last executing test programs: 11.267411489s ago: executing program 0 (id=1490): socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/class/ubi/version\x00', 0x400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/58, 0x3a) sysfs$auto(0x2, 0x1b, 0x0) fsopen$auto(0x0, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x103, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000100)='/d-:\xe7J\x00'/23, 0x1eb0800) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x5, 0x2, 0x1, 0x948b, 0x7, 0x15f4da0e, 0x4, 0x3, 0x11000000, 0x300000010000000, 0x7, 0x200000006d3c, 0x5, 0x10, 0xfffffffffffffffc]}, 0x0) 10.14966785s ago: executing program 0 (id=1492): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xa2) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram15\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000000)='//\xf2\x00', 0x80000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0xc0403d11, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto(0x0, 0x200007, 0x1d) pwrite64$auto(0xc8, 0x0, 0xfded, 0x6) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f00000003c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4G\x0f\xed\xc0D\xd6\xaf%\xa5\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xccT\fZq', 0x100000a3da) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x80, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r3, 0x0, 0x1f40) sendmsg$auto_NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x4048090) getpgrp(0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) 8.652041853s ago: executing program 2 (id=1495): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) pread64$auto(0xffffffffffffffff, 0x0, 0x100000002, 0x100000001) io_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/0/msr\x00', 0xf82, 0x0) pipe$auto(0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0x9}, 0x4, 0x0, 0x5, 0x7}, 0x8}, 0x4000000, 0x4b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(0x0, 0x80a40, 0x9e) socket(0x11, 0x3, 0x9) socket$nl_generic(0x10, 0x3, 0x10) 8.377899155s ago: executing program 3 (id=1497): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) pread64$auto(0xffffffffffffffff, 0x0, 0x100000002, 0x100000001) io_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/0/msr\x00', 0xf82, 0x0) pipe$auto(0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0x9}, 0x4, 0x0, 0x5, 0x7}, 0x8}, 0x4000000, 0x4b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x10000000eb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) open(0x0, 0x80a40, 0x9e) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 7.660731812s ago: executing program 0 (id=1498): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xa2) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram15\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000000)='//\xf2\x00', 0x80000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0xc0403d11, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto(0x0, 0x200007, 0x1d) pwrite64$auto(0xc8, 0x0, 0xfded, 0x6) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f00000003c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4G\x0f\xed\xc0D\xd6\xaf%\xa5\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xccT\fZq', 0x100000a3da) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x80, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r3, 0x0, 0x1f40) sendmsg$auto_NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x4048090) getpgrp(0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) 6.248524739s ago: executing program 1 (id=1499): r0 = openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000008c0)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/logsyscall\x00', 0x20a42, 0x0) setresuid$auto(0x0, 0x8, 0x0) writev$auto(r0, &(0x7f0000001900)={0x0, 0x100000000}, 0x8) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec7\x00', 0x80001, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000040)=0xb0) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x2a742, 0x0) mmap$auto(0x0, 0x10000, 0xde, 0x11, r1, 0x28000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) close_range$auto(0xffffffffffffffff, 0x8, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0) sendfile$auto(r2, 0xffffffffffffffff, 0x0, 0x48) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x2, 0x0) mmap$auto(0x5, 0x29, 0xfffffffffffffffe, 0xba79, 0xfffffffffffffffa, 0x3) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000003d40), 0xffffffffffffffff) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) msgrcv$auto(0x0, 0x0, 0x4, 0x9, 0x3) msgctl$auto(0x0, 0x1, 0x0) openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000040), 0x494001, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x1e, 0x4, 0x0) 5.97923589s ago: executing program 1 (id=1500): r0 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0) mremap$auto(0x110c230000, 0x0, 0x101, 0x3, 0x0) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x4000, 0x0) ioctl$auto_BINDER_SET_MAX_THREADS(r1, 0x40046205, &(0x7f0000000040)="3e079d9128645e5e059f9344a68e538ec7856810e5c37deccbc1fe") r2 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r2, &(0x7f0000008d40)=' \v\xb0]E\x00', 0x3) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0) ioctl$auto_TIOCGDEV2(r3, 0x80045432, &(0x7f0000000040)=0xddc) mmap$auto(0x0, 0x6, 0xb860, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0x9, "0000e100"}, 0x58) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x4a7) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x800008000) mremap$auto(0x3, 0x2, 0x5, 0x3, 0xeae) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r4, 0x2, 0x9) ioctl$auto(0x3, 0x400c4d06, r4) ioctl$auto(r0, 0x40246f4c, 0x38) 5.443654737s ago: executing program 2 (id=1501): write$auto(0xca, &(0x7f0000000500)='\x04>\xce\v<\xe1\x00\x00\x01p!]\xcfR\xcc\x96\b\'\x02\xb0\x93l\xeb\x87\r\b\x87\x14\xf8e6\x9c%\xb6\x9a\\S\xa2(Q\xcc1\x19HY\x9c\x97i\xec^\xbc\xb3`\x10+}\xd0\xfd\xf0\xa5\x0e\a\xabU\xb9\x93\xebq@1\x1a`pgQ\a\x87-\xa9\x03\x8eF\x138\x9a\xd7\x8c~w\x9a\x13\xe3\xa7\xc6k\xef1Tb\xf2\xc1FT|\xa1\xc3SD8\xc0bj\x11\xcc\b\"\xb3X\xae\xfapM\x97\xdc\x95\x13T\x7f\'K\x05\xe8\x9f\xf3=b\xa5\xbd1\xb1\xcb\xd8\x90\xd5\xdf\xd1\xd2\xd7_\b\xc0\x94', 0x7f) (async) write$auto(0xca, &(0x7f0000000500)='\x04>\xce\v<\xe1\x00\x00\x01p!]\xcfR\xcc\x96\b\'\x02\xb0\x93l\xeb\x87\r\b\x87\x14\xf8e6\x9c%\xb6\x9a\\S\xa2(Q\xcc1\x19HY\x9c\x97i\xec^\xbc\xb3`\x10+}\xd0\xfd\xf0\xa5\x0e\a\xabU\xb9\x93\xebq@1\x1a`pgQ\a\x87-\xa9\x03\x8eF\x138\x9a\xd7\x8c~w\x9a\x13\xe3\xa7\xc6k\xef1Tb\xf2\xc1FT|\xa1\xc3SD8\xc0bj\x11\xcc\b\"\xb3X\xae\xfapM\x97\xdc\x95\x13T\x7f\'K\x05\xe8\x9f\xf3=b\xa5\xbd1\xb1\xcb\xd8\x90\xd5\xdf\xd1\xd2\xd7_\b\xc0\x94', 0x7f) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x0, 0x0) ioctl$auto_tracing_buffers_fops_trace(r0, 0x5220, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000e80)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd70000180140002006e657464657673696d3000"/38], 0x2c}}, 0x400c080) sendfile$auto(0xffffffffffffffff, r1, 0x0, 0xa) socket(0x0, 0x2, 0x7) socket(0x1d, 0x2, 0x7) (async) socket(0x1d, 0x2, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) (async) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r3, 0x0, 0x7) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x108642, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x9}, 0x3) shmctl$auto_SHM_LOCK(0x3ff, 0xb, 0x0) (async) shmctl$auto_SHM_LOCK(0x3ff, 0xb, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon5\x00', 0x2040, 0x0) (async) r5 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon5\x00', 0x2040, 0x0) read$auto_mon_fops_binary_mon_bin(r5, &(0x7f0000000040)=""/2, 0x2) (async) read$auto_mon_fops_binary_mon_bin(r5, &(0x7f0000000040)=""/2, 0x2) stat$auto(0x0, 0x0) (async) stat$auto(0x0, 0x0) r6 = gettid() kill$auto(r6, 0x11) sendmsg$auto_NL80211_CMD_SET_TID_TO_LINK_MAPPING(0xffffffffffffffff, 0x0, 0x0) (async) sendmsg$auto_NL80211_CMD_SET_TID_TO_LINK_MAPPING(0xffffffffffffffff, 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0) prctl$auto(0x4021, 0x4, 0xffffffffffffffff, 0xe, 0x200000000009) (async) prctl$auto(0x4021, 0x4, 0xffffffffffffffff, 0xe, 0x200000000009) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x280600, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/net/ipv4/vs/est_cpulist\x00', 0x2, 0x0) r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zram0\x00', 0x6e642, 0x0) write$auto(r7, &(0x7f0000000400)='odev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) socket(0x10, 0x2, 0x0) 5.25358117s ago: executing program 1 (id=1502): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002180)='/dev/snd/pcmC0D0p\x00', 0x0, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) ioctl$auto_BLKRRPART(r1, 0xc0401289, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) r2 = socket(0xa, 0x3, 0x3b) getsockopt$auto(r2, 0x29, 0x3, 0x0, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) 4.673377767s ago: executing program 0 (id=1503): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002180)='/dev/snd/pcmC0D0p\x00', 0x0, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) ioctl$auto_BLKRRPART(r1, 0xc0401289, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x8, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) r2 = socket(0xa, 0x3, 0x3b) getsockopt$auto(r2, 0x29, 0x3, 0x0, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop7\x00', 0x14f340, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x5, 0x9, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptys5\x00', 0x2000, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f0000000300)="db") mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x10001, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004) getsockopt$auto_SO_PROTOCOL(r3, 0x1, 0x26, &(0x7f0000000040)='/dev/ram7\x00', &(0x7f0000000100)=0x4) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x9, &(0x7f0000000240)="a33c72bb97f9b5c5121521b59a5b68e8f431511fed38126caf7920e8000000008000000133477b8bcb50b31f88f08a8d2e8520f62b44ffc6c30e7f2f474227e363347dca01fe6cedcbafade635d7a1c27ae04fa3004fca868c70a03da14827279a0dcac470185a92b1f57aaff420355d2d1e8c0b2291ff486cc7d033e29efd82b37c401ed098203ba9c2f78f1fd06949988ebf17874d3ebf4d66b795997f8f88f8", 0x3) 4.495503904s ago: executing program 2 (id=1504): mmap$auto(0x0, 0x10, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socketpair$auto(0x1e, 0x8, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x1d7) r1 = socket(0xa, 0x3, 0x3b) setsockopt$auto(0x400000000000003, 0x29, 0x22, 0x0, 0xa4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/tty60\x00', 0x161203, 0x0) mmap$auto(0x9, 0x20009, 0xe2, 0xeb3, r1, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) tkill$auto(0x0, 0x7) swapoff$auto(0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x20b42, 0x0) io_uring_setup$auto(0xb, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_LOCAL(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="050328bd1cf69387fe1c0a7b000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x40008}, 0x0) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_LOCAL(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="22001a00fd9bdc3dfbad5eec5eed7b127072ca9c6f14ed686490394893c0e5366b19cb06203c53557b9e28e12f6ae82ae624ec2ac0b80bee78ba67da6ba7f7a212da73beee83465bb281589239c801a33774c4f218d2928be17bd7a6b97bc70c6f4ef4fd06854c7612", @ANYRES16=r3, @ANYBLOB="010028bd7000fedbdf2506000000080031000001000008003a000100000008001b000500000005002900010000000600220003000000"], 0x3c}, 0x1, 0x0, 0x0, 0x810}, 0x10001) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x5, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/kpagecgroup\x00', 0x20000, 0x0) 4.466162868s ago: executing program 3 (id=1505): mmap$auto(0x0, 0x20009, 0x4000000000dd, 0x40000000000eb1, 0x401, 0x8000) setresuid$auto(0x8, 0x8, 0x0) bpf$auto(0x10, &(0x7f00000000c0)=@link_detach, 0x40) r0 = socket(0x2, 0x1, 0x106) close_range$auto(0x2, 0x8000, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'gre0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x34c, r1, @relative_id=0x3, 0xe600}, 0xf) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), r4) sendmsg$auto_NET_SHAPER_CMD_DELETE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={0x14, r5, 0x9, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0xc050) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x4}, 0xc) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) io_uring_register$auto_IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f0000000500)="bb4b7fa7dcf1f12fc14256a5c322051c227e04e8b4775805692321228554a7ef09d5470a34699cdbaa1931b65dfe69c12052b152de9aab72fe64c4be4d1314a4901521d75f22e9898df48c7e1487ec78d63cb85485e0", 0x3) r7 = bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000002c0)=@test={r6, 0x8001, 0x40, 0x0, 0x4, 0x6, 0x40, 0x1ff, 0x400, 0x55ce, 0x8, 0x26, 0x9, 0x3, 0x10000}, 0x1ff) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000000), r7) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) execve$auto(0x0, &(0x7f0000000180)=&(0x7f0000000080)='[\x89\x00', &(0x7f00000003c0)=&(0x7f0000000380)='-^],%:-.\'\x00') close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x5, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/kpagecgroup\x00', 0x20000, 0x0) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40001}, 0x24040004) socket(0x19, 0x800, 0x754) 4.117549087s ago: executing program 3 (id=1506): r0 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0) mremap$auto(0x110c230000, 0x0, 0x101, 0x3, 0x0) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x4000, 0x0) ioctl$auto_BINDER_SET_MAX_THREADS(r1, 0x40046205, &(0x7f0000000040)="3e079d9128645e5e059f9344a68e538ec7856810e5c37deccbc1fe") r2 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r2, &(0x7f0000008d40)=' \v\xb0]E\x00', 0x3) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0) ioctl$auto_TIOCGDEV2(r3, 0x80045432, &(0x7f0000000040)=0xddc) mmap$auto(0x0, 0x6, 0xb860, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0x9, "0000e100"}, 0x58) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x4a7) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x800008000) mremap$auto(0x3, 0x2, 0x5, 0x3, 0xeae) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r4, 0x2, 0x9) ioctl$auto(0x3, 0x400c4d06, r4) ioctl$auto(r0, 0x40246f4c, 0x38) 3.836392566s ago: executing program 2 (id=1507): socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0xa, 0x3, 0x3a) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/027/001\x00', 0x4a901, 0x0) ioctl$auto_USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f00000001c0)={0x0, 0x5516, 0x0}) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x61, 0x100001000000003, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x45, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x40000eb1, 0x401, 0x8000) clone$auto(0x100000008, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4000006) clone$auto(0x1, 0x1, 0x0, 0x0, 0x2) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x29, 0x5, 0x0) r2 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) open_by_handle_at$auto(r2, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6) sendfile$auto(r1, r1, 0x0, 0x2) 3.499170085s ago: executing program 1 (id=1508): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0x301000, 0x0) socket(0x22, 0x3, 0x0) ioctl$auto(r1, 0x40104d01, r1) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7}) pread64$auto(r2, 0x0, 0x7ff, 0xd) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/ram4/queue/nr_zones\x00', 0x17003, 0x0) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/sctp/rto_max\x00', 0x800, 0x0) 3.412596629s ago: executing program 0 (id=1509): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0x301000, 0x0) socket(0x22, 0x3, 0x0) ioctl$auto(r1, 0x40104d01, r1) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7}) pread64$auto(r2, 0x0, 0x7ff, 0xd) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/ram4/queue/nr_zones\x00', 0x17003, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000000)='\x00', 0x1) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_VERSION_GET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r5, 0x1, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x2000c014}, 0x240480c0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/sctp/rto_max\x00', 0x800, 0x0) 2.815816509s ago: executing program 3 (id=1510): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) pread64$auto(0xffffffffffffffff, 0x0, 0x100000002, 0x100000001) io_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/0/msr\x00', 0xf82, 0x0) pipe$auto(0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0x9}, 0x4, 0x0, 0x5, 0x7}, 0x8}, 0x4000000, 0x4b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(0x0, 0x80a40, 0x9e) socket(0x11, 0x3, 0x9) socket$nl_generic(0x10, 0x3, 0x10) 2.732148139s ago: executing program 2 (id=1511): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0x301000, 0x0) socket(0x22, 0x3, 0x0) ioctl$auto(r1, 0x40104d01, r1) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7}) pread64$auto(r2, 0x0, 0x7ff, 0xd) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/ram4/queue/nr_zones\x00', 0x17003, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000000)='\x00', 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x17) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/sctp/rto_max\x00', 0x800, 0x0) 2.449641438s ago: executing program 1 (id=1512): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) pread64$auto(0xffffffffffffffff, 0x0, 0x100000002, 0x100000001) io_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/0/msr\x00', 0xf82, 0x0) pipe$auto(0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0x9}, 0x4, 0x0, 0x5, 0x7}, 0x8}, 0x4000000, 0x4b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x10000000eb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) open(0x0, 0x80a40, 0x9e) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 2.341060261s ago: executing program 0 (id=1513): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) pread64$auto(0xffffffffffffffff, 0x0, 0x100000002, 0x100000001) io_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/0/msr\x00', 0xf82, 0x0) pipe$auto(0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0x9}, 0x4, 