last executing test programs: 6.276340303s ago: executing program 0 (id=3289): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x200000000, 0x5, 0x8, 0x40009b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) io_setup$auto(0x7ffe, 0x0) write$auto(0x3, 0x0, 0x40007fffffff) write$auto(0x1, 0x0, 0x80000000) write$auto(0x1, 0x0, 0x80000000) munmap$auto(0x8000, 0xffffffff) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x13b, 0x5, 0x4, 0x5, 0xa) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) link$auto(&(0x7f0000000940)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2DW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xea\xa5\xff \xec\xe8\xca\xbf\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\v\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4N\xbb\xc2\xf8\x9c\xd0+t\x87r\x02\x05\xdb\xe4\xde\xed\x02\x00\x00\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00M\x83\xdb\xaf\xc4\xf23l\xae\xc5\x1d\xc4\xb0\x06\xd06\x1dX\x03\xe3\x9e\xd3\xd96\xcf\xd9\xa3\xcb\xd6B\xc3\x0f#\xd2\x1a\xf9L\xf5\x87My\xce\x19*\xde\x8d+#\x13\x15\xd3Y\x98\xe1\xc3@\x0e\x9c\xc2\xf8\b\xaf\x89\xe5\x00\x89-pWD\xb5&\xc9\x8e\x8d,\xb7}1\x84U\x18y\xa90\xf5\x80\x981U\x17\x14]\xc56j\xe7\x0e\xecBr\xa9]\"\xd36^m\x12\xb6\xbc\x80\xa4h{\xde\xcf\xf7d\x87rl\x11\xf7\x15\xcb~\xb9\x01\x0e\xd7O_\x91\xe1\xead\xee\xed]/p\xd6\xff\x17\xe4\aV\"I\xca\x90\xc7i\'\xa3R\x81\xf1}4\xbeU\x00\xa4\x1d\xea!Z\xd4|\xbe\x987\n!\x9b?\xb9l_\xd8$av\xfe%\xa2\xda\x82\x14\xc311;\xa4ob\x87\xdbY\xe2\x00', 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) kexec_load$auto(0x200000000007, 0x1, &(0x7f0000000040)={@kbuf=0x0, 0x2aaa, 0x6c0000c000, 0xc000}, 0x4) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x201, 0x0) memfd_secret$auto(0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyz7\x00', 0x48f41, 0x0) write$auto(0x3, 0x0, 0xfffffdef) 4.451650772s ago: executing program 0 (id=3298): r0 = inotify_init1$auto(0x2) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x9, 0x7fffffffffffffff, 0x107, 0x7ffe, r0, 0x17fff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, 0x0, 0x100000a3d9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00', @ANYBLOB=']'], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(0xffffffffffffffff, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) getcpu$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder1\x00', 0x0, 0x0) ioctl$auto_BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r3 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0) read$auto_state_fops_(r3, &(0x7f0000000180)=""/61, 0xfffffeeb) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x189002, 0x0) keyctl$auto(0x2000000000000017, 0x3ff, 0x0, 0x0, 0x3) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), 0xffffffffffffffff) 4.116315427s ago: executing program 1 (id=3301): r0 = inotify_init1$auto(0x2) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x9, 0x7fffffffffffffff, 0x107, 0x7ffe, r0, 0x17fff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, 0x0, 0x40000) read$auto(r3, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) prctl$auto(0x0, 0x1, 0x4, 0x5, 0x7) getcpu$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r4 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder1\x00', 0x0, 0x0) ioctl$auto_BINDER_SET_CONTEXT_MGR(r4, 0x40046207, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r5 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0) read$auto_state_fops_(r5, &(0x7f0000000180)=""/61, 0xfffffeeb) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x18, 0x401, 0x300000000000) prctl$auto_SECCOMP_MODE_STRICT(0xf, 0x1, 0x0, 0x9, 0x2) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x189002, 0x0) ptrace$auto(0x3, r1, 0x5, 0x4) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), 0xffffffffffffffff) 3.070957272s ago: executing program 2 (id=3303): socket(0x11, 0x6, 0x9) (async) mmap$auto(0x0, 0x2000f, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x9, 0xdf, 0x1b, 0xffffffffffffffff, 0x6) (async) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x101002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x2102, 0x0) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC2\x00', 0x2584, 0x0) ioctl$auto(0x3, 0x40045542, 0xb551) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/amidi2\x00', 0x80102, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/midi2\x00', 0x103, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0xb, 0x6, 0x6) (async) r0 = open(&(0x7f0000000040)='./bus\x00', 0x14d27e, 0x56) copy_file_range$auto(r0, 0x0, r0, &(0x7f0000000080)=0x8, 0x2, 0x0) (async) ioctl$auto_MON_IOCG_STATS(r0, 0x80089203, &(0x7f00000000c0)={0x6, 0x2}) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x141b02, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) (async) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20002, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) (async) r1 = ioctl$auto_TUNGETVNETHDRSZ2(0xffffffffffffffff, 0x800454d7, &(0x7f0000000040)=0x80) listen$auto(r1, 0x1) (async) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000100)={0x200060, 0x0, 0xff7ffffffffffe1c, 0x7fffffff, 0x4, 0xfffffffffffffffb, 0x103, 0x2000000000001e7, 0x11000000000, 0x4, 0x0, 0xc}) (async) prctl$auto(0x4e, 0x1, 0x0, 0x0, 0x0) prctl$auto(0x4e, 0x1, 0x0, 0x0, 0xffffffffffffffff) r2 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000003000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000045}, 0x24000044) (async) socket(0x26, 0xa2ed24559326c37c, 0x400004) (async) getpid() (async) close_range$auto(0x2, 0x8, 0x0) 2.860630644s ago: executing program 2 (id=3304): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/cifsFYI\x00', 0x40c01, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) mmap$auto(0x9, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) socket(0x2, 0x1, 0x106) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c) 2.620665553s ago: executing program 1 (id=3306): r0 = openat$auto_transactions_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x20040, 0x0) read$auto_transactions_fops_(r0, &(0x7f0000000080)=""/18, 0x12) (fail_nth: 3) 2.546736306s ago: executing program 0 (id=3307): r0 = inotify_init1$auto(0x2) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x9, 0x7fffffffffffffff, 0x107, 0x7ffe, r0, 0x17fff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, 0x0, 0x100000a3d9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB=']'], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(0xffffffffffffffff, 0x0, 0xfdef) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) getcpu$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder1\x00', 0x0, 0x0) ioctl$auto_BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r3 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0) read$auto_state_fops_(r3, &(0x7f0000000180)=""/61, 0xfffffeeb) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x189002, 0x0) keyctl$auto(0x2000000000000017, 0x3ff, 0x0, 0x0, 0x3) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), 0xffffffffffffffff) 2.064746072s ago: executing program 1 (id=3308): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x8006, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCGIDLE64(r0, 0x8010743f, 0x0) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_options\x00', 0x40000, 0x0) 1.969219253s ago: executing program 1 (id=3309): socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) modify_ldt$auto(0x1, 0x0, 0x10) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) io_uring_setup$auto(0x2008, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x403c6f2b, 0x0) mmap$auto(0x48, 0x1, 0x5b, 0x3da, 0x2, 0x8000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) statmount$auto(&(0x7f0000000000)={0x7e, @raw=0x400, 0x80000024, 0x7fff, 0x4}, 0x0, 0x7ffffffff001, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) seccomp$auto(0xd, 0x78, &(0x7f0000000380)="848827ea215c6a00635059d37bc48fa63b30558df4dd1057470dfbb94d1470d2900bf6956eba3e7fb8a0ecf1aaaaf7506be11cac7ad18c2d01a4c1cf8328cb5b0f8fcb1a929ab02936aba6d5db1a37c41e7c2ee2ca0628950e967797596de6ac4dc104bbeef865c7fcd2065d070095cb9121bd72daeec58850ae4e1f2644368f03b1c7060992c734cfe0ae830ef1e63aefa6abd1095c8bcb5924490853d6") r1 = io_uring_setup$auto(0xa, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, 0x0, 0x0, 0x5) futex$auto(&(0x7f0000000080)=0x7, 0x3, 0x1f, 0x0, &(0x7f00000000c0)=0x3, 0x440a48d3) mmap$auto(0x3dbcb68f, 0x7ff, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = prctl$auto(0x1, 0x1, 0x0, 0x402, 0xdd16) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x145000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000140)={{@inferred, 0x0, 0x4, 0x8, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d"}, 0x3, 0x5, 0x4, @inferred, @enumerated={0x6fc, 0x800, "c832a0bae48ab01ec23457b7fd2dd3547c4e2eeba79edd660e00000000000017162fbe6a6f50f1aaa18fb20cabb4f156263bb0e781e3d0a2f992e8fcdcec86fb", 0x400, 0x101}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334f5d73340238d212b6debe0ada84a16f7ce8cbce8d7c2d0000000000000000000000008000"}) r3 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cec4\x00', 0x800, 0x0) read$auto_proc_pid_maps_operations_internal(r2, &(0x7f0000000300)=""/77, 0x4d) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r3, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) ioctl$auto_CEC_TRANSMIT(r3, 0xc0386105, &(0x7f0000000000)={0x6, 0x3, 0x7, 0x4, 0x2, 0x7fffffff, "9b2189084142725dff0d933475a77466", 0xb, 0x5, 0x40, 0x5, 0x2, 0x4, 0x2}) ioctl$auto_BLKGETZONESZ(r1, 0x80041284, &(0x7f0000000280)=0x1) 1.894784165s ago: executing program 2 (id=3310): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x121702, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socketpair$auto(0x2d, 0x2, 0x8000000000000000, 0x0) unshare$auto(0x40000080) creat$auto(&(0x7f0000000040)='./file0\x00', 0x8001) read$auto_bdi_debug_stats_fops_(r0, &(0x7f0000000300)=""/133, 0x85) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x40000008000) io_uring_setup$auto(0x2, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000140)={0x80040, 0x40, 0xc}, 0x18) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0x5, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000040), 0x2a0000, 0x0) epoll_create$auto(0x1) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) r2 = fcntl$auto(r1, 0x0, 0x0) unlink$auto(&(0x7f0000000000)='./file0\x00') r3 = pipe2$auto(0x0, 0x80) socket$nl_generic(0x10, 0x3, 0x10) write$auto_uhid_fops_uhid(r3, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) listen$auto(r2, 0x200) mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x1d, 0x2, 0x4) socket(0x10, 0x3, 0x6) r4 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/keycreate\x00', 0x1, 0x0) write$auto_proc_pid_attr_operations_base(r4, 0x0, 0x0) 1.795991967s ago: executing program 3 (id=3311): ioctl$auto_USB_RAW_IOCTL_EPS_INFO(0xffffffffffffffff, 0x83c0550b, 0x0) 1.672594718s ago: executing program 3 (id=3312): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) msync$auto(0x2, 0x3, 0x3) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) (async, rerun: 32) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (rerun: 32) ioctl$auto(r0, 0x4b4d, r1) 1.628622551s ago: executing program 1 (id=3313): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0xfa9d, 0x8001, &(0x7f0000000280)=0xc9e, 0x400, 0x1) unshare$auto(0x40000080) prctl$auto(0x0, 0x8, 0x0, 0x1, 0x3ff) (async) keyctl$auto(0x40001b, 0x1, 0x0, 0x3, 0x100010006) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1c9282, 0x0) (async) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) (async) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) lstat$auto(0x0, 0x0) (async, rerun: 32) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x200, 0x0) (rerun: 32) read$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0x0) (async, rerun: 64) r1 = openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, 0x0, 0x12a382, 0x0) (rerun: 64) write$auto_split_huge_pages_fops_huge_memory(r1, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) eventfd$auto(0x4) (async) r2 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) (async, rerun: 32) r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (rerun: 32) ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x5) (async, rerun: 64) ioctl$auto(r3, 0x4008af20, r2) (async, rerun: 64) r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000001200), 0x20100, 0x0) ioctl$auto_UI_SET_SNDBIT(r4, 0x4004556a, &(0x7f0000001240)=0x5) writev$auto(r1, &(0x7f0000000000)={&(0x7f0000000080)="b3a132cf4c2c77b014964b0eed3232e9d2e4af3ef19744d6800eccd5ab328d5d73a855b6162187166fb5866f2fb1b1b1187d1b6517fac16548d1242aa0611c95a18abf1fd13790bffcc7847454692f", 0x100000001}, 0x530) (async) mlock$auto(0x81, 0xffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x4007, 0xb}) (async) mq_open$auto(0x0, 0xb7ef, 0x2, &(0x7f0000000080)={0x5000000002, 0x5, 0x6a0000, 0xffffffffffffffff}) (async, rerun: 32) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 1.578025499s ago: executing program 0 (id=3314): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0x5, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) fallocate$auto(r0, 0x0, 0x11, 0x22) io_uring_setup$auto(0x1, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000480)='/dev/dri/card0\x00', 0x0, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, 0x0) read$auto(r1, 0x0, 0x800) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) fanotify_init$auto(0x605, 0x1) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, 0x0) 1.453835629s ago: executing program 3 (id=3315): r0 = inotify_init1$auto(0x2) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x9, 0x7fffffffffffffff, 0x107, 0x7ffe, r0, 0x17fff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, 0x0, 0x40000) read$auto(r3, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) prctl$auto(0x0, 0x1, 0x4, 0x5, 0x7) getcpu$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r4 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder1\x00', 0x0, 0x0) ioctl$auto_BINDER_SET_CONTEXT_MGR(r4, 0x40046207, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r5 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0) read$auto_state_fops_(r5, &(0x7f0000000180)=""/61, 0xfffffeeb) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x18, 0x401, 0x300000000000) prctl$auto_SECCOMP_MODE_STRICT(0xf, 0x1, 0x0, 0x9, 0x2) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x189002, 0x0) ptrace$auto(0x3, r1, 0x5, 0x4) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), 0xffffffffffffffff) 1.367930793s ago: executing program 2 (id=3316): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) io_uring_setup$auto(0x488, 0x0) r0 = socket(0xa, 0x5, 0x0) getsockopt$auto(r0, 0x84, 0x70, 0x0, 0x0) unshare$auto(0x40000080) socketpair$auto(0x2, 0xb367, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setresuid$auto(0x2, 0xffffffffffffffff, 0x200) keyctl$auto(0xb, 0xfffffffd, 0x7, 0xfffffffffff00003, 0x6) rseq$auto(&(0x7f0000000040)={0x5, 0x7, 0x9, 0x806, 0xffffffff, 0x2}, 0x8004, 0x0, 0x8000006) mbind$auto(0x2000, 0x800000100000004, 0x100000000, 0x0, 0x1003, 0x2) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) (async) io_uring_setup$auto(0x488, 0x0) (async) socket(0xa, 0x5, 0x0) (async) getsockopt$auto(r0, 0x84, 0x70, 0x0, 0x0) (async) unshare$auto(0x40000080) (async) socketpair$auto(0x2, 0xb367, 0x8000000000000000, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) setresuid$auto(0x2, 0xffffffffffffffff, 0x200) (async) keyctl$auto(0xb, 0xfffffffd, 0x7, 0xfffffffffff00003, 0x6) (async) rseq$auto(&(0x7f0000000040)={0x5, 0x7, 0x9, 0x806, 0xffffffff, 0x2}, 0x8004, 0x0, 0x8000006) (async) mbind$auto(0x2000, 0x800000100000004, 0x100000000, 0x0, 0x1003, 0x2) (async) 981.35464ms ago: executing program 1 (id=3317): mmap$auto(0x0, 0x5, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0xa, 0x73) socket(0x2, 0x1, 0x84) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram3\x00', 0x8001, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x10, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) socket(0x1d, 0x2, 0x6) read$auto_proc_pid_cmdline_ops_base(0xffffffffffffffff, &(0x7f0000000200)=""/252, 0xfc) r0 = socket(0x2, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r1, 0xfd}, 0x6a) write$auto(0x3, 0x0, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x1, 0x0) read$auto(0x3, 0x0, 0x8080) madvise$auto(0x0, 0x20499d, 0x9) socket(0x29, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x80800, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/user\x00') ioctl$auto(0x3, 0xc0383e04, r2) 594.371424ms ago: executing program 0 (id=3318): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8004) (async, rerun: 64) mmap$auto(0x0, 0x2020009, 0x3, 0x11, 0xfffffffffffffffa, 0x8000) (rerun: 64) close_range$auto(0x2, 0x8, 0x94) (async) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000040)='/dev/binderfs/binder1\x00', 0x8982, 0x0) ioctl$auto_BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f00000000c0)="9b00ede56dd2adce7daa3ce339143d39efa4af") io_uring_setup$auto(0x6, 0x0) (async, rerun: 32) socket(0x11, 0x80003, 0x200300) (async, rerun: 32) connect$auto(0x3, 0x0, 0x55) (async) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x101c82, 0x0) mmap$auto(0x800000000, 0x7f, 0xcf8d, 0x8000000eb1, 0xfffffffffffffffa, 0xbc1) (async) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) (async) write$auto(r1, 0x0, 0x81) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) (async) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f0000000040)) (async) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 32) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0) (async, rerun: 32) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 64) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (rerun: 64) mmap$auto(0x0, 0xd14d, 0xdf, 0x9b72, 0xffffffffffffffff, 0x20000008000) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) (rerun: 32) write$auto(r5, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) syz_genetlink_get_family_id$auto_nl80211(0x0, r4) (async) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) (async) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x3, 