last executing test programs: 10m15.324092087s ago: executing program 1 (id=685): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.2/usb3/uevent\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/195, 0xc3) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'veth0_to_hsr\x00', 0x0}) sendmsg$auto_NL80211_CMD_ABORT_SCAN(r2, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20e4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x78, r3, 0x2, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_OPER_CLASS={0x5, 0xd6, 0x29}, @NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0x1}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x7f}, @NL80211_ATTR_HE_CAPABILITY={0xa, 0x10d, "41da56b49c0c"}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x80000001}, @NL80211_ATTR_PMKR0_NAME={0x2a, 0x102, "88db1697df64db14b2b913834c60e784064dc74a39e979e2acbf42f6bf30b1738ed609925e05"}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x78}, 0x1, 0x0, 0x0, 0x1884}, 0x4000) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) ioctl$auto(r1, 0x400454ca, 0x38) socket(0x29, 0x2, 0x0) io_uring_setup$auto(0xa, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0xa, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x400, 0x0) 10m14.392494153s ago: executing program 1 (id=691): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000640)='/dev/snd/controlC0\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85513, &(0x7f0000000700)={{@raw=0x6, 0x4, 0x2, 0x5, "26cb83211f616e898ccdda7ca056a2a31e5d7e27000000000000b8bc2a8200000000000000000011a100"}, 0x0, @integer=@value_ptr=0x0, "1cd4f43065c34bdcb5fa6160f24c5f3eb5328361438ff4cd82ad2e9771421debdad4d39a52e370b9012aff448a8b4a75e7c5126dc116dd8f5751e93614151d5a4f55a63e9ba1ad1e6542796d2a1cd644b0d756001b66abab0c0fd3b4287befd247e5410bef4c186120b5bed4ab64ffeb4b7c5a69166021a8814332515a657e93"}) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000000)={0x38, r2, 0x1, 0x870bd2b, 0x25dfdbfc, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x24, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_TRANSPORT_NAME={0x19, 0x2, '/dev/cpu_dma_latency\x00'}, @NFSD_A_SOCK_ADDR={0x4}]}]}, 0x38}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000) 10m14.074020549s ago: executing program 1 (id=693): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0xb2) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) socket(0xa, 0x3, 0x3b) bpf$auto(0xfffff011, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x4, 0xfab2, 0x468, 0x9, 0x1000000000002, 0x4, 0x2, 0x4, 0x200, 0x1fd, 0xb6, 0x4, 0x6, 0x3}, 0xa3) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e12b7ac1ff0100"}, 0x58) mlock$auto(0x81, 0xffff) madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000200), r0) sendmsg$auto_KSMBD_EVENT_LOGOUT_REQUEST(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)={0x14, r1, 0x0, 0x70bd31, 0x25dfdbfb, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8800}, 0x20008411) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r3, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r3) read$auto(r3, &(0x7f0000000100)='nl80211\x00', 0xbe62) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vbi16\x00', 0x2ca002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) 10m13.489651225s ago: executing program 1 (id=699): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, &(0x7f0000000000), 0x82c00, 0x0) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x80000000000000a, 0x2, 0x0) r1 = socket(0xa, 0x801, 0x84) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_vlan\x00'}) bind$auto(r1, &(0x7f0000000040)=@rc={0x1f, @any, 0x6}, 0x2006a) select$auto(0x19, &(0x7f00000001c0)={[0x8, 0x3, 0x4e29, 0xffffffffffffffff, 0x6, 0x6, 0x0, 0x81, 0x80, 0x9, 0x6, 0x3, 0x2, 0x80, 0x400, 0x6]}, &(0x7f0000000240)={[0xd8, 0xd, 0x1, 0xd6, 0xf04, 0x8, 0x4, 0x4, 0x4, 0x2, 0x5, 0x4, 0x6, 0x5, 0x8, 0x1]}, &(0x7f00000002c0)={[0x4, 0xffffffffffffff01, 0x3, 0x8, 0x0, 0x400, 0x47, 0x1, 0x9, 0x28, 0x3, 0x6, 0x2, 0x5, 0x9, 0x5]}, &(0x7f0000000340)={0x6, 0x7}) r2 = socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) sendmsg$auto_NETDEV_CMD_DEV_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@NETDEV_A_DEV_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8080}, 0x4004845) r3 = getsockopt$auto(r2, 0x6, 0x23, 0x0, &(0x7f0000000100)=0x14) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000003c0), r2) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="02002dbd7000fbdbdf251f00000010001b8004000200040003000400020008003501d50cf1ad1b8102005c21287b7b2be100"/62], 0x44}}, 0x4841) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) getpeername$auto(0x3, 0x0, 0x0) 10m13.247625814s ago: executing program 1 (id=700): move_pages$auto(0xffffffffffffffff, 0x3, &(0x7f00000000c0)=&(0x7f0000000000)="e186cc626dd516e466e9a199e7d28e3ccf33bc66a003259c3e600795370051b67abd03b0be9fd29ebb404fb5188492dce1461294b38d75ea8ce441e221bd89c288ca0b23331f0a18ba64a338a0500e4073fa18244fb1accf2ec39e87b6348b2e9ca93df24e3c509c1f4b3431efd0bfc965850f85644407a04f08893596a1d712244bf0d8b2c6b444daae43a0c3546d9846fd8cd875f4a127395bd83e7a9efeda367e4cdf6796b6a1fcf8f7df06f16633898d68", &(0x7f0000000100)=0x8000, &(0x7f0000000140)=0x3803, 0x3e) r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fuse\x00', 0x2000, 0x0) fcntl$auto_F_SETFL(r0, 0x4, 0x401) prctl$auto(0x23, 0x4000000000000001, 0x2009, 0x0, 0x0) r1 = gettid() epoll_create$auto(0x8001) ptrace$auto_ARCH_SHSTK_STATUS(0x8, r1, 0x2, 0x5005) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x123042, 0x0) ioctl$auto(r2, 0x921064b1, 0x8) r3 = openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000001480), 0x400, 0x0) pread64$auto(r3, 0x0, 0x101, 0x800005c2b) waitid$auto_P_ALL(0x0, 0xb62, &(0x7f0000000180)={@siginfo_0_0={0xfffffffb, 0x80, 0x80000000, @_timer={r1, 0xb, @sival_int=0xd, 0x80}}}, 0x8, &(0x7f0000000200)={{0x6, 0x8}, {0x2, 0xa164}, 0xc318, 0x1ff, 0x0, 0x6, 0x100, 0x3, 0x4fc8b604, 0x5, 0x77c68ca3, 0x3e9, 0x7fff, 0x5207, 0xf9d, 0x2}) 10m13.053434892s ago: executing program 1 (id=704): mmap$auto(0x0, 0x80000004, 0x4200000000df, 0x40ebd, 0x401, 0x300000000000) socket(0x9, 0x2, 0x2) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) setsockopt$auto(r0, 0x2000001, 0x400020, 0x0, 0x9) 9m57.856170091s ago: executing program 32 (id=704): mmap$auto(0x0, 0x80000004, 0x4200000000df, 0x40ebd, 0x401, 0x300000000000) socket(0x9, 0x2, 0x2) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) setsockopt$auto(r0, 0x2000001, 0x400020, 0x0, 0x9) 10.624480817s ago: executing program 4 (id=3105): sysfs$auto(0x2, 0x10000000000002a, 0x0) recvmmsg$auto(0xffffffffffffffff, 0x0, 0xf1, 0x0, 0x0) sendto$auto(0x3, 0x0, 0x2000f, 0x0, 0x0, 0x1c) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/block/nbd3/queue/iosched/front_merges\x00', 0x2041, 0x0) write$auto(r0, &(0x7f0000000140)='7\x00\xb1\x9a\xc0\xf9\xc0e\xd2T\xbe\xb6I\x9d\xd9\x18\xf5\x91\xbfq\xfe\xf2\x9a\x02\x9fC0xb\xccW(\xc1n+\n|5\xa5\x9c=^\xf1\x11H\x1c\xf73\x16\xd2\a\xfaw\xcc\xf1\xff7\xab\xa1\xeaF\x04\x17\x99\xd3\xd1\x83\xccG^\xbbdC\x8a\n\x88\xbcW@+\xafD\xd1\x8a\xc13W\xf66\x86\xe5\xee\xa7\x1d\x0f\x90\x00\xcf\xdb\xf5\xbf\xd4\xc8\x84\xb3\xeeb\xb0\xc7kN\x80\x93\xfd\x89\xe1\xc9tp\xd4jm\x7f\xf0a\xc3\x02\x14\xcf\xcf\\e!\a\x82\t,\xa7\x00\xbd&\xcax\xf8P\xc1\x8f\x87\x83\x0f\x93z', 0x1) sendmsg$auto_NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x8000800) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram7\x00', 0x60742, 0x0) socket(0x2, 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9g>\x00\x00\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x01C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1d\x05\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\x00Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x99K\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x8) connect$auto(r0, 0x0, 0x4c) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000) madvise$auto(0x3, 0x800000100000001, 0x7) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/scsi/drivers/st/fixed_buffer_size\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x3) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000180)) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) read$auto_nvram_misc_fops_nvram(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffdcb, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x200040c4}, 0x440c5) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x4, 0x100000001, 0xfffffffc, 0x0, 0x0, 0x0, 0x3, 0x10001, 0x7, 0x400, 0x7ffffff8, 0x5, 0x7, 0x5, 0x61, 0xe975}) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x8658) r4 = socket(0x2, 0x801, 0x100) r5 = open(&(0x7f0000000080)='./cgroup.cpu/cgroup.procs\x00', 0xa0400, 0x8) r6 = open_by_handle_at$auto(r5, &(0x7f0000000040)={0x8, 0x2, "0200000000000000"}, 0x2) sendfile$auto(r4, r6, 0x0, 0xffff) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001580)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x204, 0x1a00) 10.119690902s ago: executing program 4 (id=3108): socket(0x25, 