] ? __asan_memset+0x23/0x50 [ 697.642300][T14506] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 697.642333][T14506] snd_pcm_oss_change_params_locked+0x1432/0x3a30 [ 697.642373][T14506] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 697.642402][T14506] ? __pfx___mutex_lock+0x10/0x10 [ 697.642453][T14506] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 697.642485][T14506] snd_pcm_oss_get_formats+0x7e/0x340 [ 697.642509][T14506] ? find_held_lock+0x2b/0x80 [ 697.642538][T14506] ? __pfx_snd_pcm_oss_get_formats+0x10/0x10 [ 697.642563][T14506] ? __might_fault+0x13b/0x190 [ 697.642598][T14506] snd_pcm_oss_ioctl+0x2f24/0x37c0 [ 697.642625][T14506] ? find_held_lock+0x2b/0x80 [ 697.642653][T14506] ? hook_file_ioctl_common+0x145/0x410 [ 697.642681][T14506] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 697.642711][T14506] ? __fget_files+0x20e/0x3c0 [ 697.642743][T14506] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 697.642772][T14506] __x64_sys_ioctl+0x18e/0x210 [ 697.642797][T14506] do_syscall_64+0xcd/0xfa0 [ 697.642831][T14506] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.642862][T14506] RIP: 0033:0x7f25c918eec9 [ 697.642880][T14506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 697.642900][T14506] RSP: 002b:00007f25c73f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 697.642920][T14506] RAX: ffffffffffffffda RBX: 00007f25c93e5fa0 RCX: 00007f25c918eec9 [ 697.642934][T14506] RDX: 0000200000000100 RSI: 00000000c0045005 RDI: 0000000000000006 [ 697.642948][T14506] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 697.642961][T14506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 697.642974][T14506] R13: 00007f25c93e6038 R14: 00007f25c93e5fa0 R15: 00007fffafa1a4c8 [ 697.643002][T14506] [ 698.354212][T14511] FAULT_INJECTION: forcing a failure. [ 698.354212][T14511] name failslab, interval 1, probability 0, space 0, times 0 [ 698.366901][T14511] CPU: 0 UID: 0 PID: 14511 Comm: syz.2.1825 Not tainted syzkaller #0 PREEMPT(full) [ 698.366930][T14511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 698.366944][T14511] Call Trace: [ 698.366951][T14511] [ 698.366960][T14511] dump_stack_lvl+0x16c/0x1f0 [ 698.366999][T14511] should_fail_ex+0x512/0x640 [ 698.367035][T14511] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 698.367073][T14511] should_failslab+0xc2/0x120 [ 698.367096][T14511] __kvmalloc_node_noprof+0x141/0x9c0 [ 698.367130][T14511] ? bpf_lsm_capable+0x9/0x10 [ 698.367152][T14511] ? security_capable+0x7e/0x260 [ 698.367174][T14511] ? proc_sys_call_handler+0x286/0x570 [ 698.367198][T14511] ? ns_capable_noaudit+0xda/0x110 [ 698.367236][T14511] ? proc_sys_call_handler+0x286/0x570 [ 698.367259][T14511] proc_sys_call_handler+0x286/0x570 [ 698.367297][T14511] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 698.367322][T14511] ? copy_splice_read+0x1a8/0xc20 [ 698.367366][T14511] copy_splice_read+0x618/0xc20 [ 698.367398][T14511] ? __pfx_copy_splice_read+0x10/0x10 [ 698.367426][T14511] ? look_up_lock_class+0x6b/0x150 [ 698.367462][T14511] ? lockdep_init_map_type+0x5c/0x280 [ 698.367486][T14511] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 698.367517][T14511] ? __pfx_copy_splice_read+0x10/0x10 [ 698.367542][T14511] do_splice_read+0x285/0x370 [ 698.367571][T14511] splice_direct_to_actor+0x2a1/0xa30 [ 698.367599][T14511] ? __pfx_direct_splice_actor+0x10/0x10 [ 698.367648][T14511] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 698.367692][T14511] ? get_pid_task+0xfc/0x250 [ 698.367722][T14511] do_splice_direct+0x174/0x240 [ 698.367751][T14511] ? __pfx_do_splice_direct+0x10/0x10 [ 698.367780][T14511] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 698.367818][T14511] ? rw_verify_area+0xcf/0x6c0 [ 698.367849][T14511] do_sendfile+0xb06/0xe50 [ 698.367883][T14511] ? __pfx_do_sendfile+0x10/0x10 [ 698.367914][T14511] ? __fget_files+0x20e/0x3c0 [ 698.367950][T14511] __x64_sys_sendfile64+0x1d8/0x220 [ 698.367970][T14511] ? ksys_write+0x1ac/0x250 [ 698.368001][T14511] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 698.368031][T14511] do_syscall_64+0xcd/0xfa0 [ 698.368065][T14511] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 698.368088][T14511] RIP: 0033:0x7f19c738eec9 [ 698.368105][T14511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 698.368127][T14511] RSP: 002b:00007f19c8179038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 698.368147][T14511] RAX: ffffffffffffffda RBX: 00007f19c75e5fa0 RCX: 00007f19c738eec9 [ 698.368161][T14511] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 698.368175][T14511] RBP: 00007f19c8179090 R08: 0000000000000000 R09: 0000000000000000 [ 698.368188][T14511] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 698.368202][T14511] R13: 00007f19c75e6038 R14: 00007f19c75e5fa0 R15: 00007ffd0c6c4fc8 [ 698.368231][T14511] [ 699.530741][T14520] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1827'. [ 699.574788][T14519] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1827'. [ 700.276523][T14506] syz.0.1823: vmalloc error: size 2097152, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 