0x2}) 577.954503ms ago: executing program 2 (id=3319): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x7f, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) sendto$auto(r0, 0x0, 0xe25c, 0x9, 0x0, 0x20) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) connect$auto(0x3, 0x0, 0x55) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, 0xffffffffffffffff) 461.824326ms ago: executing program 3 (id=3320): ioctl$auto_USB_RAW_IOCTL_EPS_INFO(0xffffffffffffffff, 0x83c0550b, 0x0) 202.342895ms ago: executing program 0 (id=3321): r0 = inotify_init1$auto(0x2) r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x9, 0x7fffffffffffffff, 0x107, 0x7ffe, r0, 0x17fff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) write$auto(r2, 0x0, 0x100000a3d9) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r3, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) prctl$auto(0x0, 0x1, 0x4, 0x5, 0x7) getcpu$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r4 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder1\x00', 0x0, 0x0) ioctl$auto_BINDER_SET_CONTEXT_MGR(r4, 0x40046207, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r5 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0) read$auto_state_fops_(r5, &(0x7f0000000180)=""/61, 0xfffffeeb) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x18, 0x401, 0x300000000000) prctl$auto_SECCOMP_MODE_STRICT(0xf, 0x1, 0x0, 0x9, 0x2) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x189002, 0x0) ptrace$auto(0x3, r1, 0x5, 0x4) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), 0xffffffffffffffff) 202.141905ms ago: executing program 3 (id=3322): read$auto(0xffffffffffffffff, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS2(0xffffffffffffffff, 0xc2604111, &(0x7f0000000600)={0x10001, [{[0x4, 0x9, 0x1, 0x80000001, 0x1, 0x1, 0x3, 0x5]}, {[0xffffffff, 0x8, 0xffffffff, 0x200, 0xfffffffa, 0xffff8000, 0x3, 0x2]}, {[0x1334000, 0x1, 0x7, 0x200001, 0xcb0, 0x4, 0x5, 0x8]}], [{[0x63, 0x8, 0x9, 0x3, 0x0, 0x2, 0x781, 0xfedd]}, {[0x3, 0x200, 0x514be123, 0x1, 0x1, 0x7, 0x4, 0x81]}, {[0x5, 0x8001, 0x4, 0x7, 0xd, 0x80, 0x1, 0x9]}, {[0x6124, 0x8, 0x4, 0x800, 0x8, 0x7, 0x3, 0x7fffffff]}, {[0x6, 0x5, 0x5, 0x104, 0x4, 0x0, 0x3]}], [{0x7f, 0x315e, 0x1, 0x0, 0x1}, {0x35b22e9c, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x2, 0x80000001, 0x1, 0x0, 0x0, 0x1}, {0x400, 0x18, 0x1, 0x0, 0x0, 0x1}, {0x2, 0x3, 0x0, 0x0, 0x1}, {0x9, 0x6, 0x0, 0x0, 0x1, 0x1}, {0x40000a, 0x0, 0x0, 0x1, 0x0, 0x1}, {0xffffffff, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x3, 0x8, 0x0, 0x1}, {0x1, 0x3, 0x0, 0x1, 0x1, 0x1}, {0x9, 0xfcfa, 0x0, 0x1, 0x1, 0x1}, {0x401, 0x401, 0x0, 0x1, 0x0, 0x1}], [{0x0, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x3}, {0x0, 0x81, 0x0, 0x1, 0x1, 0x1}, {0x1df, 0x3, 0x0, 0x1, 0x1, 0x1}, {0x2, 0x5, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, {0xffff0001, 0x8, 0x1, 0x1, 0x1}, {0x2, 0xdad4, 0x1, 0x0, 0x1}, {0x0, 0x7, 0x0, 0x1, 0x0, 0x1}], 0x101, 0x9, 0x7, 0x2, 0x6, 0x7, 0x1000, "4053c497e8da8420f7601310f6ca3464", "ebd82fd2742103b4779e2c8334ab7ecfd1c4fc6197b76b5cf37ed3776f42a82b829c87af8c19d402cbf98aa045e1f364"}) (async) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0xfffffc96) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mouse0\x00', 0x181502, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xffffffffffffffff, 0x8000) (async) bpf$auto_BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x84a) (async, rerun: 32) setsockopt$auto(0xffffffffffffffff, 0xff, 0x1, 0x0, 0x1000003) (async, rerun: 32) write$auto(0x3, 0x0, 0xffd8) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) (async) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) (async) fgetxattr$auto(r1, &(0x7f0000000000)='/proc/thread-self/clear_refs\x00', &(0x7f00000000c0)="9c4c5f617d4a2f3853af70beec13aebf6d77ee889ec775c52488beb4de4f24b8e148349993846110277628f50261e68ec762318515328ea2ddfdc85457867334b87a6fcc3a05ee672d81173c9ba03c88638f914c301e74690219", 0xa6f) (async) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) (async) keyctl$auto_KEYCTL_REJECT(0x13, 0xe8, 0xffffffffffffff2e, 0x7fffffff, 0x10) (async) select$auto(0xd, &(0x7f00000000c0)={[0x5, 0x9, 0x3, 0x3, 0x2, 0xb8, 0x0, 0x9, 0x8000000000000001, 0xffffffffffffff73, 0x8001, 0x2, 0x4, 0x8, 0x3e7, 0x8]}, 0x0, 0x0, 0x0) (async) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x88000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x10, 0x2, 0x4) (async, rerun: 32) r2 = socket(0x1d, 0x2, 0x7) (rerun: 32) r3 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r2, &(0x7f0000000000)=@can={0x1d, r4}, 0x6a) (async) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r5}, 0x18) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xffffffff, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) 93.048344ms ago: executing program 2 (id=3323): r0 = inotify_init1$auto(0x2) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x9, 0x7fffffffffffffff, 0x107, 0x7ffe, r0, 0x17fff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, 0x0, 0x100000a3d9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB=']'], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(0xffffffffffffffff, 0x0, 0xfdef) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) getcpu$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder1\x00', 0x0, 0x0) ioctl$auto_BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r3 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0) read$auto_state_fops_(r3, &(0x7f0000000180)=""/61, 0xfffffeeb) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x189002, 0x0) keyctl$auto(0x2000000000000017, 0x3ff, 0x0, 0x0, 0x3) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), 0xffffffffffffffff) 0s ago: executing program 3 (id=3324): r0 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/active_links\x00', 0x82, 0x0) write$auto_debugfs_full_proxy_file_operations_internal(r0, 0x0, 0x20) lsm_set_self_attr$auto(0x4, &(0x7f00000002c0)={0x64, 0x8, 0x80}, 0x80, 0x0) openat$auto_clear_warn_once_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) read$auto(r1, 0x0, 0x1ff) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x2}, 0x34e) write$auto(r0, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/active_links\x00', 0xaa0) kernel console output (not intermixed with test programs): ] RSP: 002b:00007f3f5a4bb0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 695.788370][T18082] RAX: ffffffffffffffda RBX: 00007f3f59815fa8 RCX: 00007f3f5959c799 [ 695.788380][T18082] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3f59815fac [ 695.788390][T18082] RBP: 00007f3f59815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 695.788399][T18082] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 695.788421][T18082] R13: 00007f3f59816038 R14: 00007ffce20e3f60 R15: 00007ffce20e4048 [ 695.788441][T18082] [ 696.902982][ T30] audit: type=1800 audit(4294986003.549:266): pid=18100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=81152 res=0 errno=0 [ 697.942354][ T30] audit: type=1800 audit(4294986004.599:267): pid=18113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2475" name="lu_gp_id" dev="configfs" ino=81180 res=0 errno=0 [ 698.664603][ T30] audit: type=1800 audit(4294986005.309:268): pid=18115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2476" name="lu_gp_id" dev="configfs" ino=81236 res=0 errno=0 [ 701.119400][ T30] audit: type=1800 audit(4294986007.769:269): pid=18161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=81362 res=0 errno=0 [ 703.057684][ T30] audit: type=1800 audit(4294986009.709:270): pid=18200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=80714 res=0 errno=0 [ 703.343912][T18221] aoe: invalid device specification [ 703.813823][T15205] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 703.829718][T15205] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 703.838937][T15205] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 703.847482][T15205] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 703.864721][T15205] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 704.413439][T18230] chnl_net:caif_netlink_parms(): no params data found [ 704.900310][T18230] bridge0: port 1(bridge_slave_0) entered blocking state [ 704.908324][T18230] bridge0: port 1(bridge_slave_0) entered disabled state [ 704.940058][T18230] bridge_slave_0: entered allmulticast mode [ 704.968564][T18230] bridge_slave_0: entered promiscuous mode [ 705.120612][T18230] bridge0: port 2(bridge_slave_1) entered blocking state [ 705.128966][T18230] bridge0: port 2(bridge_slave_1) entered disabled state [ 705.148005][T18230] bridge_slave_1: entered allmulticast mode [ 705.165262][T18230] bridge_slave_1: entered promiscuous mode [ 705.322461][T18230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 705.428164][ T30] audit: type=1800 audit(4294986012.079:271): pid=18261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=81945 res=0 errno=0 [ 705.448198][T18230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 705.907925][T18230] team0: Port device team_slave_0 added [ 705.930436][ T6268] Bluetooth: hci5: command tx timeout [ 705.962972][T18230] team0: Port device team_slave_1 added [ 706.164208][T18230] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 706.177723][T18230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 706.207653][T18230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 706.275023][T18230] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 706.292252][T18230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 706.336698][T18230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 706.487102][T18230] hsr_slave_0: entered promiscuous mode [ 706.509048][T18230] hsr_slave_1: entered promiscuous mode [ 706.528353][T18230] debugfs: 'hsr0' already exists in 'hsr' [ 706.561026][T18230] Cannot create hsr debugfs directory [ 706.694046][ T30] audit: type=1800 audit(4294986013.349:272): pid=18268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=81746 res=0 errno=0 [ 707.363052][T18230] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 707.523558][T18230] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 707.635003][T18230] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 707.795336][T18230] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 708.010409][ T6268] Bluetooth: hci5: command tx timeout [ 708.119198][T18230] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 708.142869][T18230] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 708.205358][T18230] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 708.227953][T18230] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 708.804564][T18230] 8021q: adding VLAN 0 to HW filter on device bond0 [ 708.941488][T18230] 8021q: adding VLAN 0 to HW filter on device team0 [ 709.008148][ T6286] bridge0: port 1(bridge_slave_0) entered blocking state [ 709.015775][ T6286] bridge0: port 1(bridge_slave_0) entered forwarding state [ 709.084974][ T6286] bridge0: port 2(bridge_slave_1) entered blocking state [ 709.092250][ T6286] bridge0: port 2(bridge_slave_1) entered forwarding state [ 709.223503][ T30] audit: type=1800 audit(4294986015.869:273): pid=18326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=81858 res=0 errno=0 [ 709.247431][T18230] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 709.430511][T18230] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 709.482989][T18230] veth0_vlan: entered promiscuous mode [ 709.498648][T18230] veth1_vlan: entered promiscuous mode [ 709.543556][T18230] veth0_macvtap: entered promiscuous mode [ 709.565033][T18230] veth1_macvtap: entered promiscuous mode [ 709.598234][T18230] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 709.655117][T18230] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 709.751965][T13084] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.778042][ T6273] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.816035][ T6273] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.854167][ T6273] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 710.025602][ T6273] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 710.048907][ T6273] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 710.090541][ T6268] Bluetooth: hci5: command tx timeout [ 710.188123][T13084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 710.208858][T13084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 710.475453][T18344] loop6: detected capacity change from 0 to 8192 [ 710.756055][ T30] audit: type=1800 audit(4294986017.409:274): pid=18352 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=82694 res=0 errno=0 [ 711.765997][T18372] GUP no longer grows the stack in syz.3.2528 (18372): 14000-401000 (4000) [ 711.859401][T18372] CPU: 0 UID: 0 PID: 18372 Comm: syz.3.2528 Tainted: G U L syzkaller #0 PREEMPT(full) [ 711.859434][T18372] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 711.859440][T18372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 711.859450][T18372] Call Trace: [ 711.859455][T18372] [ 711.859461][T18372] dump_stack_lvl+0x100/0x190 [ 711.859489][T18372] gup_vma_lookup.cold+0x83/0x96 [ 711.859511][T18372] __get_user_pages+0x241/0x34d0 [ 711.859534][T18372] ? down_read_killable+0x30e/0x4c0 [ 711.859555][T18372] ? __lock_acquire+0x4a5/0x2630 [ 711.859574][T18372] ? __pfx___get_user_pages+0x10/0x10 [ 711.859596][T18372] __gup_longterm_locked+0x87d/0x16f0 [ 711.859618][T18372] ? __pfx___gup_longterm_locked+0x10/0x10 [ 711.859636][T18372] ? try_get_folio+0x262/0x750 [ 711.859650][T18372] ? find_held_lock+0x2b/0x80 [ 711.859664][T18372] ? sanity_check_pinned_pages+0x5f6/0x1250 [ 711.859684][T18372] gup_fast_fallback+0x18c6/0x2460 [ 711.859714][T18372] ? __pfx_gup_fast_fallback+0x10/0x10 [ 711.859732][T18372] ? __lock_acquire+0x4a5/0x2630 [ 711.859749][T18372] ? bio_associate_blkg_from_css+0xe33/0x13f0 [ 711.859840][T18372] ? bio_associate_blkg+0x10c/0x2a0 [ 711.859857][T18372] ? pcpu_block_update+0x20b/0x690 [ 711.859879][T18372] pin_user_pages_fast+0xa7/0xf0 [ 711.859896][T18372] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 711.859915][T18372] ? find_held_lock+0x2b/0x80 [ 711.859929][T18372] ? __debug_object_init+0x2de/0x3d0 [ 711.859994][T18372] ? __debug_object_init+0x2de/0x3d0 [ 711.860016][T18372] iov_iter_extract_pages+0xa0d/0x1ef0 [ 711.860038][T18372] ? __lock_acquire+0x4a5/0x2630 [ 711.860056][T18372] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 711.860088][T18372] ? __lock_acquire+0x4a5/0x2630 [ 711.860123][T18372] iov_iter_extract_bvecs+0x10e/0xf40 [ 711.860145][T18372] ? find_held_lock+0x2b/0x80 [ 711.860158][T18372] ? bio_associate_blkg_from_css+0x394/0x13f0 [ 711.860176][T18372] ? __pfx_iov_iter_extract_bvecs+0x10/0x10 [ 711.860193][T18372] ? bio_associate_blkg_from_css+0x550/0x13f0 [ 711.860215][T18372] bio_iov_iter_get_pages+0x26a/0x970 [ 711.860302][T18372] __blkdev_direct_IO_simple+0x3a7/0x890 [ 711.860325][T18372] ? __pfx___blkdev_direct_IO_simple+0x10/0x10 [ 711.860360][T18372] ? ktime_get_coarse_real_ts64_mg+0x249/0x300 [ 711.860378][T18372] ? ktime_get_coarse_real_ts64_mg+0x1e0/0x300 [ 711.860401][T18372] blkdev_direct_IO+0xc76/0x1fb0 [ 711.860433][T18372] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 711.860451][T18372] ? rcu_is_watching+0x12/0xc0 [ 711.860473][T18372] ? __mark_inode_dirty+0x55c/0x1790 [ 711.860494][T18372] ? filemap_check_errors+0xa9/0x150 [ 711.860516][T18372] blkdev_write_iter+0x703/0xd70 [ 711.860538][T18372] vfs_write+0x6ac/0x1070 [ 711.860562][T18372] ? __pfx_blkdev_write_iter+0x10/0x10 [ 711.860582][T18372] ? __pfx_vfs_write+0x10/0x10 [ 711.860603][T18372] ? find_held_lock+0x2b/0x80 [ 711.860628][T18372] ksys_write+0x12a/0x250 [ 711.860641][T18372] ? __pfx_ksys_write+0x10/0x10 [ 711.860660][T18372] do_syscall_64+0x106/0xf80 [ 711.860678][T18372] ? clear_bhb_loop+0x40/0x90 [ 711.860697][T18372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.860713][T18372] RIP: 0033:0x7f639739c799 [ 711.860727][T18372] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 711.860742][T18372] RSP: 002b:00007f6398273028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 711.860756][T18372] RAX: ffffffffffffffda RBX: 00007f6397616180 RCX: 00007f639739c799 [ 711.860766][T18372] RDX: 000000000010007c RSI: 0000000000000000 RDI: 0000000000000005 [ 711.860775][T18372] RBP: 00007f6397432c99 R08: 0000000000000000 R09: 0000000000000000 [ 711.860784][T18372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 711.860792][T18372] R13: 00007f6397616218 R14: 00007f6397616180 R15: 00007fff53ae0af8 [ 711.860812][T18372] [ 712.455451][ T6268] Bluetooth: hci5: command tx timeout [ 712.897496][T18386] zswap: compressor w(<8.D z not available [ 713.027764][T18392] FAULT_INJECTION: forcing a failure. [ 713.027764][T18392] name fail_futex, interval 1, probability 0, space 0, times 0 [ 713.060165][T18392] CPU: 0 UID: 0 PID: 18392 Comm: syz.3.2531 Tainted: G U L syzkaller #0 PREEMPT(full) [ 713.060213][T18392] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 713.060221][T18392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 713.060231][T18392] Call Trace: [ 713.060237][T18392] [ 713.060243][T18392] dump_stack_lvl+0x100/0x190 [ 713.060277][T18392] should_fail_ex.cold+0x5/0xa [ 713.060296][T18392] get_futex_key+0x1d2/0x1620 [ 713.060317][T18392] ? __pfx_get_futex_key+0x10/0x10 [ 713.060335][T18392] ? sock_read_iter+0x252/0x3c0 [ 713.060358][T18392] ? __pfx_sock_read_iter+0x10/0x10 [ 713.060381][T18392] futex_wake+0xea/0x530 [ 713.060404][T18392] ? __pfx_futex_wake+0x10/0x10 [ 713.060423][T18392] ? security_file_permission+0x76/0x210 [ 713.060509][T18392] ? rw_verify_area+0xce/0x6d0 [ 713.060532][T18392] ? vfs_read+0x243/0xb30 [ 713.060557][T18392] do_futex+0x32b/0x350 [ 713.060576][T18392] ? __pfx_do_futex+0x10/0x10 [ 713.060599][T18392] __x64_sys_futex+0x34f/0x4d0 [ 713.060619][T18392] ? fput+0x79/0x100 [ 713.060634][T18392] ? __pfx___x64_sys_futex+0x10/0x10 [ 713.060652][T18392] ? ksys_read+0x1ac/0x250 [ 713.060673][T18392] ? __pfx_ksys_read+0x10/0x10 [ 713.060700][T18392] do_syscall_64+0x106/0xf80 [ 713.060717][T18392] ? clear_bhb_loop+0x40/0x90 [ 713.060735][T18392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.060751][T18392] RIP: 