0x0, 0x5, 0x7}, 0x8}, 0x4000000, 0x4b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x10000000eb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) open(0x0, 0x80a40, 0x9e) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 866.533767ms ago: executing program 3 (id=1514): r0 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x248000, 0x0) write$auto_snd_seq_f_ops_seq_clientmgr(r0, &(0x7f0000000040)="5063adbec2ff34caf7c3601ef8e3a8143e6753c721ae30715c4fa0d9b5c9cb4bb98b80a52edcb2f003b95b5b5468e85e2188e6e1a37e42f44ce0d1e83e1a5fed8141956a890dc58439da2a9c13bfcb7fe9051632d6470cda4c1673cc719e24aee2c5930de62630543e4d6a23f0", 0x6d) writev$auto(r0, &(0x7f0000000100)={&(0x7f00000000c0)="26a242ea32c3d6c60a2dcf706d69e7834728d73948029505315010bbca612bfdff96dcb712c5204eebf2b50837c50b119797ea2b4f", 0xca2e}, 0xffff) r1 = ioctl$auto_TUNGETSNDBUF(0xffffffffffffffff, 0x800454d3, &(0x7f0000000140)) connect$auto(r1, &(0x7f0000000180)=@l2tp={0x2, 0x0, @multicast2, 0x4}, 0x3) r2 = openat$auto_hwflags_ops_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/ieee80211/phy15/hwflags\x00', 0x214201, 0x0) io_uring_enter$auto(r2, 0x9, 0xa, 0x31, &(0x7f0000000200)='Q', 0x8) r3 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000240), 0x400000, 0x0) sendfile$auto(r3, r2, &(0x7f0000000280)=0x100000000000, 0xfffffffffffffff7) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000300), r1) sendmsg$auto_L2TP_CMD_SESSION_GET(r4, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r5, 0x800, 0x70bd25, 0x25dfdbfc, {}, [@L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44811}, 0x8015) r6 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000400), 0x511802, 0x0) ioctl$auto_VHOST_SET_LOG_FD2(r1, 0x4004af07, &(0x7f0000000440)=r6) read$auto_ima_measurements_count_ops_ima_fs(r7, &(0x7f0000000480)=""/57, 0x39) write$auto_hwflags_ops_debugfs(r1, &(0x7f00000004c0)="0c5d84a5858d851d5634ad8b7bbf1bf72d50f0a7c864c053cc00123cd7eaed244389dc28d56a4fbcecce3436aa00b68e27fbf6e0ad0c2071d465a5c0b68c78165957eab8c2adbc59fbd505275b06af21c216f52ec75de56b71edccc7eace91b80a747669db16336d4be312620051ed8161b021b05a9da6bf4273dbd0fc4d3165beb4b5e2efc8e34f73eba8c98d9b0489e6ef28c24078b7ee45c2c69201907916f78d301a8b861837e3d539c71e8f340b", 0xb0) read$auto_ima_measurements_count_ops_ima_fs(r7, &(0x7f0000000580)=""/92, 0x5c) ioctl$auto_FS_IOC_GET_ENCRYPTION_POLICY_EX2(r1, 0xc0096616, &(0x7f0000000600)="98194be08d65552867") ioctl$auto_FS_IOC_FSSETXATTR(r6, 0x401c5820, 0x2) sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r4, &(0x7f0000000700)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x4028000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x1c, 0x0, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x6a5add5d5287ae8}, 0x240080c4) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000740), 0x181001, 0x0) ioctl$auto_VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r1, 0x4008af23, &(0x7f0000000780)={0x1, 0x8}) ioctl$auto_SOUND_MIXER_READ_RECMASK(r1, 0x80044dfd, &(0x7f00000007c0)="1fe437249b3adced8100b83aef016d988eda474eaae3b736cb802dc500284d8af75f8666cb9b430fe2c6233a17dd3796b2554d32dd9b319c556c58a3a2f681111d5ee6ce78f0f796bc803e1d671b150516fb2ae939228a661b985c01951b6162df5485fbd7bf281088deef2dc9ad004af1b5f3") getpid() fsconfig$auto_JFFS2_COMPR_MODE_FORCEZLIB(r2, 0x8001, &(0x7f0000000840)='/dev/zero\x00', &(0x7f0000000880)="35bf27122eafba1ce8707cacac0e47ac758508badf0a7c1edd64b21fac84e99e8a703e65a6803e2007783c9021cde61ccbef7b8e51880a61df938171dd745b22487689751e65c7a281bc5a4e8fe9f23c2ed02e701ccff93a5f191071db9b12d00cdc4beeebb62fa5eca55c9cd7234c9511c8a2c2c7cdb17fbcb960e266dcba2c180a79ea1c5d613f20f774fb852701310bdce10f595029845d0f7ef9ab9a465dc6760e720d49bf5e5c05461c5814596939b1dbfcc49a9092875b748de34a525e6b61866affdcec830a2aadb94782afa031f7a7f87e4f8250fa0d8d", 0x5) r8 = syz_genetlink_get_family_id$auto_batadv(&(0x7f00000009c0), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_SET_VLAN(r7, &(0x7f0000000ac0)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a00)={0x48, r8, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xfff}, @BATADV_ATTR_MCAST_FLAGS={0x8, 0x26, 0x6}, @BATADV_ATTR_LAST_SEEN_MSECS={0x8, 0x17, 0x2}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x1000}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_ROUTER={0xa, 0x1d, @remote}]}, 0x48}}, 0x10) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/oom_adj\x00', 0x5390c0, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000b40)={'ipvlan1\x00'}) read$auto_fops_x64_ro_(r1, &(0x7f0000000b80)=""/224, 0xe0) 730.616864ms ago: executing program 2 (id=1515): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0x301000, 0x0) socket(0x22, 0x3, 0x0) ioctl$auto(r1, 0x40104d01, r1) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7}) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0xd) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/ram4/queue/nr_zones\x00', 0x17003, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000000)='\x00', 0x1) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_VERSION_GET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r4, 0x1, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x2000c014}, 0x240480c0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/sctp/rto_max\x00', 0x800, 0x0) 677.901422ms ago: executing program 3 (id=1516): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x0) prctl$auto(0x1000000001c, 0x5, 0x100000000, 0x400000000009, 0x3fffffffff) setresuid$auto(0x8, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/saved_tgids\x00', 0x0, 0x0) close_range$auto(0x0, 0x5, 0x0) inotify_init1$auto(0x3000000000000) sysinfo$auto(&(0x7f0000000080)={0x1, [0x3, 0x1, 0x8], 0x2, 0xe, 0x5, 0x8000000000000000, 0x8, 0x1, 0x68, 0x0, 0x3, 0x7, 0x5}) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) pipe$auto(0x0) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mkdir$auto(0x0, 0x8001) mount$auto(0x0, 0x0, 0x0, 0x3, 0x0) unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/pcrypt/pencrypt/serial_cpumask\x00', 0xa001, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0) sendfile$auto(r1, r1, 0x0, 0x7fffe000) write$auto(r0, &(0x7f0000000040)=',\x00^\xa2\x02\x00\x05\x00\x00\x00\xd8l\x00\x00\x00\x00\x00\x00\xee\x0f_o\xc0\xee?\xce\xa3\x04\x95Hq\xf4\x00\x00\x00\x00\x00\x00\x006\xe0\xb1d)X6\x7f\xec\x94\xdal\xa1\xbb\x86\x9c\xc2\xef\x02\r9%\x06\xc5\'b%m_\x96A\"\xdd\xe40\xa7\xc3\x9ah\xf3B\xc2\xec\xf8\r\f[\xe5\x9dK\xe1\x99\x86\xfc\xac\x9f\x8a', 0x80000000000) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) listen$auto(0x3, 0x81) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x241000, 0x240007, 0x19) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) 0s ago: executing program 1 (id=1517): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000840)="5142651f911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb12dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9", 0x78e) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000100), r1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x24, r2, 0x1, 0x4070bd27, 0x25dfdbf9, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x20044000) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) mmap$auto(0x0, 0x1, 0xfd5, 0x12, 0xffffffffffffffff, 0x0) mmap$auto(0xfffffffffffffff9, 0x2000a, 0x100000000009f, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x668401, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/zram0/reset\x00', 0xa001, 0x0) write$auto(r6, &(0x7f0000000040)='7\x00\\\xa0\x01\x00\x01\x00\x00\x00\x00\x00\xc7k', 0x81) write$auto(r5, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x2}, 0xed7138c}, 0x2, 0x9) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8800, 0x0) r7 = socket(0xa, 0x5, 0x84) sendto$auto(r7, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000700"}, 0x1c) kernel console output (not intermixed with test programs): fffffda RBX: 00007fc7a2015fa0 RCX: 00007fc7a1d9c799 [ 560.547048][T11094] RDX: 0000000000000000 RSI: 0000200000003a80 RDI: 0000000000000004 [ 560.547065][T11094] RBP: 00007fc7a2d1f090 R08: 0000000000000000 R09: 0000000000000000 [ 560.547082][T11094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 560.547098][T11094] R13: 00007fc7a2016038 R14: 00007fc7a2015fa0 R15: 00007fffcbf644e8 [ 560.547146][T11094] [ 563.323877][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.332449][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.805134][T11139] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1118'. [ 564.887018][T11161] FAULT_INJECTION: forcing a failure. [ 564.887018][T11161] name fail_futex, interval 1, probability 0, space 0, times 0 [ 564.928212][T11161] CPU: 0 UID: 0 PID: 11161 Comm: syz.0.1124 Tainted: G L syzkaller #0 PREEMPT(full) [ 564.928245][T11161] Tainted: [L]=SOFTLOCKUP [ 564.928251][T11161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 564.928263][T11161] Call Trace: [ 564.928269][T11161] [ 564.928277][T11161] dump_stack_lvl+0x100/0x190 [ 564.928311][T11161] should_fail_ex.cold+0x5/0xa [ 564.928333][T11161] get_futex_key+0x1d2/0x1620 [ 564.928360][T11161] ? __pfx_get_futex_key+0x10/0x10 [ 564.928390][T11161] futex_wake+0xea/0x530 [ 564.928421][T11161] ? __pfx_futex_wake+0x10/0x10 [ 564.928459][T11161] ? putname+0xb1/0x110 [ 564.928478][T11161] ? kmem_cache_free+0x124/0x6a0 [ 564.928509][T11161] do_futex+0x32b/0x350 [ 564.928534][T11161] ? __pfx_do_futex+0x10/0x10 [ 564.928556][T11161] ? __pfx_do_sys_openat2+0x10/0x10 [ 564.928583][T11161] ? __fget_files+0x21f/0x3d0 [ 564.928604][T11161] __x64_sys_futex+0x34f/0x4d0 [ 564.928630][T11161] ? __x64_sys_openat+0x12d/0x210 [ 564.928656][T11161] ? __pfx___x64_sys_futex+0x10/0x10 [ 564.928690][T11161] do_syscall_64+0x106/0xf80 [ 564.928711][T11161] ? clear_bhb_loop+0x40/0x90 [ 564.928733][T11161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 564.928752][T11161] RIP: 0033:0x7fec5339c799 [ 564.928769][T11161] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 564.928786][T11161] RSP: 002b:00007fec5426f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 564.928806][T11161] RAX: ffffffffffffffda RBX: 00007fec53615fa8 RCX: 00007fec5339c799 [ 564.928818][T11161] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fec53615fac [ 564.928828][T11161] RBP: 00007fec53615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 564.928839][T11161] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 564.928850][T11161] R13: 00007fec53616038 R14: 00007ffe316950c0 R15: 00007ffe316951a8 [ 564.928872][T11161] [ 565.276119][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 575.068409][T11295] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1153'. [ 575.112070][T11295] bridge0: port 2(bridge_slave_1) entered disabled state [ 575.128985][T11295] bridge_slave_1 (unregistering): left allmulticast mode [ 575.153880][T11295] bridge_slave_1 (unregistering): left promiscuous mode [ 575.216038][T11295] bridge0: port 2(bridge_slave_1) entered disabled state [ 582.165051][T11401] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1169'. [ 587.105801][T11484] futex_wake_op: syz.2.1191 tries to shift op by -2048; fix this program [ 589.207009][T11514] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1196'. [ 590.134097][T11523] random: crng reseeded on system resumption [ 590.658849][T11531] FAULT_INJECTION: forcing a failure. [ 590.658849][T11531] name failslab, interval 1, probability 0, space 0, times 0 [ 590.742229][T11531] CPU: 1 UID: 0 PID: 11531 Comm: syz.3.1200 Tainted: G L syzkaller #0 PREEMPT(full) [ 590.742280][T11531] Tainted: [L]=SOFTLOCKUP [ 590.742291][T11531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 590.742309][T11531] Call Trace: [ 590.742318][T11531] [ 590.742329][T11531] dump_stack_lvl+0x100/0x190 [ 590.742394][T11531] should_fail_ex.cold+0x5/0xa [ 590.742432][T11531] should_failslab+0xc2/0x120 [ 590.742467][T11531] __kmalloc_node_noprof+0xe6/0x850 [ 590.742514][T11531] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 590.742562][T11531] __vmalloc_node_range_noprof+0x3dc/0x1530 [ 590.742601][T11531] ? find_held_lock+0x2b/0x80 [ 590.742630][T11531] ? local_lock_release+0x99/0x130 [ 590.742670][T11531] ? kernel_clone+0xfc/0x9a0 [ 590.742714][T11531] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 590.742754][T11531] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 590.742791][T11531] ? rcu_is_watching+0x12/0xc0 [ 590.742835][T11531] ? trace_kmem_cache_alloc+0xf3/0x120 [ 590.742871][T11531] ? kernel_clone+0xfc/0x9a0 [ 590.742905][T11531] __vmalloc_node_noprof+0xad/0xf0 [ 590.742944][T11531] ? kernel_clone+0xfc/0x9a0 [ 590.742981][T11531] copy_process+0x5ec/0x7a40 [ 590.743018][T11531] ? preempt_schedule_thunk+0x16/0x30 [ 590.743063][T11531] ? try_to_wake_up+0x644/0x1a80 [ 590.743098][T11531] ? __pfx_copy_process+0x10/0x10 [ 590.743132][T11531] ? find_held_lock+0x2b/0x80 [ 590.743165][T11531] ? futex_private_hash_put+0x107/0x1c0 [ 590.743206][T11531] kernel_clone+0xfc/0x9a0 [ 590.743240][T11531] ? __pfx_kernel_clone+0x10/0x10 [ 590.743295][T11531] __do_sys_clone+0xd9/0x120 [ 590.743330][T11531] ? __pfx___do_sys_clone+0x10/0x10 [ 590.743409][T11531] do_syscall_64+0x106/0xf80 [ 590.743438][T11531] ? clear_bhb_loop+0x40/0x90 [ 590.743476][T11531] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 590.743506][T11531] RIP: 0033:0x7fc7a1d9c799 [ 590.743533][T11531] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 590.743561][T11531] RSP: 002b:00007fc7a2d1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 590.743590][T11531] RAX: ffffffffffffffda RBX: 00007fc7a2015fa0 RCX: 00007fc7a1d9c799 [ 590.743610][T11531] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 590.743625][T11531] RBP: 00007fc7a1e32c99 R08: 0000000000000002 R09: 0000000000000000 [ 590.743642][T11531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 590.743660][T11531] R13: 00007fc7a2016038 R14: 00007fc7a2015fa0 R15: 00007fffcbf644e8 [ 590.743701][T11531] [ 590.743714][T11531] syz.3.1200: vmalloc error: size 32768, failed to allocated page array size 64, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 591.141580][T11531] CPU: 0 UID: 0 PID: 11531 Comm: syz.3.1200 Tainted: G L syzkaller #0 PREEMPT(full) [ 591.141630][T11531] Tainted: [L]=SOFTLOCKUP [ 591.141641][T11531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 591.141659][T11531] Call Trace: [ 591.141670][T11531] [ 591.141680][T11531] dump_stack_lvl+0x100/0x190 [ 591.141732][T11531] warn_alloc.cold+0x95/0x1c1 [ 591.141786][T11531] ? __pfx_warn_alloc+0x10/0x10 [ 591.141829][T11531] ? lockdep_hardirqs_on+0x78/0x100 [ 591.141860][T11531] ? dump_stack_lvl+0x17c/0x190 [ 591.141909][T11531] ? trace_kmalloc+0x101/0x130 [ 591.141942][T11531] ? __kasan_kmalloc+0x8a/0xb0 [ 591.141970][T11531] ? __kmalloc_node_noprof+0x324/0x850 [ 591.142016][T11531] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 591.142063][T11531] __vmalloc_node_range_noprof+0x1275/0x1530 [ 591.142101][T11531] ? find_held_lock+0x2b/0x80 [ 591.142130][T11531] ? local_lock_release+0x99/0x130 [ 591.142174][T11531] ? kernel_clone+0xfc/0x9a0 [ 591.142220][T11531] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 591.142261][T11531] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 591.142301][T11531] ? rcu_is_watching+0x12/0xc0 [ 591.142346][T11531] ? trace_kmem_cache_alloc+0xf3/0x120 [ 591.142377][T11531] ? kernel_clone+0xfc/0x9a0 [ 591.142420][T11531] __vmalloc_node_noprof+0xad/0xf0 [ 591.142456][T11531] ? kernel_clone+0xfc/0x9a0 [ 591.142493][T11531] copy_process+0x5ec/0x7a40 [ 591.142527][T11531] ? preempt_schedule_thunk+0x16/0x30 [ 591.142569][T11531] ? try_to_wake_up+0x644/0x1a80 [ 591.142603][T11531] ? __pfx_copy_process+0x10/0x10 [ 591.142637][T11531] ? find_held_lock+0x2b/0x80 [ 591.142669][T11531] ? futex_private_hash_put+0x107/0x1c0 [ 591.142710][T11531] kernel_clone+0xfc/0x9a0 [ 591.142759][T11531] ? __pfx_kernel_clone+0x10/0x10 [ 591.142811][T11531] __do_sys_clone+0xd9/0x120 [ 591.142846][T11531] ? __pfx___do_sys_clone+0x10/0x10 [ 591.142909][T11531] do_syscall_64+0x106/0xf80 [ 591.142936][T11531] ? clear_bhb_loop+0x40/0x90 [ 591.142972][T11531] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 591.143002][T11531] RIP: 0033:0x7fc7a1d9c799 [ 591.143027][T11531] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 591.143055][T11531] RSP: 002b:00007fc7a2d1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 591.143081][T11531] RAX: ffffffffffffffda RBX: 00007fc7a2015fa0 RCX: 00007fc7a1d9c799 [ 591.143099][T11531] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 591.143114][T11531] RBP: 00007fc7a1e32c99 R08: 0000000000000002 R09: 0000000000000000 [ 591.143129][T11531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 591.143143][T11531] R13: 00007fc7a2016038 R14: 00007fc7a2015fa0 R15: 00007fffcbf644e8 [ 591.143166][T11531] [ 591.444889][T11536] input: jJǸ-9%vJ86 as /devices/virtual/input/input48 [ 591.445860][T11531] Mem-Info: [ 591.477871][T11531] active_anon:7729 inactive_anon:8 isolated_anon:0 [ 591.477871][T11531] active_file:10787 inactive_file:162555 isolated_file:0 [ 591.477871][T11531] unevictable:768 dirty:987 writeback:0 [ 591.477871][T11531] slab_reclaimable:11521 slab_unreclaimable:94510 [ 591.477871][T11531] mapped:26904 shmem:1357 pagetables:1183 [ 591.477871][T11531] sec_pagetables:0 bounce:0 [ 591.477871][T11531] kernel_misc_reclaimable:0 [ 591.477871][T11531] free:1208607 free_pcp:9698 free_cma:0 [ 591.524533][T11531] Node 0 active_anon:30760kB inactive_anon:32kB active_file:43148kB inactive_file:649696kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:107384kB dirty:3800kB writeback:0kB shmem:3892kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12184kB pagetables:4620kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 591.809786][T11545] FAULT_INJECTION: forcing a failure. [ 591.809786][T11545] name failslab, interval 1, probability 0, space 0, times 0 [ 591.837993][T11531] Node 1 active_anon:156kB inactive_anon:0kB active_file:0kB inactive_file:524kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:232kB dirty:148kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 591.876276][T11545] CPU: 1 UID: 0 PID: 11545 Comm: syz.0.1201 Tainted: G L syzkaller #0 PREEMPT(full) [ 591.876324][T11545] Tainted: [L]=SOFTLOCKUP [ 