last executing test programs: 10.741267337s ago: executing program 3 (id=2434): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff010}}) write$auto(0x3, 0x0, 0x4) 10.348476005s ago: executing program 3 (id=2436): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/admmidi2\x00', 0x88042, 0x0) read$auto(r0, 0x0, 0x20) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x8002, 0x0) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(0xffffffffffffffff, 0x1, 0x0) mmap$auto(0x100000000000, 0x5, 0x400000000000006, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = socket(0x2, 0x801, 0x100) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101880, 0x0) preadv$auto(r2, &(0x7f0000000080)={0x0, 0x6}, 0x7, 0x4, 0x69be) mmap$auto(0x0, 0x400008, 0xe1, 0x10, r1, 0xbae) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r4, 0x321, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x4804) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) write$auto(0xffffffffffffffff, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) setitimer$auto(0x1, 0x0, 0x0) bind$auto(0x3, &(0x7f0000000140)=@sco={0x1f, @none}, 0x7) connect$auto(0x3, &(0x7f0000000080)=@nl=@unspec, 0x81) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x7ffd) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty51\x00', 0xfe500, 0x0) ioctl$auto_TIOCVHANGUP2(r6, 0x5437, 0x0) ioctl$auto_TIOCSETD2(r6, 0x5423, &(0x7f0000000200)="58db1de502d9bd09d69af6e7d3513415cb2886cb99bc5ee83b32831cd44cecbf856cf90b3deb54b668b7ff0517c01409bb477d0003fd2d23e3c6865ab271ae97fe4da1d858e387a84341df84b66acbf0a5b30cc4eeb6a4c1576a66039870399b8f2cc7b3fe9e7977a5") fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) ptrace$auto(0x5, 0x0, 0xfffffffffffffffa, 0x8) 7.901245978s ago: executing program 3 (id=2441): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) setresuid$auto(0x2, 0x7, 0x8080) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x100) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) 7.37864882s ago: executing program 2 (id=2445): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x6, &(0x7f0000000180)={&(0x7f0000000440)="9ac7785bf63818d34fa783dcf98e4d06f27b31e800007183f28d9c6cbac1dd9374383164c4b3f2d0c24d34e65389cb7387b72ad3e7a34650c358689f312e177f883eeaeba3192c240150962824308db6533456ea560534e9ba28952530f99acdb9a5ffaf", 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) read$auto(0xffffffffffffffff, 0x0, 0x10) write$auto(0x3, 0x0, 0xffd8) 7.374712908s ago: executing program 3 (id=2446): unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4400000000df, 0xc157, 0x101000000000000, 0x7) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) setitimer$auto(0x2, 0x0, 0x0) setitimer$auto_ITIMER_VIRTUAL(0x1, 0x0, 0x0) unshare$auto(0x40000080) setitimer$auto_ITIMER_REAL(0x0, &(0x7f0000000180)={{0x34c, 0x9}, {0xfffffffffffffffd}}, 0x0) setitimer$auto(0x5, &(0x7f0000000240)={{0xfea07d8, 0x9d}, {0xfffffffffffffffb, 0x9}}, &(0x7f0000000280)={{0x4, 0x200}, {0x2, 0x6}}) r0 = socket(0x10, 0x2, 0xc) ioctl$auto_XFS_IOC_ERROR_CLEARALL(0xffffffffffffffff, 0x40085875, &(0x7f00000000c0)={r0, 0xf}) r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO2(r1, 0x80184132, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3a, 0x7fffffff, 0x0, 0x1, 0x1) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0) open(0x0, 0xeee00, 0x31) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) stat$auto(0x0, &(0x7f0000000380)={0x506f, 0x7, 0x80000000000000, 0xfffffff2, 0x0, 0xee01, 0x0, 0x2, 0x101, 0x4, 0x1, 0x20fd, 0x3ff, 0x800000401, 0x5f54, 0x0, 0xfffffffeffffffff}) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) writev$auto(r3, &(0x7f00000003c0)={0x0, 0x8}, 0x3) 7.120047443s ago: executing program 1 (id=2448): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/binderfs/binder0\x00', 0x102, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x8, 0xffffffffffffff49, 0x5, 0x1823, 0x800000000004, 0x1, 0x5, 0x19, 0x10, 0x8, 0x2dde, 0x80008, 0xfffffffffffffffa, 0xab, 0x0, 0x1]}, 0x0) openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0) r0 = io_uring_setup$auto(0x86, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000001280)='/dev/v4l-subdev0\x00', 0x101000, 0x0) ioctl$auto(r1, 0xc0205648, r0) 6.905783688s ago: executing program 1 (id=2449): adjtimex$auto(&(0x7f00000004c0)={0xffff6888, 0x0, 0x0, 0xfffffffffffffffd, 0x4ea, 0x1, 0x6, 0x0, 0x1, 0x0, 0x962, {0x2000100000000, 0x10000}, 0x5, 0x6, 0xffffffffffeffffb, 0x6, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0x20000a747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000500)='/dev/video0\x00', 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x40001, 0x0) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x200000000007, 0xd, 0x1, 0x948b, 0x3, 0x7f, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x6d3f, 0x9, 0x9, 0xfffffffffffffffd]}, 0x0) 6.904419827s ago: executing program 2 (id=2457): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) r0 = pipe$auto(0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xae00, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x4038ae7a, r0) 5.70614028s ago: executing program 2 (id=2451): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) ioctl$auto_SNDCTL_DSP_GETTRIGGER(0xffffffffffffffff, 0x80045010, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) r1 = open(0x0, 0xcd1e23e41b02d660, 0x154) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) execveat$auto(r1, &(0x7f0000000200)='\x00', 0x0, 0x0, 0x11000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) syz_clone3(&(0x7f0000000640)={0x108000, 0x0, 0x0, 0x0, {0x15}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) writev$auto(r2, &(0x7f0000000340)={0x0, 0xda7e}, 0x9) mmap$auto(0x0, 0x20005, 0xdf, 0x12, r0, 0x4) io_uring_setup$auto(0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0) r3 = socket(0x2, 0x3, 0xa) getsockopt$auto(r3, 0x0, 0x29, 0x0, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x7) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, 0x0, 0x3) mmap$auto(0xc, 0x8, 0x4000000000df, 0x40000000000eb0, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto_TCFLSH2(r6, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r6, 0x5423, 0x0) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x20001365}, 0x2) 5.533232329s ago: executing program 1 (id=2452): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020008, 0x7, 0xb9, 0xfffffffffffffffa, 0x72) socketpair$auto(0x80000001, 0x3, 0x8000000000000000, 0x0) r0 = fcntl$auto(0x3, 0x4, 0xa553) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) socket(0x25, 0x6, 0x0) mmap$auto(0x0, 0x20009, 0x3, 0x40000000000eb1, 0x401, 0x8000) r1 = socket(0x1b, 0x3, 0x76) open(&(0x7f0000000180)='./file0\x00', 0x30840, 0x2e) madvise$auto(0x0, 0x2000040080000004, 0x25548bdd) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r2, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getsockopt$auto_SO_RCVPRIORITY(r1, 0x0, 0x52, 0x0, &(0x7f0000000300)=0x5) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={0x0, 0x3e0}, 0x1, 0x0, 0x0, 0xc000}, 0x4005) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x8001, 0x0, 0x0, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) readv$auto(0x3, 0x0, 0x1) mmap$auto(0x6, 0x100000000004, 0xd, 0x18, r0, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), r1) close_range$auto(0x2, 0x8, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_clone(0x2419d6159e7d4f8a, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0x1d, 0x3, 0x1) 4.26100745s ago: executing program 3 (id=2454): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) lseek$auto(0x3, 0x2, 0x4) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0xa) unshare$auto(0x40000080) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0x101500, 0x0) readv$auto(r1, &(0x7f00000000c0)={&(0x7f0000000180), 0x200}, 0x6) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/bond_slave_1/disable_policy\x00', 0x202, 0x0) sendfile$auto(r4, r3, 0x0, 0x48) getdents$auto(0xffffffffffffffff, 0x0, 0xfff) ioctl$auto_FS_IOC_ADD_ENCRYPTION_KEY2(0xffffffffffffffff, 0xc0506617, &(0x7f0000000240)={{0x6, 0x0, @descriptor="4162321b541a99f9"}, 0x40, 0x3}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0009, 0x13) madvise$auto(0x0, 0xffffffffffff0001, 0x15) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'tunl0\x00'}) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioctl$auto_posix_clock_file_operations_posix_clock(0xffffffffffffffff, 0x43403d05, 0x0) madvise$auto(0x0, 0x53, 0x9) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) 4.219137785s ago: executing program 2 (id=2455): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/admmidi2\x00', 0x88042, 0x0) read$auto(r0, 0x0, 0x20) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x8002, 0x0) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(0xffffffffffffffff, 0x1, 0x0) mmap$auto(0x100000000000, 0x5, 0x400000000000006, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = socket(0x2, 0x801, 0x100) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/erspan0/statistics/rx_compressed\x00', 0x101880, 0x0) preadv$auto(r2, 0x0, 0x7, 0x4, 0x69be) mmap$auto(0x0, 0x400008, 0xe1, 0x10, r1, 0xbae) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r4, 0x321, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x4804) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) write$auto(0xffffffffffffffff, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) setitimer$auto(0x1, 0x0, 0x0) bind$auto(0x3, &(0x7f0000000140)=@sco={0x1f, @none}, 0x7) connect$auto(0x3, &(0x7f0000000080)=@nl=@unspec, 0x81) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x7ffd) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty51\x00', 0xfe500, 0x0) ioctl$auto_TIOCVHANGUP2(r6, 0x5437, 0x0) ioctl$auto_TIOCSETD2(r6, 0x5423, &(0x7f0000000200)="58db1de502d9bd09d69af6e7d3513415cb2886cb99bc5ee83b32831cd44cecbf856cf90b3deb54b668b7ff0517c01409bb477d0003fd2d23e3c6865ab271ae97fe4da1d858e387a84341df84b66acbf0a5b30cc4eeb6a4c1576a66039870399b8f2cc7b3fe9e7977a5") fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) ptrace$auto(0x5, 0x0, 0xfffffffffffffffa, 0x8) 3.303898164s ago: executing program 0 (id=2458): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/freezer.state\x00', 0x10b342, 0x0) mmap$auto(0x0, 0x400008, 0xe, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x48041, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001d40)='/proc/misc\x00', 0xa182, 0x0) read$auto_proc_iter_file_ops_compat_inode(r1, 0x0, 0xfffffe13) sendfile$auto(r0, r0, 0x0, 0x4456) 2.71094727s ago: executing program 0 (id=2459): r0 = socket(0xa, 0x1, 0x100) r1 = eventfd2$auto(0x6af3, 0x800) socket(0x1e, 0x1, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x83, 0x2, 0x400, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f4) madvise$auto(0x1, 0xffffffffffff0001, 0x7ffff) socket(0x29, 0x5, 0x1000000) mmap$auto(0x0, 0x4, 0x10000000000, 0x11, 0x3, 0x100000000) bpf$auto_BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000280)=@link_update={r1, @new_prog_fd=r0, 0x3, @old_prog_fd=r0}, 0x1) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) pipe2$auto(&(0x7f0000000040)=r1, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x2901, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x3, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7440, 0x1, 0x9, 0x1]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x100000001f9, 0x8, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x7, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x10008000009, 0x2, 0x6]}, 0x0) r3 = openat$auto_debug_help_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f00000032c0), 0x1000, 0x0) preadv$auto(r3, &(0x7f0000003340)={&(0x7f0000003300), 0x40}, 0x9, 0x5, 0x100000001) ioperm$auto(0x0, 0xffff, 0x4) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0) unshare$auto(0x40000080) openat$dir(0xffffffffffffff9c, &(0x7f00000004c0)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)\x00', 0x40140, 0x12d) rename$auto(&(0x7f00000003c0)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)', &(0x7f0000000000)=':-.\x00') ioctl$auto_XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000640)={r3, &(0x7f0000000340)="8fefe94b62", 0xdcb, &(0x7f0000000380)="e9", 0x9, &(0x7f0000000700)="cb0431457f43131273a16323375d4fe12459affdc39176248ab56a001344bf586986927e6baeba8008505c953d31fd6ae7b6a048af8ffcc99060383bc3873409e829486c988ab8a5ce756ba0d7ddd12e3595653f8e18168eea06", &(0x7f0000000480)=0x50}) ioctl$auto_SNDRV_PCM_IOCTL_RESUME2(r4, 0x4147, 0x0) r5 = openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/bdi/1:15/wb_stats\x00', 0x40, 0x0) pread64$auto(r5, 0x0, 0x2ffffffff, 0xfff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x8502, 0x0) bpf$auto(0x0, &(0x7f0000000580)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0x0, 0xf, 0xffffffffffffffff, 0x1400000, 0x5}, 0x6f4) openat$dir(0xffffffffffffff9c, &(0x7f00000007c0)=':-.\x00', 0x5d5400, 0x13e) 1.705369804s ago: executing program 1 (id=2460): socket$nl_generic(0x10, 0x3, 0x10) r0 = eventfd2$auto(0x6af3, 0x800) socket(0x1e, 0x1, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x83, 0x2, 0x400, 0xc, 0xe3, 0x400000000a, 0x3}, 0x6f4) madvise$auto(0x1, 0xffffffffffff0001, 0x7ffff) socket(0x29, 0x5, 0x1000000) mmap$auto(0x0, 0x4, 0x10000000000, 0x11, 0x3, 0x100000000) bpf$auto_BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000280)=@link_update={r0, @new_prog_fd, 0x3}, 0x1) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) pipe2$auto(&(0x7f0000000040)=r0, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x2901, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x3, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7440, 0x1, 0x9, 0x1]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x100000001f9, 0x8, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x7, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x10008000009, 0x2, 0x6]}, 0x0) r2 = openat$auto_debug_help_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f00000032c0), 0x1000, 0x0) preadv$auto(r2, &(0x7f0000003340)={&(0x7f0000003300), 0x40}, 0x9, 0x5, 0x100000001) ioperm$auto(0x0, 0xffff, 0x4) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0) unshare$auto(0x40000080) openat$dir(0xffffffffffffff9c, &(0x7f00000004c0)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)\x00', 0x40140, 0x12d) rename$auto(&(0x7f00000003c0)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)', &(0x7f0000000000)=':-.\x00') ioctl$auto_XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f0000000640)={r2, &(0x7f0000000340)="8fefe94b62", 0xdcb, &(0x7f0000000380)="e9", 0x9, &(0x7f0000000700)="cb0431457f43131273a16323375d4fe12459affdc39176248ab56a001344bf586986927e6baeba8008505c953d31fd6ae7b6a048af8ffcc99060383bc3873409e829486c988ab8a5ce756ba0d7ddd12e3595653f8e18168eea06", &(0x7f0000000480)=0x50}) ioctl$auto_SNDRV_PCM_IOCTL_RESUME2(r3, 0x4147, 0x0) r4 = openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/bdi/1:15/wb_stats\x00', 0x40, 0x0) pread64$auto(r4, 0x0, 0x2ffffffff, 0xfff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x8502, 0x0) bpf$auto(0x0, &(0x7f0000000580)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0x0, 0xf, 0xffffffffffffffff, 0x1400000, 0x5}, 0x6f4) openat$dir(0xffffffffffffff9c, &(0x7f00000007c0)=':-.\x00', 0x5d5400, 0x13e) 1.513062472s ago: executing program 0 (id=2461): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) setsockopt$auto_SO_BSDCOMPAT(0xffffffffffffffff, 0x7, 0xe, 0x0, 0xfff) close_range$auto(0x2, 0x8, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000400), 0x101000, 0x0) 1.033530632s ago: executing program 0 (id=2462): mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x202, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r0, 0x5408, 0x0) 1.030598511s ago: executing program 2 (id=2463): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, 0x0, 0x100000a3d9) ioctl$auto_SNDCTL_DSP_GETTRIGGER(0xffffffffffffffff, 0x80045010, &(0x7f0000004440)) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) r1 = open(0x0, 0xcd1e23e41b02d660, 0x154) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) execveat$auto(r1, &(0x7f0000000200)='\x00', 0x0, 0x0, 0x11000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) syz_clone3(&(0x7f0000000640)={0x108000, 0x0, 0x0, 0x0, {0x15}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) writev$auto(r2, &(0x7f0000000340)={0x0, 0xda7e}, 0x9) mmap$auto(0x0, 0x20005, 0xdf, 0x12, r0, 0x4) io_uring_setup$auto(0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0) r3 = socket(0x2, 0x3, 0xa) getsockopt$auto(r3, 0x0, 0x29, 0x0, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x7) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, 0x0, 0x3) mmap$auto(0xc, 0x8, 0x4000000000df, 0x40000000000eb0, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto_TCFLSH2(r6, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r6, 0x5423, 0x0) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x20001365}, 0x2) 885.672362ms ago: executing program 0 (id=2464): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x28, 0x5, 0x0) socket(0xa, 0x1, 0x84) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) setsockopt$auto(0x3, 0x10000000084, 0xd, 0x0, 0x8) 884.578881ms ago: executing program 3 (id=2465): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) ioctl$auto_SNDCTL_DSP_GETTRIGGER(0xffffffffffffffff, 0x80045010, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) r1 = open(0x0, 0xcd1e23e41b02d660, 0x154) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) execveat$auto(r1, &(0x7f0000000200)='\x00', 0x0, 0x0, 0x11000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) syz_clone3(&(0x7f0000000640)={0x108000, 0x0, 0x0, 0x0, {0x15}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) writev$auto(r2, &(0x7f0000000340)={0x0, 0xda7e}, 0x9) mmap$auto(0x0, 0x20005, 0xdf, 0x12, r0, 0x4) io_uring_setup$auto(0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0) r3 = socket(0x2, 0x3, 0xa) getsockopt$auto(r3, 0x0, 0x29, 0x0, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x7) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, 0x0, 0x3) mmap$auto(0xc, 0x8, 0x4000000000df, 0x40000000000eb0, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto_TCFLSH2(r6, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r6, 0x5423, 0x0) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x20001365}, 0x2) 509.15794ms ago: executing program 1 (id=2466): mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) mmap$auto(0x0, 0x400008, 0xd00000000, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x20020000) socketcall$auto_SYS_SOCKETPAIR(0x8, 0x0) writev$auto(0xca, 0x0, 0x7e) ioctl$auto_PPPIOCSCOMPRESS(r0, 0x4010744d, &(0x7f00000001c0)={0x0, 0x8, 0x80}) 201.726308ms ago: executing program 2 (id=2467): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020008, 0x7, 0xb9, 0xfffffffffffffffa, 0x72) socketpair$auto(0x80000001, 0x3, 0x8000000000000000, 