0033:0x7f639739c799 [ 713.060773][T18392] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 713.060789][T18392] RSP: 002b:00007f63982b50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 713.060804][T18392] RAX: ffffffffffffffda RBX: 00007f6397615fa8 RCX: 00007f639739c799 [ 713.060816][T18392] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6397615fac [ 713.060826][T18392] RBP: 00007f6397615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 713.060835][T18392] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 713.060845][T18392] R13: 00007f6397616038 R14: 00007fff53ae0a10 R15: 00007fff53ae0af8 [ 713.060865][T18392] [ 714.128858][ T30] audit: type=1800 audit(4294986020.769:275): pid=18416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2543" name="lu_gp_id" dev="configfs" ino=82891 res=0 errno=0 [ 714.392035][T18416] could not allocate digest TFM handle [ 715.488594][T18434] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2539'. [ 715.699274][ T30] audit: type=1800 audit(4294986022.349:276): pid=18437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2538" name="lu_gp_id" dev="configfs" ino=84001 res=0 errno=0 [ 717.402369][ T30] audit: type=1800 audit(4294986024.059:277): pid=18471 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2554" name="lu_gp_id" dev="configfs" ino=83572 res=0 errno=0 [ 718.555208][T18492] FAULT_INJECTION: forcing a failure. [ 718.555208][T18492] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 718.604937][T18492] CPU: 0 UID: 0 PID: 18492 Comm: syz.0.2550 Tainted: G U L syzkaller #0 PREEMPT(full) [ 718.604984][T18492] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 718.604994][T18492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 718.605012][T18492] Call Trace: [ 718.605020][T18492] [ 718.605031][T18492] dump_stack_lvl+0x100/0x190 [ 718.605079][T18492] should_fail_ex.cold+0x5/0xa [ 718.605107][T18492] ? prepare_alloc_pages+0x16d/0x5f0 [ 718.605143][T18492] should_fail_alloc_page+0xeb/0x140 [ 718.605175][T18492] prepare_alloc_pages+0x1f0/0x5f0 [ 718.605211][T18492] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 718.605252][T18492] ? rcu_is_watching+0x12/0xc0 [ 718.605277][T18492] ? trace_mm_page_alloc+0x17a/0x1d0 [ 718.605294][T18492] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 718.605318][T18492] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 718.605343][T18492] ? find_held_lock+0x2b/0x80 [ 718.605357][T18492] ? is_bpf_text_address+0x8a/0x1a0 [ 718.605383][T18492] ? is_bpf_text_address+0x8a/0x1a0 [ 718.605406][T18492] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 718.605423][T18492] ? is_bpf_text_address+0x94/0x1a0 [ 718.605445][T18492] ? kernel_text_address+0x8d/0x100 [ 718.605466][T18492] ? __kernel_text_address+0xd/0x30 [ 718.605494][T18492] ? unwind_get_return_address+0x59/0xa0 [ 718.605519][T18492] alloc_pages_bulk_noprof+0x782/0x1490 [ 718.605550][T18492] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 718.605573][T18492] ? kasan_save_stack+0x30/0x50 [ 718.605600][T18492] ? alloc_pages_noprof+0x233/0x390 [ 718.605617][T18492] __kasan_populate_vmalloc+0xf0/0x210 [ 718.605643][T18492] alloc_vmap_area+0x95d/0x2bd0 [ 718.605666][T18492] ? __pfx_alloc_vmap_area+0x10/0x10 [ 718.605686][T18492] __get_vm_area_node+0x1ca/0x330 [ 718.605707][T18492] __vmalloc_node_range_noprof+0x213/0x1530 [ 718.605726][T18492] ? kernel_clone+0xfc/0x9a0 [ 718.605743][T18492] ? find_held_lock+0x2b/0x80 [ 718.605755][T18492] ? local_lock_release+0x99/0x130 [ 718.605772][T18492] ? local_lock_release+0x99/0x130 [ 718.605794][T18492] ? kernel_clone+0xfc/0x9a0 [ 718.605811][T18492] ? find_held_lock+0x2b/0x80 [ 718.605823][T18492] ? rcu_read_unlock+0x17/0x60 [ 718.605839][T18492] ? rcu_read_unlock+0x17/0x60 [ 718.605854][T18492] ? obj_cgroup_charge_account+0x46d/0x640 [ 718.605871][T18492] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 718.605897][T18492] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 718.605917][T18492] ? rcu_is_watching+0x12/0xc0 [ 718.605940][T18492] ? trace_kmem_cache_alloc+0xf3/0x120 [ 718.605958][T18492] ? kernel_clone+0xfc/0x9a0 [ 718.605973][T18492] __vmalloc_node_noprof+0xad/0xf0 [ 718.605991][T18492] ? kernel_clone+0xfc/0x9a0 [ 718.606009][T18492] copy_process+0x5ec/0x7a10 [ 718.606026][T18492] ? preempt_schedule_thunk+0x16/0x30 [ 718.606052][T18492] ? try_to_wake_up+0x644/0x1a80 [ 718.606069][T18492] ? __pfx_copy_process+0x10/0x10 [ 718.606093][T18492] ? find_held_lock+0x2b/0x80 [ 718.606112][T18492] ? futex_private_hash_put+0x107/0x1c0 [ 718.606133][T18492] kernel_clone+0xfc/0x9a0 [ 718.606151][T18492] ? __pfx_kernel_clone+0x10/0x10 [ 718.606178][T18492] __do_sys_clone+0xd9/0x120 [ 718.606196][T18492] ? __pfx___do_sys_clone+0x10/0x10 [ 718.606212][T18492] ? __do_sys_setpgid+0x28a/0x8b0 [ 718.606234][T18492] ? __do_sys_setpgid+0x28a/0x8b0 [ 718.606273][T18492] do_syscall_64+0x106/0xf80 [ 718.606293][T18492] ? clear_bhb_loop+0x40/0x90 [ 718.606312][T18492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 718.606327][T18492] RIP: 0033:0x7f3f5959c799 [ 718.606341][T18492] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 718.606355][T18492] RSP: 002b:00007f3f5a478fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 718.606370][T18492] RAX: ffffffffffffffda RBX: 00007f3f59816180 RCX: 00007f3f5959c799 [ 718.606382][T18492] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 718.606391][T18492] RBP: 00007f3f59632c99 R08: 0000000000000000 R09: 0000000000000000 [ 718.606399][T18492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 718.606408][T18492] R13: 00007f3f59816218 R14: 00007f3f59816180 R15: 00007ffce20e4048 [ 718.606427][T18492] [ 719.122582][T18492] syz.0.2550: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 719.141320][T18492] CPU: 1 UID: 0 PID: 18492 Comm: syz.0.2550 Tainted: G U L syzkaller #0 PREEMPT(full) [ 719.141365][T18492] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 719.141375][T18492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 719.141391][T18492] Call Trace: [ 719.141400][T18492] [ 719.141410][T18492] dump_stack_lvl+0x100/0x190 [ 719.141465][T18492] warn_alloc.cold+0x95/0x1c1 [ 719.141511][T18492] ? __pfx_warn_alloc+0x10/0x10 [ 719.141547][T18492] ? lockdep_hardirqs_on+0x78/0x100 [ 719.141585][T18492] ? __get_vm_area_node+0x2c5/0x330 [ 719.141624][T18492] ? __get_vm_area_node+0x208/0x330 [ 719.141663][T18492] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 719.141696][T18492] ? find_held_lock+0x2b/0x80 [ 719.141721][T18492] ? local_lock_release+0x99/0x130 [ 719.141752][T18492] ? local_lock_release+0x99/0x130 [ 719.141789][T18492] ? kernel_clone+0xfc/0x9a0 [ 719.141821][T18492] ? find_held_lock+0x2b/0x80 [ 719.141845][T18492] ? rcu_read_unlock+0x17/0x60 [ 719.141874][T18492] ? rcu_read_unlock+0x17/0x60 [ 719.141903][T18492] ? obj_cgroup_charge_account+0x46d/0x640 [ 719.141935][T18492] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 719.141972][T18492] ? __memcg_slab_post_alloc_hook+0x51b/0x990 [ 719.142008][T18492] ? rcu_is_watching+0x12/0xc0 [ 719.142048][T18492] ? trace_kmem_cache_alloc+0xf3/0x120 [ 719.142079][T18492] ? kernel_clone+0xfc/0x9a0 [ 719.142106][T18492] __vmalloc_node_noprof+0xad/0xf0 [ 719.142137][T18492] ? kernel_clone+0xfc/0x9a0 [ 719.142170][T18492] copy_process+0x5ec/0x7a10 [ 719.142201][T18492] ? preempt_schedule_thunk+0x16/0x30 [ 719.142243][T18492] ? try_to_wake_up+0x644/0x1a80 [ 719.142276][T18492] ? __pfx_copy_process+0x10/0x10 [ 719.142336][T18492] ? find_held_lock+0x2b/0x80 [ 719.142389][T18492] ? futex_private_hash_put+0x107/0x1c0 [ 719.142429][T18492] kernel_clone+0xfc/0x9a0 [ 719.142470][T18492] ? __pfx_kernel_clone+0x10/0x10 [ 719.142523][T18492] __do_sys_clone+0xd9/0x120 [ 719.142555][T18492] ? __pfx___do_sys_clone+0x10/0x10 [ 719.142585][T18492] ? __do_sys_setpgid+0x28a/0x8b0 [ 719.142625][T18492] ? __do_sys_setpgid+0x28a/0x8b0 [ 719.142694][T18492] do_syscall_64+0x106/0xf80 [ 719.142725][T18492] ? clear_bhb_loop+0x40/0x90 [ 719.142759][T18492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 719.142788][T18492] RIP: 0033:0x7f3f5959c799 [ 719.142811][T18492] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 719.142837][T18492] RSP: 002b:00007f3f5a478fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 719.142864][T18492] RAX: ffffffffffffffda RBX: 00007f3f59816180 RCX: 00007f3f5959c799 [ 719.142883][T18492] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 719.142899][T18492] RBP: 00007f3f59632c99 R08: 0000000000000000 R09: 0000000000000000 [ 719.142917][T18492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 719.142933][T18492] R13: 00007f3f59816218 R14: 00007f3f59816180 R15: 00007ffce20e4048 [ 719.142971][T18492] [ 719.142981][T18492] Mem-Info: [ 719.456286][T18503] zswap: compressor not available [ 719.620613][T18492] active_anon:20412 inactive_anon:0 isolated_anon:0 [ 719.620613][T18492] active_file:12024 inactive_file:50859 isolated_file:0 [ 719.620613][T18492] unevictable:768 dirty:3989 writeback:512 [ 719.620613][T18492] slab_reclaimable:12779 slab_unreclaimable:100279 [ 719.620613][T18492] mapped:27860 shmem:2273 pagetables:1231 [ 719.620613][T18492] sec_pagetables:0 bounce:0 [ 719.620613][T18492] kernel_misc_reclaimable:0 [ 719.620613][T18492] free:1297179 free_pcp:8218 free_cma:0 [ 719.742734][T18492] Node 0 active_anon:82892kB inactive_anon:0kB active_file:48096kB inactive_file:203308kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:116792kB dirty:11860kB writeback:3584kB shmem:8804kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:12288kB kernel_stack:12492kB pagetables:4688kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 719.861260][T18492] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 719.989043][T18492] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 720.066420][ T30] audit: type=1800 audit(4294986026.719:278): pid=18502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=84223 res=0 errno=0 [ 720.082861][T18492] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 720.098980][T18492] Node 0 DMA32 free:1224424kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB free_highatomic:0KB active_anon:91208kB inactive_anon:0kB active_file:48096kB inactive_file:203308kB unevictable:1536kB writepending:9812kB zspages:0kB present:3129332kB managed:2537428kB mlocked:0kB bounce:0kB free_pcp:31896kB local_pcp:14460kB free_cma:0kB [ 720.161360][T18492] lowmem_reserve[]: 0 0 1 1 1 [ 720.166161][T18492] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1060kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 720.263516][T18508] FAULT_INJECTION: forcing a failure. [ 720.263516][T18508] name failslab, interval 1, probability 0, space 0, times 0 [ 720.264055][T18492] lowmem_reserve[]: [ 720.279036][T18508] CPU: 1 UID: 0 PID: 18508 Comm: syz.3.2553 Tainted: G U L syzkaller #0 PREEMPT(full) [ 720.279087][T18508] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 720.279097][T18508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 720.279113][T18508] Call Trace: [ 720.279122][T18508] [ 720.279133][T18508] dump_stack_lvl+0x100/0x190 [ 720.279182][T18508] should_fail_ex.cold+0x5/0xa [ 720.279217][T18508] should_failslab+0xc2/0x120 [ 720.279246][T18508] __kmalloc_cache_noprof+0x7a/0x6f0 [ 720.279284][T18508] ? kobject_create_and_add+0x46/0xc0 [ 720.279344][T18508] kobject_create_and_add+0x46/0xc0 [ 720.279388][T18508] __add_disk+0x66f/0xe40 [ 720.279518][T18508] ? find_held_lock+0x2b/0x80 [ 720.279550][T18508] add_disk_fwnode+0x3d4/0x5c0 [ 720.279596][T18508] zram_add+0x4d2/0x610 [ 720.279677][T18508] ? __pfx_zram_add+0x10/0x10 [ 720.279727][T18508] ? find_held_lock+0x2b/0x80 [ 720.279752][T18508] ? sysfs_file_kobj+0xe4/0x290 [ 720.279793][T18508] ? __pfx_hot_add_show+0x10/0x10 [ 720.279822][T18508] hot_add_show+0x21/0x80 [ 720.279851][T18508] class_attr_show+0x72/0xa0 [ 720.279896][T18508] ? __pfx_class_attr_show+0x10/0x10 [ 720.279938][T18508] sysfs_kf_seq_show+0x217/0x3a0 [ 720.279979][T18508] seq_read_iter+0x32f/0x1270 [ 720.280038][T18508] kernfs_fop_read_iter+0x46c/0x610 [ 720.280072][T18508] ? rw_verify_area+0xce/0x6d0 [ 720.280111][T18508] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 720.280145][T18508] vfs_read+0x825/0xb30 [ 720.280193][T18508] ? __pfx_vfs_read+0x10/0x10 [ 720.280286][T18508] ksys_read+0x12a/0x250 [ 720.280336][T18508] ? __pfx_ksys_read+0x10/0x10 [ 720.280393][T18508] do_syscall_64+0x106/0xf80 [ 720.280425][T18508] ? clear_bhb_loop+0x40/0x90 [ 720.280461][T18508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 720.280490][T18508] RIP: 0033:0x7f639739c799 [ 720.280515][T18508] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 720.280537][T18508] RSP: 002b:00007f6398273028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 720.280553][T18508] RAX: ffffffffffffffda RBX: 00007f6397616180 RCX: 00007f639739c799 [ 720.280564][T18508] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000005 [ 720.280573][T18508] RBP: 00007f6397432c99 R08: 0000000000000000 R09: 0000000000000000 [ 720.280582][T18508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 720.280592][T18508] R13: 00007f6397616218 R14: 00007f6397616180 R15: 00007fff53ae0af8 [ 720.280615][T18508] [ 720.560301][T18492] 0 0 0 0 0 [ 720.563855][T18492] Node 1 Normal free:3939236kB boost:0kB min:55580kB low:69472kB high:83364kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:128kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 720.645900][T18492] lowmem_reserve[]: 0 0 0 0 0 [ 720.720372][T18492] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 720.783924][T18492] Node 0 DMA32: 2266*4kB (UME) 1335*8kB (UME) 2903*16kB (UM) 862*32kB (UME) 416*64kB (UME) 336*128kB (UM) 287*256kB (UM) 169*512kB (UME) 108*1024kB (UM) 21*2048kB (UM) 181*4096kB (M) = 1218384kB [ 720.825220][T18492] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 720.877250][T18492] Node 1 Normal: 3*4kB (UM) 13*8kB (UM) 15*16kB (UM) 6*32kB (UM) 4*64kB (UM) 3*128kB (UM) 3*256kB (UM) 2*512kB (M) 2*1024kB (UM) 5*2048kB (UM) 958*4096kB (M) = 3939236kB [ 720.899012][T18492] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 720.910031][T18492] Node 0 hugepages_total=4 hugepages_free=1 hugepages_surp=1 hugepages_size=2048kB [ 720.920252][T18492] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 720.930805][T18492] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 720.942620][T18492] 65954 total pagecache pages [ 720.980207][T18492] 0 pages in swap cache [ 720.986035][T18492] Free swap = 124996kB [ 720.990452][T18492] Total swap = 124996kB [ 720.995044][T18492] 2097051 pages RAM [ 720.999242][T18492] 0 pages HighMem/MovableOnly [ 721.005491][T18492] 430814 pages reserved [ 721.017441][T18492] 0 pages cma reserved [ 721.403190][T18522] can: request_module (can-proto-3) failed. [ 721.588944][T18525] zswap: compressor  not available [ 721.947350][ T30] audit: type=1800 audit(4294986028.599:279): pid=18547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=83705 res=0 errno=0 [ 722.374757][ T30] audit: type=1800 audit(4294986029.029:280): pid=18556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2568" name="lu_gp_id" dev="configfs" ino=84313 res=0 errno=0 [ 722.676811][T18568] FAULT_INJECTION: forcing a failure. [ 722.676811][T18568] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 722.704745][T18560] could not allocate digest TFM handle [ 722.723560][T18568] CPU: 1 UID: 0 PID: 18568 Comm: syz.1.2564 Tainted: G U L syzkaller #0 PREEMPT(full) [ 722.723622][T18568] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 722.723634][T18568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 722.723650][T18568] Call Trace: [ 722.723659][T18568] [ 722.723670][T18568] dump_stack_lvl+0x100/0x190 [ 722.723723][T18568] should_fail_ex.cold+0x5/0xa [ 722.723751][T18568] _copy_from_user+0x2e/0xd0 [ 722.723770][T18568] core_sys_select+0x2d0/0xbb0 [ 722.723798][T18568] ? __pfx_core_sys_select+0x10/0x10 [ 722.723821][T18568] ? get_pid_task+0xfc/0x250 [ 722.723843][T18568] ? get_pid_task+0x106/0x250 [ 722.723873][T18568] ? __mutex_unlock_slowpath+0x15c/0x790 [ 722.723894][T18568] ? __fget_files+0x215/0x3d0 [ 722.723909][T18568] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 722.723931][T18568] kern_select+0x20c/0x270 [ 722.723955][T18568] ? __pfx_kern_select+0x10/0x10 [ 722.723984][T18568] __x64_sys_select+0xbd/0x160 [ 722.724007][T18568] ? do_syscall_64+0x95/0xf80 [ 722.724024][T18568] ? lockdep_hardirqs_on+0x78/0x100 [ 722.724042][T18568] do_syscall_64+0x106/0xf80 [ 722.724059][T18568] ? clear_bhb_loop+0x40/0x90 [ 722.724078][T18568] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 722.724094][T18568] RIP: 0033:0x7fa72f79c799 [ 722.724108][T18568] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 722.724122][T18568] RSP: 002b:00007fa72d9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 722.724143][T18568] RAX: ffffffffffffffda RBX: 00007fa72fa16090 RCX: 00007fa72f79c799 [ 722.724153][T18568] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000009 [ 722.724162][T18568] RBP: 00007fa72d9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 722.724172][T18568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 722.724180][T18568] R13: 00007fa72fa16128 R14: 00007fa72fa16090 R15: 00007fff55e9b638 [ 722.724203][T18568] [ 724.815656][ T30] audit: type=1800 audit(4294986031.469:281): pid=18610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2575" name="lu_gp_id" dev="configfs" ino=84496 res=0 errno=0 [ 725.075479][T18610] could not allocate digest TFM handle [ 725.259790][ T30] audit: type=1800 audit(4294986031.909:282): pid=18614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2574" name="features" dev="configfs" ino=84544 res=0 errno=0 [ 725.310230][T18604] netlink: 'syz.1.2574': attribute type 3 has an invalid length. [ 725.352849][ T30] audit: type=1800 audit(4294986032.009:283): pid=18627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2577" name="lu_gp_id" dev="configfs" ino=84548 res=0 errno=0 [ 725.565707][T18627] could not allocate digest TFM handle [ 725.839859][T18640] FAULT_INJECTION: forcing a failure. [ 725.839859][T18640] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 