700.408106][T14530] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input24 [ 700.438761][T14506] CPU: 0 UID: 0 PID: 14506 Comm: syz.0.1823 Not tainted syzkaller #0 PREEMPT(full) [ 700.438791][T14506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 700.438804][T14506] Call Trace: [ 700.438811][T14506] [ 700.438819][T14506] dump_stack_lvl+0x16c/0x1f0 [ 700.438856][T14506] warn_alloc+0x248/0x3a0 [ 700.438886][T14506] ? __pfx_warn_alloc+0x10/0x10 [ 700.438917][T14506] ? __get_vm_area_node+0x2cd/0x330 [ 700.438953][T14506] ? __get_vm_area_node+0x2cd/0x330 [ 700.438989][T14506] ? __get_vm_area_node+0x1dc/0x330 [ 700.439009][T14506] ? __get_vm_area_node+0x208/0x330 [ 700.439036][T14506] __vmalloc_node_range_noprof+0xaf5/0x1480 [ 700.439076][T14506] ? __pfx___mutex_trylock_common+0x10/0x10 [ 700.439100][T14506] ? __snd_dma_alloc_pages+0x53/0x90 [ 700.439131][T14506] ? rcu_is_watching+0x12/0xc0 [ 700.439159][T14506] ? trace_contention_end+0xdd/0x130 [ 700.439183][T14506] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 700.439210][T14506] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 700.439246][T14506] ? __snd_dma_alloc_pages+0x53/0x90 [ 700.439275][T14506] __vmalloc_node_noprof+0xad/0xf0 [ 700.439295][T14506] ? __snd_dma_alloc_pages+0x53/0x90 [ 700.439325][T14506] ? __pfx_snd_dma_vmalloc_alloc+0x10/0x10 [ 700.439358][T14506] __snd_dma_alloc_pages+0x53/0x90 [ 700.439388][T14506] snd_dma_alloc_dir_pages+0x151/0x240 [ 700.439421][T14506] do_alloc_pages+0x136/0x2d0 [ 700.439453][T14506] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 700.439492][T14506] snd_pcm_hw_params+0x1656/0x1ba0 [ 700.439526][T14506] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 700.439554][T14506] ? snd_pcm_hw_param_near.constprop.0+0x72f/0x8e0 [ 700.439590][T14506] ? snd_pcm_hw_param_near.constprop.0+0x734/0x8e0 [ 700.439619][T14506] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 700.439645][T14506] ? __asan_memset+0x23/0x50 [ 700.439675][T14506] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 700.439707][T14506] snd_pcm_oss_change_params_locked+0x1432/0x3a30 [ 700.439744][T14506] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 700.439772][T14506] ? __pfx___mutex_lock+0x10/0x10 [ 700.439821][T14506] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 700.439850][T14506] snd_pcm_oss_get_formats+0x7e/0x340 [ 700.439874][T14506] ? find_held_lock+0x2b/0x80 [ 700.439900][T14506] ? __pfx_snd_pcm_oss_get_formats+0x10/0x10 [ 700.439924][T14506] ? __might_fault+0x13b/0x190 [ 700.439957][T14506] snd_pcm_oss_ioctl+0x2f24/0x37c0 [ 700.439982][T14506] ? find_held_lock+0x2b/0x80 [ 700.440008][T14506] ? hook_file_ioctl_common+0x145/0x410 [ 700.440035][T14506] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 700.440063][T14506] ? __fget_files+0x20e/0x3c0 [ 700.440093][T14506] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 700.440120][T14506] __x64_sys_ioctl+0x18e/0x210 [ 700.440145][T14506] do_syscall_64+0xcd/0xfa0 [ 700.440177][T14506] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 700.440216][T14506] RIP: 0033:0x7f25c918eec9 [ 700.440234][T14506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 700.440255][T14506] RSP: 002b:00007f25c73f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 700.440275][T14506] RAX: ffffffffffffffda RBX: 00007f25c93e5fa0 RCX: 00007f25c918eec9 [ 700.440289][T14506] RDX: 0000200000000100 RSI: 00000000c0045005 RDI: 0000000000000006 [ 700.440302][T14506] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 700.440315][T14506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 700.440328][T14506] R13: 00007f25c93e6038 R14: 00007f25c93e5fa0 R15: 00007fffafa1a4c8 [ 700.440356][T14506] [ 700.442881][T14506] Mem-Info: [ 701.968445][T14506] active_anon:9679 inactive_anon:1561 isolated_anon:0 [ 701.968445][T14506] active_file:22701 inactive_file:37942 isolated_file:0 [ 701.968445][T14506] unevictable:1834 dirty:904 writeback:0 [ 701.968445][T14506] slab_reclaimable:12308 slab_unreclaimable:95916 [ 701.968445][T14506] mapped:27446 shmem:1878 pagetables:1129 [ 701.968445][T14506] sec_pagetables:0 bounce:0 [ 701.968445][T14506] kernel_misc_reclaimable:0 [ 701.968445][T14506] free:1301952 free_pcp:24529 free_cma:0 [ 702.205546][T14506] Node 0 active_anon:38716kB inactive_anon:12360kB active_file:90772kB inactive_file:151600kB unevictable:5820kB isolated(anon):0kB isolated(file):0kB mapped:109784kB dirty:3612kB writeback:0kB shmem:5948kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11088kB pagetables:4580kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 702.340323][T14506] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:140kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 702.485549][T14506] Node 0 DMA free:15356kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 702.527154][T14555] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1834'. [ 702.672991][T14506] lowmem_reserve[]: 0 2483 2485 2485 2485 [ 702.702444][T14506] Node 0 DMA32 free:1347344kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36672kB inactive_anon:7160kB active_file:93476kB inactive_file:151860kB