0x1, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000300)='/dev/mtd0\x00', 0x28082, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001200)='/proc/sys/vm/nr_hugepages_mempolicy\x00', 0x202, 0x0) r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r0, 0x0, 0x7ff, 0x400) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89\xce\v\xf3U\x0f\xdc{\'\xfa-CC:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xc36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\xc9pX\xdc\xdd\x1e\xe8~E\xab\xdd]2\xc3\x97Mjr\xe24W)\x03\xf0x\xee\x950\xdf', 0x10001) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x7]}, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="01002bbd7000ffdbdf4fc42690e99578ee0f11ec12c3"], 0x1c}, 0x1, 0x0, 0x0, 0x4002000}, 0x40010) r2 = pidfd_open$auto(0x1, 0x0) setns(r2, 0x60020000) r3 = geteuid() shmctl$auto_SHM_UNLOCK(0x4, 0xc, &(0x7f0000000240)={{0x400, r3, 0xee01, 0xf0f, 0x0, 0x80000001, 0x22d}, 0x8, 0x8001, 0xffffffff, 0x0, @raw=0xfffffffb, @inferred=0xffffffffffffffff, 0x8, 0x0, &(0x7f0000000180)="bfa473eb82c5e1245e5bdaa520d6e6cde958b303e75a33ed3085f3cc9c5ae8d355386c2e2952527fc328838a75c9726feb8932c7c454e0e70b4826edd6dda3876699d15611b64287ff307740d1cdcf7a09c339ebb9fa8b2709186092f2524da95c7de226878dc42f84874e8206c651ebf996dcb6eb95", &(0x7f0000000100)="190033c51371242b72cbf8e914480b35d3dcbb1603abacc5f56f4a387afd2ce72c0e54"}) statx$auto(r2, &(0x7f0000000080)='./file0\x00', 0x0, 0xe5fb, &(0x7f0000000440)={0x7fff, 0x8, 0x9, 0x6, r3, r4, 0x800, 0x400, 0xe, 0xffffffffffffff16, 0x81, 0x100000001, {0x9, 0x8}, {0x5, 0x8}, {}, {0x8001, 0x8}, 0x47b, 0x6, 0x3, 0x101, 0x0, 0x9, 0xfffffff4, 0x6, 0xf71, 0x1, 0x4, 0x0, [0x3, 0x1ff, 0x6, 0x5, 0x7, 0x1, 0x1003, 0x1, 0x2]}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x3, 0x0, 0x8009) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), r5) sendmsg$auto_OVS_FLOW_CMD_DEL(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff) r6 = openat$auto_udf_dir_operations_udfdecl(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bluetooth/hci4\x00', 0x2000, 0x0) mmap$auto(0x1, 0x400008, 0xe0, 0x9b72, r6, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x5) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x81, 0x0, 0x0, 0x0, 0x0) 9.139928194s ago: executing program 4 (id=3114): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0) (fail_nth: 22) 8.904617462s ago: executing program 4 (id=3116): socket(0x25, 0x1, 0x0) r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r0, 0x80083314, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) shutdown$auto(0xffffffffffffffff, 0x2) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xffd}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) syz_open_procfs$namespace(r1, &(0x7f00000000c0)='ns/cgroup\x00') socket(0xa, 0x1, 0x100) r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r2, 0x0, 0x7ff, 0x400) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x1]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x700, 0x0) unshare$auto(0x200) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/mnt\x00') setns(r3, 0x0) umount2$auto(&(0x7f0000000080)='.\x00', 0x3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r4) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000140)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010027bd7000fbdbdf250400dff775f20f645df256276d0b6c88dda80000080017000800000004000e00533fc53b02646f204db82639a1257a0b4f0a0b9eda3b9eaf88cb822f8c8b2d3521798bddcd59c32fec11dc0581d7ba074be6f579c858fd75aac2eac366"], 0x20}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0) 7.391525902s ago: executing program 4 (id=3122): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x1f53, 0x2000000000002) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x4242, 0x0) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2, 0x5, 0x0) fanotify_mark$auto(0x1000000000000, 0x65, 0x9, 0x1, 0x0) fanotify_mark$auto(0x0, 0x1, 0x3a, r0, 0x0) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) socket(0xa, 0x3, 0xff) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/mice\x00', 0x22002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 6.328168112s ago: executing program 4 (id=3128): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x40008c0) sendmsg$auto_ETHTOOL_MSG_FEC_SET(0xffffffffffffffff, 0x0, 0x20004000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) rseq$auto(&(0x7f00000001c0)={0xe, 0x20401, 0x5fc, 0x10000006, 0xffffffff, 0x6}, 0x8000, 0x0, 0x6) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0005, 0x17) setgroups$auto(0xe32, 0x0) r0 = openat$auto_dma_buf_debug_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="c80d1b50", 0x4) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) r2 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000080), 0x104403, 0x0) write$auto_evm_xattr_ops_evm_secfs(r2, 0x0, 0x0) r3 = io_uring_setup$auto(0x2, &(0x7f0000000040)={0x3ff, 0x1, 0x2, 0x8, 0x1, 0x6, r0, [0x100, 0x2, 0x2], {0x7, 0x6, 0x9, 0x10001, 0x51bf, 0x3, 0x401, 0xd, 0x6}, {0xa11, 0x96d, 0x200, 0x0, 0xfff, 0x7, 0x3, 0x7fffffff, 0x2}}) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) shmdt$auto(0x0) unshare$auto(0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) r5 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000100), r4) sendmsg$auto_OVS_METER_CMD_DEL(r3, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x1a4, r5, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0x2}, @OVS_METER_ATTR_BANDS={0x188, 0x4, 0x0, 0x1, [@generic="dbf8c272fc17520ec9388b0668c2d373cbc6bbe5a98f633f17677eb86e682264f296f4cc3f93087ae47093d01aa43a6a9af0bcfbc22957db21c40fc055aa96cfdfae2e836a732e10a56c4962473529a83c01afabc7fdb548aa8fc4e4f14816f84979954ba4c9f696279d58fc8f2abceaed6ec81c5bbe2fc092c3135cc376dc7ea79e196bf2dcb4bbd4386774e0d6109190bbbc6fc4962958a52ad2", @typed={0x32, 0xbc, 0x0, 0x0, @str='/sys/kernel/security/integrity/evm/evm_xattrs\x00'}, @generic="44bc875be9e3f273", @nested={0x14, 0x57, 0x0, 0x1, [@typed={0x8, 0xda, 0x0, 0x0, @pid}, @nested={0x4, 0x49}, @nested={0x4, 0x138}]}, @generic="d87b8fc52360bb48ee", @nested={0x25, 0xb7, 0x0, 0x1, [@nested={0x4, 0x108}, @generic="66a10aae18c196c0fe7f374cab2789a0969e6bb5df", @typed={0x8, 0x13c, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}]}, @nested={0x5d, 0x69, 0x0, 0x1, [@generic="c2c0efc77893fa9a304eeab76e932ff2f51a42ffdb45646efb87949b2200dc66b75909633bfae19301a00d55637692d0b5c0b91e011a62b5bcc673099be1979f", @generic="deea9a57dd4fea84338c11dfe5e7f819adc303a75dcaa330a3"]}, @typed={0x8, 0x87, 0x0, 0x0, @u32=0x2}]}]}, 0x1a4}}, 0x8015) r6 = socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) io_uring_setup$auto(0xfffff0e6, &(0x7f0000000400)={0x9, 0x9, 0x8, 0x1a, 0xdf, 0x5, r6, [0x80000001, 0x4, 0x10001], {0x5, 0x5, 0x2, 0x6, 0x80000000, 0xafbe, 0xe72500, 0x5, 0x1}, {0x2, 0xb, 0x3, 0x4, 0x7, 0x1, 0xb7ec, 0xffff, 0x7fffffffffffffff}}) 4.607727773s ago: executing program 3 (id=3139): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.2/usb3/uevent\x00', 0x40000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/eql/ifalias\x00', 0xb02, 0x0) mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000) execve$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103641, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv6/conf/bridge_slave_0/mldv2_unsolicited_report_interval\x00', 0x10001, 0x0) ftruncate$auto(0x3, 0x400180200000) mmap$auto(0xa, 0x40009, 0xfffffffffffff226, 0x50, 0xffffffffffffffff, 0x28000) write$auto(0xffffffffffffffff, &(0x7f0000000300)='.o\xd3\xa49\xaf\xa9\xe4\xe17\x12\xb3Z\x17I\x82\xdc\xbeiw\xc1\xd1\x8d\x9b\r\x9aR\xe7\x9f\xd8\xab\x16`f\nT\xaa\xfap \xe6\xdaV\xdeD\x8dR5\xd2\xe58\n\xff\x19+\xeb\xb3+\xf6\xc6\a\x00\x00\x00\xf1A\xa5\x95\x1fk\x1f\xff\x99gP\x9e\x88\x97]\x93\xf4\xdd<\xe7p\x0e\xd4C\xdc\x84\v\xafz\xfd\x81\xa3\xb2\xbb\xa4\xd9\xf2P\xa8\xe9\x8f\x13\xa7\x98\x85\xf8\v\aB\xfc\xfa\x14E\xb8y\x884<\xa7\xffyb\x8a\b\xbb\x1b\x13W\xe3\xf7\xd8\x83\xc9\xd7\x8c', 0x6) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2deb43, 0x0) faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7) read$auto(r0, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) mmap$auto(0x2, 0x401, 0x1000, 0x8000000000000011, 0xffffffffffffffff, 0x5) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0xc40, 0x0) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000100), 0xffffffffffffffff) openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, 0x0, 0x4844) prctl$auto_PR_SCHED_CORE_GET(0x9, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ioctl$auto_LOOP_CTL_ADD(r2, 0x4c80, 0xfffffffffffffffd) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x0, 0x0) 3.798226292s ago: executing program 0 (id=3140): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0xb2) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) socket(0xa, 0x3, 0x3b) bpf$auto(0xfffff011, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x4, 0xfab2, 0x468, 0x9, 0x1000000000002, 0x4, 0x2, 0x4, 0x200, 0x1fd, 0xb6, 0x4, 0x6, 0x3}, 0xa3) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e12b7ac1ff0100"}, 0x58) mlock$auto(0x81, 