591.876335][T11545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 591.876352][T11545] Call Trace: [ 591.876361][T11545] [ 591.876372][T11545] dump_stack_lvl+0x100/0x190 [ 591.876424][T11545] should_fail_ex.cold+0x5/0xa [ 591.876458][T11545] should_failslab+0xc2/0x120 [ 591.876491][T11545] __kmalloc_cache_noprof+0x7a/0x6f0 [ 591.876530][T11545] ? alloc_fdtable+0xbd/0x2d0 [ 591.876556][T11545] ? find_held_lock+0x2b/0x80 [ 591.876584][T11545] ? dup_fd+0x924/0xd10 [ 591.876656][T11545] alloc_fdtable+0xbd/0x2d0 [ 591.876687][T11545] dup_fd+0x995/0xd10 [ 591.876724][T11545] ? apparmor_task_alloc+0x2c1/0x3b0 [ 591.876761][T11545] copy_process+0x268f/0x7a40 [ 591.876798][T11545] ? preempt_schedule_thunk+0x16/0x30 [ 591.876848][T11545] ? __pfx_copy_process+0x10/0x10 [ 591.876883][T11545] ? find_held_lock+0x2b/0x80 [ 591.876917][T11545] ? futex_private_hash_put+0x107/0x1c0 [ 591.876962][T11545] kernel_clone+0xfc/0x9a0 [ 591.877000][T11545] ? __pfx_kernel_clone+0x10/0x10 [ 591.877057][T11545] __do_sys_clone+0xd9/0x120 [ 591.877094][T11545] ? __pfx___do_sys_clone+0x10/0x10 [ 591.877160][T11545] do_syscall_64+0x106/0xf80 [ 591.877187][T11545] ? clear_bhb_loop+0x40/0x90 [ 591.877222][T11545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 591.877251][T11545] RIP: 0033:0x7fec5339c799 [ 591.877275][T11545] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 591.877302][T11545] RSP: 002b:00007fec5424e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 591.877333][T11545] RAX: ffffffffffffffda RBX: 00007fec53616090 RCX: 00007fec5339c799 [ 591.877352][T11545] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 591.877367][T11545] RBP: 00007fec53432c99 R08: 0000000000000002 R09: 0000000000000000 [ 591.877383][T11545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 591.877400][T11545] R13: 00007fec53616128 R14: 00007fec53616090 R15: 00007ffe316951a8 [ 591.877438][T11545] [ 592.120998][T11545] input: jJǸ-9%vJ86 as /devices/virtual/input/input49 [ 592.217587][T11531] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 592.247976][T11531] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 592.253764][T11531] Node 0 DMA32 free:884164kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31168kB inactive_anon:32kB active_file:43148kB inactive_file:649696kB unevictable:1536kB writepending:3800kB zspages:0kB present:3129332kB managed:2537292kB mlocked:0kB bounce:0kB free_pcp:36440kB local_pcp:18508kB free_cma:0kB [ 592.287911][T11531] lowmem_reserve[]: 0 0 1 1 1 [ 592.292667][T11531] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1056kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:8kB free_cma:0kB [ 592.336855][T11531] lowmem_reserve[]: 0 0 0 0 0 [ 592.362828][T11531] Node 1 Normal free:3935092kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:56kB inactive_anon:0kB active_file:0kB inactive_file:524kB unevictable:1536kB writepending:148kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:2712kB local_pcp:1856kB free_cma:0kB [ 592.413141][T11531] lowmem_reserve[]: 0 0 0 0 0 [ 592.418108][T11531] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 592.441655][T11531] Node 0 DMA32: 1587*4kB (UME) 2515*8kB (UME) 675*16kB (UME) 307*32kB (UME) 326*64kB (UM) 230*128kB (UM) 159*256kB (UM) 50*512kB (UM) 25*1024kB (UM) 9*2048kB (UM) 165*4096kB (UM) = 883572kB [ 592.510243][T11531] Node 0 Normal: 3*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 592.559612][T11531] Node 1 Normal: 15*4kB (UM) 13*8kB (UM) 13*16kB (UM) 4*32kB (UM) 8*64kB (UM) 15*128kB (UM) 8*256kB (UM) 4*512kB (UM) 4*1024kB (UM) 6*2048kB (UM) 955*4096kB (UM) = 3935092kB [ 592.624075][T11531] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 592.678491][T11531] Node 0 hugepages_total=3 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 592.705852][T11531] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 592.746146][T11531] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 592.772791][T11531] 174698 total pagecache pages [ 592.801112][T11531] 0 pages in swap cache [ 592.836353][T11531] Free swap = 124992kB [ 592.840630][T11531] Total swap = 124996kB [ 592.853772][T11531] 2097051 pages RAM [ 592.891249][T11531] 0 pages HighMem/MovableOnly [ 592.940671][T11531] 430849 pages reserved [ 592.950452][T11531] 0 pages cma reserved [ 596.856607][T11591] program syz.1.1209 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 604.417252][T11686] FAULT_INJECTION: forcing a failure. [ 604.417252][T11686] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 604.505653][T11686] CPU: 0 UID: 0 PID: 11686 Comm: syz.0.1231 Tainted: G L syzkaller #0 PREEMPT(full) [ 604.505702][T11686] Tainted: [L]=SOFTLOCKUP [ 604.505713][T11686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 604.505729][T11686] Call Trace: [ 604.505739][T11686] [ 604.505750][T11686] dump_stack_lvl+0x100/0x190 [ 604.505783][T11686] should_fail_ex.cold+0x5/0xa [ 604.505802][T11686] ? prepare_alloc_pages+0x16d/0x5f0 [ 604.505827][T11686] should_fail_alloc_page+0xeb/0x140 [ 604.505850][T11686] prepare_alloc_pages+0x1f0/0x5f0 [ 604.505876][T11686] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 604.505909][T11686] ? rcu_is_watching+0x12/0xc0 [ 604.505939][T11686] ? trace_mm_page_alloc+0x17a/0x1d0 [ 604.505963][T11686] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 604.505996][T11686] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 604.506028][T11686] ? find_held_lock+0x2b/0x80 [ 604.506046][T11686] ? is_bpf_text_address+0x8a/0x1a0 [ 604.506074][T11686] ? is_bpf_text_address+0x8a/0x1a0 [ 604.506105][T11686] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 604.506126][T11686] ? is_bpf_text_address+0x94/0x1a0 [ 604.506164][T11686] ? kernel_text_address+0x8d/0x100 [ 604.506192][T11686] ? __kernel_text_address+0xd/0x30 [ 604.506219][T11686] ? unwind_get_return_address+0x59/0xa0 [ 604.506247][T11686] alloc_pages_bulk_noprof+0x782/0x1490 [ 604.506287][T11686] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 604.506319][T11686] ? kasan_save_stack+0x30/0x50 [ 604.506348][T11686] ? alloc_pages_noprof+0x238/0x390 [ 604.506371][T11686] __kasan_populate_vmalloc+0xf0/0x210 [ 604.506405][T11686] alloc_vmap_area+0x95d/0x2bd0 [ 604.506435][T11686] ? __pfx_alloc_vmap_area+0x10/0x10 [ 604.506461][T11686] __get_vm_area_node+0x1ca/0x330 [ 604.506488][T11686] __vmalloc_node_range_noprof+0x213/0x1530 [ 604.506514][T11686] ? kernel_clone+0xfc/0x9a0 [ 604.506536][T11686] ? find_held_lock+0x2b/0x80 [ 604.506554][T11686] ? local_lock_release+0x99/0x130 [ 604.506576][T11686] ? local_lock_release+0x99/0x130 [ 604.506601][T11686] ? kernel_clone+0xfc/0x9a0 [ 604.506629][T11686] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 604.506655][T11686] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 604.506681][T11686] ? rcu_is_watching+0x12/0xc0 [ 604.506709][T11686] ? trace_kmem_cache_alloc+0xf3/0x120 [ 604.506731][T11686] ? kernel_clone+0xfc/0x9a0 [ 604.506752][T11686] __vmalloc_node_noprof+0xad/0xf0 [ 604.506776][T11686] ? kernel_clone+0xfc/0x9a0 [ 604.506799][T11686] copy_process+0x5ec/0x7a40 [ 604.506823][T11686] ? __pfx___futex_wait+0x10/0x10 [ 604.506860][T11686] ? __pfx_copy_process+0x10/0x10 [ 604.506893][T11686] kernel_clone+0xfc/0x9a0 [ 604.506913][T11686] ? __pfx_futex_wait+0x10/0x10 [ 604.506943][T11686] ? __pfx_kernel_clone+0x10/0x10 [ 604.506977][T11686] __do_sys_clone+0xd9/0x120 [ 604.506999][T11686] ? __pfx___do_sys_clone+0x10/0x10 [ 604.507040][T11686] do_syscall_64+0x106/0xf80 [ 604.507058][T11686] ? clear_bhb_loop+0x40/0x90 [ 604.507081][T11686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 604.507100][T11686] RIP: 0033:0x7fec5339c799 [ 604.507116][T11686] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 604.507133][T11686] RSP: 002b:00007fec5424e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 604.507152][T11686] RAX: ffffffffffffffda RBX: 00007fec53616090 RCX: 00007fec5339c799 [ 604.507164][T11686] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 604.507174][T11686] RBP: 00007fec53432c99 R08: 0000000000000002 R09: 0000000000000000 [ 604.507185][T11686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 604.507195][T11686] R13: 00007fec53616128 R14: 00007fec53616090 R15: 00007ffe316951a8 [ 604.507218][T11686] [ 605.063875][T11686] syz.0.1231: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 605.268773][T11686] CPU: 1 UID: 0 PID: 11686 Comm: syz.0.1231 Tainted: G L syzkaller #0 PREEMPT(full) [ 605.268824][T11686] Tainted: [L]=SOFTLOCKUP [ 605.268835][T11686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 605.268853][T11686] Call Trace: [ 605.268863][T11686] [ 605.268874][T11686] dump_stack_lvl+0x100/0x190 [ 605.268927][T11686] warn_alloc.cold+0x95/0x1c1 [ 605.268982][T11686] ? __pfx_warn_alloc+0x10/0x10 [ 605.269027][T11686] ? lockdep_hardirqs_on+0x78/0x100 [ 605.269063][T11686] ? __get_vm_area_node+0x2c5/0x330 [ 605.269109][T11686] ? __get_vm_area_node+0x208/0x330 [ 605.269156][T11686] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 605.269197][T11686] ? find_held_lock+0x2b/0x80 [ 605.269226][T11686] ? local_lock_release+0x99/0x130 [ 605.269264][T11686] ? local_lock_release+0x99/0x130 [ 605.269307][T11686] ? kernel_clone+0xfc/0x9a0 [ 605.269353][T11686] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 605.269398][T11686] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 605.269442][T11686] ? rcu_is_watching+0x12/0xc0 [ 605.269490][T11686] ? trace_kmem_cache_alloc+0xf3/0x120 [ 605.269528][T11686] ? kernel_clone+0xfc/0x9a0 [ 605.269570][T11686] __vmalloc_node_noprof+0xad/0xf0 [ 605.269620][T11686] ? kernel_clone+0xfc/0x9a0 [ 605.269662][T11686] copy_process+0x5ec/0x7a40 [ 605.269702][T11686] ? __pfx___futex_wait+0x10/0x10 [ 605.269765][T11686] ? __pfx_copy_process+0x10/0x10 [ 605.269824][T11686] kernel_clone+0xfc/0x9a0 [ 605.269859][T11686] ? __pfx_futex_wait+0x10/0x10 [ 605.269909][T11686] ? __pfx_kernel_clone+0x10/0x10 [ 605.269969][T11686] __do_sys_clone+0xd9/0x120 [ 605.270009][T11686] ? __pfx___do_sys_clone+0x10/0x10 [ 605.270080][T11686] do_syscall_64+0x106/0xf80 [ 605.270112][T11686] ? clear_bhb_loop+0x40/0x90 [ 605.270150][T11686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.270181][T11686] RIP: 0033:0x7fec5339c799 [ 605.270208][T11686] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 605.270237][T11686] RSP: 002b:00007fec5424e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 605.270267][T11686] RAX: ffffffffffffffda RBX: 00007fec53616090 RCX: 00007fec5339c799 [ 605.270289][T11686] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 605.270307][T11686] RBP: 00007fec53432c99 R08: 0000000000000002 R09: 0000000000000000 [ 605.270326][T11686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 605.270341][T11686] R13: 00007fec53616128 R14: 00007fec53616090 R15: 00007ffe316951a8 [ 605.270378][T11686] [ 605.270721][T11686] Mem-Info: [ 605.596251][T11686] active_anon:7692 inactive_anon:2 isolated_anon:0 [ 605.596251][T11686] active_file:10653 inactive_file:162699 isolated_file:0 [ 605.596251][T11686] unevictable:768 dirty:753 writeback:0 [ 605.596251][T11686] slab_reclaimable:11589 slab_unreclaimable:94881 [ 605.596251][T11686] mapped:26953 shmem:1358 pagetables:1165 [ 605.596251][T11686] sec_pagetables:0 bounce:0 [ 605.596251][T11686] kernel_misc_reclaimable:0 [ 605.596251][T11686] free:1210603 free_pcp:7167 free_cma:0 [ 605.694730][T11686] Node 0 active_anon:30768kB inactive_anon:8kB active_file:42612kB inactive_file:650272kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:107564kB dirty:2864kB writeback:0kB shmem:3896kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12256kB pagetables:4548kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 605.756296][T11686] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:524kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:248kB dirty:148kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 605.815932][T11686] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 605.879221][T11682] input: jJǸ-9%vJ86 as /devices/virtual/input/input50 [ 605.908582][T11686] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 605.914451][T11686] Node 0 DMA32 free:890792kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31068kB inactive_anon:8kB active_file:42612kB inactive_file:650272kB unevictable:1536kB writepending:2864kB zspages:0kB present:3129332kB managed:2537292kB mlocked:0kB bounce:0kB free_pcp:27344kB local_pcp:7688kB free_cma:0kB [ 605.979992][T11686] lowmem_reserve[]: 0 0 1 1 1 [ 605.984811][T11686] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1056kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:8kB free_cma:0kB [ 606.077796][T11686] lowmem_reserve[]: 0 0 0 0 0 [ 606.195900][T11686] Node 1 Normal free:3936100kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:100kB inactive_anon:0kB active_file:0kB inactive_file:524kB unevictable:1536kB writepending:148kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:1560kB local_pcp:72kB free_cma:0kB [ 606.358157][T11686] lowmem_reserve[]: 0 0 0 0 0 [ 606.371242][T11686] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 606.458207][T11686] Node 0 DMA32: 2654*4kB (UME) 2271*8kB (UME) 899*16kB (UME) 371*32kB (UME) 331*64kB (UM) 226*128kB (UM) 149*256kB (M) 47*512kB (M) 25*1024kB (UM) 5*2048kB (M) 167*4096kB (UM) = 887232kB [ 606.534612][T11686] Node 0 Normal: 3*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 606.629637][T11686] Node 1 Normal: 29*4kB (UM) 26*8kB (UM) 28*16kB (UM) 13*32kB (UM) 9*64kB (UM) 15*128kB (UM) 9*256kB (UM) 4*512kB (UM) 4*1024kB (UM) 6*2048kB (UM) 955*4096kB (UM) = 3936100kB [ 606.647206][ T0] NOHZ tick-stop error: local softirq work is pending, handler #1c2!!! [ 606.727093][T11686] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 606.756204][T11686] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 606.776006][T11686] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 606.804652][T11686] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 606.905554][T11686] 176530 total pagecache pages [ 606.911281][T11686] 0 pages in swap cache [ 606.923011][T11686] Free swap = 122980kB [ 607.235199][T11686] Total swap = 124996kB [ 607.242385][T11686] 2097051 pages RAM [ 607.265903][T11686] 0 pages HighMem/MovableOnly [ 607.270819][T11686] 430849 pages reserved [ 607.275235][T11686] 0 pages cma reserved [ 620.177425][T11891] FAULT_INJECTION: forcing a failure. [ 620.177425][T11891] name failslab, interval 1, probability 0, space 0, times 0 [ 620.390695][T11891] CPU: 1 UID: 0 PID: 11891 Comm: syz.1.1273 Tainted: G L syzkaller #0 PREEMPT(full) [ 620.390728][T11891] Tainted: [L]=SOFTLOCKUP [ 620.390735][T11891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 620.390747][T11891] Call Trace: [ 620.390754][T11891] [ 620.390761][T11891] dump_stack_lvl+0x100/0x190 [ 620.390802][T11891] should_fail_ex.cold+0x5/0xa [ 620.390824][T11891] should_failslab+0xc2/0x120 [ 620.390846][T11891] __kmalloc_node_noprof+0xe6/0x850 [ 620.390876][T11891] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 620.390907][T11891] __vmalloc_node_range_noprof+0x3dc/0x1530 [ 620.390931][T11891] ? find_held_lock+0x2b/0x80 [ 620.390950][T11891] ? local_lock_release+0x99/0x130 [ 620.390976][T11891] ? kernel_clone+0xfc/0x9a0 [ 620.391005][T11891] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 620.391031][T11891] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 620.391056][T11891] ? rcu_is_watching+0x12/0xc0 [ 620.391085][T11891] ? trace_kmem_cache_alloc+0xf3/0x120 [ 620.391107][T11891] ? kernel_clone+0xfc/0x9a0 [ 620.391128][T11891] __vmalloc_node_noprof+0xad/0xf0 [ 620.391151][T11891] ? kernel_clone+0xfc/0x9a0 [ 620.391175][T11891] copy_process+0x5ec/0x7a40 [ 620.391197][T11891] ? preempt_schedule_thunk+0x16/0x30 [ 620.391224][T11891] ? try_to_wake_up+0x644/0x1a80 [ 620.391246][T11891] ? __pfx_copy_process+0x10/0x10 [ 620.391268][T11891] ? find_held_lock+0x2b/0x80 [ 620.391295][T11891] ? futex_private_hash_put+0x107/0x1c0 [ 620.391322][T11891] kernel_clone+0xfc/0x9a0 [ 620.391345][T11891] ? __pfx_kernel_clone+0x10/0x10 [ 620.391378][T11891] __do_sys_clone+0xd9/0x120 [ 620.391400][T11891] ? __pfx___do_sys_clone+0x10/0x10 [ 620.391438][T11891] do_syscall_64+0x106/0xf80 [ 620.391456][T11891] ? clear_bhb_loop+0x40/0x90 [ 620.391478][T11891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.391497][T11891] RIP: 0033:0x7f60a0d9c799 [ 620.391513][T11891] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 620.391531][T11891] RSP: 002b:00007f60a1b82028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 620.391561][T11891] RAX: ffffffffffffffda RBX: 00007f60a1016090 RCX: 00007f60a0d9c799 [ 620.391573][T11891] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 620.391583][T11891] RBP: 00007f60a0e32c99 R08: 0000000000000002 R09: 0000000000000000 [ 620.391594][T11891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 620.391605][T11891] R13: 00007f60a1016128 R14: 00007f60a1016090 R15: 00007ffdd3c3ca48 [ 620.391627][T11891] [ 620.391637][T11891] syz.1.1273: vmalloc error: size 32768, failed to allocated page array size 64, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 620.685807][T11891] CPU: 1 UID: 0 PID: 11891 Comm: syz.1.1273 Tainted: G L syzkaller #0 PREEMPT(full) [ 620.685857][T11891] Tainted: [L]=SOFTLOCKUP [ 620.685867][T11891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 620.685883][T11891] Call Trace: [ 620.685893][T11891] [ 620.685903][T11891] dump_stack_lvl+0x100/0x190 [ 620.685952][T11891] warn_alloc.cold+0x95/0x1c1 [ 620.686001][T11891] ? __pfx_warn_alloc+0x10/0x10 [ 620.686046][T11891] ? lockdep_hardirqs_on+0x78/0x100 [ 620.686082][T11891] ? dump_stack_lvl+0x17c/0x190 [ 620.686129][T11891] ? trace_kmalloc+0x101/0x130 [ 620.686161][T11891] ? __kasan_kmalloc+0x8a/0xb0 [ 620.686190][T11891] ? __kmalloc_node_noprof+0x324/0x850 [ 620.686236][T11891] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 620.686286][T11891] __vmalloc_node_range_noprof+0x1275/0x1530 [ 620.686326][T11891] ? find_held_lock+0x2b/0x80 [ 620.686367][T11891] ? local_lock_release+0x99/0x130 [ 620.686413][T11891] ? kernel_clone+0xfc/0x9a0 [ 620.686461][T11891] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 620.686505][T11891] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 