unevictable:1556kB writepending:3612kB zspages:0kB present:3129332kB managed:2543608kB mlocked:20kB bounce:0kB free_pcp:40128kB local_pcp:40128kB free_cma:0kB [ 702.935207][T14506] lowmem_reserve[]: 0 0 1 1 1 [ 702.945024][T14506] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 703.106696][T14506] lowmem_reserve[]: 0 0 0 0 0 [ 703.139948][T14506] Node 1 Normal free:3845348kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:140kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:61864kB local_pcp:61864kB free_cma:0kB [ 703.284354][T14506] lowmem_reserve[]: 0 0 0 0 0 [ 703.304435][T14506] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15356kB [ 703.400749][T14506] Node 0 DMA32: 3902*4kB (UM) 3251*8kB (UME) 3098*16kB (UM) 2443*32kB (UM) 1274*64kB (UME) 704*128kB (UM) 404*256kB (UME) 215*512kB (UME) 84*1024kB (UME) 5*2048kB (UME) 170*4096kB (UM) = 1347088kB [ 703.489155][T14506] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 703.552716][T14506] Node 1 Normal: 194*4kB (UE) 27*8kB (UE) 23*16kB (UE) 188*32kB (UE) 115*64kB (UE) 37*128kB (UE) 17*256kB (UME) 12*512kB (UME) 6*1024kB (UM) 2*2048kB (UE) 929*4096kB (UM) = 3845392kB [ 703.672766][T14506] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 703.704428][T14506] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 703.747535][T14506] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 703.801441][T14506] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 703.827907][T14574] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1839'. [ 703.837759][T14506] 62955 total pagecache pages [ 703.847762][T14506] 0 pages in swap cache [ 703.883835][T14506] Free swap = 124996kB [ 703.892746][T14506] Total swap = 124996kB [ 703.911942][T14571] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1839'. [ 703.931076][T14506] 2097051 pages RAM [ 703.935433][T14506] 0 pages HighMem/MovableOnly [ 703.955963][T14506] 429059 pages reserved [ 703.982013][T14506] 0 pages cma reserved [ 707.227599][T14636] random: crng reseeded on system resumption [ 707.287848][ T5147] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 707.296772][T14636] blktrace: Concurrent blktraces are not allowed on loop12 [ 707.972953][T14643] can: request_module (can-proto-0) failed. [ 708.261175][T14650] CIFS: VFS: Invalid SecurityFlags: [ 709.291414][ T5147] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 709.291441][ T5147] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 709.306778][ T5147] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 709.306803][ T5147] Bluetooth: hci1: adv larger than maximum supported [ 709.315808][ T5147] Bluetooth: hci1: adv larger than maximum supported [ 709.325132][ T5147] Bluetooth: hci1: Malformed LE Event: 0x0d [ 709.742476][T14661] zswap: compressor not available [ 710.425265][T14689] FAULT_INJECTION: forcing a failure. [ 710.425265][T14689] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 710.509531][T14689] CPU: 0 UID: 0 PID: 14689 Comm: syz.2.1869 Not tainted syzkaller #0 PREEMPT(full) [ 710.509560][T14689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 710.509578][T14689] Call Trace: [ 710.509585][T14689] [ 710.509592][T14689] dump_stack_lvl+0x16c/0x1f0 [ 710.509628][T14689] should_fail_ex+0x512/0x640 [ 710.509664][T14689] should_fail_alloc_page+0xe7/0x130 [ 710.509686][T14689] prepare_alloc_pages+0x3c2/0x610 [ 710.509705][T14689] ? rcu_is_watching+0x12/0xc0 [ 710.509737][T14689] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 710.509767][T14689] ? __lock_acquire+0xb8a/0x1c90 [ 710.509797][T14689] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 710.509826][T14689] ? do_raw_spin_lock+0x12c/0x2b0 [ 710.509852][T14689] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 710.509877][T14689] ? find_held_lock+0x2b/0x80 [ 710.509912][T14689] ? __lock_acquire+0xb8a/0x1c90 [ 710.509931][T14689] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 710.509960][T14689] ? policy_nodemask+0xea/0x4e0 [ 710.509982][T14689] alloc_pages_mpol+0x1fb/0x550 [ 710.510002][T14689] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 710.510029][T14689] folio_alloc_mpol_noprof+0x36/0x2f0 [ 710.510054][T14689] shmem_alloc_folio+0x135/0x160 [ 710.510078][T14689] shmem_alloc_and_add_folio+0x499/0xc20 [ 710.510111][T14689] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 710.510139][T14689] ? shmem_allowable_huge_orders+0xd4/0x3f0 [ 710.510172][T14689] shmem_get_folio_gfp+0x67f/0x1610 [ 710.510205][T14689] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 710.510232][T14689] ? __pfx_timestamp_truncate+0x10/0x10 [ 710.510267][T14689] shmem_fault+0x1fe/0xa30 [ 710.510295][T14689] ? __pfx_shmem_fault+0x10/0x10 [ 710.510326][T14689] ? __pfx___up_read+0x10/0x10 [ 710.510348][T14689] ? inode_to_bdi+0x9e/0x160 [ 710.510383][T14689] ? __pfx_filemap_map_pages+0x10/0x10 [ 710.510407][T14689] __do_fault+0x10d/0x490 [ 710.510455][T14689] ? __pfx_filemap_map_pages+0x10/0x10 [ 710.510481][T14689] do_pte_missing+0x1a6/0x3ba0 [ 710.510507][T14689] ? find_held_lock+0x2b/0x80 [ 710.510536][T14689] ? __handle_mm_fault+0x1529/0x2aa0 [ 