0x0) r0 = fcntl$auto(0x3, 0x4, 0xa553) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) socket(0x25, 0x6, 0x0) mmap$auto(0x0, 0x20009, 0x3, 0x40000000000eb1, 0x401, 0x8000) r1 = socket(0x1b, 0x3, 0x76) open(&(0x7f0000000180)='./file0\x00', 0x30840, 0x2e) madvise$auto(0x0, 0x2000040080000004, 0x25548bdd) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r2, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getsockopt$auto_SO_RCVPRIORITY(r1, 0x0, 0x52, 0x0, &(0x7f0000000300)=0x5) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000740)=ANY=[@ANYBLOB="095c9ae9e003000083d8e22c681914cba3730448f16f1355afee6615001b41d6ff592cec4179455fb1d13a723b71eda420eec05b6f14d80f1f3e0e355796d6f200b13da4169f2ca6ae544e2d35cbbc6b0085820f876a7f2bc20b2fe5627e182223fabaa6a2eba994ed259396624f9e495ed44c80865704bbb17ea5b3b58210d8c4f64ab55da0b57f098cf12b9df425", @ANYRES16=r4, @ANYBLOB="01002bbd7008fcdbdf2506000000cc0301807a0001002b02cb348f1b3b1b45aefb7a3a7cf8cd112f0f9d484277432c640a3cce76984ef9d4b56291a0233d83ffbaf0ca9bc8dfac1df710d92fce2a4327bfe140222e9bf86f3be6375c09f60b8ce30b1621f11abeef4fac55010583f1d401daf84d2da8e94c950231d6b8fc94f2cc228531d9c570cc0760b9fb000007000200402a0000100002002f6465762f6e756c6c6230001a000100a19ab74e6c615b0107d5a1aa0e533d6d645fe5f8e7660000e7000100f60338afd1346bea96e1ad56be35629048b58c6c7f919f5d2b2b5da266bacf286ea257ef04dfd38f4406749f58fbf8f5cbba9d931ee781279f9fde47440a8f2e07a085b4ce8841a24951eccb6d7e7f5831273860b76d84cf399048efa8971adf376aab401970ebbd0abdb921b11b3dadc23d58c1422dbd37ba7614ff68b6c1a8797c011ab8011a69018290adb2e051ac00342114e91f1cd96513d2d98e0a6cd7e308cf1ded582274fd4f109e5a55c39469f03c81a373f4f2d7d6b929cc7a92db96f8e1a3b85a712d0e4a378d0b350d8ff57d23bfbb174ec625ea7fda2f8d1231f1402900ba000100023524991f3f1b92bbf0e65b586fc76195dee0276424906deef62d4a54188ba2b3c39dfecb6231da5a07daf77eaeeec96448e75b5725c104ac15b131d2131ba7a7ce1453246595175a4ef27638125182ebc8e5f7937f4605651559f5efc24a072ea36fa96f170e01235391aa94f6457ea4999342810a500439adb471e76f7fd36826b1d5337380a43de2fc9bbb52c973c7f0f0543a26c7df69f2077175485bdeb5fb31b0fc0ad7a60b9d06fbed997fff1ed4825e89f70000ba00010003ff35afcf1219f712ed02f56d8910974eb4a95a45c53ba1268952b0a50b81309eed2f6fcfa4cb58dc18da1e0d3b0d07c2973fa3a7983161c1979f2f19baa6be76071962edc92bf7279deb60bf6b6cccc4cb915fe59e2d93d50677779cb1fb733f6385e952b09dd0761079917272e8014b2e10d8cf5bacea93cd940892579bcdc4a1331fa32ab8b362b8dfbc012a7a49b9bebffc8a3c4c77cda691331a70f08c2e867fb2ddedcfbb993e8e9943d37ab8dbe7a9b006270000150001003ad325c5167e8d272cfa57c8a4115306900000009e000100ab310b8c6ca55be122fb2de7db6f4a97cfe76648eb4d2ff1817dfc11eef39de8fbbcfc3f3c402b11772bc06c8f3c90e3d1ebe94101dee128d164b13b8b3bd339c5f7bebab112f2246ca1ada281830cbf6714677757ded34c9008674eaeeed6a8a584cf0c821a8591561f27f40f212c98c234544b11b36e98d4512ea3c5da4f6c2c34c6583664ff80f430dd58c5ef39c9e06f84f982576a6f67b40000"], 0x3e0}, 0x1, 0x0, 0x0, 0xc000}, 0x4005) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x8001, 0x0, 0x0, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) readv$auto(0x3, 0x0, 0x1) mmap$auto(0x6, 0x100000000004, 0xd, 0x18, r0, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), r1) close_range$auto(0x2, 0x8, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_clone(0x2419d6159e7d4f8a, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0x1d, 0x3, 0x1) 66.645857ms ago: executing program 0 (id=2468): write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Writeback-1/edid_override\x00', 0x40901, 0x0) r1 = getpid() pipe2$auto(&(0x7f00000000c0), 0x0) process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0x1002}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0x401}, 0x6, 0x0) ioctl$auto(r0, 0x40246f4c, 0x38) 0s ago: executing program 1 (id=2469): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020008, 0x7, 0xb9, 0xfffffffffffffffa, 0x72) socketpair$auto(0x80000001, 0x3, 0x8000000000000000, 0x0) r0 = fcntl$auto(0x3, 0x4, 0xa553) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) socket(0x25, 0x6, 0x0) mmap$auto(0x0, 0x20009, 0x3, 0x40000000000eb1, 0x401, 0x8000) r1 = socket(0x1b, 0x3, 0x76) open(&(0x7f0000000180)='./file0\x00', 0x30840, 0x2e) madvise$auto(0x0, 0x2000040080000004, 0x25548bdd) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r2, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getsockopt$auto_SO_RCVPRIORITY(r1, 0x0, 0x52, 0x0, &(0x7f0000000300)=0x5) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, 0x0, 0x4005) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x8001, 0x0, 0x0, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) readv$auto(0x3, 0x0, 0x1) mmap$auto(0x6, 0x100000000004, 0xd, 0x18, r0, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), r1) close_range$auto(0x2, 0x8, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) syz_clone(0x2419d6159e7d4f8a, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0x1d, 0x3, 0x1) kernel console output (not intermixed with test programs): cache_alloc_lru_noprof+0x72/0x3b0 [ 721.212586][T13322] ? __d_alloc+0x32/0xae0 [ 721.212631][T13322] __d_alloc+0x32/0xae0 [ 721.212666][T13322] ? bpf_ksym_find+0x124/0x1c0 [ 721.212702][T13322] d_alloc_parallel+0x111/0x1480 [ 721.212751][T13322] ? __x64_sys_ioctl+0x18e/0x210 [ 721.212799][T13322] ? unwind_get_return_address+0x59/0xa0 [ 721.212833][T13322] ? arch_stack_walk+0xa6/0x100 [ 721.212874][T13322] ? __pfx_d_alloc_parallel+0x10/0x10 [ 721.212927][T13322] ? lockdep_init_map_type+0x5c/0x280 [ 721.212973][T13322] ? lockdep_init_map_type+0x5c/0x280 [ 721.213042][T13322] __lookup_slow+0x193/0x460 [ 721.213093][T13322] ? __pfx___lookup_slow+0x10/0x10 [ 721.213148][T13322] ? perf_trace_mm_compaction_suitable_template+0xd0/0x5e0 [ 721.213207][T13322] ? perf_trace_mm_compaction_suitable_template+0xd0/0x5e0 [ 721.213255][T13322] ? d_lookup+0xe7/0x190 [ 721.213308][T13322] lookup_noperm+0xe1/0x110 [ 721.213358][T13322] simple_start_creating+0xd1/0x1b0 [ 721.213396][T13322] start_creating.part.0+0x82/0x190 [ 721.213431][T13322] __debugfs_create_file+0xa7/0x6b0 [ 721.213473][T13322] debugfs_create_file_full+0x41/0x60 [ 721.213524][T13322] kvm_dev_ioctl+0x153f/0x1af0 [ 721.213572][T13322] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 721.213617][T13322] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 721.213652][T13322] __x64_sys_ioctl+0x18e/0x210 [ 721.213704][T13322] do_syscall_64+0xcd/0x490 [ 721.213755][T13322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 721.213786][T13322] RIP: 0033:0x7f5bd5d8ebe9 [ 721.213812][T13322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 721.213842][T13322] RSP: 002b:00007f5bd6b24038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 721.213872][T13322] RAX: ffffffffffffffda RBX: 00007f5bd5fc6180 RCX: 00007f5bd5d8ebe9 [ 721.213893][T13322] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 000000000000000b [ 721.213910][T13322] RBP: 00007f5bd5e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 721.213927][T13322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 721.213943][T13322] R13: 00007f5bd5fc6218 R14: 00007f5bd5fc6180 R15: 00007fff5fa4c658 [ 721.213981][T13322] [ 723.167850][T13363] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1072'. [ 725.480012][T13401] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 726.462645][T13406] synth uevent: /devices/virtual/tty/ptyc1: unknown uevent action string [ 726.516350][T13406] tty ptyc1: uevent: failed to send synthetic uevent: -22 [ 728.273472][T13428] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1081'. [ 728.282764][T13428] macvtap0: entered promiscuous mode [ 729.768220][T13442] FAULT_INJECTION: forcing a failure. [ 729.768220][T13442] name failslab, interval 1, probability 0, space 0, times 0 [ 729.781583][T13442] CPU: 0 UID: 0 PID: 13442 Comm: syz.1.1082 Tainted: G U syzkaller #0 PREEMPT(full) [ 729.781632][T13442] Tainted: [U]=USER [ 729.781642][T13442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 729.781661][T13442] Call Trace: [ 729.781672][T13442] [ 729.781684][T13442] dump_stack_lvl+0x16c/0x1f0 [ 729.781739][T13442] should_fail_ex+0x512/0x640 [ 729.781789][T13442] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 729.781832][T13442] should_failslab+0xc2/0x120 [ 729.781873][T13442] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 729.781913][T13442] ? __d_alloc+0x32/0xae0 [ 729.781958][T13442] __d_alloc+0x32/0xae0 [ 729.781994][T13442] ? bpf_ksym_find+0x124/0x1c0 [ 729.782028][T13442] d_alloc_parallel+0x111/0x1480 [ 729.782078][T13442] ? __x64_sys_ioctl+0x18e/0x210 [ 729.782127][T13442] ? unwind_get_return_address+0x59/0xa0 [ 729.782160][T13442] ? arch_stack_walk+0xa6/0x100 [ 729.782226][T13442] ? __pfx_d_alloc_parallel+0x10/0x10 [ 729.782280][T13442] ? lockdep_init_map_type+0x5c/0x280 [ 729.782326][T13442] ? lockdep_init_map_type+0x5c/0x280 [ 729.782377][T13442] __lookup_slow+0x193/0x460 [ 729.782427][T13442] ? __pfx___lookup_slow+0x10/0x10 [ 729.782481][T13442] ? perf_trace_mm_compaction_suitable_template+0xd0/0x5e0 [ 729.782540][T13442] ? perf_trace_mm_compaction_suitable_template+0xd0/0x5e0 [ 729.782588][T13442] ? d_lookup+0xe7/0x190 [ 729.782643][T13442] lookup_noperm+0xe1/0x110 [ 729.782693][T13442] simple_start_creating+0xd1/0x1b0 [ 729.782732][T13442] start_creating.part.0+0x82/0x190 [ 729.782770][T13442] __debugfs_create_file+0xa7/0x6b0 [ 729.782811][T13442] debugfs_create_file_full+0x41/0x60 [ 729.782855][T13442] kvm_dev_ioctl+0x153f/0x1af0 [ 729.782902][T13442] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 729.782950][T13442] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 729.782985][T13442] __x64_sys_ioctl+0x18e/0x210 [ 729.783037][T13442] do_syscall_64+0xcd/0x490 [ 729.783090][T13442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.783122][T13442] RIP: 0033:0x7f48ef38ebe9 [ 729.783149][T13442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 729.783188][T13442] RSP: 002b:00007f48f0221038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 729.783219][T13442] RAX: ffffffffffffffda RBX: 00007f48ef5c6180 RCX: 00007f48ef38ebe9 [ 729.783239][T13442] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 000000000000000b [ 729.783258][T13442] RBP: 00007f48ef411e19 R08: 0000000000000000 R09: 0000000000000000 [ 729.783277][T13442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 729.783296][T13442] R13: 00007f48ef5c6218 R14: 00007f48ef5c6180 R15: 00007ffce8c82e58 [ 729.783339][T13442] [ 733.568501][T13486] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 736.657495][T13521] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 736.850159][T13521] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 736.889713][T13521] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 736.930094][T13521] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 736.976434][T13521] Process accounting resumed [ 737.466035][T13534] netlink: 'syz.3.1096': attribute type 1 has an invalid length. [ 737.787617][ T30] audit: type=1800 audit(2147486033.938:24): pid=13544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1096" name="features" dev="configfs" ino=52239 res=0 errno=0 [ 738.029116][T13539] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 738.516965][ T9778] Bluetooth: hci0: command 0x0406 tx timeout [ 738.902047][ T9778] Bluetooth: hci2: command 0x0406 tx timeout [ 738.908127][ T9778] Bluetooth: hci1: command 0x0406 tx timeout [ 738.980934][ T9778] Bluetooth: hci3: command 0x0406 tx timeout [ 743.299366][T13603] FAULT_INJECTION: forcing a failure. [ 743.299366][T13603] name failslab, interval 1, probability 0, space 0, times 0 [ 743.312712][T13603] CPU: 0 UID: 0 PID: 13603 Comm: syz.2.1108 Tainted: G U syzkaller #0 PREEMPT(full) [ 743.312764][T13603] Tainted: [U]=USER [ 743.312775][T13603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 743.312810][T13603] Call Trace: [ 743.312820][T13603] [ 743.312833][T13603] dump_stack_lvl+0x16c/0x1f0 [ 743.312889][T13603] should_fail_ex+0x512/0x640 [ 743.312936][T13603] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 743.312974][T13603] should_failslab+0xc2/0x120 [ 743.313014][T13603] __kmalloc_cache_noprof+0x6a/0x3e0 [ 743.313047][T13603] ? refill_pi_state_cache+0x89/0x250 [ 743.313098][T13603] refill_pi_state_cache+0x89/0x250 [ 743.313158][T13603] futex_lock_pi+0x175/0x7c0 [ 743.313207][T13603] ? futex_unqueue+0x13d/0x2c0 [ 743.313252][T13603] ? __pfx_futex_lock_pi+0x10/0x10 [ 743.313296][T13603] ? __futex_wait+0x24c/0x2f0 [ 743.313377][T13603] ? futex_private_hash_put+0x18a/0x300 [ 743.313422][T13603] ? __pfx_futex_wake_mark+0x10/0x10 [ 743.313478][T13603] ? __pfx_child_wait_callback+0x10/0x10 [ 743.313535][T13603] do_futex+0x11a/0x350 [ 743.313573][T13603] ? __pfx_do_futex+0x10/0x10 [ 743.313614][T13603] ? __pfx___do_sys_wait4+0x10/0x10 [ 743.313659][T13603] ? __might_fault+0xe3/0x190 [ 743.313693][T13603] ? __might_fault+0x13b/0x190 [ 743.313733][T13603] __x64_sys_futex+0x1e0/0x4c0 [ 743.313779][T13603] ? __pfx___x64_sys_futex+0x10/0x10 [ 743.313821][T13603] ? syscall_user_dispatch+0x78/0x140 [ 743.313881][T13603] do_syscall_64+0xcd/0x490 [ 743.313932][T13603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 743.313963][T13603] RIP: 0033:0x7f5bd5d8ebe9 [ 743.313988][T13603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 743.314016][T13603] RSP: 002b:00007f5bd6b24038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 743.314044][T13603] RAX: ffffffffffffffda RBX: 00007f5bd5fc6180 RCX: 00007f5bd5d8ebe9 [ 743.314065][T13603] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 743.314083][T13603] RBP: 00007f5bd5e11e19 R08: 0000000000000000 R09: 000000008000fff2 [ 743.314101][T13603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 743.314118][T13603] R13: 00007f5bd5fc6218 R14: 00007f5bd5fc6180 R15: 00007fff5fa4c658 [ 743.314159][T13603] [ 743.541662][ C0] vkms_vblank_simulate: vblank timer overrun [ 745.318341][T13643] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1112'. [ 751.021034][T13722] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1121'. [ 751.021171][T13720] synth uevent: /devices/virtual/tty/ptyc1: unknown uevent action string [ 751.032355][T13722] macvtap0: entered promiscuous mode [ 751.072643][T13720] tty ptyc1: uevent: failed to send synthetic uevent: -22 [ 752.778319][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.784692][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 753.587924][T13742] Invalid ELF header magic: != ELF [ 754.548417][T13759] FAULT_INJECTION: forcing a failure. [ 754.548417][T13759] name failslab, interval 1, probability 0, space 0, times 0 [ 754.561505][T13759] CPU: 0 UID: 0 PID: 13759 Comm: syz.1.1127 Tainted: G U syzkaller #0 PREEMPT(full) [ 754.561557][T13759] Tainted: [U]=USER [ 754.561568][T13759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 754.561587][T13759] Call Trace: [ 754.561597][T13759] [ 754.561609][T13759] dump_stack_lvl+0x16c/0x1f0 [ 754.561664][T13759] should_fail_ex+0x512/0x640 [ 754.561712][T13759] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 754.561751][T13759] should_failslab+0xc2/0x120 [ 754.561793][T13759] __kmalloc_cache_noprof+0x6a/0x3e0 [ 754.561826][T13759] ? refill_pi_state_cache+0x89/0x250 [ 754.561878][T13759] refill_pi_state_cache+0x89/0x250 [ 754.561939][T13759] futex_lock_pi+0x175/0x7c0 [ 754.561989][T13759] ? futex_unqueue+0x13d/0x2c0 [ 754.562027][T13759] ? __pfx_futex_lock_pi+0x10/0x10 [ 754.562081][T13759] ? __futex_wait+0x24c/0x2f0 [ 754.562162][T13759] ? futex_private_hash_put+0x18a/0x300 [ 754.562207][T13759] ? __pfx_futex_wake_mark+0x10/0x10 [ 754.562277][T13759] do_futex+0x11a/0x350 [ 754.562318][T13759] ? __pfx_do_futex+0x10/0x10 [ 754.562369][T13759] __x64_sys_futex+0x1e0/0x4c0 [ 754.562416][T13759] ? __pfx___x64_sys_futex+0x10/0x10 [ 754.562459][T13759] ? syscall_user_dispatch+0x78/0x140 [ 754.562521][T13759] do_syscall_64+0xcd/0x490 [ 754.562572][T13759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.562603][T13759] RIP: 0033:0x7f48ef38ebe9 [ 754.562629][T13759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 754.562660][T13759] RSP: 002b:00007f48f0221038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 754.562690][T13759] RAX: ffffffffffffffda RBX: 00007f48ef5c6180 RCX: 00007f48ef38ebe9 [ 754.562711][T13759] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 754.562729][T13759] RBP: 00007f48ef411e19 R08: 0000000000000000 R09: 000000008000fff2 [ 754.562748][T13759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.562767][T13759] R13: 00007f48ef5c6218 R14: 00007f48ef5c6180 R15: 00007ffce8c82e58 [ 754.562808][T13759] [ 755.161943][T13742] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 756.289679][T13775] netlink: 'syz.2.1131': attribute type 1 has an invalid length. [ 756.491556][ T30] audit: type=1800 audit(2147486052.669:25): pid=13780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1131" name="features" dev="configfs" ino=52872 res=0 errno=0 [ 757.786277][T13779] zswap: compressor not available [ 758.255407][T13797] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 761.474174][T13827] FAULT_INJECTION: forcing a failure. [ 761.474174][T13827] name fail_futex, interval 1, probability 0, space 0, times 0 [ 761.487763][T13827] CPU: 1 UID: 0 PID: 13827 Comm: syz.2.1139 Tainted: G U syzkaller #0 PREEMPT(full) [ 761.487811][T13827] Tainted: [U]=USER [ 761.487822][T13827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 761.487840][T13827] Call Trace: [ 761.487850][T13827] [ 761.487862][T13827] dump_stack_lvl+0x16c/0x1f0 [ 761.487916][T13827] should_fail_ex+0x512/0x640 [ 761.487970][T13827] should_fail_futex+0x4c/0x60 [ 761.488007][T13827] futex_lock_pi_atomic+0x101/0xd50 [ 761.488069][T13827] futex_lock_pi+0x23f/0x7c0 [ 761.488121][T13827] ? __pfx_futex_lock_pi+0x10/0x10 [ 761.488188][T13827] ? find_held_lock+0x2b/0x80 [ 761.488231][T13827] ? futex_private_hash_put+0x18a/0x300 [ 761.488274][T13827] ? __pfx_futex_wake_mark+0x10/0x10 [ 761.488331][T13827] ? __pfx_child_wait_callback+0x10/0x10 [ 761.488386][T13827] do_futex+0x11a/0x350 [ 761.488425][T13827] ? __pfx_do_futex+0x10/0x10 [ 761.488464][T13827] ? __pfx___do_sys_wait4+0x10/0x10 [ 761.488508][T13827] ? __might_fault+0xe3/0x190 [ 761.488541][T13827] ? __might_fault+0x13b/0x190 [ 761.488580][T13827] __x64_sys_futex+0x1e0/0x4c0 [ 761.488625][T13827] ? __pfx___x64_sys_futex+0x10/0x10 [ 761.488664][T13827] ? xfd_validate_state+0x61/0x180 [ 761.488707][T13827] ? __pfx___do_sys_prctl+0x10/0x10 [ 761.488767][T13827] do_syscall_64+0xcd/0x490 [ 761.488816][T13827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 761.488847][T13827] RIP: 0033:0x7f5bd5d8ebe9 [ 761.488872][T13827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 761.488903][T13827] RSP: 002b:00007f5bd6b66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 761.488932][T13827] RAX: ffffffffffffffda RBX: 00007f5bd5fc5fa0 RCX: 00007f5bd5d8ebe9 [ 761.488951][T13827] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 761.488968][T13827] RBP: 