620.686548][T11891] ? rcu_is_watching+0x12/0xc0 [ 620.686595][T11891] ? trace_kmem_cache_alloc+0xf3/0x120 [ 620.686633][T11891] ? kernel_clone+0xfc/0x9a0 [ 620.686666][T11891] __vmalloc_node_noprof+0xad/0xf0 [ 620.686703][T11891] ? kernel_clone+0xfc/0x9a0 [ 620.686744][T11891] copy_process+0x5ec/0x7a40 [ 620.686781][T11891] ? preempt_schedule_thunk+0x16/0x30 [ 620.686827][T11891] ? try_to_wake_up+0x644/0x1a80 [ 620.686866][T11891] ? __pfx_copy_process+0x10/0x10 [ 620.686902][T11891] ? find_held_lock+0x2b/0x80 [ 620.686938][T11891] ? futex_private_hash_put+0x107/0x1c0 [ 620.686983][T11891] kernel_clone+0xfc/0x9a0 [ 620.687024][T11891] ? __pfx_kernel_clone+0x10/0x10 [ 620.687083][T11891] __do_sys_clone+0xd9/0x120 [ 620.687122][T11891] ? __pfx___do_sys_clone+0x10/0x10 [ 620.687192][T11891] do_syscall_64+0x106/0xf80 [ 620.687223][T11891] ? clear_bhb_loop+0x40/0x90 [ 620.687262][T11891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.687293][T11891] RIP: 0033:0x7f60a0d9c799 [ 620.687319][T11891] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 620.687356][T11891] RSP: 002b:00007f60a1b82028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 620.687384][T11891] RAX: ffffffffffffffda RBX: 00007f60a1016090 RCX: 00007f60a0d9c799 [ 620.687402][T11891] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 620.687418][T11891] RBP: 00007f60a0e32c99 R08: 0000000000000002 R09: 0000000000000000 [ 620.687435][T11891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 620.687451][T11891] R13: 00007f60a1016128 R14: 00007f60a1016090 R15: 00007ffdd3c3ca48 [ 620.687488][T11891] [ 620.979854][T11891] Mem-Info: [ 620.984251][T11891] active_anon:21069 inactive_anon:0 isolated_anon:0 [ 620.984251][T11891] active_file:11067 inactive_file:162704 isolated_file:0 [ 620.984251][T11891] unevictable:768 dirty:982 writeback:0 [ 620.984251][T11891] slab_reclaimable:11560 slab_unreclaimable:94085 [ 620.984251][T11891] mapped:37970 shmem:14782 pagetables:1278 [ 620.984251][T11891] sec_pagetables:0 bounce:0 [ 620.984251][T11891] kernel_misc_reclaimable:0 [ 620.984251][T11891] free:1194478 free_pcp:10222 free_cma:0 [ 620.984644][T11880] input: jJǸ-9%vJ86 as /devices/virtual/input/input51 [ 621.030418][T11891] Node 0 active_anon:84276kB inactive_anon:0kB active_file:44220kB inactive_file:650292kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:151440kB dirty:3780kB writeback:0kB shmem:57592kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12408kB pagetables:5000kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 621.030502][T11891] Node 1 active_anon:0kB inactive_anon:0kB active_file:48kB inactive_file:524kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:440kB dirty:148kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 621.101698][T11891] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 621.131915][T11891] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 621.137865][T11891] Node 0 DMA32 free:825220kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:84276kB inactive_anon:0kB active_file:44220kB inactive_file:650292kB unevictable:1536kB writepending:3780kB zspages:0kB present:3129332kB managed:2537292kB mlocked:0kB bounce:0kB free_pcp:40428kB local_pcp:14632kB free_cma:0kB [ 621.171759][T11891] lowmem_reserve[]: 0 0 1 1 1 [ 621.176523][T11891] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1056kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:8kB free_cma:0kB [ 621.207685][T11891] lowmem_reserve[]: 0 0 0 0 0 [ 621.212494][T11891] Node 1 Normal free:3937320kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:48kB inactive_file:524kB unevictable:1536kB writepending:148kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:436kB local_pcp:436kB free_cma:0kB [ 621.245479][T11891] lowmem_reserve[]: 0 0 0 0 0 [ 621.250489][T11891] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 621.263501][T11891] Node 0 DMA32: 1*4kB (U) 1956*8kB (UE) 725*16kB (UME) 464*32kB (UME) 288*64kB (UM) 228*128kB (UM) 83*256kB (M) 7*512kB (M) 24*1024kB (UM) 3*2048kB (M) 166*4096kB (UM) = 825204kB [ 621.384822][T11891] Node 0 Normal: 3*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 621.663874][T11891] Node 1 Normal: 20*4kB (UM) 31*8kB (UM) 30*16kB (UM) 24*32kB (UM) 20*64kB (UM) 14*128kB (UM) 10*256kB (UM) 4*512kB (UM) 4*1024kB (UM) 6*2048kB (UM) 955*4096kB (UM) = 3937320kB [ 621.734728][T11891] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 621.814091][T11891] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 622.077418][T11891] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 622.362450][T11891] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 622.372127][T11891] 190622 total pagecache pages [ 622.617884][T11891] 0 pages in swap cache [ 622.704587][T11891] Free swap = 123168kB [ 622.736326][T11891] Total swap = 124996kB [ 622.796518][T11891] 2097051 pages RAM [ 622.800397][T11891] 0 pages HighMem/MovableOnly [ 622.912019][T11891] 430849 pages reserved [ 622.921094][T11891] 0 pages cma reserved [ 624.679024][ T30] audit: type=1800 audit(1774994449.209:4): pid=11936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1284" name="features" dev="configfs" ino=51913 res=0 errno=0 [ 624.723466][T11936] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1284'. [ 624.750529][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.757145][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.250370][T11946] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1287'. [ 625.617277][T11950] futex_wake_op: syz.2.1288 tries to shift op by -2048; fix this program [ 627.275596][T11981] futex_wake_op: syz.2.1295 tries to shift op by -2048; fix this program [ 631.058166][T12019] nbd: socks must be embedded in a SOCK_ITEM attr [ 631.086154][T12019] block nbd0: shutting down sockets [ 631.347146][T12006] kexec: Could not allocate control_code_buffer [ 631.862816][T12029] futex_wake_op: syz.2.1307 tries to shift op by -2048; fix this program [ 632.230406][T12036] futex_wake_op: syz.2.1309 tries to shift op by -2048; fix this program [ 635.338628][T12070] FAULT_INJECTION: forcing a failure. [ 635.338628][T12070] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 635.375761][T12070] CPU: 1 UID: 0 PID: 12070 Comm: syz.1.1317 Tainted: G L syzkaller #0 PREEMPT(full) [ 635.375810][T12070] Tainted: [L]=SOFTLOCKUP [ 635.375822][T12070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 635.375838][T12070] Call Trace: [ 635.375847][T12070] [ 635.375859][T12070] dump_stack_lvl+0x100/0x190 [ 635.375912][T12070] should_fail_ex.cold+0x5/0xa [ 635.375942][T12070] ? prepare_alloc_pages+0x16d/0x5f0 [ 635.375983][T12070] should_fail_alloc_page+0xeb/0x140 [ 635.376025][T12070] prepare_alloc_pages+0x1f0/0x5f0 [ 635.376069][T12070] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 635.376125][T12070] ? rcu_is_watching+0x12/0xc0 [ 635.376173][T12070] ? trace_mm_page_alloc+0x17a/0x1d0 [ 635.376213][T12070] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 635.376267][T12070] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 635.376333][T12070] ? find_held_lock+0x2b/0x80 [ 635.376363][T12070] ? is_bpf_text_address+0x8a/0x1a0 [ 635.376411][T12070] ? is_bpf_text_address+0x8a/0x1a0 [ 635.376464][T12070] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 635.376501][T12070] ? is_bpf_text_address+0x94/0x1a0 [ 635.376545][T12070] ? kernel_text_address+0x8d/0x100 [ 635.376584][T12070] ? __kernel_text_address+0xd/0x30 [ 635.376616][T12070] ? unwind_get_return_address+0x59/0xa0 [ 635.376642][T12070] alloc_pages_bulk_noprof+0x782/0x1490 [ 635.376680][T12070] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 635.376712][T12070] ? kasan_save_stack+0x30/0x50 [ 635.376734][T12070] ? alloc_pages_noprof+0x238/0x390 [ 635.376757][T12070] __kasan_populate_vmalloc+0xf0/0x210 [ 635.376791][T12070] alloc_vmap_area+0x95d/0x2bd0 [ 635.376821][T12070] ? __pfx_alloc_vmap_area+0x10/0x10 [ 635.376847][T12070] __get_vm_area_node+0x1ca/0x330 [ 635.376873][T12070] __vmalloc_node_range_noprof+0x213/0x1530 [ 635.376898][T12070] ? kernel_clone+0xfc/0x9a0 [ 635.376919][T12070] ? find_held_lock+0x2b/0x80 [ 635.376936][T12070] ? local_lock_release+0x99/0x130 [ 635.376958][T12070] ? local_lock_release+0x99/0x130 [ 635.376983][T12070] ? kernel_clone+0xfc/0x9a0 [ 635.377005][T12070] ? find_held_lock+0x2b/0x80 [ 635.377022][T12070] ? rcu_read_unlock+0x17/0x60 [ 635.377043][T12070] ? rcu_read_unlock+0x17/0x60 [ 635.377064][T12070] ? obj_cgroup_charge_account+0x46d/0x640 [ 635.377085][T12070] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 635.377112][T12070] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 635.377138][T12070] ? rcu_is_watching+0x12/0xc0 [ 635.377166][T12070] ? trace_kmem_cache_alloc+0xf3/0x120 [ 635.377189][T12070] ? kernel_clone+0xfc/0x9a0 [ 635.377210][T12070] __vmalloc_node_noprof+0xad/0xf0 [ 635.377234][T12070] ? kernel_clone+0xfc/0x9a0 [ 635.377257][T12070] copy_process+0x5ec/0x7a40 [ 635.377288][T12070] ? __pfx___futex_wait+0x10/0x10 [ 635.377325][T12070] ? __pfx_copy_process+0x10/0x10 [ 635.377358][T12070] kernel_clone+0xfc/0x9a0 [ 635.377379][T12070] ? __pfx_futex_wait+0x10/0x10 [ 635.377408][T12070] ? __pfx_kernel_clone+0x10/0x10 [ 635.377441][T12070] __do_sys_clone+0xd9/0x120 [ 635.377464][T12070] ? __pfx___do_sys_clone+0x10/0x10 [ 635.377505][T12070] do_syscall_64+0x106/0xf80 [ 635.377523][T12070] ? clear_bhb_loop+0x40/0x90 [ 635.377545][T12070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.377564][T12070] RIP: 0033:0x7f60a0d9c799 [ 635.377581][T12070] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 635.377598][T12070] RSP: 002b:00007f60a1b82028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 635.377617][T12070] RAX: ffffffffffffffda RBX: 00007f60a1016090 RCX: 00007f60a0d9c799 [ 635.377628][T12070] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 635.377638][T12070] RBP: 00007f60a0e32c99 R08: 0000000000000002 R09: 0000000000000000 [ 635.377648][T12070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 635.377658][T12070] R13: 00007f60a1016128 R14: 00007f60a1016090 R15: 00007ffdd3c3ca48 [ 635.377681][T12070] [ 635.377881][T12070] syz.1.1317: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 635.396805][T12073] input: jJǸ-9%vJ86 as /devices/virtual/input/input52 [ 635.403701][T12070] ,cpuset=/,mems_allowed=0-1 [ 635.813960][T12070] CPU: 1 UID: 0 PID: 12070 Comm: syz.1.1317 Tainted: G L syzkaller #0 PREEMPT(full) [ 635.814006][T12070] Tainted: [L]=SOFTLOCKUP [ 635.814016][T12070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 635.814032][T12070] Call Trace: [ 635.814042][T12070] [ 635.814052][T12070] dump_stack_lvl+0x100/0x190 [ 635.814101][T12070] warn_alloc.cold+0x95/0x1c1 [ 635.814151][T12070] ? __pfx_warn_alloc+0x10/0x10 [ 635.814193][T12070] ? lockdep_hardirqs_on+0x78/0x100 [ 635.814226][T12070] ? __get_vm_area_node+0x2c5/0x330 [ 635.814368][T12070] ? __get_vm_area_node+0x208/0x330 [ 635.814414][T12070] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 635.814451][T12070] ? find_held_lock+0x2b/0x80 [ 635.814478][T12070] ? local_lock_release+0x99/0x130 [ 635.814516][T12070] ? local_lock_release+0x99/0x130 [ 635.814555][T12070] ? kernel_clone+0xfc/0x9a0 [ 635.814593][T12070] ? find_held_lock+0x2b/0x80 [ 635.814621][T12070] ? rcu_read_unlock+0x17/0x60 [ 635.814654][T12070] ? rcu_read_unlock+0x17/0x60 [ 635.814688][T12070] ? obj_cgroup_charge_account+0x46d/0x640 [ 635.814731][T12070] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 635.814773][T12070] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 635.814811][T12070] ? rcu_is_watching+0x12/0xc0 [ 635.814855][T12070] ? trace_kmem_cache_alloc+0xf3/0x120 [ 635.814891][T12070] ? kernel_clone+0xfc/0x9a0 [ 635.814922][T12070] __vmalloc_node_noprof+0xad/0xf0 [ 635.814958][T12070] ? kernel_clone+0xfc/0x9a0 [ 635.814994][T12070] copy_process+0x5ec/0x7a40 [ 635.815029][T12070] ? __pfx___futex_wait+0x10/0x10 [ 635.815085][T12070] ? __pfx_copy_process+0x10/0x10 [ 635.815137][T12070] kernel_clone+0xfc/0x9a0 [ 635.815168][T12070] ? __pfx_futex_wait+0x10/0x10 [ 635.815213][T12070] ? __pfx_kernel_clone+0x10/0x10 [ 635.815267][T12070] __do_sys_clone+0xd9/0x120 [ 635.815310][T12070] ? __pfx___do_sys_clone+0x10/0x10 [ 635.815376][T12070] do_syscall_64+0x106/0xf80 [ 635.815404][T12070] ? clear_bhb_loop+0x40/0x90 [ 635.815437][T12070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.815467][T12070] RIP: 0033:0x7f60a0d9c799 [ 635.815492][T12070] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 635.815518][T12070] RSP: 002b:00007f60a1b82028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 635.815546][T12070] RAX: ffffffffffffffda RBX: 00007f60a1016090 RCX: 00007f60a0d9c799 [ 635.815564][T12070] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 635.815580][T12070] RBP: 00007f60a0e32c99 R08: 0000000000000002 R09: 0000000000000000 [ 635.815596][T12070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 635.815614][T12070] R13: 00007f60a1016128 R14: 00007f60a1016090 R15: 00007ffdd3c3ca48 [ 635.815654][T12070] [ 636.111832][T12070] Mem-Info: [ 636.115010][T12070] active_anon:8708 inactive_anon:0 isolated_anon:0 [ 636.115010][T12070] active_file:11067 inactive_file:163735 isolated_file:0 [ 636.115010][T12070] unevictable:768 dirty:1901 writeback:0 [ 636.115010][T12070] slab_reclaimable:11514 slab_unreclaimable:94424 [ 636.115010][T12070] mapped:27019 shmem:1357 pagetables:1198 [ 636.115010][T12070] sec_pagetables:0 bounce:0 [ 636.115010][T12070] kernel_misc_reclaimable:0 [ 636.115010][T12070] free:1203314 free_pcp:12556 free_cma:0 [ 636.161637][T12070] Node 0 active_anon:35132kB inactive_anon:0kB active_file:44220kB inactive_file:654416kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:107748kB dirty:7460kB writeback:0kB shmem:3892kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12252kB pagetables:4680kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 636.224890][T12070] Node 1 active_anon:0kB inactive_anon:0kB active_file:48kB inactive_file:524kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:328kB dirty:144kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 636.265982][T12070] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 636.531294][T12070] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 636.564688][T12070] Node 0 DMA32 free:876204kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:34920kB inactive_anon:0kB active_file:44220kB inactive_file:650320kB unevictable:1536kB writepending:3388kB zspages:0kB present:3129332kB managed:2537292kB mlocked:0kB bounce:0kB free_pcp:38260kB local_pcp:27048kB free_cma:0kB [ 636.786457][T12070] lowmem_reserve[]: 0 0 1 1 1 [ 636.791376][T12070] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1056kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:16kB free_cma:0kB [ 636.867572][T12070] lowmem_reserve[]: 0 0 0 0 0 [ 636.895104][T12070] Node 1 Normal free:3937756kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:48kB inactive_file:524kB unevictable:1536kB writepending:144kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 636.950684][T12070] lowmem_reserve[]: 0 0 0 0 0 [ 636.969105][T12070] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 637.007904][T12070] Node 0 DMA32: 4160*4kB (UME) 2977*8kB (UME) 1278*16kB (UME) 668*32kB (UME) 383*64kB (UM) 167*128kB (UME) 107*256kB (UM) 20*512kB (UM) 29*1024kB (UM) 10*2048kB (UM) 161*4096kB (UM) = 875432kB [ 637.035778][T12070] Node 0 Normal: 3*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 637.055088][T12070] Node 1 Normal: 23*4kB (UM) 28*8kB (UM) 26*16kB (UM) 20*32kB (UM) 20*64kB (UM) 15*128kB (UM) 10*256kB (UM) 5*512kB (UM) 4*1024kB (UM) 6*2048kB (UM) 955*4096kB (UM) = 3937756kB [ 637.172814][T12070] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 637.271674][T12070] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 637.301698][T12070] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 637.325730][T12070] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 637.337220][T12070] 175135 total pagecache pages [ 637.352539][T12070] 0 pages in swap cache [ 637.362517][T12070] Free swap = 124996kB [ 637.371057][T12070] Total swap = 124996kB [ 637.383703][T12070] 2097051 pages RAM [ 637.392394][T12070] 0 pages HighMem/MovableOnly [ 637.471766][T12070] 430849 pages reserved [ 637.476385][T12070] 0 pages cma reserved [ 639.297747][T12107] futex_wake_op: syz.0.1323 tries to shift op by -2048; fix this program [ 640.707697][T12132] perf: Dynamic interrupt throttling disabled, can hang your system! [ 643.575031][T12160] FAULT_INJECTION: forcing a failure. [ 643.575031][T12160] name failslab, interval 1, probability 0, space 0, times 0 [ 643.711145][T12160] CPU: 1 UID: 0 PID: 12160 Comm: syz.3.1334 Tainted: G L syzkaller #0 PREEMPT(full) [ 643.711178][T12160] Tainted: [L]=SOFTLOCKUP [ 643.711185][T12160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 643.711195][T12160] Call Trace: [ 643.711202][T12160] [ 643.711210][T12160] dump_stack_lvl+0x100/0x190 [ 643.711242][T12160] should_fail_ex.cold+0x5/0xa [ 643.711268][T12160] should_failslab+0xc2/0x120 [ 643.711289][T12160] __kmalloc_cache_noprof+0x7a/0x6f0 [ 643.711315][T12160] ? alloc_fdtable+0xbd/0x2d0 [ 643.711331][T12160] ? find_held_lock+0x2b/0x80 [ 643.711350][T12160] ? dup_fd+0x924/0xd10 [ 643.711371][T12160] alloc_fdtable+0xbd/0x2d0 [ 643.711389][T12160] dup_fd+0x995/0xd10 [ 643.711412][T12160] ? apparmor_task_alloc+0x2c1/0x3b0 [ 643.711434][T12160] copy_process+0x268f/0x7a40 [ 643.711456][T12160] ? preempt_schedule_thunk+0x16/0x30 [ 643.711488][T12160] ? __pfx_copy_process+0x10/0x10 [ 643.711520][T12160] ? find_held_lock+0x2b/0x80 [ 643.711541][T12160] ? futex_private_hash_put+0x107/0x1c0 [ 643.711569][T12160] kernel_clone+0xfc/0x9a0 [ 643.711593][T12160] ? __pfx_kernel_clone+0x10/0x10 [ 643.711627][T12160] __do_sys_clone+0xd9/0x120 [ 643.711650][T12160] ? __pfx___do_sys_clone+0x10/0x10 [ 643.711690][T12160] do_syscall_64+0x106/0xf80 [ 643.711709][T12160] ? clear_bhb_loop+0x40/0x90 [ 643.711731][T12160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.711750][T12160] RIP: 0033:0x7fc7a1d9c799 [ 643.711766][T12160] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 643.711783][T12160] RSP: 