710.510565][T14689] __handle_mm_fault+0x1556/0x2aa0 [ 710.510607][T14689] ? __pfx___handle_mm_fault+0x10/0x10 [ 710.510634][T14689] ? __pte_offset_map_lock+0x174/0x310 [ 710.510669][T14689] ? find_held_lock+0x2b/0x80 [ 710.510706][T14689] ? follow_page_pte+0x5cf/0x1390 [ 710.510732][T14689] handle_mm_fault+0x589/0xd10 [ 710.510763][T14689] __get_user_pages+0x54e/0x3530 [ 710.510793][T14689] ? down_read_killable+0x220/0x4b0 [ 710.510816][T14689] ? __pfx___get_user_pages+0x10/0x10 [ 710.510845][T14689] faultin_page_range+0x338/0x940 [ 710.510873][T14689] madvise_do_behavior+0x34c/0x530 [ 710.510910][T14689] ? __pfx_madvise_do_behavior+0x10/0x10 [ 710.510934][T14689] ? down_read+0x13d/0x480 [ 710.510973][T14689] ? __pfx_vfs_writev+0x10/0x10 [ 710.511001][T14689] ? __mutex_lock+0x1c5/0x1060 [ 710.511047][T14689] do_madvise+0x176/0x240 [ 710.511069][T14689] ? __pfx_do_madvise+0x10/0x10 [ 710.511091][T14689] ? do_futex+0x122/0x350 [ 710.511130][T14689] ? xfd_validate_state+0x61/0x180 [ 710.511152][T14689] ? __pfx_do_writev+0x10/0x10 [ 710.511185][T14689] __x64_sys_madvise+0xa9/0x110 [ 710.511207][T14689] ? lockdep_hardirqs_on+0x7c/0x110 [ 710.511238][T14689] do_syscall_64+0xcd/0xfa0 [ 710.511272][T14689] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 710.511294][T14689] RIP: 0033:0x7f19c738eec9 [ 710.511311][T14689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 710.511333][T14689] RSP: 002b:00007f19c8179038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 710.511353][T14689] RAX: ffffffffffffffda RBX: 00007f19c75e5fa0 RCX: 00007f19c738eec9 [ 710.511367][T14689] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 710.511380][T14689] RBP: 00007f19c7411f91 R08: 0000000000000000 R09: 0000000000000000 [ 710.511393][T14689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 710.511406][T14689] R13: 00007f19c75e6038 R14: 00007f19c75e5fa0 R15: 00007ffd0c6c4fc8 [ 710.511434][T14689] [ 710.963391][T14690] FAULT_INJECTION: forcing a failure. [ 710.963391][T14690] name failslab, interval 1, probability 0, space 0, times 0 [ 710.976220][T14690] CPU: 0 UID: 0 PID: 14690 Comm: syz.0.1868 Not tainted syzkaller #0 PREEMPT(full) [ 710.976252][T14690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 710.976266][T14690] Call Trace: [ 710.976274][T14690] [ 710.976283][T14690] dump_stack_lvl+0x16c/0x1f0 [ 710.976323][T14690] should_fail_ex+0x512/0x640 [ 710.976361][T14690] ? __kmalloc_cache_node_noprof+0x62/0x7a0 [ 710.976401][T14690] should_failslab+0xc2/0x120 [ 710.976425][T14690] __kmalloc_cache_node_noprof+0x75/0x7a0 [ 710.976461][T14690] ? blkg_alloc+0xb7/0xb60 [ 710.976500][T14690] ? blkg_alloc+0xb7/0xb60 [ 710.976525][T14690] blkg_alloc+0xb7/0xb60 [ 710.976553][T14690] ? find_held_lock+0x2b/0x80 [ 710.976591][T14690] blkcg_init_disk+0x51/0x160 [ 710.976623][T14690] __alloc_disk_node+0x299/0x640 [ 710.976649][T14690] __blk_alloc_disk+0xd0/0x160 [ 710.976670][T14690] ? __pfx___blk_alloc_disk+0x10/0x10 [ 710.976708][T14690] ? lockdep_init_map_type+0x5c/0x280 [ 710.976735][T14690] ? lockdep_init_map_type+0x5c/0x280 [ 710.976764][T14690] dm_create+0x4c4/0x1160 [ 710.976798][T14690] dev_create+0x121/0x290 [ 710.976834][T14690] ? __pfx_dev_create+0x10/0x10 [ 710.976868][T14690] ? __might_fault+0x13b/0x190 [ 710.976906][T14690] ctl_ioctl+0x798/0xd70 [ 710.976940][T14690] ? __pfx_dev_create+0x10/0x10 [ 710.976977][T14690] ? __pfx_ctl_ioctl+0x10/0x10 [ 710.977040][T14690] ? __fget_files+0x20e/0x3c0 [ 710.977077][T14690] dm_ctl_ioctl+0x22/0x30 [ 710.977109][T14690] ? __pfx_dm_ctl_ioctl+0x10/0x10 [ 710.977144][T14690] __x64_sys_ioctl+0x18e/0x210 [ 710.977172][T14690] do_syscall_64+0xcd/0xfa0 [ 710.977210][T14690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 710.977233][T14690] RIP: 0033:0x7f25c918eec9 [ 710.977253][T14690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 710.977277][T14690] RSP: 002b:00007f25c73d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 710.977311][T14690] RAX: ffffffffffffffda RBX: 00007f25c93e6090 RCX: 00007f25c918eec9 [ 710.977326][T14690] RDX: 00002000000001c0 RSI: fffffffffffffd03 RDI: 0000000000000002 [ 710.977340][T14690] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 710.977355][T14690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 710.977368][T14690] R13: 00007f25c93e6128 R14: 00007f25c93e6090 R15: 00007fffafa1a4c8 [ 710.977398][T14690] [ 711.223951][T14691] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1867'. [ 711.954669][T14695] netlink: 'syz.2.1870': attribute type 1 has an invalid length. [ 712.945066][T14718] FAULT_INJECTION: forcing a failure. [ 712.945066][T14718] name failslab, interval 1, probability 0, space 0, times 0 [ 713.021193][T14718] CPU: 0 UID: 0 PID: 14718 Comm: syz.0.1874 Not tainted syzkaller #0 PREEMPT(full) [ 713.021225][T14718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 713.021239][T14718] Call Trace: [ 713.021246][T14718] [ 713.021254][T14718] dump_stack_lvl+0x16c/0x1f0 [ 713.021293][T14718] should_fail_ex+0x512/0x640 [ 713.021337][T14718] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 713.021382][T14718] ? __pfx_ptdump_open+0x10/0x10 [ 