00007f5bd5e11e19 R08: 0000000000000000 R09: 000000008000fff2 [ 761.488986][T13827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 761.489003][T13827] R13: 00007f5bd5fc6038 R14: 00007f5bd5fc5fa0 R15: 00007fff5fa4c658 [ 761.489052][T13827] [ 764.228548][T13865] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1144'. [ 767.684574][T13898] FAULT_INJECTION: forcing a failure. [ 767.684574][T13898] name failslab, interval 1, probability 0, space 0, times 0 [ 767.771848][T13898] CPU: 1 UID: 0 PID: 13898 Comm: syz.2.1150 Tainted: G U syzkaller #0 PREEMPT(full) [ 767.771899][T13898] Tainted: [U]=USER [ 767.771910][T13898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 767.771936][T13898] Call Trace: [ 767.771946][T13898] [ 767.771959][T13898] dump_stack_lvl+0x16c/0x1f0 [ 767.772008][T13898] should_fail_ex+0x512/0x640 [ 767.772053][T13898] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 767.772088][T13898] should_failslab+0xc2/0x120 [ 767.772125][T13898] __kmalloc_cache_noprof+0x6a/0x3e0 [ 767.772157][T13898] ? refill_pi_state_cache+0x89/0x250 [ 767.772204][T13898] refill_pi_state_cache+0x89/0x250 [ 767.772244][T13898] futex_lock_pi+0x175/0x7c0 [ 767.772273][T13898] ? futex_unqueue+0x13d/0x2c0 [ 767.772294][T13898] ? __pfx_futex_lock_pi+0x10/0x10 [ 767.772319][T13898] ? __futex_wait+0x24c/0x2f0 [ 767.772349][T13898] ? lockdep_hardirqs_on+0x7c/0x110 [ 767.772388][T13898] ? futex_private_hash_put+0x18a/0x300 [ 767.772414][T13898] ? __pfx_futex_wake_mark+0x10/0x10 [ 767.772447][T13898] ? __pfx_child_wait_callback+0x10/0x10 [ 767.772479][T13898] do_futex+0x11a/0x350 [ 767.772502][T13898] ? __pfx_do_futex+0x10/0x10 [ 767.772543][T13898] ? __pfx___do_sys_wait4+0x10/0x10 [ 767.772570][T13898] ? __might_fault+0xe3/0x190 [ 767.772590][T13898] ? __might_fault+0x13b/0x190 [ 767.772613][T13898] __x64_sys_futex+0x1e0/0x4c0 [ 767.772639][T13898] ? __pfx___x64_sys_futex+0x10/0x10 [ 767.772664][T13898] ? syscall_user_dispatch+0x78/0x140 [ 767.772699][T13898] do_syscall_64+0xcd/0x490 [ 767.772730][T13898] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 767.772748][T13898] RIP: 0033:0x7f5bd5d8ebe9 [ 767.772763][T13898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 767.772781][T13898] RSP: 002b:00007f5bd6b24038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 767.772799][T13898] RAX: ffffffffffffffda RBX: 00007f5bd5fc6180 RCX: 00007f5bd5d8ebe9 [ 767.772811][T13898] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 767.772821][T13898] RBP: 00007f5bd5e11e19 R08: 0000000000000000 R09: 000000008000fff2 [ 767.772832][T13898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 767.772843][T13898] R13: 00007f5bd5fc6218 R14: 00007f5bd5fc6180 R15: 00007fff5fa4c658 [ 767.772865][T13898] [ 768.247739][T13882] Process accounting paused [ 769.355069][T13916] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 772.655072][T13950] syz.2.1158: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 772.753157][T13950] CPU: 0 UID: 0 PID: 13950 Comm: syz.2.1158 Tainted: G U syzkaller #0 PREEMPT(full) [ 772.753195][T13950] Tainted: [U]=USER [ 772.753201][T13950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 772.753212][T13950] Call Trace: [ 772.753219][T13950] [ 772.753226][T13950] dump_stack_lvl+0x16c/0x1f0 [ 772.753260][T13950] warn_alloc+0x248/0x3a0 [ 772.753284][T13950] ? __pfx_warn_alloc+0x10/0x10 [ 772.753320][T13950] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 772.753339][T13950] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 772.753359][T13950] ? __pfx___might_resched+0x10/0x10 [ 772.753379][T13950] ? rcu_is_watching+0x12/0xc0 [ 772.753398][T13950] ? trace_contention_end+0xdd/0x130 [ 772.753425][T13950] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 772.753444][T13950] ? tomoyo_path_number_perm+0x295/0x580 [ 772.753471][T13950] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 772.753490][T13950] ? __pfx___mutex_lock+0x10/0x10 [ 772.753520][T13950] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 772.753541][T13950] ? futex_wake+0x1ad/0x530 [ 772.753571][T13950] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 772.753588][T13950] __vmalloc_node_noprof+0xad/0xf0 [ 772.753605][T13950] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 772.753626][T13950] dvb_dvr_do_ioctl+0x15d/0x290 [ 772.753651][T13950] dvb_usercopy+0x164/0x340 [ 772.753668][T13950] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 772.753688][T13950] ? __pfx_dvb_usercopy+0x10/0x10 [ 772.753714][T13950] ? __fget_files+0x20e/0x3c0 [ 772.753738][T13950] dvb_dvr_ioctl+0x29/0x40 [ 772.753754][T13950] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 772.753771][T13950] __x64_sys_ioctl+0x18e/0x210 [ 772.753801][T13950] do_syscall_64+0xcd/0x490 [ 772.753831][T13950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 772.753849][T13950] RIP: 0033:0x7f5bd5d8ebe9 [ 772.753865][T13950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 772.753890][T13950] RSP: 002b:00007f5bd6b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 772.753907][T13950] RAX: ffffffffffffffda RBX: 00007f5bd5fc5fa0 RCX: 00007f5bd5d8ebe9 [ 772.753919][T13950] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 772.753930][T13950] RBP: 00007f5bd5e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 772.753941][T13950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 772.753951][T13950] R13: 00007f5bd5fc6038 R14: 00007f5bd5fc5fa0 R15: 00007fff5fa4c658 [ 772.753974][T13950] [ 772.753981][T13950] Mem-Info: [ 773.045042][T13950] active_anon:39255 inactive_anon:22 isolated_anon:0 [ 773.045042][T13950] active_file:17520 inactive_file:43984 isolated_file:0 [ 773.045042][T13950] unevictable:768 dirty:1788 writeback:0 [ 773.045042][T13950] slab_reclaimable:12937 slab_unreclaimable:97023 [ 773.045042][T13950] mapped:31818 shmem:27603 pagetables:1273 [ 773.045042][T13950] sec_pagetables:0 bounce:0 [ 773.045042][T13950] kernel_misc_reclaimable:0 [ 773.045042][T13950] free:1269400 free_pcp:25065 free_cma:0 [ 773.158414][T13950] Node 0 active_anon:154420kB inactive_anon:88kB active_file:70080kB inactive_file:175740kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:127272kB dirty:7148kB writeback:0kB shmem:105476kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11624kB pagetables:4924kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 773.246027][T13950] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:168kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 773.351477][T13950] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 773.411570][T13950] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 773.507125][T13950] Node 0 DMA32 free:1164632kB boost:0kB min:34320kB low:42900kB high:51480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:151072kB inactive_anon:88kB active_file:70080kB inactive_file:174424kB unevictable:1536kB writepending:7228kB present:3129332kB managed:2539556kB mlocked:0kB bounce:0kB free_pcp:95972kB local_pcp:62584kB free_cma:0kB [ 773.683595][T13950] lowmem_reserve[]: 0 0 1 1 1 [ 773.698610][T13950] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:4kB free_cma:0kB [ 773.779804][T13950] lowmem_reserve[]: 0 0 0 0 0 [ 773.786149][T13950] Node 1 Normal free:3907564kB boost:0kB min:55560kB low:69448kB high:83336kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 773.828267][T13950] lowmem_reserve[]: 0 0 0 0 0 [ 773.853474][T13950] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 773.908388][T13950] Node 0 DMA32: 922*4kB (UME) 2020*8kB (UME) 1398*16kB (UME) 946*32kB (UME) 398*64kB (UME) 166*128kB (UM) 212*256kB (UM) 121*512kB (UME) 54*1024kB (UME) 2*2048kB (UM) 217*4096kB (UM) = 1183656kB [ 774.013191][T13950] Node 0 Normal: 3*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 774.119535][T13950] Node 1 Normal: 241*4kB (UME) 57*8kB (UME) 44*16kB (UME) 233*32kB (UME) 96*64kB (UM) 25*128kB (UME) 18*256kB (UME) 8*512kB (UME) 3*1024kB (UME) 5*2048kB (UME) 944*4096kB (M) = 3907564kB [ 774.166318][T13950] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 774.248562][T13950] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 774.311841][T13950] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 774.321637][T13950] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 774.334478][T13950] 78817 total pagecache pages [ 774.339514][T13950] 22 pages in swap cache [ 774.344627][T13950] Free swap = 124784kB [ 774.352880][T13950] Total swap = 124996kB [ 774.359601][T13950] 2097051 pages RAM [ 774.365691][T13950] 0 pages HighMem/MovableOnly [ 774.397562][T13950] 430200 pages reserved [ 774.418581][T13950] 0 pages cma reserved [ 774.557153][T13957] ovs_: entered promiscuous mode [ 778.234876][T14032] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 778.776526][T14027] zswap: compressor not available [ 779.276789][T14045] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 779.396151][T14045] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 779.405874][T14045] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 779.413431][T14045] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 781.341538][ T9778] Bluetooth: hci0: command 0x0406 tx timeout [ 781.419847][ T9778] Bluetooth: hci1: command 0x0406 tx timeout [ 781.517132][ T9778] Bluetooth: hci3: command 0x0406 tx timeout [ 781.523751][ T9778] Bluetooth: hci2: command 0x0406 tx timeout [ 782.769946][T14104] syz.0.1170: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 782.910283][T14104] CPU: 1 UID: 0 PID: 14104 Comm: syz.0.1170 Tainted: G U syzkaller #0 PREEMPT(full) [ 782.910332][T14104] Tainted: [U]=USER [ 782.910341][T14104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 782.910357][T14104] Call Trace: [ 782.910366][T14104] [ 782.910377][T14104] dump_stack_lvl+0x16c/0x1f0 [ 782.910425][T14104] warn_alloc+0x248/0x3a0 [ 782.910463][T14104] ? __pfx_warn_alloc+0x10/0x10 [ 782.910526][T14104] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 782.910557][T14104] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 782.910589][T14104] ? __pfx___might_resched+0x10/0x10 [ 782.910621][T14104] ? rcu_is_watching+0x12/0xc0 [ 782.910652][T14104] ? trace_contention_end+0xdd/0x130 [ 782.910694][T14104] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 782.910724][T14104] ? tomoyo_path_number_perm+0x295/0x580 [ 782.910768][T14104] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 782.910798][T14104] ? __pfx___mutex_lock+0x10/0x10 [ 782.910859][T14104] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 782.910907][T14104] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 782.910936][T14104] __vmalloc_node_noprof+0xad/0xf0 [ 782.910966][T14104] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 782.911002][T14104] dvb_dvr_do_ioctl+0x15d/0x290 [ 782.911041][T14104] dvb_usercopy+0x164/0x340 [ 782.911069][T14104] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 782.911102][T14104] ? __pfx_dvb_usercopy+0x10/0x10 [ 782.911149][T14104] ? __fget_files+0x20e/0x3c0 [ 782.911192][T14104] dvb_dvr_ioctl+0x29/0x40 [ 782.911220][T14104] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 782.911250][T14104] __x64_sys_ioctl+0x18e/0x210 [ 782.911301][T14104] do_syscall_64+0xcd/0x490 [ 782.911351][T14104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 782.911381][T14104] RIP: 0033:0x7f58fc18ebe9 [ 782.911407][T14104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 782.911436][T14104] RSP: 002b:00007f58fcf6b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 782.911482][T14104] RAX: ffffffffffffffda RBX: 00007f58fc3c5fa0 RCX: 00007f58fc18ebe9 [ 782.911503][T14104] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 782.911522][T14104] RBP: 00007f58fc211e19 R08: 0000000000000000 R09: 0000000000000000 [ 782.911540][T14104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 782.911558][T14104] R13: 00007f58fc3c6038 R14: 00007f58fc3c5fa0 R15: 00007ffc428cc8c8 [ 782.911603][T14104] [ 782.911615][T14104] Mem-Info: [ 783.271882][T14104] active_anon:20537 inactive_anon:22 isolated_anon:0 [ 783.271882][T14104] active_file:16998 inactive_file:47988 isolated_file:0 [ 783.271882][T14104] unevictable:768 dirty:5265 writeback:0 [ 783.271882][T14104] slab_reclaimable:13229 slab_unreclaimable:95537 [ 783.271882][T14104] mapped:34735 shmem:9890 pagetables:1274 [ 783.271882][T14104] sec_pagetables:0 bounce:0 [ 783.271882][T14104] kernel_misc_reclaimable:0 [ 783.271882][T14104] free:1299201 free_pcp:11658 free_cma:0 [ 783.333754][T14104] Node 0 active_anon:82236kB inactive_anon:88kB active_file:68084kB inactive_file:191756kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:138968kB dirty:21056kB writeback:0kB shmem:38040kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11696kB pagetables:4932kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 783.368981][T14104] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:168kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 783.454011][T14104] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 783.489470][T14104] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 783.496314][T14104] Node 0 DMA32 free:1272080kB boost:0kB min:34320kB low:42900kB high:51480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:82588kB inactive_anon:88kB active_file:69876kB inactive_file:190440kB unevictable:1536kB writepending:21156kB present:3129332kB managed:2539556kB mlocked:0kB bounce:0kB free_pcp:46380kB local_pcp:19220kB free_cma:0kB [ 783.544966][T14104] lowmem_reserve[]: 0 0 1 1 1 [ 783.549798][T14104] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:8kB free_cma:0kB [ 783.596631][T14104] lowmem_reserve[]: 0 0 0 0 0 [ 783.601876][T14104] Node 1 Normal free:3907428kB boost:0kB min:55560kB low:69448kB high:83336kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:136kB local_pcp:136kB free_cma:0kB [ 783.836713][T14104] lowmem_reserve[]: 0 0 0 0 0 [ 784.040685][T14104] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 784.057021][T14104] Node 0 DMA32: 2*4kB (ME) 718*8kB (U) 399*16kB (UME) 1418*32kB (UME) 860*64kB (UME) 432*128kB (UM) 272*256kB (UM) 121*512kB (UME) 54*1024kB (UME) 7*2048kB (UM) 217*4096kB (UM) = 1257896kB [ 784.082026][T14104] Node 0 Normal: 3*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 784.100067][T14104] Node 1 Normal: 237*4kB (UME) 56*8kB (UME) 45*16kB (UME) 233*32kB (UME) 98*64kB (UM) 23*128kB (UME) 18*256kB (UME) 8*512kB (UME) 3*1024kB (UME) 5*2048kB (UME) 944*4096kB (M) = 3907428kB [ 784.220107][T14104] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 784.253652][T14104] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 784.457699][T14104] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 784.467795][T14104] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 784.600126][T14104] 78915 total pagecache pages [ 784.683345][T14104] 22 pages in swap cache [ 784.742247][T14104] Free swap = 124784kB [ 784.835454][T14104] Total swap = 124996kB [ 784.855914][T14104] 2097051 pages RAM [ 784.859799][T14104] 0 pages HighMem/MovableOnly [ 784.865143][T14104] 430200 pages reserved [ 784.869308][T14104] 0 pages cma reserved [ 785.371340][T14116] delete_channel: no stack [ 786.819410][T14156] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 788.549248][T14173] nbd: couldn't find device at index 137 [ 790.304070][T14181] zswap: compressor not available [ 792.309299][T14188] ovs_: entered promiscuous mode [ 793.152119][T14203] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 794.162658][T14220] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 796.069741][T14230] serio: Serial port pty6 [ 800.335723][T14266] delete_channel: no stack [ 800.466647][T14270] Process accounting resumed [ 801.154258][T14305] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 801.636732][T14314] syz.1.1203: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 801.752397][T14314] CPU: 0 UID: 0 PID: 14314 Comm: syz.1.1203 Tainted: G U syzkaller #0 PREEMPT(full) [ 801.752450][T14314] Tainted: [U]=USER [ 801.752461][T14314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 801.752479][T14314] Call Trace: [ 801.752490][T14314] [ 801.752501][T14314] dump_stack_lvl+0x16c/0x1f0 [ 801.752554][T14314] warn_alloc+0x248/0x3a0 [ 801.752594][T14314] ? __pfx_warn_alloc+0x10/0x10 [ 801.752669][T14314] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 801.752704][T14314] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 801.752738][T14314] ? __pfx___might_resched+0x10/0x10 [ 801.752773][T14314] ? rcu_is_watching+0x12/0xc0 [ 801.752805][T14314] ? trace_contention_end+0xdd/0x130 [ 801.752848][T14314] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 801.752881][T14314] ? tomoyo_path_number_perm+0x295/0x580 [ 801.752930][T14314] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 801.752961][T14314] ? __pfx___mutex_lock+0x10/0x10 [ 801.753012][T14314] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 801.753049][T14314] ? futex_wake+0x1ad/0x530 [ 801.753101][T14314] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 801.753131][T14314] __vmalloc_node_noprof+0xad/0xf0 [ 801.753161][T14314] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 801.753197][T14314] dvb_dvr_do_ioctl+0x15d/0x290 [ 801.753236][T14314] dvb_usercopy+0x164/0x340 [ 801.753264][T14314] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 801.753297][T14314] ? __pfx_dvb_usercopy+0x10/0x10 [ 801.753344][T14314] ? __fget_files+0x20e/0x3c0 [ 801.753387][T14314] dvb_dvr_ioctl+0x29/0x40 [ 801.753413][T14314] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 801.753444][T14314] __x64_sys_ioctl+0x18e/0x210 [ 801.753495][T14314] do_syscall_64+0xcd/0x490 [ 801.753546][T14314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 801.753576][T14314] RIP: 0033:0x7f48ef38ebe9 [ 801.753603][T14314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 801.753632][T14314] RSP: 002b:00007f48f0263038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 801.753672][T14314] RAX: ffffffffffffffda RBX: 00007f48ef5c5fa0 RCX: 00007f48ef38ebe9 [ 801.753692][T14314] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003 [ 801.753712][T14314] RBP: 00007f48ef411e19 R08: 0000000000000000 R09: 0000000000000000 [ 801.753730][T14314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 801.753748][T14314] R13: 00007f48ef5c6038 R14: 00007f48ef5c5fa0 R15: 00007ffce8c82e58 [ 801.753790][T14314] [ 801.756306][T14314] Mem-Info: [ 802.029841][T14314] active_anon:13610 inactive_anon:5 isolated_anon:0 [ 802.029841][T14314] active_file:13297 inactive_file:43818 isolated_file:0 [ 802.029841][T14314] unevictable:768 dirty:817 writeback:0 [ 802.029841][T14314] slab_reclaimable:13140 slab_unreclaimable:95910 [ 802.029841][T14314] mapped:31787 shmem:2906 pagetables:1235 [ 802.029841][T14314] sec_pagetables:0 bounce:0 [ 802.029841][T14314] kernel_misc_reclaimable:0 [ 802.029841][T14314] free:1310552 free_pcp:14827 free_cma:0 [ 802.121251][T14314] Node 0 active_anon:54640kB inactive_anon:20kB active_file:53188kB