002b:00007fc7a2d1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 643.711802][T12160] RAX: ffffffffffffffda RBX: 00007fc7a2015fa0 RCX: 00007fc7a1d9c799 [ 643.711813][T12160] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 643.711823][T12160] RBP: 00007fc7a1e32c99 R08: 0000000000000002 R09: 0000000000000000 [ 643.711835][T12160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 643.711846][T12160] R13: 00007fc7a2016038 R14: 00007fc7a2015fa0 R15: 00007fffcbf644e8 [ 643.711868][T12160] [ 644.093868][T12160] input: jJǸ-9%vJ86 as /devices/virtual/input/input53 [ 644.798307][T12167] capability: warning: `syz.0.1335' uses 32-bit capabilities (legacy support in use) [ 646.473056][T12207] futex_wake_op: syz.3.1343 tries to shift op by -2048; fix this program [ 647.536195][T12220] FAULT_INJECTION: forcing a failure. [ 647.536195][T12220] name failslab, interval 1, probability 0, space 0, times 0 [ 647.549390][T12220] CPU: 1 UID: 0 PID: 12220 Comm: syz.3.1346 Tainted: G L syzkaller #0 PREEMPT(full) [ 647.549423][T12220] Tainted: [L]=SOFTLOCKUP [ 647.549430][T12220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 647.549441][T12220] Call Trace: [ 647.549448][T12220] [ 647.549454][T12220] dump_stack_lvl+0x100/0x190 [ 647.549493][T12220] should_fail_ex.cold+0x5/0xa [ 647.549517][T12220] should_failslab+0xc2/0x120 [ 647.549538][T12220] __kmalloc_node_noprof+0xe6/0x850 [ 647.549568][T12220] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 647.549598][T12220] __vmalloc_node_range_noprof+0x3dc/0x1530 [ 647.549622][T12220] ? find_held_lock+0x2b/0x80 [ 647.549640][T12220] ? local_lock_release+0x99/0x130 [ 647.549673][T12220] ? kernel_clone+0xfc/0x9a0 [ 647.549701][T12220] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 647.549727][T12220] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 647.549753][T12220] ? rcu_is_watching+0x12/0xc0 [ 647.549783][T12220] ? trace_kmem_cache_alloc+0xf3/0x120 [ 647.549806][T12220] ? kernel_clone+0xfc/0x9a0 [ 647.549833][T12220] __vmalloc_node_noprof+0xad/0xf0 [ 647.549868][T12220] ? kernel_clone+0xfc/0x9a0 [ 647.549903][T12220] copy_process+0x5ec/0x7a40 [ 647.549937][T12220] ? preempt_schedule_thunk+0x16/0x30 [ 647.549974][T12220] ? try_to_wake_up+0x644/0x1a80 [ 647.549996][T12220] ? __pfx_copy_process+0x10/0x10 [ 647.550018][T12220] ? find_held_lock+0x2b/0x80 [ 647.550039][T12220] ? futex_private_hash_put+0x107/0x1c0 [ 647.550066][T12220] kernel_clone+0xfc/0x9a0 [ 647.550089][T12220] ? __pfx_kernel_clone+0x10/0x10 [ 647.550123][T12220] __do_sys_clone+0xd9/0x120 [ 647.550145][T12220] ? __pfx___do_sys_clone+0x10/0x10 [ 647.550185][T12220] do_syscall_64+0x106/0xf80 [ 647.550202][T12220] ? clear_bhb_loop+0x40/0x90 [ 647.550233][T12220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.550252][T12220] RIP: 0033:0x7fc7a1d9c799 [ 647.550269][T12220] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 647.550289][T12220] RSP: 002b:00007fc7a2d1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 647.550308][T12220] RAX: ffffffffffffffda RBX: 00007fc7a2015fa0 RCX: 00007fc7a1d9c799 [ 647.550320][T12220] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 647.550331][T12220] RBP: 00007fc7a1e32c99 R08: 0000000000000002 R09: 0000000000000000 [ 647.550341][T12220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 647.550352][T12220] R13: 00007fc7a2016038 R14: 00007fc7a2015fa0 R15: 00007fffcbf644e8 [ 647.550375][T12220] [ 647.550385][T12220] syz.3.1346: vmalloc error: size 32768, failed to allocated page array size 64, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 647.883350][T12220] CPU: 1 UID: 0 PID: 12220 Comm: syz.3.1346 Tainted: G L syzkaller #0 PREEMPT(full) [ 647.883402][T12220] Tainted: [L]=SOFTLOCKUP [ 647.883413][T12220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 647.883428][T12220] Call Trace: [ 647.883436][T12220] [ 647.883448][T12220] dump_stack_lvl+0x100/0x190 [ 647.883499][T12220] warn_alloc.cold+0x95/0x1c1 [ 647.883549][T12220] ? __pfx_warn_alloc+0x10/0x10 [ 647.883592][T12220] ? lockdep_hardirqs_on+0x78/0x100 [ 647.883627][T12220] ? dump_stack_lvl+0x17c/0x190 [ 647.883675][T12220] ? trace_kmalloc+0x101/0x130 [ 647.883705][T12220] ? __kasan_kmalloc+0x8a/0xb0 [ 647.883734][T12220] ? __kmalloc_node_noprof+0x324/0x850 [ 647.883776][T12220] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 647.883821][T12220] __vmalloc_node_range_noprof+0x1275/0x1530 [ 647.883857][T12220] ? find_held_lock+0x2b/0x80 [ 647.883886][T12220] ? local_lock_release+0x99/0x130 [ 647.883927][T12220] ? kernel_clone+0xfc/0x9a0 [ 647.883961][T12220] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 647.883988][T12220] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 647.884014][T12220] ? rcu_is_watching+0x12/0xc0 [ 647.884045][T12220] ? trace_kmem_cache_alloc+0xf3/0x120 [ 647.884068][T12220] ? kernel_clone+0xfc/0x9a0 [ 647.884089][T12220] __vmalloc_node_noprof+0xad/0xf0 [ 647.884114][T12220] ? kernel_clone+0xfc/0x9a0 [ 647.884138][T12220] copy_process+0x5ec/0x7a40 [ 647.884160][T12220] ? preempt_schedule_thunk+0x16/0x30 [ 647.884188][T12220] ? try_to_wake_up+0x644/0x1a80 [ 647.884211][T12220] ? __pfx_copy_process+0x10/0x10 [ 647.884233][T12220] ? find_held_lock+0x2b/0x80 [ 647.884255][T12220] ? futex_private_hash_put+0x107/0x1c0 [ 647.884291][T12220] kernel_clone+0xfc/0x9a0 [ 647.884315][T12220] ? __pfx_kernel_clone+0x10/0x10 [ 647.884349][T12220] __do_sys_clone+0xd9/0x120 [ 647.884372][T12220] ? __pfx___do_sys_clone+0x10/0x10 [ 647.884413][T12220] do_syscall_64+0x106/0xf80 [ 647.884431][T12220] ? clear_bhb_loop+0x40/0x90 [ 647.884453][T12220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.884473][T12220] RIP: 0033:0x7fc7a1d9c799 [ 647.884489][T12220] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 647.884507][T12220] RSP: 002b:00007fc7a2d1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 647.884532][T12220] RAX: ffffffffffffffda RBX: 00007fc7a2015fa0 RCX: 00007fc7a1d9c799 [ 647.884548][T12220] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 647.884558][T12220] RBP: 00007fc7a1e32c99 R08: 0000000000000002 R09: 0000000000000000 [ 647.884569][T12220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 647.884580][T12220] R13: 00007fc7a2016038 R14: 00007fc7a2015fa0 R15: 00007fffcbf644e8 [ 647.884602][T12220] [ 647.936778][T12220] Mem-Info: [ 648.172209][T12220] active_anon:7773 inactive_anon:0 isolated_anon:0 [ 648.172209][T12220] active_file:11067 inactive_file:162714 isolated_file:0 [ 648.172209][T12220] unevictable:768 dirty:1052 writeback:0 [ 648.172209][T12220] slab_reclaimable:11508 slab_unreclaimable:94606 [ 648.172209][T12220] mapped:27052 shmem:1358 pagetables:1185 [ 648.172209][T12220] sec_pagetables:0 bounce:0 [ 648.172209][T12220] kernel_misc_reclaimable:0 [ 648.172209][T12220] free:1210123 free_pcp:7370 free_cma:0 [ 648.212556][T12223] input: jJǸ-9%vJ86 as /devices/virtual/input/input54 [ 648.292009][T12220] Node 0 active_anon:31036kB inactive_anon:0kB active_file:44220kB inactive_file:650252kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115988kB dirty:4072kB writeback:0kB shmem:3904kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12416kB pagetables:4648kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 648.338453][T12220] Node 1 active_anon:0kB inactive_anon:0kB active_file:48kB inactive_file:612kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:416kB dirty:144kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 648.387015][T12220] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 648.441212][T12220] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 648.451262][T12220] Node 0 DMA32 free:887296kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:31036kB inactive_anon:0kB active_file:44220kB inactive_file:650252kB unevictable:1536kB writepending:4072kB zspages:0kB present:3129332kB managed:2537292kB mlocked:0kB bounce:0kB free_pcp:28684kB local_pcp:12060kB free_cma:0kB [ 648.814083][T12220] lowmem_reserve[]: 0 0 1 1 1 [ 648.855102][T12220] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1056kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:16kB free_cma:0kB [ 648.934556][T12220] lowmem_reserve[]: 0 0 0 0 0 [ 649.001462][T12220] Node 1 Normal free:3937504kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:48kB inactive_file:612kB unevictable:1536kB writepending:144kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:164kB local_pcp:0kB free_cma:0kB [ 649.132372][T12220] lowmem_reserve[]: 0 0 0 0 0 [ 649.153696][T12220] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 649.237918][T12220] Node 0 DMA32: 1967*4kB (UME) 3134*8kB (UME) 1192*16kB (UME) 619*32kB (UME) 342*64kB (UM) 241*128kB (UME) 136*256kB (UM) 33*512kB (UM) 31*1024kB (UM) 8*2048kB (M) 161*4096kB (UM) = 883852kB [ 649.295831][T12220] Node 0 Normal: 3*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 649.335162][T12220] Node 1 Normal: 10*4kB (U) 9*8kB (UM) 23*16kB (UM) 20*32kB (UM) 20*64kB (UM) 15*128kB (UM) 10*256kB (UM) 5*512kB (UM) 4*1024kB (UM) 6*2048kB (UM) 955*4096kB (UM) = 3937504kB [ 649.354713][T12220] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 649.365500][T12220] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 649.473571][T12220] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 649.574844][T12220] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 649.606026][T12220] 175146 total pagecache pages [ 649.620551][T12220] 8 pages in swap cache [ 649.685126][T12220] Free swap = 121024kB [ 649.703943][T12220] Total swap = 124996kB [ 649.709910][T12220] 2097051 pages RAM [ 649.714165][T12220] 0 pages HighMem/MovableOnly [ 649.720236][T12220] 430849 pages reserved [ 649.724461][T12220] 0 pages cma reserved [ 655.740434][T12326] FAULT_INJECTION: forcing a failure. [ 655.740434][T12326] name failslab, interval 1, probability 0, space 0, times 0 [ 655.795884][T12326] CPU: 0 UID: 0 PID: 12326 Comm: syz.3.1367 Tainted: G L syzkaller #0 PREEMPT(full) [ 655.795934][T12326] Tainted: [L]=SOFTLOCKUP [ 655.795945][T12326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 655.795962][T12326] Call Trace: [ 655.795972][T12326] [ 655.795983][T12326] dump_stack_lvl+0x100/0x190 [ 655.796033][T12326] should_fail_ex.cold+0x5/0xa [ 655.796069][T12326] should_failslab+0xc2/0x120 [ 655.796103][T12326] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 655.796151][T12326] ? dup_fd+0x4d/0xd10 [ 655.796181][T12326] ? trace_kmalloc+0x101/0x130 [ 655.796219][T12326] dup_fd+0x4d/0xd10 [ 655.796255][T12326] ? apparmor_task_alloc+0x2c1/0x3b0 [ 655.796291][T12326] copy_process+0x268f/0x7a40 [ 655.796357][T12326] ? __pfx_copy_process+0x10/0x10 [ 655.796394][T12326] ? find_held_lock+0x2b/0x80 [ 655.796438][T12326] kernel_clone+0xfc/0x9a0 [ 655.796468][T12326] ? __pfx_futex_wait+0x10/0x10 [ 655.796515][T12326] ? __pfx_kernel_clone+0x10/0x10 [ 655.796571][T12326] __do_sys_clone+0xd9/0x120 [ 655.796607][T12326] ? __pfx___do_sys_clone+0x10/0x10 [ 655.796658][T12326] ? ksys_write+0x1ac/0x250 [ 655.796688][T12326] ? __pfx_ksys_write+0x10/0x10 [ 655.796740][T12326] do_syscall_64+0x106/0xf80 [ 655.796770][T12326] ? clear_bhb_loop+0x40/0x90 [ 655.796814][T12326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.796843][T12326] RIP: 0033:0x7fc7a1d9c799 [ 655.796867][T12326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 655.796893][T12326] RSP: 002b:00007fc7a2cfe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 655.796921][T12326] RAX: ffffffffffffffda RBX: 00007fc7a2016090 RCX: 00007fc7a1d9c799 [ 655.796940][T12326] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 655.796957][T12326] RBP: 00007fc7a1e32c99 R08: 0000000000000002 R09: 0000000000000000 [ 655.796973][T12326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 655.796989][T12326] R13: 00007fc7a2016128 R14: 00007fc7a2016090 R15: 00007fffcbf644e8 [ 655.797032][T12326] [ 656.046168][T12326] input: jJǸ-9%vJ86 as /devices/virtual/input/input55 [ 656.602163][T12340] FAULT_INJECTION: forcing a failure. [ 656.602163][T12340] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 656.618076][T12340] CPU: 0 UID: 0 PID: 12340 Comm: syz.1.1371 Tainted: G L syzkaller #0 PREEMPT(full) [ 656.618124][T12340] Tainted: [L]=SOFTLOCKUP [ 656.618131][T12340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 656.618142][T12340] Call Trace: [ 656.618149][T12340] [ 656.618156][T12340] dump_stack_lvl+0x100/0x190 [ 656.618196][T12340] should_fail_ex.cold+0x5/0xa [ 656.618215][T12340] ? prepare_alloc_pages+0x16d/0x5f0 [ 656.618240][T12340] should_fail_alloc_page+0xeb/0x140 [ 656.618262][T12340] prepare_alloc_pages+0x1f0/0x5f0 [ 656.618288][T12340] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 656.618322][T12340] ? rcu_is_watching+0x12/0xc0 [ 656.618351][T12340] ? trace_mm_page_alloc+0x17a/0x1d0 [ 656.618374][T12340] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 656.618406][T12340] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 656.618439][T12340] ? find_held_lock+0x2b/0x80 [ 656.618463][T12340] ? is_bpf_text_address+0x8a/0x1a0 [ 656.618492][T12340] ? is_bpf_text_address+0x8a/0x1a0 [ 656.618523][T12340] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 656.618544][T12340] ? is_bpf_text_address+0x94/0x1a0 [ 656.618572][T12340] ? kernel_text_address+0x8d/0x100 [ 656.618600][T12340] ? __kernel_text_address+0xd/0x30 [ 656.618628][T12340] ? unwind_get_return_address+0x59/0xa0 [ 656.618654][T12340] alloc_pages_bulk_noprof+0x782/0x1490 [ 656.618692][T12340] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 656.618724][T12340] ? kasan_save_stack+0x30/0x50 [ 656.618746][T12340] ? alloc_pages_noprof+0x238/0x390 [ 656.618768][T12340] __kasan_populate_vmalloc+0xf0/0x210 [ 656.618801][T12340] alloc_vmap_area+0x95d/0x2bd0 [ 656.618831][T12340] ? __pfx_alloc_vmap_area+0x10/0x10 [ 656.618856][T12340] __get_vm_area_node+0x1ca/0x330 [ 656.618882][T12340] __vmalloc_node_range_noprof+0x213/0x1530 [ 656.618907][T12340] ? kernel_clone+0xfc/0x9a0 [ 656.618927][T12340] ? find_held_lock+0x2b/0x80 [ 656.618944][T12340] ? local_lock_release+0x99/0x130 [ 656.618966][T12340] ? local_lock_release+0x99/0x130 [ 656.618991][T12340] ? kernel_clone+0xfc/0x9a0 [ 656.619018][T12340] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 656.619044][T12340] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 656.619069][T12340] ? rcu_is_watching+0x12/0xc0 [ 656.619097][T12340] ? trace_kmem_cache_alloc+0xf3/0x120 [ 656.619119][T12340] ? kernel_clone+0xfc/0x9a0 [ 656.619140][T12340] __vmalloc_node_noprof+0xad/0xf0 [ 656.619163][T12340] ? kernel_clone+0xfc/0x9a0 [ 656.619187][T12340] copy_process+0x5ec/0x7a40 [ 656.619210][T12340] ? __pfx___futex_wait+0x10/0x10 [ 656.619237][T12340] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 656.619267][T12340] ? lockdep_hardirqs_on+0x78/0x100 [ 656.619290][T12340] ? __pfx_copy_process+0x10/0x10 [ 656.619313][T12340] ? find_held_lock+0x2b/0x80 [ 656.619338][T12340] kernel_clone+0xfc/0x9a0 [ 656.619358][T12340] ? __pfx_futex_wait+0x10/0x10 [ 656.619388][T12340] ? __pfx_kernel_clone+0x10/0x10 [ 656.619421][T12340] __do_sys_clone+0xd9/0x120 [ 656.619443][T12340] ? __pfx___do_sys_clone+0x10/0x10 [ 656.619489][T12340] do_syscall_64+0x106/0xf80 [ 656.619506][T12340] ? clear_bhb_loop+0x40/0x90 [ 656.619528][T12340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.619547][T12340] RIP: 0033:0x7f60a0d9c799 [ 656.619564][T12340] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 656.619581][T12340] RSP: 002b:00007f609eff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 656.619599][T12340] RAX: ffffffffffffffda RBX: 00007f60a1016180 RCX: 00007f60a0d9c799 [ 656.619611][T12340] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 656.619621][T12340] RBP: 00007f60a0e32c99 R08: 0000000000000002 R09: 0000000000000000 [ 656.619632][T12340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 656.619643][T12340] R13: 00007f60a1016218 R14: 00007f60a1016180 R15: 00007ffdd3c3ca48 [ 656.619664][T12340] [ 657.078078][T12340] input: jJǸ-9%vJ86 as /devices/virtual/input/input56 [ 659.024144][T12371] openvswitch: netlink: IP tunnel TTL not specified. [ 659.472899][T12370] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 661.096651][T12406] nbd: socks must be embedded in a SOCK_ITEM attr [ 661.170681][T12406] block nbd0: shutting down sockets [ 666.107893][T12484] futex_wake_op: syz.3.1405 tries to shift op by -2048; fix this program [ 666.116549][T12485] FAULT_INJECTION: forcing a failure. [ 666.116549][T12485] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 666.116616][T12485] CPU: 1 UID: 0 PID: 12485 Comm: syz.2.1402 Tainted: G L syzkaller #0 PREEMPT(full) [ 666.116662][T12485] Tainted: [L]=SOFTLOCKUP [ 666.116686][T12485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 666.116704][T12485] Call Trace: [ 666.116715][T12485] [ 666.116727][T12485] dump_stack_lvl+0x100/0x190 [ 666.116780][T12485] should_fail_ex.cold+0x5/0xa [ 666.116812][T12485] ? prepare_alloc_pages+0x16d/0x5f0 [ 666.116853][T12485] should_fail_alloc_page+0xeb/0x140 [ 666.116891][T12485] prepare_alloc_pages+0x1f0/0x5f0 [ 666.116941][T12485] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 666.116996][T12485] ? rcu_is_watching+0x12/0xc0 [ 666.117045][T12485] ? trace_mm_page_alloc+0x17a/0x1d0 [ 666.117083][T12485] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 666.117138][T12485] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 666.117189][T12485] ? stack_trace_save+0x8e/0xc0 [ 666.117224][T12485] ? stack_depot_save_flags+0x27/0x9d0 [ 666.117264][T12485] ? is_bpf_text_address+0x8a/0x1a0 [ 666.117314][T12485] ? is_bpf_text_address+0x8a/0x1a0 [ 666.117365][T12485] ? kasan_save_stack+0x3f/0x50 [ 666.117395][T12485] ? kasan_save_track+0x14/0x30 [ 666.117424][T12485] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 666.117472][T12485] ? alloc_vmap_area+0x640/0x2bd0 [ 666.117513][T12485] ? __get_vm_area_node+0x1ca/0x330 [ 666.117547][T12485] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 666.117583][T12485] ? __vmalloc_node_noprof+0xad/0xf0 [ 666.117614][T12485] ? copy_process+0x5ec/0x7a40 [ 666.117644][T12485] ? kernel_clone+0xfc/0x9a0 [ 666.117685][T12485] ? __do_sys_clone+0xd9/0x120 [ 666.117715][T12485] ? do_syscall_64+0x106/0xf80 [ 666.117753][T12485] alloc_pages_bulk_noprof+0x782/0x1490 [ 666.117808][T12485] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 666.117862][T12485] ? alloc_pages_noprof+0x238/0x390 [ 666.117896][T12485] __kasan_populate_vmalloc+0xf0/0x210 [ 666.117944][T12485] alloc_vmap_area+0x95d/0x2bd0 [ 666.117989][T12485] ? __pfx_alloc_vmap_area+0x10/0x10 [ 666.118028][T12485] __get_vm_area_node+0x1ca/0x330 [ 666.118066][T12485] __vmalloc_node_range_noprof+0x213/0x1530 [ 666.118101][T12485] ? kernel_clone+0xfc/0x9a0 [ 666.118130][T12485] ? find_held_lock+0x2b/0x80 [ 666.118156][T12485] ? local_lock_release+0x99/0x130 [ 666.118188][T12485] ? local_lock_release+0x99/0x130 [ 666.118224][T12485] ? kernel_clone+0xfc/0x9a0 [ 666.118257][T12485] ? find_held_lock+0x2b/0x80 [ 666.118283][T12485] ? rcu_read_unlock+0x17/0x60 [ 666.118312][T12485] ? rcu_read_unlock+0x17/0x60 [ 666.118343][T12485] ? obj_cgroup_charge_account+0x46d/0x640 [ 666.118375][T12485] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 666.118413][T12485] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 666.118449][T12485] ? rcu_is_watching+0x12/0xc0 [ 666.118501][T12485] ? trace_kmem_cache_alloc+0xf3/0x120 [ 666.118534][T12485] ? kernel_clone+0xfc/0x9a0 [ 666.118564][T12485] __vmalloc_node_noprof+0xad/0xf0 [ 666.118598][T12485] ? kernel_clone+0xfc/0x9a0 [ 666.118632][T12485] copy_process+0x5ec/0x7a40 [ 666.118666][T12485] ? __pfx___futex_wait+0x10/0x10 [ 666.118710][T12485] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 666.118751][T12485] ? lockdep_hardirqs_on+0x78/0x100 [ 666.118787][T12485] ? __pfx_copy_process+0x10/0x10 [ 666.118819][T12485] ? find_held_lock+0x2b/0x80 [ 666.118860][T12485] kernel_clone+0xfc/0x9a0 [ 666.118888][T12485] ? __pfx_futex_wait+0x10/0x10 [ 666.118930][T12485] ? __pfx_kernel_clone+0x10/0x10 [ 666.118983][T12485] __do_sys_clone+0xd9/0x120 [ 666.119015][T12485] ? __pfx___do_sys_clone+0x10/0x10 [ 666.119077][T12485] do_syscall_64+0x106/0xf80 [ 666.119102][T12485] ? clear_bhb_loop+0x40/0x90 [ 666.119135][T12485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 666.119164][T12485] RIP: 0033:0x7fe1e039c799 [ 666.119188][T12485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 666.119214][T12485] RSP: 002b:00007fe1e11ac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 666.119241][T12485] RAX: ffffffffffffffda RBX: 00007fe1e0616090 RCX: 00007fe1e039c799 [ 666.119259][T12485] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 666.119275][T12485] RBP: 00007fe1e0432c99 R08: 0000000000000002 R09: 0000000000000000 [ 666.119291][T12485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 666.119308][T12485] R13: 00007fe1e0616128 R14: 00007fe1e0616090 R15: 00007fffa05f6638 [ 666.119343][T12485] [ 666.119428][T12485] warn_alloc: 1 callbacks suppressed [ 666.119443][T12485] syz.2.1402: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 666.631043][T12485] CPU: 0 UID: 0 PID: 12485 Comm: syz.2.1402 Tainted: G L syzkaller #0 PREEMPT(full) [ 666.631089][T12485] Tainted: [L]=SOFTLOCKUP [ 666.631101][T12485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 666.631119][T12485] Call Trace: [ 666.631129][T12485] [ 666.631141][T12485] dump_stack_lvl+0x100/0x190 [ 666.631192][T12485] warn_alloc.cold+0x95/0x1c1 [ 666.631245][T12485] ? __pfx_warn_alloc+0x10/0x10 [ 666.631281][T12485] ? lockdep_hardirqs_on+0x78/0x100 [ 666.631309][T12485] ? __get_vm_area_node+0x2c5/0x330 [ 666.631349][T12485] ? __get_vm_area_node+0x208/0x330 [ 666.631392][T12485] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 666.631429][T12485] ? find_held_lock+0x2b/0x80 [ 666.631450][T12485] ? local_lock_release+0x99/0x130 [ 666.631474][T12485] ? local_lock_release+0x99/0x130 [ 666.631500][T12485] ? kernel_clone+0xfc/0x9a0 [ 666.631532][T12485] ? find_held_lock+0x2b/0x80 [ 666.631550][T12485] ? rcu_read_unlock+0x17/0x60 [ 666.631572][T12485] ? rcu_read_unlock+0x17/0x60 [ 666.631594][T12485] ? obj_cgroup_charge_account+0x46d/0x640 [ 666.631617][T12485] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 666.631644][T12485] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 666.631671][T12485] ? rcu_is_watching+0x12/0xc0 [ 666.631701][T12485] ? trace_kmem_cache_alloc+0xf3/0x120 [ 666.631725][T12485] ? kernel_clone+0xfc/0x9a0 [ 666.631746][T12485] __vmalloc_node_noprof+0xad/0xf0 [ 666.631771][T12485] ? kernel_clone+0xfc/0x9a0 [ 666.631796][T12485] copy_process+0x5ec/0x7a40 [ 666.631820][T12485] ? __pfx___futex_wait+0x10/0x10 [ 666.631850][T12485] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 666.631880][T12485] ? lockdep_hardirqs_on+0x78/0x100 [ 666.631904][T12485] ? __pfx_copy_process+0x10/0x10 [ 666.631927][T12485] ? find_held_lock+0x2b/0x80 [ 666.631955][T12485] kernel_clone+0xfc/0x9a0 [ 666.631976][T12485] ? __pfx_futex_wait+0x10/0x10 [ 666.632007][T12485] ? __pfx_kernel_clone+0x10/0x10 [ 666.632043][T12485] __do_sys_clone+0xd9/0x120 [ 666.632066][T12485] ? __pfx___do_sys_clone+0x10/0x10 [ 666.632108][T12485] do_syscall_64+0x106/0xf80 [ 666.632126][T12485] ? clear_bhb_loop+0x40/0x90 [ 666.632149][T12485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 666.632169][T12485] RIP: 0033:0x7fe1e039c799 [ 666.632186][T12485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 666.632204][T12485] RSP: 002b:00007fe1e11ac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 666.632222][T12485] RAX: ffffffffffffffda RBX: 00007fe1e0616090 RCX: 00007fe1e039c799 [ 666.632234][T12485] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 666.632245][T12485] RBP: 00007fe1e0432c99 R08: 0000000000000002 R09: 0000000000000000 [ 666.632256][T12485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 666.632267][T12485] R13: 00007fe1e0616128 R14: 00007fe1e0616090 R15: 00007fffa05f6638 [ 666.632290][T12485] [ 667.021743][T12485] Mem-Info: [ 667.025595][T12485] active_anon:7157 inactive_anon:0 isolated_anon:625 [ 667.025595][T12485] active_file:11067 inactive_file:162721 isolated_file:0 [ 667.025595][T12485] unevictable:768 dirty:846 writeback:0 [ 667.025595][T12485] slab_reclaimable:11500 slab_unreclaimable:93334 [ 667.025595][T12485] mapped:27043 shmem:1358 pagetables:1204 [ 667.025595][T12485] sec_pagetables:0 bounce:0 [ 667.025595][T12485] kernel_misc_reclaimable:0 [ 667.025595][T12485] free:1204947 free_pcp:13500 free_cma:0 [ 667.026409][T12495] input: jJǸ-9%vJ86 as /devices/virtual/input/input58 [ 667.073468][T12485] Node 0 active_anon:27028kB inactive_anon:0kB active_file:44220kB inactive_file:650220kB unevictable:1536kB isolated(anon):2500kB isolated(file):0kB mapped:107704kB dirty:3232kB writeback:0kB shmem:3896kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12216kB pagetables:4704kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 667.113317][T12485] Node 1 active_anon:1600kB inactive_anon:0kB active_file:48kB inactive_file:664kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:468kB dirty:152kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 667.144240][T12485] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 667.174972][T12485] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 667.180878][T12485] Node 0 DMA32 free:886656kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:27028kB inactive_anon:0kB active_file:44220kB inactive_file:650220kB unevictable:1536kB writepending:3232kB zspages:0kB present:3129332kB managed:2537292kB mlocked:0kB bounce:0kB free_pcp:36112kB local_pcp:15084kB free_cma:0kB [ 667.214794][T12485] lowmem_reserve[]: 0 0 1 1 1 [ 667.219572][T12485] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1056kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:16kB free_cma:0kB [ 667.250850][T12485] lowmem_reserve[]: 0 0 0 0 0 [ 667.255715][T12485] Node 1 Normal free:3917760kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1600kB inactive_anon:0kB active_file:48kB inactive_file:664kB unevictable:1536kB writepending:152kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:17812kB local_pcp:13020kB free_cma:0kB [ 667.345718][T12485] lowmem_reserve[]: 0 0 0 0 0 [ 667.361812][T12485] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 667.375483][T12485] Node 0 DMA32: 2583*4kB (UME) 3046*8kB (UME) 1399*16kB (UME) 443*32kB (ME) 300*64kB (UME) 234*128kB (UME) 146*256kB (UM) 44*512kB (UM) 29*1024kB (UM) 6*2048kB (UM) 162*4096kB (UM) = 885852kB [ 667.406115][T12485] Node 0 Normal: 3*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 667.418899][T12485] Node 1 Normal: 8*4kB (UM) 10*8kB (UM) 11*16kB (UM) 7*32kB (UM) 9*64kB (UM) 7*128kB (UM) 2*256kB (U) 3*512kB (UM) 2*1024kB (U) 2*2048kB (U) 954*4096kB (UM) = 3917760kB [ 667.479422][T12485] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 667.510391][T12485] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 667.520560][T12485] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 667.553754][T12485] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 667.665767][T12485] 175162 total pagecache pages [ 667.679885][T12485] 0 pages in swap cache [ 667.687331][T12485] Free swap = 124996kB [ 667.694331][T12485] Total swap = 124996kB [ 667.905802][T12485] 2097051 pages RAM [ 667.909680][T12485] 0 pages HighMem/MovableOnly [ 667.914379][T12485] 430849 pages reserved [ 667.966545][T12485] 0 pages cma reserved [ 668.559112][T12522] FAULT_INJECTION: forcing a failure. [ 668.559112][T12522] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 668.579875][T12522] CPU: 1 UID: 0 PID: 12522 Comm: syz.0.1413 Tainted: G L syzkaller #0 PREEMPT(full) [ 668.579924][T12522] Tainted: [L]=SOFTLOCKUP [ 668.579935][T12522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 668.579954][T12522] Call Trace: [ 668.579964][T12522] [ 668.579976][T12522] dump_stack_lvl+0x100/0x190 [ 668.580025][T12522] should_fail_ex.cold+0x5/0xa [ 668.580056][T12522] ? prepare_alloc_pages+0x16d/0x5f0 [ 668.580098][T12522] should_fail_alloc_page+0xeb/0x140 [ 668.580138][T12522] prepare_alloc_pages+0x1f0/0x5f0 [ 668.580184][T12522] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 668.580241][T12522] ? rcu_is_watching+0x12/0xc0 [ 668.580304][T12522] ? trace_mm_page_alloc+0x17a/0x1d0 [ 668.580346][T12522] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 668.580403][T12522] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 668.580456][T12522] ? stack_trace_save+0x8e/0xc0 [ 668.580495][T12522] ? stack_depot_save_flags+0x27/0x9d0 [ 668.580537][T12522] ? is_bpf_text_address+0x8a/0x1a0 [ 668.580587][T12522] ? is_bpf_text_address+0x8a/0x1a0 [ 668.580630][T12522] ? kasan_save_stack+0x3f/0x50 [ 668.580648][T12522] ? kasan_save_track+0x14/0x30 [ 668.580664][T12522] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 668.580694][T12522] ? alloc_vmap_area+0x640/0x2bd0 [ 668.580713][T12522] ? __get_vm_area_node+0x1ca/0x330 [ 668.580733][T12522] ? __vmalloc_node_range_noprof+0x213/0x1530 [ 668.580757][T12522] ? __vmalloc_node_noprof+0xad/0xf0 [ 668.580779][T12522] ? copy_process+0x5ec/0x7a40 [ 668.580800][T12522] ? kernel_clone+0xfc/0x9a0 [ 668.580821][T12522] ? __do_sys_clone+0xd9/0x120 [ 668.580842][T12522] ? do_syscall_64+0x106/0xf80 [ 668.580867][T12522] alloc_pages_bulk_noprof+0x782/0x1490 [ 668.580906][T12522] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 668.580945][T12522] ? alloc_pages_noprof+0x238/0x390 [ 668.580968][T12522] __kasan_populate_vmalloc+0xf0/0x210 [ 668.581002][T12522] alloc_vmap_area+0x95d/0x2bd0 [ 668.581032][T12522] ? __pfx_alloc_vmap_area+0x10/0x10 [ 668.581059][T12522] __get_vm_area_node+0x1ca/0x330 [ 668.581087][T12522] __vmalloc_node_range_noprof+0x213/0x1530 [ 668.581113][T12522] ? kernel_clone+0xfc/0x9a0 [ 668.581134][T12522] ? find_held_lock+0x2b/0x80 [ 668.581152][T12522] ? local_lock_release+0x99/0x130 [ 668.581174][T12522] ? local_lock_release+0x99/0x130 [ 668.581200][T12522] ? kernel_clone+0xfc/0x9a0 [ 668.581228][T12522] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 668.581255][T12522] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 668.581289][T12522] ? rcu_is_watching+0x12/0xc0 [ 668.581318][T12522] ? trace_kmem_cache_alloc+0xf3/0x120 [ 668.581340][T12522] ? kernel_clone+0xfc/0x9a0 [ 668.581362][T12522] __vmalloc_node_noprof+0xad/0xf0 [ 668.581385][T12522] ? kernel_clone+0xfc/0x9a0 [ 668.581410][T12522] copy_process+0x5ec/0x7a40 [ 668.581434][T12522] ? __pfx___futex_wait+0x10/0x10 [ 668.581462][T12522] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 668.581491][T12522] ? lockdep_hardirqs_on+0x78/0x100 [ 668.581515][T12522] ? __pfx_copy_process+0x10/0x10 [ 668.581538][T12522] ? find_held_lock+0x2b/0x80 [ 668.581565][T12522] kernel_clone+0xfc/0x9a0 [ 668.581586][T12522] ? __pfx_futex_wait+0x10/0x10 [ 668.581616][T12522] ? __pfx_kernel_clone+0x10/0x10 [ 668.581651][T12522] __do_sys_clone+0xd9/0x120 [ 668.581674][T12522] ? __pfx___do_sys_clone+0x10/0x10 [ 668.581715][T12522] do_syscall_64+0x106/0xf80 [ 668.581732][T12522] ? clear_bhb_loop+0x40/0x90 [ 668.581755][T12522] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 668.581774][T12522] RIP: 0033:0x7fec5339c799 [ 668.581791][T12522] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 668.581808][T12522] RSP: 002b:00007fec5424e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 668.581828][T12522] RAX: ffffffffffffffda RBX: 00007fec53616090 RCX: 00007fec5339c799 [ 668.581840][T12522] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 668.581851][T12522] RBP: 00007fec53432c99 R08: 0000000000000002 R09: 0000000000000000 [ 668.581862][T12522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 668.581873][T12522] R13: 00007fec53616128 R14: 00007fec53616090 R15: 00007ffe316951a8 [ 668.581896][T12522] [ 669.113541][T12517] input: jJǸ-9%vJ86 as /devices/virtual/input/input59 [ 670.340716][T10000] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 670.624084][T10000] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 670.755092][T10000] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 671.045025][T10000] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 671.066755][ T5838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 671.082815][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 671.091355][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 671.099802][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 671.110346][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 671.596647][T10000] bridge_slave_1: left allmulticast mode [ 671.615898][T10000] bridge_slave_1: left promiscuous mode [ 671.639060][T10000] bridge0: port 2(bridge_slave_1) entered disabled state [ 671.674128][T10000] bridge_slave_0: left allmulticast mode [ 671.694543][T10000] bridge_slave_0: left promiscuous mode [ 671.713088][T10000] bridge0: port 1(bridge_slave_0) entered disabled state [ 672.290638][T10000] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 672.334999][T10000] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 672.385371][T10000] bond0 (unregistering): Released all slaves [ 672.478112][T12542] chnl_net:caif_netlink_parms(): no params data found [ 672.653294][T10000] tipc: Left network mode [ 673.146135][ T5839] Bluetooth: hci0: command tx timeout [ 673.482174][T12542] bridge0: port 1(bridge_slave_0) entered blocking state [ 673.521963][T12542] bridge0: port 1(bridge_slave_0) entered disabled state [ 673.546578][T12542] bridge_slave_0: entered allmulticast mode [ 673.560763][T12542] bridge_slave_0: entered promiscuous mode [ 673.590759][T12542] bridge0: port 2(bridge_slave_1) entered blocking state [ 673.644478][T12542] bridge0: port 2(bridge_slave_1) entered disabled state [ 673.662270][T12542] bridge_slave_1: entered allmulticast mode [ 673.674640][T12542] bridge_slave_1: entered promiscuous mode [ 673.988394][T12542] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 674.033520][T10000] hsr_slave_0: left promiscuous mode [ 674.066081][T10000] hsr_slave_1: left promiscuous mode [ 674.086895][T10000] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 674.094572][T10000] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 674.153857][T10000] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 674.248791][T10000] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 674.296336][T10000] veth1_macvtap: left promiscuous mode [ 674.315987][T10000] veth0_macvtap: left promiscuous mode [ 674.337342][T10000] veth1_vlan: left promiscuous mode [ 674.342804][T10000] veth0_vlan: left promiscuous mode [ 675.226248][ T5839] Bluetooth: hci0: command tx timeout [ 675.302435][T10000] team0 (unregistering): Port device team_slave_1 removed [ 675.327882][T10000] team0 (unregistering): Port device team_slave_0 removed [ 675.563599][T12542] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 675.743866][T12542] team0: Port device team_slave_0 added [ 675.775457][T12542] team0: Port device team_slave_1 added [ 675.926598][T12542] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 675.933678][T12542] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 675.961327][T12542] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 675.979252][T12542] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 676.043381][T12542] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 676.075724][T12542] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 676.253514][T12621] FAULT_INJECTION: forcing a failure. [ 676.253514][T12621] name failslab, interval 1, probability 0, space 0, times 0 [ 676.267295][T12542] hsr_slave_0: entered promiscuous mode [ 676.283955][T12542] hsr_slave_1: entered promiscuous mode [ 676.294322][T12542] debugfs: 'hsr0' already exists in 'hsr' [ 676.315739][T12542] Cannot create hsr debugfs directory [ 676.321504][T12621] CPU: 1 UID: 0 PID: 12621 Comm: syz.3.1427 Tainted: G L syzkaller #0 PREEMPT(full) [ 676.321551][T12621] Tainted: [L]=SOFTLOCKUP [ 676.321563][T12621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 676.321581][T12621] Call Trace: [ 676.321591][T12621] [ 676.321603][T12621] dump_stack_lvl+0x100/0x190 [ 676.321655][T12621] should_fail_ex.cold+0x5/0xa [ 676.321693][T12621] should_failslab+0xc2/0x120 [ 676.321728][T12621] __kmalloc_cache_noprof+0x7a/0x6f0 [ 676.321769][T12621] ? alloc_pipe_info+0x10e/0x590 [ 676.321801][T12621] ? find_held_lock+0x2b/0x80 [ 676.321837][T12621] alloc_pipe_info+0x10e/0x590 [ 676.321874][T12621] splice_direct_to_actor+0x78f/0xa30 [ 