725.855044][T18640] CPU: 0 UID: 0 PID: 18640 Comm: syz.0.2582 Tainted: G U L syzkaller #0 PREEMPT(full) [ 725.855089][T18640] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 725.855100][T18640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 725.855125][T18640] Call Trace: [ 725.855134][T18640] [ 725.855145][T18640] dump_stack_lvl+0x100/0x190 [ 725.855190][T18640] should_fail_ex.cold+0x5/0xa [ 725.855223][T18640] core_sys_select+0x938/0xbb0 [ 725.855271][T18640] ? __pfx_core_sys_select+0x10/0x10 [ 725.855310][T18640] ? get_pid_task+0xfc/0x250 [ 725.855333][T18640] ? get_pid_task+0x106/0x250 [ 725.855364][T18640] ? __mutex_unlock_slowpath+0x15c/0x790 [ 725.855384][T18640] ? __fget_files+0x215/0x3d0 [ 725.855399][T18640] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 725.855421][T18640] kern_select+0x20c/0x270 [ 725.855446][T18640] ? __pfx_kern_select+0x10/0x10 [ 725.855471][T18640] ? __pfx_ksys_write+0x10/0x10 [ 725.855488][T18640] __x64_sys_select+0xbd/0x160 [ 725.855510][T18640] ? do_syscall_64+0x95/0xf80 [ 725.855527][T18640] ? lockdep_hardirqs_on+0x78/0x100 [ 725.855545][T18640] do_syscall_64+0x106/0xf80 [ 725.855562][T18640] ? clear_bhb_loop+0x40/0x90 [ 725.855580][T18640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 725.855596][T18640] RIP: 0033:0x7f3f5959c799 [ 725.855610][T18640] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 725.855628][T18640] RSP: 002b:00007f3f5a49a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 725.855643][T18640] RAX: ffffffffffffffda RBX: 00007f3f59816090 RCX: 00007f3f5959c799 [ 725.855654][T18640] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000009 [ 725.855663][T18640] RBP: 00007f3f5a49a090 R08: 0000000000000000 R09: 0000000000000000 [ 725.855672][T18640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 725.855681][T18640] R13: 00007f3f59816128 R14: 00007f3f59816090 R15: 00007ffce20e4048 [ 725.855700][T18640] [ 726.716737][T18648] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 726.775406][ T30] audit: type=1804 audit(4294986033.419:284): pid=18648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2583" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 726.807402][T18646] FAULT_INJECTION: forcing a failure. [ 726.807402][T18646] name failslab, interval 1, probability 0, space 0, times 0 [ 726.821815][T18646] CPU: 1 UID: 0 PID: 18646 Comm: syz.0.2585 Tainted: G U L syzkaller #0 PREEMPT(full) [ 726.821863][T18646] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 726.821876][T18646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 726.821895][T18646] Call Trace: [ 726.821907][T18646] [ 726.821917][T18646] dump_stack_lvl+0x100/0x190 [ 726.821967][T18646] should_fail_ex.cold+0x5/0xa [ 726.822003][T18646] should_failslab+0xc2/0x120 [ 726.822035][T18646] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 726.822078][T18646] ? alloc_empty_file+0x55/0x1c0 [ 726.822122][T18646] alloc_empty_file+0x55/0x1c0 [ 726.822159][T18646] alloc_file_pseudo+0x13a/0x230 [ 726.822198][T18646] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 726.822245][T18646] __shmem_file_setup+0x221/0x490 [ 726.822286][T18646] ? __pfx___shmem_file_setup+0x10/0x10 [ 726.822332][T18646] ? vm_area_alloc+0x1f/0x160 [ 726.822375][T18646] shmem_zero_setup+0x96/0x1b0 [ 726.822432][T18646] __mmap_region+0x2198/0x29e0 [ 726.822481][T18646] ? __pfx___mmap_region+0x10/0x10 [ 726.822522][T18646] ? update_cfs_rq_load_avg+0x51/0x550 [ 726.822616][T18646] ? lockdep_hardirqs_on+0x78/0x100 [ 726.822652][T18646] ? finish_task_switch.isra.0+0x205/0xb80 [ 726.822685][T18646] ? rcu_is_watching+0x12/0xc0 [ 726.822776][T18646] ? rcu_is_watching+0x12/0xc0 [ 726.822817][T18646] ? cap_capable+0x107/0x460 [ 726.822865][T18646] mmap_region+0x180/0x3e0 [ 726.822914][T18646] do_mmap+0xc63/0x12f0 [ 726.822952][T18646] ? __pfx_do_mmap+0x10/0x10 [ 726.822985][T18646] ? __pfx_down_write_killable+0x10/0x10 [ 726.823032][T18646] vm_mmap_pgoff+0x29e/0x470 [ 726.823072][T18646] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 726.823106][T18646] ? do_futex+0x192/0x350 [ 726.823142][T18646] ? __pfx_do_futex+0x10/0x10 [ 726.823184][T18646] ksys_mmap_pgoff+0xe1/0x650 [ 726.823213][T18646] ? __x64_sys_futex+0x34f/0x4d0 [ 726.823246][T18646] ? __x64_sys_futex+0x358/0x4d0 [ 726.823284][T18646] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 726.823330][T18646] ? xfd_validate_state+0x129/0x190 [ 726.823380][T18646] __x64_sys_mmap+0x125/0x190 [ 726.823433][T18646] do_syscall_64+0x106/0xf80 [ 726.823467][T18646] ? clear_bhb_loop+0x40/0x90 [ 726.823504][T18646] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.823535][T18646] RIP: 0033:0x7f3f5959c799 [ 726.823561][T18646] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 726.823590][T18646] RSP: 002b:00007f3f5a4bb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 726.823617][T18646] RAX: ffffffffffffffda RBX: 00007f3f59815fa0 RCX: 00007f3f5959c799 [ 726.823637][T18646] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 726.823656][T18646] RBP: 00007f3f59632c99 R08: fffffffffffffffa R09: 0000000000008000 [ 726.823676][T18646] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 726.823695][T18646] R13: 00007f3f59816038 R14: 00007f3f59815fa0 R15: 00007ffce20e4048 [ 726.823736][T18646] [ 727.452091][T18658] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 727.615251][ T30] audit: type=1800 audit(4294986034.269:285): pid=18662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2588" name="lu_gp_id" dev="configfs" ino=84634 res=0 errno=0 [ 727.878551][T18662] could not allocate digest TFM handle [ 728.562014][T18682] sp0: Synchronizing with TNC [ 728.589749][T18682] FAULT_INJECTION: forcing a failure. [ 728.589749][T18682] name failslab, interval 1, probability 0, space 0, times 0 [ 728.709456][ T30] audit: type=1800 audit(4294986035.359:286): pid=18689 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2590" name="lu_gp_id" dev="configfs" ino=85171 res=0 errno=0 [ 728.808393][T18682] CPU: 1 UID: 0 PID: 18682 Comm: syz.0.2598 Tainted: G U L syzkaller #0 PREEMPT(full) [ 728.808448][T18682] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 728.808460][T18682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 728.808477][T18682] Call Trace: [ 728.808487][T18682] [ 728.808498][T18682] dump_stack_lvl+0x100/0x190 [ 728.808533][T18682] should_fail_ex.cold+0x5/0xa [ 728.808553][T18682] should_failslab+0xc2/0x120 [ 728.808569][T18682] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 728.808593][T18682] ? alloc_inode+0x183/0x250 [ 728.808611][T18682] ? stashed_dentry_get+0x10a/0x2c0 [ 728.808626][T18682] ? stashed_dentry_get+0x10a/0x2c0 [ 728.808645][T18682] alloc_inode+0x183/0x250 [ 728.808665][T18682] path_from_stashed+0x25b/0x750 [ 728.808685][T18682] pidfs_alloc_file+0xf8/0x290 [ 728.808707][T18682] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 728.808735][T18682] pidfd_prepare+0x123/0x200 [ 728.808754][T18682] __x64_sys_pidfd_open+0x105/0x1a0 [ 728.808775][T18682] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 728.808800][T18682] do_syscall_64+0x106/0xf80 [ 728.808818][T18682] ? clear_bhb_loop+0x40/0x90 [ 728.808837][T18682] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 728.808852][T18682] RIP: 0033:0x7f3f5959c799 [ 728.808867][T18682] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 728.808882][T18682] RSP: 002b:00007f3f5a4bb028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 728.808901][T18682] RAX: ffffffffffffffda RBX: 00007f3f59815fa0 RCX: 00007f3f5959c799 [ 728.808912][T18682] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 728.808921][T18682] RBP: 00007f3f59632c99 R08: 0000000000000000 R09: 0000000000000000 [ 728.808931][T18682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 728.808941][T18682] R13: 00007f3f59816038 R14: 00007f3f59815fa0 R15: 00007ffce20e4048 [ 728.808961][T18682] [ 729.558771][T18703] FAULT_INJECTION: forcing a failure. [ 729.558771][T18703] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 729.575069][T18703] CPU: 0 UID: 0 PID: 18703 Comm: syz.2.2595 Tainted: G U L syzkaller #0 PREEMPT(full) [ 729.575115][T18703] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 729.575125][T18703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 729.575141][T18703] Call Trace: [ 729.575150][T18703] [ 729.575161][T18703] dump_stack_lvl+0x100/0x190 [ 729.575199][T18703] should_fail_ex.cold+0x5/0xa [ 729.575224][T18703] _copy_to_user+0x32/0xd0 [ 729.575241][T18703] simple_read_from_buffer+0xcb/0x170 [ 729.575266][T18703] proc_fail_nth_read+0x1af/0x230 [ 729.575287][T18703] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 729.575306][T18703] ? rw_verify_area+0xce/0x6d0 [ 729.575327][T18703] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 729.575345][T18703] vfs_read+0x1e4/0xb30 [ 729.575370][T18703] ? __pfx_vfs_read+0x10/0x10 [ 729.575392][T18703] ? __fget_files+0x215/0x3d0 [ 729.575410][T18703] ? __fget_files+0x21f/0x3d0 [ 729.575429][T18703] ksys_read+0x12a/0x250 [ 729.575451][T18703] ? __pfx_ksys_read+0x10/0x10 [ 729.575479][T18703] do_syscall_64+0x106/0xf80 [ 729.575498][T18703] ? clear_bhb_loop+0x40/0x90 [ 729.575517][T18703] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.575532][T18703] RIP: 0033:0x7ff35595cfce [ 729.575547][T18703] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 729.575562][T18703] RSP: 002b:00007ff35682dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 729.575577][T18703] RAX: ffffffffffffffda RBX: 00007ff35682e6c0 RCX: 00007ff35595cfce [ 729.575588][T18703] RDX: 000000000000000f RSI: 00007ff35682e0a0 RDI: 0000000000000007 [ 729.575597][T18703] RBP: 00007ff35682e090 R08: 0000000000000000 R09: 0000000000000000 [ 729.575606][T18703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 729.575615][T18703] R13: 00007ff355c16128 R14: 00007ff355c16090 R15: 00007fffd98b50f8 [ 729.575635][T18703] [ 729.920289][ T30] audit: type=1800 audit(4294986036.449:287): pid=18705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2593" name="lu_gp_id" dev="configfs" ino=84763 res=0 errno=0 [ 730.432686][T18705] could not allocate digest TFM handle [ 730.488344][T18720] overlayfs: missing 'lowerdir' [ 730.877403][ T30] audit: type=1800 audit(4294986037.529:288): pid=18731 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2601" name="lu_gp_id" dev="configfs" ino=85248 res=0 errno=0 [ 731.167025][T18731] could not allocate digest TFM handle [ 732.900375][T18771] zswap: compressor not available [ 733.273167][T18771] zswap: compressor  not available [ 733.341522][T18787] FAULT_INJECTION: forcing a failure. [ 733.341522][T18787] name failslab, interval 1, probability 0, space 0, times 0 [ 733.384946][T18787] CPU: 1 UID: 0 PID: 18787 Comm: syz.2.2612 Tainted: G U L syzkaller #0 PREEMPT(full) [ 733.385000][T18787] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 733.385014][T18787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 733.385031][T18787] Call Trace: [ 733.385042][T18787] [ 733.385054][T18787] dump_stack_lvl+0x100/0x190 [ 733.385108][T18787] should_fail_ex.cold+0x5/0xa [ 733.385145][T18787] ? snd_midi_event_new+0xa1/0x210 [ 733.385318][T18787] should_failslab+0xc2/0x120 [ 733.385351][T18787] __kmalloc_noprof+0xe0/0x850 [ 733.385403][T18787] snd_midi_event_new+0xa1/0x210 [ 733.385445][T18787] snd_virmidi_output_open+0x106/0x670 [ 733.385514][T18787] open_substream+0x480/0x9e0 [ 733.385588][T18787] rawmidi_open_priv+0x595/0x6f0 [ 733.385629][T18787] snd_rawmidi_open+0x4c9/0xba0 [ 733.385673][T18787] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 733.385708][T18787] ? __pfx_default_wake_function+0x10/0x10 [ 733.385743][T18787] ? kobject_get_unless_zero+0x156/0x200 [ 733.385786][T18787] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 733.385818][T18787] snd_open+0x22d/0x4c0 [ 733.385893][T18787] ? __pfx_snd_open+0x10/0x10 [ 733.385934][T18787] chrdev_open+0x234/0x6a0 [ 733.385963][T18787] ? __pfx_apparmor_file_open+0x10/0x10 [ 733.386006][T18787] ? __pfx_chrdev_open+0x10/0x10 [ 733.386038][T18787] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 733.386078][T18787] do_dentry_open+0x6d8/0x1660 [ 733.386107][T18787] ? __pfx_chrdev_open+0x10/0x10 [ 733.386145][T18787] vfs_open+0x82/0x3f0 [ 733.386183][T18787] path_openat+0x208c/0x31a0 [ 733.386227][T18787] ? __pfx_path_openat+0x10/0x10 [ 733.386272][T18787] do_file_open+0x20e/0x430 [ 733.386305][T18787] ? __pfx_do_file_open+0x10/0x10 [ 733.386363][T18787] ? alloc_fd+0x476/0x790 [ 733.386396][T18787] ? do_getname+0x191/0x390 [ 733.386436][T18787] do_sys_openat2+0x10d/0x1e0 [ 733.386474][T18787] ? __pfx_do_sys_openat2+0x10/0x10 [ 733.386527][T18787] ? irqentry_exit+0x180/0x670 [ 733.386563][T18787] ? lockdep_hardirqs_on+0x78/0x100 [ 733.386603][T18787] __x64_sys_openat+0x12d/0x210 [ 733.386644][T18787] ? __pfx___x64_sys_openat+0x10/0x10 [ 733.386697][T18787] do_syscall_64+0x106/0xf80 [ 733.386732][T18787] ? clear_bhb_loop+0x40/0x90 [ 733.386770][T18787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 733.386800][T18787] RIP: 0033:0x7ff35599c799 [ 733.386828][T18787] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 733.386857][T18787] RSP: 002b:00007ff35682e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 733.386887][T18787] RAX: ffffffffffffffda RBX: 00007ff355c16090 RCX: 00007ff35599c799 [ 733.386908][T18787] RDX: 0000000000002841 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 733.386928][T18787] RBP: 00007ff355a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 733.386947][T18787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 733.386965][T18787] R13: 00007ff355c16128 R14: 00007ff355c16090 R15: 00007fffd98b50f8 [ 733.387004][T18787] [ 734.915452][ T30] audit: type=1800 audit(4294986041.569:289): pid=18806 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2616" name="lu_gp_id" dev="configfs" ino=85451 res=0 errno=0 [ 735.253999][T18806] could not allocate digest TFM handle [ 736.662075][ T30] audit: type=1800 audit(4294986043.319:290): pid=18837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2622" name="lu_gp_id" dev="configfs" ino=85563 res=0 errno=0 [ 737.033361][T18837] could not allocate digest TFM handle [ 737.041419][T18845] ksmbd: Unknown IPC event: 14, ignore. [ 737.459000][ T30] audit: type=1800 audit(4294986044.109:291): pid=18861 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2628" name="lu_gp_id" dev="configfs" ino=85665 res=0 errno=0 [ 737.677012][T18861] could not allocate digest TFM handle [ 737.688789][T18873] FAULT_INJECTION: forcing a failure. [ 737.688789][T18873] name failslab, interval 1, probability 0, space 0, times 0 [ 737.709234][T18873] CPU: 0 UID: 0 PID: 18873 Comm: syz.0.2631 Tainted: G U L syzkaller #0 PREEMPT(full) [ 737.709278][T18873] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 737.709288][T18873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 737.709304][T18873] Call Trace: [ 737.709314][T18873] [ 737.709325][T18873] dump_stack_lvl+0x100/0x190 [ 737.709369][T18873] should_fail_ex.cold+0x5/0xa [ 737.709400][T18873] should_failslab+0xc2/0x120 [ 737.709428][T18873] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 737.709462][T18873] ? security_file_alloc+0x34/0x2c0 [ 737.709489][T18873] ? trace_kmem_cache_alloc+0xf3/0x120 [ 737.709521][T18873] security_file_alloc+0x34/0x2c0 [ 737.709548][T18873] init_file+0x95/0x480 [ 737.709578][T18873] alloc_empty_file+0x73/0x1c0 [ 737.709617][T18873] alloc_file_pseudo+0x13a/0x230 [ 737.709649][T18873] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 737.709680][T18873] ? alloc_fd+0x476/0x790 [ 737.709710][T18873] sock_alloc_file+0x50/0x210 [ 737.709746][T18873] __sys_socket+0x1c0/0x260 [ 737.709770][T18873] ? __pfx___sys_socket+0x10/0x10 [ 737.709802][T18873] __x64_sys_socket+0x72/0xb0 [ 737.709824][T18873] ? lockdep_hardirqs_on+0x78/0x100 [ 737.709855][T18873] do_syscall_64+0x106/0xf80 [ 737.709883][T18873] ? clear_bhb_loop+0x40/0x90 [ 737.709914][T18873] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 737.709940][T18873] RIP: 0033:0x7f3f5959c799 [ 737.709961][T18873] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 737.709985][T18873] RSP: 002b:00007f3f5a479028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 737.710010][T18873] RAX: ffffffffffffffda RBX: 00007f3f59816180 RCX: 00007f3f5959c799 [ 737.710028][T18873] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 737.710044][T18873] RBP: 00007f3f59632c99 R08: 0000000000000000 R09: 0000000000000000 [ 737.710062][T18873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 737.710077][T18873] R13: 00007f3f59816218 R14: 00007f3f59816180 R15: 00007ffce20e4048 [ 737.710110][T18873] [ 738.373263][T18879] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input28 [ 739.269304][T18891] binder: 18889:18891 ioctl 4018620d 9 returned -22 [ 739.812084][ T30] audit: type=1800 audit(4294986046.459:292): pid=18905 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2637" name="lu_gp_id" dev="configfs" ino=86471 res=0 errno=0 [ 739.986202][T18905] could not allocate digest TFM handle [ 741.520835][ T30] audit: type=1800 audit(4294986048.169:293): pid=18941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2643" name="lu_gp_id" dev="configfs" ino=86560 res=0 errno=0 [ 741.832021][T18941] could not allocate digest TFM handle [ 742.490813][T18972] sp0: Synchronizing with TNC [ 742.622541][T18976] FAULT_INJECTION: forcing a failure. [ 742.622541][T18976] name failslab, interval 1, probability 0, space 0, times 0 [ 742.672758][T18976] CPU: 0 UID: 0 PID: 18976 Comm: syz.1.2650 Tainted: G U L syzkaller #0 PREEMPT(full) [ 742.672789][T18976] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 742.672795][T18976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 742.672805][T18976] Call Trace: [ 742.672811][T18976] [ 742.672819][T18976] dump_stack_lvl+0x100/0x190 [ 742.672850][T18976] should_fail_ex.cold+0x5/0xa [ 742.672869][T18976] should_failslab+0xc2/0x120 [ 742.672886][T18976] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 742.672909][T18976] ? prepare_creds+0x2c/0x950 [ 742.672931][T18976] ? from_kuid_munged+0xaa/0x130 [ 742.672949][T18976] prepare_creds+0x2c/0x950 [ 742.672972][T18976] __sys_setfsuid+0xda/0x380 [ 742.672989][T18976] do_syscall_64+0x106/0xf80 [ 742.673008][T18976] ? clear_bhb_loop+0x40/0x90 [ 742.673026][T18976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 742.673042][T18976] RIP: 0033:0x7fa72f79c799 [ 742.673056][T18976] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 742.673071][T18976] RSP: 002b:00007fa72d9f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000007a [ 742.673086][T18976] RAX: ffffffffffffffda RBX: 00007fa72fa16090 RCX: 00007fa72f79c799 [ 742.673096][T18976] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee00 [ 742.673105][T18976] RBP: 00007fa72f832c99 R08: 0000000000000000 R09: 0000000000000000 [ 742.673115][T18976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 742.673123][T18976] R13: 00007fa72fa16128 R14: 00007fa72fa16090 R15: 00007fff55e9b638 [ 742.673143][T18976] [ 743.063344][ T30] audit: type=1800 audit(4294986049.719:294): pid=18983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2651" name="lu_gp_id" dev="configfs" ino=86765 res=0 errno=0 [ 743.330187][T18983] could not allocate digest TFM handle [ 743.724299][T13124] dummy0: left allmulticast mode [ 743.735710][T13124] dummy0: left promiscuous mode [ 743.757723][T13124] bridge0: port 3(dummy0) entered disabled state [ 743.790694][T13124] bridge_slave_1: left allmulticast mode [ 743.817971][T13124] bridge_slave_1: left promiscuous mode [ 743.831688][T13124] bridge0: port 2(bridge_slave_1) entered disabled state [ 743.844712][T18998] could not allocate digest TFM handle [ 743.856135][T13124] bridge_slave_0: left allmulticast mode [ 743.866950][T13124] bridge_slave_0: left promiscuous mode [ 743.880359][T13124] bridge0: port 1(bridge_slave_0) entered disabled state [ 744.254674][T13124] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 744.266633][T13124] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 744.276770][T13124] bond0 (unregistering): Released all slaves [ 744.376245][T13124] HfR: left promiscuous mode [ 745.065860][T13124] hsr_slave_0: left promiscuous mode [ 745.086135][T13124] hsr_slave_1: left promiscuous mode [ 745.098638][T13124] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 745.146436][T13124] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 745.168555][T13124] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 745.187619][T19025] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 745.200291][T13124] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 745.224504][T13124] veth1_macvtap: left promiscuous mode [ 745.244302][T13124] veth0_macvtap: left promiscuous mode [ 745.263094][T13124] veth1_vlan: left promiscuous mode [ 745.281149][T13124] veth0_vlan: left promiscuous mode [ 745.684947][T19037] FAULT_INJECTION: forcing a failure. [ 745.684947][T19037] name failslab, interval 1, probability 0, space 0, times 0 [ 745.736359][T19037] CPU: 0 UID: 0 PID: 19037 Comm: syz.3.2662 Tainted: G U L syzkaller #0 PREEMPT(full) [ 745.736392][T19037] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 745.736399][T19037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 745.736410][T19037] Call Trace: [ 745.736415][T19037] [ 745.736423][T19037] dump_stack_lvl+0x100/0x190 [ 745.736451][T19037] should_fail_ex.cold+0x5/0xa [ 745.736589][T19037] should_failslab+0xc2/0x120 [ 745.736622][T19037] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 745.736665][T19037] ? prepare_creds+0x2c/0x950 [ 745.736688][T19037] ? from_kuid_munged+0xaa/0x130 [ 745.736708][T19037] prepare_creds+0x2c/0x950 [ 745.736733][T19037] __sys_setfsuid+0xda/0x380 [ 745.736752][T19037] do_syscall_64+0x106/0xf80 [ 745.736773][T19037] ? clear_bhb_loop+0x40/0x90 [ 745.736805][T19037] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.736835][T19037] RIP: 0033:0x7f639739c799 [ 745.736876][T19037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 745.736906][T19037] RSP: 002b:00007f6398273028 EFLAGS: 00000246 ORIG_RAX: 000000000000007a [ 745.736924][T19037] RAX: ffffffffffffffda RBX: 00007f6397616180 RCX: 00007f639739c799 [ 745.736936][T19037] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee00 [ 745.736947][T19037] RBP: 00007f6397432c99 R08: 0000000000000000 R09: 0000000000000000 [ 745.736957][T19037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.736966][T19037] R13: 00007f6397616218 R14: 00007f6397616180 R15: 00007fff53ae0af8 [ 745.736988][T19037] [ 746.095629][T13124] team0 (unregistering): Port device team_slave_1 removed [ 746.101990][T19044] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 746.308822][T19034] sp0: Synchronizing with TNC [ 746.606061][ T30] audit: type=1800 audit(4294986053.239:295): pid=19047 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2664" name="lu_gp_id" dev="configfs" ino=86948 res=0 errno=0 [ 746.961324][T19047] could not allocate digest TFM handle [ 747.772784][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.779777][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.845941][ T30] audit: type=1800 audit(4294986054.499:296): pid=19063 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2667" name="lu_gp_id" dev="configfs" ino=86993 res=0 errno=0 [ 748.153292][T19072] could not allocate digest TFM handle [ 748.361137][T19070] bridge0: port 3(team0) entered blocking state [ 748.434162][T19070] bridge0: port 3(team0) entered disabled state [ 748.521685][T19070] team0: entered allmulticast mode [ 748.628076][T19070] team_slave_0: entered allmulticast mode [ 748.648084][T19070] team_slave_1: entered allmulticast mode [ 748.673526][T19070] team0: entered promiscuous mode [ 748.687045][T19070] team_slave_0: entered promiscuous mode [ 748.706645][T19070] team_slave_1: entered promiscuous mode [ 748.719601][ T30] audit: type=1800 audit(4294986055.369:297): pid=19089 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2671" name="lu_gp_id" dev="configfs" ino=87038 res=0 errno=0 [ 748.777972][T19070] bridge0: port 3(team0) entered blocking state [ 748.784827][T19070] bridge0: port 3(team0) entered forwarding state [ 748.970241][T19089] could not allocate digest TFM handle [ 750.282673][ T30] audit: type=1800 audit(4294986056.939:298): pid=19133 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2681" name="lu_gp_id" dev="configfs" ino=88174 res=0 errno=0 [ 750.699793][T19133] could not allocate digest TFM handle [ 750.952348][T19137] could not allocate digest TFM handle [ 751.638817][T19159] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 751.942928][ T30] audit: type=1800 audit(4294986058.579:299): pid=19173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2685" name="lu_gp_id" dev="configfs" ino=87405 res=0 errno=0 [ 752.187412][T19173] could not allocate digest TFM handle [ 753.900334][ T30] audit: type=1800 audit(4294986060.549:300): pid=19211 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2694" name="lu_gp_id" dev="configfs" ino=87507 res=0 errno=0 [ 754.065075][T19211] could not allocate digest TFM handle [ 755.206636][ T30] audit: type=1800 audit(4294987084.860:301): pid=19255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2700" name="lu_gp_id" dev="configfs" ino=87658 res=0 errno=0 [ 755.352950][T19255] could not allocate digest TFM handle [ 756.521789][ T30] audit: type=1800 audit(4294987086.179:302): pid=19278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2707" name="lu_gp_id" dev="configfs" ino=87754 res=0 errno=0 [ 756.763827][T19278] could not allocate digest TFM handle [ 757.777635][T19314] FAULT_INJECTION: forcing a failure. [ 757.777635][T19314] name failslab, interval 1, probability 0, space 0, times 0 [ 757.821570][ T30] audit: type=1800 audit(4294987087.469:303): pid=19320 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2714" name="lu_gp_id" dev="configfs" ino=88936 res=0 errno=0 [ 757.868272][T19314] CPU: 0 UID: 0 PID: 19314 Comm: syz.2.2716 Tainted: G U L syzkaller #0 PREEMPT(full) [ 757.868310][T19314] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 757.868317][T19314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 757.868327][T19314] Call Trace: [ 757.868333][T19314] [ 757.868340][T19314] dump_stack_lvl+0x100/0x190 [ 757.868368][T19314] should_fail_ex.cold+0x5/0xa [ 757.868388][T19314] should_failslab+0xc2/0x120 [ 757.868405][T19314] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 757.868428][T19314] ? vm_area_dup+0x27/0x8e0 [ 757.868451][T19314] vm_area_dup+0x27/0x8e0 [ 757.868473][T19314] __split_vma+0x18c/0xd90 [ 757.868496][T19314] ? __pfx___split_vma+0x10/0x10 [ 757.868521][T19314] ? __mpol_equal+0xaf/0x340 [ 757.868543][T19314] vma_modify+0x1121/0x2250 [ 757.868569][T19314] ? __pfx_vma_modify+0x10/0x10 [ 757.868594][T19314] vma_modify_policy+0x238/0x300 [ 757.868616][T19314] ? __pfx_vma_modify_policy+0x10/0x10 [ 757.868654][T19314] mbind_range+0x175/0x550 [ 757.868674][T19314] do_mbind+0x7de/0xfd0 [ 757.868696][T19314] ? __might_fault+0xc5/0x140 [ 757.868716][T19314] ? __pfx_do_mbind+0x10/0x10 [ 757.868738][T19314] ? _copy_from_user+0x59/0xd0 [ 757.868758][T19314] ? __pfx_get_nodes+0x10/0x10 [ 757.868786][T19314] kernel_mbind+0x1b7/0x200 [ 757.868806][T19314] ? __pfx_kernel_mbind+0x10/0x10 [ 757.868829][T19314] do_syscall_64+0x106/0xf80 [ 757.868848][T19314] ? clear_bhb_loop+0x40/0x90 [ 757.868867][T19314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 757.868882][T19314] RIP: 0033:0x7ff35599c799 [ 757.868897][T19314] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 757.868911][T19314] RSP: 002b:00007ff35684f028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 757.868927][T19314] RAX: ffffffffffffffda RBX: 00007ff355c15fa0 RCX: 00007ff35599c799 [ 757.868937][T19314] RDX: 0000000000008003 RSI: 0000000000800605 RDI: 0000000000000000 [ 757.868947][T19314] RBP: 00007ff355a32c99 R08: 0000000000000003 R09: 0000000000000003 [ 757.868957][T19314] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000000 [ 757.868967][T19314] R13: 00007ff355c16038 R14: 00007ff355c15fa0 R15: 00007fffd98b50f8 [ 757.868988][T19314] [ 758.150042][T19320] could not allocate digest TFM handle [ 758.649650][T19337] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 758.673385][T19337] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 758.987390][ T30] audit: type=1800 audit(4294987088.628:304): pid=19347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2721" name="lu_gp_id" dev="configfs" ino=87926 res=0 errno=0 [ 759.249511][T19347] could not allocate digest TFM handle [ 760.272686][ T30] audit: type=1800 audit(4294987089.917:305): pid=19371 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=89038 res=0 errno=0 [ 760.493178][ T30] audit: type=1800 audit(4294987090.147:306): pid=19374 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2727" name="dbroot" dev="configfs" ino=89044 res=0 errno=0 [ 760.673218][T19374] tipc: Started in network mode [ 760.678411][T19374] tipc: Node identity ffffffff, cluster identity 4711 [ 760.696871][T19374] tipc: Node number set to 4294967295 [ 761.320126][ T30] audit: type=1800 audit(4294987090.967:307): pid=19405 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2728" name="lu_gp_id" dev="configfs" ino=88037 res=0 errno=0 [ 761.451906][T19405] could not allocate digest TFM handle [ 762.262398][ T30] audit: type=1800 audit(4294987091.906:308): pid=19425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2733" name="lu_gp_id" dev="configfs" ino=89144 res=0 errno=0 [ 762.756432][T19425] could not allocate digest TFM handle [ 764.569560][ T30] audit: type=1800 audit(4294987094.215:309): pid=19469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=90363 res=0 errno=0 [ 765.082374][T19486] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29 [ 765.140657][ T30] audit: type=1800 audit(4294987094.785:310): pid=19478 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2747" name="lu_gp_id" dev="configfs" ino=90393 res=0 errno=0 [ 765.327575][T19478] could not allocate digest TFM handle [ 765.461428][T19485] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30 [ 767.449543][ T30] audit: type=1800 audit(4294987097.094:311): pid=19531 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=89418 res=0 errno=0 [ 767.965738][T19552] could not allocate digest TFM handle [ 768.239108][T19560] could not allocate digest TFM handle [ 770.338193][ T6271] Bluetooth: hci4: command 0x0406 tx timeout [ 770.975916][ T30] audit: type=1800 audit(4294987100.612:312): pid=19610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=89583 res=0 errno=0 [ 771.387924][T19615] could not allocate digest TFM handle [ 772.146019][T19631] sctp: [Deprecated]: syz.3.2775 (pid 19631) Use of int in max_burst socket option. [ 772.146019][T19631] Use struct sctp_assoc_value instead [ 772.446919][T19639] nvme_fcloop: unknown parameter or missing value '7' [ 773.206241][T19638] sctp: [Deprecated]: syz.3.2775 (pid 19638) Use of int in max_burst socket option. [ 773.206241][T19638] Use struct sctp_assoc_value instead [ 773.436501][T19653] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 773.554839][T19654] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 774.924933][T19666] bridge0: port 3(team0) entered blocking state [ 774.988728][T19666] bridge0: port 3(team0) entered disabled state [ 775.035629][T19666] team0: entered allmulticast mode [ 775.096791][T19666] team_slave_0: entered allmulticast mode [ 775.148232][ T30] audit: type=1800 audit(4294987104.790:313): pid=19669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=91069 res=0 errno=0 [ 775.187599][T19666] team_slave_1: entered allmulticast mode [ 775.202518][T19666] team0: entered promiscuous mode [ 775.219083][T19666] team_slave_0: entered promiscuous mode [ 775.255287][T19666] team_slave_1: entered promiscuous mode [ 775.294508][T19666] bridge0: port 3(team0) entered blocking state [ 775.301373][T19666] bridge0: port 3(team0) entered forwarding state [ 775.587493][T19672] zswap: compressor not available [ 776.300564][ T30] audit: type=1800 audit(4294987105.939:314): pid=19690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2786" name="lu_gp_id" dev="configfs" ino=91136 res=0 errno=0 [ 776.487984][T19690] could not allocate digest TFM handle [ 777.203208][T19711] bonding: no command found in bonding_masters - use +ifname or -ifname [ 777.298309][T19715] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 777.377759][T19715] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 778.601363][ T30] audit: type=1800 audit(4294987108.238:315): pid=19733 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=91303 res=0 errno=0 [ 779.500998][T19749] bridge0: port 3(team0) entered blocking state [ 779.510003][T19749] bridge0: port 3(team0) entered disabled state [ 779.518080][T19749] team0: entered allmulticast mode [ 779.525227][T19749] team_slave_0: entered allmulticast mode [ 779.531542][T19749] team_slave_1: entered allmulticast mode [ 779.559692][T19749] team0: entered promiscuous mode [ 779.565115][T19749] team_slave_0: entered promiscuous mode [ 779.584913][T19749] team_slave_1: entered promiscuous mode [ 779.608154][T19749] bridge0: port 3(team0) entered blocking state [ 779.615353][T19749] bridge0: port 3(team0) entered forwarding state [ 780.031829][ T30] audit: type=1800 audit(4294987109.668:316): pid=19759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2801" name="lu_gp_id" dev="configfs" ino=91367 res=0 errno=0 [ 780.252837][T19759] could not allocate digest TFM handle [ 781.421424][T19784] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 781.464802][T19784] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 781.964463][T19795] syz.2.2808 (19795) used obsolete PPPIOCDETACH ioctl [ 783.726520][ T30] audit: type=1800 audit(4294987113.366:317): pid=19818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=91661 res=0 errno=0 [ 784.368724][ T30] audit: type=1800 audit(4294987114.005:318): pid=19830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2813" name="lu_gp_id" dev="configfs" ino=90009 res=0 errno=0 [ 784.702210][T19830] could not allocate digest TFM handle [ 785.123036][ T30] audit: type=1800 audit(4294987114.755:319): pid=19824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=91781 res=0 errno=0 [ 785.712991][ T6271] Bluetooth: hci1: command 0x0406 tx timeout [ 786.585011][T19869] nvme_fcloop: unknown parameter or missing value '7' [ 788.319515][T19901] __vm_enough_memory: pid: 19901, comm: syz.2.2831, bytes: 4398046511104 not enough memory for the allocation [ 789.257537][ T30] audit: type=1800 audit(4294987118.883:320): pid=19917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=92033 res=0 errno=0 [ 790.306252][T19929] nvme_fcloop: unknown parameter or missing value '7' [ 790.555400][ T30] audit: type=1800 audit(4294987120.182:321): pid=19941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2839" name="trace_pipe" dev="tracefs" ino=3455 res=0 errno=0 [ 792.805601][ T30] audit: type=1800 audit(4294988149.435:322): pid=19989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=93237 res=0 errno=0 [ 793.062830][T19990] could not allocate digest TFM handle [ 794.937296][T20012] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 795.643176][T20031] bonding: no command found in bonding_masters - use +ifname or -ifname [ 796.289653][ T30] audit: type=1800 audit(4294988152.923:323): pid=20046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2868" name="lu_gp_id" dev="configfs" ino=93320 res=0 errno=0 [ 796.639849][T20046] could not allocate digest TFM handle [ 796.854272][T20057] could not allocate digest TFM handle [ 798.565070][ T30] audit: type=1800 audit(4294988155.202:324): pid=20095 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2878" name="lu_gp_id" dev="configfs" ino=92663 res=0 errno=0 [ 798.912198][T20095] could not allocate digest TFM handle [ 799.284463][T20108] bonding: no command found in bonding_masters - use +ifname or -ifname [ 799.758937][ T30] audit: type=1800 audit(4294988156.391:325): pid=20114 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2874" name="lu_gp_id" dev="configfs" ino=93506 res=0 errno=0 [ 800.080072][T20114] could not allocate digest TFM handle [ 801.120203][ T30] audit: type=1800 