0xffff) madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000200), r0) sendmsg$auto_KSMBD_EVENT_LOGOUT_REQUEST(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)={0x14, r1, 0x0, 0x70bd31, 0x25dfdbfb, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8800}, 0x20008411) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(0xffffffffffffffff, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), 0xffffffffffffffff) read$auto(0xffffffffffffffff, &(0x7f0000000100)='nl80211\x00', 0xbe62) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x40000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vbi16\x00', 0x2ca002, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) 3.794247889s ago: executing program 2 (id=3141): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x7]}, 0x1fe, 0x200c) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv6/conf/vlan0/accept_ra_min_hop_limit\x00', 0x2242, 0x0) sendfile$auto(r0, r0, 0x0, 0x200) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x280, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) pidfd_open$auto(0x1, 0x80) kcmp$auto(0x1, 0x100000001, 0x1, 0x4, 0x24000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_pipe\x00', 0x20c01, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0xffffffffffffffff, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0x8]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x8, 0xc, 0x400000000003, 0x3, 0x0, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) 3.792189102s ago: executing program 3 (id=3142): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0xe00000000000000, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0) 3.742616858s ago: executing program 3 (id=3143): openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r2 = open(0x0, 0x149443, 0x0) syz_clone3(&(0x7f0000000640)={0x108000, 0x0, 0x0, 0x0, {0x15}, 0x0, 0x0, 0x0, 0x0}, 0x58) r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) setregid$auto(0xffffffffffffffff, 0xfffe) sendmsg$auto_NL80211_CMD_LEAVE_OCB(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0x3c, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_DISABLE_EHT={0x4}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x7}, @NL80211_ATTR_MPATH_NEXT_HOP={0x4}, @NL80211_ATTR_BSS_DUMP_INCLUDE_USE_DATA={0x4}, @NL80211_ATTR_TID_CONFIG={0x14, 0x11d, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x2}]}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4080}, 0x20000000) epoll_wait$auto(r1, &(0x7f00000001c0)={0xc, 0x9}, 0x8001, 0x2) ioctl$auto_UI_DEV_SETUP(r3, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) ioctl$auto_UI_DEV_CREATE(r3, 0x5501, 0x0) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev7\x00', 0x141083, 0x0) poll$auto(&(0x7f0000000080)={0x3, 0x1, 0x83e7}, 0x5, 0xb) ioctl$auto_UI_DEV_CREATE(0xffffffffffffffff, 0x5501, 0x0) close_range$auto(0x2, 0x8, 0x0) bpf$auto_BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)=@prog_bind_map={r1, r4, 0x9}, 0x8080) syz_open_procfs$namespace(0x0, 0x0) 2.778742628s ago: executing program 0 (id=3144): mmap$auto(0x0, 0x4, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x11, 0x3, 0x10) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0) select$auto(0x5, 0x0, &(0x7f00000002c0)={[0x80000002, 0x2, 0x7, 0x7fffffffffffffff, 0xfd0, 0x1, 0xfffffffffffff84a, 0x9, 0xa34, 0x4, 0xfffffffffffffff8, 0x5, 0x7, 0xa, 0x1, 0x3]}, 0x0, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) recvmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x7, &(0x7f0000000040)={0x0, 0x1}, 0x6, 0x0, 0x4, 0x6}, 0x1) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x2, 0x88) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x8, 0xff, r1, @relative_fd, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@info={r2, 0xd24a, 0x2}, 0x4) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xb) io_uring_setup$auto(0x400, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r5, 0x0) 2.776534383s ago: executing program 2 (id=3145): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0) (fail_nth: 25) 2.553580737s ago: executing program 0 (id=3146): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x1f53, 0x2000000000002) r0 = open(&(0x7f00000001c0)='./file0\x00', 0x4242, 0x0) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2, 0x5, 0x0) fanotify_mark$auto(0x1000000000000, 0x65, 0x9, 0x1, 0x0) fanotify_mark$auto(0x0, 0x1, 0x3a, r0, 0x0) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/mice\x00', 0x22002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 2.472311232s ago: executing program 2 (id=3147): r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x10000, 0x981, 0x4e0, 0x17, r0, 0x5bcc) r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim2/new_port\x00', 0x183841, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/dev/cdrom/autoclose\x00', 0x2002, 0x0) sendfile$auto(r2, r1, 0x0, 0xffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x9, 0x1f, 0x940, 0x1ffde, 0x3, 0x6, 0x8000003, 0x7, 0x5, 0x0, 0x4, 0xb0, 0x400000000007, 0x4b6, 0x3, 0x205, 0x7, 0x9, 0x3ffff, 0x0, 0x3, 0x7067, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0, 0x8, 0x5, 0x8000004, 0x3, 0x100000000000000, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1001, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000, 0x0, 0x100000000, 0x0, 0x8000000000000001, 0x0, 0x1, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x2000000000000000]}, 0x203, 0x7d) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/oom_adj\x00', 0x142, 0x0) read$auto(r4, 0x0, 0x4) r5 = openat$auto_dfs_dom_ops_debugfs(0xffffffffffffff9c, &(0x7f00000032c0), 0x109200, 0x0) read$auto_dfs_dom_ops_debugfs(r5, 0x0, 0x0) write$auto(0x3, 0x0, 0x5c8) unshare$auto(0x40000080) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) socket$nl_generic(0x11, 0x3, 0x10) r7 = signalfd4$auto(0xffffffffffffffff, &(0x7f0000000040)={0x5}, 0x5, 0x3) write$auto_rfkill_fops_core(r7, &(0x7f0000000080)='_', 0x1) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) read$auto(r6, 0x0, 0x20) r8 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r8, &(0x7f0000000200)={0x0, 0x7}, 0x3) unshare$auto(0x40000080) mmap$auto(0xff, 0x331, 0x9, 0x72, r4, 0x100000000) 2.339199662s ago: executing program 3 (id=3148): ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) write$auto(0xffffffffffffffff, 0x0, 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) ioctl$auto(0xffffffffffffffff, 0x64c8, 0x1e2) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) ioctl$auto_SNDCTL_SEQ_CTRLRATE(r1, 0xc0045103, &(0x7f0000001940)) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) unshare$auto(0x40000080) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0) ioctl$auto_SOUND_PCM_READ_RATE(r2, 0x80045002, &(0x7f00000001c0)="986b84574b352a7ca4c1ed6b24c668400a4718272e3faf9aa57834c28f4d09a702ae3d7c80a278d5719f960fd026e82f1e77513b4fad8c51f5c4967d9f00bdbd9c1b186067efee03ca109f5837385640d5e92d384b2663bbff677296bcbdeaf8b946bb61253199921a79f644f34de9cee603b5c5fe0616f12aeaf03571396d937b27e18d4e9e89ad2065d13de70038e19a11d480ebbe2a08e2c3bfd38e60adcb84ecb17b36e6f768550c0acb0720535614f62c7d59f244137f323fd23aa3db54d38273b77196e312f4ba1192b5c9f1") openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000100), 0x193802, 0x0) mmap$auto(0x0, 0xe9, 0xdf, 0x9b72, 0x2, 0x8000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xf90000, 0x0, 0xfffffffffffffffd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x8) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x0, 0x0) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000180)={0x9, &(0x7f0000000000)={0x50, 0xf4, 0xb0}}) writev$auto(0x3, &(0x7f0000000140)={0x0, 0x84}, 0x8) socket(0x29, 0x2, 0x0) 1.445164226s ago: executing program 0 (id=3149): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0xb2) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) socket(0xa, 0x3, 0x3b) bpf$auto(0xfffff011, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x4, 0xfab2, 0x468, 0x9, 0x1000000000002, 0x4, 0x2, 0x4, 0x200, 0x1fd, 0xb6, 0x4, 0x6, 0x3}, 0xa3) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e12b7ac1ff0100"}, 0x58) mlock$auto(0x81, 0xffff) madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000200), r0) sendmsg$auto_KSMBD_EVENT_LOGOUT_REQUEST(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)={0x14, r1, 0x0, 0x70bd31, 0x25dfdbfb, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8800}, 0x20008411) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(0xffffffffffffffff, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), 0xffffffffffffffff) read$auto(0xffffffffffffffff, &(0x7f0000000100)='nl80211\x00', 0xbe62) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vbi16\x00', 0x2ca002, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) 1.440044085s ago: executing program 2 (id=3150): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.2/usb3/uevent\x00', 0x40000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/eql/ifalias\x00', 0xb02, 