inactive_file:175076kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:131348kB dirty:3264kB writeback:0kB shmem:10088kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11648kB pagetables:4772kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 802.155440][T14314] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:168kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 802.303206][T14314] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 802.528012][T14314] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 802.570217][T14314] Node 0 DMA32 free:1327748kB boost:0kB min:34320kB low:42900kB high:51480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:54552kB inactive_anon:20kB active_file:53188kB inactive_file:173760kB unevictable:1536kB writepending:3332kB present:3129332kB managed:2539556kB mlocked:0kB bounce:0kB free_pcp:50204kB local_pcp:25924kB free_cma:0kB [ 802.694028][T14314] lowmem_reserve[]: 0 0 1 1 1 [ 802.706698][T14314] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:8kB free_cma:0kB [ 802.742804][T14314] lowmem_reserve[]: 0 0 0 0 0 [ 802.747808][T14314] Node 1 Normal free:3907428kB boost:0kB min:55560kB low:69448kB high:83336kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:136kB local_pcp:136kB free_cma:0kB [ 802.938260][T14314] lowmem_reserve[]: 0 0 0 0 0 [ 802.984930][T14314] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 803.011534][T14314] Node 0 DMA32: 1740*4kB (UME) 2121*8kB (UME) 1461*16kB (UME) 1065*32kB (UM) 1032*64kB (UME) 465*128kB (UM) 282*256kB (UM) 125*512kB (UME) 55*1024kB (UME) 15*2048kB (UM) 219*4096kB (UM) = 1327208kB [ 803.091579][T14314] Node 0 Normal: 3*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 803.107818][T14314] Node 1 Normal: 237*4kB (UME) 56*8kB (UME) 45*16kB (UME) 233*32kB (UME) 98*64kB (UM) 23*128kB (UME) 18*256kB (UME) 8*512kB (UME) 3*1024kB (UME) 5*2048kB (UME) 944*4096kB (M) = 3907428kB [ 803.161170][T14314] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 803.196900][T14314] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 803.207600][T14314] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 803.220251][T14314] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 803.268891][T14314] 60051 total pagecache pages [ 803.288668][T14314] 32 pages in swap cache [ 803.295408][T14314] Free swap = 124664kB [ 803.300019][T14314] Total swap = 124996kB [ 803.334600][T14314] 2097051 pages RAM [ 803.343756][T14314] 0 pages HighMem/MovableOnly [ 803.348586][T14314] 430200 pages reserved [ 803.357440][T14314] 0 pages cma reserved [ 804.928442][T14356] Invalid ELF header magic: != ELF [ 805.333609][T14354] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 805.544530][T14354] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 805.555008][T14354] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 805.571319][T14354] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 805.669503][T14364] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 805.828649][T14367] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 807.358905][ T9778] Bluetooth: hci1: Malformed LE Event: 0x0b [ 807.416594][ T9778] Bluetooth: hci0: command 0x0406 tx timeout [ 807.575559][ T9028] Bluetooth: hci2: command 0x0406 tx timeout [ 807.581823][ T9033] Bluetooth: hci1: command 0x0406 tx timeout [ 807.588424][ T9778] Bluetooth: hci3: command 0x0406 tx timeout [ 810.957115][T14439] syz.0.1222(14439): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 813.704970][T14472] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 813.931492][T14464] Invalid ELF header magic: != ELF [ 813.985745][T14472] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 814.063883][T14472] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 814.140484][T14472] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 814.232941][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 814.240909][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.657321][T14481] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 815.739466][ T9778] Bluetooth: hci0: command 0x0406 tx timeout [ 816.064081][ T9778] Bluetooth: hci1: command 0x0406 tx timeout [ 816.139480][ T9778] Bluetooth: hci3: command 0x0406 tx timeout [ 816.139693][ T9033] Bluetooth: hci2: command 0x0406 tx timeout [ 818.862174][T14549] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 820.517299][T14573] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1242'. [ 832.466584][T14686] Process accounting paused [ 833.021600][T14735] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 833.654750][T14738] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 833.664069][T14738] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 833.688767][T14738] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 833.745886][T14738] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 835.671933][ T9033] Bluetooth: hci0: command 0x0406 tx timeout [ 835.752716][ T9033] Bluetooth: hci2: command 0x0406 tx timeout [ 835.759456][ T9778] Bluetooth: hci1: command 0x0406 tx timeout [ 835.840989][ T9033] Bluetooth: hci3: command 0x0406 tx timeout [ 837.692687][T14818] nbd: couldn't find device at index 137 [ 841.426737][T14875] serio: Serial port pty6 [ 841.550750][T14878] usb usb23: usbfs: process 14878 (syz.3.1284) did not claim interface 0 before use [ 844.093697][T14922] usb usb23: usbfs: process 14922 (syz.0.1292) did not claim interface 0 before use [ 844.336005][ T30] audit: type=1800 audit(2147483700.363:26): pid=14927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1293" name="version" dev="configfs" ino=58446 res=0 errno=0 [ 844.782174][T14939] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 853.436226][T15052] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 862.675196][T15215] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 864.603008][T15207] Process accounting resumed [ 875.697893][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 875.704400][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 881.969782][T15533] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 881.982800][T15533] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 882.002584][T15533] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 882.010630][T15533] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 884.013796][ T9033] Bluetooth: hci3: command 0x0406 tx timeout [ 884.019974][ T9033] Bluetooth: hci2: command 0x0406 tx timeout [ 884.026411][ T9778] Bluetooth: hci1: command 0x0406 tx timeout [ 884.032470][ T9778] Bluetooth: hci0: command 0x0406 tx timeout [ 893.621658][T15706] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 893.627732][T15706] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 893.778591][T15706] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 893.784794][T15706] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 895.699264][ T9033] Bluetooth: hci1: command 0x0406 tx timeout [ 895.699392][T15573] Bluetooth: hci0: command 0x0406 tx timeout [ 895.859566][T15573] Bluetooth: hci3: command 0x0406 tx timeout [ 895.865795][ T9033] Bluetooth: hci2: command 0x0406 tx timeout [ 896.516070][T15754] Process accounting paused [ 898.382925][T15803] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 902.847991][T15886] openvswitch: netlink: nsh attribute has 4 unknown bytes. [ 906.741584][T15948] usb usb37: usbfs: process 15948 (syz.3.1483) did not claim interface 0 before use [ 910.804970][T16027] binder: 16025:16027 ioctl c00c620f 200000000480 returned -22 [ 916.563093][T16126] FAULT_INJECTION: forcing a failure. [ 916.563093][T16126] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 916.620540][T16126] CPU: 1 UID: 0 PID: 16126 Comm: syz.2.1516 Tainted: G U syzkaller #0 PREEMPT(full) [ 916.620594][T16126] Tainted: [U]=USER [ 916.620605][T16126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 916.620625][T16126] Call Trace: [ 916.620636][T16126] [ 916.620649][T16126] dump_stack_lvl+0x16c/0x1f0 [ 916.620705][T16126] should_fail_ex+0x512/0x640 [ 916.620761][T16126] core_sys_select+0x9ca/0xc10 [ 916.620808][T16126] ? __pfx_core_sys_select+0x10/0x10 [ 916.620885][T16126] ? read_tsc+0x9/0x20 [ 916.620922][T16126] ? ktime_get_ts64+0x256/0x400 [ 916.620974][T16126] kern_select+0x15d/0x1e0 [ 916.621008][T16126] ? __pfx_kern_select+0x10/0x10 [ 916.621047][T16126] ? xfd_validate_state+0x61/0x180 [ 916.621091][T16126] ? __pfx_ksys_write+0x10/0x10 [ 916.621135][T16126] __x64_sys_select+0xbd/0x160 [ 916.621167][T16126] ? do_syscall_64+0x91/0x490 [ 916.621213][T16126] ? lockdep_hardirqs_on+0x7c/0x110 [ 916.621259][T16126] do_syscall_64+0xcd/0x490 [ 916.621309][T16126] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 916.621340][T16126] RIP: 0033:0x7f5bd5d8ebe9 [ 916.621376][T16126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 916.621407][T16126] RSP: 002b:00007f5bd6b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 916.621438][T16126] RAX: ffffffffffffffda RBX: 00007f5bd5fc5fa0 RCX: 00007f5bd5d8ebe9 [ 916.621460][T16126] RDX: 00002000000007c0 RSI: 0000200000000740 RDI: 0000000000000000 [ 916.621480][T16126] RBP: 00007f5bd5e11e19 R08: 00002000000008c0 R09: 0000000000000000 [ 916.621501][T16126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 916.621521][T16126] R13: 00007f5bd5fc6038 R14: 00007f5bd5fc5fa0 R15: 00007fff5fa4c658 [ 916.621572][T16126] [ 919.575035][T16184] FAULT_INJECTION: forcing a failure. [ 919.575035][T16184] name fail_futex, interval 1, probability 0, space 0, times 0 [ 919.589784][T16184] CPU: 0 UID: 0 PID: 16184 Comm: syz.3.1528 Tainted: G U syzkaller #0 PREEMPT(full) [ 919.589827][T16184] Tainted: [U]=USER [ 919.589834][T16184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 919.589844][T16184] Call Trace: [ 919.589852][T16184] [ 919.589859][T16184] dump_stack_lvl+0x16c/0x1f0 [ 919.589899][T16184] should_fail_ex+0x512/0x640 [ 919.589929][T16184] ? __kasan_slab_free+0x60/0x70 [ 919.589955][T16184] get_futex_key+0x1d0/0x1560 [ 919.589980][T16184] ? __pfx_get_futex_key+0x10/0x10 [ 919.590011][T16184] futex_wake+0xea/0x530 [ 919.590040][T16184] ? __pfx_futex_wake+0x10/0x10 [ 919.590071][T16184] ? rcu_is_watching+0x12/0xc0 [ 919.590093][T16184] ? kasan_quarantine_put+0x10a/0x240 [ 919.590114][T16184] ? lockdep_hardirqs_on+0x7c/0x110 [ 919.590144][T16184] do_futex+0x1e3/0x350 [ 919.590168][T16184] ? __pfx_do_futex+0x10/0x10 [ 919.590193][T16184] ? mntput+0x10/0x90 [ 919.590221][T16184] __x64_sys_futex+0x1e0/0x4c0 [ 919.590248][T16184] ? __pfx___x64_sys_futex+0x10/0x10 [ 919.590272][T16184] ? xfd_validate_state+0x61/0x180 [ 919.590307][T16184] do_syscall_64+0xcd/0x490 [ 919.590343][T16184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 919.590363][T16184] RIP: 0033:0x7ff80318ebe9 [ 919.590379][T16184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 919.590398][T16184] RSP: 002b:00007ff803f510e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 919.590417][T16184] RAX: ffffffffffffffda RBX: 00007ff8033c5fa8 RCX: 00007ff80318ebe9 [ 919.590429][T16184] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff8033c5fac [ 919.590440][T16184] RBP: 00007ff8033c5fa0 R08: 00007ff803f52000 R09: 0000000000000000 [ 919.590452][T16184] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 919.590463][T16184] R13: 00007ff8033c6038 R14: 00007ffff04ee040 R15: 00007ffff04ee128 [ 919.590486][T16184] [ 920.611010][T16204] FAULT_INJECTION: forcing a failure. [ 920.611010][T16204] name failslab, interval 1, probability 0, space 0, times 0 [ 920.624341][T16204] CPU: 1 UID: 0 PID: 16204 Comm: syz.3.1534 Tainted: G U syzkaller #0 PREEMPT(full) [ 920.624390][T16204] Tainted: [U]=USER [ 920.624402][T16204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 920.624420][T16204] Call Trace: [ 920.624432][T16204] [ 920.624445][T16204] dump_stack_lvl+0x16c/0x1f0 [ 920.624496][T16204] should_fail_ex+0x512/0x640 [ 920.624544][T16204] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 920.624581][T16204] should_failslab+0xc2/0x120 [ 920.624623][T16204] __kmalloc_cache_noprof+0x6a/0x3e0 [ 920.624657][T16204] ? do_raw_spin_unlock+0x172/0x230 [ 920.624703][T16204] ? sched_core_share_pid+0x3c1/0x9d0 [ 920.624743][T16204] sched_core_share_pid+0x3c1/0x9d0 [ 920.624777][T16204] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 920.624828][T16204] ? __pfx_sched_core_share_pid+0x10/0x10 [ 920.624863][T16204] ? static_key_count+0x5a/0x70 [ 920.624892][T16204] ? security_task_prctl+0x11c/0x160 [ 920.624947][T16204] __do_sys_prctl+0x317/0x20e0 [ 920.624999][T16204] ? __pfx___do_sys_prctl+0x10/0x10 [ 920.625060][T16204] do_syscall_64+0xcd/0x490 [ 920.625111][T16204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 920.625150][T16204] RIP: 0033:0x7ff80318ebe9 [ 920.625176][T16204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 920.625214][T16204] RSP: 002b:00007ff803f51038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 920.625244][T16204] RAX: ffffffffffffffda RBX: 00007ff8033c5fa0 RCX: 00007ff80318ebe9 [ 920.625265][T16204] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000003e [ 920.625285][T16204] RBP: 00007ff803211e19 R08: 0000000000000000 R09: 0000000000000000 [ 920.625305][T16204] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 920.625324][T16204] R13: 00007ff8033c6038 R14: 00007ff8033c5fa0 R15: 00007ffff04ee128 [ 920.625366][T16204] [ 928.037667][T16279] Process accounting resumed [ 928.115882][T16317] random: crng reseeded on system resumption [ 929.183773][T16342] type: 262143 invalid [ 929.607907][T16348] FAULT_INJECTION: forcing a failure. [ 929.607907][T16348] name failslab, interval 1, probability 0, space 0, times 0 [ 929.640097][T16348] CPU: 0 UID: 0 PID: 16348 Comm: syz.0.1562 Tainted: G U syzkaller #0 PREEMPT(full) [ 929.640150][T16348] Tainted: [U]=USER [ 929.640161][T16348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 929.640181][T16348] Call Trace: [ 929.640192][T16348] [ 929.640204][T16348] dump_stack_lvl+0x16c/0x1f0 [ 929.640256][T16348] should_fail_ex+0x512/0x640 [ 929.640305][T16348] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 929.640347][T16348] should_failslab+0xc2/0x120 [ 929.640387][T16348] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 929.640425][T16348] ? key_alloc+0x3e0/0x1330 [ 929.640471][T16348] key_alloc+0x3e0/0x1330 [ 929.640523][T16348] ? rcu_is_watching+0x12/0xc0 [ 929.640555][T16348] ? __pfx_key_alloc+0x10/0x10 [ 929.640592][T16348] ? __kmalloc_noprof+0x242/0x510 [ 929.640641][T16348] keyring_alloc+0x44/0xc0 [ 929.640691][T16348] install_process_keyring_to_cred+0xc1/0x140 [ 929.640736][T16348] keyctl_set_reqkey_keyring+0x180/0x1c0 [ 929.640774][T16348] __do_sys_keyctl+0x6d/0x590 [ 929.640813][T16348] do_syscall_64+0xcd/0x490 [ 929.640862][T16348] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 929.640893][T16348] RIP: 0033:0x7f58fc18ebe9 [ 929.640919][T16348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 929.640949][T16348] RSP: 002b:00007f58fcf6b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 929.641005][T16348] RAX: ffffffffffffffda RBX: 00007f58fc3c5fa0 RCX: 00007f58fc18ebe9 [ 929.641026][T16348] RDX: 000000000000076f RSI: 0000000000000002 RDI: 000000000000000e [ 929.641046][T16348] RBP: 00007f58fc211e19 R08: 0000000000000f13 R09: 0000000000000000 [ 929.641065][T16348] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000 [ 929.641084][T16348] R13: 00007f58fc3c6038 R14: 00007f58fc3c5fa0 R15: 00007ffc428cc8c8 [ 929.641125][T16348] [ 934.045858][T16438] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 937.165407][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 937.178541][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 947.751825][T16624] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 948.401072][T16637] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 957.016490][T16799] overlayfs: missing 'lowerdir' [ 958.005911][T16827] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 959.044211][T16786] Process accounting paused [ 960.248387][T16859] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 961.129847][T16881] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1662'. [ 968.001304][T17019] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 969.817318][T17064] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 977.138719][T17210] zswap: compressor not available [ 977.412473][T17225] FAULT_INJECTION: forcing a failure. [ 977.412473][T17225] name failslab, interval 1, probability 0, space 0, times 0 [ 977.440689][T17225] CPU: 0 UID: 0 PID: 17225 Comm: syz.3.1722 Tainted: G U syzkaller #0 PREEMPT(full) [ 977.440743][T17225] Tainted: [U]=USER [ 977.440753][T17225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 977.440771][T17225] Call Trace: [ 977.440782][T17225] [ 977.440794][T17225] dump_stack_lvl+0x16c/0x1f0 [ 977.440843][T17225] should_fail_ex+0x512/0x640 [ 977.440886][T17225] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 977.440923][T17225] should_failslab+0xc2/0x120 [ 977.440961][T17225] __kmalloc_cache_noprof+0x6a/0x3e0 [ 977.440995][T17225] ? copy_ipcs+0x19f/0x610 [ 977.441037][T17225] copy_ipcs+0x19f/0x610 [ 977.441068][T17225] ? copy_utsname+0xab/0x470 [ 977.441113][T17225] create_new_namespaces+0x20a/0xa90 [ 977.441148][T17225] ? security_capable+0x7e/0x260 [ 977.441186][T17225] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 977.441224][T17225] ksys_unshare+0x45b/0xa40 [ 977.441263][T17225] ? __pfx_ksys_unshare+0x10/0x10 [ 977.441305][T17225] ? xfd_validate_state+0x61/0x180 [ 977.441361][T17225] __x64_sys_unshare+0x31/0x40 [ 977.441402][T17225] do_syscall_64+0xcd/0x490 [ 977.441442][T17225] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 977.441467][T17225] RIP: 0033:0x7ff80318ebe9 [ 977.441488][T17225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 977.441523][T17225] RSP: 002b:00007ff803f51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 977.441547][T17225] RAX: ffffffffffffffda RBX: 00007ff8033c5fa0 RCX: 00007ff80318ebe9 [ 977.441564][T17225] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 977.441579][T17225] RBP: 00007ff803211e19 R08: 0000000000000000 R09: 0000000000000000 [ 977.441594][T17225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 977.441610][T17225] R13: 00007ff8033c6038 R14: 00007ff8033c5fa0 R15: 00007ffff04ee128 [ 977.441643][T17225] [ 980.653985][T17284] FAULT_INJECTION: forcing a failure. [ 980.653985][T17284] name failslab, interval 1, probability 0, space 0, times 0 [ 980.689673][T17284] CPU: 1 UID: 0 PID: 17284 Comm: syz.2.1731 Tainted: G U syzkaller #0 PREEMPT(full) [ 980.689711][T17284] Tainted: [U]=USER [ 980.689718][T17284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 980.689729][T17284] Call Trace: [ 980.689737][T17284] [ 980.689745][T17284] dump_stack_lvl+0x16c/0x1f0 [ 980.689778][T17284] should_fail_ex+0x512/0x640 [ 980.689807][T17284] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 980.689832][T17284] should_failslab+0xc2/0x120 [ 