audit(4294988157.750:326): pid=20140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=92746 res=0 errno=0 [ 802.176018][T20145] scsi_dev_info_list_add_str: bad dev info string '' '' '' [ 802.603993][T20151] netlink: 'syz.3.2881': attribute type 11 has an invalid length. [ 802.612509][T20151] netlink: 'syz.3.2881': attribute type 11 has an invalid length. [ 802.723949][T20151] netlink: 'syz.3.2881': attribute type 11 has an invalid length. [ 803.045408][T20169] netlink: zone id is out of range [ 803.050842][T20169] netlink: zone id is out of range [ 803.062173][T20169] netlink: zone id is out of range [ 803.068117][T20169] netlink: zone id is out of range [ 803.073701][T20169] netlink: zone id is out of range [ 803.103194][T20169] netlink: zone id is out of range [ 803.130346][T20169] netlink: zone id is out of range [ 803.172939][T20169] netlink: set zone limit has 8 unknown bytes [ 803.380037][ T30] audit: type=1800 audit(4294988160.009:327): pid=20181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2885" name="lu_gp_id" dev="configfs" ino=92887 res=0 errno=0 [ 803.581529][T20181] could not allocate digest TFM handle [ 803.699737][T20191] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2888'. [ 804.573523][ T30] audit: type=1800 audit(4294988161.189:328): pid=20211 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2891" name="lu_gp_id" dev="configfs" ino=93874 res=0 errno=0 [ 804.976676][T20211] could not allocate digest TFM handle [ 805.964734][T20236] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input31 [ 806.365314][T20246] could not allocate digest TFM handle [ 806.533803][ T30] audit: type=1800 audit(4294988163.158:329): pid=20251 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=93045 res=0 errno=0 [ 806.835762][T20257] Invalid ELF header magic: != ELF [ 807.498087][ T30] audit: type=1800 audit(4294988164.107:330): pid=20280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2906" name="lu_gp_id" dev="configfs" ino=94122 res=0 errno=0 [ 807.656548][T20280] could not allocate digest TFM handle [ 808.265693][T20293] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 809.242800][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.250430][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.725728][T20323] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2911'. [ 810.531353][ T30] audit: type=1800 audit(4294988167.156:331): pid=20347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2917" name="lu_gp_id" dev="configfs" ino=94359 res=0 errno=0 [ 810.791686][T20347] could not allocate digest TFM handle [ 810.940236][T20363] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 810.961200][T20362] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 810.984973][T20362] __vm_enough_memory: pid: 20362, comm: syz.3.2921, bytes: 4398046511104 not enough memory for the allocation [ 811.320851][ T6271] Bluetooth: hci2: command 0x0406 tx timeout [ 811.444119][T20366] zswap: compressor not available [ 811.455597][T20382] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 811.487592][T20382] __vm_enough_memory: pid: 20382, comm: syz.2.2925, bytes: 4398046511104 not enough memory for the allocation [ 813.021899][ T30] audit: type=1800 audit(4294988169.645:332): pid=20431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2931" name="lu_gp_id" dev="configfs" ino=94600 res=0 errno=0 [ 813.300105][T20431] could not allocate digest TFM handle [ 813.944219][ T30] audit: type=1800 audit(4294988170.564:333): pid=20439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=94654 res=0 errno=0 [ 815.716389][ T30] audit: type=1800 audit(4294988172.343:334): pid=20466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=95559 res=0 errno=0 [ 816.696595][ T30] audit: type=1800 audit(4294988173.323:335): pid=20502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2946" name="lu_gp_id" dev="configfs" ino=94920 res=0 errno=0 [ 816.951698][T20502] could not allocate digest TFM handle [ 817.370731][T20511] FAULT_INJECTION: forcing a failure. [ 817.370731][T20511] name failslab, interval 1, probability 0, space 0, times 0 [ 817.395349][T20511] CPU: 1 UID: 0 PID: 20511 Comm: syz.2.2949 Tainted: G U L syzkaller #0 PREEMPT(full) [ 817.395409][T20511] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 817.395421][T20511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 817.395438][T20511] Call Trace: [ 817.395446][T20511] [ 817.395458][T20511] dump_stack_lvl+0x100/0x190 [ 817.395508][T20511] should_fail_ex.cold+0x5/0xa [ 817.395552][T20511] should_failslab+0xc2/0x120 [ 817.395585][T20511] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 817.395627][T20511] ? __d_alloc+0x34/0xa80 [ 817.395656][T20511] ? __pfx_stack_trace_save+0x10/0x10 [ 817.395688][T20511] __d_alloc+0x34/0xa80 [ 817.395720][T20511] d_alloc_parallel+0x111/0x14e0 [ 817.395770][T20511] ? find_held_lock+0x2b/0x80 [ 817.395797][T20511] ? __d_lookup+0x25c/0x4a0 [ 817.395837][T20511] ? __pfx_d_alloc_parallel+0x10/0x10 [ 817.395881][T20511] ? __d_lookup+0x266/0x4a0 [ 817.395931][T20511] lookup_open.isra.0+0x57c/0x11b0 [ 817.395985][T20511] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 817.396051][T20511] ? mnt_get_write_access+0x1e9/0x2f0 [ 817.396099][T20511] path_openat+0xa98/0x31a0 [ 817.396143][T20511] ? __pfx_path_openat+0x10/0x10 [ 817.396189][T20511] do_file_open+0x20e/0x430 [ 817.396222][T20511] ? __pfx_do_file_open+0x10/0x10 [ 817.396282][T20511] ? alloc_fd+0x476/0x790 [ 817.396315][T20511] ? do_getname+0x191/0x390 [ 817.396355][T20511] do_sys_openat2+0x10d/0x1e0 [ 817.396400][T20511] ? __pfx_do_sys_openat2+0x10/0x10 [ 817.396443][T20511] ? __fget_files+0x21f/0x3d0 [ 817.396480][T20511] __x64_sys_openat+0x12d/0x210 [ 817.396520][T20511] ? __pfx___x64_sys_openat+0x10/0x10 [ 817.396575][T20511] do_syscall_64+0x106/0xf80 [ 817.396611][T20511] ? clear_bhb_loop+0x40/0x90 [ 817.396648][T20511] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.396679][T20511] RIP: 0033:0x7ff35599c799 [ 817.396705][T20511] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 817.396735][T20511] RSP: 002b:00007ff35684f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 817.396765][T20511] RAX: ffffffffffffffda RBX: 00007ff355c15fa0 RCX: 00007ff35599c799 [ 817.396786][T20511] RDX: 000000000014be02 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 817.396807][T20511] RBP: 00007ff355a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 817.396827][T20511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 817.396846][T20511] R13: 00007ff355c16038 R14: 00007ff355c15fa0 R15: 00007fffd98b50f8 [ 817.396886][T20511] [ 818.480131][ T30] audit: type=1800 audit(4294988175.102:336): pid=20547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2953" name="lu_gp_id" dev="configfs" ino=95014 res=0 errno=0 [ 818.681261][T20547] could not allocate digest TFM handle [ 819.937414][ T30] audit: type=1800 audit(4294988176.561:337): pid=20578 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=95888 res=0 errno=0 [ 820.452940][ T30] audit: type=1800 audit(4294988177.051:338): pid=20587 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2959" name="lu_gp_id" dev="configfs" ino=95894 res=0 errno=0 [ 820.605151][T20598] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2960'. [ 820.701749][T20587] could not allocate digest TFM handle [ 821.089522][T20609] syz.3.2963 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 821.153743][T20609] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2963'. [ 822.104593][ T30] audit: type=1800 audit(4294988178.730:339): pid=20637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2965" name="lu_gp_id" dev="configfs" ino=95993 res=0 errno=0 [ 822.293179][T20637] could not allocate digest TFM handle [ 822.928899][ T30] audit: type=1800 audit(4294988179.520:340): pid=20658 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2967" name="lu_gp_id" dev="configfs" ino=96030 res=0 errno=0 [ 823.062582][T20658] could not allocate digest TFM handle [ 823.879627][T20674] could not allocate digest TFM handle [ 824.524460][T20686] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2974'. [ 824.679315][ T30] audit: type=1800 audit(4294988181.299:341): pid=20688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2975" name="lu_gp_id" dev="configfs" ino=96650 res=0 errno=0 [ 824.848593][T20688] could not allocate digest TFM handle [ 826.224762][ T30] audit: type=1800 audit(4294988182.818:342): pid=20737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2985" name="lu_gp_id" dev="configfs" ino=96745 res=0 errno=0 [ 826.397829][T20737] could not allocate digest TFM handle [ 826.696261][ T6271] Bluetooth: hci5: command 0x0406 tx timeout [ 827.143898][T20751] i2c i2c-0: delete_device: Extra parameters [ 827.888542][ T30] audit: type=1800 audit(4294988184.497:343): pid=20765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=96825 res=0 errno=0 [ 828.133064][T20763] could not allocate digest TFM handle [ 829.227218][ T30] audit: type=1800 audit(4294988185.836:344): pid=20812 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2996" name="lu_gp_id" dev="configfs" ino=97338 res=0 errno=0 [ 829.428049][T20816] can: request_module (can-proto-0) failed. [ 829.524523][T20812] could not allocate digest TFM handle [ 830.392725][ T30] audit: type=1800 audit(4294988186.996:345): pid=20840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=97403 res=0 errno=0 [ 831.169815][T20836] kexec: Could not allocate control_code_buffer [ 831.427772][T20853] netlink: Invalid conntrack timeout [ 831.788436][ T30] audit: type=1800 audit(4294988188.395:346): pid=20860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3011" name="lu_gp_id" dev="configfs" ino=97073 res=0 errno=0 [ 831.811027][T15205] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 831.993222][T20860] could not allocate digest TFM handle [ 832.334798][T20878] zswap: compressor not available [ 832.374877][T20871] could not allocate digest TFM handle [ 833.408384][T15205] block nbd0: Receive control failed (result -32) [ 833.860374][T20938] i2c i2c-0: new_device: Can't parse I2C address [ 834.009168][T20947] FAULT_INJECTION: forcing a failure. [ 834.009168][T20947] name fail_futex, interval 1, probability 0, space 0, times 0 [ 834.056068][T20947] CPU: 1 UID: 0 PID: 20947 Comm: syz.3.3028 Tainted: G U L syzkaller #0 PREEMPT(full) [ 834.056118][T20947] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 834.056129][T20947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 834.056146][T20947] Call Trace: [ 834.056156][T20947] [ 834.056166][T20947] dump_stack_lvl+0x100/0x190 [ 834.056233][T20947] should_fail_ex.cold+0x5/0xa [ 834.056265][T20947] get_futex_key+0x1d2/0x1620 [ 834.056305][T20947] ? __pfx_get_futex_key+0x10/0x10 [ 834.056334][T20947] ? trace_ignore_this_task+0xbc/0x100 [ 834.056370][T20947] ? trace_ignore_this_task+0xbc/0x100 [ 834.056412][T20947] futex_wait_setup+0x83/0x510 [ 834.056460][T20947] __futex_wait+0x19f/0x300 [ 834.056501][T20947] ? __pfx___futex_wait+0x10/0x10 [ 834.056540][T20947] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 834.056576][T20947] ? lockdep_hardirqs_on+0x78/0x100 [ 834.056613][T20947] ? __pfx_futex_wake_mark+0x10/0x10 [ 834.056656][T20947] ? find_held_lock+0x2b/0x80 [ 834.056681][T20947] ? futex_wake+0x456/0x530 [ 834.056743][T20947] futex_wait+0xed/0x380 [ 834.056784][T20947] ? __pfx_futex_wait+0x10/0x10 [ 834.056843][T20947] do_futex+0x1ef/0x350 [ 834.056876][T20947] ? __pfx_do_futex+0x10/0x10 [ 834.056918][T20947] __x64_sys_futex+0x34f/0x4d0 [ 834.056956][T20947] ? __pfx___x64_sys_futex+0x10/0x10 [ 834.057009][T20947] do_syscall_64+0x106/0xf80 [ 834.057044][T20947] ? clear_bhb_loop+0x40/0x90 [ 834.057082][T20947] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 834.057113][T20947] RIP: 0033:0x7f639739c799 [ 834.057139][T20947] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 834.057166][T20947] RSP: 002b:00007f63982940e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 834.057193][T20947] RAX: ffffffffffffffda RBX: 00007f6397616098 RCX: 00007f639739c799 [ 834.057213][T20947] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6397616098 [ 834.057230][T20947] RBP: 00007f6397616090 R08: 0000000000000000 R09: 0000000000000000 [ 834.057248][T20947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 834.057266][T20947] R13: 00007f6397616128 R14: 00007fff53ae0a10 R15: 00007fff53ae0af8 [ 834.057304][T20947] [ 834.634097][ T30] audit: type=1800 audit(4294988191.254:347): pid=20953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3026" name="lu_gp_id" dev="configfs" ino=98365 res=0 errno=0 [ 834.887893][T20953] could not allocate digest TFM handle [ 835.471106][T20969] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3031'. [ 835.798971][T20989] FAULT_INJECTION: forcing a failure. [ 835.798971][T20989] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 835.833730][T20989] CPU: 1 UID: 0 PID: 20989 Comm: syz.1.3035 Tainted: G U L syzkaller #0 PREEMPT(full) [ 835.833782][T20989] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 835.833795][T20989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 835.833811][T20989] Call Trace: [ 835.833820][T20989] [ 835.833832][T20989] dump_stack_lvl+0x100/0x190 [ 835.833882][T20989] should_fail_ex.cold+0x5/0xa [ 835.833914][T20989] strncpy_from_user+0x3b/0x2d0 [ 835.833965][T20989] do_getname+0x78/0x390 [ 835.834014][T20989] do_sys_openat2+0xc5/0x1e0 [ 835.834056][T20989] ? __pfx_do_sys_openat2+0x10/0x10 [ 835.834096][T20989] ? do_pselect.constprop.0+0x196/0x270 [ 835.834153][T20989] __x64_sys_openat+0x12d/0x210 [ 835.834202][T20989] ? __pfx___x64_sys_openat+0x10/0x10 [ 835.834254][T20989] do_syscall_64+0x106/0xf80 [ 835.834290][T20989] ? clear_bhb_loop+0x40/0x90 [ 835.834327][T20989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 835.834359][T20989] RIP: 0033:0x7fa72f79c799 [ 835.834384][T20989] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 835.834415][T20989] RSP: 002b:00007fa730580028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 835.834444][T20989] RAX: ffffffffffffffda RBX: 00007fa72fa15fa0 RCX: 00007fa72f79c799 [ 835.834465][T20989] RDX: 0000000000000800 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 835.834484][T20989] RBP: 00007fa72f832c99 R08: 0000000000000000 R09: 0000000000000000 [ 835.834503][T20989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 835.834521][T20989] R13: 00007fa72fa16038 R14: 00007fa72fa15fa0 R15: 00007fff55e9b638 [ 835.834562][T20989] [ 836.894912][T21011] netlink: zone id is out of range [ 836.938604][T21011] netlink: zone id is out of range [ 836.955370][T21011] netlink: zone id is out of range [ 836.960759][T21011] netlink: zone id is out of range [ 837.006078][T21011] netlink: zone id is out of range [ 837.098972][T21011] netlink: zone id is out of range [ 837.134805][T21011] netlink: zone id is out of range [ 837.190099][T21011] netlink: zone id is out of range [ 837.197161][T21017] zswap: compressor not available [ 837.213932][ T30] audit: type=1800 audit(4294988193.822:348): pid=21005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=98537 res=0 errno=0 [ 837.214659][T21011] netlink: zone id is out of range [ 837.291342][T21011] netlink: zone id is out of range [ 839.252168][ T30] audit: type=1800 audit(4294988195.861:349): pid=21067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3051" name="lu_gp_id" dev="configfs" ino=98705 res=0 errno=0 [ 839.460469][T21067] could not allocate digest TFM handle [ 839.685443][T21077] i2c i2c-0: delete_device: Extra parameters [ 839.898518][T21076] Invalid ELF header magic: != ELF [ 840.564964][T21092] futex_wake_op: syz.3.3057 tries to shift op by -2048; fix this program [ 840.633047][T21092] futex_wake_op: syz.3.3057 tries to shift op by -2048; fix this program [ 840.689215][T21092] 0x000000000001-0x000000020000 : "" [ 840.755211][T21092] ftl_cs: FTL header corrupt! [ 840.964366][T21103] Console: switching to colour VGA+ 80x25 [ 842.683469][ T30] audit: type=1800 audit(4294988199.290:350): pid=21124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=98046 res=0 errno=0 [ 843.006606][T21139] i2c i2c-0: delete_device: Extra parameters [ 844.519564][ T30] audit: type=1800 audit(4294988201.129:351): pid=21172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3070" name="lu_gp_id" dev="configfs" ino=98147 res=0 errno=0 [ 845.590398][ T30] audit: type=1800 audit(4294988202.198:352): pid=21189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=98200 res=0 errno=0 [ 845.819085][T21198] i2c i2c-0: delete_device: Extra parameters [ 846.090220][ T30] audit: type=1800 audit(4294988202.698:353): pid=21206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=98235 res=0 errno=0 [ 847.255712][ T30] audit: type=1800 audit(4294988203.857:354): pid=21223 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=98287 res=0 errno=0 [ 847.450931][T21233] Invalid ELF header magic: != ELF [ 847.997344][ T30] audit: type=1800 audit(4294988204.607:355): pid=21247 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3089" name="lu_gp_id" dev="configfs" ino=99377 res=0 errno=0 [ 848.194907][T21247] could not allocate digest TFM handle [ 849.944776][T21280] Setting dangerous option i915.mitigations - tainting kernel [ 849.988912][ T30] audit: type=1800 audit(4294988206.596:356): pid=21277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=99423 res=0 errno=0 [ 850.646494][ T30] audit: type=1800 audit(4294988207.246:357): pid=21287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=99442 res=0 errno=0 [ 851.747615][T21296] ubi0: attaching mtd0 [ 851.779345][T21296] ubi0: scanning is finished [ 851.786142][T21296] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 852.074506][T21296] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 852.475902][ T30] audit: type=1800 audit(4294988209.055:358): pid=21326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=99503 res=0 errno=0 [ 852.671242][T21332] net_ratelimit: 4 callbacks suppressed [ 852.671258][T21332] openvswitch: netlink: VXLAN extension message has 1 unknown bytes. [ 852.688189][T21335] futex_wake_op: syz.1.3104 tries to shift op by -2048; fix this program [ 852.703864][T21335] futex_wake_op: syz.1.3104 tries to shift op by -2048; fix this program [ 852.786462][T21339] 0x000000000001-0x000000020000 : "" [ 852.864428][T21339] ftl_cs: FTL header corrupt! [ 853.143503][T21349] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 853.278840][ T30] audit: type=1800 audit(4294988209.874:359): pid=21347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=99620 res=0 errno=0 [ 854.731038][T21362] ubi0: attaching mtd0 [ 854.747930][T21362] ubi0: scanning is finished [ 854.775647][T21362] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 855.073099][T21362] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 855.931592][T21395] ubi0: attaching mtd0 [ 855.950545][T21395] ubi0: scanning is finished [ 855.961773][T21395] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 856.233536][T21395] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 856.724429][ T30] audit: type=1800 audit(4294988213.333:360): pid=21412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=100757 res=0 errno=0 [ 857.113899][T21428] could not allocate digest TFM handle [ 857.598715][ T30] audit: type=1800 audit(4294988214.202:361): pid=21443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3124" name="lu_gp_id" dev="configfs" ino=100820 res=0 errno=0 [ 857.953065][T21443] could not allocate digest TFM handle [ 858.950653][T15205] Bluetooth: hci2: unknown advertising packet type: 0xea [ 858.950864][T15205] Bluetooth: hci2: unknown advertising packet type: 0xea [ 858.963921][T15205] Bluetooth: hci2: unknown advertising packet type: 0xea [ 858.976225][T15205] Bluetooth: hci2: unknown advertising packet type: 0xea [ 858.984380][T15205] Bluetooth: hci2: unknown advertising packet type: 0xea [ 858.991612][T15205] Bluetooth: hci2: unknown advertising packet type: 0xea [ 858.999910][T15205] Bluetooth: hci2: unknown advertising packet type: 0xea [ 859.007586][T15205] Bluetooth: hci2: unknown advertising packet type: 0xea [ 859.015389][T15205] Bluetooth: hci2: unknown advertising packet type: 0xea [ 859.022862][T15205] Bluetooth: hci2: unknown advertising packet type: 0xea [ 859.279404][ T30] audit: type=1800 audit(4294988215.881:362): pid=21481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3134" name="lu_gp_id" dev="configfs" ino=100953 res=0 errno=0 [ 859.429060][T21468] ubi0: attaching mtd0 [ 859.478369][T21468] ubi0: scanning is finished [ 859.484244][T21468] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 859.540653][T21481] could not allocate digest TFM handle [ 859.696482][T21468] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 860.084473][T21501] snd_virmidi snd_virmidi.0: control 1:-5:4194312:1Յ:0 is already present [ 860.339942][ T30] audit: type=1800 audit(4294988216.941:363): pid=21499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=101013 res=0 errno=0 [ 860.475042][T21513] FAULT_INJECTION: forcing a failure. [ 860.475042][T21513] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 860.504103][T21513] CPU: 1 UID: 0 PID: 21513 Comm: syz.2.3140 Tainted: G U L syzkaller #0 PREEMPT(full) [ 860.504152][T21513] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 860.504162][T21513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 860.504179][T21513] Call Trace: [ 860.504188][T21513] [ 860.504200][T21513] dump_stack_lvl+0x100/0x190 [ 860.504251][T21513] should_fail_ex.cold+0x5/0xa [ 860.504280][T21513] ? prepare_alloc_pages+0x16d/0x5f0 [ 860.504318][T21513] should_fail_alloc_page+0xeb/0x140 [ 860.504351][T21513] prepare_alloc_pages+0x1f0/0x5f0 [ 860.504384][T21513] ? arch_stack_walk+0xa6/0xf0 [ 860.504418][T21513] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 860.504471][T21513] ? stack_trace_save+0x8e/0xc0 [ 860.504502][T21513] ? __pfx_stack_trace_save+0x10/0x10 [ 860.504532][T21513] ? stack_depot_save_flags+0x27/0x9d0 [ 860.504581][T21513] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 860.504625][T21513] ? kasan_save_stack+0x3f/0x50 [ 860.504669][T21513] ? kasan_save_stack+0x30/0x50 [ 860.504710][T21513] ? kasan_save_track+0x14/0x30 [ 860.504752][T21513] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 860.504794][T21513] ? walk_pgd_range+0x896/0x1eb0 [ 860.504841][T21513] ? __walk_page_range+0x163/0x820 [ 860.504882][T21513] ? walk_page_range_vma_unsafe+0x209/0x8f0 [ 860.504927][T21513] ? madvise_guard_install+0x43f/0x7c0 [ 860.504958][T21513] ? madvise_vma_behavior+0x11f1/0x3050 [ 860.504991][T21513] ? madvise_walk_vmas+0x71c/0xa90 [ 860.505021][T21513] ? madvise_do_behavior+0x1ea/0x510 [ 860.505053][T21513] ? do_madvise+0x195/0x240 [ 860.505083][T21513] ? __x64_sys_madvise+0xa9/0x110 [ 860.505130][T21513] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 860.505173][T21513] ? policy_nodemask+0xed/0x4f0 [ 860.505203][T21513] alloc_pages_mpol+0x1fb/0x550 [ 860.505232][T21513] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 860.505272][T21513] alloc_pages_noprof+0x131/0x390 [ 860.505306][T21513] pte_alloc_one+0x1c/0x3d0 [ 860.505337][T21513] __pte_alloc+0x6d/0x3e0 [ 860.505365][T21513] ? __pfx___pte_alloc+0x10/0x10 [ 860.505390][T21513] ? _raw_spin_unlock+0x28/0x50 [ 860.505418][T21513] ? __pmd_alloc+0x3fb/0x950 [ 860.505449][T21513] walk_pgd_range+0xb83/0x1eb0 [ 860.505491][T21513] ? __pfx_guard_install_set_pte+0x10/0x10 [ 860.505518][T21513] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 860.505551][T21513] ? __pfx_guard_install_set_pte+0x10/0x10 [ 860.505597][T21513] ? __pfx_guard_install_set_pte+0x10/0x10 [ 860.505626][T21513] ? __pfx_guard_install_set_pte+0x10/0x10 [ 860.505657][T21513] ? __pfx_walk_pgd_range+0x10/0x10 [ 860.505722][T21513] __walk_page_range+0x163/0x820 [ 860.505763][T21513] ? process_measurement+0x4c8/0x2350 [ 860.505897][T21513] walk_page_range_vma_unsafe+0x209/0x8f0 [ 860.505944][T21513] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 860.505987][T21513] ? __pfx_css_rstat_updated+0x10/0x10 [ 860.506030][T21513] madvise_guard_install+0x43f/0x7c0 [ 860.506067][T21513] ? __pfx_madvise_guard_install+0x10/0x10 [ 860.506100][T21513] ? __pfx_guard_install_pud_entry+0x10/0x10 [ 860.506127][T21513] ? __pfx_guard_install_pmd_entry+0x10/0x10 [ 860.506153][T21513] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 860.506185][T21513] ? __pfx_guard_install_set_pte+0x10/0x10 [ 860.506216][T21513] ? __lock_acquire+0x4a5/0x2630 [ 860.506252][T21513] madvise_vma_behavior+0x11f1/0x3050 [ 860.506287][T21513] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 860.506318][T21513] ? reacquire_held_locks+0xce/0x1e0 [ 860.506350][T21513] ? lock_vma_under_rcu+0x11d/0x590 [ 860.506391][T21513] ? lock_vma_under_rcu+0x17c/0x590 [ 860.506429][T21513] ? lock_vma_under_rcu+0x25/0x590 [ 860.506461][T21513] ? lock_vma_under_rcu+0x1f9/0x590 [ 860.506493][T21513] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 860.506537][T21513] ? __futex_wait+0x256/0x300 [ 860.506591][T21513] madvise_walk_vmas+0x71c/0xa90 [ 860.506628][T21513] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 860.506660][T21513] ? futex_hash+0x2c5/0x380 [ 860.506695][T21513] madvise_do_behavior+0x1ea/0x510 [ 860.506730][T21513] ? __pfx_madvise_do_behavior+0x10/0x10 [ 860.506760][T21513] ? futex_wait+0x125/0x380 [ 860.506807][T21513] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 860.506853][T21513] do_madvise+0x195/0x240 [ 860.506882][T21513] ? __pfx_do_madvise+0x10/0x10 [ 860.506911][T21513] ? do_futex+0x192/0x350 [ 860.506948][T21513] ? find_held_lock+0x2b/0x80 [ 860.506994][T21513] __x64_sys_madvise+0xa9/0x110 [ 860.507023][T21513] ? lockdep_hardirqs_on+0x78/0x100 [ 860.507055][T21513] do_syscall_64+0x106/0xf80 [ 860.507086][T21513] ? clear_bhb_loop+0x40/0x90 [ 860.507120][T21513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 860.507147][T21513] RIP: 0033:0x7ff35599c799 [ 860.507171][T21513] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 860.507200][T21513] RSP: 002b:00007ff35682e028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 860.507225][T21513] RAX: ffffffffffffffda RBX: 00007ff355c16090 RCX: 00007ff35599c799 [ 860.507243][T21513] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 860.507259][T21513] RBP: 00007ff355a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 860.507275][T21513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 860.507291][T21513] R13: 00007ff355c16128 R14: 00007ff355c16090 R15: 00007fffd98b50f8 [ 860.507325][T21513] [ 861.464675][T21515] could not allocate digest TFM handle [ 862.713898][ T30] audit: type=1800 audit(4294988219.310:364): pid=21557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3147" name="lu_gp_id" dev="configfs" ino=100107 res=0 errno=0 [ 862.872978][T21556] vivid-007: ================= START STATUS ================= [ 862.921917][T21556] vivid-007: Generate PTS: true [ 862.930678][T21556] vivid-007: Generate SCR: true [ 862.982986][T21556] tpg source WxH: 320x240 (Y'CbCr) [ 863.005349][T21557] could not allocate digest TFM handle [ 863.021593][T21556] tpg field: 1 [ 863.037404][T21556] tpg crop: (0,0)/320x240 [ 863.056166][T21556] tpg compose: (0,0)/320x240 [ 863.119835][T21556] tpg colorspace: 8 [ 863.165386][T21556] tpg transfer function: 0/0 [ 863.170024][T21556] tpg Y'CbCr encoding: 0/0 [ 863.234133][T21556] tpg quantization: 0/0 [ 863.257526][T21556] tpg RGB range: 0/2 [ 863.261663][T21556] vivid-007: ================== END STATUS ================== [ 863.281821][T21573] misc userio: Invalid payload size [ 863.726882][T21587] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 863.991070][ T30] audit: type=1800 audit(4294988220.589:365): pid=21595 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3153" name="lu_gp_id" dev="configfs" ino=101371 res=0 errno=0 [ 864.289299][T21595] could not allocate digest TFM handle [ 864.917900][T21622] NFSD: Failed to start, no listeners configured. [ 865.915157][ T30] audit: type=1800 audit(4294988222.508:366): pid=21625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=101474 res=0 errno=0 [ 868.030444][T21677] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 868.055543][T21679] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 868.690981][ T30] audit: type=1800 audit(4294988225.287:367): pid=21687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=101593 res=0 errno=0 [ 870.446070][T21733] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 870.713025][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.727143][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 871.684199][T21776] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3188'. [ 871.773120][ T30] audit: type=1800 audit(4294988228.365:368): pid=21768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=101794 res=0 errno=0 [ 872.369218][T21797] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3195'. [ 872.430601][T21797] netlink: 472 bytes leftover after parsing attributes in process `syz.3.3195'. [ 873.160867][ T30] audit: type=1800 audit(4294988229.734:369): pid=21828 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=102834 res=0 errno=0 [ 874.170317][T21845] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3205'. [ 874.446693][T21861] FAULT_INJECTION: forcing a failure. [ 874.446693][T21861] name failslab, interval 1, probability 0, space 0, times 0 [ 874.501505][T21861] CPU: 0 UID: 0 PID: 21861 Comm: syz.0.3212 Tainted: G U L syzkaller #0 PREEMPT(full) [ 874.501555][T21861] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 874.501566][T21861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 874.501584][T21861] Call Trace: [ 874.501594][T21861] [ 874.501616][T21861] dump_stack_lvl+0x100/0x190 [ 874.501667][T21861] should_fail_ex.cold+0x5/0xa [ 874.501699][T21861] ? tomoyo_realpath_from_path+0xb6/0x690 [ 874.501734][T21861] should_failslab+0xc2/0x120 [ 874.501764][T21861] __kmalloc_noprof+0xe0/0x850 [ 874.501816][T21861] tomoyo_realpath_from_path+0xb6/0x690 [ 874.501860][T21861] tomoyo_check_open_permission+0x2af/0x3c0 [ 874.501908][T21861] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 874.501954][T21861] ? ima_calc_file_hash+0x2ad/0x480 [ 874.501997][T21861] ? ima_file_check+0xcc/0x120 [ 874.502030][T21861] ? security_file_post_open+0xc4/0x210 [ 874.502102][T21861] ? lock_acquire+0x1cf/0x380 [ 874.502139][T21861] ? find_held_lock+0x2b/0x80 [ 874.502176][T21861] tomoyo_file_open+0x6b/0x90 [ 874.502218][T21861] security_file_open+0xb5/0x1e0 [ 874.502251][T21861] do_dentry_open+0x5aa/0x1660 [ 874.502294][T21861] vfs_open+0x82/0x3f0 [ 874.502336][T21861] dentry_open+0x71/0xd0 [ 874.502372][T21861] ima_calc_file_hash+0x2ad/0x480 [ 874.502419][T21861] ima_collect_measurement+0x887/0xa40 [ 874.502480][T21861] ? __pfx_ima_collect_measurement+0x10/0x10 [ 874.502528][T21861] ? lock_acquire+0x1cf/0x380 [ 874.502586][T21861] ? process_measurement+0x5ab/0x2350 [ 874.502634][T21861] ? is_bad_inode+0xd/0x40 [ 874.502676][T21861] ? xattr_resolve_name+0x27d/0x3f0 [ 874.502730][T21861] ? vfs_getxattr_alloc+0xec/0x350 [ 874.502768][T21861] ? ima_get_hash_algo+0x22d/0x400 [ 874.502848][T21861] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 874.502893][T21861] ? process_measurement+0xdfe/0x2350 [ 874.502926][T21861] process_measurement+0xdfe/0x2350 [ 874.502974][T21861] ? __pfx_process_measurement+0x10/0x10 [ 874.503022][T21861] ? find_held_lock+0x2b/0x80 [ 874.503049][T21861] ? rcu_read_unlock+0x17/0x60 [ 874.503076][T21861] ? rcu_read_unlock+0x17/0x60 [ 874.503129][T21861] ? mutex_init_lockep+0x110/0x150 [ 874.503153][T21861] ? seq_open+0x116/0x170 [ 874.503172][T21861] ? inode_to_bdi+0x9e/0x160 [ 874.503189][T21861] ima_file_check+0xcc/0x120 [ 874.503211][T21861] ? __pfx_ima_file_check+0x10/0x10 [ 874.503236][T21861] security_file_post_open+0xc4/0x210 [ 874.503261][T21861] path_openat+0x1418/0x31a0 [ 874.503284][T21861] ? __pfx_path_openat+0x10/0x10 [ 874.503306][T21861] do_file_open+0x20e/0x430 [ 874.503324][T21861] ? __pfx_do_file_open+0x10/0x10 [ 874.503353][T21861] ? alloc_fd+0x476/0x790 [ 874.503370][T21861] ? do_getname+0x191/0x390 [ 874.503390][T21861] do_sys_openat2+0x10d/0x1e0 [ 874.503410][T21861] ? __pfx_do_sys_openat2+0x10/0x10 [ 874.503437][T21861] __x64_sys_openat+0x12d/0x210 [ 874.503457][T21861] ? __pfx___x64_sys_openat+0x10/0x10 [ 874.503484][T21861] do_syscall_64+0x106/0xf80 [ 874.503502][T21861] ? clear_bhb_loop+0x40/0x90 [ 874.503522][T21861] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 874.503539][T21861] RIP: 0033:0x7f3f5959c799 [ 874.503554][T21861] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 874.503569][T21861] RSP: 002b:00007f3f5a479028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 874.503585][T21861] RAX: ffffffffffffffda RBX: 00007f3f59816180 RCX: 00007f3f5959c799 [ 874.503604][T21861] RDX: 0000000000020803 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 874.503616][T21861] RBP: 00007f3f59632c99 R08: 0000000000000000 R09: 0000000000000000 [ 874.503626][T21861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 874.503636][T21861] R13: 00007f3f59816218 R14: 00007f3f59816180 R15: 00007ffce20e4048 [ 874.503657][T21861] [ 874.503765][T21861] ERROR: Out of memory at tomoyo_realpath_from_path. [ 875.347174][ T30] audit: type=1800 audit(4294988231.943:370): pid=21874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3214" name="lu_gp_id" dev="configfs" ino=102991 res=0 errno=0 [ 875.548364][T21880] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3216'. [ 877.460345][T21937] NFSD: Failed to start, no listeners configured. [ 877.478709][ T30] audit: type=1800 audit(4294988234.072:371): pid=21953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=103195 res=0 errno=0 [ 878.906799][T21966] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 878.977875][T21966] File: /dev/mtdblock0 PID: 21966 Comm: syz.1.3233 [ 879.678593][T21983] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 879.951021][ T30] audit: type=1800 audit(4294988236.541:372): pid=21990 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3239" name="lu_gp_id" dev="configfs" ino=102384 res=0 errno=0 [ 880.016971][T21995] futex_wake_op: syz.0.3241 tries to shift op by -2048; fix this program [ 880.052891][T21995] futex_wake_op: syz.0.3241 tries to shift op by -2048; fix this program [ 880.083381][T21995] 0x000000000001-0x000000020000 : "" [ 880.108710][T21995] ftl_cs: FTL header corrupt! [ 880.280087][T21990] could not allocate digest TFM handle [ 880.308594][T22001] binder: 21998:22001 unknown command 537396514 [ 880.339548][T22001] binder: 21998:22001 ioctl c0306201 0 returned -22 [ 880.458145][T22001] netlink: 93 bytes leftover after parsing attributes in process `syz.3.3242'. [ 880.699703][T22016] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3245'. [ 880.820448][ T30] audit: type=1800 audit(4294988237.411:373): pid=22020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=103527 res=0 errno=0 [ 881.538024][T22035] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3248'. [ 881.617705][T22025] could not allocate digest TFM handle [ 882.594483][ T30] audit: type=1800 audit(4294988239.170:374): pid=22072 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=103693 res=0 errno=0 [ 883.470281][T22080] FAULT_INJECTION: forcing a failure. [ 883.470281][T22080] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 883.504267][T22080] CPU: 1 UID: 0 PID: 22080 Comm: syz.1.3257 Tainted: G U L syzkaller #0 PREEMPT(full) [ 883.504313][T22080] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 883.504324][T22080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 883.504340][T22080] Call Trace: [ 883.504349][T22080] [ 883.504360][T22080] dump_stack_lvl+0x100/0x190 [ 883.504411][T22080] should_fail_ex.cold+0x5/0xa [ 883.504440][T22080] ? prepare_alloc_pages+0x16d/0x5f0 [ 883.504477][T22080] should_fail_alloc_page+0xeb/0x140 [ 883.504511][T22080] prepare_alloc_pages+0x1f0/0x5f0 [ 883.504542][T22080] ? arch_stack_walk+0xa6/0xf0 [ 883.504575][T22080] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 883.504627][T22080] ? stack_trace_save+0x8e/0xc0 [ 883.504656][T22080] ? __pfx_stack_trace_save+0x10/0x10 [ 883.504685][T22080] ? stack_depot_save_flags+0x27/0x9d0 [ 883.504724][T22080] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 