0x0) mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000) execve$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103641, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv6/conf/bridge_slave_0/mldv2_unsolicited_report_interval\x00', 0x10001, 0x0) ftruncate$auto(0x3, 0x400180200000) mmap$auto(0xa, 0x40009, 0xfffffffffffff226, 0x50, 0xffffffffffffffff, 0x28000) write$auto(0xffffffffffffffff, &(0x7f0000000300)='.o\xd3\xa49\xaf\xa9\xe4\xe17\x12\xb3Z\x17I\x82\xdc\xbeiw\xc1\xd1\x8d\x9b\r\x9aR\xe7\x9f\xd8\xab\x16`f\nT\xaa\xfap \xe6\xdaV\xdeD\x8dR5\xd2\xe58\n\xff\x19+\xeb\xb3+\xf6\xc6\a\x00\x00\x00\xf1A\xa5\x95\x1fk\x1f\xff\x99gP\x9e\x88\x97]\x93\xf4\xdd<\xe7p\x0e\xd4C\xdc\x84\v\xafz\xfd\x81\xa3\xb2\xbb\xa4\xd9\xf2P\xa8\xe9\x8f\x13\xa7\x98\x85\xf8\v\aB\xfc\xfa\x14E\xb8y\x884<\xa7\xffyb\x8a\b\xbb\x1b\x13W\xe3\xf7\xd8\x83\xc9\xd7\x8c', 0x6) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2deb43, 0x0) faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7) read$auto(r0, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) mmap$auto(0x2, 0x401, 0x1000, 0x8000000000000011, 0xffffffffffffffff, 0x5) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0xc40, 0x0) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000100), 0xffffffffffffffff) openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, 0x0, 0x4844) prctl$auto_PR_SCHED_CORE_GET(0x9, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ioctl$auto_LOOP_CTL_ADD(r2, 0x4c80, 0xfffffffffffffffd) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x0, 0x0) 1.33564627s ago: executing program 2 (id=3151): getcwd$auto(0x0, 0xffffffffffffffff) getcwd$auto(&(0x7f00000000c0)='/proc/self/oom_adj\x00', 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x4, 0xffffffffffff0005, 0xca) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/devices.deny\x00', 0x8ea182, 0x0) r1 = socket(0x2, 0x1, 0x84) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x80802, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x6) ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000100)="e762545ef7f25c2d9b2722b566ddf854a227712fa7a6c9ed894dddfabbf839bb23b2fe756fab50a9de280285b15a3a39d9fa23aae230fdd1623ea15f3af5e57839ee863704f14fd96e06") select$auto(0x6, 0x0, &(0x7f0000001200)={[0x9, 0x90f, 0x0, 0x10001, 0x0, 0x9, 0x9, 0x7000000000, 0x0, 0x10001, 0x7, 0x7, 0x9, 0x2, 0x5, 0x401]}, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(r1, 0x84, 0x82, 0x0, &(0x7f0000000000)=0x7ffe) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x10000000000002d, 0x0) sysfs$auto(0x17, 0x80000000, 0x9) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x220000, 0x0) 1.17270151s ago: executing program 3 (id=3152): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0xb2) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) socket(0xa, 0x3, 0x3b) bpf$auto(0xfffff011, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x4, 0xfab2, 0x468, 0x9, 0x1000000000002, 0x4, 0x2, 0x4, 0x200, 0x1fd, 0xb6, 0x4, 0x6, 0x3}, 0xa3) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e12b7ac1ff0100"}, 0x58) mlock$auto(0x81, 0xffff) madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000200), r0) sendmsg$auto_KSMBD_EVENT_LOGOUT_REQUEST(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000280)={&(0x7f0000000340)={0x14, r1, 0x0, 0x70bd31, 0x25dfdbfb, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8800}, 0x20008411) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r3, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000300), r3) read$auto(r3, &(0x7f0000000100)='nl80211\x00', 0xbe62) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vbi16\x00', 0x2ca002, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x600, 0x200007, 0x19) 842.032769ms ago: executing program 2 (id=3153): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x7]}, 0x1fe, 0x200c) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sys/net/ipv6/conf/vlan0/accept_ra_min_hop_limit\x00', 0x2242, 0x0) sendfile$auto(r0, r0, 0x0, 0x200) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x280, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) pidfd_open$auto(0x1, 0x80) kcmp$auto(0x1, 0x100000001, 0x1, 0x4, 0x24000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_pipe\x00', 0x20c01, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0xffffffffffffffff, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0x8]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x8, 0xc, 0x400000000003, 0x3, 0x0, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) 422.841648ms ago: executing program 0 (id=3154): mmap$auto(0x0, 0x4, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x11, 0x3, 0x10) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0) select$auto(0x5, 0x0, &(0x7f00000002c0)={[0x80000002, 0x2, 0x7, 0x7fffffffffffffff, 0xfd0, 0x1, 0xfffffffffffff84a, 0x9, 0xa34, 0x4, 0xfffffffffffffff8, 0x5, 0x7, 0xa, 0x1, 0x3]}, 0x0, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) recvmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x7, &(0x7f0000000040)={0x0, 0x1}, 0x6, 0x0, 0x4, 0x6}, 0x1) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) close_range$auto(0x0, 0xfffff004, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x2, 0x88) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x8, 0xff, r1, @relative_fd, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@info={r2, 0xd24a, 0x2}, 0x4) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xb) io_uring_setup$auto(0x400, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r5, 0x0) 55.945085ms ago: executing program 3 (id=3155): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_FBACK_STATS(r0, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="d8000000", @ANYRES16=0x0, @ANYBLOB="000426bd7000fcdbdf25970799c6a86d7716e388120c76f1e108000000c63d9865e4ee33c582314f86116d290e288cc43d9b762fb078e9b0945c103b165daee62c6c221b3f0e3e491873ff7f8462a3fa38d94b2994b9fc2b35ea765de19b038450d2d5d24b08992459c6fe514ce57880ebdda28e1237327fa9340e7374257cae9d5aaf9795d99afc775417d1e16f0feba0f4625ba67e672696188b6fed0e951db60e9914621238d47f1c67c3118dc8308a7a09ab9ba21a6ce8e84205b745b01e2827b7ef9697a4eacf5cf5e54b3be9f341a75ac2280025728a5fe2cdc4c46a833cd5ddffdf3e43deae0000f0601ab2db47b873bb8281d0d18d46af9d4f4c"], 0xd8}, 0x1, 0x0, 0x0, 0x200040c0}, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) socket(0x10, 0x4, 0xffffffc0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x406, 0x0, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x4000000000005, 0x6, 0x62, 0x8, 0x7, 0x1, 0xb, 0x100, 0x18]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) r3 = socket(0x10, 0x2, 0xc) r4 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2400001c", @ANYRES16=r4, @ANYBLOB="10002cbd7000fadbdf250a00000a00000200252f00e2a85c41e75a02715b2d0000005cdcdf28fffe65c31770799fdab838aaf6712a82e628c9e6429a4a38320b2d692863927bd744b4f7b409b29862d3257675d4fd09d74a831929b1005bdd28ef3fc5ae2884ef6a78fedbebbc656141771e57124268c37932c90ec99923926a97bb444f6903a41102463c79baf78c35827f46efb37be97277d81130bd43e31c60347610f3e65f3d60d3d1e231c0cc23ad56ff23565d95cfafc7a92a64da18c0c01c0600010006000000"], 0x51}, 0x1, 0x0, 0x0, 0x24050803}, 0x10004010) write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x4, 0x15) r5 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r5) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xffffffffffffffff, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3) mmap$auto(0x5, 0x4020008, 0x1001, 0xeb1, 0xffffffffffffffff, 0x8003) unshare$auto(0x40000080) shmctl$auto(0x0, 0x1, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0xb) r6 = socket(0x2a, 0x2, 0x6) connect$auto(r6, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) r7 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) read$auto(r7, 0x0, 0xffffff7f) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) 0s ago: executing program 0 (id=3156): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000040)=ANY=[@ANYBLOB="18000000", @ANYRES32=r1, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0x8c004) setresuid$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socket(0x18, 0x5, 0x4) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x8b00, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0xe0db2389416cc6ce}, 0xc040810) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xffffffffffff0000, 0x7b00000000000000, 0xeb1, 0x40000000000a5, 0x3e2) close_range$auto(0x0, 0x5, 0x0) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000080), 0x2003, 0x0) epoll_create$auto(0x3e) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0xa4e00, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0) read$auto(0x3, 0x0, 0x7fffffff) ioctl$auto(0x3, 0x402c542b, 0x38) ioctl$auto_TIOCSTI2(r4, 0x5412, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x52b801, 0x0) recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0) r5 = eventfd$auto(0x3) ioctl$auto_TUNSETSNDBUF(r5, 0x400454d4, &(0x7f0000000000)) kernel console output (not intermixed with test programs): 0xcd/0x4b0 [ 650.613050][T16360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 