last executing test programs: 6m51.786146482s ago: executing program 2 (id=2047): socket(0xf, 0x3, 0x2) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x6, 0x800, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, 0xffffffffffffffff, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) mmap$auto(0x3, 0x4, 0x0, 0x10, r0, 0x2) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000004c0)=""/244, 0xf4) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7ffff000) socket$nl_generic(0x10, 0x3, 0x10) move_mount$auto(0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x77) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0xa02, 0x0) unshare$auto(0x40000080) sendmsg$auto_CGROUPSTATS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x400c9d0}, 0x4080) 6m51.32407524s ago: executing program 2 (id=2050): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001180), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001240)={0x0, 0x3e7, &(0x7f0000001200)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="01002abd70defcdbdf290400000008000c0003000000f3"], 0x1c}, 0x1, 0x0, 0x0, 0x404c091}, 0x40000) 6m50.914601717s ago: executing program 2 (id=2053): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0) r0 = socket(0x2b, 0x1, 0x0) r1 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000040), r0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/dev_snmp6/hsr0\x00', 0x20000, 0x0) r2 = getpid() mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0x1002}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x4, 0x0) linkat$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x400) fcntl$auto_F_WRLCK(r0, 0xd, 0x1) sendmsg$auto_NFC_CMD_DEACTIVATE_TARGET(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0x7c, r1, 0x100, 0x70bd28, 0x25dfdbfd, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, 0x100}, @NFC_ATTR_SE_APDU={0x3f, 0x19, "28212e518b0998ec641b84a5af79a06ce29a328e4adcfe40f762a58c46faf16d981bf6a09c5d5e572627e1be56e36d46614d6d06053af28b72cce3"}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x10001}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0xe57}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x38}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x80}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x24000840) rt_sigqueueinfo$auto(0x0, 0x1, 0x0) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video33\x00', 0x80382, 0x0) ioctl$auto(r3, 0xc0045627, r0) 6m50.418989174s ago: executing program 2 (id=2054): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) statmount$auto(0x0, 0x0, 0x1fd, 0x0) bpf$auto(0x2, &(0x7f00000001c0)=@batch={0x8000000000009, 0x80000001, 0x10005, 0x8250, 0xa6d5, 0xffffffffffffffff, 0x7, 0x6}, 0x103) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x8000) r1 = socket(0x10, 0x1, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x0) close_range$auto(r0, r0, 0x6) mmap$auto(0x0, 0xfffffffffffffffc, 0xb3b3, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) write$auto(0xffffffffffffffff, 0x0, 0x45c) unshare$auto(0x40000080) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/zram0/mem_used_max\x00', 0xa081, 0x0) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) unshare$auto(0x2) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x80000, 0x0) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r4, 0x80045105, &(0x7f0000000200)="5719ed914183ffba4ce2eb7d18bf365aa51818da2a40f8cf07b0ea3eeefe03ccb791022d229eca747b8415a44148de5a387b97f30e8a6d797ae7a7be7631383befcf13c327c91a4d0b80012dc3570c5f02ec32980c9f7d1793c5ecec082c73ea5c923d99fa36b361f408d9e70776b351e8e79425b1ebbc60d67a311a74b3bdc4f15e37a2e8394fff0cae2ce750") r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'dummy0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002dbd70007ddbdf250c000000040003800c00018008000100", @ANYRES32=r6, @ANYBLOB="b28105536b9d33621a171931e1b68974c8f14f83174ba0e4f099354472e07739969b91c8fe8d4a9335cc2e1b509d730838d186657e7700667e08519a7c13cc4515"], 0x24}, 0x1, 0x0, 0x0, 0x24004840}, 0x0) r7 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp1\x00', 0x20080, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), r8) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r8, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f0000000540)=ANY=[@ANYBLOB="248def00dc36000000", @ANYRES16=r5, @ANYBLOB="200027bd7000fcdbdf251000000008000a000700000005000d0003000000"], 0x24}, 0x1, 0x0, 0x0, 0x10048814}, 0x0) sendmsg$auto_ILA_CMD_DEL(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB="010026bd7000fcdbdf25020000000500070002000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000000) ioctl$auto_SNDCTL_DSP_CHANNELS(r7, 0xc0045006, &(0x7f00000002c0)="58ce841b490f7f2ff14938e579e4fcce8a5357b2fe61d59cf074c7ba3119a4106973f90d49086f83a040509e86b0d90901a28b617fdc12041f2ceae30299f36060bf4e3bce1216961f13c67f25efee55c9d3198edd6affd499a4c6c905c881f8621e8ded511f8d99c3d7b8c5eb8c4cabe8480c2cad162238ebfe7bf782b68a7a0c914302609a4263f360e40bbbea1ca3b7d8cd5b") move_mount$auto(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x176) 6m48.559625349s ago: executing program 2 (id=2058): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) clone$auto(0x1, 0x0, 0x0, 0x0, 0x2) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/pcmC1D1c\x00', 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(r1, 0xc1004111, 0x0) getsockopt$auto_SO_RCVPRIORITY(0xffffffffffffffff, 0x2, 0x52, &(0x7f00000001c0)='/dev/virtual_nci\x00', 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r0, 0x0, 0x7fb, 0x400) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x40100000001) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000040)) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xfffffffffffffff9, 0xb82, 0x400000000000948b, 0x3d, 0x15f4da0a, 0x3, 0x3, 0x62, 0x5, 0x3, 0x1, 0x8, 0x0, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xb, 0xd, 0x1, 0x3, 0x3, 0x8, 0x3, 0x3, 0x1ff, 0x8000001f, 0x8, 0x6d3e, 0x9, 0x4, 0x6]}, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) inotify_init1$auto(0x403) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/dummy_hcd.1/usb2/removable\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x331) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) 6m48.119826906s ago: executing program 2 (id=2063): migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80482, 0x0) mmap$auto(0x80000, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0) epoll_create1$auto(0x5) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000009c0), 0xffffffffffffffff) r3 = getpgid(0x0) rt_tgsigqueueinfo$auto(0xffffffffffffffff, r3, 0xfffffffc, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xc64, 0x5, @_sigchld={r3, 0x0, 0x401, 0x5, 0x2}}}) msgctl$auto(0x0, 0x10000, &(0x7f0000000200)={{0x9, 0xffffffffffffffff, 0xffffffffffffffff, 0x3, 0x6f40f784, 0x7, 0x9}, &(0x7f0000000100)=0x1, &(0x7f0000000180)=0x3, 0xffff, 0x7, 0x5, 0xfffffffffffffe88, 0x2, 0x0, 0xc, 0xfffb, @inferred=0xffffffffffffffff, @raw=0x82}) sendmsg$auto_IPVS_CMD_SET_SERVICE(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)=ANY=[@ANYBLOB="a8030000", @ANYRES16=r2, @ANYRES64=r6, @ANYRES32=r5, @ANYBLOB="31f7e47d5b22146aef34f93fcdfa0dc51a7feddc17661f89167525ecf4a77c7ac3d92996b796d728fd0e4460f9351f498a41261a7c92dbc98e36bb7780df5d8b4e40c9e1e5d811572554117987796db89e0402bd71499e88b9bfe684393b6a4d1c53248da98aefb0116d5fe439337da3608470a30460b560d03a225fe8b64f8cd86eaffaf2c125c31d7fb7a00066800800bf00", @ANYRES32=r4, @ANYBLOB="0c00fb0000040000000000000400568004004400060052005d00000008004800a906000008009b00ac1414400400428077f8525579f69597906b2646ee3ae92c462cd46eb9d3f122cfd7eaf2d5d123c1ec3908ebd9ec521de53bca9ef8ea89399364193ab7490516c5fc8beb92da62fa06c68d4de750442c5af7fe1556027a5edfe858b47008d146782de728d513a5486631b8f500379b688b307d4cfbb55382da7ef1e4b7cd7314e79064f9409bf83ffefa09804cd491a7553cdc0d432d8d60b37a9733eb34e999c2800923c01eee38b00966f58347fc11731e0b1f40a0c5c7dd1c21962a20a1e476f5c8d8ab5a4c9926ff65bb79668a3d4c5d363b871b4c6a92ac391ca3f89fb2f3a71474afb02e7bcb860d6460e0268874ef45e75d058daaecf7b25c0241ae28b542a7850b949470e2be3f692f495409a97acd070e1f09d8dee5f33ca79e8fcb5d2778b9765b0a41370f28f6b06a7628b9fd474b375719b96dfe7d5b2c3ef3197a0bf26c65fe7b4b17c300895cecc7ec506a6707ff1a343cb53457c9139a27e1194880fb3cdacc7ddc4b4321768d4c75e55748727ca5ca8ae14cc311788372ef1f01583bf1e1486aa89dec0932bf968a50f3b0f2215922340b76c71742f67e21f10c7360dccef04deac5989773f0d6dbbb61dfe5f734534b22a1d4198d96619aa349713d4116a6767a9326a3dff7a1be0815583400918008007d80040006801c00638014001000ff0100000000000100000000000000010400e0800c00ab0000800400000000000746a7493500e64e1e2ad61f02463a0dc96a90b9f40cb6ad7e47a78a459f07217756eb49b7116401543f1c6547ffff976a407a2aef1e830f3f6e969bed3aa2ca13c5bf52ae6e040eaf96374ed1a96658b8706883ccd5fca4dd9caca769076e00ed6d33fc83ffe60ff94ce371a138dc4c1957378a0df125f62a4f3291f9deb9d909b61922fe6ae1fea4a8cb7620d4e051099cd3e0593d3c0c004c0007000000000000009705e441f44139c78a2d4141e1a208002b00", @ANYRES32=r4, @ANYBLOB='\x00'], 0x3a8}, 0x1, 0x0, 0x0, 0x4050}, 0x4000000) r7 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000140), 0x189000, 0x0) readv$auto(r7, &(0x7f00000018c0)={&(0x7f0000001880), 0x1}, 0x9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r8 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) ioctl$auto(r8, 0x5646, 0x4) prctl$auto(0x21, 0x0, 0x1, 0x0, 0x0) r9 = set_tid_address$auto(&(0x7f00000000c0)=0x6) prctl$auto(0x3ff, 0x1, r9, 0x1, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0xca, &(0x7f00000001c0)='\x04\x13\xac\x04\x00\x00\x00\x00\x00\x00\x00\x01\n\xdc\x10\x00\x00\xef\xab\xe1ME:\xab \x87|\xe0Z\x1b\x9eZ\xa8\xff\x92+\xc9\x9fs\xbf\xd8\f\x00\x00\x00\xa5V\b\xf1Ne\xc6l\xd0\xdd7\x96gf\xb2\xa0\xf2cN\x8b\x95\xeb\xf3(\x9eM-\xdc\x84N\xc3\tts%\xe9\xbf<\xf1\xdav\xe0n\x04\xb33\x97\xd5\xb4\x02\x94B\xbb\x995\x1e\xf7@\xd8\xca\x8d\a0 \xfa\x87V\xeb1\xe4M%\xdd\xfd\xf6\x8d\xb4\xc7\x9b\x9d\xf5\xd9^\xcdL@\x0f\xd4\x15F,\xc1\xd1i\xa4f/{\xfa\xd5\n\xe1\x95l[\x91\xbfX\xea2\x1b\x8a\x85\t\x00\x05m\x1e\x9b\xca\xfb\x81\x9d{\x19S\xff\xe4\xd2k\x1b/wJ&\x03+{\x84R\xa8\x92\xad\xec\x1b\xb1\xe9\xa7XUo\x93\xd5\xfb\x94\xc4\xdf\x8e\xdd\x97\xfc\x00\x13\xd6\x80g\x7fR;\x88\xf7bm\x8f\xb5\x89\x1a\xb63\x98\xaa\xcc\xbf\x94\xbf#u\xb9', 0x2b) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x204182, 0x0) lseek$auto(0x3, 0x0, 0x1) munmap$auto(0x8000, 0xffffffff) gettimeofday$auto(0x0, &(0x7f00000001c0)={0x1000, 0x1}) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0)) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0)) openat$auto_proc_setgroups_operations_base(0xffffffffffffff9c, &(0x7f0000003540)='/proc/thread-self/setgroups\x00', 0x2, 0x0) read$auto(r0, &(0x7f0000000040)='/dev/tty12\x00', 0x1000) ioctl$auto_FIOASYNC(r0, 0x5452, 0x9) 6m33.014770529s ago: executing program 32 (id=2063): migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80482, 0x0) mmap$auto(0x80000, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0) epoll_create1$auto(0x5) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000009c0), 0xffffffffffffffff) r3 = getpgid(0x0) rt_tgsigqueueinfo$auto(0xffffffffffffffff, r3, 0xfffffffc, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xc64, 0x5, @_sigchld={r3, 0x0, 0x401, 0x5, 0x2}}}) msgctl$auto(0x0, 0x10000, &(0x7f0000000200)={{0x9, 0xffffffffffffffff, 0xffffffffffffffff, 0x3, 0x6f40f784, 0x7, 0x9}, &(0x7f0000000100)=0x1, &(0x7f0000000180)=0x3, 0xffff, 0x7, 0x5, 0xfffffffffffffe88, 0x2, 0x0, 0xc, 0xfffb, @inferred=0xffffffffffffffff, @raw=0x82}) sendmsg$auto_IPVS_CMD_SET_SERVICE(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)=ANY=[@ANYBLOB="a8030000", @ANYRES16=r2, @ANYRES64=r6, @ANYRES32=r5, @ANYBLOB="31f7e47d5b22146aef34f93fcdfa0dc51a7feddc17661f89167525ecf4a77c7ac3d92996b796d728fd0e4460f9351f498a41261a7c92dbc98e36bb7780df5d8b4e40c9e1e5d811572554117987796db89e0402bd71499e88b9bfe684393b6a4d1c53248da98aefb0116d5fe439337da3608470a30460b560d03a225fe8b64f8cd86eaffaf2c125c31d7fb7a00066800800bf00", @ANYRES32=r4, @ANYBLOB="0c00fb0000040000000000000400568004004400060052005d00000008004800a906000008009b00ac1414400400428077f8525579f69597906b2646ee3ae92c462cd46eb9d3f122cfd7eaf2d5d123c1ec3908ebd9ec521de53bca9ef8ea89399364193ab7490516c5fc8beb92da62fa06c68d4de750442c5af7fe1556027a5edfe858b47008d146782de728d513a5486631b8f500379b688b307d4cfbb55382da7ef1e4b7cd7314e79064f9409bf83ffefa09804cd491a7553cdc0d432d8d60b37a9733eb34e999c2800923c01eee38b00966f58347fc11731e0b1f40a0c5c7dd1c21962a20a1e476f5c8d8ab5a4c9926ff65bb79668a3d4c5d363b871b4c6a92ac391ca3f89fb2f3a71474afb02e7bcb860d6460e0268874ef45e75d058daaecf7b25c0241ae28b542a7850b949470e2be3f692f495409a97acd070e1f09d8dee5f33ca79e8fcb5d2778b9765b0a41370f28f6b06a7628b9fd474b375719b96dfe7d5b2c3ef3197a0bf26c65fe7b4b17c300895cecc7ec506a6707ff1a343cb53457c9139a27e1194880fb3cdacc7ddc4b4321768d4c75e55748727ca5ca8ae14cc311788372ef1f01583bf1e1486aa89dec0932bf968a50f3b0f2215922340b76c71742f67e21f10c7360dccef04deac5989773f0d6dbbb61dfe5f734534b22a1d4198d96619aa349713d4116a6767a9326a3dff7a1be0815583400918008007d80040006801c00638014001000ff0100000000000100000000000000010400e0800c00ab0000800400000000000746a7493500e64e1e2ad61f02463a0dc96a90b9f40cb6ad7e47a78a459f07217756eb49b7116401543f1c6547ffff976a407a2aef1e830f3f6e969bed3aa2ca13c5bf52ae6e040eaf96374ed1a96658b8706883ccd5fca4dd9caca769076e00ed6d33fc83ffe60ff94ce371a138dc4c1957378a0df125f62a4f3291f9deb9d909b61922fe6ae1fea4a8cb7620d4e051099cd3e0593d3c0c004c0007000000000000009705e441f44139c78a2d4141e1a208002b00", @ANYRES32=r4, @ANYBLOB='\x00'], 0x3a8}, 0x1, 0x0, 0x0, 0x4050}, 0x4000000) r7 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000140), 0x189000, 0x0) readv$auto(r7, &(0x7f00000018c0)={&(0x7f0000001880), 0x1}, 0x9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r8 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) ioctl$auto(r8, 0x5646, 0x4) prctl$auto(0x21, 0x0, 0x1, 0x0, 0x0) r9 = set_tid_address$auto(&(0x7f00000000c0)=0x6) prctl$auto(0x3ff, 0x1, r9, 0x1, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0xca, &(0x7f00000001c0)='\x04\x13\xac\x04\x00\x00\x00\x00\x00\x00\x00\x01\n\xdc\x10\x00\x00\xef\xab\xe1ME:\xab \x87|\xe0Z\x1b\x9eZ\xa8\xff\x92+\xc9\x9fs\xbf\xd8\f\x00\x00\x00\xa5V\b\xf1Ne\xc6l\xd0\xdd7\x96gf\xb2\xa0\xf2cN\x8b\x95\xeb\xf3(\x9eM-\xdc\x84N\xc3\tts%\xe9\xbf<\xf1\xdav\xe0n\x04\xb33\x97\xd5\xb4\x02\x94B\xbb\x995\x1e\xf7@\xd8\xca\x8d\a0 \xfa\x87V\xeb1\xe4M%\xdd\xfd\xf6\x8d\xb4\xc7\x9b\x9d\xf5\xd9^\xcdL@\x0f\xd4\x15F,\xc1\xd1i\xa4f/{\xfa\xd5\n\xe1\x95l[\x91\xbfX\xea2\x1b\x8a\x85\t\x00\x05m\x1e\x9b\xca\xfb\x81\x9d{\x19S\xff\xe4\xd2k\x1b/wJ&\x03+{\x84R\xa8\x92\xad\xec\x1b\xb1\xe9\xa7XUo\x93\xd5\xfb\x94\xc4\xdf\x8e\xdd\x97\xfc\x00\x13\xd6\x80g\x7fR;\x88\xf7bm\x8f\xb5\x89\x1a\xb63\x98\xaa\xcc\xbf\x94\xbf#u\xb9', 0x2b) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x204182, 0x0) lseek$auto(0x3, 0x0, 0x1) munmap$auto(0x8000, 0xffffffff) gettimeofday$auto(0x0, &(0x7f00000001c0)={0x1000, 0x1}) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000000c0)) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0)) openat$auto_proc_setgroups_operations_base(0xffffffffffffff9c, &(0x7f0000003540)='/proc/thread-self/setgroups\x00', 0x2, 0x0) read$auto(r0, &(0x7f0000000040)='/dev/tty12\x00', 0x1000) ioctl$auto_FIOASYNC(r0, 0x5452, 0x9) 10.434858391s ago: executing program 1 (id=3199): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = prctl$auto_PR_SET_SECCOMP(0x16, 0x7, 0xfffffffffffffff8, 0xfffffffffffffffd, 0xdbc8) pwrite64$auto(r1, &(0x7f0000000000)='MAC80211_HWSIM\x00', 0x34000, 0xffffffffffffffb8) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x18, r2, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@HWSIM_ATTR_MLO_SUPPORT={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x45}, 0x8018880) 9.536693081s ago: executing program 1 (id=3206): madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="1b0026bd7000fddbdf400000000004000800100003800c007d0380080015", @ANYRES32, @ANYBLOB="12000100898771f1c19f1779048590828847000004000280"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f00000000c0), 0xffffffff}, 0x6, 0x0) prctl$auto(0x1000000003b, 0x8, 0x0, 0x8, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto_dvb_dvr_fops_dmxdev(r2, &(0x7f00000002c0)="206adb18a66430134faa096ddf929a9a2a2db999539baf545f32be51396acabebaf4c1bdce6713fd6cec7f7cc973d934aacead65db80d76076732c779bc33e274645d618006e18e06d8e2ae33047cd639f75b67ea0aee90bc7abd7f92a45496de438e6370d000c1b219a725f9a6183063bf48abc646d74ff83ba395bee5097da0f29eb2663fd1795d7c8017be5d48fc14d77eb40264be7b46519a56b87958d149e01f8520f6b8dbed15f0201b476", 0xae) fsopen$auto(0x0, 0x1) madvise$auto(0x3f000000, 0x200007, 0x19) syslog$auto(0x3, 0x0, 0x5) socket(0x25, 0x5, 0x6) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) madvise$auto(0x3, 0x36, 0xfffffffd) pidfd_open$auto(0x0, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) 5.672994161s ago: executing program 4 (id=3215): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', 0x0}) sendmsg$auto_NL80211_CMD_NEW_KEY(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000004880)={&(0x7f0000000380)=ANY=[@ANYBLOB="89202c615e50676e2581367717605b235f652cde84cc9ec1ca7a39087119b1ec4ac36a8a0b615a2435c76be464634dcfe1861a4235b61b1159ef729e93f1aa036bd9170f213324d617f8751fecde26585173d591588a7d6bc57e26e99c9ace7998d7b26b95d5ac747f", @ANYRES32=r1, @ANYRESOCT, @ANYBLOB="2800001f9f1df11a1a7ad2000e8aa1b65ae25108329f9aed51a2b5e5d2b9a8d42452295a39749563849109ab32e98c6d49f50d411edf3f15e28907e1102954b518f2cb0c", @ANYRES32=r3, @ANYBLOB="06001a017c7a6577709151f5f78710326c27090000002376ef8cbae74ce287c0e6f25470e300004889182e491ccc265f6784d8b664072fed48b7e7a231aed7a80b5e8e689e33868ec23fd803bbacfdbfdbdcfd7b344f3c52f184c555ef7aae4b2249c4eb4c167c8e5c14e1c8c17817258eae6b06aa99bb89169f3f44f19415e44e8db562184fcb3d8237f822c208e627a5ab0203fcd360b2674761b49b57b158d64f04c7ff5402681eb9819c2c0779bf9eb4ed17f9c6ff1eeb606b1596a7ddab7e17b6d0828c09230d7e0414352b27cd565ac940bb9598f5c9b06f8d77d1ab56e28ebe8a0b7cf8512516def0c7f334363f063747fb79e4d056534a2885b81e7dff86f7fd10057d2a163f765a3488f6a528883f1503905a127eb4d8a32f73788d4896f5feaa9c3c19616e3341ba", @ANYRES64=r0, @ANYRESHEX=0x0], 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x890) mmap$auto(0x8d0, 0x3, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r4 = socket(0x10, 0x2, 0x0) r5 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) write$auto_safesetid_gid_file_fops_securityfs(r5, &(0x7f0000000100)="6901c00ade474aa4f50dc8c96f0b6110cdc2818abbc7ace561874416344ea060211d3ac2af", 0x25) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/conf/veth0_virt_wifi/ignore_routes_with_linkdown\x00', 0x24a401, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00', @ANYRES32, @ANYBLOB="83e42a4e1a7d7f25407139e605816e189f26a5df99d2d832f1b1d3ce1fcec548cdbb69ebc8a6b9cf8b4d2aba832d1ecaf84b60ce28a894bacee43fe9106b0791eb1c221cbb517d0151679926aa8c7490ddc9", @ANYRES64, @ANYBLOB="e89b3863f686f002807764f9eeb296b9afa7eaf460a7a46dcf8e66efd567a9af4a68ffd6a0ad8a77c106b49287a2842007c29a8710ff2077e5af123214bf68"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) write$auto(0x1, 0x0, 0xf7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) read$auto(0x3, 0x0, 0x18) r6 = socket(0x15, 0x5, 0x0) setsockopt$auto_SO_BUSY_POLL_BUDGET(r6, 0x1, 0x46, 0x0, 0x94) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r7 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r8 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/syz_tun/enhanced_dad\x00', 0x680040, 0x0) read$auto(r8, 0x0, 0x1ff) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_proc_pid_maps_operations_internal(r7, &(0x7f00000010c0)=""/4082, 0xff2) r9 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r9, 0xae01, 0x0) 5.28928429s ago: executing program 1 (id=3216): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) clone$auto(0x1, 0x0, 0x0, 0x0, 0x2) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/pcmC1D1c\x00', 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(r1, 0xc1004111, 0x0) getsockopt$auto_SO_RCVPRIORITY(0xffffffffffffffff, 0x2, 0x52, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r0, 0x0, 0x7fb, 0x400) r2 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x40100000001) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000040)) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xfffffffffffffff9, 0xb82, 0x400000000000948b, 0x3d, 0x15f4da0a, 0x3, 0x3, 0x62, 0x5, 0x3, 0x1, 0x8, 0x0, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000440)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xe8\xb8\xb1g|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9a\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\x86\xddL\xda7}\xc2kn\x18+\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcceU0\x01\f\x84T\xf3\xa4^\xb9\xaf\xe2\v\xf5\xfc|\x02\xb9v\xb7:\xf0f#\xe0\x9b\xc0Z\x9f\xa3\x7fA\x91\'8uH\x94\xaa\xfa8\x94\x1e\xe5\x90\f\xda)^rO\x14\xd8\xabW\x1e\x9f\x02\x12', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xb, 0xd, 0x1, 0x1, 0x3, 0x2, 0x3, 0x3, 0x1ff, 0x8000001f, 0x8, 0x1000000006d3e, 0x9, 0x4, 0x6]}, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) inotify_init1$auto(0x403) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/dummy_hcd.1/usb2/removable\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x20) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x331) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) 5.154051625s ago: executing program 3 (id=3218): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x40043d04, 0x0) read$auto(r0, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) r2 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r2, 0x65, 0x1, 0x0, 0x800) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000100), r2) stat$auto(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0xd, 0x200, 0x0, 0x1000, 0x0, 0xee01, 0x0, 0x7fffffff, 0x100000001, 0x5, 0x1, 0xfffffffffffffff7, 0x3ff, 0x29163c46, 0xff, 0xa88b, 0x3ff}) waitid$auto_P_ALL(0x0, 0x0, &(0x7f0000000240)={@siginfo_0_0={0x80000001, 0x4, 0x3, @_sigchld={0x0, 0x0, 0x2, 0x4, 0x6}}}, 0x629, &(0x7f00000002c0)={{0x9, 0x5}, {0x401, 0xfffffffffffffff3}, 0x6, 0xb, 0x9, 0x1, 0x80, 0x2, 0x8000, 0x0, 0xb, 0x7, 0x6192, 0x9, 0x8, 0x401}) waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000380)={@_si_pad}, 