713.021405][T14718] should_failslab+0xc2/0x120 [ 713.021426][T14718] kmem_cache_alloc_noprof+0x75/0x6e0 [ 713.021455][T14718] ? seq_open+0x55/0x170 [ 713.021478][T14718] ? __pfx_ptdump_open+0x10/0x10 [ 713.021499][T14718] ? __pfx_ptdump_show+0x10/0x10 [ 713.021521][T14718] ? seq_open+0x55/0x170 [ 713.021538][T14718] seq_open+0x55/0x170 [ 713.021557][T14718] ? __pfx_ptdump_show+0x10/0x10 [ 713.021579][T14718] single_open+0xfc/0x1f0 [ 713.021601][T14718] full_proxy_open_regular+0x1b9/0x360 [ 713.021627][T14718] do_dentry_open+0x982/0x1530 [ 713.021659][T14718] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 713.021687][T14718] vfs_open+0x82/0x3f0 [ 713.021712][T14718] path_openat+0x1de4/0x2cb0 [ 713.021751][T14718] ? __pfx_path_openat+0x10/0x10 [ 713.021783][T14718] ? __lock_acquire+0xb8a/0x1c90 [ 713.021807][T14718] do_filp_open+0x20b/0x470 [ 713.021838][T14718] ? __pfx_do_filp_open+0x10/0x10 [ 713.021887][T14718] ? alloc_fd+0x471/0x7d0 [ 713.021921][T14718] do_sys_openat2+0x11b/0x1d0 [ 713.021944][T14718] ? __pfx_do_sys_openat2+0x10/0x10 [ 713.021978][T14718] __x64_sys_openat+0x174/0x210 [ 713.022002][T14718] ? __pfx___x64_sys_openat+0x10/0x10 [ 713.022037][T14718] do_syscall_64+0xcd/0xfa0 [ 713.022070][T14718] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.022092][T14718] RIP: 0033:0x7f25c918eec9 [ 713.022108][T14718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 713.022129][T14718] RSP: 002b:00007f25c73f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 713.022148][T14718] RAX: ffffffffffffffda RBX: 00007f25c93e5fa0 RCX: 00007f25c918eec9 [ 713.022162][T14718] RDX: 0000000000000102 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 713.022175][T14718] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 713.022188][T14718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 713.022201][T14718] R13: 00007f25c93e6038 R14: 00007f25c93e5fa0 R15: 00007fffafa1a4c8 [ 713.022229][T14718] [ 714.095494][T14720] FAULT_INJECTION: forcing a failure. [ 714.095494][T14720] name failslab, interval 1, probability 0, space 0, times 0 [ 714.152547][T14720] CPU: 0 UID: 0 PID: 14720 Comm: syz.0.1875 Not tainted syzkaller #0 PREEMPT(full) [ 714.152577][T14720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 714.152591][T14720] Call Trace: [ 714.152598][T14720] [ 714.152617][T14720] dump_stack_lvl+0x16c/0x1f0 [ 714.152652][T14720] should_fail_ex+0x512/0x640 [ 714.152684][T14720] ? __kmalloc_cache_noprof+0x5f/0x780 [ 714.152713][T14720] should_failslab+0xc2/0x120 [ 714.152733][T14720] __kmalloc_cache_noprof+0x72/0x780 [ 714.152760][T14720] ? region_del+0x907/0xdc0 [ 714.152794][T14720] ? region_del+0x907/0xdc0 [ 714.152822][T14720] region_del+0x907/0xdc0 [ 714.152861][T14720] hugetlb_unreserve_pages+0xff/0x290 [ 714.152891][T14720] remove_inode_hugepages+0x7ec/0xed0 [ 714.152935][T14720] ? __pfx_remove_inode_hugepages+0x10/0x10 [ 714.152992][T14720] ? up_write+0x1b2/0x520 [ 714.153018][T14720] hugetlbfs_fallocate+0xf3e/0x12e0 [ 714.153059][T14720] ? __pfx_hugetlbfs_fallocate+0x10/0x10 [ 714.153119][T14720] ? __pfx_hugetlbfs_fallocate+0x10/0x10 [ 714.153148][T14720] ? vfs_fallocate+0x5b4/0x10e0 [ 714.153179][T14720] vfs_fallocate+0x5b4/0x10e0 [ 714.153212][T14720] ? __pfx_vfs_fallocate+0x10/0x10 [ 714.153249][T14720] __x64_sys_fallocate+0xd5/0x150 [ 714.153362][T14720] do_syscall_64+0xcd/0xfa0 [ 714.153401][T14720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.153424][T14720] RIP: 0033:0x7f25c918eec9 [ 714.153442][T14720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 714.153466][T14720] RSP: 002b:00007f25c73f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 714.153487][T14720] RAX: ffffffffffffffda RBX: 00007f25c93e5fa0 RCX: 00007f25c918eec9 [ 714.153502][T14720] RDX: 000000000000000f RSI: 0000000000000003 RDI: 8000000000000003 [ 714.153515][T14720] RBP: 00007f25c73f6090 R08: 0000000000000000 R09: 0000000000000000 [ 714.153529][T14720] R10: 0000000200000004 R11: 0000000000000246 R12: 0000000000000001 [ 714.153543][T14720] R13: 00007f25c93e6038 R14: 00007f25c93e5fa0 R15: 00007fffafa1a4c8 [ 714.153576][T14720] [ 714.484199][T14727] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1879'. [ 714.494054][T14727] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1879'. [ 714.540471][T14724] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 714.669994][T14737] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(9.11.16), cmd(3) [ 714.689973][T14733] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(9.11.16), cmd(3) [ 716.986539][T14777] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1890'. [ 717.585118][T14795] syz.2.1894 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 717.668832][T14795] FAULT_INJECTION: forcing a failure. [ 717.668832][T14795] name failslab, interval 1, probability 0, space 0, times 0 [ 717.735382][T14795] CPU: 0 UID: 0 PID: 14795 Comm: syz.2.1894 Not tainted syzkaller #0 PREEMPT(full) [ 717.735415][T14795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 717.735429][T14795] Call Trace: [ 717.735437][T14795] [ 717.735446][T14795] dump_stack_lvl+0x16c/0x1f0 [ 