650.613075][T16360] RIP: 0033:0x7f733818eec9 [ 650.613095][T16360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 650.613119][T16360] RSP: 002b:00007f7339054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 650.613143][T16360] RAX: ffffffffffffffda RBX: 00007f73383e5fa0 RCX: 00007f733818eec9 [ 650.613160][T16360] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 650.613177][T16360] RBP: 00007f7339054090 R08: 0000000000000000 R09: 0000000000000000 [ 650.613192][T16360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 650.613207][T16360] R13: 00007f73383e6038 R14: 00007f73383e5fa0 R15: 00007fff2c7f4708 [ 650.613242][T16360] [ 650.883289][T16360] ERROR: Out of memory at tomoyo_realpath_from_path. [ 652.197512][T16391] FAULT_INJECTION: forcing a failure. [ 652.197512][T16391] name failslab, interval 1, probability 0, space 0, times 0 [ 652.216103][T16391] CPU: 1 UID: 0 PID: 16391 Comm: syz.0.2538 Not tainted syzkaller #0 PREEMPT(full) [ 652.216141][T16391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 652.216158][T16391] Call Trace: [ 652.216167][T16391] [ 652.216179][T16391] dump_stack_lvl+0x16c/0x1f0 [ 652.216218][T16391] should_fail_ex+0x512/0x640 [ 652.216251][T16391] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 652.216287][T16391] should_failslab+0xc2/0x120 [ 652.216322][T16391] __kmalloc_node_noprof+0xe0/0x8a0 [ 652.216350][T16391] ? lockdep_init_map_type+0x5c/0x280 [ 652.216396][T16391] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 652.216436][T16391] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 652.216462][T16391] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 652.216494][T16391] ? __pfx_idr_alloc+0x10/0x10 [ 652.216532][T16391] loop_add+0x3b2/0xb70 [ 652.216568][T16391] ? __pfx_loop_add+0x10/0x10 [ 652.216733][T16391] ? find_held_lock+0x2b/0x80 [ 652.216771][T16391] loop_control_ioctl+0x13e/0x630 [ 652.216808][T16391] ? __pfx_loop_control_ioctl+0x10/0x10 [ 652.216845][T16391] ? __pfx_loop_control_ioctl+0x10/0x10 [ 652.216880][T16391] __x64_sys_ioctl+0x18b/0x210 [ 652.216922][T16391] do_syscall_64+0xcd/0x4b0 [ 652.216956][T16391] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.216983][T16391] RIP: 0033:0x7f733818eec9 [ 652.217003][T16391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 652.217029][T16391] RSP: 002b:00007f7339054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 652.217048][T16391] RAX: ffffffffffffffda RBX: 00007f73383e5fa0 RCX: 00007f733818eec9 [ 652.217058][T16391] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000006 [ 652.217068][T16391] RBP: 00007f7338211f91 R08: 0000000000000000 R09: 0000000000000000 [ 652.217077][T16391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 652.217086][T16391] R13: 00007f73383e6038 R14: 00007f73383e5fa0 R15: 00007fff2c7f4708 [ 652.217105][T16391] [ 654.198922][T16421] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(10) [ 654.849159][T16436] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2549'. [ 654.851512][T16434] FAULT_INJECTION: forcing a failure. [ 654.851512][T16434] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 654.893170][T16434] CPU: 0 UID: 0 PID: 16434 Comm: syz.0.2547 Not tainted syzkaller #0 PREEMPT(full) [ 654.893205][T16434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 654.893220][T16434] Call Trace: [ 654.893229][T16434] [ 654.893238][T16434] dump_stack_lvl+0x16c/0x1f0 [ 654.893272][T16434] should_fail_ex+0x512/0x640 [ 654.893311][T16434] _copy_to_user+0x32/0xd0 [ 654.893348][T16434] simple_read_from_buffer+0xcb/0x170 [ 654.893390][T16434] proc_fail_nth_read+0x197/0x240 [ 654.893420][T16434] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 654.893451][T16434] ? rw_verify_area+0xcf/0x6c0 [ 654.893475][T16434] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 654.893503][T16434] vfs_read+0x1e1/0xcf0 [ 654.893533][T16434] ? __pfx___mutex_lock+0x10/0x10 [ 654.893563][T16434] ? __pfx_vfs_read+0x10/0x10 [ 654.893601][T16434] ? __fget_files+0x20e/0x3c0 [ 654.893637][T16434] ksys_read+0x12a/0x250 [ 654.893663][T16434] ? __pfx_ksys_read+0x10/0x10 [ 654.893712][T16434] do_syscall_64+0xcd/0x4b0 [ 654.893743][T16434] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.893769][T16434] RIP: 0033:0x7f733818d8dc [ 654.893816][T16434] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 654.893838][T16434] RSP: 002b:00007f7339054030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 654.895107][T16434] RAX: ffffffffffffffda RBX: 00007f73383e5fa0 RCX: 00007f733818d8dc [ 654.895124][T16434] RDX: 000000000000000f RSI: 00007f73390540a0 RDI: 0000000000000004 [ 654.895140][T16434] RBP: 00007f7339054090 R08: 0000000000000000 R09: 0000000000000000 [ 654.895183][T16434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 654.895197][T16434] R13: 00007f73383e6038 R14: 00007f73383e5fa0 R15: 00007fff2c7f4708 [ 654.895234][T16434] [ 656.218705][T16446] FAULT_INJECTION: forcing a failure. [ 656.218705][T16446] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 656.240855][T16446] CPU: 0 UID: 0 PID: 16446 Comm: syz.4.2552 Not tainted syzkaller #0 PREEMPT(full) [ 656.240886][T16446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 656.240900][T16446] Call Trace: [ 656.240908][T16446] [ 656.240917][T16446] dump_stack_lvl+0x16c/0x1f0 [ 656.240954][T16446] should_fail_ex+0x512/0x640 [ 656.240995][T16446] _copy_from_user+0x2e/0xd0 [ 656.241025][T16446] sctp_setsockopt+0x2045/0xb870 [ 656.241063][T16446] ? ksys_write+0x190/0x250 [ 656.241095][T16446] ? __pfx_sctp_setsockopt+0x10/0x10 [ 656.241132][T16446] ? find_held_lock+0x2b/0x80 [ 656.241166][T16446] ? aa_sock_opt_perm+0xfd/0x1c0 [ 656.241197][T16446] ? sock_common_setsockopt+0x2e/0xf0 [ 656.241223][T16446] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 656.241253][T16446] do_sock_setsockopt+0xf3/0x1d0 [ 656.241284][T16446] __sys_setsockopt+0x120/0x1a0 [ 656.241324][T16446] __x64_sys_setsockopt+0xbd/0x160 [ 656.241355][T16446] ? do_syscall_64+0x91/0x4b0 [ 656.241384][T16446] ? lockdep_hardirqs_on+0x7c/0x110 [ 656.241412][T16446] do_syscall_64+0xcd/0x4b0 [ 656.241444][T16446] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.241469][T16446] RIP: 0033:0x7f530c18eec9 [ 656.241489][T16446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 656.241513][T16446] RSP: 002b:00007f530d018038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 656.241537][T16446] RAX: ffffffffffffffda RBX: 00007f530c3e5fa0 RCX: 00007f530c18eec9 [ 656.241554][T16446] RDX: 0000000000000006 RSI: 0000010000000084 RDI: 0000000000000003 [ 656.241570][T16446] RBP: 00007f530d018090 R08: 0000000000000084 R09: 0000000000000000 [ 656.241586][T16446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 656.241602][T16446] R13: 00007f530c3e6038 R14: 00007f530c3e5fa0 R15: 00007ffeb2476b68 [ 656.241637][T16446] [ 656.696615][T16451] FAULT_INJECTION: forcing a failure. [ 656.696615][T16451] name failslab, interval 1, probability 0, space 0, times 0 [ 656.724818][T16451] CPU: 1 UID: 0 PID: 16451 Comm: syz.0.2554 Not tainted syzkaller #0 PREEMPT(full) [ 656.724861][T16451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 656.724880][T16451] Call Trace: [ 656.724891][T16451] [ 656.724904][T16451] dump_stack_lvl+0x16c/0x1f0 [ 656.724955][T16451] should_fail_ex+0x512/0x640 [ 656.724991][T16451] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 656.725028][T16451] should_failslab+0xc2/0x120 [ 656.725068][T16451] __kmalloc_node_noprof+0xe0/0x8a0 [ 656.725100][T16451] ? lockdep_init_map_type+0x5c/0x280 [ 656.725140][T16451] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 656.725177][T16451] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 656.725205][T16451] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 656.725236][T16451] ? __pfx_idr_alloc+0x10/0x10 [ 656.725275][T16451] loop_add+0x3b2/0xb70 [ 656.725312][T16451] ? __pfx_loop_add+0x10/0x10 [ 656.725372][T16451] ? find_held_lock+0x2b/0x80 [ 656.725407][T16451] loop_control_ioctl+0x13e/0x630 [ 656.725443][T16451] ? __pfx_loop_control_ioctl+0x10/0x10 [ 656.725483][T16451] ? __pfx_loop_control_ioctl+0x10/0x10 [ 656.725520][T16451] __x64_sys_ioctl+0x18b/0x210 [ 656.725563][T16451] do_syscall_64+0xcd/0x4b0 [ 656.725597][T16451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.725623][T16451] RIP: 0033:0x7f733818eec9 [ 656.725645][T16451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 656.725673][T16451] RSP: 002b:00007f7339054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 656.725700][T16451] RAX: ffffffffffffffda RBX: 00007f73383e5fa0 RCX: 00007f733818eec9 [ 656.725720][T16451] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 656.725738][T16451] RBP: 00007f7338211f91 R08: 0000000000000000 R09: 0000000000000000 [ 656.725756][T16451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 656.725778][T16451] R13: 00007f73383e6038 R14: 00007f73383e5fa0 R15: 00007fff2c7f4708 [ 656.725817][T16451] [ 656.748454][T16455] FAULT_INJECTION: forcing a failure. [ 656.748454][T16455] name failslab, interval 1, probability 