0x8, &(0x7f0000000400)={{0x6, 0x1}, {0x8, 0x3ff}, 0x0, 0x100000001, 0x2, 0xfffffffffffffff5, 0x40, 0x1, 0x0, 0x6, 0x1fda, 0x0, 0x80000000, 0x8, 0x875, 0xfffffffffffffffb}) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/net/dev_mcast\x00', 0x404080, 0x0) write$auto(r3, 0x0, 0x7ef) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/type\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000040)=""/116, 0x74) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) modify_ldt$auto(0x1, 0x0, 0x10) socket(0x28, 0x1, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x3, 0xd, 0x1d, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x7f, 0x3, 0x7, 0x9, 0x1, 0x400000]}, 0x0) write$auto(r5, &(0x7f0000000440)='/Eev/audio1\x00VI\xa3\xaa\xb1\x05\x00\x00\x00\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\x89C:\xc3\xcbx*=\x12\xb4q\xeeC\x81\n\\_\x04D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\x9e\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x0, 0x6d3e, 0x9, 0x8cec, 0x6]}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) 4.098183423s ago: executing program 0 (id=3219): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001400)={0x0, 0x600, &(0x7f00000000c0)={&(0x7f0000000100)={0x18, r1, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@HWSIM_ATTR_MLO_SUPPORT={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x45}, 0x8018880) 3.576389357s ago: executing program 0 (id=3220): open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) write$auto(0x3, 0x0, 0x5c8) mmap$auto(0x110c230000, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0) 3.551779996s ago: executing program 3 (id=3221): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_cifs(&(0x7f0000000080), r0) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) shmctl$auto_SHM_INFO(0x1000, 0xe, &(0x7f0000000540)={{0x8, 0xee00, 0x0, 0x0, 0xffff, 0x9, 0x10}, 0x4, 0x3, 0x3, 0x0, @inferred, @raw=0x9, 0x4, 0x0, &(0x7f0000000400)="ecd7fd931f6101750eef273f7f60", &(0x7f00000004c0)="a200a82b623ae257b53c64f46455bcbaa12ae75fa4889dc1079c49a469b96e6c4ad92e340fa62d27c0a846d0ecb8abb88bb7bae088fd466677d4d27e9f5dfff8c6b03e0a616b9209c2fc0c421a6054d1e551396e4ee119"}) shmctl$auto_IPC_INFO(0x80000001, 0x3, &(0x7f0000000640)={{0x10001, 0xee01, 0xee01, 0x0, 0x4, 0x432936da, 0x4}, 0x1, 0x7, 0x3, 0x1, @inferred=0xffffffffffffffff, @inferred, 0x5, 0x0, &(0x7f00000005c0)="1a6c8274f2cf01e59c434dbed955e6cb5802f26744eed9a24b2ff3af2b20d810212beb6b929df1af9ea8ca04501fd071bbc1a24399d2d2b7a6ebcdf6c91da2484632811e", &(0x7f0000000440)="034eb851b177ab"}) ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f00000006c0)={0x6, 0x1, 0x0, 0x7, 0x3ff, 0x0}) shmctl$auto_IPC_RMID(0xcbf, 0x0, &(0x7f00000007c0)={{0x8, r1, r2, 0x7, 0xfffffffc, 0x7, 0x7}, 0x6, 0x9, 0x4, 0x3, @inferred=0xffffffffffffffff, @inferred=r3, 0x0, 0x0, &(0x7f0000000700)="839b48bde9bd5e68cb7b0c75900bf7865e55fd19caa6360a1866f06732d27746d56bc36001ce074ad7a18da2552af51df4ca7d7caaa638a29cbcec31ab73f2eae57627cf16d97ed0a88b96d4f8d2608021321d520c11c384ecb7f2f44e1a4b878da47ef891992d523fd7c53c14436610e4b937ef", &(0x7f0000000780)="84f03685ca7f8d7ed6"}) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x6, 0xf, 0xb6e, 0x4, 0x3, 0x96a, 0xfffffffffffffffe, 0x9, 0x5, 0x5, 0x7, 0xb0, 0x9, 0x5, 0x4, 0x5, 0x1, 0x10, 0x0, 0x0, 0x10001, 0x0, 0xc74, 0x3, 0x0, 0xfffffffd, 0xfd0, 0x0, [0x0, 0x0, 0x5, 0x0, 0x4, 0x0, 0x400, 0x0, 0x100000000000, 0xd3, 0x0, 0x40000000000000, 0x2, 0x0, 0xffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x800, 0xfffffffffffffffc, 0x2, 0x0, 0x0, 0x0, 0x59f, 0x1fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd02c, 0x0, 0x0, 0xe]}, 0x200, 0x82) sendmsg$auto_IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x0, 0x2, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7ff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x40804) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/drivers\x00', 0x14b402, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r4 = socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x2000000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 3.542726478s ago: executing program 4 (id=3222): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x5c110c9f, 0x400}]}) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r2) sendmsg$auto_NL80211_CMD_GET_KEY(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r3, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x8, 0x13, "881cc73c"}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x2}, @NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x8126}, @NL80211_ATTR_MLO_SUPPORT={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005480), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_DEL_NAN_FUNCTION(0xffffffffffffffff, &(0x7f00000058c0)={0x0, 0x0, &(0x7f0000005880)={&(0x7f0000000100)=ANY=[@ANYBLOB="ac3ddcf8c9803391f9e43ff80eeb0000", @ANYRES16=r4, @ANYBLOB="010029bd7000fbdbdf25760000000c009900ff7f000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x4008050}, 0x80) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r5 = userfaultfd$auto(0x6) openat$auto_hwsim_fops_rx_rssi_(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy0/hwsim/rx_rssi\x00', 0x100, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto_SO_SNDTIMEO_OLD(r6, 0x1, 0x15, &(0x7f0000000180)='IPVS\x00', &(0x7f00000001c0)=0x4) sysfs$auto(0x2, 0xf, 0x0) r7 = fsopen$auto(0x0, 0x1) socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) sendmsg$auto_TCP_METRICS_CMD_GET(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r8, 0x4, 0x70bd26, 0x25dfdbfe, {}, [@TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @empty}, @TCP_METRICS_ATTR_SADDR_IPV4={0x8, 0xb, @multicast2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x10) shutdown$auto(r7, 0x9) 3.432053194s ago: executing program 0 (id=3223): close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0x3ff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bus/usb/003/001\x00', 0x240000, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) r2 = ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto(0x3, 0xae41, r3) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) mmap$auto(0xfffffffffffffffe, 0x580f, 0x112f4a03, 0x8000000008011, 0x3, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0002, 0x0) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r4 = socket(0x10, 0x2, 0x14) sendmmsg$auto(r4, 0x0, 0x3d55, 0x0) ioctl$auto(0xffffffffffffffff, 0x3, r2) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000) mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) write$auto(0x3, 0x0, 0x100082) 3.31209409s ago: executing program 4 (id=3224): socket(0xa, 0x1, 0x84) rseq$auto(0x0, 0x8000, 0x0, 0x6) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0) prctl$auto_PR_PPC_SET_DEXCR(0x49, 0x5, 0x0, 0x4, 0x7f) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x0, 0x0) socket(0x2, 0x5, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x5, 0x948b, 0x445f, 0x15f4da0a, 0x1, 0x81, 0x300000000000000, 0x7fffffff, 0x7, 0x0, 0x9, 0x2]}, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) inotify_init1$auto(0x403) mmap$auto(0x0, 0x4020009, 0xdf, 0xebe, 0x401, 0x8000) unshare$auto(0x40000080) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000540)="9e0839d502484f8af75c1000226ca59d1a2eb71caa281e1647d76bfa482b37c7e16e7536a55d10cf54d5e382c7514c70f31f5ca964180c28ca2a2827836d03e1a9e73cc343d7e9ad821727e0064bebdcf62d3b8173cc4ab3745c16c484d5bb9289c508000000f46d4369202ad194cae093fb4f086091e895c13b5c3c00000000495ee97f0d934c05e9a6c0a5b36c0783348f4bc1dfc48fbc73e97cc523b6c10a88454525699e49c5e742c2ea8b62344dc4c89bec882f52e08b3cccd3597bf4b324876476f787a4551e0e3822098e67e6c88d3b2795a3c0c6e35c1136feb6c65d7e27b52ac38897d8f27b1a03f8ab85ac24053fcd76fef86d1cb0055bb0c39564f8a6c000868a71ca6f065317273ae322c30dedf182dd796a645f8e70cb6cb687f8daa319bd8c9d2610d11d8c513fe9357cac430025cc8e82d3dc7e50") move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = getpgid(0x0) socket$nl_generic(0x10, 0x3, 0x10) rt_tgsigqueueinfo$auto(r0, r0, 0x208, &(0x7f0000000100)={@siginfo_0_0={0x3, 0xffff, 0x0, @_sigsys={&(0x7f0000000340)="ec74806b2476647892201c4d01266dbe7daeea4c50216dfa9bb7ac7a1af0699d5b33b0cd904da5b38dafd565d72e0a15979c507e71d5e19a9ee807300c87e310e68416d0126632feb19d5a63e6a57331396f8357c2ec0140ebeab267845b10feabcc4685663da350872a518b27d0f6eba650c6107877b146d81cb5d8fc137619e587d556043e06b0c5a0a2695a6e6010bc03eaeb5d9c089fa9b6165f7c0d2b37b834c484aa6357dafc6d5f8b59e8d04dd54f4faf8ffe2b8d90ec55662168368fa518f79c41558df8f5a192521261c118fb7f3c4fcadf1e5846cc6e4038ecce8da8aff0a7e925be3536e15bb928e25d6e7a47f8dfe35f372736de3151c85e", 0x9}}}) r1 = socket(0x2b, 0x1, 0xffffff2b) getsockopt$auto(r1, 0x107, 0xc, 0x0, 0x0) syz_genetlink_get_family_id$auto_ovs_vport(0x0, 0xffffffffffffffff) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) socket(0x6, 0x1, 0x4) pread64$auto(0xffffffffffffffff, 0x0, 0x7fe, 0x400) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketcall$auto_SYS_SOCKET(0x1, &(0x7f0000000280)=0xfffffffffffffffd) read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000180)=""/248, 0xf8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/002/001\x00', 0x40001, 0x0) 3.218483252s ago: executing program 3 (id=3225): close_range$auto(0x2, 0x8, 0x0) eventfd$auto(0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/snd_hda_intel/parameters/power_save\x00', 0x80002, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r0, 0x5425, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x29, 0x2d7f, 0xd, 0x100000000002, 0x948b, 0x3, 0xbe, 0x1, 0x3, 0x62, 0x1, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vivid.0/video4linux/radio28/uevent\x00', 0x0, 0x0) read$auto(r1, 0x0, 0xe8) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/neigh/veth1_to_team/delay_first_probe_time\x00', 0x40b00, 0x0) read$auto(r2, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) close_range$auto(0x2, 0x8, 0x0) (async) eventfd$auto(0x3) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/snd_hda_intel/parameters/power_save\x00', 0x80002, 0x0) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) (async) ioctl$auto_TCSBRKP2(r0, 0x5425, 0x0) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) (async) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x29, 0x2d7f, 0xd, 0x100000000002, 0x948b, 0x3, 0xbe, 0x1, 0x3, 0x62, 0x1, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vivid.0/video4linux/radio28/uevent\x00', 0x0, 0x0) (async) read$auto(r1, 0x0, 0xe8) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/neigh/veth1_to_team/delay_first_probe_time\x00', 0x40b00, 0x0) (async) read$auto(r2, 0x0, 0x1ff) (async) write$auto(0x3, 0x0, 0xfdef) (async) 2.847681602s ago: executing program 4 (id=3226): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) fdatasync$auto(r0) personality$auto(0xfffff032) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram10/queue/max_sectors_kb\x00', 0xe3102, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) unshare$auto(0x40000080) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D0p\x00', 0x4000, 0x0) ioctl$auto_FBIO_CURSOR(0xffffffffffffffff, 0xc0684608, &(0x7f00000001c0)={0x10, 0x1, 0x600, 0x0, {0x1003, 0x9b72}, {0x5, 0x3, 0x2, 0x9, 0x4, 0x7f, 0x9, 0x0, {0xb4, 0xffffff81, 0x0, 0x0, 0x0, 0x0}}}) write$auto(0xca, &(0x7f0000000040)='\x04>\x01\r\xfb\xff\xf6OL\xc8\xbe\x94\xf2\xa2\x00\x00', 0x2d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) r3 = prctl$auto_PR_SET_MM_START_DATA(0x80000008, 0x3, 0x0, 0x8000000000000205, 0x7) mount_setattr$auto(r3, 0x0, 0x0, 0x0, 0x283) ioctl$auto(r1, 0x7, r2) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) futex$auto(&(0x7f0000000080)=0x1, 0xb, 0x5, 0x0, 0x0, 0xfffffffa) ioctl$auto(0xffffffffffffffff, 0x5419, 0x38) ioctl$auto_FBIO_CURSOR(0xffffffffffffffff, 0xc0684608, &(0x7f00000001c0)={0x6, 0x1, 0x600, &(0x7f0000000240)='!\x00', {0x1003, 0x9b72}, {0x5, 0x3, 0x2, 0x9, 0xffff2f03, 0x7fff, 0x9, 0x0, {0x1fe, 0xffffff81, 0x0, 0x0, 0x0, 0x0}}}) write$auto(0xca, &(0x7f00000002c0)='\x04\x0fU\r\xfb\xff\xf6[L\xc8\xbe\x94\xf2\xa2\x00\x00v\xccX\xc5er\x83\xc3\x0e\xce\x98oHAF$\x90\xe3,h\x05\xbe^\x86\xe9)i\xc8\xd5@\x8d\xba\x8c\xc1\xe6l\x81@\xf4i\xf0\xd8\xff\x81\xc2fr\x84)\x88\f\xb8\x06\xea4t(B^\xa1M\xee\xc3\xd1\xb2\x9f\xe6\xe5j\x19\x00\b\x98\x82\xd7\xee\xae3\x90\x1fI\x1e(\x90\x92\x8aV\xbe\xc7\x01\xdc\xbel$\x8e@\x14\xff\xff\x87\xba[\xae\x1d\xef\xab\xf7\xb9\vzS\xae', 0x2d9) 2.753691348s ago: executing program 1 (id=3227): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(r0, 0x0, 0xe6e) r1 = inotify_init1$auto(0x3000000000000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/domainname\x00', 0x88042, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff038}}) write$auto(r2, 0x0, 0x6) inotify_add_watch$auto(r1, 0x0, 0x2) inotify_add_watch$auto(r1, 0x0, 0x20000e6e) 2.706527247s ago: executing program 0 (id=3228): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x5, 0x1007181, 0x8a0d, 0x7, 0x7, 0x7ff, 0x89, 0x26, 0x4, 0x200000000001, 0x384, 0xfffffffffffffffa, 0x8, 0x0, 0x30, 0x0, 0x861, 0x40000e, 0x22000, 0x9, 0x0, 0x84, 0x400000000000, 0x0, 0x80000000, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x9, 0xd) mmap$auto(0xebb7, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7) mlock$auto(0xfbe8, 0x4) mlock$auto(0x837, 0x7) mlock$auto(0x3, 0x2) r0 = openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0) write$auto(r0, &(0x7f0000000180)='1l80211\x00', 0x1) mlock$auto(0x10000, 0x5) openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x2003, 0x0) mmap$auto(0x0, 0x20009, 0x4, 0xeb1, 0x401, 0x8000) prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x48000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000002500), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r2, 0x1, 0x2070bd26, 0x25dfdbf8, {0x1, 0x0, 0x3f00}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/nr_anon\x00', 0x0, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) read$auto(0x3, 0x0, 0x80) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r3, &(0x7f0000000400)={0x0, 0x1f00, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000280), 0xffffffffffffffff) 2.556842565s ago: executing program 0 (id=3229): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x5c110c9f, 0x400}]}) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r2) sendmsg$auto_NL80211_CMD_GET_KEY(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r3, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x8, 0x13, "881cc73c"}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x2}, @NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x8126}, @NL80211_ATTR_MLO_SUPPORT={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005480), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_DEL_NAN_FUNCTION(0xffffffffffffffff, &(0x7f00000058c0)={0x0, 0x0, &(0x7f0000005880)={&(0x7f0000000100)=ANY=[@ANYBLOB="ac3ddcf8c9803391f9e43ff80eeb0000", @ANYRES16=r4, @ANYBLOB="010029bd7000fbdbdf25760000000c009900ff7f000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x4008050}, 0x80) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) userfaultfd$auto(0x6) openat$auto_hwsim_fops_rx_rssi_(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy0/hwsim/rx_rssi\x00', 0x100, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto_SO_SNDTIMEO_OLD(r5, 0x1, 0x15, &(0x7f0000000180)='IPVS\x00', &(0x7f00000001c0)=0x4) sysfs$auto(0x2, 0xf, 0x0) r6 = fsopen$auto(0x0, 0x1) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) sendmsg$auto_TCP_METRICS_CMD_GET(r7, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8, @ANYBLOB="9bff29bd7000fbdbdf250100"], 0x14}}, 0x0) shutdown$auto(r6, 0x9) 2.44078164s ago: executing program 3 (id=3230): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_cifs(&(0x7f0000000080), r0) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) shmctl$auto_SHM_INFO(0x1000, 0xe, &(0x7f0000000540)={{0x8, 0xee00, 0x0, 0x0, 0xffff, 0x9, 0x10}, 0x4, 0x3, 0x3, 0x0, @inferred, @raw=0x9, 0x4, 0x0, &(0x7f0000000400)="ecd7fd931f6101750eef273f7f60", &(0x7f00000004c0)="a200a82b623ae257b53c64f46455bcbaa12ae75fa4889dc1079c49a469b96e6c4ad92e340fa62d27c0a846d0ecb8abb88bb7bae088fd466677d4d27e9f5dfff8c6b03e0a616b9209c2fc0c421a6054d1e551396e4ee119"}) shmctl$auto_IPC_INFO(0x80000001, 0x3, &(0x7f0000000640)={{0x10001, 0xee01, 0xee01, 0x0, 0x4, 0x432936da, 0x4}, 0x1, 0x7, 0x3, 0x1, @inferred=0xffffffffffffffff, @inferred, 0x5, 0x0, &(0x7f00000005c0)="1a6c8274f2cf01e59c434dbed955e6cb5802f26744eed9a24b2ff3af2b20d810212beb6b929df1af9ea8ca04501fd071bbc1a24399d2d2b7a6ebcdf6c91da2484632811e", &(0x7f0000000440)="034eb851b177ab"}) ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f00000006c0)={0x6, 0x1, 0x0, 0x7, 0x3ff, 0x0}) shmctl$auto_IPC_RMID(0xcbf, 0x0, &(0x7f00000007c0)={{0x8, r1, r2, 0x7, 0xfffffffc, 0x7, 0x7}, 0x6, 0x9, 0x4, 0x3, @inferred=0xffffffffffffffff, @inferred=r3, 0x0, 0x0, &(0x7f0000000700)="839b48bde9bd5e68cb7b0c75900bf7865e55fd19caa6360a1866f06732d27746d56bc36001ce074ad7a18da2552af51df4ca7d7caaa638a29cbcec31ab73f2eae57627cf16d97ed0a88b96d4f8d2608021321d520c11c384ecb7f2f44e1a4b878da47ef891992d523fd7c53c14436610e4b937ef", &(0x7f0000000780)="84f03685ca7f8d7ed6"}) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x6, 0xf, 0xb6e, 0x4, 0x3, 0x96a, 0xfffffffffffffffe, 0x9, 0x5, 0x5, 0x7, 0xb0, 0x9, 0x5, 0x4, 0x5, 0x1, 0x10, 0x0, 0x0, 0x10001, 0x0, 0xc74, 0x3, 0x0, 0xfffffffd, 0xfd0, 0x0, [0x0, 0x0, 0x5, 0x0, 0x4, 0x0, 0x400, 0x0, 0x100000000000, 0xd3, 0x0, 0x40000000000000, 0x2, 0x0, 0xffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x800, 0xfffffffffffffffc, 0x2, 0x0, 0x0, 0x0, 0x59f, 0x1fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd02c, 0x0, 0x0, 0xe]}, 0x200, 0x82) sendmsg$auto_IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x1c, 0x0, 0x2, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7ff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x40804) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r4 = socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x2000000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 1.993170025s ago: executing program 4 (id=3231): socket$nl_generic(0x10, 0x3, 0x10) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/lru_gen\x00', 0x240040, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x101b00, 0x0) openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x40001, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/user\x00') socketpair$auto(0x2, 0x5, 0xb, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0xffffffffffffffff, 0x8000) setrlimit$auto(0xb, 0x0) timer_create$auto(0x9, 0x0, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x2a) socket(0x2, 0x80802, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0xfdef, 0xe, &(0x7f0000000100)=@in={0x2, 0x4e20, @multicast2}, 0x1d) 1.971261924s ago: executing program 0 (id=3232): keyctl$auto(0x3, 0xfffffffffffffffd, 0x0, 0xee01, 0xa00002) unshare$auto(0x40000080) write$auto(0xca, 0x0, 0x7f) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) ioctl$auto_XFS_IOC_ALLOCSP64(r0, 0x40305824, &(0x7f00000016c0)={0x9, 0x8, 0x1, 0x6}) syz_clone(0xc8200, &(0x7f0000001900), 0x0, 0x0, 0x0, &(0x7f0000001a00)="b08dd4f55cef44ebb71e6d4d3b439a076c8fea9e3705ad16d23512786e6430b23227241a6f96") mknod$auto(&(0x7f0000000080)='}[,&*}\x00', 0xe6c, 0x17) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0xffffffffffffb8f1, 0x5, 0x3, 0x613, 0xfffffffffffffffa, 0x100000000000006) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'geneve0\x00'}) bpf$auto(0x4, &(0x7f0000000180)=@query={@target_fd=r1, 0x9, 0x1, 0x6f7, 0x8, @count=0xf58000, 0x0, 0x7, 0x81, 0x0, 0xe}, 0x1) io_uring_setup$auto(0x6, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r2, &(0x7f0000000040)='//\xf2\x00', 0x80000000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x2, 0x8, 0x0) socket(0x26, 0xa, 0x0) r5 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 1.946778633s ago: executing program 3 (id=3233): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x5c110c9f, 0x400}]}) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r2) sendmsg$auto_NL80211_CMD_GET_KEY(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r3, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_STA_SUPPORTED_RATES={0x8, 0x13, "881cc73c"}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x2}, @NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x8126}, @NL80211_ATTR_MLO_SUPPORT={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005480), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_DEL_NAN_FUNCTION(0xffffffffffffffff, &(0x7f00000058c0)={0x0, 0x0, &(0x7f0000005880)={&(0x7f0000000100)=ANY=[@ANYBLOB="ac3ddcf8c9803391f9e43ff80eeb0000", @ANYRES16=r4, @ANYBLOB="010029bd7000fbdbdf25760000000c009900ff7f000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x4008050}, 0x80) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r5 = userfaultfd$auto(0x6) openat$auto_hwsim_fops_rx_rssi_(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy0/hwsim/rx_rssi\x00', 0x100, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto_SO_SNDTIMEO_OLD(r6, 0x1, 0x15, &(0x7f0000000180)='IPVS\x00', &(0x7f00000001c0)=0x4) sysfs$auto(0x2, 0xf, 0x0) r7 = fsopen$auto(0x0, 0x1) socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) sendmsg$auto_TCP_METRICS_CMD_GET(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r8, 0x4, 0x70bd26, 0x25dfdbfe, {}, [@TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @empty}, @TCP_METRICS_ATTR_SADDR_IPV4={0x8, 0xb, @multicast2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x10) shutdown$auto(r7, 0x9) 1.676649919s ago: executing program 4 (id=3234): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x60342, 0x0) r0 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r0, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3) socket(0xa, 0x6, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x400, 0x0) read$auto(r1, 0x0, 0x4) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) r3 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000001280)='/dev/mixer\x00', 0x80002, 0x0) ioctl$auto_SOUND_MIXER_READ_RECSRC(r3, 0x80044dff, &(0x7f00000012c0)) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x1400, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x7, 0x400009, 0xdf, 0x1c, 0x8000000000000003, 0x8000) mremap$auto(0x0, 