717.735485][T14795] should_fail_ex+0x512/0x640 [ 717.735522][T14795] ? __kmalloc_cache_noprof+0x5f/0x780 [ 717.735556][T14795] should_failslab+0xc2/0x120 [ 717.735579][T14795] __kmalloc_cache_noprof+0x72/0x780 [ 717.735609][T14795] ? do_raw_spin_lock+0x12c/0x2b0 [ 717.735637][T14795] ? kobject_uevent_env+0x265/0x1870 [ 717.735667][T14795] ? kobject_uevent_env+0x265/0x1870 [ 717.735692][T14795] kobject_uevent_env+0x265/0x1870 [ 717.735717][T14795] ? __pfx_dev_uevent_name+0x10/0x10 [ 717.735750][T14795] ? bus_to_subsys+0x131/0x160 [ 717.735779][T14795] device_add+0x10dd/0x1aa0 [ 717.735803][T14795] ? __pfx_device_add+0x10/0x10 [ 717.735824][T14795] ? rcu_is_watching+0x12/0xc0 [ 717.735859][T14795] ? lockdep_init_map_type+0x5c/0x280 [ 717.735897][T14795] input_register_device+0x7e8/0x1180 [ 717.735923][T14795] ? input_ff_create+0x256/0x350 [ 717.735957][T14795] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 717.735993][T14795] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 717.736020][T14795] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 717.736065][T14795] ? find_held_lock+0x2b/0x80 [ 717.736112][T14795] ? __pfx_uinput_ioctl+0x10/0x10 [ 717.736145][T14795] __x64_sys_ioctl+0x18e/0x210 [ 717.736174][T14795] do_syscall_64+0xcd/0xfa0 [ 717.736212][T14795] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.736236][T14795] RIP: 0033:0x7f19c738eec9 [ 717.736255][T14795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 717.736278][T14795] RSP: 002b:00007f19c8179038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 717.736301][T14795] RAX: ffffffffffffffda RBX: 00007f19c75e5fa0 RCX: 00007f19c738eec9 [ 717.736317][T14795] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000008 [ 717.736331][T14795] RBP: 00007f19c7411f91 R08: 0000000000000000 R09: 0000000000000000 [ 717.736345][T14795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 717.736359][T14795] R13: 00007f19c75e6038 R14: 00007f19c75e5fa0 R15: 00007ffd0c6c4fc8 [ 717.736396][T14795] [ 717.968093][T14795] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input25 [ 718.462996][T14804] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1896'. [ 718.483786][T14804] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1896'. [ 718.532819][T14799] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 718.540133][T14799] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 718.556981][T14799] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 718.577615][T14799] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 718.615127][T14801] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 719.233544][T14823] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1902'. [ 719.861489][T14841] ecryptfs_miscdev_write: Invalid packet size [302] [ 720.031661][ T5147] Bluetooth: hci0: command 0x0c1a tx timeout [ 720.174910][T14844] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1907'. [ 720.583176][ T5147] Bluetooth: hci1: command 0x0c1a tx timeout [ 720.589483][ T5147] Bluetooth: hci3: command 0x0c1a tx timeout [ 720.600132][ T5147] Bluetooth: hci2: command 0x0c1a tx timeout [ 721.990374][T14879] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1919'. [ 722.122029][T14876] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1918'. [ 722.230642][T14886] FAULT_INJECTION: forcing a failure. [ 722.230642][T14886] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 722.230675][T14886] CPU: 0 UID: 0 PID: 14886 Comm: syz.3.1921 Not tainted syzkaller #0 PREEMPT(full) [ 722.230697][T14886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 722.230708][T14886] Call Trace: [ 722.230714][T14886] [ 722.230721][T14886] dump_stack_lvl+0x16c/0x1f0 [ 722.230754][T14886] should_fail_ex+0x512/0x640 [ 722.230788][T14886] _copy_from_user+0x2e/0xd0 [ 722.230807][T14886] get_timespec64+0x8b/0x1b0 [ 722.230825][T14886] ? __pfx_get_timespec64+0x10/0x10 [ 722.230842][T14886] ? find_held_lock+0x2b/0x80 [ 722.230874][T14886] __x64_sys_futex+0x288/0x4c0 [ 722.230897][T14886] ? __pfx___x64_sys_futex+0x10/0x10 [ 722.230927][T14886] do_syscall_64+0xcd/0xfa0 [ 722.230957][T14886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 722.230977][T14886] RIP: 0033:0x7f794118eec9 [ 722.230992][T14886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 722.231011][T14886] RSP: 002b:00007ffdd020fd18 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 722.231029][T14886] RAX: ffffffffffffffda RBX: 00000000000b088e RCX: 00007f794118eec9 [ 722.231042][T14886] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f79413e5fac [ 722.231054][T14886] RBP: 0000000000000032 R08: 00007f7941f36000 R09: 0000000cd021000f [ 722.231066][T14886] R10: 00007ffdd020fe10 R11: 0000000000000246 R12: 00007f79413e5fac [ 722.231078][T14886] R13: 00007ffdd020fe10 R14: 00000000000b08c0 R15: 00007ffdd020fe30 [ 722.231103][T14886] [ 724.097585][T14900] tty tty17: ldisc open failed (-12), clearing slot 16 [ 724.132723][T14924] ================================================================== [ 724.132738][T14924] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 724.132772][T14924] Read of size 8 at addr ffff888029e76e18 