676.321909][T12621] ? __lock_acquire+0x4a5/0x2630 [ 676.321946][T12621] ? __pfx_direct_splice_actor+0x10/0x10 [ 676.321980][T12621] ? __pfx_aa_file_perm+0x10/0x10 [ 676.322027][T12621] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 676.322071][T12621] do_splice_direct+0x174/0x240 [ 676.322106][T12621] ? __pfx_do_splice_direct+0x10/0x10 [ 676.322138][T12621] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 676.322190][T12621] ? rw_verify_area+0xce/0x6d0 [ 676.322236][T12621] do_sendfile+0xadc/0xe20 [ 676.322291][T12621] ? __pfx_do_sendfile+0x10/0x10 [ 676.322353][T12621] __x64_sys_sendfile64+0x154/0x220 [ 676.322391][T12621] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 676.322448][T12621] do_syscall_64+0x106/0xf80 [ 676.322477][T12621] ? clear_bhb_loop+0x40/0x90 [ 676.322513][T12621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 676.322543][T12621] RIP: 0033:0x7fc7a1d9c799 [ 676.322569][T12621] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 676.322595][T12621] RSP: 002b:00007fc7a2d1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 676.322623][T12621] RAX: ffffffffffffffda RBX: 00007fc7a2015fa0 RCX: 00007fc7a1d9c799 [ 676.322642][T12621] RDX: 0000200000000040 RSI: 0000000000000003 RDI: 0000000000000003 [ 676.322659][T12621] RBP: 00007fc7a2d1f090 R08: 0000000000000000 R09: 0000000000000000 [ 676.322675][T12621] R10: 000000000000a9e2 R11: 0000000000000246 R12: 0000000000000001 [ 676.322692][T12621] R13: 00007fc7a2016038 R14: 00007fc7a2015fa0 R15: 00007fffcbf644e8 [ 676.322731][T12621] [ 677.318505][ T5839] Bluetooth: hci0: command tx timeout [ 678.416224][T12542] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 678.474933][T12542] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 678.501839][T12542] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 678.572729][T12542] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 678.825186][T12660] FAULT_INJECTION: forcing a failure. [ 678.825186][T12660] name failslab, interval 1, probability 0, space 0, times 0 [ 678.872004][T12660] CPU: 1 UID: 0 PID: 12660 Comm: syz.0.1431 Tainted: G L syzkaller #0 PREEMPT(full) [ 678.872038][T12660] Tainted: [L]=SOFTLOCKUP [ 678.872045][T12660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 678.872056][T12660] Call Trace: [ 678.872064][T12660] [ 678.872072][T12660] dump_stack_lvl+0x100/0x190 [ 678.872106][T12660] should_fail_ex.cold+0x5/0xa [ 678.872129][T12660] should_failslab+0xc2/0x120 [ 678.872152][T12660] __kmalloc_node_noprof+0xe6/0x850 [ 678.872181][T12660] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 678.872214][T12660] __vmalloc_node_range_noprof+0x3dc/0x1530 [ 678.872238][T12660] ? find_held_lock+0x2b/0x80 [ 678.872257][T12660] ? local_lock_release+0x99/0x130 [ 678.872284][T12660] ? kernel_clone+0xfc/0x9a0 [ 678.872307][T12660] ? find_held_lock+0x2b/0x80 [ 678.872326][T12660] ? rcu_read_unlock+0x17/0x60 [ 678.872347][T12660] ? obj_cgroup_charge_account+0x46d/0x640 [ 678.872370][T12660] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 678.872397][T12660] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 678.872422][T12660] ? rcu_is_watching+0x12/0xc0 [ 678.872462][T12660] ? trace_kmem_cache_alloc+0xf3/0x120 [ 678.872485][T12660] ? kernel_clone+0xfc/0x9a0 [ 678.872506][T12660] __vmalloc_node_noprof+0xad/0xf0 [ 678.872530][T12660] ? kernel_clone+0xfc/0x9a0 [ 678.872555][T12660] copy_process+0x5ec/0x7a40 [ 678.872578][T12660] ? preempt_schedule_thunk+0x16/0x30 [ 678.872606][T12660] ? try_to_wake_up+0x644/0x1a80 [ 678.872629][T12660] ? __pfx_copy_process+0x10/0x10 [ 678.872653][T12660] ? find_held_lock+0x2b/0x80 [ 678.872674][T12660] ? futex_private_hash_put+0x107/0x1c0 [ 678.872702][T12660] kernel_clone+0xfc/0x9a0 [ 678.872727][T12660] ? __pfx_kernel_clone+0x10/0x10 [ 678.872761][T12660] __do_sys_clone+0xd9/0x120 [ 678.872785][T12660] ? __pfx___do_sys_clone+0x10/0x10 [ 678.872824][T12660] do_syscall_64+0x106/0xf80 [ 678.872843][T12660] ? clear_bhb_loop+0x40/0x90 [ 678.872865][T12660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 678.872885][T12660] RIP: 0033:0x7fec5339c799 [ 678.872902][T12660] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 678.872920][T12660] RSP: 002b:00007fec5426f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 678.872938][T12660] RAX: ffffffffffffffda RBX: 00007fec53615fa0 RCX: 00007fec5339c799 [ 678.872950][T12660] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 678.872961][T12660] RBP: 00007fec53432c99 R08: 0000000000000002 R09: 0000000000000000 [ 678.872972][T12660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 678.872983][T12660] R13: 00007fec53616038 R14: 00007fec53615fa0 R15: 00007ffe316951a8 [ 678.873006][T12660] [ 678.873016][T12660] warn_alloc: 1 callbacks suppressed [ 678.873027][T12660] syz.0.1431: vmalloc error: size 32768, failed to allocated page array size 64, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 679.175035][T12660] CPU: 1 UID: 0 PID: 12660 Comm: syz.0.1431 Tainted: G L syzkaller #0 PREEMPT(full) [ 679.175081][T12660] Tainted: [L]=SOFTLOCKUP [ 679.175092][T12660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 679.175109][T12660] Call Trace: [ 679.175119][T12660] [ 679.175129][T12660] dump_stack_lvl+0x100/0x190 [ 679.175180][T12660] warn_alloc.cold+0x95/0x1c1 [ 679.175239][T12660] ? __pfx_warn_alloc+0x10/0x10 [ 679.175284][T12660] ? lockdep_hardirqs_on+0x78/0x100 [ 679.175315][T12660] ? dump_stack_lvl+0x17c/0x190 [ 679.175360][T12660] ? trace_kmalloc+0x101/0x130 [ 679.175393][T12660] ? __kasan_kmalloc+0x8a/0xb0 [ 679.175423][T12660] ? __kmalloc_node_noprof+0x324/0x850 [ 679.175466][T12660] ? __vmalloc_node_range_noprof+0x3dc/0x1530 [ 679.175516][T12660] __vmalloc_node_range_noprof+0x1275/0x1530 [ 679.175554][T12660] ? find_held_lock+0x2b/0x80 [ 679.175583][T12660] ? local_lock_release+0x99/0x130 [ 679.175632][T12660] ? kernel_clone+0xfc/0x9a0 [ 679.175673][T12660] ? rcu_read_unlock+0x17/0x60 [ 679.175707][T12660] ? obj_cgroup_charge_account+0x46d/0x640 [ 679.175744][T12660] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 679.175787][T12660] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 679.175830][T12660] ? rcu_is_watching+0x12/0xc0 [ 679.175878][T12660] ? trace_kmem_cache_alloc+0xf3/0x120 [ 679.175916][T12660] ? kernel_clone+0xfc/0x9a0 [ 679.175952][T12660] __vmalloc_node_noprof+0xad/0xf0 [ 679.175991][T12660] ? kernel_clone+0xfc/0x9a0 [ 679.176031][T12660] copy_process+0x5ec/0x7a40 [ 679.176070][T12660] ? preempt_schedule_thunk+0x16/0x30 [ 679.176118][T12660] ? try_to_wake_up+0x644/0x1a80 [ 679.176157][T12660] ? __pfx_copy_process+0x10/0x10 [ 679.176195][T12660] ? find_held_lock+0x2b/0x80 [ 679.176241][T12660] ? futex_private_hash_put+0x107/0x1c0 [ 679.176288][T12660] kernel_clone+0xfc/0x9a0 [ 679.176329][T12660] ? __pfx_kernel_clone+0x10/0x10 [ 679.176389][T12660] __do_sys_clone+0xd9/0x120 [ 679.176428][T12660] ? __pfx___do_sys_clone+0x10/0x10 [ 679.176496][T12660] do_syscall_64+0x106/0xf80 [ 679.176526][T12660] ? clear_bhb_loop+0x40/0x90 [ 679.176564][T12660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 679.176596][T12660] RIP: 0033:0x7fec5339c799 [ 679.176625][T12660] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 679.176653][T12660] RSP: 002b:00007fec5426f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 679.176685][T12660] RAX: ffffffffffffffda RBX: 00007fec53615fa0 RCX: 00007fec5339c799 [ 679.176706][T12660] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 679.176725][T12660] RBP: 00007fec53432c99 R08: 0000000000000002 R09: 0000000000000000 [ 679.176744][T12660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 679.176762][T12660] R13: 00007fec53616038 R14: 00007fec53615fa0 R15: 00007ffe316951a8 [ 679.176804][T12660] [ 679.465282][ T5839] Bluetooth: hci0: command tx timeout [ 679.474036][T12542] 8021q: adding VLAN 0 to HW filter on device bond0 [ 679.489905][T12668] input: jJǸ-9%vJ86 as /devices/virtual/input/input60 [ 679.499045][T12660] Mem-Info: [ 679.502189][T12660] active_anon:6821 inactive_anon:0 isolated_anon:0 [ 679.502189][T12660] active_file:11083 inactive_file:162687 isolated_file:0 [ 679.502189][T12660] unevictable:768 dirty:1161 writeback:0 [ 679.502189][T12660] slab_reclaimable:11583 slab_unreclaimable:93261 [ 679.502189][T12660] mapped:26024 shmem:1357 pagetables:1143 [ 679.502189][T12660] sec_pagetables:0 bounce:0 [ 679.502189][T12660] kernel_misc_reclaimable:0 [ 679.502189][T12660] free:1206175 free_pcp:13732 free_cma:0 [ 679.548664][T12660] Node 0 active_anon:27284kB inactive_anon:0kB active_file:44280kB inactive_file:650160kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:103752kB dirty:4488kB writeback:0kB shmem:3892kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12160kB pagetables:4460kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 679.581406][T12660] Node 1 active_anon:0kB inactive_anon:0kB active_file:52kB inactive_file:588kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:344kB dirty:156kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 679.613197][T12660] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 679.652946][T12674] FAULT_INJECTION: forcing a failure. [ 679.652946][T12674] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 679.702986][T12674] CPU: 0 UID: 0 PID: 12674 Comm: syz.2.1432 Tainted: G L syzkaller #0 PREEMPT(full) [ 679.703039][T12674] Tainted: [L]=SOFTLOCKUP [ 679.703050][T12674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 679.703068][T12674] Call Trace: [ 679.703080][T12674] [ 679.703093][T12674] dump_stack_lvl+0x100/0x190 [ 679.703145][T12674] should_fail_ex.cold+0x5/0xa [ 679.703177][T12674] ? prepare_alloc_pages+0x16d/0x5f0 [ 679.703227][T12674] should_fail_alloc_page+0xeb/0x140 [ 679.703266][T12674] prepare_alloc_pages+0x1f0/0x5f0 [ 679.703309][T12674] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 679.703363][T12674] ? rcu_is_watching+0x12/0xc0 [ 679.703409][T12674] ? trace_mm_page_alloc+0x17a/0x1d0 [ 679.703447][T12674] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 679.703500][T12674] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 679.703554][T12674] ? find_held_lock+0x2b/0x80 [ 679.703582][T12674] ? is_bpf_text_address+0x8a/0x1a0 [ 679.703625][T12674] ? is_bpf_text_address+0x8a/0x1a0 [ 679.703671][T12674] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 679.703705][T12674] ? is_bpf_text_address+0x94/0x1a0 [ 679.703751][T12674] ? kernel_text_address+0x8d/0x100 [ 679.703793][T12674] ? __kernel_text_address+0xd/0x30 [ 679.703836][T12674] ? unwind_get_return_address+0x59/0xa0 [ 679.703881][T12674] alloc_pages_bulk_noprof+0x782/0x1490 [ 679.703947][T12674] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 679.703999][T12674] ? kasan_save_stack+0x30/0x50 [ 679.704037][T12674] ? alloc_pages_noprof+0x238/0x390 [ 679.704074][T12674] __kasan_populate_vmalloc+0xf0/0x210 [ 679.704129][T12674] alloc_vmap_area+0x95d/0x2bd0 [ 679.704179][T12674] ? __pfx_alloc_vmap_area+0x10/0x10 [ 679.704234][T12674] __get_vm_area_node+0x1ca/0x330 [ 679.704279][T12674] __vmalloc_node_range_noprof+0x213/0x1530 [ 679.704320][T12674] ? kernel_clone+0xfc/0x9a0 [ 679.704356][T12674] ? find_held_lock+0x2b/0x80 [ 679.704383][T12674] ? local_lock_release+0x99/0x130 [ 679.704420][T12674] ? local_lock_release+0x99/0x130 [ 679.704459][T12674] ? kernel_clone+0xfc/0x9a0 [ 679.704495][T12674] ? find_held_lock+0x2b/0x80 [ 679.704522][T12674] ? rcu_read_unlock+0x17/0x60 [ 679.704553][T12674] ? rcu_read_unlock+0x17/0x60 [ 679.704585][T12674] ? obj_cgroup_charge_account+0x46d/0x640 [ 679.704619][T12674] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 679.704662][T12674] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 679.704706][T12674] ? rcu_is_watching+0x12/0xc0 [ 679.704749][T12674] ? trace_kmem_cache_alloc+0xf3/0x120 [ 679.704788][T12674] ? kernel_clone+0xfc/0x9a0 [ 679.704823][T12674] __vmalloc_node_noprof+0xad/0xf0 [ 679.704861][T12674] ? kernel_clone+0xfc/0x9a0 [ 679.704899][T12674] copy_process+0x5ec/0x7a40 [ 679.704940][T12674] ? __pfx___futex_wait+0x10/0x10 [ 679.704986][T12674] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 679.705035][T12674] ? lockdep_hardirqs_on+0x78/0x100 [ 679.705077][T12674] ? __pfx_copy_process+0x10/0x10 [ 679.705117][T12674] ? find_held_lock+0x2b/0x80 [ 679.705164][T12674] kernel_clone+0xfc/0x9a0 [ 679.705208][T12674] ? __pfx_futex_wait+0x10/0x10 [ 679.705259][T12674] ? __pfx_kernel_clone+0x10/0x10 [ 679.705320][T12674] __do_sys_clone+0xd9/0x120 [ 679.705360][T12674] ? __pfx___do_sys_clone+0x10/0x10 [ 679.705416][T12674] ? ksys_write+0x1ac/0x250 [ 679.705446][T12674] ? __pfx_ksys_write+0x10/0x10 [ 679.705489][T12674] do_syscall_64+0x106/0xf80 [ 679.705519][T12674] ? clear_bhb_loop+0x40/0x90 [ 679.705558][T12674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 679.705590][T12674] RIP: 0033:0x7fe1e039c799 [ 679.705622][T12674] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 679.705650][T12674] RSP: 002b:00007fe1e11ac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 679.705681][T12674] RAX: ffffffffffffffda RBX: 00007fe1e0616090 RCX: 00007fe1e039c799 [ 679.705702][T12674] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 679.705721][T12674] RBP: 00007fe1e0432c99 R08: 0000000000000002 R09: 0000000000000000 [ 679.705739][T12674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 679.705755][T12674] R13: 00007fe1e0616128 R14: 00007fe1e0616090 R15: 00007fffa05f6638 [ 679.705794][T12674] [ 679.738278][T12542] 8021q: adding VLAN 0 to HW filter on device team0 [ 680.139343][T12676] input: jJǸ-9%vJ86 as /devices/virtual/input/input61 [ 680.148546][T12660] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 680.205979][T12660] Node 0 DMA32 free:889412kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:27184kB inactive_anon:0kB active_file:44280kB inactive_file:650160kB unevictable:1536kB writepending:4488kB zspages:0kB present:3129332kB managed:2537292kB mlocked:0kB bounce:0kB free_pcp:35860kB local_pcp:15672kB free_cma:0kB [ 680.240999][T12672] nbd: socks must be embedded in a SOCK_ITEM attr [ 680.303027][T12672] block nbd0: shutting down sockets [ 680.312834][T12660] lowmem_reserve[]: 0 0 1 1 1 [ 680.326133][T12660] Node 0 Normal free:12kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1056kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:8kB free_cma:0kB [ 680.510417][T12660] lowmem_reserve[]: 0 0 0 0 0 [ 680.515257][T12660] Node 1 Normal free:3919220kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:52kB inactive_file:588kB unevictable:1536kB writepending:156kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:18416kB local_pcp:15700kB free_cma:0kB [ 680.647717][T10000] bridge0: port 1(bridge_slave_0) entered blocking state [ 680.655244][T10000] bridge0: port 1(bridge_slave_0) entered forwarding state [ 680.708647][ T9983] bridge0: port 2(bridge_slave_1) entered blocking state [ 680.715876][ T9983] bridge0: port 2(bridge_slave_1) entered forwarding state [ 680.746012][T12660] lowmem_reserve[]: 0 0 0 0 0 [ 680.750830][T12660] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 680.802378][T12660] Node 0 DMA32: 2309*4kB (UME) 2552*8kB (UME) 1277*16kB (UME) 493*32kB (UME) 305*64kB (UME) 240*128kB (UME) 155*256kB (UM) 56*512kB (UM) 36*1024kB (UM) 6*2048kB (UM) 160*4096kB (UM) = 888964kB [ 680.876718][T12660] Node 0 Normal: 3*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 680.962125][T12660] Node 1 Normal: 12*4kB (UM) 11*8kB (UM) 14*16kB (UM) 8*32kB (UM) 13*64kB (UM) 8*128kB (UM) 4*256kB (UM) 4*512kB (UM) 2*1024kB (U) 2*2048kB (U) 954*4096kB (UM) = 3919272kB [ 680.994424][T12542] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 681.022256][T12542] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 681.036828][T12660] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 681.324257][T12660] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 681.525096][T12660] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 681.586227][T12660] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 681.622095][T12660] 175126 total pagecache pages [ 681.637654][T12660] 0 pages in swap cache [ 681.653971][T12660] Free swap = 124996kB [ 681.740941][T12660] Total swap = 124996kB [ 681.758223][T12660] 2097051 pages RAM [ 681.811907][T12660] 0 pages HighMem/MovableOnly [ 681.842293][T12660] 430849 pages reserved [ 681.850694][T12698] zswap: compressor not available [ 681.881465][T12703] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE r҄y*"l-y–L̓]' [ 681.893470][T12660] 0 pages cma reserved [ 681.947567][T12703] CPU: 0 UID: 0 PID: 12703 Comm: syz.3.1435 Tainted: G L syzkaller #0 PREEMPT(full) [ 681.947616][T12703] Tainted: [L]=SOFTLOCKUP [ 681.947626][T12703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 681.947643][T12703] Call Trace: [ 681.947653][T12703] [ 681.947664][T12703] dump_stack_lvl+0x100/0x190 [ 681.947713][T12703] sysfs_warn_dup.cold+0x1c/0x28 [ 681.947753][T12703] sysfs_do_create_link_sd+0x113/0x140 [ 681.947800][T12703] sysfs_create_link+0x61/0xc0 [ 681.947844][T12703] device_add+0x675/0x1950 [ 681.947885][T12703] ? __pfx_device_add+0x10/0x10 [ 681.947921][T12703] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 681.947953][T12703] ? ieee80211_set_bitrate_flags+0x41b/0x6b0 [ 681.948010][T12703] wiphy_register+0x1e5b/0x2d30 [ 681.948043][T12703] ? __rtnl_unlock+0xb9/0xf0 [ 681.948076][T12703] ? netdev_run_todo+0x750/0x12c0 [ 681.948113][T12703] ? __pfx_wiphy_register+0x10/0x10 [ 681.948145][T12703] ? __asan_memset+0x23/0x50 [ 681.948185][T12703] ? minstrel_ht_alloc+0x5e6/0x7f0 [ 681.948233][T12703] ieee80211_register_hw+0x2cfd/0x4140 [ 681.948285][T12703] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 681.948318][T12703] ? __pfx___debug_object_init+0x10/0x10 [ 681.948356][T12703] ? find_held_lock+0x2b/0x80 [ 681.948387][T12703] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 681.948421][T12703] ? __hrtimer_setup+0x178/0x280 [ 681.948478][T12703] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 681.948543][T12703] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 681.948590][T12703] hwsim_new_radio_nl+0xc1f/0x1340 [ 681.948627][T12703] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 681.948671][T12703] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 