0x2, 0x8, 0x3, 0x7effffffb000) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/console\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r5, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_RTC_PARAM_GET(0xffffffffffffffff, 0x40187013, 0x0) eventfd$auto(0x8c) socket(0x10, 0x2, 0x4) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000100), 0x200801, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x7, 0x0, 0x5, 0xffffffff, 0x2000000000210004, 0x0, 0x7, 0x5, 0x2, 0x7, 0xaf, 0x6, 0x8, 0x3, 0xa, 0x7, 0x0, 0x0, 0x10000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, [0x3, 0x0, 0x0, 0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x200000000000000, 0x0, 0x200]}, 0x1fe, 0x81) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) 1.647840857s ago: executing program 3 (id=3235): keyctl$auto(0x3, 0xfffffffffffffffd, 0x0, 0xee01, 0xa00002) unshare$auto(0x40000080) write$auto(0xca, 0x0, 0x7f) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r1) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="07031abd70250c00587b22"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x40800) writev$auto(0x3, &(0x7f0000000140)={&(0x7f0000000000), 0xdc7}, 0x4) ioctl$auto_XFS_IOC_ALLOCSP64(r0, 0x40305824, &(0x7f00000016c0)={0x9, 0x8, 0x1, 0x6}) syz_clone(0xc8200, &(0x7f0000001900), 0x0, 0x0, 0x0, &(0x7f0000001a00)="b08dd4f55cef44ebb71e6d4d3b439a076c8fea9e3705ad16d23512786e6430b23227241a6f96") syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001300), 0xffffffffffffffff) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) shmctl$auto_IPC_INFO(0x3, 0x3, &(0x7f0000001ec0)={{0x8000000, 0xee00, 0x0, 0x0, 0x6, 0xffffff35, 0x1a}, 0x0, 0x80, 0x8, 0x5, @raw=0x8, @inferred, 0x0, 0x0, &(0x7f0000001d00), &(0x7f0000001e00)="b4fa1f4ffa93e299a004557ddf46ae9a0d36b83a393e19e0d533d28de57b4ba726e57918c38e02101d19375f278006e54ed8850d623137c8fd78de1898d3b3f8ab7af1715ce4e6c32c030e34004882003a77dff33573c7cab3f5564dfcab46f01b3b72db40935b86a247a53df320fb614813bc6270d8ba52c967b6f08295"}) sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r0, 0x0, 0x44011) madvise$auto(0x0, 0x8000000000000000, 0x15) mprotect$auto(0x200000000000, 0x806121, 0x8) 1.277615229s ago: executing program 1 (id=3236): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) ioctl$auto_TIOCVHANGUP(r0, 0x5437, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) r2 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) write$auto(r2, &(0x7f00000002c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) read$auto(r1, 0x0, 0x20) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x200000, 0x0) close_range$auto(r1, r1, 0xfffffffe) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) r3 = socket(0xa, 0xa, 0x400) setsockopt$auto(r3, 0x65, 0x1, 0x0, 0x800) r4 = socket(0x2, 0x1, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/system/cpu/cpu0/topology/die_cpus\x00', 0x41200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f00000010c0)=""/4096, 0x1000) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r6, 0xfd}, 0x6a) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r7) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r8, 0x1, 0x70bd2a, 0x25dfdc00, {}, [@ETHTOOL_A_CHANNELS_OTHER_COUNT={0x8, 0x8, 0x1b0}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8}, @ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x20008800}, 0x4) io_uring_setup$auto(0x6, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x6) close_range$auto(0x2, 0x8000, 0x0) open(0x0, 0xa22c0, 0x155) open(0x0, 0xa240, 0x1de) 0s ago: executing program 1 (id=3237): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x60342, 0x0) r0 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r0, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3) socket(0xa, 0x6, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x400, 0x0) read$auto(r1, 0x0, 0x4) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x800, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) r3 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000001280)='/dev/mixer\x00', 0x80002, 0x0) ioctl$auto_SOUND_MIXER_READ_RECSRC(r3, 0x80044dff, &(0x7f00000012c0)) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x1400, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x7, 0x400009, 0xdf, 0x1c, 0x8000000000000003, 0x8000) mremap$auto(0x0, 0x2, 0x8, 0x3, 0x7effffffb000) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/console\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r5, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_RTC_PARAM_GET(0xffffffffffffffff, 0x40187013, 0x0) eventfd$auto(0x8c) socket(0x10, 0x2, 0x4) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x7, 0x0, 0x5, 0xffffffff, 0x2000000000210004, 0x0, 0x7, 0x5, 0x2, 0x7, 0xaf, 0x6, 0x8, 0x3, 0xa, 0x7, 0x0, 0x0, 0x10000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, [0x3, 0x0, 0x0, 0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x200000000000000, 0x0, 0x200]}, 0x1fe, 0x81) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) kernel console output (not intermixed with test programs): f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 977.378270][T22579] RSP: 002b:00007fc3bcda2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 977.378306][T22579] RAX: ffffffffffffffda RBX: 00007fc3bc1b5fa0 RCX: 00007fc3bbf8ebe9 [ 977.378332][T22579] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 977.378357][T22579] RBP: 00007fc3bc011e19 R08: 0000000000000000 R09: 0000000000000000 [ 977.378382][T22579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 977.378407][T22579] R13: 00007fc3bc1b6038 R14: 00007fc3bc1b5fa0 R15: 00007fff10b10088 [ 977.378445][T22579] [ 977.687591][T22567] kmem: usage 3008kB, limit 9007199254740988kB, failcnt 0 [ 977.695128][T22567] Memory cgroup stats for /syz1: [ 977.695442][T22567] cache 0 [ 977.705096][T22567] rss 4096 [ 977.708198][T22567] rss_huge 0 [ 977.711510][T22567] shmem 0 [ 977.714477][T22567] mapped_file 0 [ 977.718067][T22567] dirty 0 [ 977.728245][T22567] writeback 0 [ 977.731659][T22567] workingset_refault_anon 63490 [ 977.736533][T22567] workingset_refault_file 19708 [ 977.742663][T22567] swap 2162688 [ 977.746086][T22567] swapcached 57344 [ 977.749818][T22567] pgpgin 267526 [ 977.761365][T22567] pgpgout 268030 [ 977.765061][T22567] pgfault 326100 [ 977.768637][T22567] pgmajfault 49934 [ 977.772470][T22567] inactive_anon 8192 [ 977.776488][T22567] active_anon 0 [ 977.783755][T22567] inactive_file 0 [ 977.787561][T22567] active_file 0 [ 977.791378][T22567] unevictable 0 [ 977.794882][T22567] hierarchical_memory_limit 3145728 [ 977.800433][T22567] hierarchical_memsw_limit 9223372036854771712 [ 977.806629][T22567] total_cache 0 [ 977.831381][T22567] total_rss 4096 [ 977.835170][T22567] total_rss_huge 0 [ 977.838933][T22567] total_shmem 0 [ 977.872463][T22567] total_mapped_file 0 [ 977.890113][T22567] total_dirty 0 [ 977.893697][T22567] total_writeback 0 [ 977.897538][T22567] total_workingset_refault_anon 63490 [ 977.911572][T22567] total_workingset_refault_file 19708 [ 977.917019][T22567] total_swap 2162688 [ 977.923097][T22567] total_swapcached 57344 [ 977.935148][T22567] total_pgpgin 267526 [ 977.939198][T22567] total_pgpgout 268030 [ 977.954773][T22567] total_pgfault 326100 [ 977.958937][T22567] total_pgmajfault 49934 [ 977.980392][T22567] total_inactive_anon 8192 [ 977.984971][T22567] total_active_anon 0 [ 977.988992][T22567] total_inactive_file 0 [ 977.996247][T22567] total_active_file 0 [ 978.000554][T22567] total_unevictable 0 [ 978.004569][T22567] anon_cost 17 [ 978.008070][T22567] file_cost 0 [ 978.031280][T22567] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3057,pid=22561,uid=0 [ 978.056697][T22567] Memory cgroup out of memory: Killed process 22561 (syz.1.3057) total-vm:102352kB, anon-rss:1052kB, file-rss:21532kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000 [ 978.926195][T22605] zswap: compressor not available [ 979.103354][T22614] QAT: Stopping all acceleration devices. [ 979.977157][T22627] FAULT_INJECTION: forcing a failure. [ 979.977157][T22627] name failslab, interval 1, probability 0, space 0, times 0 [ 980.001419][T22627] CPU: 0 UID: 0 PID: 22627 Comm: syz.4.3073 Tainted: G U syzkaller #0 PREEMPT(full) [ 980.001474][T22627] Tainted: [U]=USER [ 980.001486][T22627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 980.001507][T22627] Call Trace: [ 980.001519][T22627] [ 980.001532][T22627] dump_stack_lvl+0x16c/0x1f0 [ 980.001581][T22627] should_fail_ex+0x512/0x640 [ 980.001632][T22627] should_failslab+0xc2/0x120 [ 980.001678][T22627] __kmalloc_cache_noprof+0x6a/0x3e0 [ 980.001713][T22627] ? kernfs_fop_open+0x244/0xda0 [ 980.001748][T22627] kernfs_fop_open+0x244/0xda0 [ 980.001786][T22627] do_dentry_open+0x97f/0x1530 [ 980.001829][T22627] ? __pfx_kernfs_fop_open+0x10/0x10 [ 980.001865][T22627] vfs_open+0x82/0x3f0 [ 980.001917][T22627] path_openat+0x1de4/0x2cb0 [ 980.001963][T22627] ? __pfx_path_openat+0x10/0x10 [ 980.002008][T22627] do_filp_open+0x20b/0x470 [ 980.002046][T22627] ? __pfx_do_filp_open+0x10/0x10 [ 980.002109][T22627] ? alloc_fd+0x471/0x7d0 [ 980.002150][T22627] do_sys_openat2+0x11b/0x1d0 [ 980.002201][T22627] ? __pfx_do_sys_openat2+0x10/0x10 [ 980.002259][T22627] __x64_sys_openat+0x174/0x210 [ 980.002312][T22627] ? __pfx___x64_sys_openat+0x10/0x10 [ 980.002374][T22627] do_syscall_64+0xcd/0x490 [ 980.002421][T22627] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 980.002457][T22627] RIP: 0033:0x7ff3b598ebe9 [ 980.002483][T22627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 980.002517][T22627] RSP: 002b:00007ff3b67d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 980.002551][T22627] RAX: ffffffffffffffda RBX: 00007ff3b5bb5fa0 RCX: 00007ff3b598ebe9 [ 980.002574][T22627] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 980.002597][T22627] RBP: 00007ff3b5a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 980.002619][T22627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 980.002641][T22627] R13: 00007ff3b5bb6038 R14: 00007ff3b5bb5fa0 R15: 00007ffd8fbaf758 [ 980.002674][T22627] [ 980.213850][ C0] vkms_vblank_simulate: vblank timer overrun [ 980.679636][T22633] FAULT_INJECTION: forcing a failure. [ 980.679636][T22633] name failslab, interval 1, probability 0, space 0, times 0 [ 980.725833][T22633] CPU: 0 UID: 0 PID: 22633 Comm: syz.1.3076 Tainted: G U syzkaller #0 PREEMPT(full) [ 980.725883][T22633] Tainted: [U]=USER [ 980.725894][T22633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 980.725914][T22633] Call Trace: [ 980.725925][T22633] [ 980.725938][T22633] dump_stack_lvl+0x16c/0x1f0 [ 980.725987][T22633] should_fail_ex+0x512/0x640 [ 980.726050][T22633] should_failslab+0xc2/0x120 [ 980.726096][T22633] __kmalloc_cache_noprof+0x6a/0x3e0 [ 980.726131][T22633] ? kernfs_fop_open+0x244/0xda0 [ 980.726165][T22633] kernfs_fop_open+0x244/0xda0 [ 980.726202][T22633] do_dentry_open+0x97f/0x1530 [ 980.726244][T22633] ? __pfx_kernfs_fop_open+0x10/0x10 [ 980.726280][T22633] vfs_open+0x82/0x3f0 [ 980.726331][T22633] path_openat+0x1de4/0x2cb0 [ 980.726377][T22633] ? __pfx_path_openat+0x10/0x10 [ 980.726422][T22633] do_filp_open+0x20b/0x470 [ 980.726463][T22633] ? __pfx_do_filp_open+0x10/0x10 [ 980.726517][T22633] ? alloc_fd+0x471/0x7d0 [ 980.726555][T22633] do_sys_openat2+0x11b/0x1d0 [ 980.726602][T22633] ? __pfx_do_sys_openat2+0x10/0x10 [ 980.726655][T22633] __x64_sys_openat+0x174/0x210 [ 980.726704][T22633] ? __pfx___x64_sys_openat+0x10/0x10 [ 980.726763][T22633] do_syscall_64+0xcd/0x490 [ 980.726805][T22633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 980.726839][T22633] RIP: 0033:0x7f86cbb8ebe9 [ 980.726865][T22633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 980.726898][T22633] RSP: 002b:00007f86c9dee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 980.726929][T22633] RAX: ffffffffffffffda RBX: 00007f86cbdb5fa0 RCX: 00007f86cbb8ebe9 [ 980.726952][T22633] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 980.726974][T22633] RBP: 00007f86cbc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 980.727005][T22633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 980.727026][T22633] R13: 00007f86cbdb6038 R14: 00007f86cbdb5fa0 R15: 00007ffe52aa0038 [ 980.727057][T22633] [ 980.933985][ C0] vkms_vblank_simulate: vblank timer overrun [ 981.140624][T22631] FAULT_INJECTION: forcing a failure. [ 981.140624][T22631] name fail_futex, interval 1, probability 0, space 0, times 0 [ 981.153902][T22631] CPU: 0 UID: 0 PID: 22631 Comm: syz.4.3075 Tainted: G U syzkaller #0 PREEMPT(full) [ 981.153965][T22631] Tainted: [U]=USER [ 981.153977][T22631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 981.153998][T22631] Call Trace: [ 981.154010][T22631] [ 981.154022][T22631] dump_stack_lvl+0x16c/0x1f0 [ 981.154071][T22631] should_fail_ex+0x512/0x640 [ 981.154121][T22631] get_futex_key+0x1d0/0x1560 [ 981.154160][T22631] ? arch_stack_walk+0xa6/0x100 [ 981.154197][T22631] ? __pfx_get_futex_key+0x10/0x10 [ 981.154242][T22631] futex_wait_setup+0x9d/0x550 [ 981.154297][T22631] __futex_wait+0x194/0x2f0 [ 981.154347][T22631] ? __pfx___futex_wait+0x10/0x10 [ 981.154396][T22631] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.154434][T22631] ? __pfx_futex_wake_mark+0x10/0x10 [ 981.154487][T22631] ? lock_release+0x201/0x2f0 [ 981.154533][T22631] ? futex_private_hash_put+0x11c/0x300 [ 981.154574][T22631] futex_wait+0xe8/0x380 [ 981.154622][T22631] ? __pfx_futex_wait+0x10/0x10 [ 981.154677][T22631] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 981.154744][T22631] do_futex+0x229/0x350 [ 981.154786][T22631] ? __pfx_do_futex+0x10/0x10 [ 981.154833][T22631] __x64_sys_futex+0x1e0/0x4c0 [ 981.154877][T22631] ? __pfx___x64_sys_futex+0x10/0x10 [ 981.154921][T22631] ? dnotify_flush+0x79/0x4c0 [ 981.154972][T22631] do_syscall_64+0xcd/0x490 [ 981.155017][T22631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.155051][T22631] RIP: 0033:0x7ff3b598ebe9 [ 981.155078][T22631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 981.155112][T22631] RSP: 002b:00007ff3b67d50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 981.155145][T22631] RAX: ffffffffffffffda RBX: 00007ff3b5bb5fa8 RCX: 00007ff3b598ebe9 [ 981.155168][T22631] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff3b5bb5fa8 [ 981.155189][T22631] RBP: 00007ff3b5bb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 981.155210][T22631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 981.155231][T22631] R13: 00007ff3b5bb6038 R14: 00007ffd8fbaf670 R15: 00007ffd8fbaf758 [ 981.155264][T22631] [ 981.376395][ C0] vkms_vblank_simulate: vblank timer overrun [ 981.692377][T22645] FAULT_INJECTION: forcing a failure. [ 981.692377][T22645] name fail_futex, interval 1, probability 0, space 0, times 0 [ 981.731091][T22645] CPU: 0 UID: 0 PID: 22645 Comm: syz.1.3079 Tainted: G U syzkaller #0 PREEMPT(full) [ 981.731150][T22645] Tainted: [U]=USER [ 981.731163][T22645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 981.731185][T22645] Call Trace: [ 981.731196][T22645] [ 981.731209][T22645] dump_stack_lvl+0x16c/0x1f0 [ 981.731259][T22645] should_fail_ex+0x512/0x640 [ 981.731309][T22645] get_futex_key+0x1d0/0x1560 [ 981.731351][T22645] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 981.731407][T22645] ? __pfx_get_futex_key+0x10/0x10 [ 981.731446][T22645] ? lock_release+0x201/0x2f0 [ 981.731488][T22645] ? do_raw_spin_unlock+0x172/0x230 [ 981.731541][T22645] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 981.731592][T22645] futex_wait_setup+0x9d/0x550 [ 981.731650][T22645] __futex_wait+0x194/0x2f0 [ 981.731701][T22645] ? __pfx___futex_wait+0x10/0x10 [ 981.731751][T22645] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 981.731804][T22645] ? __pfx_futex_wake_mark+0x10/0x10 [ 981.731859][T22645] ? lock_release+0x201/0x2f0 [ 981.731905][T22645] ? futex_private_hash_put+0x11c/0x300 [ 981.731944][T22645] futex_wait+0xe8/0x380 [ 981.731993][T22645] ? __pfx_futex_wait+0x10/0x10 [ 981.732055][T22645] ? kmem_cache_free+0x2d1/0x4d0 [ 981.732097][T22645] ? putname+0x154/0x1a0 [ 981.732146][T22645] do_futex+0x229/0x350 [ 981.732188][T22645] ? __pfx_do_futex+0x10/0x10 [ 981.732232][T22645] ? __pfx___might_resched+0x10/0x10 [ 981.732266][T22645] __x64_sys_futex+0x1e0/0x4c0 [ 981.732308][T22645] ? __x64_sys_openat+0x174/0x210 [ 981.732359][T22645] ? __pfx___x64_sys_futex+0x10/0x10 [ 981.732405][T22645] ? xfd_validate_state+0x61/0x180 [ 981.732463][T22645] do_syscall_64+0xcd/0x490 [ 981.732510][T22645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.732546][T22645] RIP: 0033:0x7f86cbb8ebe9 [ 981.732581][T22645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 981.732615][T22645] RSP: 002b:00007f86c9dee0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 981.732650][T22645] RAX: ffffffffffffffda RBX: 00007f86cbdb5fa8 RCX: 00007f86cbb8ebe9 [ 981.732674][T22645] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f86cbdb5fa8 [ 981.732696][T22645] RBP: 00007f86cbdb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 981.732716][T22645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 981.732738][T22645] R13: 00007f86cbdb6038 R14: 00007ffe52a9ff50 R15: 00007ffe52aa0038 [ 981.732770][T22645] [ 981.987567][ C0] vkms_vblank_simulate: vblank timer overrun [ 982.292573][T22659] FAULT_INJECTION: forcing a failure. [ 982.292573][T22659] name failslab, interval 1, probability 0, space 0, times 0 [ 982.341041][T22662] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3083'. [ 982.349726][T22659] CPU: 0 UID: 0 PID: 22659 Comm: syz.0.3082 Tainted: G U syzkaller #0 PREEMPT(full) [ 982.349788][T22659] Tainted: [U]=USER [ 982.349801][T22659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 982.349826][T22659] Call Trace: [ 982.349838][T22659] [ 982.349853][T22659] dump_stack_lvl+0x16c/0x1f0 [ 982.349912][T22659] should_fail_ex+0x512/0x640 [ 982.349969][T22659] ? devlink_fmsg_put_value+0xaa/0x2d0 [ 982.350023][T22659] should_failslab+0xc2/0x120 [ 982.350067][T22659] __kmalloc_noprof+0xd2/0x510 [ 982.350102][T22659] ? trace_kmalloc+0x2b/0xd0 [ 982.350150][T22659] ? __kmalloc_noprof+0x242/0x510 [ 982.350190][T22659] devlink_fmsg_put_value+0xaa/0x2d0 [ 982.350235][T22659] devlink_fmsg_string_pair_put+0xc1/0x1b0 [ 982.350285][T22659] nsim_dev_dummy_fmsg_put+0x77/0x1e0 [ 982.350332][T22659] devlink_health_do_dump+0x243/0x620 [ 982.350385][T22659] devlink_health_report+0x3c9/0x9c0 [ 982.350441][T22659] ? __pfx_devlink_health_report+0x10/0x10 [ 982.350502][T22659] ? _copy_from_user+0x59/0xd0 [ 982.350565][T22659] nsim_dev_health_break_write+0x166/0x210 [ 982.350631][T22659] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 982.350685][T22659] ? rcu_is_watching+0x12/0xc0 [ 982.350727][T22659] full_proxy_write+0x12e/0x1a0 [ 982.350789][T22659] ? __pfx_full_proxy_write+0x10/0x10 [ 982.350845][T22659] vfs_write+0x29d/0x11d0 [ 982.350890][T22659] ? __pfx___mutex_lock+0x10/0x10 [ 982.350941][T22659] ? __pfx_vfs_write+0x10/0x10 [ 982.350982][T22659] ? __fget_files+0x204/0x3c0 [ 982.351020][T22659] ? rcu_is_watching+0x12/0xc0 [ 982.351062][T22659] ? __fget_files+0x20e/0x3c0 [ 982.351108][T22659] ksys_write+0x12a/0x250 [ 982.351151][T22659] ? __pfx_ksys_write+0x10/0x10 [ 982.351200][T22659] do_syscall_64+0xcd/0x490 [ 982.351252][T22659] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 982.351291][T22659] RIP: 0033:0x7f5a8fb8ebe9 [ 982.351319][T22659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 982.351358][T22659] RSP: 002b:00007f5a8ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 982.351394][T22659] RAX: ffffffffffffffda RBX: 00007f5a8fdb5fa0 RCX: 00007f5a8fb8ebe9 [ 982.351421][T22659] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000008 [ 982.351445][T22659] RBP: 00007f5a8fc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 982.351468][T22659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 982.351492][T22659] R13: 00007f5a8fdb6038 R14: 00007f5a8fdb5fa0 R15: 00007ffdfb10e098 [ 982.351529][T22659] [ 982.722905][T22653] zswap: compressor not available [ 983.214568][T22679] zswap: compressor not available [ 984.078105][T22705] FAULT_INJECTION: forcing a failure. [ 984.078105][T22705] name failslab, interval 1, probability 0, space 0, times 0 [ 984.139045][T22705] CPU: 0 UID: 0 PID: 22705 Comm: syz.0.3093 Tainted: G U syzkaller #0 PREEMPT(full) [ 984.139103][T22705] Tainted: [U]=USER [ 984.139117][T22705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 984.139138][T22705] Call Trace: [ 984.139149][T22705] [ 984.139162][T22705] dump_stack_lvl+0x16c/0x1f0 [ 984.139213][T22705] should_fail_ex+0x512/0x640 [ 984.139263][T22705] should_failslab+0xc2/0x120 [ 984.139306][T22705] __kmalloc_cache_noprof+0x6a/0x3e0 [ 984.139339][T22705] ? snd_mixer_oss_get_volume1_sw.constprop.0.isra.0+0xa4/0x580 [ 984.139396][T22705] snd_mixer_oss_get_volume1_sw.constprop.0.isra.0+0xa4/0x580 [ 984.139463][T22705] snd_mixer_oss_get_recsrc1_sw+0x104/0x1d0 [ 984.139518][T22705] ? __pfx_snd_mixer_oss_get_recsrc1_sw+0x10/0x10 [ 984.139569][T22705] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 984.139620][T22705] snd_mixer_oss_ioctl1+0x18f4/0x1e40 [ 984.139667][T22705] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 984.139720][T22705] ? __pfx_snd_mixer_oss_get_recsrc1_sw+0x10/0x10 [ 984.139772][T22705] ? __pfx_snd_mixer_oss_ioctl1+0x10/0x10 [ 984.139818][T22705] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 984.139877][T22705] ? rcu_is_watching+0x12/0xc0 [ 984.139911][T22705] ? __fget_files+0x204/0x3c0 [ 984.139943][T22705] ? hook_file_ioctl_common+0x145/0x410 [ 984.139991][T22705] ? __fget_files+0x20e/0x3c0 [ 984.140030][T22705] snd_mixer_oss_ioctl+0x3e/0x50 [ 984.140075][T22705] ? __pfx_snd_mixer_oss_ioctl+0x10/0x10 [ 984.140122][T22705] __x64_sys_ioctl+0x18e/0x210 [ 984.140173][T22705] do_syscall_64+0xcd/0x490 [ 984.140218][T22705] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 984.140251][T22705] RIP: 0033:0x7f5a8fb8ebe9 [ 984.140277][T22705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 984.140310][T22705] RSP: 002b:00007f5a8ddb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 984.140342][T22705] RAX: ffffffffffffffda RBX: 00007f5a8fdb6180 RCX: 00007f5a8fb8ebe9 [ 984.140364][T22705] RDX: 00002000000012c0 RSI: 0000000080044dff RDI: 