by task syz.0.1929/14924 [ 724.132790][T14924] [ 724.132800][T14924] CPU: 0 UID: 0 PID: 14924 Comm: syz.0.1929 Not tainted syzkaller #0 PREEMPT(full) [ 724.132824][T14924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 724.132837][T14924] Call Trace: [ 724.132844][T14924] [ 724.132851][T14924] dump_stack_lvl+0x116/0x1f0 [ 724.132884][T14924] print_report+0xcd/0x630 [ 724.132904][T14924] ? __virt_addr_valid+0x81/0x610 [ 724.132923][T14924] ? __phys_addr+0xe8/0x180 [ 724.132943][T14924] ? dvb_device_open+0x36a/0x3b0 [ 724.132968][T14924] kasan_report+0xe0/0x110 [ 724.132988][T14924] ? dvb_device_open+0x36a/0x3b0 [ 724.133016][T14924] ? __pfx_dvb_device_open+0x10/0x10 [ 724.133043][T14924] dvb_device_open+0x36a/0x3b0 [ 724.133070][T14924] ? __pfx_dvb_device_open+0x10/0x10 [ 724.133096][T14924] chrdev_open+0x234/0x6a0 [ 724.133128][T14924] ? __pfx_apparmor_file_open+0x10/0x10 [ 724.133152][T14924] ? __pfx_chrdev_open+0x10/0x10 [ 724.133193][T14924] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 724.133227][T14924] do_dentry_open+0x982/0x1530 [ 724.133259][T14924] ? __pfx_chrdev_open+0x10/0x10 [ 724.133295][T14924] vfs_open+0x82/0x3f0 [ 724.133317][T14924] path_openat+0x1de4/0x2cb0 [ 724.133351][T14924] ? __pfx_path_openat+0x10/0x10 [ 724.133382][T14924] ? __lock_acquire+0xb8a/0x1c90 [ 724.133404][T14924] do_filp_open+0x20b/0x470 [ 724.133434][T14924] ? __pfx_do_filp_open+0x10/0x10 [ 724.133474][T14924] ? alloc_fd+0x471/0x7d0 [ 724.133504][T14924] do_sys_openat2+0x11b/0x1d0 [ 724.133527][T14924] ? __pfx_do_sys_openat2+0x10/0x10 [ 724.133549][T14924] ? __pfx_do_sys_openat2+0x10/0x10 [ 724.133573][T14924] ? __pfx___might_resched+0x10/0x10 [ 724.133605][T14924] __x64_sys_openat+0x174/0x210 [ 724.133629][T14924] ? __pfx___x64_sys_openat+0x10/0x10 [ 724.133659][T14924] do_syscall_64+0xcd/0xfa0 [ 724.133691][T14924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.133713][T14924] RIP: 0033:0x7f25c918eec9 [ 724.133729][T14924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 724.133750][T14924] RSP: 002b:00007f25c73f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 724.133770][T14924] RAX: ffffffffffffffda RBX: 00007f25c93e5fa0 RCX: 00007f25c918eec9 [ 724.133785][T14924] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 724.133799][T14924] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 724.133812][T14924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 724.133825][T14924] R13: 00007f25c93e6038 R14: 00007f25c93e5fa0 R15: 00007fffafa1a4c8 [ 724.133847][T14924] [ 724.133854][T14924] [ 724.133859][T14924] Allocated by task 1: [ 724.133868][T14924] kasan_save_stack+0x33/0x60 [ 724.133899][T14924] kasan_save_track+0x14/0x30 [ 724.133929][T14924] __kasan_kmalloc+0xaa/0xb0 [ 724.133958][T14924] dvb_register_device+0x1e4/0x2370 [ 724.133984][T14924] dvb_register_frontend+0x5a6/0x880 [ 724.134008][T14924] vidtv_bridge_probe+0x459/0xa90 [ 724.134029][T14924] platform_probe+0x106/0x1d0 [ 724.134051][T14924] really_probe+0x241/0xa90 [ 724.134077][T14924] __driver_probe_device+0x1de/0x440 [ 724.134105][T14924] driver_probe_device+0x4c/0x1b0 [ 724.134132][T14924] __driver_attach+0x283/0x580 [ 724.134159][T14924] bus_for_each_dev+0x13e/0x1d0 [ 724.134185][T14924] bus_add_driver+0x2e9/0x690 [ 724.134208][T14924] driver_register+0x15c/0x4b0 [ 724.134239][T14924] vidtv_bridge_init+0x45/0x80 [ 724.134261][T14924] do_one_initcall+0x123/0x6e0 [ 724.134281][T14924] kernel_init_freeable+0x5c8/0x920 [ 724.134307][T14924] kernel_init+0x1c/0x2b0 [ 724.134328][T14924] ret_from_fork+0x675/0x7d0 [ 724.134350][T14924] ret_from_fork_asm+0x1a/0x30 [ 724.134370][T14924] [ 724.134375][T14924] Freed by task 14724: [ 724.134385][T14924] kasan_save_stack+0x33/0x60 [ 724.134415][T14924] kasan_save_track+0x14/0x30 [ 724.134444][T14924] __kasan_save_free_info+0x3b/0x60 [ 724.134474][T14924] __kasan_slab_free+0x5f/0x80 [ 724.134505][T14924] kfree+0x2b8/0x6d0 [ 724.134528][T14924] dvb_device_put.part.0+0x60/0x90 [ 724.134553][T14924] dvb_device_open+0x2a4/0x3b0 [ 724.134577][T14924] chrdev_open+0x234/0x6a0 [ 724.134607][T14924] do_dentry_open+0x982/0x1530 [ 724.134637][T14924] vfs_open+0x82/0x3f0 [ 724.134655][T14924] path_openat+0x1de4/0x2cb0 [ 724.134682][T14924] do_filp_open+0x20b/0x470 [ 724.134709][T14924] do_sys_openat2+0x11b/0x1d0 [ 724.134729][T14924] __x64_sys_openat+0x174/0x210 [ 724.134751][T14924] do_syscall_64+0xcd/0xfa0 [ 724.134781][T14924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.134801][T14924] [ 724.134805][T14924] The buggy address belongs to the object at ffff888029e76e00 [ 724.134805][T14924] which belongs to the cache kmalloc-256 of size 256 [ 724.134822][T14924] The buggy address is located 24 bytes inside of [ 724.134822][T14924] freed 256-byte region [ffff888029e76e00, ffff888029e76f00) [ 724.134843][T14924] [ 724.134848][T14924] The buggy address belongs to the physical page: [ 724.134863][T14924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x29e76 [ 724.134883][T14924] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 724.134900][T14924] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 