681.948708][T12703] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 681.948751][T12703] genl_family_rcv_msg_doit+0x214/0x300 [ 681.948790][T12703] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 681.948824][T12703] ? genl_get_cmd+0x3ef/0x720 [ 681.948866][T12703] ? bpf_lsm_capable+0x9/0x10 [ 681.948897][T12703] ? security_capable+0x80/0x260 [ 681.948927][T12703] ? ns_capable+0xd2/0xf0 [ 681.948960][T12703] genl_rcv_msg+0x560/0x800 [ 681.948999][T12703] ? __pfx_genl_rcv_msg+0x10/0x10 [ 681.949035][T12703] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 681.949082][T12703] netlink_rcv_skb+0x159/0x420 [ 681.949113][T12703] ? __pfx_genl_rcv_msg+0x10/0x10 [ 681.949151][T12703] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 681.949202][T12703] ? netlink_deliver_tap+0x1ae/0xcc0 [ 681.949262][T12703] genl_rcv+0x28/0x40 [ 681.949293][T12703] netlink_unicast+0x5aa/0x870 [ 681.949329][T12703] ? __pfx_netlink_unicast+0x10/0x10 [ 681.949351][T12703] ? __pfx___might_resched+0x10/0x10 [ 681.949379][T12703] ? __lock_acquire+0x4a5/0x2630 [ 681.949411][T12703] netlink_sendmsg+0x8b0/0xda0 [ 681.949434][T12703] ? __pfx_netlink_sendmsg+0x10/0x10 [ 681.949453][T12703] ? __import_iovec+0x1d2/0x640 [ 681.949497][T12703] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 681.949524][T12703] ____sys_sendmsg+0x9e1/0xb70 [ 681.949547][T12703] ? __pfx_netlink_sendmsg+0x10/0x10 [ 681.949570][T12703] ? __pfx_____sys_sendmsg+0x10/0x10 [ 681.949598][T12703] ? __pfx_futex_wake_mark+0x10/0x10 [ 681.949632][T12703] ___sys_sendmsg+0x190/0x1e0 [ 681.949659][T12703] ? __pfx____sys_sendmsg+0x10/0x10 [ 681.949713][T12703] __sys_sendmsg+0x170/0x220 [ 681.949743][T12703] ? __pfx___sys_sendmsg+0x10/0x10 [ 681.949773][T12703] ? __x64_sys_futex+0x34f/0x4d0 [ 681.949813][T12703] do_syscall_64+0x106/0xf80 [ 681.949831][T12703] ? clear_bhb_loop+0x40/0x90 [ 681.949855][T12703] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 681.949874][T12703] RIP: 0033:0x7fc7a1d9c799 [ 681.949892][T12703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 681.949910][T12703] RSP: 002b:00007fc7a2cfe028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 681.949930][T12703] RAX: ffffffffffffffda RBX: 00007fc7a2016090 RCX: 00007fc7a1d9c799 [ 681.949942][T12703] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000007 [ 681.949953][T12703] RBP: 00007fc7a1e32c99 R08: 0000000000000000 R09: 0000000000000000 [ 681.949964][T12703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 681.949975][T12703] R13: 00007fc7a2016128 R14: 00007fc7a2016090 R15: 00007fffcbf644e8 [ 681.950000][T12703] [ 682.516396][T12542] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 682.909357][T12542] veth0_vlan: entered promiscuous mode [ 683.066260][T12542] veth1_vlan: entered promiscuous mode [ 683.340821][T12542] veth0_macvtap: entered promiscuous mode [ 683.430448][T12542] veth1_macvtap: entered promiscuous mode [ 683.566984][T12542] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 683.600380][T12542] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 683.829334][T10000] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 683.850778][T10000] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 683.881987][T10000] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 683.920556][T10000] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 684.120274][ T9980] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 684.169522][ T9980] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 684.243173][ T9983] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 684.259249][ T9983] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 684.337634][T12734] random: crng reseeded on system resumption [ 684.895796][T12767] nbd: socks must be embedded in a SOCK_ITEM attr [ 684.903449][T12766] nfs: Unknown parameter '>0H&Od' [ 684.919904][T12767] block nbd0: shutting down sockets [ 686.196291][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.202706][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.916086][T12794] FAULT_INJECTION: forcing a failure. [ 686.916086][T12794] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 686.972486][T12794] CPU: 1 UID: 0 PID: 12794 Comm: syz.1.1445 Tainted: G L syzkaller #0 PREEMPT(full) [ 686.972533][T12794] Tainted: [L]=SOFTLOCKUP [ 686.972540][T12794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 686.972552][T12794] Call Trace: [ 686.972559][T12794] [ 686.972567][T12794] dump_stack_lvl+0x100/0x190 [ 686.972599][T12794] should_fail_ex.cold+0x5/0xa [ 686.972620][T12794] ? prepare_alloc_pages+0x16d/0x5f0 [ 686.972646][T12794] should_fail_alloc_page+0xeb/0x140 [ 686.972670][T12794] prepare_alloc_pages+0x1f0/0x5f0 [ 686.972696][T12794] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 686.972729][T12794] ? rcu_is_watching+0x12/0xc0 [ 686.972759][T12794] ? trace_mm_page_alloc+0x17a/0x1d0 [ 686.972782][T12794] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 686.972815][T12794] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 686.972848][T12794] ? find_held_lock+0x2b/0x80 [ 686.972866][T12794] ? is_bpf_text_address+0x8a/0x1a0 [ 686.972896][T12794] ? is_bpf_text_address+0x8a/0x1a0 [ 686.972927][T12794] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 686.972948][T12794] ? is_bpf_text_address+0x94/0x1a0 [ 686.972977][T12794] ? kernel_text_address+0x8d/0x100 [ 686.973005][T12794] ? __kernel_text_address+0xd/0x30 [ 686.973032][T12794] ? unwind_get_return_address+0x59/0xa0 [ 686.973058][T12794] alloc_pages_bulk_noprof+0x782/0x1490 [ 686.973096][T12794] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 686.973128][T12794] ? kasan_save_stack+0x30/0x50 [ 686.973150][T12794] ? alloc_pages_noprof+0x238/0x390 [ 686.973173][T12794] __kasan_populate_vmalloc+0xf0/0x210 [ 686.973209][T12794] alloc_vmap_area+0x95d/0x2bd0 [ 686.973239][T12794] ? __pfx_alloc_vmap_area+0x10/0x10 [ 686.973265][T12794] __get_vm_area_node+0x1ca/0x330 [ 686.973291][T12794] __vmalloc_node_range_noprof+0x213/0x1530 [ 686.973317][T12794] ? kernel_clone+0xfc/0x9a0 [ 686.973337][T12794] ? find_held_lock+0x2b/0x80 [ 686.973355][T12794] ? local_lock_release+0x99/0x130 [ 686.973378][T12794] ? local_lock_release+0x99/0x130 [ 686.973403][T12794] ? kernel_clone+0xfc/0x9a0 [ 686.973426][T12794] ? find_held_lock+0x2b/0x80 [ 686.973451][T12794] ? rcu_read_unlock+0x17/0x60 [ 686.973472][T12794] ? rcu_read_unlock+0x17/0x60 [ 686.973493][T12794] ? obj_cgroup_charge_account+0x46d/0x640 [ 686.973516][T12794] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 686.973543][T12794] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 686.973570][T12794] ? rcu_is_watching+0x12/0xc0 [ 686.973599][T12794] ? trace_kmem_cache_alloc+0xf3/0x120 [ 686.973623][T12794] ? kernel_clone+0xfc/0x9a0 [ 686.973645][T12794] __vmalloc_node_noprof+0xad/0xf0 [ 686.973670][T12794] ? kernel_clone+0xfc/0x9a0 [ 686.973694][T12794] copy_process+0x5ec/0x7a40 [ 686.973718][T12794] ? __pfx___futex_wait+0x10/0x10 [ 686.973747][T12794] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 686.973776][T12794] ? lockdep_hardirqs_on+0x78/0x100 [ 686.973801][T12794] ? __pfx_copy_process+0x10/0x10 [ 686.973823][T12794] ? find_held_lock+0x2b/0x80 [ 686.973850][T12794] kernel_clone+0xfc/0x9a0 [ 686.973870][T12794] ? __pfx_futex_wait+0x10/0x10 [ 686.973900][T12794] ? __pfx_kernel_clone+0x10/0x10 [ 686.973934][T12794] __do_sys_clone+0xd9/0x120 [ 686.973957][T12794] ? __pfx___do_sys_clone+0x10/0x10 [ 686.973997][T12794] do_syscall_64+0x106/0xf80 [ 686.974015][T12794] ? clear_bhb_loop+0x40/0x90 [ 686.974038][T12794] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 686.974057][T12794] RIP: 0033:0x7f53c2f9c799 [ 686.974074][T12794] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 686.974092][T12794] RSP: 002b:00007f53c11f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 686.974111][T12794] RAX: ffffffffffffffda RBX: 00007f53c3215fa0 RCX: 00007f53c2f9c799 [ 686.974123][T12794] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000008 [ 686.974154][T12794] RBP: 00007f53c3032c99 R08: 0000000000000002 R09: 0000000000000000 [ 686.974166][T12794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 686.974178][T12794] R13: 00007f53c3216038 R14: 00007f53c3215fa0 R15: 00007ffef6a7de78 [ 686.974202][T12794] [ 687.961016][T12794] input: jJǸ-9%vJ86 as /devices/virtual/input/input63 [ 688.727723][T12806] zswap: compressor not available [ 699.584493][T12940] futex_wake_op: syz.0.1475 tries to shift op by -2048; fix this program [ 699.885817][T12949] nbd: socks must be embedded in a SOCK_ITEM attr [ 699.936469][T12949] block nbd0: shutting down sockets [ 705.310825][T13012] nbd: socks must be embedded in a SOCK_ITEM attr [ 705.367018][T13012] block nbd0: shutting down sockets [ 710.121380][ T5839] Bluetooth: hci2: Malformed LE Event: 0x0b [ 710.129094][ T5839] Bluetooth: hci2: Malformed LE Event: 0x0b [ 710.196953][T13056] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1501'. [ 710.259909][T13057] FAULT_INJECTION: forcing a failure. [ 710.259909][T13057] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 710.277246][T13057] CPU: 1 UID: 0 PID: 13057 Comm: syz.2.1501 Tainted: G L syzkaller #0 PREEMPT(full) [ 710.277279][T13057] Tainted: [L]=SOFTLOCKUP [ 710.277286][T13057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 710.277298][T13057] Call Trace: [ 710.277304][T13057] [ 710.277312][T13057] dump_stack_lvl+0x100/0x190 [ 710.277346][T13057] should_fail_ex.cold+0x5/0xa [ 710.277366][T13057] ? prepare_alloc_pages+0x16d/0x5f0 [ 710.277391][T13057] should_fail_alloc_page+0xeb/0x140 [ 710.277414][T13057] prepare_alloc_pages+0x1f0/0x5f0 [ 710.277441][T13057] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 710.277482][T13057] ? stack_trace_save+0x8e/0xc0 [ 710.277502][T13057] ? __pfx_stack_trace_save+0x10/0x10 [ 710.277521][T13057] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 710.277551][T13057] ? stack_depot_save_flags+0x27/0x9d0 [ 710.277577][T13057] ? lock_acquire+0x1cf/0x380 [ 710.277604][T13057] ? kasan_save_stack+0x3f/0x50 [ 710.277621][T13057] ? kasan_save_stack+0x30/0x50 [ 710.277638][T13057] ? kasan_save_track+0x14/0x30 [ 710.277654][T13057] ? __kasan_kmalloc+0xaa/0xb0 [ 710.277672][T13057] ? do_file_open+0x20e/0x430 [ 710.277692][T13057] ? do_sys_openat2+0x10d/0x1e0 [ 710.277716][T13057] ? __x64_sys_openat+0x12d/0x210 [ 710.277741][T13057] ? do_syscall_64+0x106/0xf80 [ 710.277759][T13057] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 710.277782][T13057] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 710.277804][T13057] ? policy_nodemask+0xed/0x4f0 [ 710.277828][T13057] alloc_pages_mpol+0x1fb/0x550 [ 710.277850][T13057] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 710.277877][T13057] alloc_pages_noprof+0x136/0x390 [ 710.277899][T13057] get_zeroed_page_noprof+0x18/0xb0 [ 710.277922][T13057] mon_alloc_buff+0xce/0x1b0 [ 710.277945][T13057] ? kasan_save_track+0x14/0x30 [ 710.277965][T13057] mon_bin_open+0x207/0x470 [ 710.277989][T13057] ? __pfx_mon_bin_open+0x10/0x10 [ 710.278014][T13057] chrdev_open+0x234/0x6a0 [ 710.278035][T13057] ? __pfx_chrdev_open+0x10/0x10 [ 710.278057][T13057] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 710.278084][T13057] do_dentry_open+0x6d8/0x1660 [ 710.278103][T13057] ? __pfx_chrdev_open+0x10/0x10 [ 710.278136][T13057] vfs_open+0x82/0x3f0 [ 710.278163][T13057] path_openat+0x208c/0x31a0 [ 710.278191][T13057] ? __pfx_path_openat+0x10/0x10 [ 710.278220][T13057] do_file_open+0x20e/0x430 [ 710.278242][T13057] ? __pfx_do_file_open+0x10/0x10 [ 710.278279][T13057] ? alloc_fd+0x476/0x790 [ 710.278301][T13057] ? do_getname+0x191/0x390 [ 710.278328][T13057] do_sys_openat2+0x10d/0x1e0 [ 710.278354][T13057] ? __pfx_do_sys_openat2+0x10/0x10 [ 710.278382][T13057] ? __fget_files+0x21f/0x3d0 [ 710.278405][T13057] __x64_sys_openat+0x12d/0x210 [ 710.278432][T13057] ? __pfx___x64_sys_openat+0x10/0x10 [ 710.278467][T13057] do_syscall_64+0x106/0xf80 [ 710.278485][T13057] ? clear_bhb_loop+0x40/0x90 [ 710.278508][T13057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 710.278528][T13057] RIP: 0033:0x7fe1e039c799 [ 710.278545][T13057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 710.278563][T13057] RSP: 002b:00007fe1e11ac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 710.278582][T13057] RAX: ffffffffffffffda RBX: 00007fe1e0616090 RCX: 00007fe1e039c799 [ 710.278594][T13057] RDX: 0000000000002040 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 710.278605][T13057] RBP: 00007fe1e0432c99 R08: 0000000000000000 R09: 0000000000000000 [ 710.278616][T13057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 710.278627][T13057] R13: 00007fe1e0616128 R14: 00007fe1e0616090 R15: 00007fffa05f6638 [ 710.278651][T13057] [ 711.069063][T13068] mkiss: ax0: crc mode is auto. [ 715.780359][T13137] BUG: unable to handle page fault for address: fffff52000855214 [ 715.780397][T13137] #PF: supervisor read access in kernel mode [ 715.780415][T13137] #PF: error_code(0x0000) - not-present page [ 715.780435][T13137] PGD 23fff5067 P4D 23fff5067 PUD 1c6bc067 PMD 25d57067 PTE 0 [ 715.780495][T13137] Oops: Oops: 0000 [#1] SMP KASAN PTI [ 715.780536][T13137] CPU: 1 UID: 0 PID: 13137 Comm: syz.1.1517 Tainted: G L syzkaller #0 PREEMPT(full) [ 715.780580][T13137] Tainted: [L]=SOFTLOCKUP [ 715.780609][T13137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 715.780638][T13137] RIP: 0010:sys_imageblit+0x16c1/0x1d60 [ 715.780694][T13137] Code: 7c cd 00 48 89 fe 48 c1 ee 03 80 3c 1e 00 0f 85 aa 05 00 00 4d 63 f6 48 8b 8c cc 88 00 00 00 4f 8d 34 f7 4c 89 f6 48 c1 ee 03 <80> 3c 1e 00 0f 85 1b 03 00 00 49 89 0e 41 89 c6 8d 4d fd 41 c1 ee [ 715.780726][T13137] RSP: 0018:ffffc90003227720 EFLAGS: 00010a06 [ 715.780754][T13137] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 715.780776][T13137] RDX: 0000000000000000 RSI: 1ffff92000855214 RDI: ffffc900032277a8 [ 715.780797][T13137] RBP: 0000000000000004 R08: 0000000000000005 R09: 0000000000000003 [ 715.780817][T13137] R10: 0000000000000004 R11: 0000000000000000 R12: ffff8880268f8b21 [ 715.780837][T13137] R13: ffffc900032277a8 R14: ffffc900042a90a0 R15: ffffc900042a90a0 [ 715.780856][T13137] FS: 00007f53c11f66c0(0000) GS:ffff888124443000(0000) knlGS:0000000000000000 [ 715.780883][T13137] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 715.780904][T13137] CR2: fffff52000855214 CR3: 000000007acc4000 CR4: 00000000003526f0 [ 715.780924][T13137] Call Trace: [ 715.780934][T13137] [ 715.780950][T13137] ? __pfx_sys_imageblit+0x10/0x10 [ 715.780995][T13137] ? prb_read_valid+0x78/0xa0 [ 715.781036][T13137] ? __pfx_prb_read_valid+0x10/0x10 [ 715.781076][T13137] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 715.781111][T13137] soft_cursor+0x524/0xa10 [ 715.781145][T13137] ? fb_get_color_depth+0x120/0x250 [ 715.781176][T13137] bit_cursor+0xe58/0x16f0 [ 715.781217][T13137] ? __pfx_bit_cursor+0x10/0x10 [ 715.781253][T13137] ? __lock_acquire+0x4a5/0x2630 [ 715.781292][T13137] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 715.781324][T13137] ? get_color+0x1da/0x450 [ 715.781353][T13137] ? __pfx_bit_cursor+0x10/0x10 [ 715.781398][T13137] fbcon_cursor+0x43c/0x5e0 [ 715.781433][T13137] ? add_softcursor+0x1c0/0x290 [ 715.781476][T13137] set_cursor+0x1db/0x250 [ 715.781518][T13137] con_write+0x89/0xb0 [ 715.781546][T13137] n_tty_write+0x44f/0x12d0 [ 715.781587][T13137] ? __pfx_n_tty_write+0x10/0x10 [ 715.781623][T13137] ? trace_kmalloc+0x101/0x130 [ 715.781657][T13137] ? __pfx_woken_wake_function+0x10/0x10 [ 715.781704][T13137] ? rcu_is_watching+0x12/0xc0 [ 715.781751][T13137] ? file_tty_write.isra.0+0x694/0x890 [ 715.781798][T13137] ? kfree+0x2ec/0x6b0 [ 715.781848][T13137] ? __pfx_n_tty_write+0x10/0x10 [ 715.781890][T13137] file_tty_write.isra.0+0x4d2/0x890 [ 715.781945][T13137] redirected_tty_write+0xd4/0x120 [ 715.782003][T13137] vfs_write+0x6ac/0x1070 [ 715.782035][T13137] ? __pfx_redirected_tty_write+0x10/0x10 [ 715.782086][T13137] ? __pfx_vfs_write+0x10/0x10 [ 715.782114][T13137] ? find_held_lock+0x2b/0x80 [ 715.782152][T13137] ksys_write+0x12a/0x250 [ 715.782182][T13137] ? __pfx_ksys_write+0x10/0x10 [ 715.782217][T13137] do_syscall_64+0x106/0xf80 [ 715.782247][T13137] ? clear_bhb_loop+0x40/0x90 [ 715.782283][T13137] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 715.782315][T13137] RIP: 0033:0x7f53c2f9c799 [ 715.782342][T13137] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 715.782379][T13137] RSP: 002b:00007f53c11f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 715.782411][T13137] RAX: ffffffffffffffda RBX: 00007f53c3215fa0 RCX: 00007f53c2f9c799 [ 715.782432][T13137] RDX: 000000000000078e RSI: 0000200000000840 RDI: 0000000000000003 [ 715.782453][T13137] RBP: 00007f53c3032c99 R08: 0000000000000000 R09: 0000000000000000 [ 715.782474][T13137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 715.782494][T13137] R13: 00007f53c3216038 R14: 00007f53c3215fa0 R15: 00007ffef6a7de78 [ 715.782523][T13137] [ 715.782535][T13137] Modules linked in: [ 715.782552][T13137] CR2: fffff52000855214 [ 715.782569][T13137] ---[ end trace 0000000000000000 ]--- [ 715.782585][T13137] RIP: 0010:sys_imageblit+0x16c1/0x1d60 [ 715.782629][T13137] Code: 7c cd 00 48 89 fe 48 c1 ee 03 80 3c 1e 00 0f 85 aa 05 00 00 4d 63 f6 48 8b 8c cc 88 00 00 00 4f 8d 34 f7 4c 89 f6 48 c1 ee 03 <80> 3c 1e 00 0f 85 1b 03 00 00 49 89 0e 41 89 c6 8d 4d fd 41 c1 ee [ 715.782656][T13137] RSP: 0018:ffffc90003227720 EFLAGS: 00010a06 [ 715.782679][T13137] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 715.782698][T13137] RDX: 0000000000000000 RSI: 1ffff92000855214 RDI: ffffc900032277a8 [ 715.782718][T13137] RBP: 0000000000000004 R08: 0000000000000005 R09: 0000000000000003 [ 715.782735][T13137] R10: 0000000000000004 R11: 0000000000000000 R12: ffff8880268f8b21 [ 715.782751][T13137] R13: ffffc900032277a8 R14: ffffc900042a90a0 R15: ffffc900042a90a0 [ 715.782768][T13137] FS: 00007f53c11f66c0(0000) GS:ffff888124443000(0000) knlGS:0000000000000000 [ 715.782793][T13137] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 715.782812][T13137] CR2: fffff52000855214 CR3: 000000007acc4000 CR4: 00000000003526f0 [ 715.782837][T13137] Kernel panic - not syncing: Fatal exception [ 715.782999][T13137] Kernel Offset: disabled