0000000000000007 [ 984.140386][T22705] RBP: 00007f5a8fc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 984.140408][T22705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 984.140430][T22705] R13: 00007f5a8fdb6218 R14: 00007f5a8fdb6180 R15: 00007ffdfb10e098 [ 984.140472][T22705] [ 984.653016][T22701] FAULT_INJECTION: forcing a failure. [ 984.653016][T22701] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 984.748940][T22701] CPU: 0 UID: 0 PID: 22701 Comm: syz.0.3093 Tainted: G U syzkaller #0 PREEMPT(full) [ 984.748994][T22701] Tainted: [U]=USER [ 984.749006][T22701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 984.749026][T22701] Call Trace: [ 984.749036][T22701] [ 984.749049][T22701] dump_stack_lvl+0x16c/0x1f0 [ 984.749098][T22701] should_fail_ex+0x512/0x640 [ 984.749148][T22701] should_fail_alloc_page+0xe7/0x130 [ 984.749197][T22701] prepare_alloc_pages+0x3c2/0x610 [ 984.749247][T22701] ? mas_next_node+0x7e0/0xf50 [ 984.749286][T22701] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 984.749329][T22701] ? mas_next_slot+0x12d3/0x21b0 [ 984.749379][T22701] ? validate_mm+0x27c/0x570 [ 984.749413][T22701] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 984.749457][T22701] ? validate_mm+0x40a/0x570 [ 984.749495][T22701] ? __pfx_validate_mm+0x10/0x10 [ 984.749529][T22701] ? vma_link_file+0xc7/0x110 [ 984.749564][T22701] ? rcu_is_watching+0x12/0xc0 [ 984.749600][T22701] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 984.749665][T22701] ? policy_nodemask+0xea/0x4e0 [ 984.749708][T22701] alloc_pages_mpol+0x1fb/0x550 [ 984.749751][T22701] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 984.749791][T22701] ? __pfx_vma_link+0x10/0x10 [ 984.749831][T22701] alloc_pages_noprof+0x131/0x390 [ 984.749880][T22701] __pud_alloc+0x3b/0x750 [ 984.749931][T22701] alloc_new_pud+0x267/0x320 [ 984.749968][T22701] move_page_tables+0x6ab/0x4070 [ 984.750007][T22701] ? __pfx_copy_vma+0x10/0x10 [ 984.750048][T22701] ? __pfx_move_page_tables+0x10/0x10 [ 984.750085][T22701] ? trace_pid_list_is_set+0xfb/0x150 [ 984.750125][T22701] ? rcu_is_watching+0x12/0xc0 [ 984.750166][T22701] ? rcu_is_watching+0x12/0xc0 [ 984.750198][T22701] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 984.750253][T22701] copy_vma_and_data+0x24e/0x790 [ 984.750293][T22701] ? __pfx_copy_vma_and_data+0x10/0x10 [ 984.750330][T22701] ? sched_clock_cpu+0x6c/0x530 [ 984.750375][T22701] ? __vma_enter_locked+0x163/0x3f0 [ 984.750408][T22701] ? __pfx___vma_enter_locked+0x10/0x10 [ 984.750438][T22701] ? move_vma+0x536/0x1780 [ 984.750472][T22701] ? rcu_is_watching+0x12/0xc0 [ 984.750504][T22701] ? lock_release+0x201/0x2f0 [ 984.750552][T22701] move_vma+0x548/0x1780 [ 984.750590][T22701] ? __pfx_move_vma+0x10/0x10 [ 984.750635][T22701] ? mm_get_unmapped_area+0x95/0xe0 [ 984.750685][T22701] ? shmem_get_unmapped_area+0x170/0xa00 [ 984.750721][T22701] ? cap_mmap_addr+0x4b/0x120 [ 984.750755][T22701] ? bpf_lsm_mmap_addr+0x9/0x10 [ 984.750803][T22701] ? security_mmap_addr+0x6c/0x1e0 [ 984.750850][T22701] ? __get_unmapped_area+0x267/0x440 [ 984.750900][T22701] ? vrm_set_new_addr+0x208/0x290 [ 984.750939][T22701] mremap_to+0x1b7/0x450 [ 984.750976][T22701] do_mremap+0x1004/0x1f80 [ 984.751022][T22701] ? __pfx_do_mremap+0x10/0x10 [ 984.751064][T22701] ? up_write+0x1b2/0x520 [ 984.751115][T22701] __do_sys_mremap+0x119/0x170 [ 984.751153][T22701] ? __pfx___do_sys_mremap+0x10/0x10 [ 984.751198][T22701] ? __x64_sys_futex+0x1e0/0x4c0 [ 984.751253][T22701] do_syscall_64+0xcd/0x490 [ 984.751299][T22701] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 984.751335][T22701] RIP: 0033:0x7f5a8fb8ebe9 [ 984.751363][T22701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 984.751396][T22701] RSP: 002b:00007f5a8ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 984.751428][T22701] RAX: ffffffffffffffda RBX: 00007f5a8fdb5fa0 RCX: 00007f5a8fb8ebe9 [ 984.751449][T22701] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 984.751468][T22701] RBP: 00007f5a8fc11e19 R08: 00007effffffb000 R09: 0000000000000000 [ 984.751489][T22701] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 984.751509][T22701] R13: 00007f5a8fdb6038 R14: 00007f5a8fdb5fa0 R15: 00007ffdfb10e098 [ 984.751541][T22701] [ 987.247111][T22733] FAULT_INJECTION: forcing a failure. [ 987.247111][T22733] name failslab, interval 1, probability 0, space 0, times 0 [ 987.282893][T22733] CPU: 1 UID: 0 PID: 22733 Comm: syz.0.3099 Tainted: G U syzkaller #0 PREEMPT(full) [ 987.282946][T22733] Tainted: [U]=USER [ 987.282958][T22733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 987.282979][T22733] Call Trace: [ 987.282991][T22733] [ 987.283003][T22733] dump_stack_lvl+0x16c/0x1f0 [ 987.283048][T22733] should_fail_ex+0x512/0x640 [ 987.283111][T22733] should_failslab+0xc2/0x120 [ 987.283156][T22733] __kmalloc_cache_noprof+0x6a/0x3e0 [ 987.283190][T22733] ? kernfs_fop_open+0x244/0xda0 [ 987.283226][T22733] kernfs_fop_open+0x244/0xda0 [ 987.283261][T22733] do_dentry_open+0x97f/0x1530 [ 987.283300][T22733] ? __pfx_kernfs_fop_open+0x10/0x10 [ 987.283336][T22733] vfs_open+0x82/0x3f0 [ 987.283385][T22733] path_openat+0x1de4/0x2cb0 [ 987.283428][T22733] ? __pfx_path_openat+0x10/0x10 [ 987.283473][T22733] do_filp_open+0x20b/0x470 [ 987.283511][T22733] ? __pfx_do_filp_open+0x10/0x10 [ 987.283561][T22733] ? alloc_fd+0x471/0x7d0 [ 987.283602][T22733] do_sys_openat2+0x11b/0x1d0 [ 987.283653][T22733] ? __pfx_do_sys_openat2+0x10/0x10 [ 987.283720][T22733] __x64_sys_openat+0x174/0x210 [ 987.283773][T22733] ? __pfx___x64_sys_openat+0x10/0x10 [ 987.283835][T22733] do_syscall_64+0xcd/0x490 [ 987.283879][T22733] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 987.283915][T22733] RIP: 0033:0x7f5a8fb8ebe9 [ 987.283939][T22733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 987.283973][T22733] RSP: 002b:00007f5a8ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 987.284006][T22733] RAX: ffffffffffffffda RBX: 00007f5a8fdb5fa0 RCX: 00007f5a8fb8ebe9 [ 987.284030][T22733] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 987.284054][T22733] RBP: 00007f5a8fc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 987.284108][T22733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 987.284129][T22733] R13: 00007f5a8fdb6038 R14: 00007f5a8fdb5fa0 R15: 00007ffdfb10e098 [ 987.284162][T22733] [ 987.965209][ T30] audit: type=1800 audit(4294967478.610:40): pid=22749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3101" name="version" dev="configfs" ino=79982 res=0 errno=0 [ 989.594504][T22765] syz.1.3105 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=2, oom_score_adj=1000 [ 989.616502][T22765] CPU: 1 UID: 0 PID: 22765 Comm: syz.1.3105 Tainted: G U syzkaller #0 PREEMPT(full) [ 989.616561][T22765] Tainted: [U]=USER [ 989.616575][T22765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 989.616595][T22765] Call Trace: [ 989.616605][T22765] [ 989.616618][T22765] dump_stack_lvl+0x16c/0x1f0 [ 989.616667][T22765] dump_header+0x101/0x930 [ 989.616715][T22765] oom_kill_process+0x272/0xa40 [ 989.616759][T22765] out_of_memory+0x350/0x1700 [ 989.616804][T22765] ? __pfx_out_of_memory+0x10/0x10 [ 989.616850][T22765] mem_cgroup_out_of_memory+0x118/0x130 [ 989.616904][T22765] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 989.616960][T22765] ? do_raw_spin_unlock+0x172/0x230 [ 989.617018][T22765] try_charge_memcg+0x72b/0xd50 [ 989.617060][T22765] ? rcu_is_watching+0x12/0xc0 [ 989.617091][T22765] ? __pfx_try_charge_memcg+0x10/0x10 [ 989.617124][T22765] ? rcu_read_unlock+0x17/0x60 [ 989.617159][T22765] ? rcu_is_watching+0x12/0xc0 [ 989.617186][T22765] ? lock_release+0x201/0x2f0 [ 989.617231][T22765] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 989.617261][T22765] obj_cgroup_charge_pages+0x22/0x1f0 [ 989.617297][T22765] obj_cgroup_charge_account+0x5c/0xa0 [ 989.617334][T22765] __memcg_slab_post_alloc_hook+0x30c/0x960 [ 989.617375][T22765] ? kasan_unpoison+0x27/0x60 [ 989.617406][T22765] __kmalloc_cache_noprof+0x33b/0x3e0 [ 989.617435][T22765] ? ipv6_add_dev+0x6af/0x15f0 [ 989.617478][T22765] ? kasan_save_track+0x14/0x30 [ 989.617511][T22765] ipv6_add_dev+0x6af/0x15f0 [ 989.617555][T22765] addrconf_notify+0x53e/0x19e0 [ 989.617587][T22765] ? ip6mr_device_event+0x1bc/0x230 [ 989.617625][T22765] notifier_call_chain+0xb9/0x410 [ 989.617662][T22765] ? __pfx_addrconf_notify+0x10/0x10 [ 989.617697][T22765] call_netdevice_notifiers_info+0xbe/0x140 [ 989.617745][T22765] register_netdevice+0x182e/0x2270 [ 989.617789][T22765] ? __pfx_register_netdevice+0x10/0x10 [ 989.617834][T22765] __ip_tunnel_create+0x540/0x6e0 [ 989.617874][T22765] ? __pfx___ip_tunnel_create+0x10/0x10 [ 989.617919][T22765] ip_tunnel_init_net+0x22f/0x7d0 [ 989.617965][T22765] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 989.618009][T22765] ? trace_kmalloc+0x2b/0xd0 [ 989.618047][T22765] ? __kmalloc_noprof+0x242/0x510 [ 989.618078][T22765] ? lockdep_init_map_type+0x5c/0x280 [ 989.618118][T22765] ? __pfx_erspan_init_net+0x10/0x10 [ 989.618152][T22765] ops_init+0x1df/0x5f0 [ 989.618198][T22765] setup_net+0x10f/0x380 [ 989.618233][T22765] ? lockdep_init_map_type+0x5c/0x280 [ 989.618271][T22765] ? __pfx_setup_net+0x10/0x10 [ 989.618310][T22765] ? debug_mutex_init+0x37/0x70 [ 989.618337][T22765] copy_net_ns+0x2a6/0x5f0 [ 989.618380][T22765] create_new_namespaces+0x3ea/0xa90 [ 989.618415][T22765] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 989.618449][T22765] ksys_unshare+0x45b/0xa40 [ 989.618487][T22765] ? __pfx_ksys_unshare+0x10/0x10 [ 989.618526][T22765] ? xfd_validate_state+0x61/0x180 [ 989.618572][T22765] __x64_sys_unshare+0x31/0x40 [ 989.618610][T22765] do_syscall_64+0xcd/0x490 [ 989.618649][T22765] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 989.618677][T22765] RIP: 0033:0x7f86cbb8ebe9 [ 989.618698][T22765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 989.618726][T22765] RSP: 002b:00007f86c9dee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 989.618754][T22765] RAX: ffffffffffffffda RBX: 00007f86cbdb5fa0 RCX: 00007f86cbb8ebe9 [ 989.618773][T22765] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 989.618790][T22765] RBP: 00007f86cbc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 989.618807][T22765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 989.618824][T22765] R13: 00007f86cbdb6038 R14: 00007f86cbdb5fa0 R15: 00007ffe52aa0038 [ 989.618851][T22765] [ 989.618901][T22765] memory: usage 3056kB, limit 3072kB, failcnt 180010 [ 990.011550][T22765] memory+swap: usage 3724kB, limit 9007199254740988kB, failcnt 0 [ 990.077207][T22765] kmem: usage 2984kB, limit 9007199254740988kB, failcnt 0 [ 990.112709][T22765] Memory cgroup stats for /syz1: [ 990.112860][T22765] cache 0 [ 990.190003][T22765] rss 32768 [ 990.223153][T22765] rss_huge 0 [ 990.243255][T22765] shmem 0 [ 990.310920][T22765] mapped_file 0 [ 990.336185][T22765] dirty 0 [ 990.339300][T22765] writeback 0 [ 990.366360][T22765] workingset_refault_anon 63720 [ 990.404541][T22765] workingset_refault_file 19708 [ 990.409468][T22765] swap 667648 [ 990.458241][T22765] swapcached 81920 [ 990.511423][T22765] pgpgin 268596 [ 990.550454][T22765] pgpgout 269091 [ 990.559635][T22765] pgfault 327999 [ 990.580955][T22765] pgmajfault 50078 [ 990.619568][T22765] inactive_anon 4096 [ 990.648101][T22765] active_anon 0 [ 990.742679][T22765] inactive_file 0 [ 990.772092][T22765] active_file 0 [ 990.825632][T22765] unevictable 0 [ 990.850386][T22765] hierarchical_memory_limit 3145728 [ 990.875261][T22765] hierarchical_memsw_limit 9223372036854771712 [ 990.893152][T22765] total_cache 0 [ 990.906068][T22765] total_rss 32768 [ 990.911764][T22765] total_rss_huge 0 [ 990.924006][T22765] total_shmem 0 [ 990.928402][T22765] total_mapped_file 0 [ 990.940897][T22765] total_dirty 0 [ 990.951385][T22765] total_writeback 0 [ 990.961858][T22765] total_workingset_refault_anon 63720 [ 990.974150][T22765] total_workingset_refault_file 19708 [ 990.991110][T22765] total_swap 667648 [ 990.994983][T22765] total_swapcached 81920 [ 990.999289][T22765] total_pgpgin 268596 [ 991.020018][T22765] total_pgpgout 269091 [ 991.024428][T22765] total_pgfault 327999 [ 991.028661][T22765] total_pgmajfault 50078 [ 991.050429][T22765] total_inactive_anon 4096 [ 991.059123][T22765] total_active_anon 0 [ 991.063890][T22765] total_inactive_file 0 [ 991.088597][T22765] total_active_file 0 [ 991.099000][T22765] total_unevictable 0 [ 991.119088][T22765] anon_cost 95 [ 991.125055][T22765] file_cost 0 [ 991.128455][T22765] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3105,pid=22764,uid=0 [ 991.178771][T22765] Memory cgroup out of memory: Killed process 22764 (syz.1.3105) total-vm:134860kB, anon-rss:948kB, file-rss:21972kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000 [ 991.576008][ T5866] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 991.576062][ T5866] Bluetooth: hci4: unexpected subevent 0x0d length: 725 > 260 [ 991.591006][ T5866] Bluetooth: hci4: Unknown advertising packet type: 0x7f [ 991.591052][ T5866] Bluetooth: hci4: adv larger than maximum supported [ 991.598121][ T5866] Bluetooth: hci4: adv larger than maximum supported [ 991.604937][ T5866] Bluetooth: hci4: Malformed LE Event: 0x0d [ 991.695058][ T5866] Bluetooth: hci4: unexpected event 0x0f length: 726 > 4 [ 991.695123][ T5866] Bluetooth: hci4: unexpected event for opcode 0xf6ff [ 991.745972][T22781] Invalid ELF header magic: != ELF [ 992.875671][T22821] ima: policy update failed [ 992.884491][ T30] audit: type=1802 audit(4294967483.570:41): pid=22821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.3120" res=0 errno=0 [ 993.605781][T22830] FAULT_INJECTION: forcing a failure. [ 993.605781][T22830] name failslab, interval 1, probability 0, space 0, times 0 [ 993.650133][T22830] CPU: 1 UID: 0 PID: 22830 Comm: syz.3.3122 Tainted: G U syzkaller #0 PREEMPT(full) [ 993.650188][T22830] Tainted: [U]=USER [ 993.650201][T22830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 993.650222][T22830] Call Trace: [ 993.650234][T22830] [ 993.650246][T22830] dump_stack_lvl+0x16c/0x1f0 [ 993.650294][T22830] should_fail_ex+0x512/0x640 [ 993.650345][T22830] should_failslab+0xc2/0x120 [ 993.650392][T22830] __kmalloc_cache_noprof+0x6a/0x3e0 [ 993.650428][T22830] ? kernfs_fop_open+0x244/0xda0 [ 993.650463][T22830] kernfs_fop_open+0x244/0xda0 [ 993.650499][T22830] do_dentry_open+0x97f/0x1530 [ 993.650540][T22830] ? __pfx_kernfs_fop_open+0x10/0x10 [ 993.650574][T22830] vfs_open+0x82/0x3f0 [ 993.650624][T22830] path_openat+0x1de4/0x2cb0 [ 993.650684][T22830] ? __pfx_path_openat+0x10/0x10 [ 993.650734][T22830] do_filp_open+0x20b/0x470 [ 993.650773][T22830] ? __pfx_do_filp_open+0x10/0x10 [ 993.650827][T22830] ? alloc_fd+0x471/0x7d0 [ 993.650867][T22830] do_sys_openat2+0x11b/0x1d0 [ 993.650919][T22830] ? __pfx_do_sys_openat2+0x10/0x10 [ 993.650979][T22830] __x64_sys_openat+0x174/0x210 [ 993.651033][T22830] ? __pfx___x64_sys_openat+0x10/0x10 [ 993.651096][T22830] do_syscall_64+0xcd/0x490 [ 993.651142][T22830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 993.651177][T22830] RIP: 0033:0x7fc3bbf8ebe9 [ 993.651202][T22830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 993.651237][T22830] RSP: 002b:00007fc3bcda2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 993.651269][T22830] RAX: ffffffffffffffda RBX: 00007fc3bc1b5fa0 RCX: 00007fc3bbf8ebe9 [ 993.651292][T22830] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 993.651314][T22830] RBP: 00007fc3bc011e19 R08: 0000000000000000 R09: 0000000000000000 [ 993.651334][T22830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 993.651355][T22830] R13: 00007fc3bc1b6038 R14: 00007fc3bc1b5fa0 R15: 00007fff10b10088 [ 993.651388][T22830] [ 997.021240][T22858] zswap: compressor not available [ 997.116269][T22860] Setting dangerous option i915.mitigations - tainting kernel [ 997.351682][T22874] FAULT_INJECTION: forcing a failure. [ 997.351682][T22874] name fail_futex, interval 1, probability 0, space 0, times 0 [ 997.394002][T22874] CPU: 0 UID: 0 PID: 22874 Comm: syz.3.3133 Tainted: G U syzkaller #0 PREEMPT(full) [ 997.394062][T22874] Tainted: [U]=USER [ 997.394074][T22874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 997.394096][T22874] Call Trace: [ 997.394107][T22874] [ 997.394120][T22874] dump_stack_lvl+0x16c/0x1f0 [ 997.394168][T22874] should_fail_ex+0x512/0x640 [ 997.394213][T22874] ? iovec_from_user+0x108/0x140 [ 997.394246][T22874] get_futex_key+0x1d0/0x1560 [ 997.394286][T22874] ? __kasan_slab_free+0x60/0x70 [ 997.394327][T22874] ? kfree+0x2b4/0x4d0 [ 997.394356][T22874] ? __pfx_get_futex_key+0x10/0x10 [ 997.394392][T22874] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 997.394434][T22874] futex_wait_setup+0x9d/0x550 [ 997.394489][T22874] __futex_wait+0x194/0x2f0 [ 997.394539][T22874] ? __pfx___futex_wait+0x10/0x10 [ 997.394599][T22874] ? __pfx_futex_wake_mark+0x10/0x10 [ 997.394652][T22874] ? lock_release+0x201/0x2f0 [ 997.394697][T22874] ? futex_private_hash_put+0x11c/0x300 [ 997.394737][T22874] futex_wait+0xe8/0x380 [ 997.394783][T22874] ? __pfx_futex_wait+0x10/0x10 [ 997.394837][T22874] ? rcu_is_watching+0x12/0xc0 [ 997.394870][T22874] ? lock_release+0x201/0x2f0 [ 997.394914][T22874] do_futex+0x229/0x350 [ 997.394955][T22874] ? __pfx_do_futex+0x10/0x10 [ 997.394997][T22874] ? do_raw_spin_lock+0x12c/0x2b0 [ 997.395050][T22874] __x64_sys_futex+0x1e0/0x4c0 [ 997.395095][T22874] ? __pfx___x64_sys_futex+0x10/0x10 [ 997.395137][T22874] ? xfd_validate_state+0x61/0x180 [ 997.395193][T22874] do_syscall_64+0xcd/0x490 [ 997.395239][T22874] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 997.395273][T22874] RIP: 0033:0x7fc3bbf8ebe9 [ 997.395299][T22874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 997.395331][T22874] RSP: 002b:00007fc3bcda20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 997.395364][T22874] RAX: ffffffffffffffda RBX: 00007fc3bc1b5fa8 RCX: 00007fc3bbf8ebe9 [ 997.395387][T22874] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc3bc1b5fa8 [ 997.395408][T22874] RBP: 00007fc3bc1b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 997.395429][T22874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 997.395449][T22874] R13: 00007fc3bc1b6038 R14: 00007fff10b0ffa0 R15: 00007fff10b10088 [ 997.395482][T22874] [ 997.925409][T22885] FAULT_INJECTION: forcing a failure. [ 997.925409][T22885] name failslab, interval 1, probability 0, space 0, times 0 [ 997.940452][T22885] CPU: 1 UID: 0 PID: 22885 Comm: syz.1.3136 Tainted: G U syzkaller #0 PREEMPT(full) [ 997.940508][T22885] Tainted: [U]=USER [ 997.940520][T22885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 997.940541][T22885] Call Trace: [ 997.940553][T22885] [ 997.940565][T22885] dump_stack_lvl+0x16c/0x1f0 [ 997.940613][T22885] should_fail_ex+0x512/0x640 [ 997.940665][T22885] should_failslab+0xc2/0x120 [ 997.940714][T22885] __kmalloc_cache_noprof+0x6a/0x3e0 [ 997.940749][T22885] ? kernfs_fop_open+0x244/0xda0 [ 997.940784][T22885] kernfs_fop_open+0x244/0xda0 [ 997.940821][T22885] do_dentry_open+0x97f/0x1530 [ 997.940863][T22885] ? __pfx_kernfs_fop_open+0x10/0x10 [ 997.940899][T22885] vfs_open+0x82/0x3f0 [ 997.940948][T22885] path_openat+0x1de4/0x2cb0 [ 997.940994][T22885] ? __pfx_path_openat+0x10/0x10 [ 997.941037][T22885] do_filp_open+0x20b/0x470 [ 997.941076][T22885] ? __pfx_do_filp_open+0x10/0x10 [ 997.941130][T22885] ? alloc_fd+0x471/0x7d0 [ 997.941169][T22885] do_sys_openat2+0x11b/0x1d0 [ 997.941220][T22885] ? __pfx_do_sys_openat2+0x10/0x10 [ 997.941287][T22885] __x64_sys_openat+0x174/0x210 [ 997.941341][T22885] ? __pfx___x64_sys_openat+0x10/0x10 [ 997.941404][T22885] do_syscall_64+0xcd/0x490 [ 997.941449][T22885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 997.941484][T22885] RIP: 0033:0x7f86cbb8ebe9 [ 997.941510][T22885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 997.941544][T22885] RSP: 002b:00007f86c9dee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 997.941578][T22885] RAX: ffffffffffffffda RBX: 00007f86cbdb5fa0 RCX: 00007f86cbb8ebe9 [ 997.941601][T22885] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 997.941623][T22885] RBP: 00007f86cbc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 997.941645][T22885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 997.941666][T22885] R13: 00007f86cbdb6038 R14: 00007f86cbdb5fa0 R15: 00007ffe52aa0038 [ 997.941699][T22885] [ 998.328085][T22889] FAULT_INJECTION: forcing a failure. [ 998.328085][T22889] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 998.341744][T22889] CPU: 1 UID: 0 PID: 22889 Comm: syz.0.3137 Tainted: G U syzkaller #0 PREEMPT(full) [ 998.341783][T22889] Tainted: [U]=USER [ 998.341791][T22889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 998.341807][T22889] Call Trace: [ 998.341815][T22889] [ 998.341823][T22889] dump_stack_lvl+0x16c/0x1f0 [ 998.341859][T22889] should_fail_ex+0x512/0x640 [ 998.341896][T22889] should_fail_alloc_page+0xe7/0x130 [ 998.341931][T22889] prepare_alloc_pages+0x3c2/0x610 [ 998.341968][T22889] ? rcu_is_watching+0x12/0xc0 [ 998.341994][T22889] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 998.342027][T22889] ? rcu_is_watching+0x12/0xc0 [ 998.342051][T22889] ? trace_mm_page_alloc+0x11f/0x1a0 [ 998.342088][T22889] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 998.342118][T22889] ? __pfx_stack_trace_save+0x10/0x10 [ 998.342146][T22889] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 998.342185][T22889] ? stack_depot_save_flags+0x29/0x9c0 [ 998.342220][T22889] ? rcu_is_watching+0x12/0xc0 [ 998.342247][T22889] ? alloc_vmap_area+0x645/0x29c0 [ 998.342283][T22889] ? __vmalloc_node_range_noprof+0x271/0x14b0 [ 998.342306][T22889] ? __do_sys_listmount+0x1c2/0xf80 [ 998.342330][T22889] ? do_syscall_64+0xcd/0x490 [ 998.342361][T22889] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 998.342391][T22889] alloc_pages_bulk_noprof+0x71c/0x1410 [ 998.342421][T22889] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 998.342458][T22889] ? policy_nodemask+0xea/0x4e0 [ 998.342491][T22889] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 998.342521][T22889] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 998.342559][T22889] kasan_populate_vmalloc+0xf1/0x1f0 [ 998.342588][T22889] alloc_vmap_area+0x959/0x29c0 [ 