0, space 0, times 0 [ 656.983726][T16455] CPU: 0 UID: 0 PID: 16455 Comm: syz.2.2557 Not tainted syzkaller #0 PREEMPT(full) [ 656.983761][T16455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 656.983777][T16455] Call Trace: [ 656.983786][T16455] [ 656.983797][T16455] dump_stack_lvl+0x16c/0x1f0 [ 656.983832][T16455] should_fail_ex+0x512/0x640 [ 656.983865][T16455] ? fs_reclaim_acquire+0xae/0x150 [ 656.983901][T16455] should_failslab+0xc2/0x120 [ 656.983934][T16455] __kmalloc_noprof+0xdd/0x880 [ 656.983958][T16455] ? kfree+0x252/0x6d0 [ 656.983978][T16455] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 656.984013][T16455] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 656.984041][T16455] tomoyo_realpath_from_path+0xc2/0x6e0 [ 656.984079][T16455] tomoyo_check_open_permission+0x2ab/0x3c0 [ 656.984118][T16455] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 656.984190][T16455] ? lock_acquire+0x179/0x350 [ 656.984224][T16455] ? find_held_lock+0x2b/0x80 [ 656.984252][T16455] ? mnt_get_write_access+0x52/0x2f0 [ 656.984289][T16455] tomoyo_file_open+0x6b/0x90 [ 656.984321][T16455] security_file_open+0x84/0x1e0 [ 656.984348][T16455] do_dentry_open+0x596/0x1530 [ 656.984389][T16455] vfs_open+0x82/0x3f0 [ 656.984429][T16455] path_openat+0x1de4/0x2cb0 [ 656.984474][T16455] ? __pfx_path_openat+0x10/0x10 [ 656.984514][T16455] do_filp_open+0x20b/0x470 [ 656.984540][T16455] ? __pfx_do_filp_open+0x10/0x10 [ 656.984576][T16455] ? __pfx_kfree_link+0x10/0x10 [ 656.984617][T16455] ? alloc_fd+0x471/0x7d0 [ 656.984659][T16455] do_sys_openat2+0x11b/0x1d0 [ 656.984689][T16455] ? __pfx_do_sys_openat2+0x10/0x10 [ 656.984734][T16455] __x64_sys_openat+0x174/0x210 [ 656.984769][T16455] ? __pfx___x64_sys_openat+0x10/0x10 [ 656.984815][T16455] do_syscall_64+0xcd/0x4b0 [ 656.984844][T16455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 656.984865][T16455] RIP: 0033:0x7ff24ab8d710 [ 656.984885][T16455] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 656.984905][T16455] RSP: 002b:00007ff24ba4ffe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 656.984927][T16455] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007ff24ab8d710 [ 656.984943][T16455] RDX: 0000000000000002 RSI: 00007ff24ac1224b RDI: 00000000ffffff9c [ 656.984957][T16455] RBP: 00007ff24ac1224b R08: 0000000000000000 R09: 00007ff24ba51000 [ 656.984971][T16455] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 656.984985][T16455] R13: 00007ff24ade6038 R14: 00007ff24ade5fa0 R15: 00007ffd96137ac8 [ 656.985015][T16455] [ 656.985025][T16455] ERROR: Out of memory at tomoyo_realpath_from_path. [ 657.343216][T16455] FAULT_INJECTION: forcing a failure. [ 657.343216][T16455] name failslab, interval 1, probability 0, space 0, times 0 [ 657.378830][T16455] CPU: 1 UID: 0 PID: 16455 Comm: syz.2.2557 Not tainted syzkaller #0 PREEMPT(full) [ 657.378867][T16455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 657.378881][T16455] Call Trace: [ 657.378890][T16455] [ 657.378900][T16455] dump_stack_lvl+0x16c/0x1f0 [ 657.378935][T16455] should_fail_ex+0x512/0x640 [ 657.378968][T16455] ? __kmalloc_cache_noprof+0x5f/0x780 [ 657.378992][T16455] should_failslab+0xc2/0x120 [ 657.379024][T16455] __kmalloc_cache_noprof+0x72/0x780 [ 657.379046][T16455] ? loop_add+0xb6/0xb70 [ 657.379081][T16455] ? loop_add+0xb6/0xb70 [ 657.379109][T16455] loop_add+0xb6/0xb70 [ 657.379142][T16455] ? __pfx_loop_add+0x10/0x10 [ 657.379205][T16455] ? find_held_lock+0x2b/0x80 [ 657.379240][T16455] loop_control_ioctl+0x13e/0x630 [ 657.379271][T16455] ? __pfx_loop_control_ioctl+0x10/0x10 [ 657.379306][T16455] ? __pfx_loop_control_ioctl+0x10/0x10 [ 657.379339][T16455] __x64_sys_ioctl+0x18b/0x210 [ 657.379380][T16455] do_syscall_64+0xcd/0x4b0 [ 657.379412][T16455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 657.379437][T16455] RIP: 0033:0x7ff24ab8eec9 [ 657.379458][T16455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 657.379482][T16455] RSP: 002b:00007ff24ba50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 657.379506][T16455] RAX: ffffffffffffffda RBX: 00007ff24ade5fa0 RCX: 00007ff24ab8eec9 [ 657.379522][T16455] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 657.379536][T16455] RBP: 00007ff24ba50090 R08: 0000000000000000 R09: 0000000000000000 [ 657.379551][T16455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 657.379570][T16455] R13: 00007ff24ade6038 R14: 00007ff24ade5fa0 R15: 00007ffd96137ac8 [ 657.379687][T16455] [ 657.644752][T16462] bridge0: port 3(team0) entered blocking state [ 657.652953][T16462] bridge0: port 3(team0) entered disabled state [ 657.661196][T16462] team0: entered allmulticast mode [ 657.666926][T16462] team_slave_0: entered allmulticast mode [ 657.674641][T16462] team_slave_1: entered allmulticast mode [ 657.684371][T16462] team0: entered promiscuous mode [ 657.691596][T16462] team_slave_0: entered promiscuous mode [ 657.700278][T16462] team_slave_1: entered promiscuous mode [ 657.708945][T16462] bridge0: port 3(team0) entered blocking state [ 657.715579][T16462] bridge0: port 3(team0) entered forwarding state [ 658.108008][T16481] input: jJǸ-9%vJ86 as /devices/virtual/input/input13 [ 658.361439][T16483] usb usb24: usbfs: process 16483 (syz.2.2562) did not claim interface 0 before use [ 658.416119][T16482] binder: 16479:16482 ioctl c018620c 0 returned -1 [ 658.467376][T16482] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2564'. [ 658.905877][T16495] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2566'. [ 659.447552][T16502] FAULT_INJECTION: forcing a failure. [ 659.447552][T16502] name failslab, interval 1, probability 0, space 0, times 0 [ 659.490233][T16502] CPU: 1 UID: 0 PID: 16502 Comm: syz.2.2568 Not tainted syzkaller #0 PREEMPT(full) [ 659.490272][T16502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 659.490288][T16502] Call Trace: [ 659.490297][T16502] [ 659.490309][T16502] dump_stack_lvl+0x16c/0x1f0 [ 659.490345][T16502] should_fail_ex+0x512/0x640 [ 659.490380][T16502] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 659.490414][T16502] should_failslab+0xc2/0x120 [ 659.490450][T16502] __kmalloc_node_noprof+0xe0/0x8a0 [ 659.490478][T16502] ? lockdep_init_map_type+0x5c/0x280 [ 659.490516][T16502] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 659.490555][T16502] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 659.490581][T16502] blk_mq_alloc_tag_set+0x577/0x12e0 [ 659.490609][T16502] ? idr_alloc_u32+0x263/0x2f0 [ 659.490646][T16502] loop_add+0x3b2/0xb70 [ 659.490691][T16502] ? __pfx_loop_add+0x10/0x10 [ 659.490748][T16502] ? find_held_lock+0x2b/0x80 [ 659.490785][T16502] loop_control_ioctl+0x13e/0x630 [ 659.490818][T16502] ? __pfx_loop_control_ioctl+0x10/0x10 [ 659.490854][T16502] ? __pfx_loop_control_ioctl+0x10/0x10 [ 659.490890][T16502] __x64_sys_ioctl+0x18b/0x210 [ 659.490928][T16502] do_syscall_64+0xcd/0x4b0 [ 659.490957][T16502] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.490982][T16502] RIP: 0033:0x7ff24ab8eec9 [ 659.491004][T16502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 659.491030][T16502] RSP: 002b:00007ff24ba50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 659.491056][T16502] RAX: ffffffffffffffda RBX: 00007ff24ade5fa0 RCX: 00007ff24ab8eec9 [ 659.491072][T16502] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 659.491089][T16502] RBP: 00007ff24ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 659.491106][T16502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 659.491121][T16502] R13: 00007ff24ade6038 R14: 00007ff24ade5fa0 R15: 00007ffd96137ac8 [ 659.491157][T16502] [ 659.888967][T16503] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2567'. [ 660.192263][T16506] serio: Serial port ttyS0 [ 660.462278][T16529] random: crng reseeded on system resumption [ 660.586638][T16532] FAULT_INJECTION: forcing a failure. [ 660.586638][T16532] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 660.683341][T16532] CPU: 0 UID: 0 PID: 16532 Comm: syz.2.2574 Not tainted syzkaller #0 PREEMPT(full) [ 660.683375][T16532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 660.683390][T16532] Call Trace: [ 660.683399][T16532] [ 660.683410][T16532] dump_stack_lvl+0x16c/0x1f0 [ 660.683446][T16532] should_fail_ex+0x512/0x640 [ 660.683484][T16532] _copy_to_user+0x32/0xd0 [ 660.683522][T16532] simple_read_from_buffer+0xcb/0x170 [ 660.683564][T16532] proc_fail_nth_read+0x197/0x240 [ 660.683595][T16532] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 660.683626][T16532] ? rw_verify_area+0xcf/0x6c0 [ 660.683652][T16532] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 660.683687][T16532] vfs_read+0x1e1/0xcf0 [ 660.683727][T16532] ? __pfx___mutex_lock+0x10/0x10 [ 660.683754][T16532] ? __pfx_vfs_read+0x10/0x10 [ 660.683775][T16532] ? __fget_files+0x20e/0x3c0 [ 660.683795][T16532] ksys_read+0x12a/0x250 [ 660.683810][T16532] ? __pfx_ksys_read+0x10/0x10 [ 660.683832][T16532] do_syscall_64+0xcd/0x4b0 [ 660.683851][T16532] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.683865][T16532] RIP: 0033:0x7ff24ab8d8dc [ 660.683877][T16532] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 660.683892][T16532] RSP: 002b:00007ff24ba50030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 660.683906][T16532] RAX: ffffffffffffffda RBX: 00007ff24ade5fa0 RCX: 00007ff24ab8d8dc [ 660.683915][T16532] RDX: 000000000000000f RSI: 00007ff24ba500a0 RDI: 0000000000000004 [ 660.683924][T16532] RBP: 00007ff24ba50090 R08: 0000000000000000 R09: 0000000000000000 [ 660.683933][T16532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 660.683941][T16532] R13: 00007ff24ade6038 R14: 00007ff24ade5fa0 R15: 00007ffd96137ac8 [ 660.683960][T16532] [ 662.781898][T16560] usbip-vudc usbip-vudc.0: gadget not bound [ 663.572655][T16578] random: crng reseeded on system resumption [ 665.200942][T16571] bridge0: port 3(team0) entered blocking state [ 665.545853][T16593] usbip-vudc usbip-vudc.0: gadget not bound [ 665.587490][T16571] bridge0: port 3(team0) entered disabled state [ 665.883078][T16571] team0: entered allmulticast mode [ 666.094154][T16571] team_slave_0: entered allmulticast mode [ 666.357202][T16571] team_slave_1: entered allmulticast mode [ 666.439449][T16571] team0: entered promiscuous mode [ 666.465254][T16571] team_slave_0: entered promiscuous mode [ 666.473592][T16571] team_slave_1: entered promiscuous mode [ 666.513842][T16571] bridge0: port 3(team0) entered blocking state [ 666.520389][T16571] bridge0: port 3(team0) entered forwarding state [ 668.152416][T16624] futex_wake_op: syz.3.2594 tries to shift op by -2048; fix this program [ 668.234831][T16624] futex_wake_op: syz.3.2594 tries to shift op by -2048; fix this program [ 669.343324][T16640] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2597'. [ 670.130878][T16645] FAULT_INJECTION: forcing a failure. [ 670.130878][T16645] name failslab, interval 1, probability 0, space 0, times 0 [ 670.173794][T16645] CPU: 0 UID: 0 PID: 16645 Comm: syz.0.2598 Not tainted syzkaller #0 PREEMPT(full) [ 670.173832][T16645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 670.173849][T16645] Call Trace: [ 670.173859][T16645] [ 670.173870][T16645] dump_stack_lvl+0x16c/0x1f0 [ 670.173908][T16645] should_fail_ex+0x512/0x640 [ 670.173945][T16645] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 670.173983][T16645] should_failslab+0xc2/0x120 [ 670.174020][T16645] __kmalloc_node_noprof+0xe0/0x8a0 [ 670.174053][T16645] ? lockdep_init_map_type+0x5c/0x280 [ 670.174093][T16645] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 670.174131][T16645] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 670.174159][T16645] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 670.174189][T16645] ? __pfx_idr_alloc+0x10/0x10 [ 670.174228][T16645] loop_add+0x3b2/0xb70 [ 670.174258][T16645] ? __pfx_loop_add+0x10/0x10 [ 670.174316][T16645] ? find_held_lock+0x2b/0x80 [ 670.174351][T16645] loop_control_ioctl+0x13e/0x630 [ 670.174388][T16645] ? __pfx_loop_control_ioctl+0x10/0x10 [ 670.174428][T16645] ? __pfx_loop_control_ioctl+0x10/0x10 [ 670.174463][T16645] __x64_sys_ioctl+0x18b/0x210 [ 670.174655][T16645] do_syscall_64+0xcd/0x4b0 [ 670.174692][T16645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.174720][T16645] RIP: 0033:0x7f733818eec9 [ 670.174742][T16645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 670.174773][T16645] RSP: 002b:00007f7339054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 670.174799][T16645] RAX: ffffffffffffffda RBX: 00007f73383e5fa0 RCX: 00007f733818eec9 [ 670.174818][T16645] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 670.174836][T16645] RBP: 00007f7338211f91 R08: 0000000000000000 R09: 0000000000000000 [ 670.174853][T16645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 670.174870][T16645] R13: 00007f73383e6038 R14: 00007f73383e5fa0 R15: 00007fff2c7f4708 [ 670.174906][T16645] [ 670.666906][T16657] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2599'. [ 673.848931][T16695] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2604'. [ 675.440262][T16714] netlink: 268 bytes leftover after parsing attributes in process `syz.0.2609'. [ 677.034732][T16729] syz.4.2612 (16729): /proc/16723/oom_adj is deprecated, please use /proc/16723/oom_score_adj instead. [ 677.602949][T16730] FAULT_INJECTION: forcing a failure. [ 677.602949][T16730] name failslab, interval 1, probability 0, space 0, times 0 [ 677.697046][T16730] CPU: 1 UID: 0 PID: 16730 Comm: syz.2.2611 Not tainted syzkaller #0 PREEMPT(full) [ 677.697084][T16730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 677.697100][T16730] Call Trace: [ 677.697109][T16730] [ 677.697119][T16730] dump_stack_lvl+0x16c/0x1f0 [ 677.697157][T16730] should_fail_ex+0x512/0x640 [ 677.697194][T16730] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 677.697230][T16730] should_failslab+0xc2/0x120 [ 677.697266][T16730] __kmalloc_node_noprof+0xe0/0x8a0 [ 677.697295][T16730] ? lockdep_init_map_type+0x5c/0x280 [ 677.697329][T16730] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 677.697364][T16730] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 677.697390][T16730] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 677.697420][T16730] ? __pfx_idr_alloc+0x10/0x10 [ 677.697457][T16730] loop_add+0x3b2/0xb70 [ 677.697493][T16730] ? __pfx_loop_add+0x10/0x10 [ 677.697564][T16730] ? find_held_lock+0x2b/0x80 [ 677.697600][T16730] loop_control_ioctl+0x13e/0x630 [ 677.697636][T16730] ? __pfx_loop_control_ioctl+0x10/0x10 [ 677.697676][T16730] ? __pfx_loop_control_ioctl+0x10/0x10 [ 677.697711][T16730] __x64_sys_ioctl+0x18b/0x210 [ 677.697749][T16730] do_syscall_64+0xcd/0x4b0 [ 677.697780][T16730] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 677.697805][T16730] RIP: 0033:0x7ff24ab8eec9 [ 677.697825][T16730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 677.697850][T16730] RSP: 002b:00007ff24ba50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 677.697875][T16730] RAX: ffffffffffffffda RBX: 00007ff24ade5fa0 RCX: 00007ff24ab8eec9 [ 677.697892][T16730] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 677.697906][T16730] RBP: 00007ff24ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 677.697921][T16730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 677.697936][T16730] R13: 00007ff24ade6038 R14: 00007ff24ade5fa0 R15: 00007ffd96137ac8 [ 677.697971][T16730] [ 678.964758][T16755] usbip-vudc usbip-vudc.0: gadget not bound [ 679.219647][T16757] netlink: 268 bytes leftover after parsing attributes in process `syz.0.2619'. [ 684.979471][T16820] FAULT_INJECTION: forcing a failure. [ 684.979471][T16820] name failslab, interval 1, probability 0, space 0, times 0 [ 685.032819][T16820] CPU: 0 UID: 0 PID: 16820 Comm: syz.0.2632 Not tainted syzkaller #0 PREEMPT(full) [ 685.032856][T16820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 685.032874][T16820] Call Trace: [ 685.032883][T16820] [ 685.032894][T16820] dump_stack_lvl+0x16c/0x1f0 [ 685.032934][T16820] should_fail_ex+0x512/0x640 [ 685.032970][T16820] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 685.033007][T16820] should_failslab+0xc2/0x120 [ 685.033040][T16820] __kmalloc_node_noprof+0xe0/0x8a0 [ 685.033072][T16820] ? lockdep_init_map_type+0x5c/0x280 [ 685.033113][T16820] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 685.033152][T16820] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 685.033181][T16820] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 685.033213][T16820] ? __pfx_idr_alloc+0x10/0x10 [ 685.033251][T16820] loop_add+0x3b2/0xb70 [ 685.033288][T16820] ? __pfx_loop_add+0x10/0x10 [ 685.033347][T16820] ? find_held_lock+0x2b/0x80 [ 685.033383][T16820] loop_control_ioctl+0x13e/0x630 [ 685.033417][T16820] ? __pfx_loop_control_ioctl+0x10/0x10 [ 685.033457][T16820] ? __pfx_loop_control_ioctl+0x10/0x10 [ 685.033494][T16820] __x64_sys_ioctl+0x18b/0x210 [ 685.033537][T16820] do_syscall_64+0xcd/0x4b0 [ 685.033572][T16820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 685.033599][T16820] RIP: 0033:0x7f733818eec9 [ 685.033621][T16820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 685.033647][T16820] RSP: 002b:00007f7339054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 685.033673][T16820] RAX: ffffffffffffffda RBX: 00007f73383e5fa0 RCX: 00007f733818eec9 [ 685.033691][T16820] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 685.033708][T16820] RBP: 00007f7338211f91 R08: 0000000000000000 R09: 0000000000000000 [ 685.033724][T16820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 685.033740][T16820] R13: 00007f73383e6038 R14: 00007f73383e5fa0 R15: 00007fff2c7f4708 [ 685.033839][T16820] [ 685.730006][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.737824][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.947962][T16843] FAULT_INJECTION: forcing a failure. [ 686.947962][T16843] name failslab, interval 1, probability 0, space 0, times 0 [ 687.041138][T16843] CPU: 1 UID: 0 PID: 16843 Comm: syz.2.2637 Not tainted syzkaller #0 PREEMPT(full) [ 687.041176][T16843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 687.041193][T16843] Call