883.504767][T22080] ? kasan_save_stack+0x3f/0x50 [ 883.504804][T22080] ? kasan_save_stack+0x30/0x50 [ 883.504843][T22080] ? kasan_save_track+0x14/0x30 [ 883.504885][T22080] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 883.504928][T22080] ? walk_pgd_range+0x896/0x1eb0 [ 883.504968][T22080] ? __walk_page_range+0x163/0x820 [ 883.505009][T22080] ? walk_page_range_vma_unsafe+0x209/0x8f0 [ 883.505062][T22080] ? madvise_guard_install+0x43f/0x7c0 [ 883.505093][T22080] ? madvise_vma_behavior+0x11f1/0x3050 [ 883.505126][T22080] ? madvise_walk_vmas+0x71c/0xa90 [ 883.505157][T22080] ? madvise_do_behavior+0x1ea/0x510 [ 883.505188][T22080] ? do_madvise+0x195/0x240 [ 883.505218][T22080] ? __x64_sys_madvise+0xa9/0x110 [ 883.505270][T22080] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 883.505319][T22080] ? policy_nodemask+0xed/0x4f0 [ 883.505355][T22080] alloc_pages_mpol+0x1fb/0x550 [ 883.505387][T22080] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 883.505434][T22080] alloc_pages_noprof+0x131/0x390 [ 883.505467][T22080] pte_alloc_one+0x1c/0x3d0 [ 883.505499][T22080] __pte_alloc+0x6d/0x3e0 [ 883.505527][T22080] ? __pfx___pte_alloc+0x10/0x10 [ 883.505558][T22080] ? _raw_spin_unlock+0x28/0x50 [ 883.505588][T22080] ? __pmd_alloc+0x3fb/0x950 [ 883.505624][T22080] walk_pgd_range+0xb83/0x1eb0 [ 883.505675][T22080] ? __pfx_guard_install_set_pte+0x10/0x10 [ 883.505707][T22080] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 883.505743][T22080] ? __pfx_guard_install_set_pte+0x10/0x10 [ 883.505778][T22080] ? __pfx_guard_install_set_pte+0x10/0x10 [ 883.505811][T22080] ? __pfx_guard_install_set_pte+0x10/0x10 [ 883.505849][T22080] ? __pfx_walk_pgd_range+0x10/0x10 [ 883.505903][T22080] __walk_page_range+0x163/0x820 [ 883.505949][T22080] ? process_measurement+0x4c8/0x2350 [ 883.506004][T22080] walk_page_range_vma_unsafe+0x209/0x8f0 [ 883.506064][T22080] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 883.506112][T22080] ? __pfx_css_rstat_updated+0x10/0x10 [ 883.506161][T22080] madvise_guard_install+0x43f/0x7c0 [ 883.506204][T22080] ? __pfx_madvise_guard_install+0x10/0x10 [ 883.506242][T22080] ? __pfx_guard_install_pud_entry+0x10/0x10 [ 883.506272][T22080] ? __pfx_guard_install_pmd_entry+0x10/0x10 [ 883.506303][T22080] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 883.506340][T22080] ? __pfx_guard_install_set_pte+0x10/0x10 [ 883.506375][T22080] ? __lock_acquire+0x4a5/0x2630 [ 883.506416][T22080] madvise_vma_behavior+0x11f1/0x3050 [ 883.506456][T22080] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 883.506491][T22080] ? reacquire_held_locks+0xce/0x1e0 [ 883.506526][T22080] ? lock_vma_under_rcu+0x11d/0x590 [ 883.506573][T22080] ? lock_vma_under_rcu+0x17c/0x590 [ 883.506615][T22080] ? lock_vma_under_rcu+0x25/0x590 [ 883.506652][T22080] ? lock_vma_under_rcu+0x1f9/0x590 [ 883.506689][T22080] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 883.506739][T22080] ? __futex_wait+0x256/0x300 [ 883.506789][T22080] madvise_walk_vmas+0x71c/0xa90 [ 883.506830][T22080] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 883.506867][T22080] ? find_held_lock+0x2b/0x80 [ 883.506899][T22080] madvise_do_behavior+0x1ea/0x510 [ 883.506937][T22080] ? __pfx_madvise_do_behavior+0x10/0x10 [ 883.506970][T22080] ? futex_wait+0x125/0x380 [ 883.507030][T22080] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 883.507083][T22080] do_madvise+0x195/0x240 [ 883.507122][T22080] ? __pfx_do_madvise+0x10/0x10 [ 883.507156][T22080] ? do_futex+0x192/0x350 [ 883.507200][T22080] ? find_held_lock+0x2b/0x80 [ 883.507253][T22080] __x64_sys_madvise+0xa9/0x110 [ 883.507287][T22080] ? lockdep_hardirqs_on+0x78/0x100 [ 883.507322][T22080] do_syscall_64+0x106/0xf80 [ 883.507356][T22080] ? clear_bhb_loop+0x40/0x90 [ 883.507392][T22080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 883.507422][T22080] RIP: 0033:0x7fa72f79c799 [ 883.507448][T22080] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 883.507476][T22080] RSP: 002b:00007fa72d9f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 883.507506][T22080] RAX: ffffffffffffffda RBX: 00007fa72fa16090 RCX: 00007fa72f79c799 [ 883.507526][T22080] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 883.507544][T22080] RBP: 00007fa72f832c99 R08: 0000000000000000 R09: 0000000000000000 [ 883.507562][T22080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 883.507579][T22080] R13: 00007fa72fa16128 R14: 00007fa72fa16090 R15: 00007fff55e9b638 [ 883.507619][T22080] [ 884.674332][ T30] audit: type=1800 audit(4294988241.259:375): pid=22082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=104457 res=0 errno=0 [ 885.320455][ T30] audit: type=1800 audit(4294988241.908:376): pid=22088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=104494 res=0 errno=0 [ 886.116852][T22120] binder: 22118:22120 ioctl c018620c 0 returned -1 [ 886.468771][ T30] audit: type=1800 audit(4294988243.058:377): pid=22130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=104530 res=0 errno=0 [ 887.465879][T22141] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 888.119574][T22152] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 889.089651][T22147] NFSD: Failed to start, no listeners configured. [ 889.291658][ T30] audit: type=1800 audit(4294988245.836:378): pid=22161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=103996 res=0 errno=0 [ 890.696822][ T30] audit: type=1800 audit(4294988247.276:379): pid=22196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3282" name="lu_gp_id" dev="configfs" ino=104727 res=0 errno=0 [ 890.874235][T22196] could not allocate digest TFM handle [ 891.375117][T22207] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 891.472723][T22208] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 891.762395][ T30] audit: type=1800 audit(4294988248.345:380): pid=22222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=104134 res=0 errno=0 [ 891.910925][ T30] audit: type=1800 audit(4294988248.485:381): pid=22230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3291" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 892.231603][T22238] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 892.968142][T22254] FAULT_INJECTION: forcing a failure. [ 892.968142][T22254] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 893.019350][T22254] CPU: 1 UID: 0 PID: 22254 Comm: syz.2.3295 Tainted: G U L syzkaller #0 PREEMPT(full) [ 893.019399][T22254] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 893.019410][T22254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 893.019427][T22254] Call Trace: [ 893.019437][T22254] [ 893.019448][T22254] dump_stack_lvl+0x100/0x190 [ 893.019494][T22254] should_fail_ex.cold+0x5/0xa [ 893.019527][T22254] _copy_to_iter+0x5a4/0x1720 [ 893.019653][T22254] ? __pfx__copy_to_iter+0x10/0x10 [ 893.019695][T22254] ? __asan_memcpy+0x3c/0x60 [ 893.019746][T22254] seq_read_iter+0xdab/0x1270 [ 893.019802][T22254] seq_read+0x33b/0x4c0 [ 893.019841][T22254] ? __pfx_seq_read+0x10/0x10 [ 893.019904][T22254] full_proxy_read+0x135/0x1a0 [ 893.019995][T22254] ? __pfx_full_proxy_read+0x10/0x10 [ 893.020029][T22254] vfs_read+0x1e4/0xb30 [ 893.020074][T22254] ? __pfx_vfs_read+0x10/0x10 [ 893.020113][T22254] ? __fget_files+0x215/0x3d0 [ 893.020148][T22254] ? __fget_files+0x21f/0x3d0 [ 893.020186][T22254] ksys_read+0x12a/0x250 [ 893.020226][T22254] ? __pfx_ksys_read+0x10/0x10 [ 893.020278][T22254] do_syscall_64+0x106/0xf80 [ 893.020321][T22254] ? clear_bhb_loop+0x40/0x90 [ 893.020357][T22254] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 893.020386][T22254] RIP: 0033:0x7ff35599c799 [ 893.020410][T22254] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 893.020438][T22254] RSP: 002b:00007ff35684f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 893.020465][T22254] RAX: ffffffffffffffda RBX: 00007ff355c15fa0 RCX: 00007ff35599c799 [ 893.020484][T22254] RDX: 0000000000000012 RSI: 0000200000000080 RDI: 0000000000000003 [ 893.020501][T22254] RBP: 00007ff35684f090 R08: 0000000000000000 R09: 0000000000000000 [ 893.020519][T22254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 893.020536][T22254] R13: 00007ff355c16038 R14: 00007ff355c15fa0 R15: 00007fffd98b50f8 [ 893.020576][T22254] [ 893.730669][T22269] block nbd8: Unsupported socket: should be TCP or UNIX. [ 894.102263][ T30] audit: type=1800 audit(4294989273.678:382): pid=22280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3298" name="lu_gp_id" dev="configfs" ino=104856 res=0 errno=0 [ 894.405352][T22280] could not allocate digest TFM handle [ 894.571724][T22282] hub 1-0:1.0: USB hub found [ 894.620125][T22282] hub 1-0:1.0: 1 port detected [ 895.117971][T22302] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 895.360896][T22309] FAULT_INJECTION: forcing a failure. [ 895.360896][T22309] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 895.435125][T22309] CPU: 1 UID: 0 PID: 22309 Comm: syz.1.3306 Tainted: G U L syzkaller #0 PREEMPT(full) [ 895.435168][T22309] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 895.435177][T22309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 895.435199][T22309] Call Trace: [ 895.435208][T22309] [ 895.435218][T22309] dump_stack_lvl+0x100/0x190 [ 895.435260][T22309] should_fail_ex.cold+0x5/0xa [ 895.435291][T22309] _copy_to_user+0x32/0xd0 [ 895.435320][T22309] simple_read_from_buffer+0xcb/0x170 [ 895.435360][T22309] proc_fail_nth_read+0x1af/0x230 [ 895.435396][T22309] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 895.435431][T22309] ? rw_verify_area+0xce/0x6d0 [ 895.435467][T22309] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 895.435497][T22309] vfs_read+0x1e4/0xb30 [ 895.435539][T22309] ? __pfx_vfs_read+0x10/0x10 [ 895.435575][T22309] ? __fget_files+0x215/0x3d0 [ 895.435605][T22309] ? __fget_files+0x21f/0x3d0 [ 895.435638][T22309] ksys_read+0x12a/0x250 [ 895.435674][T22309] ? __pfx_ksys_read+0x10/0x10 [ 895.435726][T22309] do_syscall_64+0x106/0xf80 [ 895.435753][T22309] ? clear_bhb_loop+0x40/0x90 [ 895.435785][T22309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 895.435813][T22309] RIP: 0033:0x7fa72f75cfce [ 895.435840][T22309] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 895.435867][T22309] RSP: 002b:00007fa73057ffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 895.435892][T22309] RAX: ffffffffffffffda RBX: 00007fa7305806c0 RCX: 00007fa72f75cfce [ 895.435911][T22309] RDX: 000000000000000f RSI: 00007fa7305800a0 RDI: 0000000000000004 [ 895.435927][T22309] RBP: 00007fa730580090 R08: 0000000000000000 R09: 0000000000000000 [ 895.435943][T22309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 895.435960][T22309] R13: 00007fa72fa16038 R14: 00007fa72fa15fa0 R15: 00007fff55e9b638 [ 895.435997][T22309] [ 895.759150][ T30] audit: type=1800 audit(4294989275.317:383): pid=22315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=104914 res=0 errno=0 [ 895.955283][T22313] could not allocate digest TFM handle [ 896.011850][T22327] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 896.029749][T22327] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 896.256001][T22330] can: request_module (can-proto-4) failed. [ 896.981296][ T30] audit: type=1800 audit(4294989276.566:384): pid=22365 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=105771 res=0 errno=0 [ 897.634647][T22379] binder: 22378:22379 ioctl c018620c 2000000000c0 returned -22 [ 898.031790][ T6272] ------------[ cut here ]------------ [ 898.038224][ T6272] wlan0: Failed check-sdata-in-driver check, flags: 0x0 [ 898.045962][ T6272] WARNING: net/mac80211/driver-ops.h:1723 at ieee80211_set_active_links+0x2d0/0x9d0, CPU#0: kworker/u10:2/6272 [ 898.058887][ T6272] Modules linked in: [ 898.064589][ T6272] CPU: 0 UID: 0 PID: 6272 Comm: kworker/u10:2 Tainted: G U L syzkaller #0 PREEMPT(full) [ 898.076230][ T6272] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 898.081667][ T6272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 898.093136][ T6272] Workqueue: events_unbound cfg80211_wiphy_work [ 898.100265][ T6272] RIP: 0010:ieee80211_set_active_links+0x2d7/0x9d0 [ 898.107796][ T6272] Code: 06 00 00 e8 8b 8a 05 f7 48 8b 34 24 48 81 c6 20 01 00 00 48 89 34 24 e8 77 8a 05 f7 48 8d 3d c0 ea e7 05 48 8b 34 24 44 89 fa <67> 48 0f b9 3a e9 e0 fe ff ff e8 5a 8a 05 f7 0f b7 c5 4c 8d bb 30 [ 898.129974][ T6272] RSP: 0018:ffffc9000ef0faf0 EFLAGS: 00010293 [ 898.137150][ T6272] RAX: 0000000000000000 RBX: ffff888145ae2a90 RCX: ffffffff8b028aae [ 898.146003][ T6272] RDX: 0000000000000000 RSI: ffff888145ae0120 RDI: ffffffff90ea75d0 [ 898.155074][ T6272] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 898.163701][ T6272] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888145ae17f8 [ 898.172604][ T6272] R13: 0000000000000000 R14: ffff888029458e80 R15: 0000000000000000 [ 898.180662][ T6272] FS: 0000000000000000(0000) GS:ffff88812434d000(0000) knlGS:0000000000000000 [ 898.192227][ T6272] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 898.198969][ T6272] CR2: 0000001b31118ff8 CR3: 000000000e598000 CR4: 00000000003526f0 [ 898.208177][ T6272] Call Trace: [ 898.211680][ T6272] [ 898.214839][ T6272] ? __lock_acquire+0x4a5/0x2630 [ 898.220012][ T6272] ieee80211_if_parse_active_links+0xbb/0x120 [ 898.226741][ T6272] ? __pfx_ieee80211_if_parse_active_links+0x10/0x10 [ 898.234158][ T6272] ? __pfx___lockdep_free_key_range+0x1/0x10 [ 898.240358][ T6272] ? ieee80211_if_write_sdata_handler+0x1a/0x90 [ 898.247802][ T6272] ? __pfx_ieee80211_if_write_sdata_handler+0x10/0x10 [ 898.256057][ T6272] wiphy_locked_debugfs_write_work+0xe6/0x1c0 [ 898.264264][ T6272] ? trace_wiphy_work_run+0x73/0x240 [ 898.270194][ T6272] cfg80211_wiphy_work+0x446/0x5c0 [ 898.275923][ T6272] process_one_work+0x9d7/0x1920 [ 898.281188][ T6272] ? __pfx_process_one_work+0x10/0x10 [ 898.287993][ T6272] ? __pfx_cfg80211_wiphy_work+0x10/0x10 [ 898.294718][ T6272] worker_thread+0x5da/0xe40 [ 898.299480][ T6272] ? kthread+0x13a/0x450 [ 898.304171][ T6272] ? __pfx_worker_thread+0x10/0x10 [ 898.309520][ T6272] kthread+0x370/0x450 [ 898.313800][ T6272] ? __pfx_kthread+0x10/0x10 [ 898.318628][ T6272] ret_from_fork+0x754/0xd80 [ 898.323793][ T6272] ? __pfx_ret_from_fork+0x10/0x10 [ 898.329177][ T6272] ? rcu_is_watching+0x12/0xc0 [ 898.334937][ T6272] ? __switch_to+0x7b4/0x1120 [ 898.340156][ T6272] ? __pfx_kthread+0x10/0x10 [ 898.345807][ T6272] ret_from_fork_asm+0x1a/0x30 [ 898.350889][ T6272] [ 898.354185][ T6272] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 898.361689][ T6272] CPU: 0 UID: 0 PID: 6272 Comm: kworker/u10:2 Tainted: G U L syzkaller #0 PREEMPT(full) [ 898.373198][ T6272] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 898.379126][ T6272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 898.390278][ T6272] Workqueue: events_unbound cfg80211_wiphy_work [ 898.396873][ T6272] Call Trace: [ 898.400594][ T6272] [ 898.403531][ T6272] dump_stack_lvl+0x100/0x190 [ 898.409256][ T6272] vpanic+0x552/0x970 [ 898.413715][ T6272] ? __pfx_vpanic+0x10/0x10 [ 898.418699][ T6272] panic+0xd1/0xe0 [ 898.422441][ T6272] ? __pfx_panic+0x10/0x10 [ 898.427136][ T6272] ? check_panic_on_warn+0x1f/0x90 [ 898.432451][ T6272] check_panic_on_warn.cold+0x19/0x34 [ 898.437866][ T6272] ? ieee80211_set_active_links+0x2d0/0x9d0 [ 898.445168][ T6272] __warn.cold+0x191/0x348 [ 898.449822][ T6272] __report_bug+0x296/0x3d0 [ 898.454806][ T6272] ? ieee80211_set_active_links+0x2d0/0x9d0 [ 898.461169][ T6272] ? __pfx___report_bug+0x10/0x10 [ 898.466296][ T6272] ? __lock_acquire+0x4a5/0x2630 [ 898.471453][ T6272] ? ieee80211_set_active_links+0x26e/0x9d0 [ 898.477943][ T6272] ? __mod_timer+0x409/0xca0 [ 898.482568][ T6272] ? __mod_timer+0x409/0xca0 [ 898.487226][ T6272] report_bug_entry+0xe1/0x290 [ 898.492415][ T6272] ? ieee80211_set_active_links+0x2d7/0x9d0 [ 898.498554][ T6272] handle_bug+0x1cd/0x2a0 [ 898.502926][ T6272] exc_invalid_op+0x17/0x50 [ 898.507565][ T6272] asm_exc_invalid_op+0x1a/0x20 [ 898.512741][ T6272] RIP: 0010:ieee80211_set_active_links+0x2d7/0x9d0 [ 898.519708][ T6272] Code: 06 00 00 e8 8b 8a 05 f7 48 8b 34 24 48 81 c6 20 01 00 00 48 89 34 24 e8 77 8a 05 f7 48 8d 3d c0 ea e7 05 48 8b 34 24 44 89 fa <67> 48 0f b9 3a e9 e0 fe ff ff e8 5a 8a 05 f7 0f b7 c5 4c 8d bb 30 [ 898.540727][ T6272] RSP: 0018:ffffc9000ef0faf0 EFLAGS: 00010293 [ 898.546874][ T6272] RAX: 0000000000000000 RBX: ffff888145ae2a90 RCX: ffffffff8b028aae [ 898.555414][ T6272] RDX: 0000000000000000 RSI: ffff888145ae0120 RDI: ffffffff90ea75d0 [ 898.563957][ T6272] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000 [ 898.572272][ T6272] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888145ae17f8 [ 898.581137][ T6272] R13: 0000000000000000 R14: ffff888029458e80 R15: 0000000000000000 [ 898.589336][ T6272] ? ieee80211_set_active_links+0x26e/0x9d0 [ 898.595614][ T6272] ? __lock_acquire+0x4a5/0x2630 [ 898.600948][ T6272] ieee80211_if_parse_active_links+0xbb/0x120 [ 898.607882][ T6272] ? __pfx_ieee80211_if_parse_active_links+0x10/0x10 [ 898.615864][ T6272] ? __pfx___lockdep_free_key_range+0x1/0x10 [ 898.622923][ T6272] ? ieee80211_if_write_sdata_handler+0x1a/0x90 [ 898.629810][ T6272] ? __pfx_ieee80211_if_write_sdata_handler+0x10/0x10 [ 898.637403][ T6272] wiphy_locked_debugfs_write_work+0xe6/0x1c0 [ 898.645617][ T6272] ? trace_wiphy_work_run+0x73/0x240 [ 898.651288][ T6272] cfg80211_wiphy_work+0x446/0x5c0 [ 898.658610][ T6272] process_one_work+0x9d7/0x1920 [ 898.664250][ T6272] ? __pfx_process_one_work+0x10/0x10 [ 898.670351][ T6272] ? __pfx_cfg80211_wiphy_work+0x10/0x10 [ 898.676198][ T6272] worker_thread+0x5da/0xe40 [ 898.681693][ T6272] ? kthread+0x13a/0x450 [ 898.686358][ T6272] ? __pfx_worker_thread+0x10/0x10 [ 898.692012][ T6272] kthread+0x370/0x450 [ 898.696175][ T6272] ? __pfx_kthread+0x10/0x10 [ 898.701575][ T6272] ret_from_fork+0x754/0xd80 [ 898.706656][ T6272] ? __pfx_ret_from_fork+0x10/0x10 [ 898.712280][ T6272] ? rcu_is_watching+0x12/0xc0 [ 898.717500][ T6272] ? __switch_to+0x7b4/0x1120 [ 898.723037][ T6272] ? __pfx_kthread+0x10/0x10 [ 898.728176][ T6272] ret_from_fork_asm+0x1a/0x30 [ 898.733190][ T6272] [ 898.736925][ T6272] Kernel Offset: disabled [ 898.742049][ T6272] Rebooting in 86400 seconds..