998.342629][T22889] ? __pfx_alloc_vmap_area+0x10/0x10 [ 998.342667][T22889] __get_vm_area_node+0x1ca/0x330 [ 998.342712][T22889] __vmalloc_node_range_noprof+0x271/0x14b0 [ 998.342736][T22889] ? __do_sys_listmount+0x1c2/0xf80 [ 998.342759][T22889] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 998.342796][T22889] ? policy_nodemask+0xea/0x4e0 [ 998.342827][T22889] ? __do_sys_listmount+0x1c2/0xf80 [ 998.342854][T22889] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 998.342880][T22889] ? ___kmalloc_large_node+0xed/0x160 [ 998.342921][T22889] __kvmalloc_node_noprof+0x30a/0x620 [ 998.342948][T22889] ? __do_sys_listmount+0x1c2/0xf80 [ 998.342971][T22889] ? __do_sys_listmount+0x1c2/0xf80 [ 998.342996][T22889] ? __do_sys_listmount+0x1c2/0xf80 [ 998.343019][T22889] __do_sys_listmount+0x1c2/0xf80 [ 998.343044][T22889] ? __x64_sys_futex+0x1e0/0x4c0 [ 998.343074][T22889] ? __x64_sys_futex+0x1e9/0x4c0 [ 998.343105][T22889] ? __pfx___do_sys_listmount+0x10/0x10 [ 998.343159][T22889] do_syscall_64+0xcd/0x490 [ 998.343191][T22889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 998.343216][T22889] RIP: 0033:0x7f5a8fb8ebe9 [ 998.343235][T22889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 998.343260][T22889] RSP: 002b:00007f5a8ddd5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 998.343282][T22889] RAX: ffffffffffffffda RBX: 00007f5a8fdb6090 RCX: 00007f5a8fb8ebe9 [ 998.343299][T22889] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 998.343314][T22889] RBP: 00007f5a8fc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 998.343329][T22889] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 998.343344][T22889] R13: 00007f5a8fdb6128 R14: 00007f5a8fdb6090 R15: 00007ffdfb10e098 [ 998.343367][T22889] [ 998.343994][T22889] syz.0.3137: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 998.833836][T22889] CPU: 0 UID: 0 PID: 22889 Comm: syz.0.3137 Tainted: G U syzkaller #0 PREEMPT(full) [ 998.833888][T22889] Tainted: [U]=USER [ 998.833899][T22889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 998.833919][T22889] Call Trace: [ 998.833929][T22889] [ 998.833941][T22889] dump_stack_lvl+0x16c/0x1f0 [ 998.833988][T22889] warn_alloc+0x248/0x3a0 [ 998.834027][T22889] ? __pfx_warn_alloc+0x10/0x10 [ 998.834067][T22889] ? kfree+0x2b4/0x4d0 [ 998.834098][T22889] ? __get_vm_area_node+0x208/0x330 [ 998.834151][T22889] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 998.834182][T22889] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 998.834234][T22889] ? policy_nodemask+0xea/0x4e0 [ 998.834278][T22889] ? __do_sys_listmount+0x1c2/0xf80 [ 998.834319][T22889] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 998.834357][T22889] ? ___kmalloc_large_node+0xed/0x160 [ 998.834413][T22889] __kvmalloc_node_noprof+0x30a/0x620 [ 998.834616][T22889] ? __do_sys_listmount+0x1c2/0xf80 [ 998.834654][T22889] ? __do_sys_listmount+0x1c2/0xf80 [ 998.834692][T22889] ? __do_sys_listmount+0x1c2/0xf80 [ 998.834720][T22889] __do_sys_listmount+0x1c2/0xf80 [ 998.834755][T22889] ? __x64_sys_futex+0x1e0/0x4c0 [ 998.834801][T22889] ? __x64_sys_futex+0x1e9/0x4c0 [ 998.834845][T22889] ? __pfx___do_sys_listmount+0x10/0x10 [ 998.834889][T22889] do_syscall_64+0xcd/0x490 [ 998.834937][T22889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 998.834974][T22889] RIP: 0033:0x7f5a8fb8ebe9 [ 998.834998][T22889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 998.835037][T22889] RSP: 002b:00007f5a8ddd5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 998.835072][T22889] RAX: ffffffffffffffda RBX: 00007f5a8fdb6090 RCX: 00007f5a8fb8ebe9 [ 998.835095][T22889] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 998.835118][T22889] RBP: 00007f5a8fc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 998.835140][T22889] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 998.835161][T22889] R13: 00007f5a8fdb6128 R14: 00007f5a8fdb6090 R15: 00007ffdfb10e098 [ 998.835194][T22889] [ 998.835471][T22889] Mem-Info: [ 999.110902][T22889] active_anon:3820 inactive_anon:12448 isolated_anon:32 [ 999.110902][T22889] active_file:17352 inactive_file:39034 isolated_file:0 [ 999.110902][T22889] unevictable:768 dirty:733 writeback:0 [ 999.110902][T22889] slab_reclaimable:12537 slab_unreclaimable:101757 [ 999.110902][T22889] mapped:27473 shmem:1375 pagetables:3004 [ 999.110902][T22889] sec_pagetables:0 bounce:0 [ 999.110902][T22889] kernel_misc_reclaimable:0 [ 999.110902][T22889] free:1303195 free_pcp:9692 free_cma:0 [ 999.159211][T22889] Node 0 active_anon:15280kB inactive_anon:49792kB active_file:69404kB inactive_file:156004kB unevictable:1536kB isolated(anon):128kB isolated(file):0kB mapped:109892kB dirty:2932kB writeback:0kB shmem:3964kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:14284kB pagetables:11840kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 999.245362][T22889] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:176kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 999.291176][T22889] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 999.320412][T22889] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 999.326240][T22889] Node 0 DMA32 free:1292192kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:15236kB inactive_anon:47092kB active_file:68160kB inactive_file:155940kB unevictable:1536kB writepending:2932kB present:3129332kB managed:2539600kB mlocked:0kB bounce:0kB free_pcp:41388kB local_pcp:19796kB free_cma:0kB [ 999.359659][T22889] lowmem_reserve[]: 0 0 1 1 1 [ 999.367793][T22889] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:1244kB inactive_file:64kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:8kB free_cma:0kB [ 999.397176][T22889] lowmem_reserve[]: 0 0 0 0 0 [ 999.402009][T22889] Node 1 Normal free:3905212kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:132kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 999.494541][T22889] lowmem_reserve[]: 0 0 0 0 0 [ 999.499415][T22889] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 999.573082][T22889] Node 0 DMA32: 3602*4kB (UME) 1185*8kB (UME) 1293*16kB (UME) 700*32kB (UME) 562*64kB (UME) 279*128kB (UME) 134*256kB (UME) 62*512kB (UME) 30*1024kB (UME) 6*2048kB (UE) 255*4096kB (UM) = 1292192kB [ 999.593157][T22889] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 999.629959][T22889] Node 1 Normal: 219*4kB (UME) 58*8kB (UME) 54*16kB (UME) 257*32kB (UME) 102*64kB (UME) 39*128kB (UME) 21*256kB (UME) 6*512kB (UM) 2*1024kB (UM) 5*2048kB (UME) 943*4096kB (UM) = 3905212kB [ 999.720132][T22889] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 999.740077][T22889] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 999.749447][T22889] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 999.780421][T22889] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 999.867658][T22889] 57829 total pagecache pages [ 999.873154][T22889] 72 pages in swap cache [ 999.877435][T22889] Free swap = 120228kB [ 999.882851][T22889] Total swap = 124996kB [ 999.887053][T22889] 2097051 pages RAM [ 999.910855][T22889] 0 pages HighMem/MovableOnly [ 999.923406][T22889] 430189 pages reserved [ 999.927624][T22889] 0 pages cma reserved [ 1000.580336][ T5863] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 1000.591679][ T5863] CPU: 1 UID: 0 PID: 5863 Comm: syz-executor Tainted: G U syzkaller #0 PREEMPT(full) [ 1000.591738][ T5863] Tainted: [U]=USER [ 1000.591749][ T5863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1000.591769][ T5863] Call Trace: [ 1000.591780][ T5863] [ 1000.591793][ T5863] dump_stack_lvl+0x16c/0x1f0 [ 1000.591843][ T5863] dump_header+0x101/0x930 [ 1000.591885][ T5863] oom_kill_process+0x272/0xa40 [ 1000.591927][ T5863] out_of_memory+0x350/0x1700 [ 1000.591971][ T5863] ? __pfx_out_of_memory+0x10/0x10 [ 1000.592014][ T5863] mem_cgroup_out_of_memory+0x118/0x130 [ 1000.592073][ T5863] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1000.592137][ T5863] ? do_raw_spin_unlock+0x172/0x230 [ 1000.592197][ T5863] try_charge_memcg+0x72b/0xd50 [ 1000.592239][ T5863] ? __pfx_try_charge_memcg+0x10/0x10 [ 1000.592279][ T5863] ? xa_load+0x153/0x2c0 [ 1000.592327][ T5863] ? rcu_read_unlock+0x17/0x60 [ 1000.592368][ T5863] ? rcu_is_watching+0x12/0xc0 [ 1000.592402][ T5863] charge_memcg+0x8a/0x230 [ 1000.592443][ T5863] mem_cgroup_swapin_charge_folio+0xbb/0x440 [ 1000.592492][ T5863] __read_swap_cache_async+0x43e/0x5a0 [ 1000.592530][ T5863] ? __pfx___read_swap_cache_async+0x10/0x10 [ 1000.592565][ T5863] ? trace_sched_exit_tp+0xd1/0x120 [ 1000.592615][ T5863] ? swp_swap_info+0xb0/0x130 [ 1000.592660][ T5863] ? __pfx_swp_swap_info+0x10/0x10 [ 1000.592704][ T5863] ? rcu_is_watching+0x12/0xc0 [ 1000.592740][ T5863] swap_cluster_readahead+0x3eb/0x710 [ 1000.592780][ T5863] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 1000.592812][ T5863] ? css_rstat_updated+0x1c2/0x510 [ 1000.592846][ T5863] ? __pfx_css_rstat_updated+0x10/0x10 [ 1000.592880][ T5863] ? rcu_is_watching+0x12/0xc0 [ 1000.592919][ T5863] ? get_vma_policy+0x242/0x3c0 [ 1000.592965][ T5863] swapin_readahead+0x13a/0xd60 [ 1000.592998][ T5863] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1000.593061][ T5863] ? __pfx_swapin_readahead+0x10/0x10 [ 1000.593100][ T5863] ? __filemap_get_folio+0x32b/0xc30 [ 1000.593148][ T5863] ? swap_cache_get_folio+0x1df/0x450 [ 1000.593183][ T5863] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 1000.593215][ T5863] ? __pfx_get_swap_device+0x10/0x10 [ 1000.593260][ T5863] ? rcu_is_watching+0x12/0xc0 [ 1000.593294][ T5863] ? lock_release+0x201/0x2f0 [ 1000.593339][ T5863] do_swap_page+0x635/0x6490 [ 1000.593387][ T5863] ? __pfx_debug_object_activate+0x10/0x10 [ 1000.593440][ T5863] ? __pfx_do_swap_page+0x10/0x10 [ 1000.593490][ T5863] ? __pfx_default_wake_function+0x10/0x10 [ 1000.593523][ T5863] ? debug_object_free+0x28d/0x550 [ 1000.593561][ T5863] ? ___pte_offset_map+0x54/0x4f0 [ 1000.593609][ T5863] ? ___pte_offset_map+0x2ad/0x4f0 [ 1000.593657][ T5863] __handle_mm_fault+0x1719/0x2a50 [ 1000.593696][ T5863] ? __pfx___handle_mm_fault+0x10/0x10 [ 1000.593728][ T5863] ? vma_start_read+0x2fc/0x870 [ 1000.593770][ T5863] ? __pfx_vma_start_read+0x10/0x10 [ 1000.593802][ T5863] ? lock_vma_under_rcu+0x1eb/0x530 [ 1000.593835][ T5863] ? rcu_is_watching+0x12/0xc0 [ 1000.593873][ T5863] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 1000.593905][ T5863] ? get_timespec64+0x136/0x1b0 [ 1000.593949][ T5863] handle_mm_fault+0x589/0xd10 [ 1000.593981][ T5863] ? __bpf_trace_exceptions+0x1/0x40 [ 1000.594038][ T5863] do_user_addr_fault+0x60c/0x1370 [ 1000.594092][ T5863] ? rcu_is_watching+0x12/0xc0 [ 1000.594137][ T5863] exc_page_fault+0x5c/0xb0 [ 1000.594175][ T5863] asm_exc_page_fault+0x26/0x30 [ 1000.594208][ T5863] RIP: 0033:0x7f86cbbc14a8 [ 1000.594232][ T5863] Code: 3c 24 48 89 4c 24 18 e8 f6 54 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 4f 55 ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f [ 1000.594269][ T5863] RSP: 002b:00007ffe52aa0350 EFLAGS: 00010293 [ 1000.594295][ T5863] RAX: 0000000000000000 RBX: 0000000000000661 RCX: 00007f86cbbc14a5 [ 1000.594317][ T5863] RDX: 00007ffe52aa0390 RSI: 0000000000000000 RDI: 0000000000000000 [ 1000.594339][ T5863] RBP: 00007ffe52aa03fc R08: 0000000000000000 R09: 0000000000000000 [ 1000.594360][ T5863] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000001388 [ 1000.594381][ T5863] R13: 00000000000927c0 R14: 00000000000f43f3 R15: 00007ffe52aa0450 [ 1000.594412][ T5863] [ 1000.594517][ T5863] memory: usage 3072kB, limit 3072kB, failcnt 181615 [ 1001.103263][ T5863] memory+swap: usage 3648kB, limit 9007199254740988kB, failcnt 0 [ 1001.129567][ T5863] kmem: usage 2892kB, limit 9007199254740988kB, failcnt 0 [ 1001.161894][ T5863] Memory cgroup stats for /syz1: [ 1001.162481][ T5863] cache 0 [ 1001.201237][ T5863] rss 122880 [ 1001.219235][T22916] ima: policy update failed [ 1001.231760][ T30] audit: type=1802 audit(4294967491.910:42): pid=22916 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.3146" res=0 errno=0 [ 1001.286787][ T5863] rss_huge 0 [ 1001.310939][ T5863] shmem 0 [ 1001.313921][ T5863] mapped_file 0 [ 1001.317406][ T5863] dirty 0 [ 1001.340133][ T5863] writeback 0 [ 1001.343523][ T5863] workingset_refault_anon 64136 [ 1001.348870][ T5863] workingset_refault_file 20063 [ 1001.354461][ T5863] swap 589824 [ 1001.357896][ T5863] swapcached 139264 [ 1001.361920][ T5863] pgpgin 269701 [ 1001.365452][ T5863] pgpgout 270174 [ 1001.369114][ T5863] pgfault 330608 [ 1001.372921][ T5863] pgmajfault 50389 [ 1001.377245][ T5863] inactive_anon 184320 [ 1001.381414][ T5863] active_anon 0 [ 1001.385546][ T5863] inactive_file 0 [ 1001.389998][ T5863] active_file 0 [ 1001.393546][ T5863] unevictable 0 [ 1001.397161][ T5863] hierarchical_memory_limit 3145728 [ 1001.402503][ T5863] hierarchical_memsw_limit 9223372036854771712 [ 1001.408749][ T5863] total_cache 0 [ 1001.412420][ T5863] total_rss 122880 [ 1001.416236][ T5863] total_rss_huge 0 [ 1001.420042][ T5863] total_shmem 0 [ 1001.423559][ T5863] total_mapped_file 0 [ 1001.428528][ T5863] total_dirty 0 [ 1001.452170][ T5863] total_writeback 0 [ 1001.458260][ T5863] total_workingset_refault_anon 64136 [ 1001.464815][ T5863] total_workingset_refault_file 20063 [ 1001.470518][ T5863] total_swap 589824 [ 1001.474412][ T5863] total_swapcached 139264 [ 1001.479256][ T5863] total_pgpgin 269701 [ 1001.483387][ T5863] total_pgpgout 270174 [ 1001.487965][ T5863] total_pgfault 330608 [ 1001.493407][ T5863] total_pgmajfault 50389 [ 1001.497724][ T5863] total_inactive_anon 184320 [ 1001.502459][ T5863] total_active_anon 0 [ 1001.506530][ T5863] total_inactive_file 0 [ 1001.510785][ T5863] total_active_file 0 [ 1001.514932][ T5863] total_unevictable 0 [ 1001.518981][ T5863] anon_cost 6 [ 1001.522399][ T5863] file_cost 0 [ 1001.525757][ T5863] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3145,pid=22912,uid=0 [ 1001.541337][ T5863] Memory cgroup out of memory: Killed process 22912 (syz.1.3145) total-vm:108108kB, anon-rss:948kB, file-rss:22360kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000 [ 1001.983024][T22942] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3155'. [ 1002.028830][T22946] openvswitch: netlink: Flow actions attr not present in new flow. [ 1002.320719][T22945] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3156'. [ 1002.430953][T22952] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3159'. [ 1002.612130][T22952] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1002.796284][T22952] bond0 (unregistering): Released all slaves [ 1002.889500][T22956] netlink: 354 bytes leftover after parsing attributes in process `syz.1.3156'. [ 1003.311069][T22962] openvswitch: HfR: Dropping previously announced user features [ 1003.449082][T22966] openvswitch: HfR: Dropping previously announced user features [ 1003.538182][T22971] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 1003.662092][T22971] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1003.671096][T22971] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1003.678809][T22971] page_type: f5(slab) [ 1003.683272][T22971] raw: 00fff00000000040 ffff88801ce9a640 dead000000000122 0000000000000000 [ 1003.694782][T22974] bridge0: port 3(macvlan0) entered blocking state [ 1003.695976][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1003.702579][T22971] raw: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 1003.708450][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1003.718444][T22971] head: 00fff00000000040 ffff88801ce9a640 dead000000000122 0000000000000000 [ 1003.747048][T22971] head: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 1003.761175][T22974] bridge0: port 3(macvlan0) entered disabled state [ 1003.768122][T22974] macvlan0: entered allmulticast mode [ 1003.780903][T22971] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 1003.789832][T22971] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 1003.857036][T22974] veth1_vlan: entered allmulticast mode [ 1003.863993][T22971] page dumped because: unmovable page [ 1003.864025][T22974] macvlan0: entered promiscuous mode [ 1003.869512][T22971] page_owner tracks the page as allocated [ 1003.869527][T22971] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5231, tgid 5231 (udevd), ts 997735782814, free_ts 997682014828 [ 1003.876170][T22974] bridge0: port 3(macvlan0) entered blocking state [ 1003.881851][T22971] post_alloc_hook+0x1c0/0x230 [ 1003.902295][T22974] bridge0: port 3(macvlan0) entered listening state [ 1003.909355][T22971] get_page_from_freelist+0x132b/0x38e0 [ 1003.927883][T22971] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1003.933978][T22971] alloc_pages_mpol+0x1fb/0x550 [ 1003.943407][T22971] new_slab+0x247/0x330 [ 1003.947629][T22971] ___slab_alloc+0xcf2/0x1740 [ 1004.039786][T22980] device-mapper: ioctl: Invalid ioctl structure: name þÿÿÿÿÿÿÿ, dev 8 [ 1004.118134][T22971] __slab_alloc.constprop.0+0x56/0xb0 [ 1004.163199][T22971] kmem_cache_alloc_noprof+0xef/0x3b0 [ 1004.178442][T22983] FAULT_INJECTION: forcing a failure. [ 1004.178442][T22983] name failslab, interval 1, probability 0, space 0, times 0 [ 1004.246952][T22971] getname_flags.part.0+0x4c/0x550 [ 1004.252203][T22983] CPU: 1 UID: 0 PID: 22983 Comm: syz.3.3169 Tainted: G U syzkaller #0 PREEMPT(full) [ 1004.252254][T22983] Tainted: [U]=USER [ 1004.252266][T22983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1004.252286][T22983] Call Trace: [ 1004.252297][T22983] [ 1004.252310][T22983] dump_stack_lvl+0x16c/0x1f0 [ 1004.252357][T22983] should_fail_ex+0x512/0x640 [ 1004.252412][T22983] should_failslab+0xc2/0x120 [ 1004.252467][T22983] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1004.252509][T22983] ? kernfs_fop_open+0x244/0xda0 [ 1004.252550][T22983] kernfs_fop_open+0x244/0xda0 [ 1004.252590][T22983] do_dentry_open+0x97f/0x1530 [ 1004.252638][T22983] ? __pfx_kernfs_fop_open+0x10/0x10 [ 1004.252680][T22983] vfs_open+0x82/0x3f0 [ 1004.252754][T22983] path_openat+0x1de4/0x2cb0 [ 1004.252805][T22983] ? __pfx_path_openat+0x10/0x10 [ 1004.252857][T22983] do_filp_open+0x20b/0x470 [ 1004.252900][T22983] ? __pfx_do_filp_open+0x10/0x10 [ 1004.252961][T22983] ? alloc_fd+0x471/0x7d0 [ 1004.253004][T22983] do_sys_openat2+0x11b/0x1d0 [ 1004.253061][T22983] ? __pfx_do_sys_openat2+0x10/0x10 [ 1004.253128][T22983] __x64_sys_openat+0x174/0x210 [ 1004.253187][T22983] ? __pfx___x64_sys_openat+0x10/0x10 [ 1004.253256][T22983] do_syscall_64+0xcd/0x490 [ 1004.253307][T22983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1004.253345][T22983] RIP: 0033:0x7fc3bbf8ebe9 [ 1004.253377][T22983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1004.253415][T22983] RSP: 002b:00007fc3bcda2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1004.253451][T22983] RAX: ffffffffffffffda RBX: 00007fc3bc1b5fa0 RCX: 00007fc3bbf8ebe9 [ 1004.253476][T22983] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 1004.253501][T22983] RBP: 00007fc3bc011e19 R08: 0000000000000000 R09: 0000000000000000 [ 1004.253525][T22983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1004.253547][T22983] R13: 00007fc3bc1b6038 R14: 00007fc3bc1b5fa0 R15: 00007fff10b10088 [ 1004.253583][T22983] [ 1004.501529][T22986] FAULT_INJECTION: forcing a failure. [ 1004.501529][T22986] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1004.508881][T22971] getname_flags+0x93/0xf0 [ 1004.531581][T22986] CPU: 1 UID: 0 PID: 22986 Comm: syz.3.3170 Tainted: G U syzkaller #0 PREEMPT(full) [ 1004.531637][T22986] Tainted: [U]=USER [ 1004.531650][T22986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1004.531671][T22986] Call Trace: [ 1004.531687][T22986] [ 1004.531708][T22986] dump_stack_lvl+0x16c/0x1f0 [ 1004.531757][T22986] should_fail_ex+0x512/0x640 [ 1004.531808][T22986] get_futex_key+0x1d0/0x1560 [ 1004.531850][T22986] ? __pfx_get_futex_key+0x10/0x10 [ 1004.531898][T22986] futex_wake+0xea/0x530 [ 1004.531948][T22986] ? __pfx_futex_wake+0x10/0x10 [ 1004.531997][T22986] ? lockdep_init_map_type+0x5c/0x280 [ 1004.532044][T22986] ? percpu_counter_add_batch+0xb8/0x1f0 [ 1004.532087][T22986] ? errseq_sample+0x53/0x70 [ 1004.532117][T22986] ? file_init_path+0x4fe/0x760 [ 1004.532168][T22986] do_futex+0x1e3/0x350 [ 1004.532211][T22986] ? __pfx_do_futex+0x10/0x10 [ 1004.532252][T22986] ? fd_install+0x225/0x750 [ 1004.532287][T22986] ? lock_release+0x201/0x2f0 [ 1004.532333][T22986] __x64_sys_futex+0x1e0/0x4c0 [ 1004.532376][T22986] ? __sys_socket+0xac/0x260 [ 1004.532409][T22986] ? __pfx___x64_sys_futex+0x10/0x10 [ 1004.532451][T22986] ? xfd_validate_state+0x61/0x180 [ 1004.532499][T22986] ? __pfx_do_writev+0x10/0x10 [ 1004.532541][T22986] do_syscall_64+0xcd/0x490 [ 1004.532586][T22986] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1004.532620][T22986] RIP: 0033:0x7fc3bbf8ebe9 [ 1004.532647][T22986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1004.532682][T22986] RSP: 002b:00007fc3bcda20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1004.532727][T22986] RAX: ffffffffffffffda RBX: 00007fc3bc1b5fa8 RCX: 00007fc3bbf8ebe9 [ 1004.532749][T22986] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc3bc1b5fac [ 1004.532772][T22986] RBP: 00007fc3bc1b5fa0 R08: 00007fc3bcda3000 R09: 0000000000000000 [ 1004.532794][T22986] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 1004.532816][T22986] R13: 00007fc3bc1b6038 R14: 00007fff10b0ffa0 R15: 00007fff10b10088 [ 1004.532849][T22986] [ 1004.831506][T22971] do_readlinkat+0xb4/0x3a0 [ 1004.845840][T22971] __x64_sys_readlink+0x78/0xc0 [ 1004.920843][T22971] do_syscall_64+0xcd/0x490 [ 1004.925489][T22971] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1004.931601][T22971] page last free pid 5852 tgid 5852 stack trace: [ 1004.938021][T22971] __free_frozen_pages+0x7d5/0x10f0 [ 1004.943373][T22971] __folio_put+0x329/0x450 [ 1004.947907][T22971] skb_release_data+0x81a/0x9e0 [ 1004.952939][T22971] __kfree_skb+0x4f/0x70 [ 1004.955387][T22993] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3172'. [ 1004.957291][T22971] tcp_ack+0x19b2/0x5bf0 [ 1004.971989][T22971] tcp_rcv_established+0xda2/0x23f0 [ 1004.977324][T22971] tcp_v4_do_rcv+0x5ca/0xa90 [ 1004.982100][T22971] __release_sock+0x31b/0x400 [ 1004.986886][T22971] release_sock+0x5a/0x220 [ 1005.062565][T22971] tcp_sendmsg+0x38/0x50 [ 