980.689858][T17284] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 980.689880][T17284] ? ptlock_alloc+0x1f/0x70 [ 980.689903][T17284] ptlock_alloc+0x1f/0x70 [ 980.689922][T17284] pte_alloc_one+0x82/0x3a0 [ 980.689942][T17284] do_pte_missing+0x1afc/0x3ba0 [ 980.689968][T17284] ? do_raw_spin_unlock+0x172/0x230 [ 980.690018][T17284] ? __pmd_alloc+0x3fb/0x930 [ 980.690064][T17284] __handle_mm_fault+0x152a/0x2a50 [ 980.690103][T17284] ? mt_find+0x3ef/0xa30 [ 980.690135][T17284] ? __pfx___handle_mm_fault+0x10/0x10 [ 980.690165][T17284] ? __pfx_mt_find+0x10/0x10 [ 980.690216][T17284] ? find_vma+0xbf/0x140 [ 980.690276][T17284] ? __pfx_find_vma+0x10/0x10 [ 980.690320][T17284] handle_mm_fault+0x589/0xd10 [ 980.690356][T17284] ? trace_raw_output_exceptions+0x131/0x150 [ 980.690410][T17284] do_user_addr_fault+0x7a6/0x1370 [ 980.690477][T17284] ? rcu_is_watching+0x12/0xc0 [ 980.690517][T17284] exc_page_fault+0x5c/0xb0 [ 980.690564][T17284] asm_exc_page_fault+0x26/0x30 [ 980.690592][T17284] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 980.690630][T17284] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 980.690657][T17284] RSP: 0018:ffffc9001a42fe68 EFLAGS: 00050212 [ 980.690678][T17284] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000010 [ 980.690694][T17284] RDX: fffff52003485fda RSI: 0000000000000000 RDI: ffffc9001a42fec0 [ 980.690710][T17284] RBP: 0000000000000010 R08: 0000000000000001 R09: fffff52003485fd9 [ 980.690725][T17284] R10: ffffc9001a42fecf R11: 0000000000000000 R12: 0000000000000000 [ 980.690740][T17284] R13: ffffc9001a42fec0 R14: 0000000000000000 R15: 0000000000000000 [ 980.690774][T17284] _copy_from_user+0x98/0xd0 [ 980.690802][T17284] __x64_sys_setrlimit+0xc6/0x160 [ 980.690837][T17284] ? xfd_validate_state+0x61/0x180 [ 980.690872][T17284] ? __pfx___x64_sys_setrlimit+0x10/0x10 [ 980.690912][T17284] ? rcu_is_watching+0x12/0xc0 [ 980.690939][T17284] do_syscall_64+0xcd/0x490 [ 980.690978][T17284] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 980.691002][T17284] RIP: 0033:0x7f5bd5d8ebe9 [ 980.691020][T17284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 980.691043][T17284] RSP: 002b:00007f5bd6b66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a0 [ 980.691064][T17284] RAX: ffffffffffffffda RBX: 00007f5bd5fc5fa0 RCX: 00007f5bd5d8ebe9 [ 980.691080][T17284] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 980.691094][T17284] RBP: 00007f5bd5e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 980.691108][T17284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 980.691123][T17284] R13: 00007f5bd5fc6038 R14: 00007f5bd5fc5fa0 R15: 00007fff5fa4c658 [ 980.691155][T17284] [ 981.058927][T17288] ubi0: attaching mtd0 [ 981.064581][T17288] ubi0: scanning is finished [ 981.723573][T17288] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 981.732195][T17288] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 981.742197][T17288] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 981.750600][T17288] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 981.759438][T17288] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 981.769475][T17288] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 981.779506][T17288] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 143812538 [ 981.791724][T17288] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 981.805259][T17295] ubi0: background thread "ubi_bgt0d" started, PID 17295 [ 986.488525][T17384] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 986.830149][T17394] FAULT_INJECTION: forcing a failure. [ 986.830149][T17394] name failslab, interval 1, probability 0, space 0, times 0 [ 986.843213][T17394] CPU: 1 UID: 0 PID: 17394 Comm: syz.1.1756 Tainted: G U syzkaller #0 PREEMPT(full) [ 986.843265][T17394] Tainted: [U]=USER [ 986.843277][T17394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 986.843306][T17394] Call Trace: [ 986.843319][T17394] [ 986.843340][T17394] dump_stack_lvl+0x16c/0x1f0 [ 986.843402][T17394] should_fail_ex+0x512/0x640 [ 986.843450][T17394] ? __kmalloc_noprof+0xbf/0x510 [ 986.843492][T17394] ? lsm_blob_alloc+0x68/0x90 [ 986.843521][T17394] should_failslab+0xc2/0x120 [ 986.843564][T17394] __kmalloc_noprof+0xd2/0x510 [ 986.843613][T17394] lsm_blob_alloc+0x68/0x90 [ 986.843645][T17394] security_prepare_creds+0x30/0x270 [ 986.843704][T17394] prepare_creds+0x56f/0x7d0 [ 986.843755][T17394] __sys_setuid+0x9a/0x440 [ 986.843792][T17394] do_syscall_64+0xcd/0x490 [ 986.843844][T17394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 986.843877][T17394] RIP: 0033:0x7f48ef38ebe9 [ 986.843905][T17394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 986.843935][T17394] RSP: 002b:00007f48f0263038 EFLAGS: 00000246 ORIG_RAX: 0000000000000069 [ 986.843966][T17394] RAX: ffffffffffffffda RBX: 00007f48ef5c5fa0 RCX: 00007f48ef38ebe9 [ 986.843987][T17394] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 986.844006][T17394] RBP: 00007f48ef411e19 R08: 0000000000000000 R09: 0000000000000000 [ 986.844025][T17394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 986.844044][T17394] R13: 00007f48ef5c6038 R14: 00007f48ef5c5fa0 R15: 00007ffce8c82e58 [ 986.844093][T17394] [ 987.339738][T17386] zswap: compressor not available [ 989.128738][T17442] Process accounting resumed [ 997.274181][T17587] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 998.618853][T17610] syz.0.1792 (17610): /proc/17609/oom_adj is deprecated, please use /proc/17609/oom_score_adj instead. [ 998.646546][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 998.666505][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 1001.271136][T17667] FAULT_INJECTION: forcing a failure. [ 1001.271136][T17667] name failslab, interval 1, probability 0, space 0, times 0 [ 1001.342044][T17667] CPU: 0 UID: 0 PID: 17667 Comm: syz.1.1804 Tainted: G U syzkaller #0 PREEMPT(full) [ 1001.342097][T17667] Tainted: [U]=USER [ 1001.342109][T17667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1001.342128][T17667] Call Trace: [ 1001.342140][T17667] [ 1001.342152][T17667] dump_stack_lvl+0x16c/0x1f0 [ 1001.342204][T17667] should_fail_ex+0x512/0x640 [ 1001.342254][T17667] ? __kmalloc_noprof+0xbf/0x510 [ 1001.342292][T17667] ? realloc_user_queue+0x288/0x320 [ 1001.342328][T17667] should_failslab+0xc2/0x120 [ 1001.342370][T17667] __kmalloc_noprof+0xd2/0x510 [ 1001.342416][T17667] realloc_user_queue+0x288/0x320 [ 1001.342465][T17667] ? __pfx_snd_timer_user_open+0x10/0x10 [ 1001.342504][T17667] snd_timer_user_open+0xfc/0x180 [ 1001.342543][T17667] snd_open+0x22a/0x4c0 [ 1001.342575][T17667] ? __pfx_snd_open+0x10/0x10 [ 1001.342606][T17667] chrdev_open+0x231/0x6a0 [ 1001.342647][T17667] ? __pfx_apparmor_file_open+0x10/0x10 [ 1001.342685][T17667] ? __pfx_chrdev_open+0x10/0x10 [ 1001.342730][T17667] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1001.342775][T17667] do_dentry_open+0x97f/0x1530 [ 1001.342815][T17667] ? __pfx_chrdev_open+0x10/0x10 [ 1001.342866][T17667] vfs_open+0x82/0x3f0 [ 1001.342919][T17667] path_openat+0x1de4/0x2cb0 [ 1001.342971][T17667] ? __pfx_path_openat+0x10/0x10 [ 1001.343020][T17667] do_filp_open+0x20b/0x470 [ 1001.343060][T17667] ? __pfx_do_filp_open+0x10/0x10 [ 1001.343129][T17667] ? alloc_fd+0x471/0x7d0 [ 1001.343175][T17667] do_sys_openat2+0x11b/0x1d0 [ 1001.343221][T17667] ? __pfx_do_sys_openat2+0x10/0x10 [ 1001.343284][T17667] __x64_sys_openat+0x174/0x210 [ 1001.343334][T17667] ? __pfx___x64_sys_openat+0x10/0x10 [ 1001.343400][T17667] do_syscall_64+0xcd/0x490 [ 1001.343460][T17667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1001.343493][T17667] RIP: 0033:0x7f48ef38ebe9 [ 1001.343520][T17667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1001.343549][T17667] RSP: 002b:00007f48f0263038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1001.343580][T17667] RAX: ffffffffffffffda RBX: 00007f48ef5c5fa0 RCX: 00007f48ef38ebe9 [ 1001.343603][T17667] RDX: 0000000000101440 RSI: 0000200000001cc0 RDI: ffffffffffffff9c [ 1001.343623][T17667] RBP: 00007f48ef411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1001.343643][T17667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1001.343662][T17667] R13: 00007f48ef5c6038 R14: 00007f48ef5c5fa0 R15: 00007ffce8c82e58 [ 1001.343705][T17667] [ 1002.241831][T17681] FAULT_INJECTION: forcing a failure. [ 1002.241831][T17681] name failslab, interval 1, probability 0, space 0, times 0 [ 1002.262819][T17681] CPU: 0 UID: 0 PID: 17681 Comm: syz.1.1809 Tainted: G U syzkaller #0 PREEMPT(full) [ 1002.262870][T17681] Tainted: [U]=USER [ 1002.262881][T17681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1002.262900][T17681] Call Trace: [ 1002.262910][T17681] [ 1002.262922][T17681] dump_stack_lvl+0x16c/0x1f0 [ 1002.262973][T17681] should_fail_ex+0x512/0x640 [ 1002.263019][T17681] ? fs_reclaim_acquire+0xae/0x150 [ 1002.263068][T17681] should_failslab+0xc2/0x120 [ 1002.263108][T17681] __kmalloc_node_noprof+0xd8/0x500 [ 1002.263156][T17681] ? lockdep_init_map_type+0x5c/0x280 [ 1002.263195][T17681] ? mempool_init_node+0x11f/0x6e0 [ 1002.263243][T17681] ? __init_waitqueue_head+0xca/0x150 [ 1002.263288][T17681] ? __pfx_mempool_kmalloc+0x10/0x10 [ 1002.263330][T17681] ? __pfx_mempool_kfree+0x10/0x10 [ 1002.263370][T17681] mempool_init_node+0x11f/0x6e0 [ 1002.263422][T17681] ? __pfx_mempool_kmalloc+0x10/0x10 [ 1002.263464][T17681] ? __pfx_mempool_kfree+0x10/0x10 [ 1002.263508][T17681] mempool_init_noprof+0x3a/0x50 [ 1002.263559][T17681] do_fanotify_mark+0x2db2/0x3600 [ 1002.263627][T17681] ? __pfx_do_fanotify_mark+0x10/0x10 [ 1002.263681][T17681] ? __x64_sys_futex+0x1e9/0x4c0 [ 1002.263730][T17681] ? xfd_validate_state+0x61/0x180 [ 1002.263775][T17681] ? __pfx_ksys_write+0x10/0x10 [ 1002.263820][T17681] __x64_sys_fanotify_mark+0xbd/0x160 [ 1002.263867][T17681] ? do_syscall_64+0x91/0x490 [ 1002.263911][T17681] ? lockdep_hardirqs_on+0x7c/0x110 [ 1002.263952][T17681] do_syscall_64+0xcd/0x490 [ 1002.264001][T17681] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1002.264032][T17681] RIP: 0033:0x7f48ef38ebe9 [ 1002.264058][T17681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1002.264088][T17681] RSP: 002b:00007f48f0263038 EFLAGS: 00000246 ORIG_RAX: 000000000000012d [ 1002.264119][T17681] RAX: ffffffffffffffda RBX: 00007f48ef5c5fa0 RCX: 00007f48ef38ebe9 [ 1002.264140][T17681] RDX: 0000000000008009 RSI: 0000000000000105 RDI: 0000000000000000 [ 1002.264169][T17681] RBP: 00007f48ef411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1002.264187][T17681] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1002.264206][T17681] R13: 00007f48ef5c6038 R14: 00007f48ef5c5fa0 R15: 00007ffce8c82e58 [ 1002.264249][T17681] [ 1002.824909][T17689] FAULT_INJECTION: forcing a failure. [ 1002.824909][T17689] name failslab, interval 1, probability 0, space 0, times 0 [ 1002.943297][T17689] CPU: 0 UID: 0 PID: 17689 Comm: syz.2.1813 Tainted: G U syzkaller #0 PREEMPT(full) [ 1002.943351][T17689] Tainted: [U]=USER [ 1002.943362][T17689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1002.943382][T17689] Call Trace: [ 1002.943393][T17689] [ 1002.943405][T17689] dump_stack_lvl+0x16c/0x1f0 [ 1002.943458][T17689] should_fail_ex+0x512/0x640 [ 1002.943515][T17689] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1002.943553][T17689] should_failslab+0xc2/0x120 [ 1002.943597][T17689] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1002.943631][T17689] ? nci_allocate_device+0x105/0x430 [ 1002.943678][T17689] nci_allocate_device+0x105/0x430 [ 1002.943721][T17689] virtual_ncidev_open+0x6f/0x220 [ 1002.943763][T17689] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 1002.943803][T17689] misc_open+0x35d/0x420 [ 1002.943843][T17689] ? __pfx_misc_open+0x10/0x10 [ 1002.943881][T17689] chrdev_open+0x231/0x6a0 [ 1002.943920][T17689] ? __pfx_apparmor_file_open+0x10/0x10 [ 1002.943958][T17689] ? __pfx_chrdev_open+0x10/0x10 [ 1002.944001][T17689] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1002.944047][T17689] do_dentry_open+0x97f/0x1530 [ 1002.944088][T17689] ? __pfx_chrdev_open+0x10/0x10 [ 1002.944139][T17689] vfs_open+0x82/0x3f0 [ 1002.944198][T17689] path_openat+0x1de4/0x2cb0 [ 1002.944252][T17689] ? __pfx_path_openat+0x10/0x10 [ 1002.944307][T17689] do_filp_open+0x20b/0x470 [ 1002.944346][T17689] ? __pfx_do_filp_open+0x10/0x10 [ 1002.944420][T17689] ? alloc_fd+0x471/0x7d0 [ 1002.944466][T17689] do_sys_openat2+0x11b/0x1d0 [ 1002.944512][T17689] ? __pfx_do_sys_openat2+0x10/0x10 [ 1002.944575][T17689] __x64_sys_openat+0x174/0x210 [ 1002.944619][T17689] ? __pfx___x64_sys_openat+0x10/0x10 [ 1002.944678][T17689] do_syscall_64+0xcd/0x490 [ 1002.944731][T17689] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1002.944760][T17689] RIP: 0033:0x7f5bd5d8ebe9 [ 1002.944785][T17689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1002.944814][T17689] RSP: 002b:00007f5bd6b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1002.944845][T17689] RAX: ffffffffffffffda RBX: 00007f5bd5fc5fa0 RCX: 00007f5bd5d8ebe9 [ 1002.944865][T17689] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1002.944885][T17689] RBP: 00007f5bd5e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1002.944904][T17689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1002.944924][T17689] R13: 00007f5bd5fc6038 R14: 00007f5bd5fc5fa0 R15: 00007fff5fa4c658 [ 1002.944966][T17689] [ 1011.519175][T17817] ptp ptp0: max value is 20 [ 1013.315213][T17829] FAULT_INJECTION: forcing a failure. [ 1013.315213][T17829] name failslab, interval 1, probability 0, space 0, times 0 [ 1013.334092][T17829] CPU: 0 UID: 0 PID: 17829 Comm: syz.3.1838 Tainted: G U syzkaller #0 PREEMPT(full) [ 1013.334154][T17829] Tainted: [U]=USER [ 1013.334165][T17829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1013.334184][T17829] Call Trace: [ 1013.334194][T17829] [ 1013.334207][T17829] dump_stack_lvl+0x16c/0x1f0 [ 1013.334246][T17829] should_fail_ex+0x512/0x640 [ 1013.334276][T17829] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1013.334302][T17829] should_failslab+0xc2/0x120 [ 1013.334326][T17829] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1013.334349][T17829] ? d_instantiate+0x77/0x90 [ 1013.334377][T17829] ? alloc_empty_file+0x55/0x1e0 [ 1013.334408][T17829] alloc_empty_file+0x55/0x1e0 [ 1013.334436][T17829] alloc_file_pseudo+0x13a/0x230 [ 1013.334465][T17829] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1013.334493][T17829] ? tipc_sk_finish_conn+0x580/0x790 [ 1013.334528][T17829] sock_alloc_file+0x50/0x210 [ 1013.334547][T17829] __sys_socketpair+0x34e/0x5a0 [ 1013.334571][T17829] ? __pfx___sys_socketpair+0x10/0x10 [ 1013.334597][T17829] ? xfd_validate_state+0x61/0x180 [ 1013.334624][T17829] ? __pfx_do_writev+0x10/0x10 [ 1013.334653][T17829] __x64_sys_socketpair+0x96/0x100 [ 1013.334676][T17829] ? lockdep_hardirqs_on+0x7c/0x110 [ 1013.334703][T17829] do_syscall_64+0xcd/0x490 [ 1013.334733][T17829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1013.334752][T17829] RIP: 0033:0x7ff80318ebe9 [ 1013.334768][T17829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1013.334787][T17829] RSP: 002b:00007ff803f51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1013.334806][T17829] RAX: ffffffffffffffda RBX: 00007ff8033c5fa0 RCX: 00007ff80318ebe9 [ 1013.334818][T17829] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 000000000000001e [ 1013.334830][T17829] RBP: 00007ff803211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1013.334840][T17829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1013.334851][T17829] R13: 00007ff8033c6038 R14: 00007ff8033c5fa0 R15: 00007ffff04ee128 [ 1013.334874][T17829] [ 1014.110612][T17840] FAULT_INJECTION: forcing a failure. [ 1014.110612][T17840] name failslab, interval 1, probability 0, space 0, times 0 [ 1014.179133][T17840] CPU: 1 UID: 0 PID: 17840 Comm: syz.3.1841 Tainted: G U syzkaller #0 PREEMPT(full) [ 1014.179186][T17840] Tainted: [U]=USER [ 1014.179198][T17840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1014.179217][T17840] Call Trace: [ 1014.179228][T17840] [ 1014.179242][T17840] dump_stack_lvl+0x16c/0x1f0 [ 1014.179296][T17840] should_fail_ex+0x512/0x640 [ 1014.179354][T17840] ? __kvmalloc_node_noprof+0x124/0x620 [ 1014.179412][T17840] should_failslab+0xc2/0x120 [ 1014.179454][T17840] __kvmalloc_node_noprof+0x137/0x620 [ 1014.179489][T17840] ? lockdep_init_map_type+0x5c/0x280 [ 1014.179534][T17840] ? v4l2_ctrl_handler_init_class+0x1fc/0x340 [ 1014.179591][T17840] ? v4l2_ctrl_handler_init_class+0x1fc/0x340 [ 1014.179637][T17840] v4l2_ctrl_handler_init_class+0x1fc/0x340 [ 1014.179690][T17840] vicodec_open+0x1a9/0xf90 [ 1014.179739][T17840] v4l2_open+0x225/0x490 [ 1014.179784][T17840] ? __pfx_v4l2_open+0x10/0x10 [ 1014.179827][T17840] chrdev_open+0x231/0x6a0 [ 1014.179880][T17840] ? __pfx_apparmor_file_open+0x10/0x10 [ 1014.179916][T17840] ? __pfx_chrdev_open+0x10/0x10 [ 1014.179961][T17840] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1014.180008][T17840] do_dentry_open+0x97f/0x1530 [ 1014.180049][T17840] ? __pfx_chrdev_open+0x10/0x10 [ 1014.180100][T17840] vfs_open+0x82/0x3f0 [ 1014.180153][T17840] path_openat+0x1de4/0x2cb0 [ 1014.180208][T17840] ? __pfx_path_openat+0x10/0x10 [ 1014.180259][T17840] do_filp_open+0x20b/0x470 [ 1014.180299][T17840] ? __pfx_do_filp_open+0x10/0x10 [ 1014.180383][T17840] ? alloc_fd+0x471/0x7d0 [ 1014.180433][T17840] do_sys_openat2+0x11b/0x1d0 [ 1014.180479][T17840] ? __pfx_do_sys_openat2+0x10/0x10 [ 1014.180545][T17840] __x64_sys_openat+0x174/0x210 [ 1014.180594][T17840] ? __pfx___x64_sys_openat+0x10/0x10 [ 1014.180661][T17840] do_syscall_64+0xcd/0x490 [ 1014.180711][T17840] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1014.180744][T17840] RIP: 0033:0x7ff80318ebe9 [ 1014.180770][T17840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1014.180800][T17840] RSP: 002b:00007ff803f51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1014.180831][T17840] RAX: ffffffffffffffda RBX: 00007ff8033c5fa0 RCX: 00007ff80318ebe9 [ 1014.180851][T17840] RDX: 0000000000080002 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 1014.180871][T17840] RBP: 00007ff803211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1014.180890][T17840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1014.180908][T17840] R13: 00007ff8033c6038 R14: 00007ff8033c5fa0 R15: 00007ffff04ee128 [ 1014.180951][T17840] [ 1020.461245][T17904] Process accounting paused [ 1032.724134][T18200] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1034.589593][T18232] FAULT_INJECTION: forcing a failure. [ 1034.589593][T18232] name failslab, interval 1, probability 0, space 0, times 0 [ 1034.623024][T18235] binder: 18233:18235 ioctl c00c6211 0 returned -14 [ 1034.655356][T18232] CPU: 0 UID: 0 PID: 18232 Comm: syz.1.1912 Tainted: G U syzkaller #0 PREEMPT(full) [ 1034.655408][T18232] Tainted: [U]=USER [ 1034.655420][T18232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1034.655438][T18232] Call Trace: [ 1034.655449][T18232] [ 