724.134919][T14924] page_type: f5(slab) [ 724.134936][T14924] raw: 00fff00000000040 ffff88813ffa6b40 dead000000000122 0000000000000000 [ 724.134955][T14924] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 724.134975][T14924] head: 00fff00000000040 ffff88813ffa6b40 dead000000000122 0000000000000000 [ 724.134994][T14924] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 724.135013][T14924] head: 00fff00000000001 ffffea0000a79d81 00000000ffffffff 00000000ffffffff [ 724.135033][T14924] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 724.135045][T14924] page dumped because: kasan: bad access detected [ 724.135054][T14924] page_owner tracks the page as allocated [ 724.135061][T14924] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 24587616612, free_ts 0 [ 724.135096][T14924] post_alloc_hook+0x1c0/0x230 [ 724.135120][T14924] get_page_from_freelist+0x10a3/0x3a30 [ 724.135146][T14924] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 724.135173][T14924] alloc_pages_mpol+0x1fb/0x550 [ 724.135196][T14924] new_slab+0x24a/0x360 [ 724.135218][T14924] ___slab_alloc+0xdc4/0x1ae0 [ 724.135241][T14924] __slab_alloc.constprop.0+0x63/0x110 [ 724.135266][T14924] __kmalloc_cache_noprof+0x477/0x780 [ 724.135291][T14924] bus_add_driver+0x92/0x690 [ 724.135315][T14924] driver_register+0x15c/0x4b0 [ 724.135345][T14924] usb_register_driver+0x216/0x4d0 [ 724.135364][T14924] do_one_initcall+0x123/0x6e0 [ 724.135383][T14924] kernel_init_freeable+0x5c8/0x920 [ 724.135408][T14924] kernel_init+0x1c/0x2b0 [ 724.135428][T14924] ret_from_fork+0x675/0x7d0 [ 724.135450][T14924] ret_from_fork_asm+0x1a/0x30 [ 724.135470][T14924] page_owner free stack trace missing [ 724.135477][T14924] [ 724.135482][T14924] Memory state around the buggy address: [ 724.135493][T14924] ffff888029e76d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 724.135508][T14924] ffff888029e76d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 724.135523][T14924] >ffff888029e76e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 724.135535][T14924] ^ [ 724.135546][T14924] ffff888029e76e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 724.135561][T14924] ffff888029e76f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 724.135573][T14924] ================================================================== [ 724.162129][T14924] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 724.162152][T14924] CPU: 0 UID: 0 PID: 14924 Comm: syz.0.1929 Not tainted syzkaller #0 PREEMPT(full) [ 724.162186][T14924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 724.162200][T14924] Call Trace: [ 724.162208][T14924] [ 724.162217][T14924] dump_stack_lvl+0x3d/0x1f0 [ 724.162255][T14924] vpanic+0x640/0x6f0 [ 724.162281][T14924] panic+0xca/0xd0 [ 724.162304][T14924] ? __pfx_panic+0x10/0x10 [ 724.162328][T14924] ? dvb_device_open+0x36a/0x3b0 [ 724.162357][T14924] ? preempt_schedule_common+0x44/0xc0 [ 724.162402][T14924] ? preempt_schedule_thunk+0x16/0x30 [ 724.162431][T14924] check_panic_on_warn+0xab/0xb0 [ 724.162456][T14924] end_report+0x107/0x170 [ 724.162475][T14924] kasan_report+0xee/0x110 [ 724.162496][T14924] ? dvb_device_open+0x36a/0x3b0 [ 724.162524][T14924] ? __pfx_dvb_device_open+0x10/0x10 [ 724.162550][T14924] dvb_device_open+0x36a/0x3b0 [ 724.162577][T14924] ? __pfx_dvb_device_open+0x10/0x10 [ 724.162604][T14924] chrdev_open+0x234/0x6a0 [ 724.162637][T14924] ? __pfx_apparmor_file_open+0x10/0x10 [ 724.162660][T14924] ? __pfx_chrdev_open+0x10/0x10 [ 724.162694][T14924] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 724.162727][T14924] do_dentry_open+0x982/0x1530 [ 724.162759][T14924] ? __pfx_chrdev_open+0x10/0x10 [ 724.162795][T14924] vfs_open+0x82/0x3f0 [ 724.162818][T14924] path_openat+0x1de4/0x2cb0 [ 724.162852][T14924] ? __pfx_path_openat+0x10/0x10 [ 724.162883][T14924] ? __lock_acquire+0xb8a/0x1c90 [ 724.162906][T14924] do_filp_open+0x20b/0x470 [ 724.162935][T14924] ? __pfx_do_filp_open+0x10/0x10 [ 724.162976][T14924] ? alloc_fd+0x471/0x7d0 [ 724.163007][T14924] do_sys_openat2+0x11b/0x1d0 [ 724.163029][T14924] ? __pfx_do_sys_openat2+0x10/0x10 [ 724.163052][T14924] ? __pfx_do_sys_openat2+0x10/0x10 [ 724.163076][T14924] ? __pfx___might_resched+0x10/0x10 [ 724.163109][T14924] __x64_sys_openat+0x174/0x210 [ 724.163133][T14924] ? __pfx___x64_sys_openat+0x10/0x10 [ 724.163163][T14924] do_syscall_64+0xcd/0xfa0 [ 724.163203][T14924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.163225][T14924] RIP: 0033:0x7f25c918eec9 [ 724.163243][T14924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 724.163265][T14924] RSP: 002b:00007f25c73f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 724.163285][T14924] RAX: ffffffffffffffda RBX: 00007f25c93e5fa0 RCX: 00007f25c918eec9 [ 724.163300][T14924] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 724.163315][T14924] RBP: 00007f25c9211f91 R08: 0000000000000000 R09: 0000000000000000 [ 724.163329][T14924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 724.163341][T14924] R13: 00007f25c93e6038 R14: 00007f25c93e5fa0 R15: 00007fffafa1a4c8 [ 724.163363][T14924] [ 724.163428][T14924] Kernel Offset: disabled