1005.066979][T22971] inet_sendmsg+0xb9/0x140 [ 1005.097880][T22971] sock_write_iter+0x4aa/0x5b0 [ 1005.120063][T22971] vfs_write+0x7d0/0x11d0 [ 1005.124571][T22971] ksys_write+0x1f8/0x250 [ 1005.129011][T22971] do_syscall_64+0xcd/0x490 [ 1005.153951][T22999] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3175'. [ 1005.165020][T22971] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1006.583410][T23020] random: crng reseeded on system resumption [ 1008.193684][T23034] Device name cannot be null; rc = [-22] [ 1010.756057][T23067] FAULT_INJECTION: forcing a failure. [ 1010.756057][T23067] name failslab, interval 1, probability 0, space 0, times 0 [ 1010.800078][T23067] CPU: 0 UID: 0 PID: 23067 Comm: syz.0.3188 Tainted: G U syzkaller #0 PREEMPT(full) [ 1010.800131][T23067] Tainted: [U]=USER [ 1010.800144][T23067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1010.800164][T23067] Call Trace: [ 1010.800175][T23067] [ 1010.800189][T23067] dump_stack_lvl+0x16c/0x1f0 [ 1010.800240][T23067] should_fail_ex+0x512/0x640 [ 1010.800290][T23067] ? realloc_user_queue+0x288/0x320 [ 1010.800321][T23067] should_failslab+0xc2/0x120 [ 1010.800367][T23067] __kmalloc_noprof+0xd2/0x510 [ 1010.800410][T23067] realloc_user_queue+0x288/0x320 [ 1010.800443][T23067] ? __pfx_snd_timer_user_open+0x10/0x10 [ 1010.800475][T23067] snd_timer_user_open+0xfc/0x180 [ 1010.800507][T23067] snd_open+0x22a/0x4c0 [ 1010.800554][T23067] ? __pfx_snd_open+0x10/0x10 [ 1010.800600][T23067] chrdev_open+0x231/0x6a0 [ 1010.800642][T23067] ? __pfx_apparmor_file_open+0x10/0x10 [ 1010.800679][T23067] ? __pfx_chrdev_open+0x10/0x10 [ 1010.800723][T23067] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1010.800766][T23067] do_dentry_open+0x97f/0x1530 [ 1010.800809][T23067] ? __pfx_chrdev_open+0x10/0x10 [ 1010.800856][T23067] vfs_open+0x82/0x3f0 [ 1010.800907][T23067] path_openat+0x1de4/0x2cb0 [ 1010.800952][T23067] ? __pfx_path_openat+0x10/0x10 [ 1010.800996][T23067] do_filp_open+0x20b/0x470 [ 1010.801033][T23067] ? __pfx_do_filp_open+0x10/0x10 [ 1010.801099][T23067] ? alloc_fd+0x471/0x7d0 [ 1010.801139][T23067] do_sys_openat2+0x11b/0x1d0 [ 1010.801190][T23067] ? __pfx_do_sys_openat2+0x10/0x10 [ 1010.801249][T23067] __x64_sys_openat+0x174/0x210 [ 1010.801301][T23067] ? __pfx___x64_sys_openat+0x10/0x10 [ 1010.801363][T23067] do_syscall_64+0xcd/0x490 [ 1010.801406][T23067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1010.801439][T23067] RIP: 0033:0x7f5a8fb8ebe9 [ 1010.801466][T23067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1010.801502][T23067] RSP: 002b:00007f5a8ddd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1010.801536][T23067] RAX: ffffffffffffffda RBX: 00007f5a8fdb6090 RCX: 00007f5a8fb8ebe9 [ 1010.801559][T23067] RDX: 0000000000101440 RSI: 0000200000001cc0 RDI: ffffffffffffff9c [ 1010.801582][T23067] RBP: 00007f5a8fc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1010.801604][T23067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1010.801625][T23067] R13: 00007f5a8fdb6128 R14: 00007f5a8fdb6090 R15: 00007ffdfb10e098 [ 1010.801657][T23067] [ 1011.054458][ C0] vkms_vblank_simulate: vblank timer overrun [ 1011.237036][T23071] FAULT_INJECTION: forcing a failure. [ 1011.237036][T23071] name failslab, interval 1, probability 0, space 0, times 0 [ 1011.278822][T23055] syz.1.3186 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 1011.290055][T23055] CPU: 0 UID: 0 PID: 23055 Comm: syz.1.3186 Tainted: G U syzkaller #0 PREEMPT(full) [ 1011.290104][T23055] Tainted: [U]=USER [ 1011.290116][T23055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1011.290136][T23055] Call Trace: [ 1011.290146][T23055] [ 1011.290159][T23055] dump_stack_lvl+0x16c/0x1f0 [ 1011.290203][T23055] dump_header+0x101/0x930 [ 1011.290240][T23055] oom_kill_process+0x272/0xa40 [ 1011.290274][T23055] out_of_memory+0x350/0x1700 [ 1011.290310][T23055] ? __pfx_out_of_memory+0x10/0x10 [ 1011.290360][T23055] mem_cgroup_out_of_memory+0x118/0x130 [ 1011.290403][T23055] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1011.290449][T23055] ? do_raw_spin_unlock+0x172/0x230 [ 1011.290494][T23055] try_charge_memcg+0x72b/0xd50 [ 1011.290535][T23055] ? __pfx_try_charge_memcg+0x10/0x10 [ 1011.290569][T23055] ? xa_load+0x153/0x2c0 [ 1011.290609][T23055] ? rcu_read_unlock+0x17/0x60 [ 1011.290642][T23055] ? rcu_is_watching+0x12/0xc0 [ 1011.290671][T23055] charge_memcg+0x8a/0x230 [ 1011.290707][T23055] mem_cgroup_swapin_charge_folio+0xbb/0x440 [ 1011.290749][T23055] __read_swap_cache_async+0x43e/0x5a0 [ 1011.290780][T23055] ? __pfx___read_swap_cache_async+0x10/0x10 [ 1011.290808][T23055] ? mlock_drain_local+0x22d/0x4f0 [ 1011.290839][T23055] ? swp_swap_info+0xb0/0x130 [ 1011.290875][T23055] ? __pfx_swp_swap_info+0x10/0x10 [ 1011.290915][T23055] swap_cluster_readahead+0x3eb/0x710 [ 1011.290946][T23055] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 1011.290973][T23055] ? do_raw_spin_unlock+0x172/0x230 [ 1011.291015][T23055] ? move_cluster+0x410/0x6f0 [ 1011.291044][T23055] ? rcu_is_watching+0x12/0xc0 [ 1011.291077][T23055] ? get_vma_policy+0x242/0x3c0 [ 1011.291118][T23055] swapin_readahead+0x13a/0xd60 [ 1011.291146][T23055] ? rcu_is_watching+0x12/0xc0 [ 1011.291176][T23055] ? __pfx_swapin_readahead+0x10/0x10 [ 1011.291203][T23055] ? __filemap_get_folio+0x32b/0xc30 [ 1011.291243][T23055] ? swap_cache_get_folio+0x1df/0x450 [ 1011.291270][T23055] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 1011.291296][T23055] ? __pfx_get_swap_device+0x10/0x10 [ 1011.291342][T23055] ? rcu_is_watching+0x12/0xc0 [ 1011.291368][T23055] ? lock_release+0x201/0x2f0 [ 1011.291404][T23055] do_swap_page+0x635/0x6490 [ 1011.291448][T23055] ? fault_dirty_shared_page+0x160/0x6c0 [ 1011.291488][T23055] ? __pfx_do_swap_page+0x10/0x10 [ 1011.291526][T23055] ? rcu_is_watching+0x12/0xc0 [ 1011.291554][T23055] ? __pfx_default_wake_function+0x10/0x10 [ 1011.291585][T23055] ? ___pte_offset_map+0x54/0x4f0 [ 1011.291620][T23055] ? ___pte_offset_map+0x2ad/0x4f0 [ 1011.291659][T23055] __handle_mm_fault+0x1719/0x2a50 [ 1011.291692][T23055] ? __pfx___handle_mm_fault+0x10/0x10 [ 1011.291720][T23055] ? vma_start_read+0x2fc/0x870 [ 1011.291747][T23055] ? __pfx_vma_start_read+0x10/0x10 [ 1011.291773][T23055] ? lock_vma_under_rcu+0x1eb/0x530 [ 1011.291799][T23055] ? rcu_is_watching+0x12/0xc0 [ 1011.291830][T23055] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 1011.291856][T23055] ? handle_mm_fault+0x2ab/0xd10 [ 1011.291882][T23055] ? rcu_is_watching+0x12/0xc0 [ 1011.291912][T23055] handle_mm_fault+0x589/0xd10 [ 1011.291938][T23055] ? __bpf_trace_exceptions+0x1/0x40 [ 1011.291981][T23055] do_user_addr_fault+0x60c/0x1370 [ 1011.292026][T23055] ? rcu_is_watching+0x12/0xc0 [ 1011.292053][T23055] exc_page_fault+0x5c/0xb0 [ 1011.292145][T23055] asm_exc_page_fault+0x26/0x30 [ 1011.292185][T23055] RIP: 0033:0x7f86cba6ec1b [ 1011.292207][T23055] Code: 74 28 25 ff 0f 00 00 83 f0 3d 8d 04 c0 89 c5 c1 ed 04 31 c5 69 ed 2d eb d4 27 89 e8 c1 e8 0f 31 c5 81 e5 ff 0f 00 00 48 31 d5 <80> 3d 26 34 34 00 00 0f 84 a8 00 00 00 4c 89 f6 48 8b 0d 06 34 34 [ 1011.292233][T23055] RSP: 002b:00007ffe52aa0070 EFLAGS: 00010286 [ 1011.292256][T23055] RAX: 000000000001cc1e RBX: 00007f86cc8e5720 RCX: 0000000000000071 [ 1011.292274][T23055] RDX: ffffffff81e69799 RSI: ffffffff849323c6 RDI: 0000000000000006 [ 1011.292293][T23055] RBP: ffffffff81e693d2 R08: 00007f86cbdb6038 R09: 00007f86cbda2000 [ 1011.292311][T23055] R10: 00007f86cb5f7008 R11: 0000000000000006 R12: 0000000000000006 [ 1011.292327][T23055] R13: 000000000000004c R14: ffffffff81e69799 R15: 0000000000000071 [ 1011.292345][T23055] ? bpf_lsm_file_permission+0x9/0x10 [ 1011.292389][T23055] ? __pfx_bpf_lsm_inode_permission+0x2/0x10 [ 1011.292429][T23055] ? bpf_lsm_file_permission+0x9/0x10 [ 1011.292469][T23055] ? security_file_permission+0x116/0x210 [ 1011.292509][T23055] [ 1011.292526][T23055] memory: usage 3060kB, limit 3072kB, failcnt 183783 [ 1011.321847][T23071] CPU: 1 UID: 0 PID: 23071 Comm: syz.3.3187 Tainted: G U syzkaller #0 PREEMPT(full) [ 1011.321906][T23071] Tainted: [U]=USER [ 1011.321921][T23071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1011.321943][T23071] Call Trace: [ 1011.321957][T23071] [ 1011.321970][T23071] dump_stack_lvl+0x16c/0x1f0 [ 1011.322049][T23071] should_fail_ex+0x512/0x640 [ 1011.322106][T23071] should_failslab+0xc2/0x120 [ 1011.322158][T23071] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1011.322204][T23071] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1011.322267][T23071] ? alloc_empty_file+0x55/0x1e0 [ 1011.322330][T23071] alloc_empty_file+0x55/0x1e0 [ 1011.322387][T23071] path_openat+0xda/0x2cb0 [ 1011.322429][T23071] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1011.322475][T23071] ? __pfx_path_openat+0x10/0x10 [ 1011.322525][T23071] do_filp_open+0x20b/0x470 [ 1011.322569][T23071] ? __pfx_do_filp_open+0x10/0x10 [ 1011.322630][T23071] ? alloc_fd+0x471/0x7d0 [ 1011.322674][T23071] do_sys_openat2+0x11b/0x1d0 [ 1011.322736][T23071] ? __pfx_do_sys_openat2+0x10/0x10 [ 1011.322803][T23071] __x64_sys_openat+0x174/0x210 [ 1011.322861][T23071] ? __pfx___x64_sys_openat+0x10/0x10 [ 1011.322928][T23071] do_syscall_64+0xcd/0x490 [ 1011.322980][T23071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1011.323016][T23071] RIP: 0033:0x7fc3bbf8ebe9 [ 1011.323047][T23071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1011.323086][T23071] RSP: 002b:00007fc3bcd60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1011.323126][T23071] RAX: ffffffffffffffda RBX: 00007fc3bc1b6180 RCX: 00007fc3bbf8ebe9 [ 1011.323153][T23071] RDX: 000000000014f602 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1011.323179][T23071] RBP: 00007fc3bc011e19 R08: 0000000000000000 R09: 0000000000000000 [ 1011.323202][T23071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1011.323226][T23071] R13: 00007fc3bc1b6218 R14: 00007fc3bc1b6180 R15: 00007fff10b10088 [ 1011.323272][T23071] [ 1011.507437][T23068] FAULT_INJECTION: forcing a failure. [ 1011.507437][T23068] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1011.630137][T23055] memory+swap: usage 3936kB, limit 9007199254740988kB, failcnt 0 [ 1011.641936][T23068] CPU: 1 UID: 0 PID: 23068 Comm: syz.3.3187 Tainted: G U syzkaller #0 PREEMPT(full) [ 1011.642018][T23068] Tainted: [U]=USER [ 1011.642032][T23068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1011.642057][T23068] Call Trace: [ 1011.642070][T23068] [ 1011.642083][T23068] dump_stack_lvl+0x16c/0x1f0 [ 1011.642138][T23068] should_fail_ex+0x512/0x640 [ 1011.642197][T23068] should_fail_alloc_page+0xe7/0x130 [ 1011.642252][T23068] prepare_alloc_pages+0x3c2/0x610 [ 1011.642308][T23068] ? mas_next_node+0x7e0/0xf50 [ 1011.642364][T23068] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1011.642414][T23068] ? mas_next_slot+0x12d3/0x21b0 [ 1011.642473][T23068] ? validate_mm+0x27c/0x570 [ 1011.642512][T23068] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1011.642564][T23068] ? validate_mm+0x40a/0x570 [ 1011.642605][T23068] ? __pfx_validate_mm+0x10/0x10 [ 1011.642642][T23068] ? vma_link_file+0xc7/0x110 [ 1011.642689][T23068] ? rcu_is_watching+0x12/0xc0 [ 1011.642731][T23068] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1011.642789][T23068] ? policy_nodemask+0xea/0x4e0 [ 1011.642842][T23068] alloc_pages_mpol+0x1fb/0x550 [ 1011.642893][T23068] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1011.642944][T23068] ? __pfx_vma_link+0x10/0x10 [ 1011.642989][T23068] alloc_pages_noprof+0x131/0x390 [ 1011.643041][T23068] __pud_alloc+0x3b/0x750 [ 1011.643096][T23068] alloc_new_pud+0x267/0x320 [ 1011.643138][T23068] move_page_tables+0x6ab/0x4070 [ 1011.643184][T23068] ? __pfx_copy_vma+0x10/0x10 [ 1011.643227][T23068] ? update_load_avg+0x23f/0x1fc0 [ 1011.643280][T23068] ? __pfx_move_page_tables+0x10/0x10 [ 1011.643323][T23068] ? trace_pid_list_is_set+0xfb/0x150 [ 1011.643379][T23068] ? rcu_is_watching+0x12/0xc0 [ 1011.643428][T23068] ? rcu_is_watching+0x12/0xc0 [ 1011.643465][T23068] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1011.643528][T23068] copy_vma_and_data+0x24e/0x790 [ 1011.643574][T23068] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1011.643617][T23068] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1011.643666][T23068] ? __vma_enter_locked+0x163/0x3f0 [ 1011.643704][T23068] ? __pfx___vma_enter_locked+0x10/0x10 [ 1011.643741][T23068] ? move_vma+0x536/0x1780 [ 1011.643781][T23068] ? rcu_is_watching+0x12/0xc0 [ 1011.643818][T23068] ? lock_release+0x201/0x2f0 [ 1011.643872][T23068] move_vma+0x548/0x1780 [ 1011.643917][T23068] ? __pfx_move_vma+0x10/0x10 [ 1011.643956][T23068] ? mm_get_unmapped_area+0x95/0xe0 [ 1011.644012][T23068] ? shmem_get_unmapped_area+0x170/0xa00 [ 1011.644050][T23068] ? cap_mmap_addr+0x4b/0x120 [ 1011.644088][T23068] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1011.644143][T23068] ? security_mmap_addr+0x6c/0x1e0 [ 1011.644195][T23068] ? __get_unmapped_area+0x267/0x440 [ 1011.644251][T23068] ? vrm_set_new_addr+0x208/0x290 [ 1011.644295][T23068] mremap_to+0x1b7/0x450 [ 1011.644343][T23068] do_mremap+0x1004/0x1f80 [ 1011.644395][T23068] ? __pfx_do_mremap+0x10/0x10 [ 1011.644441][T23068] ? up_write+0x1b2/0x520 [ 1011.644500][T23068] __do_sys_mremap+0x119/0x170 [ 1011.644544][T23068] ? __pfx___do_sys_mremap+0x10/0x10 [ 1011.644593][T23068] ? __x64_sys_futex+0x1e0/0x4c0 [ 1011.644655][T23068] do_syscall_64+0xcd/0x490 [ 1011.644708][T23068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1011.644748][T23068] RIP: 0033:0x7fc3bbf8ebe9 [ 1011.644777][T23068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1011.644817][T23068] RSP: 002b:00007fc3bcd81038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1011.644853][T23068] RAX: ffffffffffffffda RBX: 00007fc3bc1b6090 RCX: 00007fc3bbf8ebe9 [ 1011.644879][T23068] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1011.644901][T23068] RBP: 00007fc3bc011e19 R08: 00007effffffb000 R09: 0000000000000000 [ 1011.644927][T23068] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1011.644950][T23068] R13: 00007fc3bc1b6128 R14: 00007fc3bc1b6090 R15: 00007fff10b10088 [ 1011.644987][T23068] [ 1012.044643][T23078] FAULT_INJECTION: forcing a failure. [ 1012.044643][T23078] name failslab, interval 1, probability 0, space 0, times 0 [ 1012.059980][T23055] kmem: usage 2932kB, limit 9007199254740988kB, failcnt 0 [ 1012.103123][T23078] CPU: 1 UID: 0 PID: 23078 Comm: syz.0.3190 Tainted: G U syzkaller #0 PREEMPT(full) [ 1012.103185][T23078] Tainted: [U]=USER [ 1012.103198][T23078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1012.103222][T23078] Call Trace: [ 1012.103234][T23078] [ 1012.103249][T23078] dump_stack_lvl+0x16c/0x1f0 [ 1012.103313][T23078] should_fail_ex+0x512/0x640 [ 1012.103376][T23078] should_failslab+0xc2/0x120 [ 1012.103430][T23078] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1012.103476][T23078] ? lockdep_init_map_type+0x5c/0x280 [ 1012.103527][T23078] ? seq_open+0x55/0x170 [ 1012.103585][T23078] seq_open+0x55/0x170 [ 1012.103637][T23078] kernfs_fop_open+0x59f/0xda0 [ 1012.103684][T23078] do_dentry_open+0x97f/0x1530 [ 1012.103732][T23078] ? __pfx_kernfs_fop_open+0x10/0x10 [ 1012.103772][T23078] vfs_open+0x82/0x3f0 [ 1012.103829][T23078] path_openat+0x1de4/0x2cb0 [ 1012.103882][T23078] ? __pfx_path_openat+0x10/0x10 [ 1012.103930][T23078] do_filp_open+0x20b/0x470 [ 1012.103975][T23078] ? __pfx_do_filp_open+0x10/0x10 [ 1012.104034][T23078] ? alloc_fd+0x471/0x7d0 [ 1012.104077][T23078] do_sys_openat2+0x11b/0x1d0 [ 1012.104134][T23078] ? __pfx_do_sys_openat2+0x10/0x10 [ 1012.104200][T23078] __x64_sys_openat+0x174/0x210 [ 1012.104261][T23078] ? __pfx___x64_sys_openat+0x10/0x10 [ 1012.104336][T23078] do_syscall_64+0xcd/0x490 [ 1012.104387][T23078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1012.104424][T23078] RIP: 0033:0x7f5a8fb8ebe9 [ 1012.104455][T23078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1012.104490][T23078] RSP: 002b:00007f5a8ddf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1012.104526][T23078] RAX: ffffffffffffffda RBX: 00007f5a8fdb5fa0 RCX: 00007f5a8fb8ebe9 [ 1012.104553][T23078] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 1012.104576][T23078] RBP: 00007f5a8fc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1012.104607][T23078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1012.104630][T23078] R13: 00007f5a8fdb6038 R14: 00007f5a8fdb5fa0 R15: 00007ffdfb10e098 [ 1012.104667][T23078] [ 1012.639927][T23055] Memory cgroup stats for /syz1: [ 1012.640130][T23055] cache 0 [ 1012.658896][T23055] rss 8192 [ 1012.670462][T23055] rss_huge 0 [ 1012.673734][T23055] shmem 0 [ 1012.676701][T23055] mapped_file 0 [ 1012.700084][T23055] dirty 0 [ 1012.703083][T23055] writeback 0 [ 1012.706406][T23055] workingset_refault_anon 64835 [ 1012.713956][T23055] workingset_refault_file 20063 [ 1012.718899][T23055] swap 888832 [ 1012.728591][T23055] swapcached 135168 [ 1012.739945][T23055] pgpgin 271822 [ 1012.754346][T23055] pgpgout 272306 [ 1012.758004][T23055] pgfault 333261 [ 1012.772086][T23055] pgmajfault 50815 [ 1012.780212][T23055] inactive_anon 0 [ 1012.792741][T23055] active_anon 139264 [ 1012.806897][T23055] inactive_file 0 [ 1012.830769][T23055] active_file 0 [ 1012.834319][T23055] unevictable 0 [ 1012.837825][T23055] hierarchical_memory_limit 3145728 [ 1012.853501][T23055] hierarchical_memsw_limit 9223372036854771712 [ 1012.859818][T23055] total_cache 0 [ 1012.882216][T23055] total_rss 8192 [ 1012.885946][T23055] total_rss_huge 0 [ 1012.896087][T23055] total_shmem 0 [ 1012.899669][T23055] total_mapped_file 0 [ 1012.906430][T23087] FAULT_INJECTION: forcing a failure. [ 1012.906430][T23087] name failslab, interval 1, probability 0, space 0, times 0 [ 1012.951380][T23055] total_dirty 0 [ 1012.961364][T23055] total_writeback 0 [ 1012.965257][T23055] total_workingset_refault_anon 64835 [ 1012.968363][T23087] CPU: 1 UID: 0 PID: 23087 Comm: syz.3.3192 Tainted: G U syzkaller #0 PREEMPT(full) [ 1012.968421][T23087] Tainted: [U]=USER [ 1012.968435][T23087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1012.968459][T23087] Call Trace: [ 1012.968472][T23087] [ 1012.968486][T23087] dump_stack_lvl+0x16c/0x1f0 [ 1012.968541][T23087] should_fail_ex+0x512/0x640 [ 1012.968597][T23087] should_failslab+0xc2/0x120 [ 1012.968650][T23087] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1012.968697][T23087] ? snd_mixer_oss_get_volume1_sw.constprop.0.isra.0+0xa4/0x580 [ 1012.968764][T23087] snd_mixer_oss_get_volume1_sw.constprop.0.isra.0+0xa4/0x580 [ 1012.968832][T23087] snd_mixer_oss_get_recsrc1_sw+0x104/0x1d0 [ 1012.968890][T23087] ? __pfx_snd_mixer_oss_get_recsrc1_sw+0x10/0x10 [ 1012.968949][T23087] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1012.969012][T23087] snd_mixer_oss_ioctl1+0x18f4/0x1e40 [ 1012.969065][T23087] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1012.969124][T23087] ? __pfx_snd_mixer_oss_get_recsrc1_sw+0x10/0x10 [ 1012.969184][T23087] ? __pfx_snd_mixer_oss_ioctl1+0x10/0x10 [ 1012.969243][T23087] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1012.969310][T23087] ? rcu_is_watching+0x12/0xc0 [ 1012.969349][T23087] ? __fget_files+0x204/0x3c0 [ 1012.969389][T23087] ? hook_file_ioctl_common+0x145/0x410 [ 1012.969443][T23087] ? __fget_files+0x20e/0x3c0 [ 1012.969488][T23087] snd_mixer_oss_ioctl+0x3e/0x50 [ 1012.969539][T23087] ? __pfx_snd_mixer_oss_ioctl+0x10/0x10 [ 1012.969597][T23087] __x64_sys_ioctl+0x18e/0x210 [ 1012.969657][T23087] do_syscall_64+0xcd/0x490 [ 1012.969708][T23087] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1012.969746][T23087] RIP: 0033:0x7fc3bbf8ebe9 [ 1012.969776][T23087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1012.969814][T23087] RSP: 002b:00007fc3bcd60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1012.969850][T23087] RAX: ffffffffffffffda RBX: 00007fc3bc1b6180 RCX: 00007fc3bbf8ebe9 [ 1012.969876][T23087] RDX: 00002000000012c0 RSI: 0000000080044dff RDI: 0000000000000007 [ 1012.969900][T23087] RBP: 00007fc3bc011e19 R08: 0000000000000000 R09: 0000000000000000 [ 1012.969925][T23087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1012.969947][T23087] R13: 00007fc3bc1b6218 R14: 00007fc3bc1b6180 R15: 00007fff10b10088 [ 1012.969982][T23087] [ 1013.004564][T23087] FAULT_INJECTION: forcing a failure. [ 1013.004564][T23087] name failslab, interval 1, probability 0, space 0, times 0 [ 1013.058005][T23055] total_workingset_refault_file 20063 [ 1013.120105][T23087] CPU: 1 UID: 0 PID: 23087 Comm: syz.3.3192 Tainted: G U syzkaller #0 PREEMPT(full) [ 1013.120169][T23087] Tainted: [U]=USER [ 1013.120184][T23087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1013.120219][T23087] Call Trace: [ 1013.120232][T23087] [ 1013.120247][T23087] dump_stack_lvl+0x16c/0x1f0 [ 1013.120302][T23087] should_fail_ex+0x512/0x640 [ 1013.120359][T23087] should_failslab+0xc2/0x120 [ 1013.120412][T23087] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1013.120459][T23087] ? __pmd_alloc+0xbf/0x930 [ 1013.120519][T23087] __pmd_alloc+0xbf/0x930 [ 1013.120576][T23087] move_page_tables+0x2a86/0x4070 [ 1013.120624][T23087] ? __pfx_copy_vma+0x10/0x10 [ 1013.120672][T23087] ? __pfx_move_page_tables+0x10/0x10 [ 1013.120719][T23087] ? do_raw_spin_lock+0x12c/0x2b0 [ 1013.120784][T23087] ? rcu_is_watching+0x12/0xc0 [ 1013.120823][T23087] ? finish_task_switch.isra.0+0x21c/0xc10 [ 1013.120860][T23087] ? rcu_is_watching+0x12/0xc0 [ 1013.120902][T23087] copy_vma_and_data+0x24e/0x790 [ 1013.120945][T23087] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1013.120987][T23087] ? rcu_is_watching+0x12/0xc0 [ 1013.121030][T23087] ? __vma_enter_locked+0x163/0x3f0 [ 1013.121068][T23087] ? __pfx___vma_enter_locked+0x10/0x10 [ 1013.121105][T23087] ? move_vma+0x536/0x1780 [ 1013.121143][T23087] ? rcu_is_watching+0x12/0xc0 [ 1013.121180][T23087] ? lock_release+0x201/0x2f0 [ 1013.121239][T23087] move_vma+0x548/0x1780 [ 1013.121284][T23087] ? __pfx_move_vma+0x10/0x10 [ 1013.121323][T23087] ? mm_get_unmapped_area+0x95/0xe0 [ 1013.121382][T23087] ? shmem_get_unmapped_area+0x170/0xa00 [ 1013.121421][T23087] ? cap_mmap_addr+0x4b/0x120 [ 1013.121460][T23087] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1013.121514][T23087] ? security_mmap_addr+0x6c/0x1e0 [ 1013.121568][T23087] ? __get_unmapped_area+0x267/0x440 [ 1013.121625][T23087] ? vrm_set_new_addr+0x208/0x290 [ 1013.121668][T23087] mremap_to+0x1b7/0x450 [ 1013.121710][T23087] do_mremap+0x1004/0x1f80 [ 1013.121762][T23087] ? __pfx_do_mremap+0x10/0x10 [ 1013.121802][T23087] ? __pfx_futex_wake+0x10/0x10 [ 1013.121881][T23087] ? up_write+0x1b2/0x520 [ 1013.121942][T23087] __do_sys_mremap+0x119/0x170 [ 1013.121983][T23087] ? __pfx___do_sys_mremap+0x10/0x10 [ 1013.122033][T23087] ? __x64_sys_futex+0x1e0/0x4c0 [ 1013.122083][T23087] do_syscall_64+0xcd/0x490 [ 1013.122125][T23087] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1013.122158][T23087] RIP: 0033:0x7fc3bbf8ebe9 [ 1013.122186][T23087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1013.122235][T23087] RSP: 002b:00007fc3bcd60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1013.122271][T23087] RAX: ffffffffffffffda RBX: 00007fc3bc1b6180 RCX: 00007fc3bbf8ebe9 [ 1013.122300][T23087] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1013.122322][T23087] RBP: 00007fc3bc011e19 R08: 00007effffffb000 R09: 0000000000000000 [ 1013.122347][T23087] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1013.122371][T23087] R13: 00007fc3bc1b6218 R14: 00007fc3bc1b6180 R15: 00007fff10b10088 [ 1013.122406][T23087] [ 1013.483831][ C0] vkms_vblank_simulate: vblank timer overrun [ 1013.550276][T23055] total_swap 888832 [ 1013.561764][T23055] total_swapcached 135168 [ 1013.586549][T23055] total_pgpgin 271822 [ 1013.612630][T23055] total_pgpgout 272306 [ 1013.616830][T23055] total_pgfault 333261 [ 1013.640019][T23055] total_pgmajfault 50815 [ 1013.644457][T23055] total_inactive_anon 0 [ 1013.664194][T23055] total_active_anon 139264 [ 1013.668729][T23055] total_inactive_file 0 [ 1013.678774][T23055] total_active_file 0 [ 1013.690413][T23055] total_unevictable 0 [ 1013.694497][T23055] anon_cost 56 [ 1013.718821][T23055] file_cost 0 [ 1013.730016][T23055] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3186,pid=23055,uid=0 [ 1013.767351][T23055] Memory cgroup out of memory: Killed process 23055 (syz.1.3186) total-vm:104268kB, anon-rss:1052kB, file-rss:22496kB, shmem-rss:0kB, UID:0 pgtables:140kB oom_score_adj:1000 [ 1013.878159][T23097] zswap: compressor not available [ 1014.480911][T23117] openvswitch: HfR: Dropping previously announced user features [ 1015.609187][T23129] random: crng reseeded on system resumption [ 1015.661264][T23129] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3200'. [ 1015.723398][T23131] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3201'. [ 1016.104184][T23133] zswap: compressor not available [ 1016.201119][T23133] Setting dangerous option i915.mitigations - tainting kernel [ 1017.198900][T23164] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3208'. [ 1017.491106][T23172] ima: policy update failed [ 1017.495881][ T30] audit: type=1802 audit(4294967508.180:43): pid=23172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.3211" res=0 errno=0 [ 1019.050043][ C1] bridge0: port 3(macvlan0) entered learning state [ 1021.439166][T23307] syz.1.3216 invoked oom-killer: gfp_mask=0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), order=0, oom_score_adj=1000 [ 1021.452940][T23307] CPU: 1 UID: 0 PID: 23307 Comm: syz.1.3216 Tainted: G U syzkaller #0 PREEMPT(full) [ 1021.452991][T23307] Tainted: [U]=USER [ 1021.453002][T23307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1021.453023][T23307] Call Trace: [ 1021.453033][T23307] [ 1021.453046][T23307] dump_stack_lvl+0x16c/0x1f0 [ 1021.453092][T23307] dump_header+0x101/0x930 [ 1021.453134][T23307] oom_kill_process+0x272/0xa40 [ 1021.453187][T23307] out_of_memory+0x350/0x1700 [ 1021.453230][T23307] ? __pfx_out_of_memory+0x10/0x10 [ 1021.453273][T23307] mem_cgroup_out_of_memory+0x118/0x130 [ 1021.453324][T23307] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1021.453378][T23307] ? do_raw_spin_unlock+0x172/0x230 [ 1021.453433][T23307] try_charge_memcg+0x72b/0xd50 [ 1021.453475][T23307] ? rcu_is_watching+0x12/0xc0 [ 1021.453507][T23307] ? __pfx_try_charge_memcg+0x10/0x10 [ 1021.453547][T23307] ? rcu_read_unlock+0x17/0x60 [ 1021.453588][T23307] ? rcu_is_watching+0x12/0xc0 [ 1021.453621][T23307] ? lock_release+0x201/0x2f0 [ 1021.453666][T23307] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 1021.453706][T23307] obj_cgroup_charge_pages+0x22/0x1f0 [ 1021.453748][T23307] __memcg_kmem_charge_page+0xc2/0x2e0 [ 1021.453793][T23307] __alloc_frozen_pages_noprof+0x325/0x23f0 [ 1021.453834][T23307] ? arch_stack_walk+0xa6/0x100 [ 1021.453876][T23307] ? stack_trace_save+0x8e/0xc0 [ 1021.453912][T23307] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1021.453950][T23307] ? rcu_is_watching+0x12/0xc0 [ 1021.453985][T23307] ? kasan_save_track+0x14/0x30 [ 1021.454018][T23307] ? __kasan_slab_alloc+0x89/0x90 [ 1021.454056][T23307] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 1021.454093][T23307] ? __pmd_alloc+0xbf/0x930 [ 1021.454140][T23307] ? __handle_mm_fault+0xa06/0x2a50 [ 1021.454178][T23307] ? handle_mm_fault+0x589/0xd10 [ 1021.454208][T23307] ? do_user_addr_fault+0x60c/0x1370 [ 1021.454258][T23307] ? exc_page_fault+0x5c/0xb0 [ 1021.454292][T23307] ? asm_exc_page_fault+0x26/0x30 [ 1021.454325][T23307] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1021.454374][T23307] ? policy_nodemask+0xea/0x4e0 [ 1021.454416][T23307] alloc_pages_mpol+0x1fb/0x550 [ 1021.454459][T23307] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1021.454507][T23307] alloc_pages_noprof+0x131/0x390 [ 1021.454550][T23307] pte_alloc_one+0x1c/0x3a0 [ 1021.454584][T23307] __pte_alloc+0x6d/0x3c0 [ 1021.454626][T23307] ? __pfx___pte_alloc+0x10/0x10 [ 1021.454669][T23307] ? rcu_is_watching+0x12/0xc0 [ 1021.454703][T23307] ? do_raw_spin_lock+0x12c/0x2b0 [ 1021.454748][T23307] do_pte_missing+0x285a/0x3ba0 [ 1021.454778][T23307] ? do_raw_spin_unlock+0x172/0x230 [ 1021.454826][T23307] ? _raw_spin_unlock+0x28/0x50 [ 1021.454860][T23307] ? __pmd_alloc+0x3fb/0x930 [ 1021.454909][T23307] __handle_mm_fault+0x152a/0x2a50 [ 1021.454947][T23307] ? __pfx___handle_mm_fault+0x10/0x10 [ 1021.454978][T23307] ? vma_start_read+0x2fc/0x870 [ 1021.455011][T23307] ? __pfx_vma_start_read+0x10/0x10 [ 1021.455042][T23307] ? lock_vma_under_rcu+0x1eb/0x530 [ 1021.455073][T23307] ? rcu_is_watching+0x12/0xc0 [ 1021.455109][T23307] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 1021.455150][T23307] ? do_raw_spin_lock+0x12c/0x2b0 [ 1021.455202][T23307] handle_mm_fault+0x589/0xd10 [ 1021.455234][T23307] ? __bpf_trace_exceptions+0x1/0x40 [ 1021.455283][T23307] do_user_addr_fault+0x60c/0x1370 [ 1021.455334][T23307] ? rcu_is_watching+0x12/0xc0 [ 1021.455369][T23307] exc_page_fault+0x5c/0xb0 [ 1021.455407][T23307] asm_exc_page_fault+0x26/0x30 [ 1021.455438][T23307] RIP: 0033:0x7f86cbb568dd [ 1021.455463][T23307] Code: 00 66 66 2e 0f 1f 84 00 00 00 00 00 90 48 89 f8 48 83 fa 20 72 37 c5 fe 6f 06 48 83 fa 40 0f 87 b9 00 00 00 c5 fe 6f 4c 16 e0 fe 7f 07 c5 fe 7f 4c 17 e0 0f 01 d6 75 04 c5 f8 77 c3 c5 fc 77 [ 1021.455497][T23307] RSP: 002b:00007ffe52aa0198 EFLAGS: 00010287 [ 1021.455524][T23307] RAX: 0000200000000180 RBX: 0000000000000004 RCX: 8000000000000036 [ 1021.455545][T23307] RDX: 0000000000000036 RSI: 0000001b31f20049 RDI: 0000200000000180 [ 1021.455567][T23307] RBP: 00007f86cbdb7da0 R08: 0000001b32320000 R09: 0000000000000001 [ 1021.455588][T23307] R10: 0000000000000001 R11: 0000000000000009 R12: 00007f86cbdb609c [ 1021.455609][T23307] R13: 00007ffe52aa0290 R14: fffffffffffffffe R15: 00007ffe52aa02b0 [ 1021.455641][T23307] [ 1021.456168][T23307] memory: usage 3072kB, limit 3072kB, failcnt 184546 [ 1021.898224][T23307] memory+swap: usage 3668kB, limit 9007199254740988kB, failcnt 0 [ 1021.947781][T23307] kmem: usage 2988kB, limit 9007199254740988kB, failcnt 0 [ 1022.019485][T23307] Memory cgroup stats for /syz1: [ 1022.019677][T23307] cache 0 [ 1022.038201][T23323] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3221'. [ 1022.055008][T23307] rss 0 [ 1022.057842][T23307] rss_huge 0 [ 1022.076049][T23323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1022.083422][T23307] shmem 0 [ 1022.087594][T23307] mapped_file 0 [ 1022.111547][T23323] bond0 (unregistering): Released all slaves [ 1022.113430][T23307] dirty 0 [ 1022.160414][T23307] writeback 0 [ 1022.166065][T23307] workingset_refault_anon 65326 [ 1022.189944][T23307] workingset_refault_file 20063 [ 1022.230653][T23307] swap 614400 [ 1022.234005][T23307] swapcached 81920 [ 1022.237844][T23307] pgpgin 272450 [ 1022.279113][T23307] pgpgout 272948 [ 1022.309998][T23307] pgfault 334254 [ 1022.313747][T23307] pgmajfault 51197 [ 1022.317618][T23307] inactive_anon 81920 [ 1022.321780][T23307] active_anon 0 [ 1022.325295][T23307] inactive_file 0 [ 1022.329067][T23307] active_file 0 [ 1022.332912][T23307] unevictable 0 [ 1022.336440][T23307] hierarchical_memory_limit 3145728 [ 1022.342013][T23307] hierarchical_memsw_limit 9223372036854771712 [ 1022.348326][T23307] total_cache 0 [ 1022.354633][T23307] total_rss 0 [ 1022.358009][T23307] total_rss_huge 0 [ 1022.362041][T23307] total_shmem 0 [ 1022.365647][T23307] total_mapped_file 0 [ 1022.370536][T23307] total_dirty 0 [ 1022.374195][T23307] total_writeback 0 [ 1022.378819][T23307] total_workingset_refault_anon 65326 [ 1022.394418][T23307] total_workingset_refault_file 20063 [ 1022.404834][T23307] total_swap 614400 [ 1022.408741][T23307] total_swapcached 81920 [ 1022.413337][T23307] total_pgpgin 272450 [ 1022.417490][T23307] total_pgpgout 272948 [ 1022.421898][T23307] total_pgfault 334254 [ 1022.426044][T23307] total_pgmajfault 51197 [ 1022.431366][T23307] total_inactive_anon 81920 [ 1022.435956][T23307] total_active_anon 0 [ 1022.440440][T23307] total_inactive_file 0 [ 1022.444764][T23307] total_active_file 0 [ 1022.448818][T23307] total_unevictable 0 [ 1022.453329][T23307] anon_cost 20 [ 1022.466394][T23307] file_cost 0 [ 1022.470669][T23307] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3216,pid=23307,uid=0 [ 1022.490220][T23307] Memory cgroup out of memory: Killed process 23307 (syz.1.3216) total-vm:104140kB, anon-rss:924kB, file-rss:21532kB, shmem-rss:0kB, UID:0 pgtables:112kB oom_score_adj:1000 [ 1022.842829][T23352] openvswitch: HfR: Dropping previously announced user features [ 1022.879518][ T5866] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 1022.879564][ T5866] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 1022.894907][ T5866] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 1022.894947][ T5866] Bluetooth: hci2: adv larger than maximum supported [ 1022.902401][ T5866] Bluetooth: hci2: adv larger than maximum supported [ 1022.909313][ T5866] Bluetooth: hci2: Malformed LE Event: 0x0d [ 1022.931091][T23350] syz.1.3227 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 1022.943052][T23350] CPU: 0 UID: 0 PID: 23350 Comm: syz.1.3227 Tainted: G U syzkaller #0 PREEMPT(full) [ 1022.943106][T23350] Tainted: [U]=USER [ 1022.943117][T23350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1022.943136][T23350] Call Trace: [ 1022.943147][T23350] [ 1022.943158][T23350] dump_stack_lvl+0x16c/0x1f0 [ 1022.943379][T23350] dump_header+0x101/0x930 [ 1022.943422][T23350] oom_kill_process+0x272/0xa40 [ 1022.943466][T23350] out_of_memory+0x350/0x1700 [ 1022.943510][T23350] ? __pfx_out_of_memory+0x10/0x10 [ 1022.943551][T23350] mem_cgroup_out_of_memory+0x118/0x130 [ 1022.943603][T23350] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1022.943683][T23350] ? do_raw_spin_unlock+0x172/0x230 [ 1022.943739][T23350] try_charge_memcg+0x72b/0xd50 [ 1022.943782][T23350] ? __pfx_try_charge_memcg+0x10/0x10 [ 1022.943816][T23350] ? xa_load+0x153/0x2c0 [ 1022.943861][T23350] ? rcu_read_unlock+0x17/0x60 [ 1022.943902][T23350] ? rcu_is_watching+0x12/0xc0 [ 1022.943934][T23350] charge_memcg+0x8a/0x230 [ 1022.943973][T23350] mem_cgroup_swapin_charge_folio+0xbb/0x440 [ 1022.944022][T23350] __read_swap_cache_async+0x43e/0x5a0 [ 1022.944060][T23350] ? __pfx___read_swap_cache_async+0x10/0x10 [ 1022.944093][T23350] ? swp_swap_info+0xce/0x130 [ 1022.944145][T23350] ? __pfx_swp_swap_info+0x10/0x10 [ 1022.944188][T23350] ? unwind_next_frame+0x3f4/0x20a0 [ 1022.944224][T23350] swap_cluster_readahead+0x4e1/0x710 [ 1022.944261][T23350] ? rcu_is_watching+0x12/0xc0 [ 1022.944297][T23350] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 1022.944329][T23350] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1022.944365][T23350] ? is_bpf_text_address+0x94/0x1a0 [ 1022.944407][T23350] ? kernel_text_address+0x8d/0x100 [ 1022.944438][T23350] ? rcu_is_watching+0x12/0xc0 [ 1022.944477][T23350] ? get_vma_policy+0x242/0x3c0 [ 1022.944524][T23350] swapin_readahead+0x13a/0xd60 [ 1022.944559][T23350] ? rcu_is_watching+0x12/0xc0 [ 1022.944596][T23350] ? __pfx_swapin_readahead+0x10/0x10 [ 1022.944629][T23350] ? __filemap_get_folio+0x32b/0xc30 [ 1022.944677][T23350] ? swap_cache_get_folio+0x1df/0x450 [ 1022.944713][T23350] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 1022.944745][T23350] ? __pfx_get_swap_device+0x10/0x10 [ 1022.944786][T23350] ? rcu_is_watching+0x12/0xc0 [ 1022.944819][T23350] ? lock_release+0x201/0x2f0 [ 1022.944863][T23350] do_swap_page+0x635/0x6490 [ 1022.944924][T23350] ? __pfx_do_swap_page+0x10/0x10 [ 1022.944970][T23350] ? rcu_is_watching+0x12/0xc0 [ 1022.945002][T23350] ? __pfx_default_wake_function+0x10/0x10 [ 1022.945035][T23350] ? tomoyo_path_number_perm+0x295/0x580 [ 1022.945072][T23350] ? ___pte_offset_map+0x54/0x4f0 [ 1022.945109][T23350] ? ___pte_offset_map+0x2ad/0x4f0 [ 1022.945157][T23350] __handle_mm_fault+0x1719/0x2a50 [ 1022.945189][T23350] ? __pfx___handle_mm_fault+0x10/0x10 [ 1022.945216][T23350] ? vma_start_read+0x2fc/0x870 [ 1022.945244][T23350] ? __pfx_vma_start_read+0x10/0x10 [ 1022.945271][T23350] ? lock_vma_under_rcu+0x1eb/0x530 [ 1022.945299][T23350] ? rcu_is_watching+0x12/0xc0 [ 1022.945331][T23350] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 1022.945359][T23350] ? handle_mm_fault+0x2ab/0xd10 [ 1022.945386][T23350] ? rcu_is_watching+0x12/0xc0 [ 1022.945416][T23350] handle_mm_fault+0x589/0xd10 [ 1022.945444][T23350] ? __bpf_trace_exceptions+0x1/0x40 [ 1022.945487][T23350] do_user_addr_fault+0x60c/0x1370 [ 1022.945532][T23350] ? rcu_is_watching+0x12/0xc0 [ 1022.945560][T23350] exc_page_fault+0x5c/0xb0 [ 1022.945599][T23350] asm_exc_page_fault+0x26/0x30 [ 1022.945629][T23350] RIP: 0033:0x7f86cba5e853 [ 1022.945654][T23350] Code: 8b 34 24 48 69 4c 24 20 e8 03 00 00 48 8d 3d 2b 49 1b 00 48 89 d0 48 f7 64 24 28 31 c0 41 8b 36 48 c1 ea 12 48 01 ca 48 89 d9 <48> 2b 15 8e 6e e8 00 e8 81 f9 fe ff 41 8b 76 2c 85 f6 7e 45 31 db [ 1022.945687][T23350] RSP: 002b:00007f86c9dee060 EFLAGS: 00010202 [ 1022.945714][T23350] RAX: 0000000000000000 RBX: 00007f86cbc22135 RCX: 00007f86cbc22135 [ 1022.945736][T23350] RDX: 00000000000f9b49 RSI: 0000000000000000 RDI: 00007f86cbc13167 [ 1022.945759][T23350] RBP: 00007f86cbdb5fa0 R08: 000000000002fef8 R09: 00007f86cb9f8000 [ 1022.945781][T23350] R10: 0000000000000001 R11: 002f1188cc816e04 R12: 0000000000000001 [ 1022.945799][T23350] R13: 00007f86cbdb6038 R14: 00007f86cbdb5fa0 R15: 00007ffe52aa0038 [ 1022.945825][T23350] [ 1022.945843][T23350] memory: usage 3068kB, limit 3072kB, failcnt 184851 [ 1023.120279][ T5866] Bluetooth: hci2: unexpected event 0x0f length: 726 > 4 [ 1023.133441][T23350] memory+swap: usage 3704kB, limit 9007199254740988kB, failcnt 0 [ 1023.135777][ T5866] Bluetooth: hci2: unexpected event for opcode 0xf6ff [ 1023.144130][T23350] kmem: usage 2972kB, limit 9007199254740988kB, failcnt 0 [ 1023.286779][T23358] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3230'. [ 1023.346581][T23350] Memory cgroup stats for /syz1: [ 1023.346791][T23350] cache 0 [ 1023.420274][T23350] rss 8192 [ 1023.423733][T23350] rss_huge 0 [ 1023.429934][T23350] shmem 0 [ 1023.439945][T23350] mapped_file 0 [ 1023.470236][T23350] dirty 0 [ 1023.473913][T23350] writeback 0 [ 1023.487557][T23350] workingset_refault_anon 65397 [ 1023.497333][T23350] workingset_refault_file 20063 [ 1023.566738][ T30] audit: type=1804 audit(4294967514.250:44): pid=23362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3231" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 1023.636896][T23350] swap 655360 [ 1023.651020][T23350] swapcached 90112 [ 1023.681558][T23350] pgpgin 272543 [ 1023.685340][T23350] pgpgout 273038 [ 1023.688987][T23350] pgfault 334375 [ 1023.709245][T23350] pgmajfault 51259 [ 1023.716959][T23350] inactive_anon 90112 [ 1023.730577][T23350] active_anon 0 [ 1023.734498][T23350] inactive_file 0 [ 1023.738298][T23350] active_file 0 [ 1023.748276][T23350] unevictable 0 [ 1023.756815][T23350] hierarchical_memory_limit 3145728 [ 1023.769998][T23350] hierarchical_memsw_limit 9223372036854771712 [ 1023.804508][T23350] total_cache 0 [ 1023.830003][T23350] total_rss 8192 [ 1023.833666][T23350] total_rss_huge 0 [ 1023.837536][T23350] total_shmem 0 [ 1023.876083][T23350] total_mapped_file 0 [ 1023.882588][T23350] total_dirty 0 [ 1023.886173][T23350] total_writeback 0 [ 1023.890510][T23350] total_workingset_refault_anon 65397 [ 1023.896027][T23350] total_workingset_refault_file 20063 [ 1023.909140][T23350] total_swap 655360 [ 1023.914013][T23350] total_swapcached 90112 [ 1023.918431][T23350] total_pgpgin 272543 [ 1023.924664][T23350] total_pgpgout 273038 [ 1023.928870][T23350] total_pgfault 334375 [ 1023.950044][T23350] total_pgmajfault 51259 [ 1023.954399][T23350] total_inactive_anon 90112 [ 1023.959003][T23350] total_active_anon 0 [ 1023.985366][T23350] total_inactive_file 0 [ 1023.994985][T23350] total_active_file 0 [ 1023.999131][T23350] total_unevictable 0 [ 1024.020109][T23350] anon_cost 26 [ 1024.026413][T23350] file_cost 0 [ 1024.029831][T23350] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3227,pid=23349,uid=0 [ 1024.102858][T23350] Memory cgroup out of memory: Killed process 23349 (syz.1.3227) total-vm:103876kB, anon-rss:940kB, file-rss:21532kB, shmem-rss:0kB, UID:0 pgtables:104kB oom_score_adj:1000 [ 1024.168977][T23380] FAULT_INJECTION: forcing a failure. [ 1024.168977][T23380] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.205674][T23380] CPU: 0 UID: 0 PID: 23380 Comm: syz.4.3234 Tainted: G U syzkaller #0 PREEMPT(full) [ 1024.205730][T23380] Tainted: [U]=USER [ 1024.205742][T23380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1024.205762][T23380] Call Trace: [ 1024.205774][T23380] [ 1024.205787][T23380] dump_stack_lvl+0x16c/0x1f0 [ 1024.205837][T23380] should_fail_ex+0x512/0x640 [ 1024.205890][T23380] should_failslab+0xc2/0x120 [ 1024.205936][T23380] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1024.205972][T23380] ? snd_mixer_oss_get_volume1_sw.constprop.0.isra.0+0xa4/0x580 [ 1024.206044][T23380] snd_mixer_oss_get_volume1_sw.constprop.0.isra.0+0xa4/0x580 [ 1024.206104][T23380] snd_mixer_oss_get_recsrc1_sw+0x104/0x1d0 [ 1024.206161][T23380] ? __pfx_snd_mixer_oss_get_recsrc1_sw+0x10/0x10 [ 1024.206213][T23380] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1024.206260][T23380] snd_mixer_oss_ioctl1+0x18f4/0x1e40 [ 1024.206304][T23380] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1024.206355][T23380] ? __pfx_snd_mixer_oss_get_recsrc1_sw+0x10/0x10 [ 1024.206409][T23380] ? __pfx_snd_mixer_oss_ioctl1+0x10/0x10 [ 1024.206454][T23380] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1024.206510][T23380] ? rcu_is_watching+0x12/0xc0 [ 1024.206544][T23380] ? __fget_files+0x204/0x3c0 [ 1024.206576][T23380] ? hook_file_ioctl_common+0x145/0x410 [ 1024.206624][T23380] ? __fget_files+0x20e/0x3c0 [ 1024.206664][T23380] snd_mixer_oss_ioctl+0x3e/0x50 [ 1024.206710][T23380] ? __pfx_snd_mixer_oss_ioctl+0x10/0x10 [ 1024.206756][T23380] __x64_sys_ioctl+0x18e/0x210 [ 1024.206809][T23380] do_syscall_64+0xcd/0x490 [ 1024.206855][T23380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1024.206887][T23380] RIP: 0033:0x7ff3b598ebe9 [ 1024.206913][T23380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1024.206948][T23380] RSP: 002b:00007ff3b67b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1024.206980][T23380] RAX: ffffffffffffffda RBX: 00007ff3b5bb6090 RCX: 00007ff3b598ebe9 [ 1024.207015][T23380] RDX: 00002000000012c0 RSI: 0000000080044dff RDI: 0000000000000007 [ 1024.207037][T23380] RBP: 00007ff3b5a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1024.207058][T23380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1024.207079][T23380] R13: 00007ff3b5bb6128 R14: 00007ff3b5bb6090 R15: 00007ffd8fbaf758 [ 1024.207112][T23380] [ 1024.493460][T23380] FAULT_INJECTION: forcing a failure. [ 1024.493460][T23380] name failslab, interval 1, probability 0, space 0, times 0 [ 1024.682888][T23385] syz.1.3236 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 1024.694046][T23385] CPU: 0 UID: 0 PID: 23385 Comm: syz.1.3236 Tainted: G U syzkaller #0 PREEMPT(full) [ 1024.694083][T23385] Tainted: [U]=USER [ 1024.694090][T23385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1024.694105][T23385] Call Trace: [ 1024.694115][T23385] [ 1024.694126][T23385] dump_stack_lvl+0x16c/0x1f0 [ 1024.694161][T23385] dump_header+0x101/0x930 [ 1024.694191][T23385] oom_kill_process+0x272/0xa40 [ 1024.694221][T23385] out_of_memory+0x350/0x1700 [ 1024.694253][T23385] ? __pfx_out_of_memory+0x10/0x10 [ 1024.694285][T23385] mem_cgroup_out_of_memory+0x118/0x130 [ 1024.694322][T23385] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1024.694362][T23385] ? do_raw_spin_unlock+0x172/0x230 [ 1024.694402][T23385] try_charge_memcg+0x72b/0xd50 [ 1024.694433][T23385] ? __pfx_try_charge_memcg+0x10/0x10 [ 1024.694462][T23385] ? xa_load+0x153/0x2c0 [ 1024.694496][T23385] ? rcu_read_unlock+0x17/0x60 [ 1024.694525][T23385] ? rcu_is_watching+0x12/0xc0 [ 1024.694551][T23385] charge_memcg+0x8a/0x230 [ 1024.694579][T23385] mem_cgroup_swapin_charge_folio+0xbb/0x440 [ 1024.694615][T23385] __read_swap_cache_async+0x43e/0x5a0 [ 1024.694642][T23385] ? __pfx___read_swap_cache_async+0x10/0x10 [ 1024.694667][T23385] ? swp_swap_info+0xce/0x130 [ 1024.694709][T23385] ? __pfx_swp_swap_info+0x10/0x10 [ 1024.694749][T23385] ? rcu_is_watching+0x12/0xc0 [ 1024.694774][T23385] swap_cluster_readahead+0x3eb/0x710 [ 1024.694802][T23385] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 