1034.655462][T18232] dump_stack_lvl+0x16c/0x1f0 [ 1034.655515][T18232] should_fail_ex+0x512/0x640 [ 1034.655564][T18232] ? __kmalloc_noprof+0xbf/0x510 [ 1034.655605][T18232] ? lsm_blob_alloc+0x68/0x90 [ 1034.655631][T18232] should_failslab+0xc2/0x120 [ 1034.655672][T18232] __kmalloc_noprof+0xd2/0x510 [ 1034.655718][T18232] lsm_blob_alloc+0x68/0x90 [ 1034.655750][T18232] security_sk_alloc+0x30/0x270 [ 1034.655786][T18232] sk_prot_alloc+0xfb/0x2a0 [ 1034.655824][T18232] sk_alloc+0x36/0xc20 [ 1034.655870][T18232] unix_create1+0xa6/0x700 [ 1034.655926][T18232] unix_create+0x110/0x270 [ 1034.655974][T18232] __sock_create+0x335/0x8d0 [ 1034.656019][T18232] __sys_socketpair+0x25c/0x5a0 [ 1034.656062][T18232] ? __pfx___sys_socketpair+0x10/0x10 [ 1034.656106][T18232] ? xfd_validate_state+0x61/0x180 [ 1034.656161][T18232] __x64_sys_socketpair+0x96/0x100 [ 1034.656201][T18232] ? lockdep_hardirqs_on+0x7c/0x110 [ 1034.656247][T18232] do_syscall_64+0xcd/0x490 [ 1034.656304][T18232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1034.656336][T18232] RIP: 0033:0x7f48ef38ebe9 [ 1034.656363][T18232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1034.656394][T18232] RSP: 002b:00007f48f0263038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1034.656425][T18232] RAX: ffffffffffffffda RBX: 00007f48ef5c5fa0 RCX: 00007f48ef38ebe9 [ 1034.656446][T18232] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 1034.656465][T18232] RBP: 00007f48ef411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1034.656484][T18232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1034.656502][T18232] R13: 00007f48ef5c6038 R14: 00007f48ef5c5fa0 R15: 00007ffce8c82e58 [ 1034.656543][T18232] [ 1035.049417][T18235] binder: 18233:18235 ioctl c0306201 200000000000 returned -14 [ 1035.863802][T18260] FAULT_INJECTION: forcing a failure. [ 1035.863802][T18260] name failslab, interval 1, probability 0, space 0, times 0 [ 1035.891630][T18260] CPU: 0 UID: 0 PID: 18260 Comm: syz.2.1920 Tainted: G U syzkaller #0 PREEMPT(full) [ 1035.891677][T18260] Tainted: [U]=USER [ 1035.891686][T18260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1035.891700][T18260] Call Trace: [ 1035.891711][T18260] [ 1035.891720][T18260] dump_stack_lvl+0x16c/0x1f0 [ 1035.891762][T18260] should_fail_ex+0x512/0x640 [ 1035.891800][T18260] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1035.891830][T18260] should_failslab+0xc2/0x120 [ 1035.891863][T18260] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1035.891890][T18260] ? snd_card_file_add+0x52/0x340 [ 1035.891919][T18260] ? __pfx_snd_ctl_open+0x10/0x10 [ 1035.891954][T18260] snd_card_file_add+0x52/0x340 [ 1035.891981][T18260] ? __pfx_snd_ctl_open+0x10/0x10 [ 1035.892015][T18260] ? __pfx_snd_ctl_open+0x10/0x10 [ 1035.892049][T18260] snd_ctl_open+0x9d/0x5f0 [ 1035.892085][T18260] ? __pfx_snd_ctl_open+0x10/0x10 [ 1035.892126][T18260] snd_open+0x22a/0x4c0 [ 1035.892151][T18260] ? __pfx_snd_open+0x10/0x10 [ 1035.892173][T18260] chrdev_open+0x231/0x6a0 [ 1035.892204][T18260] ? __pfx_apparmor_file_open+0x10/0x10 [ 1035.892232][T18260] ? __pfx_chrdev_open+0x10/0x10 [ 1035.892265][T18260] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1035.892301][T18260] do_dentry_open+0x97f/0x1530 [ 1035.892333][T18260] ? __pfx_chrdev_open+0x10/0x10 [ 1035.892373][T18260] vfs_open+0x82/0x3f0 [ 1035.892412][T18260] path_openat+0x1de4/0x2cb0 [ 1035.892453][T18260] ? __pfx_path_openat+0x10/0x10 [ 1035.892491][T18260] do_filp_open+0x20b/0x470 [ 1035.892521][T18260] ? __pfx_do_filp_open+0x10/0x10 [ 1035.892576][T18260] ? alloc_fd+0x471/0x7d0 [ 1035.892612][T18260] do_sys_openat2+0x11b/0x1d0 [ 1035.892648][T18260] ? __pfx_do_sys_openat2+0x10/0x10 [ 1035.892699][T18260] __x64_sys_openat+0x174/0x210 [ 1035.892737][T18260] ? __pfx___x64_sys_openat+0x10/0x10 [ 1035.892789][T18260] do_syscall_64+0xcd/0x490 [ 1035.892828][T18260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1035.892852][T18260] RIP: 0033:0x7f5bd5d8ebe9 [ 1035.892873][T18260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1035.892897][T18260] RSP: 002b:00007f5bd6b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1035.892922][T18260] RAX: ffffffffffffffda RBX: 00007f5bd5fc5fa0 RCX: 00007f5bd5d8ebe9 [ 1035.892938][T18260] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1035.892953][T18260] RBP: 00007f5bd5e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1035.892968][T18260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1035.892982][T18260] R13: 00007f5bd5fc6038 R14: 00007f5bd5fc5fa0 R15: 00007fff5fa4c658 [ 1035.893014][T18260] [ 1042.545080][T18359] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1044.995458][T18403] ptp ptp0: max value is 20 [ 1045.796248][T18427] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1050.607960][T18500] Process accounting resumed [ 1052.887132][T18548] FAULT_INJECTION: forcing a failure. [ 1052.887132][T18548] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1052.925405][T18548] CPU: 1 UID: 0 PID: 18548 Comm: syz.0.1974 Tainted: G U syzkaller #0 PREEMPT(full) [ 1052.925438][T18548] Tainted: [U]=USER [ 1052.925444][T18548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1052.925455][T18548] Call Trace: [ 1052.925463][T18548] [ 1052.925470][T18548] dump_stack_lvl+0x16c/0x1f0 [ 1052.925505][T18548] should_fail_ex+0x512/0x640 [ 1052.925539][T18548] get_futex_key+0x1d0/0x1560 [ 1052.925565][T18548] ? __pfx_get_futex_key+0x10/0x10 [ 1052.925596][T18548] futex_wake+0xea/0x530 [ 1052.925624][T18548] ? rcu_is_watching+0x12/0xc0 [ 1052.925645][T18548] ? __pfx_futex_wake+0x10/0x10 [ 1052.925674][T18548] ? kmem_cache_free+0x2d1/0x4d0 [ 1052.925695][T18548] ? fd_install+0x225/0x750 [ 1052.925721][T18548] ? putname+0x154/0x1a0 [ 1052.925749][T18548] do_futex+0x1e3/0x350 [ 1052.925773][T18548] ? __pfx_do_futex+0x10/0x10 [ 1052.925803][T18548] __x64_sys_futex+0x1e0/0x4c0 [ 1052.925828][T18548] ? __x64_sys_openat+0x174/0x210 [ 1052.925858][T18548] ? __pfx___x64_sys_futex+0x10/0x10 [ 1052.925890][T18548] do_syscall_64+0xcd/0x490 [ 1052.925921][T18548] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1052.925941][T18548] RIP: 0033:0x7f58fc18ebe9 [ 1052.925959][T18548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1052.925979][T18548] RSP: 002b:00007f58fcf6b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1052.925997][T18548] RAX: ffffffffffffffda RBX: 00007f58fc3c5fa8 RCX: 00007f58fc18ebe9 [ 1052.926009][T18548] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f58fc3c5fac [ 1052.926021][T18548] RBP: 00007f58fc3c5fa0 R08: 00007f58fcf6c000 R09: 0000000000000000 [ 1052.926032][T18548] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 1052.926043][T18548] R13: 00007f58fc3c6038 R14: 00007ffc428cc7e0 R15: 00007ffc428cc8c8 [ 1052.926066][T18548] [ 1058.438217][T18632] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1059.035495][T18652] FAULT_INJECTION: forcing a failure. [ 1059.035495][T18652] name failslab, interval 1, probability 0, space 0, times 0 [ 1059.050824][T18652] CPU: 0 UID: 0 PID: 18652 Comm: syz.3.1999 Tainted: G U syzkaller #0 PREEMPT(full) [ 1059.050874][T18652] Tainted: [U]=USER [ 1059.050884][T18652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1059.050903][T18652] Call Trace: [ 1059.050913][T18652] [ 1059.050925][T18652] dump_stack_lvl+0x16c/0x1f0 [ 1059.050976][T18652] should_fail_ex+0x512/0x640 [ 1059.051022][T18652] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1059.051065][T18652] should_failslab+0xc2/0x120 [ 1059.051108][T18652] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1059.051147][T18652] ? vm_area_dup+0x27/0x8d0 [ 1059.051187][T18652] vm_area_dup+0x27/0x8d0 [ 1059.051224][T18652] copy_vma+0x4fa/0xaa0 [ 1059.051267][T18652] ? __pfx_copy_vma+0x10/0x10 [ 1059.051303][T18652] ? __lock_acquire+0xb97/0x1ce0 [ 1059.051351][T18652] ? register_lock_class+0x41/0x4c0 [ 1059.051411][T18652] ? rcu_is_watching+0x12/0xc0 [ 1059.051443][T18652] ? finish_task_switch.isra.0+0x221/0xc10 [ 1059.051475][T18652] ? lockdep_hardirqs_on+0x7c/0x110 [ 1059.051523][T18652] copy_vma_and_data+0x1cf/0x790 [ 1059.051573][T18652] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1059.051622][T18652] ? __vma_enter_locked+0x163/0x3f0 [ 1059.051659][T18652] ? find_held_lock+0x2b/0x80 [ 1059.051693][T18652] ? move_vma+0x536/0x1780 [ 1059.051737][T18652] move_vma+0x548/0x1780 [ 1059.051779][T18652] ? __pfx_move_vma+0x10/0x10 [ 1059.051811][T18652] ? mm_get_unmapped_area+0x95/0xe0 [ 1059.051857][T18652] ? shmem_get_unmapped_area+0x170/0xa00 [ 1059.051888][T18652] ? cap_mmap_addr+0x4b/0x120 [ 1059.051921][T18652] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1059.051963][T18652] ? security_mmap_addr+0x6c/0x1e0 [ 1059.052005][T18652] ? __get_unmapped_area+0x267/0x440 [ 1059.052052][T18652] ? vrm_set_new_addr+0x208/0x290 [ 1059.052092][T18652] mremap_to+0x1b7/0x450 [ 1059.052129][T18652] do_mremap+0x13a3/0x2010 [ 1059.052183][T18652] ? __pfx_do_mremap+0x10/0x10 [ 1059.052228][T18652] ? up_write+0x1b2/0x520 [ 1059.052282][T18652] __do_sys_mremap+0x119/0x170 [ 1059.052317][T18652] ? __pfx___do_sys_mremap+0x10/0x10 [ 1059.052364][T18652] ? __x64_sys_futex+0x1e0/0x4c0 [ 1059.052429][T18652] do_syscall_64+0xcd/0x490 [ 1059.052479][T18652] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1059.052510][T18652] RIP: 0033:0x7ff80318ebe9 [ 1059.052536][T18652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1059.052576][T18652] RSP: 002b:00007ff803f51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1059.052607][T18652] RAX: ffffffffffffffda RBX: 00007ff8033c5fa0 RCX: 00007ff80318ebe9 [ 1059.052627][T18652] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1059.052646][T18652] RBP: 00007ff803211e19 R08: 00007effffffb000 R09: 0000000000000000 [ 1059.052664][T18652] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1059.052683][T18652] R13: 00007ff8033c6038 R14: 00007ff8033c5fa0 R15: 00007ffff04ee128 [ 1059.052725][T18652] [ 1060.104970][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 1060.111410][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 1061.035546][ T30] audit: type=1800 audit(2147502259.940:27): pid=18683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2004" name=01 dev="tmpfs" ino=2746 res=0 errno=0 [ 1061.138544][ T30] audit: type=1800 audit(2147502259.980:28): pid=18683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2004" name=01 dev="tmpfs" ino=2746 res=0 errno=0 [ 1069.758892][T18837] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1074.235477][T18921] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1075.274193][T18927] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1079.766237][T19015] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1080.313681][T19027] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1082.071464][T19033] Process accounting paused [ 1085.097439][T19109] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1088.296575][T19169] [U]  [ 1088.299644][T19169] [U] [ 1088.302394][T19169] [U] [ 1088.305137][T19169] [U] [ 1088.378328][T19169] [U] [ 1088.381120][T19169] [U] [ 1088.383875][T19169] [U] [ 1088.386622][T19169] [U] [ 1088.390479][T19169] [U] [ 1088.393204][T19169] [U] [ 1088.395933][T19169] [U] [ 1088.398766][T19169] [U] [ 1088.404907][T19169] [U] [ 1088.407679][T19169] [U] [ 1088.410427][T19169] [U] [ 1088.413148][T19169] [U] [ 1088.421035][T19169] [U] [ 1088.423887][T19169] [U] [ 1088.426611][T19169] [U] [ 1088.429410][T19169] [U] [ 1088.435060][T19169] [U] [ 1088.437784][T19169] [U] [ 1088.440518][T19169] [U] [ 1088.443272][T19169] [U] [ 1088.460391][T19169] [U] [ 1088.463123][T19169] [U] [ 1088.465852][T19169] [U] [ 1088.468563][T19169] [U] [ 1088.534610][T19180] [U] [ 1089.952075][T19223] nfs: Unknown parameter 'ީiʟby7J ؀V{ [ 1089.952075][T19223] \9-*;#rRcFGL֍*(ܦ)5&yAlj Lp%Zw}GSιk' [ 1094.437960][T19295] ubi: mtd0 is already attached to ubi0 [ 1113.118348][T19649] Process accounting resumed [ 1113.466621][T19662] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1121.595073][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 1121.602974][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 1122.500675][T19833] FAULT_INJECTION: forcing a failure. [ 1122.500675][T19833] name failslab, interval 1, probability 0, space 0, times 0 [ 1122.564649][T19833] CPU: 1 UID: 0 PID: 19833 Comm: syz.1.2207 Tainted: G U syzkaller #0 PREEMPT(full) [ 1122.564702][T19833] Tainted: [U]=USER [ 1122.564713][T19833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1122.564731][T19833] Call Trace: [ 1122.564742][T19833] [ 1122.564754][T19833] dump_stack_lvl+0x16c/0x1f0 [ 1122.564807][T19833] should_fail_ex+0x512/0x640 [ 1122.564864][T19833] ? __kvmalloc_node_noprof+0x124/0x620 [ 1122.564906][T19833] should_failslab+0xc2/0x120 [ 1122.564948][T19833] __kvmalloc_node_noprof+0x137/0x620 [ 1122.564988][T19833] ? lru_gen_seq_start+0x4f/0x240 [ 1122.565034][T19833] ? rcu_is_watching+0x12/0xc0 [ 1122.565074][T19833] ? lru_gen_seq_start+0x4f/0x240 [ 1122.565118][T19833] lru_gen_seq_start+0x4f/0x240 [ 1122.565171][T19833] traverse.part.0.constprop.0+0xaf/0x640 [ 1122.565217][T19833] seq_read_iter+0x932/0x12c0 [ 1122.565266][T19833] seq_read+0x3a3/0x570 [ 1122.565298][T19833] ? __pfx_seq_read+0x10/0x10 [ 1122.565362][T19833] full_proxy_read+0x12e/0x1a0 [ 1122.565411][T19833] ? __pfx_full_proxy_read+0x10/0x10 [ 1122.565473][T19833] vfs_read+0x1e4/0xcf0 [ 1122.565519][T19833] ? __pfx_vfs_read+0x10/0x10 [ 1122.565552][T19833] ? find_held_lock+0x2b/0x80 [ 1122.565584][T19833] ? __fget_files+0x204/0x3c0 [ 1122.565625][T19833] ? __fget_files+0x20e/0x3c0 [ 1122.565672][T19833] __x64_sys_pread64+0x1eb/0x250 [ 1122.565712][T19833] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1122.565766][T19833] do_syscall_64+0xcd/0x490 [ 1122.565833][T19833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1122.565873][T19833] RIP: 0033:0x7f48ef38ebe9 [ 1122.565900][T19833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1122.565933][T19833] RSP: 002b:00007f48f0263038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1122.565964][T19833] RAX: ffffffffffffffda RBX: 00007f48ef5c5fa0 RCX: 00007f48ef38ebe9 [ 1122.565986][T19833] RDX: 00000000000007ff RSI: 0000200000000040 RDI: 0000000000000003 [ 1122.566006][T19833] RBP: 00007f48ef411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1122.566026][T19833] R10: 0000000000000400 R11: 0000000000000246 R12: 0000000000000000 [ 1122.566045][T19833] R13: 00007f48ef5c6038 R14: 00007f48ef5c5fa0 R15: 00007ffce8c82e58 [ 1122.566089][T19833] [ 1124.047693][T19872] aoe: skb alloc failure [ 1124.076447][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 1124.082927][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 1124.466480][T19879] [U]  [ 1124.469473][T19879] [U] [ 1124.472213][T19879] [U] [ 1124.474957][T19879] [U] [ 1124.518560][T19879] [U] [ 1124.521298][T19879] [U] [ 1124.523989][T19879] [U] [ 1124.526682][T19879] [U] [ 1124.574031][T19879] [U] [ 1124.576832][T19879] [U] [ 1124.579578][T19879] [U] [ 1124.582315][T19879] [U] [ 1124.656362][T19879] [U] [ 1124.659105][T19879] [U] [ 1124.661796][T19879] [U] [ 1124.664485][T19879] [U] [ 1124.833959][T19879] [U] [ 1124.836741][T19879] [U] [ 1124.839487][T19879] [U] [ 1124.842234][T19879] [U] [ 1124.932637][T19879] [U] [ 1124.935406][T19879] [U] [ 1124.938157][T19879] [U] [ 1124.940889][T19879] [U] [ 1124.977352][T19879] [U] [ 1124.980126][T19879] [U] [ 1124.982841][T19879] [U] [ 1124.985533][T19879] [U] [ 1125.088001][T19879] [U] [ 1125.090779][T19879] [U] [ 1125.093502][T19879] [U] [ 1125.096214][T19879] [U] [ 1125.138234][T19879] [U] [ 1125.141023][T19879] [U] [ 1125.143769][T19879] [U] [ 1125.146517][T19879] [U] [ 1125.285699][T19879] [U] [ 1125.288442][T19879] [U] [ 1125.291143][T19879] [U] [ 1125.293839][T19879] [U] [ 1125.414652][T19879] [U] [ 1131.061600][ T9716] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1138.113653][T20122] FAULT_INJECTION: forcing a failure. [ 1138.113653][T20122] name failslab, interval 1, probability 0, space 0, times 0 [ 1138.136464][T20122] CPU: 0 UID: 0 PID: 20122 Comm: syz.2.2256 Tainted: G U syzkaller #0 PREEMPT(full) [ 1138.136499][T20122] Tainted: [U]=USER [ 1138.136506][T20122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1138.136518][T20122] Call Trace: [ 1138.136526][T20122] [ 1138.136534][T20122] dump_stack_lvl+0x16c/0x1f0 [ 1138.136567][T20122] should_fail_ex+0x512/0x640 [ 1138.136597][T20122] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1138.136620][T20122] should_failslab+0xc2/0x120 [ 1138.136646][T20122] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1138.136666][T20122] ? lockdep_init_map_type+0x5c/0x280 [ 1138.136692][T20122] ? snd_seq_prioq_new+0x3f/0x110 [ 1138.136722][T20122] snd_seq_prioq_new+0x3f/0x110 [ 1138.136748][T20122] snd_seq_queue_alloc+0x153/0x5a0 [ 1138.136776][T20122] snd_seq_ioctl_create_queue+0xa9/0x380 [ 1138.136815][T20122] snd_seq_kernel_client_ctl+0x10a/0x1c0 [ 1138.136838][T20122] alloc_seq_queue+0xda/0x180 [ 1138.136858][T20122] ? __pfx_alloc_seq_queue+0x10/0x10 [ 1138.136890][T20122] ? mark_held_locks+0x49/0x80 [ 1138.136913][T20122] ? _raw_spin_unlock_irq+0x23/0x50 [ 1138.136941][T20122] snd_seq_oss_open+0x38c/0xa20 [ 1138.136966][T20122] odev_open+0x6f/0x90 [ 1138.136983][T20122] ? __pfx_odev_open+0x10/0x10 [ 1138.137000][T20122] soundcore_open+0x409/0x580 [ 1138.137032][T20122] ? __pfx_soundcore_open+0x10/0x10 [ 1138.137061][T20122] chrdev_open+0x231/0x6a0 [ 1138.137085][T20122] ? __pfx_apparmor_file_open+0x10/0x10 [ 1138.137106][T20122] ? __pfx_chrdev_open+0x10/0x10 [ 1138.137132][T20122] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1138.137158][T20122] do_dentry_open+0x97f/0x1530 [ 1138.137182][T20122] ? __pfx_chrdev_open+0x10/0x10 [ 1138.137211][T20122] vfs_open+0x82/0x3f0 [ 1138.137241][T20122] path_openat+0x1de4/0x2cb0 [ 1138.137271][T20122] ? __pfx_path_openat+0x10/0x10 [ 1138.137299][T20122] do_filp_open+0x20b/0x470 [ 1138.137322][T20122] ? __pfx_do_filp_open+0x10/0x10 [ 1138.137360][T20122] ? alloc_fd+0x471/0x7d0 [ 1138.137387][T20122] do_sys_openat2+0x11b/0x1d0 [ 1138.137420][T20122] ? __pfx_do_sys_openat2+0x10/0x10 [ 1138.137457][T20122] __x64_sys_openat+0x174/0x210 [ 1138.137487][T20122] ? __pfx___x64_sys_openat+0x10/0x10 [ 1138.137525][T20122] do_syscall_64+0xcd/0x490 [ 1138.137556][T20122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1138.137576][T20122] RIP: 0033:0x7f5bd5d8ebe9 [ 1138.137593][T20122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1138.137611][T20122] RSP: 002b:00007f5bd6b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1138.137629][T20122] RAX: ffffffffffffffda RBX: 00007f5bd5fc5fa0 RCX: 00007f5bd5d8ebe9 [ 1138.137641][T20122] RDX: 0000000000000001 RSI: 0000200000001bc0 RDI: ffffffffffffff9c [ 1138.137653][T20122] RBP: 00007f5bd5e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1138.137664][T20122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1138.137675][T20122] R13: 00007f5bd5fc6038 R14: 00007f5bd5fc5fa0 R15: 00007fff5fa4c658 [ 1138.137699][T20122] [ 1143.340975][T20169] Process accounting paused [ 1146.718583][T20258] FAULT_INJECTION: forcing a failure. [ 1146.718583][T20258] name failslab, interval 1, probability 0, space 0, times 0 [ 1146.814654][T20258] CPU: 0 UID: 0 PID: 20258 Comm: syz.0.2276 Tainted: G U syzkaller #0 PREEMPT(full) [ 1146.814696][T20258] Tainted: [U]=USER [ 1146.814711][T20258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1146.814722][T20258] Call Trace: [ 1146.814729][T20258] [ 1146.814738][T20258] dump_stack_lvl+0x16c/0x1f0 [ 1146.814774][T20258] should_fail_ex+0x512/0x640 [ 1146.814804][T20258] ? fs_reclaim_acquire+0xae/0x150 [ 1146.814835][T20258] should_failslab+0xc2/0x120 [ 1146.814860][T20258] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1146.814885][T20258] ? ima_inode_get+0x120/0x580 [ 1146.814910][T20258] ima_inode_get+0x120/0x580 [ 1146.814932][T20258] process_measurement+0x585/0x23e0 [ 1146.814961][T20258] ? __lock_acquire+0x62e/0x1ce0 [ 1146.814987][T20258] ? __pfx_process_measurement+0x10/0x10 [ 1146.815007][T20258] ? kasan_save_stack+0x33/0x60 [ 1146.815029][T20258] ? __kasan_slab_alloc+0x89/0x90 [ 1146.815050][T20258] ? security_file_alloc+0x34/0x2b0 [ 1146.815075][T20258] ? init_file+0x93/0x4c0 [ 1146.815106][T20258] ? find_held_lock+0x2b/0x80 [ 1146.815152][T20258] ima_file_mmap+0x1b1/0x1d0 [ 1146.815172][T20258] ? __pfx_ima_file_mmap+0x10/0x10 [ 1146.815197][T20258] security_mmap_file+0x88c/0x990 [ 1146.815224][T20258] vm_mmap_pgoff+0xec/0x470 [ 1146.815254][T20258] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1146.815279][T20258] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1146.815308][T20258] ? hugetlbfs_get_inode+0x31f/0x730 [ 1146.815336][T20258] ksys_mmap_pgoff+0x1c8/0x5c0 [ 1146.815366][T20258] __x64_sys_mmap+0x125/0x190 [ 1146.815398][T20258] do_syscall_64+0xcd/0x490 [ 1146.815429][T20258] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1146.815448][T20258] RIP: 0033:0x7f58fc18ebe9 [ 1146.815464][T20258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1146.815482][T20258] RSP: 002b:00007f58fcf6b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1146.815501][T20258] RAX: ffffffffffffffda RBX: 00007f58fc3c5fa0 RCX: 00007f58fc18ebe9 [ 1146.815513][T20258] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 1146.815524][T20258] RBP: 00007f58fc211e19 R08: 0000000000000401 R09: 0000300000000000 [ 1146.815536][T20258] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1146.815547][T20258] R13: 00007f58fc3c6038 R14: 00007f58fc3c5fa0 R15: 00007ffc428cc8c8 [ 1146.815570][T20258] [ 1147.918728][T20278] FAULT_INJECTION: forcing a failure. [ 1147.918728][T20278] name failslab, interval 1, probability 0, space 0, times 0 [ 1147.932553][T20278] CPU: 1 UID: 0 PID: 20278 Comm: syz.0.2281 Tainted: G U syzkaller #0 PREEMPT(full) [ 1147.932606][T20278] Tainted: [U]=USER [ 1147.932616][T20278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1147.932636][T20278] Call Trace: [ 1147.932647][T20278] [ 1147.932659][T20278] dump_stack_lvl+0x16c/0x1f0 [ 1147.932710][T20278] should_fail_ex+0x512/0x640 [ 1147.932756][T20278] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 1147.932803][T20278] should_failslab+0xc2/0x120 [ 1147.932847][T20278] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 1147.932887][T20278] ? chrdev_open+0x231/0x6a0 [ 1147.932925][T20278] ? do_dentry_open+0x97f/0x1530 [ 1147.932973][T20278] ? vfs_open+0x82/0x3f0 [ 1147.933016][T20278] ? kasprintf+0xc7/0x100 [ 1147.933058][T20278] kvasprintf+0xbc/0x160 [ 1147.933095][T20278] ? __pfx_kvasprintf+0x10/0x10 [ 1147.933149][T20278] kasprintf+0xc7/0x100 [ 1147.933185][T20278] ? __pfx_kasprintf+0x10/0x10 [ 1147.933225][T20278] ? aa_get_newest_label+0xd2/0x250 [ 1147.933262][T20278] ? lockdep_init_map_type+0x5c/0x280 [ 1147.933315][T20278] drm_debugfs_clients_add+0x48/0x200 [ 1147.933351][T20278] drm_file_alloc+0x5c6/0xb40 [ 1147.933393][T20278] drm_open_helper+0x204/0x550 [ 1147.933436][T20278] drm_open+0x1a0/0x3e0 [ 1147.933472][T20278] ? __pfx_drm_open+0x10/0x10 [ 1147.933508][T20278] drm_stub_open+0x20c/0x380 [ 1147.933546][T20278] ? __pfx_drm_stub_open+0x10/0x10 [ 1147.933582][T20278] chrdev_open+0x231/0x6a0 [ 1147.933622][T20278] ? __pfx_apparmor_file_open+0x10/0x10 [ 1147.933658][T20278] ? __pfx_chrdev_open+0x10/0x10 [ 1147.933700][T20278] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1147.933745][T20278] do_dentry_open+0x97f/0x1530 [ 1147.933785][T20278] ? __pfx_chrdev_open+0x10/0x10 [ 1147.933835][T20278] vfs_open+0x82/0x3f0 [ 1147.933888][T20278] path_openat+0x1de4/0x2cb0 [ 1147.933949][T20278] ? __pfx_path_openat+0x10/0x10 [ 1147.934002][T20278] do_filp_open+0x20b/0x470 [ 1147.934042][T20278] ? __pfx_do_filp_open+0x10/0x10 [ 1147.934118][T20278] ? alloc_fd+0x471/0x7d0 [ 1147.934168][T20278] do_sys_openat2+0x11b/0x1d0 [ 1147.934218][T20278] ? __pfx_do_sys_openat2+0x10/0x10 [ 1147.934287][T20278] __x64_sys_openat+0x174/0x210 [ 1147.934338][T20278] ? __pfx___x64_sys_openat+0x10/0x10 [ 1147.934408][T20278] do_syscall_64+0xcd/0x490 [ 1147.934460][T20278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1147.934494][T20278] RIP: 0033:0x7f58fc18ebe9 [ 1147.934519][T20278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1147.934550][T20278] RSP: 002b:00007f58fcf6b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1147.934581][T20278] RAX: ffffffffffffffda RBX: 00007f58fc3c5fa0 RCX: 00007f58fc18ebe9 [ 1147.934602][T20278] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1147.934622][T20278] RBP: 00007f58fc211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1147.934641][T20278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1147.934660][T20278] R13: 00007f58fc3c6038 R14: 00007f58fc3c5fa0 R15: 00007ffc428cc8c8 [ 1147.934700][T20278] [ 1155.138281][T20407] FAULT_INJECTION: forcing a failure. [ 1155.138281][T20407] name failslab, interval 1, probability 0, space 0, times 0 [ 1155.209057][T20407] CPU: 0 UID: 0 PID: 20407 Comm: syz.2.2297 Tainted: G U syzkaller #0 PREEMPT(full) [ 1155.209090][T20407] Tainted: [U]=USER [ 1155.209097][T20407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1155.209109][T20407] Call Trace: [ 1155.209115][T20407] [ 1155.209123][T20407] dump_stack_lvl+0x16c/0x1f0 [ 1155.209157][T20407] should_fail_ex+0x512/0x640 [ 1155.209187][T20407] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1155.209210][T20407] should_failslab+0xc2/0x120 [ 1155.209235][T20407] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1155.209253][T20407] ? kfree+0x2b4/0x4d0 [ 1155.209269][T20407] ? memtype_get_idx+0x3d/0xc0 [ 1155.209296][T20407] memtype_get_idx+0x3d/0xc0 [ 1155.209318][T20407] seq_read_iter+0xa0f/0x12c0 [ 1155.209347][T20407] seq_read+0x3a3/0x570 [ 1155.209365][T20407] ? __pfx_seq_read+0x10/0x10 [ 1155.209400][T20407] full_proxy_read+0x12e/0x1a0 [ 1155.209428][T20407] ? __pfx_full_proxy_read+0x10/0x10 [ 1155.209458][T20407] vfs_read+0x1e4/0xcf0 [ 1155.209482][T20407] ? __pfx___mutex_lock+0x10/0x10 [ 1155.209511][T20407] ? __pfx_vfs_read+0x10/0x10 [ 1155.209539][T20407] ? __fget_files+0x20e/0x3c0 [ 1155.209566][T20407] ksys_read+0x12a/0x250 [ 1155.209587][T20407] ? __pfx_ksys_read+0x10/0x10 [ 1155.209615][T20407] do_syscall_64+0xcd/0x490 [ 1155.209645][T20407] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1155.209664][T20407] RIP: 0033:0x7f5bd5d8ebe9 [ 1155.209680][T20407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1155.209699][T20407] RSP: 002b:00007f5bd6b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1155.209718][T20407] RAX: ffffffffffffffda RBX: 00007f5bd5fc5fa0 RCX: 00007f5bd5d8ebe9 [ 1155.209730][T20407] RDX: 00000000000000f8 RSI: 0000200000000240 RDI: 0000000000000005 [ 1155.209742][T20407] RBP: 00007f5bd5e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1155.209753][T20407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1155.209764][T20407] R13: 00007f5bd5fc6038 R14: 00007f5bd5fc5fa0 R15: 00007fff5fa4c658 [ 1155.209788][T20407] [ 1155.972046][T20417] FAULT_INJECTION: forcing a failure. [ 1155.972046][T20417] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1156.049742][T20417] CPU: 0 UID: 0 PID: 20417 Comm: syz.1.2298 Tainted: G U syzkaller #0 PREEMPT(full) [ 1156.049796][T20417] Tainted: [U]=USER [ 1156.049807][T20417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1156.049826][T20417] Call Trace: [ 1156.049846][T20417] [ 1156.049858][T20417] dump_stack_lvl+0x16c/0x1f0 [ 1156.049911][T20417] should_fail_ex+0x512/0x640 [ 1156.049968][T20417] should_fail_alloc_page+0xe7/0x130 [ 1156.050015][T20417] prepare_alloc_pages+0x3c2/0x610 [ 1156.050069][T20417] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1156.050112][T20417] ? find_held_lock+0x2b/0x80 [ 1156.050146][T20417] ? __dquot_free_space+0xba2/0xda0 [ 1156.050191][T20417] ? do_raw_spin_unlock+0x172/0x230 [ 1156.050241][T20417] ? _raw_spin_unlock+0x28/0x50 [ 1156.050283][T20417] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1156.050327][T20417] ? __lock_acquire+0x62e/0x1ce0 [ 1156.050384][T20417] ? css_rstat_updated+0x1c2/0x510 [ 1156.050419][T20417] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1156.050469][T20417] ? policy_nodemask+0xea/0x4e0 [ 1156.050516][T20417] alloc_pages_mpol+0x1fb/0x550 [ 1156.050560][T20417] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1156.050614][T20417] alloc_pages_noprof+0x131/0x390 [ 1156.050659][T20417] __pmd_alloc+0x3b/0x930 [ 1156.050712][T20417] __handle_mm_fault+0xa06/0x2a50 [ 1156.050757][T20417] ? mt_find+0x3ef/0xa30 [ 1156.050788][T20417] ? __pfx___handle_mm_fault+0x10/0x10 [ 1156.050818][T20417] ? __pfx_mt_find+0x10/0x10 [ 1156.050888][T20417] ? find_vma+0xbf/0x140 [ 1156.050928][T20417] ? __pfx_find_vma+0x10/0x10 [ 1156.050976][T20417] handle_mm_fault+0x589/0xd10 [ 1156.051011][T20417] ? trace_raw_output_exceptions+0x131/0x150 [ 1156.051065][T20417] do_user_addr_fault+0x7a6/0x1370 [ 1156.051120][T20417] ? rcu_is_watching+0x12/0xc0 [ 1156.051159][T20417] exc_page_fault+0x5c/0xb0 [ 1156.051206][T20417] asm_exc_page_fault+0x26/0x30 [ 1156.051235][T20417] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 1156.051274][T20417] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 1156.051306][T20417] RSP: 0018:ffffc90003b2fb98 EFLAGS: 00050202 [ 1156.051332][T20417] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000009 [ 1156.051351][T20417] RDX: fffff52000765f82 RSI: 0000000000000000 RDI: ffffc90003b2fc08 [ 1156.051371][T20417] RBP: 0000000000000009 R08: 0000000000000001 R09: fffff52000765f82 [ 1156.051390][T20417] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 1156.051409][T20417] R13: ffffc90003b2fc08 R14: ffffc90003b2fc08 R15: ffffffff825bdf40 [ 1156.051430][T20417] ? __pfx_oom_adj_write+0x10/0x10 [ 1156.051491][T20417] _copy_from_user+0x98/0xd0 [ 1156.051528][T20417] oom_adj_write+0xb4/0x260 [ 1156.051564][T20417] ? __pfx_oom_adj_write+0x10/0x10 [ 1156.051618][T20417] ? __pfx_oom_adj_write+0x10/0x10 [ 1156.051652][T20417] vfs_writev+0x5df/0xde0 [ 1156.051701][T20417] ? __pfx_vfs_writev+0x10/0x10 [ 1156.051732][T20417] ? __mutex_lock+0x1c5/0x1060 [ 1156.051795][T20417] ? __pfx___mutex_lock+0x10/0x10 [ 1156.051870][T20417] ? __fget_files+0x20e/0x3c0 [ 1156.051917][T20417] ? do_writev+0x132/0x340 [ 1156.051948][T20417] do_writev+0x132/0x340 [ 1156.051982][T20417] ? __pfx_do_writev+0x10/0x10 [ 1156.052029][T20417] do_syscall_64+0xcd/0x490 [ 1156.052078][T20417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1156.052108][T20417] RIP: 0033:0x7f48ef38ebe9 [ 1156.052133][T20417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1156.052162][T20417] RSP: 002b:00007f48f0263038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1156.052191][T20417] RAX: ffffffffffffffda RBX: 00007f48ef5c5fa0 RCX: 00007f48ef38ebe9 [ 1156.052211][T20417] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000003 [ 1156.052230][T20417] RBP: 00007f48ef411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1156.052248][T20417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1156.052267][T20417] R13: 00007f48ef5c6038 R14: 00007f48ef5c5fa0 R15: 00007ffce8c82e58 [ 1156.052310][T20417] [ 1157.780360][T20453] kvm: kvm [20451]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010007) = 0xffffffffffffffff [ 1159.641056][T20484] i2c i2c-0: delete_device: Can't find device in list [ 1162.406337][T20555] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1162.626415][T20557] misc userio: The device must be registered before sending interrupts [ 1173.627356][T20727] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1174.462460][T20738] Process accounting resumed [ 1178.119313][T20798] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1182.032732][T20853] busy [ 1182.045920][T20851] FAULT_INJECTION: forcing a failure. [ 1182.045920][T20851] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1182.094723][T20851] CPU: 0 UID: 0 PID: 20851 Comm: syz.1.2380 Tainted: G U syzkaller #0 PREEMPT(full) [ 1182.094776][T20851] Tainted: [U]=USER [ 1182.094787][T20851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1182.094807][T20851] Call Trace: [ 1182.094818][T20851] [ 1182.094830][T20851] dump_stack_lvl+0x16c/0x1f0 [ 1182.094882][T20851] should_fail_ex+0x512/0x640 [ 1182.094940][T20851] _copy_from_user+0x2e/0xd0 [ 1182.094977][T20851] kvm_dev_ioctl_get_cpuid+0x43f/0x700 [ 1182.095032][T20851] ? __might_fault+0xe3/0x190 [ 1182.095070][T20851] ? __pfx_kvm_dev_ioctl_get_cpuid+0x10/0x10 [ 1182.095139][T20851] kvm_arch_dev_ioctl+0x3f8/0x760 [ 1182.095176][T20851] ? __pfx_kvm_arch_dev_ioctl+0x10/0x10 [ 1182.095224][T20851] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1182.095280][T20851] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1182.095332][T20851] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1182.095381][T20851] kvm_dev_ioctl+0x721/0x1af0 [ 1182.095422][T20851] ? find_held_lock+0x2b/0x80 [ 1182.095453][T20851] ? hook_file_ioctl_common+0x145/0x410 [ 1182.095496][T20851] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 1182.095533][T20851] ? __fget_files+0x20e/0x3c0 [ 1182.095572][T20851] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 1182.095606][T20851] __x64_sys_ioctl+0x18e/0x210 [ 1182.095658][T20851] do_syscall_64+0xcd/0x490 [ 1182.095708][T20851] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1182.095740][T20851] RIP: 0033:0x7f48ef38ebe9 [ 1182.095767][T20851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1182.095798][T20851] RSP: 002b:00007f48f0263038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1182.095828][T20851] RAX: ffffffffffffffda RBX: 00007f48ef5c5fa0 RCX: 00007f48ef38ebe9 [ 1182.095848][T20851] RDX: 0000000000000000 RSI: 00000000c008ae09 RDI: 0000000000000005 [ 1182.095868][T20851] RBP: 00007f48ef411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1182.095886][T20851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1182.095904][T20851] R13: 00007f48ef5c6038 R14: 00007f48ef5c5fa0 R15: 00007ffce8c82e58 [ 1182.095945][T20851] [ 1183.055376][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 1183.062247][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 1183.084455][T20884] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1188.326242][T20973] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1197.376983][T21130] FAULT_INJECTION: forcing a failure. [ 1197.376983][T21130] name failslab, interval 1, probability 0, space 0, times 0 [ 1197.390209][T21130] CPU: 1 UID: 0 PID: 21130 Comm: syz.2.2428 Tainted: G U syzkaller #0 PREEMPT(full) [ 1197.390264][T21130] Tainted: [U]=USER [ 1197.390275][T21130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1197.390294][T21130] Call Trace: [ 1197.390305][T21130] [ 1197.390318][T21130] dump_stack_lvl+0x16c/0x1f0 [ 1197.390386][T21130] should_fail_ex+0x512/0x640 [ 1197.390436][T21130] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 1197.390485][T21130] should_failslab+0xc2/0x120 [ 1197.390527][T21130] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 1197.390572][T21130] ? __kthread_create_on_node+0x186/0x3f0 [ 1197.390642][T21130] kvasprintf+0xbc/0x160 [ 1197.390680][T21130] ? __pfx_kvasprintf+0x10/0x10 [ 1197.390734][T21130] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 1197.390784][T21130] __kthread_create_on_node+0x186/0x3f0 [ 1197.390829][T21130] ? __pfx___kthread_create_on_node+0x10/0x10 [ 1197.390888][T21130] ? __lock_acquire+0xb97/0x1ce0 [ 1197.390933][T21130] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 1197.390985][T21130] kthread_create_on_node+0xc7/0x100 [ 1197.391027][T21130] ? __pfx_kthread_create_on_node+0x10/0x10 [ 1197.391079][T21130] ? mark_held_locks+0x49/0x80 [ 1197.391117][T21130] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1197.391161][T21130] ? lockdep_hardirqs_on+0x7c/0x110 [ 1197.391213][T21130] dvb_frontend_open+0xf47/0x1730 [ 1197.391274][T21130] ? __pfx_dvb_frontend_open+0x10/0x10 [ 1197.391326][T21130] dvb_device_open+0x270/0x3b0 [ 1197.391364][T21130] ? __pfx_dvb_device_open+0x10/0x10 [ 1197.391394][T21130] chrdev_open+0x231/0x6a0 [ 1197.391434][T21130] ? __pfx_apparmor_file_open+0x10/0x10 [ 1197.391471][T21130] ? __pfx_chrdev_open+0x10/0x10 [ 1197.391514][T21130] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1197.391559][T21130] do_dentry_open+0x97f/0x1530 [ 1197.391600][T21130] ? __pfx_chrdev_open+0x10/0x10 [ 1197.391650][T21130] vfs_open+0x82/0x3f0 [ 1197.391703][T21130] path_openat+0x1de4/0x2cb0 [ 1197.391756][T21130] ? __pfx_path_openat+0x10/0x10 [ 1197.391804][T21130] do_filp_open+0x20b/0x470 [ 1197.391843][T21130] ? __pfx_do_filp_open+0x10/0x10 [ 1197.391914][T21130] ? alloc_fd+0x471/0x7d0 [ 1197.391961][T21130] do_sys_openat2+0x11b/0x1d0 [ 1197.392009][T21130] ? __pfx_do_sys_openat2+0x10/0x10 [ 1197.392075][T21130] __x64_sys_openat+0x174/0x210 [ 1197.392124][T21130] ? __pfx___x64_sys_openat+0x10/0x10 [ 1197.392191][T21130] do_syscall_64+0xcd/0x490 [ 1197.392242][T21130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1197.392275][T21130] RIP: 0033:0x7f5bd5d8ebe9 [ 1197.392301][T21130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1197.392333][T21130] RSP: 002b:00007f5bd6b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1197.392375][T21130] RAX: ffffffffffffffda RBX: 00007f5bd5fc5fa0 RCX: 00007f5bd5d8ebe9 [ 1197.392396][T21130] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1197.392417][T21130] RBP: 00007f5bd5e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1197.392438][T21130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1197.392458][T21130] R13: 00007f5bd5fc6038 R14: 00007f5bd5fc5fa0 R15: 00007fff5fa4c658 [ 1197.392505][T21130] [ 1197.392547][T21130] i2c i2c-0: dvb_frontend_start: failed to start kthread (-12) [ 1198.847341][T21145] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1198.989906][T21150] FAULT_INJECTION: forcing a failure. [ 1198.989906][T21150] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1199.146357][T21150] CPU: 