1024.694826][T23385] ? do_raw_spin_unlock+0x172/0x230 [ 1024.694863][T23385] ? rcu_is_watching+0x12/0xc0 [ 1024.694896][T23385] ? rcu_is_watching+0x12/0xc0 [ 1024.694923][T23385] ? get_vma_policy+0x242/0x3c0 [ 1024.694957][T23385] swapin_readahead+0x13a/0xd60 [ 1024.694981][T23385] ? rcu_is_watching+0x12/0xc0 [ 1024.695007][T23385] ? __pfx_swapin_readahead+0x10/0x10 [ 1024.695031][T23385] ? __filemap_get_folio+0x32b/0xc30 [ 1024.695065][T23385] ? swap_cache_get_folio+0x1df/0x450 [ 1024.695089][T23385] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 1024.695112][T23385] ? __pfx_get_swap_device+0x10/0x10 [ 1024.695143][T23385] ? rcu_is_watching+0x12/0xc0 [ 1024.695166][T23385] ? lock_release+0x201/0x2f0 [ 1024.695197][T23385] do_swap_page+0x635/0x6490 [ 1024.695239][T23385] ? __pfx_do_swap_page+0x10/0x10 [ 1024.695275][T23385] ? __pfx_default_wake_function+0x10/0x10 [ 1024.695300][T23385] ? futex_hash+0x2c5/0x380 [ 1024.695327][T23385] ? ___pte_offset_map+0x54/0x4f0 [ 1024.695358][T23385] ? ___pte_offset_map+0x2ad/0x4f0 [ 1024.695392][T23385] __handle_mm_fault+0x1719/0x2a50 [ 1024.695420][T23385] ? __pfx___handle_mm_fault+0x10/0x10 [ 1024.695442][T23385] ? vma_start_read+0x2fc/0x870 [ 1024.695466][T23385] ? __pfx_vma_start_read+0x10/0x10 [ 1024.695489][T23385] ? lock_vma_under_rcu+0x1eb/0x530 [ 1024.695512][T23385] ? rcu_is_watching+0x12/0xc0 [ 1024.695538][T23385] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 1024.695562][T23385] ? handle_mm_fault+0x2ab/0xd10 [ 1024.695584][T23385] ? rcu_is_watching+0x12/0xc0 [ 1024.695609][T23385] handle_mm_fault+0x589/0xd10 [ 1024.695633][T23385] ? __bpf_trace_exceptions+0x1/0x40 [ 1024.695670][T23385] do_user_addr_fault+0x60c/0x1370 [ 1024.695724][T23385] ? rcu_is_watching+0x12/0xc0 [ 1024.695749][T23385] exc_page_fault+0x5c/0xb0 [ 1024.695776][T23385] asm_exc_page_fault+0x26/0x30 [ 1024.695799][T23385] RIP: 0033:0x7f86cbb45d20 [ 1024.695817][T23385] Code: 04 24 48 83 e8 01 48 83 f8 fd 76 1e 4c 8d 64 24 60 4c 89 e7 e8 11 0e 00 00 89 c5 85 c0 0f 85 a2 00 00 00 c6 44 24 43 01 eb 09 44 24 43 00 4c 8b 24 24 e8 a2 8b 04 00 4c 8b 2d 63 17 da 00 48 [ 1024.695840][T23385] RSP: 002b:00007ffe52a9ffe0 EFLAGS: 00010203 [ 1024.695858][T23385] RAX: 00007ffe52aa012f RBX: 0000000000000064 RCX: 00007f86cbdb5fa0 [ 1024.695879][T23385] RDX: 00007f86cba5ece0 RSI: 00007ffe52aa0130 RDI: 00007ffe52aa0128 [ 1024.695895][T23385] RBP: 00007f86cbdb5fa0 R08: 0000000000000000 R09: 00007ffe52aa0250 [ 1024.695910][T23385] R10: 00007f86cbdb5fa0 R11: 0000000000000246 R12: 00007ffe52aa0130 [ 1024.695925][T23385] R13: 00007f86cba5ece0 R14: 00007ffe52aa0128 R15: 0000000000000004 [ 1024.695947][T23385] [ 1024.695956][T23385] memory: usage 3072kB, limit 3072kB, failcnt 185009 [ 1025.107814][T23380] CPU: 0 UID: 0 PID: 23380 Comm: syz.4.3234 Tainted: G U syzkaller #0 PREEMPT(full) [ 1025.107871][T23380] Tainted: [U]=USER [ 1025.107885][T23380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1025.107906][T23380] Call Trace: [ 1025.107917][T23380] [ 1025.107930][T23380] dump_stack_lvl+0x16c/0x1f0 [ 1025.107988][T23380] should_fail_ex+0x512/0x640 [ 1025.108036][T23380] should_failslab+0xc2/0x120 [ 1025.108083][T23380] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 1025.108121][T23380] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1025.108165][T23380] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 1025.108198][T23380] ? unwind_get_return_address+0x59/0xa0 [ 1025.108229][T23380] ? mas_alloc_nodes+0x18b/0x8b0 [ 1025.108260][T23380] ? mas_alloc_nodes+0x2f1/0x8b0 [ 1025.108289][T23380] mas_alloc_nodes+0x2f1/0x8b0 [ 1025.108322][T23380] mas_node_count_gfp+0x105/0x130 [ 1025.108355][T23380] mas_preallocate+0x7e0/0xde0 [ 1025.108398][T23380] ? __pfx_mas_preallocate+0x10/0x10 [ 1025.108443][T23380] ? rcu_is_watching+0x12/0xc0 [ 1025.108472][T23380] ? lock_release+0x201/0x2f0 [ 1025.108511][T23380] vma_link+0x135/0x6a0 [ 1025.108544][T23380] ? __pfx_vma_link+0x10/0x10 [ 1025.108914][T23380] ? rcu_is_watching+0x12/0xc0 [ 1025.108962][T23380] ? anon_vma_clone+0x405/0x5c0 [ 1025.108994][T23380] ? anon_vma_name+0x81/0x2f0 [ 1025.109039][T23380] copy_vma+0x6c2/0xaa0 [ 1025.109074][T23380] ? __pfx_copy_vma+0x10/0x10 [ 1025.109111][T23380] ? trace_pid_list_is_set+0xfb/0x150 [ 1025.109145][T23380] ? rcu_is_watching+0x12/0xc0 [ 1025.109194][T23380] ? rcu_is_watching+0x12/0xc0 [ 1025.109222][T23380] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1025.109270][T23380] copy_vma_and_data+0x1cf/0x790 [ 1025.109306][T23380] ? __pfx_copy_vma_and_data+0x10/0x10 [ 1025.109338][T23380] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1025.109375][T23380] ? __vma_enter_locked+0x163/0x3f0 [ 1025.109403][T23380] ? __pfx___vma_enter_locked+0x10/0x10 [ 1025.109430][T23380] ? move_vma+0x536/0x1780 [ 1025.109458][T23380] ? rcu_is_watching+0x12/0xc0 [ 1025.109486][T23380] ? lock_release+0x201/0x2f0 [ 1025.109525][T23380] move_vma+0x548/0x1780 [ 1025.109558][T23380] ? __pfx_move_vma+0x10/0x10 [ 1025.109593][T23380] ? mm_get_unmapped_area+0x95/0xe0 [ 1025.109634][T23380] ? shmem_get_unmapped_area+0x170/0xa00 [ 1025.109662][T23380] ? cap_mmap_addr+0x4b/0x120 [ 1025.109692][T23380] ? bpf_lsm_mmap_addr+0x9/0x10 [ 1025.109734][T23380] ? security_mmap_addr+0x6c/0x1e0 [ 1025.109777][T23380] ? __get_unmapped_area+0x267/0x440 [ 1025.109820][T23380] ? vrm_set_new_addr+0x208/0x290 [ 1025.109851][T23380] mremap_to+0x1b7/0x450 [ 1025.109891][T23380] do_mremap+0x1004/0x1f80 [ 1025.109936][T23380] ? __pfx_do_mremap+0x10/0x10 [ 1025.109974][T23380] ? up_write+0x1b2/0x520 [ 1025.110024][T23380] __do_sys_mremap+0x119/0x170 [ 1025.110063][T23380] ? __pfx___do_sys_mremap+0x10/0x10 [ 1025.110107][T23380] ? __x64_sys_futex+0x1e0/0x4c0 [ 1025.110162][T23380] do_syscall_64+0xcd/0x490 [ 1025.110221][T23380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1025.110253][T23380] RIP: 0033:0x7ff3b598ebe9 [ 1025.110276][T23380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1025.110306][T23380] RSP: 002b:00007ff3b67b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 1025.110334][T23380] RAX: ffffffffffffffda RBX: 00007ff3b5bb6090 RCX: 00007ff3b598ebe9 [ 1025.110355][T23380] RDX: 0000000000000008 RSI: 0000000000000002 RDI: 0000000000000000 [ 1025.110372][T23380] RBP: 00007ff3b5a11e19 R08: 00007effffffb000 R09: 0000000000000000 [ 1025.110391][T23380] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1025.110410][T23380] R13: 00007ff3b5bb6128 R14: 00007ff3b5bb6090 R15: 00007ffd8fbaf758 [ 1025.110437][T23380] [ 1025.381320][T23385] memory+swap: usage 3692kB, limit 9007199254740988kB, failcnt 0 [ 1025.381352][T23385] kmem: usage 2932kB, limit 9007199254740988kB, failcnt 0 [ 1025.381373][T23385] Memory cgroup stats for /syz1: [ 1025.381551][T23385] cache 0 [ 1025.381565][T23385] rss 0 [ 1025.381576][T23385] rss_huge 0 [ 1025.381589][T23385] shmem 0 [ 1025.381602][T23385] mapped_file 0 [ 1025.381614][T23385] dirty 0 [ 1025.381627][T23385] writeback 0 [ 1025.381639][T23385] workingset_refault_anon 65450 [ 1025.381654][T23385] workingset_refault_file 20063 [ 1025.381669][T23385] swap 638976 [ 1025.381681][T23385] swapcached 98304 [ 1025.381693][T23385] pgpgin 272608 [ 1025.381705][T23385] pgpgout 273102 [ 1025.381718][T23385] pgfault 334458 [ 1025.381731][T23385] pgmajfault 51295 [ 1025.381743][T23385] inactive_anon 98304 [ 1025.381756][T23385] active_anon 0 [ 1025.381769][T23385] inactive_file 0 [ 1025.381782][T23385] active_file 0 [ 1025.381795][T23385] unevictable 0 [ 1025.381807][T23385] hierarchical_memory_limit 3145728 [ 1025.381823][T23385] hierarchical_memsw_limit 9223372036854771712 [ 1025.381839][T23385] total_cache 0 [ 1025.381852][T23385] total_rss 0 [ 1025.381864][T23385] total_rss_huge 0 [ 1025.381876][T23385] total_shmem 0 [ 1025.381889][T23385] total_mapped_file 0 [ 1025.381911][T23385] total_dirty 0 [ 1025.381923][T23385] total_writeback 0 [ 1025.381936][T23385] total_workingset_refault_anon 65450 [ 1025.381951][T23385] total_workingset_refault_file 20063 [ 1025.381966][T23385] total_swap 638976 [ 1025.381978][T23385] total_swapcached 98304 [ 1025.381991][T23385] total_pgpgin 272608 [ 1025.382004][T23385] total_pgpgout 273102 [ 1025.382017][T23385] total_pgfault 334458 [ 1025.382030][T23385] total_pgmajfault 51295 [ 1025.382043][T23385] total_inactive_anon 98304 [ 1025.382057][T23385] total_active_anon 0 [ 1025.382070][T23385] total_inactive_file 0 [ 1025.382084][T23385] total_active_file 0 [ 1025.382097][T23385] total_unevictable 0 [ 1025.382110][T23385] anon_cost 31 [ 1025.382123][T23385] file_cost 0 [ 1025.382135][T23385] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3236,pid=23385,uid=0 [ 1025.382253][T23385] Memory cgroup out of memory: Killed process 23385 (syz.1.3236) total-vm:103744kB, anon-rss:948kB, file-rss:21532kB, shmem-rss:0kB, UID:0 pgtables:112kB oom_score_adj:1000 [ 1025.940251][T23388] syz.1.3237 invoked oom-killer: gfp_mask=0x402dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_NOWARN), order=2, oom_score_adj=1000 [ 1025.940310][T23388] CPU: 0 UID: 0 PID: 23388 Comm: syz.1.3237 Tainted: G U syzkaller #0 PREEMPT(full) [ 1025.940354][T23388] Tainted: [U]=USER [ 1025.940366][T23388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1025.940386][T23388] Call Trace: [ 1025.940396][T23388] [ 1025.940409][T23388] dump_stack_lvl+0x16c/0x1f0 [ 1025.940453][T23388] dump_header+0x101/0x930 [ 1025.940495][T23388] oom_kill_process+0x272/0xa40 [ 1025.940538][T23388] out_of_memory+0x350/0x1700 [ 1025.940582][T23388] ? __pfx_out_of_memory+0x10/0x10 [ 1025.940628][T23388] mem_cgroup_out_of_memory+0x118/0x130 [ 1025.940680][T23388] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1025.940756][T23388] ? do_raw_spin_unlock+0x172/0x230 [ 1025.940811][T23388] try_charge_memcg+0x72b/0xd50 [ 1025.940863][T23388] ? rcu_is_watching+0x12/0xc0 [ 1025.940897][T23388] ? __pfx_try_charge_memcg+0x10/0x10 [ 1025.940934][T23388] ? rcu_read_unlock+0x17/0x60 [ 1025.940974][T23388] ? rcu_is_watching+0x12/0xc0 [ 1025.941006][T23388] ? lock_release+0x201/0x2f0 [ 1025.941051][T23388] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 1025.941085][T23388] obj_cgroup_charge_pages+0x22/0x1f0 [ 1025.941128][T23388] obj_cgroup_charge_account+0x5c/0xa0 [ 1025.941171][T23388] __memcg_slab_post_alloc_hook+0x30c/0x960 [ 1025.941219][T23388] ? kasan_unpoison+0x27/0x60 [ 1025.941256][T23388] __kvmalloc_node_noprof+0x506/0x620 [ 1025.941293][T23388] ? futex_hash_allocate+0x2cc/0x1020 [ 1025.941332][T23388] ? futex_hash_allocate+0x2cc/0x1020 [ 1025.941367][T23388] futex_hash_allocate+0x2cc/0x1020 [ 1025.941404][T23388] ? do_raw_spin_lock+0x12c/0x2b0 [ 1025.941454][T23388] ? __pfx_futex_hash_allocate+0x10/0x10 [ 1025.941492][T23388] ? rcu_is_watching+0x12/0xc0 [ 1025.941524][T23388] ? futex_hash_allocate_default+0x29c/0x5c0 [ 1025.941564][T23388] ? rcu_is_watching+0x12/0xc0 [ 1025.941597][T23388] ? lock_release+0x201/0x2f0 [ 1025.941640][T23388] futex_hash_allocate_default+0x330/0x5c0 [ 1025.941686][T23388] copy_process+0x4c17/0x7690 [ 1025.941727][T23388] ? do_swap_page+0x572/0x6490 [ 1025.941782][T23388] ? __pfx_copy_process+0x10/0x10 [ 1025.941820][T23388] ? lock_release+0x201/0x2f0 [ 1025.941876][T23388] ? _copy_from_user+0x59/0xd0 [ 1025.941930][T23388] kernel_clone+0xfc/0x930 [ 1025.941969][T23388] ? ___pte_offset_map+0x54/0x4f0 [ 1025.942015][T23388] ? __pfx_kernel_clone+0x10/0x10 [ 1025.942067][T23388] __do_sys_clone3+0x212/0x290 [ 1025.942115][T23388] ? __pfx___do_sys_clone3+0x10/0x10 [ 1025.942157][T23388] ? sigprocmask+0x22e/0x330 [ 1025.942228][T23388] do_syscall_64+0xcd/0x490 [ 1025.942271][T23388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1025.942303][T23388] RIP: 0033:0x7f86cbbc3449 [ 1025.942328][T23388] Code: d7 08 00 48 8d 3d fc d7 08 00 e8 02 29 f6 ff 66 90 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7 [ 1025.942361][T23388] RSP: 002b:00007ffe52a9ff08 EFLAGS: 00000206 ORIG_RAX: 00000000000001b3 [ 1025.942392][T23388] RAX: ffffffffffffffda RBX: 00007f86cbb45850 RCX: 00007f86cbbc3449 [ 1025.942414][T23388] RDX: 00007f86cbb45850 RSI: 0000000000000058 RDI: 00007ffe52a9ff50 [ 1025.942436][T23388] RBP: 00007f86c9dee6c0 R08: 00007f86c9dee6c0 R09: 00007ffe52aa0037 [ 1025.942457][T23388] R10: 0000000000000008 R11: 0000000000000206 R12: ffffffffffffffa8 [ 1025.942479][T23388] R13: 000000000000000b R14: 00007ffe52a9ff50 R15: 00007ffe52aa0038 [ 1025.942509][T23388] [ 1025.945786][T23388] memory: usage 3072kB, limit 3072kB, failcnt 185120 [ 1025.945815][T23388] memory+swap: usage 3724kB, limit 9007199254740988kB, failcnt 0 [ 1025.945837][T23388] kmem: usage 2996kB, limit 9007199254740988kB, failcnt 0 [ 1025.945866][T23388] Memory cgroup stats for /syz1: [ 1025.946037][T23388] cache 0 [ 1025.946052][T23388] rss 8192 [ 1025.946065][T23388] rss_huge 0 [ 1025.946077][T23388] shmem 0 [ 1025.946089][T23388] mapped_file 0 [ 1025.946102][T23388] dirty 0 [ 1025.946114][T23388] writeback 0 [ 1025.946126][T23388] workingset_refault_anon 65487 [ 1025.946146][T23388] workingset_refault_file 20063 [ 1025.946161][T23388] swap 667648 [ 1025.946173][T23388] swapcached 69632 [ 1025.946186][T23388] pgpgin 272658 [ 1025.946198][T23388] pgpgout 273157 [ 1025.946211][T23388] pgfault 334539 [ 1025.946224][T23388] pgmajfault 51327 [ 1025.946237][T23388] inactive_anon 77824 [ 1025.946249][T23388] active_anon 0 [ 1025.946262][T23388] inactive_file 0 [ 1025.946275][T23388] active_file 0 [ 1025.946288][T23388] unevictable 0 [ 1025.946301][T23388] hierarchical_memory_limit 3145728 [ 1025.946316][T23388] hierarchical_memsw_limit 9223372036854771712 [ 1025.946332][T23388] total_cache 0 [ 1025.946345][T23388] total_rss 8192 [ 1025.946358][T23388] total_rss_huge 0 [ 1025.946370][T23388] total_shmem 0 [ 1025.946383][T23388] total_mapped_file 0 [ 1025.946397][T23388] total_dirty 0 [ 1025.946409][T23388] total_writeback 0 [ 1025.946422][T23388] total_workingset_refault_anon 65487 [ 1025.946437][T23388] total_workingset_refault_file 20063 [ 1025.946451][T23388] total_swap 667648 [ 1025.946463][T23388] total_swapcached 69632 [ 1025.946475][T23388] total_pgpgin 272658 [ 1025.946488][T23388] total_pgpgout 273157 [ 1025.946500][T23388] total_pgfault 334539 [ 1025.946512][T23388] total_pgmajfault 51327 [ 1025.946524][T23388] total_inactive_anon 77824 [ 1025.946538][T23388] total_active_anon 0 [ 1025.950100][T23388] total_inactive_file 0 [ 1025.950119][T23388] total_active_file 0 [ 1025.950131][T23388] total_unevictable 0 [ 1025.950144][T23388] anon_cost 45 [ 1025.950156][T23388] file_cost 0 [ 1025.950169][T23388] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3237,pid=23388,uid=0 [ 1025.950289][T23388] Memory cgroup out of memory: Killed process 23388 (syz.1.3237) total-vm:101828kB, anon-rss:940kB, file-rss:21532kB, shmem-rss:0kB, UID:0 pgtables:116kB oom_score_adj:1000 [ 1026.003886][T23388] ------------[ cut here ]------------ [ 1026.003900][T23388] pvqspinlock: lock 0xffff88803512c0c0 has corrupted value 0x0! [ 1026.004025][T23388] WARNING: CPU: 0 PID: 23388 at kernel/locking/qspinlock_paravirt.h:504 __pv_queued_spin_unlock_slowpath+0x237/0x330 [ 1026.004078][T23388] Modules linked in: [ 1026.004099][T23388] CPU: 0 UID: 0 PID: 23388 Comm: syz.1.3237 Tainted: G U syzkaller #0 PREEMPT(full) [ 1026.004132][T23388] Tainted: [U]=USER [ 1026.004141][T23388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1026.004156][T23388] RIP: 0010:__pv_queued_spin_unlock_slowpath+0x237/0x330 [ 1026.004213][T23388] Code: 03 0f b6 14 02 4c 89 e8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 67 41 8b 55 00 4c 89 ee 48 c7 c7 00 81 ad 8b e8 fa aa e6 f5 90 <0f> 0b 90 90 e9 64 ff ff ff 90 0f 0b 48 89 df 4c 89 04 24 e8 71 15 [ 1026.004237][T23388] RSP: 0018:ffffc9000e9c79c8 EFLAGS: 00010286 [ 1026.004257][T23388] RAX: 0000000000000000 RBX: ffff88803512c0c0 RCX: ffffffff817a02c8 [ 1026.004274][T23388] RDX: ffff88802fa9bc00 RSI: ffffffff817a02d5 RDI: 0000000000000001 [ 1026.004290][T23388] RBP: ffff88803512c0c8 R08: 0000000000000001 R09: 0000000000000000 [ 1026.004305][T23388] R10: 0000000000000000 R11: 00000000000d4550 R12: ffff88803512c0d0 [ 1026.004321][T23388] R13: ffff88803512c0c0 R14: 00000000003d0f00 R15: ffff88802ab43c00 [ 1026.004338][T23388] FS: 0000555568154500(0000) GS:ffff8881246c4000(0000) knlGS:0000000000000000 [ 1026.004360][T23388] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1026.004377][T23388] CR2: 00007f86cc8e86ec CR3: 0000000060c0e000 CR4: 00000000003526f0 [ 1026.004393][T23388] Call Trace: [ 1026.004401][T23388] [ 1026.004413][T23388] __raw_callee_save___pv_queued_spin_unlock_slowpath+0x15/0x30 [ 1026.004451][T23388] ? debug_locks_off+0x19/0x80 [ 1026.004474][T23388] .slowpath+0x9/0x18 [ 1026.004500][T23388] ? debug_locks_off+0x24/0x80 [ 1026.004521][T23388] do_raw_spin_unlock+0x172/0x230 [ 1026.004560][T23388] _raw_spin_unlock+0x1e/0x50 [ 1026.004585][T23388] copy_process+0x6b72/0x7690 [ 1026.004616][T23388] ? do_swap_page+0x572/0x6490 [ 1026.004657][T23388] ? __pfx_copy_process+0x10/0x10 [ 1026.004693][T23388] ? lock_release+0x201/0x2f0 [ 1026.004739][T23388] ? _copy_from_user+0x59/0xd0 [ 1026.004779][T23388] kernel_clone+0xfc/0x930 [ 1026.004808][T23388] ? ___pte_offset_map+0x54/0x4f0 [ 1026.004848][T23388] ? __pfx_kernel_clone+0x10/0x10 [ 1026.004886][T23388] __do_sys_clone3+0x212/0x290 [ 1026.004917][T23388] ? __pfx___do_sys_clone3+0x10/0x10 [ 1026.004948][T23388] ? sigprocmask+0x22e/0x330 [ 1026.005003][T23388] do_syscall_64+0xcd/0x490 [ 1026.005036][T23388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1026.005060][T23388] RIP: 0033:0x7f86cbbc3449 [ 1026.005079][T23388] Code: d7 08 00 48 8d 3d fc d7 08 00 e8 02 29 f6 ff 66 90 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7 [ 1026.005105][T23388] RSP: 002b:00007ffe52a9ff08 EFLAGS: 00000206 ORIG_RAX: 00000000000001b3 [ 1026.005128][T23388] RAX: ffffffffffffffda RBX: 00007f86cbb45850 RCX: 00007f86cbbc3449 [ 1026.005145][T23388] RDX: 00007f86cbb45850 RSI: 0000000000000058 RDI: 00007ffe52a9ff50 [ 1026.005161][T23388] RBP: 00007f86c9dee6c0 R08: 00007f86c9dee6c0 R09: 00007ffe52aa0037 [ 1026.005177][T23388] R10: 0000000000000008 R11: 0000000000000206 R12: ffffffffffffffa8 [ 1026.005193][T23388] R13: 000000000000000b R14: 00007ffe52a9ff50 R15: 00007ffe52aa0038 [ 1026.005215][T23388] [ 1026.005227][T23388] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1026.005243][T23388] CPU: 0 UID: 0 PID: 23388 Comm: syz.1.3237 Tainted: G U syzkaller #0 PREEMPT(full) [ 1026.005275][T23388] Tainted: [U]=USER [ 1026.005284][T23388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1026.005298][T23388] Call Trace: [ 1026.005305][T23388] [ 1026.005314][T23388] dump_stack_lvl+0x3d/0x1f0 [ 1026.005344][T23388] vpanic+0x6e8/0x7a0 [ 1026.005377][T23388] ? __pfx_vpanic+0x10/0x10 [ 1026.005414][T23388] ? __pv_queued_spin_unlock_slowpath+0x237/0x330 [ 1026.005446][T23388] panic+0xca/0xd0 [ 1026.005479][T23388] ? __pfx_panic+0x10/0x10 [ 1026.005517][T23388] ? check_panic_on_warn+0x1f/0xb0 [ 1026.005553][T23388] check_panic_on_warn+0xab/0xb0 [ 1026.005589][T23388] __warn+0xf6/0x3c0 [ 1026.005623][T23388] ? __pv_queued_spin_unlock_slowpath+0x237/0x330 [ 1026.005656][T23388] report_bug+0x3c3/0x580 [ 1026.005687][T23388] ? __pv_queued_spin_unlock_slowpath+0x237/0x330 [ 1026.005733][T23388] handle_bug+0x184/0x210 [ 1026.005766][T23388] exc_invalid_op+0x17/0x50 [ 1026.005801][T23388] asm_exc_invalid_op+0x1a/0x20 [ 1026.005824][T23388] RIP: 0010:__pv_queued_spin_unlock_slowpath+0x237/0x330 [ 1026.005868][T23388] Code: 03 0f b6 14 02 4c 89 e8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 67 41 8b 55 00 4c 89 ee 48 c7 c7 00 81 ad 8b e8 fa aa e6 f5 90 <0f> 0b 90 90 e9 64 ff ff ff 90 0f 0b 48 89 df 4c 89 04 24 e8 71 15 [ 1026.005892][T23388] RSP: 0018:ffffc9000e9c79c8 EFLAGS: 00010286 [ 1026.005910][T23388] RAX: 0000000000000000 RBX: ffff88803512c0c0 RCX: ffffffff817a02c8 [ 1026.005927][T23388] RDX: ffff88802fa9bc00 RSI: ffffffff817a02d5 RDI: 0000000000000001 [ 1026.005943][T23388] RBP: ffff88803512c0c8 R08: 0000000000000001 R09: 0000000000000000 [ 1026.005959][T23388] R10: 0000000000000000 R11: 00000000000d4550 R12: ffff88803512c0d0 [ 1026.005974][T23388] R13: ffff88803512c0c0 R14: 00000000003d0f00 R15: ffff88802ab43c00 [ 1026.005995][T23388] ? __warn_printk+0x198/0x350 [ 1026.006028][T23388] ? __warn_printk+0x1a5/0x350 [ 1026.006063][T23388] ? __pv_queued_spin_unlock_slowpath+0x236/0x330 [ 1026.006099][T23388] __raw_callee_save___pv_queued_spin_unlock_slowpath+0x15/0x30 [ 1026.006141][T23388] ? debug_locks_off+0x19/0x80 [ 1026.006162][T23388] .slowpath+0x9/0x18 [ 1026.006188][T23388] ? debug_locks_off+0x24/0x80 [ 1026.006210][T23388] do_raw_spin_unlock+0x172/0x230 [ 1026.006247][T23388] _raw_spin_unlock+0x1e/0x50 [ 1026.006276][T23388] copy_process+0x6b72/0x7690 [ 1026.006306][T23388] ? do_swap_page+0x572/0x6490 [ 1026.006347][T23388] ? __pfx_copy_process+0x10/0x10 [ 1026.006376][T23388] ? lock_release+0x201/0x2f0 [ 1026.006410][T23388] ? _copy_from_user+0x59/0xd0 [ 1026.006449][T23388] kernel_clone+0xfc/0x930 [ 1026.006478][T23388] ? ___pte_offset_map+0x54/0x4f0 [ 1026.006510][T23388] ? __pfx_kernel_clone+0x10/0x10 [ 1026.006552][T23388] __do_sys_clone3+0x212/0x290 [ 1026.006583][T23388] ? __pfx___do_sys_clone3+0x10/0x10 [ 1026.006614][T23388] ? sigprocmask+0x22e/0x330 [ 1026.006667][T23388] do_syscall_64+0xcd/0x490 [ 1026.006710][T23388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1026.006738][T23388] RIP: 0033:0x7f86cbbc3449 [ 1026.006755][T23388] Code: d7 08 00 48 8d 3d fc d7 08 00 e8 02 29 f6 ff 66 90 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7 [ 1026.006778][T23388] RSP: 002b:00007ffe52a9ff08 EFLAGS: 00000206 ORIG_RAX: 00000000000001b3 [ 1026.006800][T23388] RAX: ffffffffffffffda RBX: 00007f86cbb45850 RCX: 00007f86cbbc3449 [ 1026.006816][T23388] RDX: 00007f86cbb45850 RSI: 0000000000000058 RDI: 00007ffe52a9ff50 [ 1026.006831][T23388] RBP: 00007f86c9dee6c0 R08: 00007f86c9dee6c0 R09: 00007ffe52aa0037 [ 1026.006854][T23388] R10: 0000000000000008 R11: 0000000000000206 R12: ffffffffffffffa8 [ 1026.006869][T23388] R13: 000000000000000b R14: 00007ffe52a9ff50 R15: 00007ffe52aa0038 [ 1026.006891][T23388] [ 1026.007168][T23388] Kernel Offset: disabled