1 UID: 0 PID: 21150 Comm: syz.2.2432 Tainted: G U syzkaller #0 PREEMPT(full) [ 1199.146410][T21150] Tainted: [U]=USER [ 1199.146421][T21150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1199.146440][T21150] Call Trace: [ 1199.146450][T21150] [ 1199.146463][T21150] dump_stack_lvl+0x16c/0x1f0 [ 1199.146511][T21150] should_fail_ex+0x512/0x640 [ 1199.146565][T21150] _copy_from_iter+0x463/0x1720 [ 1199.146610][T21150] ? __pfx__copy_from_iter+0x10/0x10 [ 1199.146650][T21150] ? __pfx___might_resched+0x10/0x10 [ 1199.146692][T21150] file_tty_write.constprop.0+0x488/0x9b0 [ 1199.146755][T21150] do_iter_readv_writev+0x662/0x9e0 [ 1199.146795][T21150] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1199.146835][T21150] ? bpf_lsm_file_permission+0x9/0x10 [ 1199.146879][T21150] ? security_file_permission+0x71/0x210 [ 1199.146920][T21150] ? rw_verify_area+0xcf/0x6c0 [ 1199.146956][T21150] vfs_writev+0x35f/0xde0 [ 1199.146995][T21150] ? __lock_acquire+0x62e/0x1ce0 [ 1199.147034][T21150] ? __pfx_vfs_writev+0x10/0x10 [ 1199.147109][T21150] ? __fget_files+0x20e/0x3c0 [ 1199.147155][T21150] ? do_writev+0x132/0x340 [ 1199.147186][T21150] do_writev+0x132/0x340 [ 1199.147222][T21150] ? __pfx_do_writev+0x10/0x10 [ 1199.147270][T21150] do_syscall_64+0xcd/0x490 [ 1199.147327][T21150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1199.147358][T21150] RIP: 0033:0x7f5bd5d8ebe9 [ 1199.147383][T21150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1199.147413][T21150] RSP: 002b:00007f5bd6b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1199.147443][T21150] RAX: ffffffffffffffda RBX: 00007f5bd5fc5fa0 RCX: 00007f5bd5d8ebe9 [ 1199.147463][T21150] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 1199.147481][T21150] RBP: 00007f5bd5e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1199.147498][T21150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1199.147515][T21150] R13: 00007f5bd5fc6038 R14: 00007f5bd5fc5fa0 R15: 00007fff5fa4c658 [ 1199.147555][T21150] [ 1205.036358][T21237] FAULT_INJECTION: forcing a failure. [ 1205.036358][T21237] name failslab, interval 1, probability 0, space 0, times 0 [ 1205.103229][T21237] CPU: 1 UID: 0 PID: 21237 Comm: syz.0.2450 Tainted: G U syzkaller #0 PREEMPT(full) [ 1205.103291][T21237] Tainted: [U]=USER [ 1205.103302][T21237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1205.103321][T21237] Call Trace: [ 1205.103332][T21237] [ 1205.103345][T21237] dump_stack_lvl+0x16c/0x1f0 [ 1205.103396][T21237] should_fail_ex+0x512/0x640 [ 1205.103446][T21237] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 1205.103493][T21237] should_failslab+0xc2/0x120 [ 1205.103535][T21237] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 1205.103578][T21237] ? __kthread_create_on_node+0x186/0x3f0 [ 1205.103625][T21237] kvasprintf+0xbc/0x160 [ 1205.103660][T21237] ? __pfx_kvasprintf+0x10/0x10 [ 1205.103714][T21237] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 1205.103761][T21237] __kthread_create_on_node+0x186/0x3f0 [ 1205.103804][T21237] ? __pfx___kthread_create_on_node+0x10/0x10 [ 1205.103862][T21237] ? __lock_acquire+0xb97/0x1ce0 [ 1205.103907][T21237] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 1205.103955][T21237] kthread_create_on_node+0xc7/0x100 [ 1205.103997][T21237] ? __pfx_kthread_create_on_node+0x10/0x10 [ 1205.104046][T21237] ? mark_held_locks+0x49/0x80 [ 1205.104086][T21237] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1205.104129][T21237] ? lockdep_hardirqs_on+0x7c/0x110 [ 1205.104179][T21237] dvb_frontend_open+0xf47/0x1730 [ 1205.104240][T21237] ? __pfx_dvb_frontend_open+0x10/0x10 [ 1205.104304][T21237] dvb_device_open+0x270/0x3b0 [ 1205.104334][T21237] ? __pfx_dvb_device_open+0x10/0x10 [ 1205.104364][T21237] chrdev_open+0x231/0x6a0 [ 1205.104405][T21237] ? __pfx_apparmor_file_open+0x10/0x10 [ 1205.104441][T21237] ? __pfx_chrdev_open+0x10/0x10 [ 1205.104485][T21237] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1205.104529][T21237] do_dentry_open+0x97f/0x1530 [ 1205.104570][T21237] ? __pfx_chrdev_open+0x10/0x10 [ 1205.104620][T21237] vfs_open+0x82/0x3f0 [ 1205.104672][T21237] path_openat+0x1de4/0x2cb0 [ 1205.104724][T21237] ? __pfx_path_openat+0x10/0x10 [ 1205.104774][T21237] do_filp_open+0x20b/0x470 [ 1205.104812][T21237] ? __pfx_do_filp_open+0x10/0x10 [ 1205.104883][T21237] ? alloc_fd+0x471/0x7d0 [ 1205.104932][T21237] do_sys_openat2+0x11b/0x1d0 [ 1205.104980][T21237] ? __pfx_do_sys_openat2+0x10/0x10 [ 1205.105044][T21237] __x64_sys_openat+0x174/0x210 [ 1205.105094][T21237] ? __pfx___x64_sys_openat+0x10/0x10 [ 1205.105161][T21237] do_syscall_64+0xcd/0x490 [ 1205.105211][T21237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1205.105241][T21237] RIP: 0033:0x7f58fc18ebe9 [ 1205.105274][T21237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1205.105305][T21237] RSP: 002b:00007f58fcf6b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1205.105335][T21237] RAX: ffffffffffffffda RBX: 00007f58fc3c5fa0 RCX: 00007f58fc18ebe9 [ 1205.105356][T21237] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1205.105377][T21237] RBP: 00007f58fc211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1205.105396][T21237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1205.105415][T21237] R13: 00007f58fc3c6038 R14: 00007f58fc3c5fa0 R15: 00007ffc428cc8c8 [ 1205.105460][T21237] [ 1205.430190][T21237] i2c i2c-0: dvb_frontend_start: failed to start kthread (-12) [ 1206.080866][T21218] Process accounting paused [ 1206.530697][T21264] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 1206.858906][T21264] audit: out of memory in audit_log_start [ 1208.985413][T21304] FAULT_INJECTION: forcing a failure. [ 1208.985413][T21304] name failslab, interval 1, probability 0, space 0, times 0 [ 1209.036963][T21304] CPU: 1 UID: 0 PID: 21304 Comm: syz.0.2461 Tainted: G U syzkaller #0 PREEMPT(full) [ 1209.036998][T21304] Tainted: [U]=USER [ 1209.037005][T21304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1209.037017][T21304] Call Trace: [ 1209.037023][T21304] [ 1209.037031][T21304] dump_stack_lvl+0x16c/0x1f0 [ 1209.037066][T21304] should_fail_ex+0x512/0x640 [ 1209.037095][T21304] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1209.037119][T21304] should_failslab+0xc2/0x120 [ 1209.037143][T21304] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1209.037163][T21304] ? uinput_open+0x48/0x160 [ 1209.037195][T21304] uinput_open+0x48/0x160 [ 1209.037220][T21304] ? __pfx_uinput_open+0x10/0x10 [ 1209.037254][T21304] misc_open+0x35d/0x420 [ 1209.037278][T21304] ? __pfx_misc_open+0x10/0x10 [ 1209.037301][T21304] chrdev_open+0x231/0x6a0 [ 1209.037326][T21304] ? __pfx_apparmor_file_open+0x10/0x10 [ 1209.037349][T21304] ? __pfx_chrdev_open+0x10/0x10 [ 1209.037375][T21304] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1209.037401][T21304] do_dentry_open+0x97f/0x1530 [ 1209.037424][T21304] ? __pfx_chrdev_open+0x10/0x10 [ 1209.037453][T21304] vfs_open+0x82/0x3f0 [ 1209.037484][T21304] path_openat+0x1de4/0x2cb0 [ 1209.037513][T21304] ? __pfx_path_openat+0x10/0x10 [ 1209.037542][T21304] do_filp_open+0x20b/0x470 [ 1209.037565][T21304] ? __pfx_do_filp_open+0x10/0x10 [ 1209.037603][T21304] ? alloc_fd+0x471/0x7d0 [ 1209.037630][T21304] do_sys_openat2+0x11b/0x1d0 [ 1209.037658][T21304] ? __pfx_do_sys_openat2+0x10/0x10 [ 1209.037689][T21304] ? __pfx___might_resched+0x10/0x10 [ 1209.037714][T21304] __x64_sys_openat+0x174/0x210 [ 1209.037743][T21304] ? __pfx___x64_sys_openat+0x10/0x10 [ 1209.037782][T21304] do_syscall_64+0xcd/0x490 [ 1209.037813][T21304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1209.037832][T21304] RIP: 0033:0x7f58fc18ebe9 [ 1209.037848][T21304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1209.037867][T21304] RSP: 002b:00007f58fcf6b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1209.037886][T21304] RAX: ffffffffffffffda RBX: 00007f58fc3c5fa0 RCX: 00007f58fc18ebe9 [ 1209.037898][T21304] RDX: 0000000000101000 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 1209.037910][T21304] RBP: 00007f58fc211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1209.037921][T21304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1209.037932][T21304] R13: 00007f58fc3c6038 R14: 00007f58fc3c5fa0 R15: 00007ffc428cc8c8 [ 1209.037956][T21304] [ 1210.531955][T21334] ================================================================== [ 1210.540064][T21334] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 1210.547808][T21334] Read of size 8 at addr ffff888143f7b418 by task syz.0.2468/21334 [ 1210.555698][T21334] [ 1210.558031][T21334] CPU: 1 UID: 0 PID: 21334 Comm: syz.0.2468 Tainted: G U syzkaller #0 PREEMPT(full) [ 1210.558061][T21334] Tainted: [U]=USER [ 1210.558068][T21334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1210.558080][T21334] Call Trace: [ 1210.558087][T21334] [ 1210.558095][T21334] dump_stack_lvl+0x116/0x1f0 [ 1210.558127][T21334] print_report+0xcd/0x630 [ 1210.558152][T21334] ? __virt_addr_valid+0x81/0x610 [ 1210.558176][T21334] ? __phys_addr+0xe8/0x180 [ 1210.558198][T21334] ? dvb_device_open+0x36a/0x3b0 [ 1210.558216][T21334] kasan_report+0xe0/0x110 [ 1210.558239][T21334] ? dvb_device_open+0x36a/0x3b0 [ 1210.558257][T21334] ? __pfx_dvb_device_open+0x10/0x10 [ 1210.558274][T21334] dvb_device_open+0x36a/0x3b0 [ 1210.558290][T21334] ? __pfx_dvb_device_open+0x10/0x10 [ 1210.558308][T21334] chrdev_open+0x231/0x6a0 [ 1210.558331][T21334] ? __pfx_apparmor_file_open+0x10/0x10 [ 1210.558352][T21334] ? __pfx_chrdev_open+0x10/0x10 [ 1210.558377][T21334] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1210.558401][T21334] do_dentry_open+0x97f/0x1530 [ 1210.558424][T21334] ? __pfx_chrdev_open+0x10/0x10 [ 1210.558449][T21334] vfs_open+0x82/0x3f0 [ 1210.558476][T21334] path_openat+0x1de4/0x2cb0 [ 1210.558501][T21334] ? __pfx_path_openat+0x10/0x10 [ 1210.558524][T21334] do_filp_open+0x20b/0x470 [ 1210.558546][T21334] ? __pfx_do_filp_open+0x10/0x10 [ 1210.558574][T21334] ? alloc_fd+0x471/0x7d0 [ 1210.558595][T21334] do_sys_openat2+0x11b/0x1d0 [ 1210.558623][T21334] ? __pfx_do_sys_openat2+0x10/0x10 [ 1210.558654][T21334] __x64_sys_openat+0x174/0x210 [ 1210.558682][T21334] ? __pfx___x64_sys_openat+0x10/0x10 [ 1210.558714][T21334] do_syscall_64+0xcd/0x490 [ 1210.558742][T21334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1210.558762][T21334] RIP: 0033:0x7f58fc18ebe9 [ 1210.558777][T21334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1210.558797][T21334] RSP: 002b:00007f58fcf6b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1210.558816][T21334] RAX: ffffffffffffffda RBX: 00007f58fc3c5fa0 RCX: 00007f58fc18ebe9 [ 1210.558828][T21334] RDX: 0000000000000001 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1210.558840][T21334] RBP: 00007f58fc211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1210.558852][T21334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1210.558863][T21334] R13: 00007f58fc3c6038 R14: 00007f58fc3c5fa0 R15: 00007ffc428cc8c8 [ 1210.558880][T21334] [ 1210.558887][T21334] [ 1210.805474][T21334] Allocated by task 1: [ 1210.809559][T21334] kasan_save_stack+0x33/0x60 [ 1210.814296][T21334] kasan_save_track+0x14/0x30 [ 1210.819001][T21334] __kasan_kmalloc+0xaa/0xb0 [ 1210.823612][T21334] dvb_register_device+0x1e4/0x2370 [ 1210.828857][T21334] dvb_register_frontend+0x5a6/0x880 [ 1210.834176][T21334] vidtv_bridge_probe+0x459/0xa90 [ 1210.839226][T21334] platform_probe+0x106/0x1d0 [ 1210.843927][T21334] really_probe+0x23e/0xa90 [ 1210.848478][T21334] __driver_probe_device+0x1de/0x440 [ 1210.853898][T21334] driver_probe_device+0x4c/0x1b0 [ 1210.858962][T21334] __driver_attach+0x283/0x580 [ 1210.863783][T21334] bus_for_each_dev+0x13b/0x1d0 [ 1210.868659][T21334] bus_add_driver+0x2e9/0x690 [ 1210.873366][T21334] driver_register+0x15c/0x4b0 [ 1210.878141][T21334] vidtv_bridge_init+0x45/0x80 [ 1210.882934][T21334] do_one_initcall+0x120/0x6e0 [ 1210.887712][T21334] kernel_init_freeable+0x5c2/0x910 [ 1210.892950][T21334] kernel_init+0x1c/0x2b0 [ 1210.897385][T21334] ret_from_fork+0x5d7/0x6f0 [ 1210.902178][T21334] ret_from_fork_asm+0x1a/0x30 [ 1210.906979][T21334] [ 1210.909309][T21334] Freed by task 21237: [ 1210.913383][T21334] kasan_save_stack+0x33/0x60 [ 1210.918224][T21334] kasan_save_track+0x14/0x30 [ 1210.922923][T21334] kasan_save_free_info+0x3b/0x60 [ 1210.927981][T21334] __kasan_slab_free+0x60/0x70 [ 1210.932855][T21334] kfree+0x2b4/0x4d0 [ 1210.936766][T21334] dvb_device_put.part.0+0x60/0x90 [ 1210.941923][T21334] dvb_device_open+0x2a4/0x3b0 [ 1210.946697][T21334] chrdev_open+0x231/0x6a0 [ 1210.951183][T21334] do_dentry_open+0x97f/0x1530 [ 1210.955963][T21334] vfs_open+0x82/0x3f0 [ 1210.960154][T21334] path_openat+0x1de4/0x2cb0 [ 1210.964761][T21334] do_filp_open+0x20b/0x470 [ 1210.969280][T21334] do_sys_openat2+0x11b/0x1d0 [ 1210.974004][T21334] __x64_sys_openat+0x174/0x210 [ 1210.978892][T21334] do_syscall_64+0xcd/0x490 [ 1210.983432][T21334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1210.989344][T21334] [ 1210.991673][T21334] The buggy address belongs to the object at ffff888143f7b400 [ 1210.991673][T21334] which belongs to the cache kmalloc-256 of size 256 [ 1211.005738][T21334] The buggy address is located 24 bytes inside of [ 1211.005738][T21334] freed 256-byte region [ffff888143f7b400, ffff888143f7b500) [ 1211.019460][T21334] [ 1211.021791][T21334] The buggy address belongs to the physical page: [ 1211.028203][T21334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x143f7a [ 1211.037060][T21334] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1211.045572][T21334] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff) [ 1211.053212][T21334] page_type: f5(slab) [ 1211.057208][T21334] raw: 057ff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 1211.065802][T21334] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1211.074402][T21334] head: 057ff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 1211.083088][T21334] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1211.091860][T21334] head: 057ff00000000001 ffffea00050fde81 00000000ffffffff 00000000ffffffff [ 1211.100569][T21334] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 1211.109416][T21334] page dumped because: kasan: bad access detected [ 1211.115858][T21334] page_owner tracks the page as allocated [ 1211.121595][T21334] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 23251623734, free_ts 0 [ 1211.141375][T21334] post_alloc_hook+0x1c0/0x230 [ 1211.146168][T21334] get_page_from_freelist+0x132b/0x38e0 [ 1211.151737][T21334] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1211.157649][T21334] alloc_pages_mpol+0x1fb/0x550 [ 1211.162695][T21334] new_slab+0x247/0x330 [ 1211.166860][T21334] ___slab_alloc+0xcf2/0x1750 [ 1211.171589][T21334] __slab_alloc.constprop.0+0x56/0xb0 [ 1211.176974][T21334] __kmalloc_cache_noprof+0xfb/0x3e0 [ 1211.182276][T21334] bus_add_driver+0x92/0x690 [ 1211.187063][T21334] driver_register+0x15c/0x4b0 [ 1211.191842][T21334] usb_register_driver+0x216/0x4d0 [ 1211.196969][T21334] do_one_initcall+0x120/0x6e0 [ 1211.201749][T21334] kernel_init_freeable+0x5c2/0x910 [ 1211.206967][T21334] kernel_init+0x1c/0x2b0 [ 1211.211314][T21334] ret_from_fork+0x5d7/0x6f0 [ 1211.215939][T21334] ret_from_fork_asm+0x1a/0x30 [ 1211.220720][T21334] page_owner free stack trace missing [ 1211.226106][T21334] [ 1211.228434][T21334] Memory state around the buggy address: [ 1211.234076][T21334] ffff888143f7b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1211.242147][T21334] ffff888143f7b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1211.250488][T21334] >ffff888143f7b400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1211.258749][T21334] ^ [ 1211.263630][T21334] ffff888143f7b480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1211.271921][T21334] ffff888143f7b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1211.279993][T21334] ================================================================== [ 1211.552402][T21334] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1211.560005][T21334] CPU: 0 UID: 0 PID: 21334 Comm: syz.0.2468 Tainted: G U syzkaller #0 PREEMPT(full) [ 1211.570951][T21334] Tainted: [U]=USER [ 1211.574750][T21334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1211.584833][T21334] Call Trace: [ 1211.588124][T21334] [ 1211.591059][T21334] dump_stack_lvl+0x3d/0x1f0 [ 1211.595754][T21334] vpanic+0x6e8/0x7a0 [ 1211.599746][T21334] ? __pfx_vpanic+0x10/0x10 [ 1211.604263][T21334] ? __pfx_vprintk_emit+0x10/0x10 [ 1211.609315][T21334] ? dvb_device_open+0x36a/0x3b0 [ 1211.614305][T21334] panic+0xca/0xd0 [ 1211.618132][T21334] ? __pfx_panic+0x10/0x10 [ 1211.622708][T21334] ? dvb_device_open+0x36a/0x3b0 [ 1211.627796][T21334] ? preempt_schedule_common+0x44/0xc0 [ 1211.633323][T21334] ? preempt_schedule_thunk+0x16/0x30 [ 1211.638770][T21334] check_panic_on_warn+0xab/0xb0 [ 1211.643771][T21334] end_report+0x107/0x170 [ 1211.648141][T21334] kasan_report+0xee/0x110 [ 1211.652597][T21334] ? dvb_device_open+0x36a/0x3b0 [ 1211.657572][T21334] ? __pfx_dvb_device_open+0x10/0x10 [ 1211.662895][T21334] dvb_device_open+0x36a/0x3b0 [ 1211.667696][T21334] ? __pfx_dvb_device_open+0x10/0x10 [ 1211.673038][T21334] chrdev_open+0x231/0x6a0 [ 1211.677492][T21334] ? __pfx_apparmor_file_open+0x10/0x10 [ 1211.683055][T21334] ? __pfx_chrdev_open+0x10/0x10 [ 1211.688025][T21334] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1211.694480][T21334] do_dentry_open+0x97f/0x1530 [ 1211.699260][T21334] ? __pfx_chrdev_open+0x10/0x10 [ 1211.704242][T21334] vfs_open+0x82/0x3f0 [ 1211.708329][T21334] path_openat+0x1de4/0x2cb0 [ 1211.712931][T21334] ? __pfx_path_openat+0x10/0x10 [ 1211.717988][T21334] do_filp_open+0x20b/0x470 [ 1211.722514][T21334] ? __pfx_do_filp_open+0x10/0x10 [ 1211.727548][T21334] ? alloc_fd+0x471/0x7d0 [ 1211.731883][T21334] do_sys_openat2+0x11b/0x1d0 [ 1211.736575][T21334] ? __pfx_do_sys_openat2+0x10/0x10 [ 1211.741802][T21334] __x64_sys_openat+0x174/0x210 [ 1211.746666][T21334] ? __pfx___x64_sys_openat+0x10/0x10 [ 1211.752053][T21334] do_syscall_64+0xcd/0x490 [ 1211.756572][T21334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1211.762489][T21334] RIP: 0033:0x7f58fc18ebe9 [ 1211.766937][T21334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1211.786575][T21334] RSP: 002b:00007f58fcf6b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1211.795002][T21334] RAX: ffffffffffffffda RBX: 00007f58fc3c5fa0 RCX: 00007f58fc18ebe9 [ 1211.802984][T21334] RDX: 0000000000000001 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1211.810965][T21334] RBP: 00007f58fc211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1211.818966][T21334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1211.826954][T21334] R13: 00007f58fc3c6038 R14: 00007f58fc3c5fa0 R15: 00007ffc428cc8c8 [ 1211.834938][T21334] [ 1211.838324][T21334] Kernel Offset: disabled [ 1211.842648][T21334] Rebooting in 86400 seconds..