Trace: [ 687.041202][T16843] [ 687.041213][T16843] dump_stack_lvl+0x16c/0x1f0 [ 687.041253][T16843] should_fail_ex+0x512/0x640 [ 687.041287][T16843] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 687.041324][T16843] should_failslab+0xc2/0x120 [ 687.041366][T16843] __kmalloc_node_noprof+0xe0/0x8a0 [ 687.041403][T16843] ? lockdep_init_map_type+0x5c/0x280 [ 687.041443][T16843] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 687.041484][T16843] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 687.041512][T16843] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 687.041543][T16843] ? __pfx_idr_alloc+0x10/0x10 [ 687.041593][T16843] loop_add+0x3b2/0xb70 [ 687.041628][T16843] ? __pfx_loop_add+0x10/0x10 [ 687.041681][T16843] ? find_held_lock+0x2b/0x80 [ 687.041715][T16843] loop_control_ioctl+0x13e/0x630 [ 687.041750][T16843] ? __pfx_loop_control_ioctl+0x10/0x10 [ 687.041790][T16843] ? __pfx_loop_control_ioctl+0x10/0x10 [ 687.041825][T16843] __x64_sys_ioctl+0x18b/0x210 [ 687.041866][T16843] do_syscall_64+0xcd/0x4b0 [ 687.041905][T16843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 687.041932][T16843] RIP: 0033:0x7ff24ab8eec9 [ 687.041954][T16843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 687.041979][T16843] RSP: 002b:00007ff24ba50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 687.042004][T16843] RAX: ffffffffffffffda RBX: 00007ff24ade5fa0 RCX: 00007ff24ab8eec9 [ 687.042023][T16843] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 687.042039][T16843] RBP: 00007ff24ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 687.042055][T16843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 687.042071][T16843] R13: 00007ff24ade6038 R14: 00007ff24ade5fa0 R15: 00007ffd96137ac8 [ 687.042104][T16843] [ 687.264053][T16849] usbip-vudc usbip-vudc.0: gadget not bound [ 687.550843][T16858] FAULT_INJECTION: forcing a failure. [ 687.550843][T16858] name failslab, interval 1, probability 0, space 0, times 0 [ 687.581706][T16858] CPU: 1 UID: 0 PID: 16858 Comm: syz.3.2640 Not tainted syzkaller #0 PREEMPT(full) [ 687.581751][T16858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 687.581767][T16858] Call Trace: [ 687.581777][T16858] [ 687.581788][T16858] dump_stack_lvl+0x16c/0x1f0 [ 687.581819][T16858] should_fail_ex+0x512/0x640 [ 687.581840][T16858] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 687.581862][T16858] should_failslab+0xc2/0x120 [ 687.581882][T16858] __kmalloc_node_noprof+0xe0/0x8a0 [ 687.581900][T16858] ? lockdep_init_map_type+0x5c/0x280 [ 687.581923][T16858] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 687.581944][T16858] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 687.581959][T16858] blk_mq_alloc_tag_set+0x577/0x12e0 [ 687.581975][T16858] ? idr_alloc_u32+0x263/0x2f0 [ 687.581996][T16858] loop_add+0x3b2/0xb70 [ 687.582017][T16858] ? __pfx_loop_add+0x10/0x10 [ 687.582048][T16858] ? find_held_lock+0x2b/0x80 [ 687.582067][T16858] loop_control_ioctl+0x13e/0x630 [ 687.582087][T16858] ? __pfx_loop_control_ioctl+0x10/0x10 [ 687.582109][T16858] ? __pfx_loop_control_ioctl+0x10/0x10 [ 687.582129][T16858] __x64_sys_ioctl+0x18b/0x210 [ 687.582152][T16858] do_syscall_64+0xcd/0x4b0 [ 687.582171][T16858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 687.582185][T16858] RIP: 0033:0x7f7e7798eec9 [ 687.582197][T16858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 687.582211][T16858] RSP: 002b:00007f7e787a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 687.582225][T16858] RAX: ffffffffffffffda RBX: 00007f7e77be5fa0 RCX: 00007f7e7798eec9 [ 687.582235][T16858] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 687.582244][T16858] RBP: 00007f7e77a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 687.582253][T16858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 687.582262][T16858] R13: 00007f7e77be6038 R14: 00007f7e77be5fa0 R15: 00007ffe63411ec8 [ 687.582281][T16858] [ 688.996580][T16873] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2643'. [ 689.097198][ T5851] block nbd49: Receive control failed (result -107) [ 689.252964][T16878] nbd0: detected capacity change from 1649267441664 to 0 [ 689.747307][T16894] FAULT_INJECTION: forcing a failure. [ 689.747307][T16894] name failslab, interval 1, probability 0, space 0, times 0 [ 689.814744][T16894] CPU: 0 UID: 0 PID: 16894 Comm: syz.2.2650 Not tainted syzkaller #0 PREEMPT(full) [ 689.814783][T16894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 689.814799][T16894] Call Trace: [ 689.814810][T16894] [ 689.814821][T16894] dump_stack_lvl+0x16c/0x1f0 [ 689.814861][T16894] should_fail_ex+0x512/0x640 [ 689.814898][T16894] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 689.814948][T16894] should_failslab+0xc2/0x120 [ 689.814988][T16894] __kmalloc_node_noprof+0xe0/0x8a0 [ 689.815020][T16894] ? lockdep_init_map_type+0x5c/0x280 [ 689.815060][T16894] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 689.815106][T16894] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 689.815134][T16894] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 689.815165][T16894] ? __pfx_idr_alloc+0x10/0x10 [ 689.815206][T16894] loop_add+0x3b2/0xb70 [ 689.815241][T16894] ? __pfx_loop_add+0x10/0x10 [ 689.815297][T16894] ? find_held_lock+0x2b/0x80 [ 689.815331][T16894] loop_control_ioctl+0x13e/0x630 [ 689.815366][T16894] ? __pfx_loop_control_ioctl+0x10/0x10 [ 689.815406][T16894] ? __pfx_loop_control_ioctl+0x10/0x10 [ 689.815443][T16894] __x64_sys_ioctl+0x18b/0x210 [ 689.815484][T16894] do_syscall_64+0xcd/0x4b0 [ 689.815528][T16894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 689.815555][T16894] RIP: 0033:0x7ff24ab8eec9 [ 689.815576][T16894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 689.815603][T16894] RSP: 002b:00007ff24ba50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 689.815630][T16894] RAX: ffffffffffffffda RBX: 00007ff24ade5fa0 RCX: 00007ff24ab8eec9 [ 689.815713][T16894] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 689.815733][T16894] RBP: 00007ff24ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 689.815750][T16894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 689.815766][T16894] R13: 00007ff24ade6038 R14: 00007ff24ade5fa0 R15: 00007ffd96137ac8 [ 689.815803][T16894] [ 690.257391][T16908] FAULT_INJECTION: forcing a failure. [ 690.257391][T16908] name failslab, interval 1, probability 0, space 0, times 0 [ 690.257432][T16908] CPU: 0 UID: 0 PID: 16908 Comm: syz.3.2653 Not tainted syzkaller #0 PREEMPT(full) [ 690.257461][T16908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 690.257476][T16908] Call Trace: [ 690.257484][T16908] [ 690.257493][T16908] dump_stack_lvl+0x16c/0x1f0 [ 690.257540][T16908] should_fail_ex+0x512/0x640 [ 690.257579][T16908] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 690.257614][T16908] should_failslab+0xc2/0x120 [ 690.257647][T16908] __kmalloc_node_noprof+0xe0/0x8a0 [ 690.257748][T16908] ? lockdep_init_map_type+0x5c/0x280 [ 690.257791][T16908] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 690.257831][T16908] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 690.257860][T16908] blk_mq_alloc_tag_set+0x577/0x12e0 [ 690.257891][T16908] ? idr_alloc_u32+0x263/0x2f0 [ 690.257937][T16908] loop_add+0x3b2/0xb70 [ 690.257978][T16908] ? __pfx_loop_add+0x10/0x10 [ 690.258039][T16908] ? find_held_lock+0x2b/0x80 [ 690.258076][T16908] loop_control_ioctl+0x13e/0x630 [ 690.258114][T16908] ? __pfx_loop_control_ioctl+0x10/0x10 [ 690.258154][T16908] ? __pfx_loop_control_ioctl+0x10/0x10 [ 690.258192][T16908] __x64_sys_ioctl+0x18b/0x210 [ 690.258235][T16908] do_syscall_64+0xcd/0x4b0 [ 690.258270][T16908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 690.258297][T16908] RIP: 0033:0x7f7e7798eec9 [ 690.258320][T16908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 690.258360][T16908] RSP: 002b:00007f7e787a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 690.258386][T16908] RAX: ffffffffffffffda RBX: 00007f7e77be5fa0 RCX: 00007f7e7798eec9 [ 690.258406][T16908] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 690.258424][T16908] RBP: 00007f7e77a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 690.258441][T16908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 690.258457][T16908] R13: 00007f7e77be6038 R14: 00007f7e77be5fa0 R15: 00007ffe63411ec8 [ 690.258493][T16908] [ 691.200606][T12830] Process accounting resumed [ 691.467143][T16917] Process accounting resumed [ 692.293597][T16935] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2661'. [ 692.418799][ T5851] block nbd50: Receive control failed (result -107) [ 693.186864][T16958] FAULT_INJECTION: forcing a failure. [ 693.186864][T16958] name failslab, interval 1, probability 0, space 0, times 0 [ 693.283481][T16958] CPU: 0 UID: 0 PID: 16958 Comm: syz.4.2672 Not tainted syzkaller #0 PREEMPT(full) [ 693.283521][T16958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 693.283545][T16958] Call Trace: [ 693.283555][T16958] [ 693.283567][T16958] dump_stack_lvl+0x16c/0x1f0 [ 693.283610][T16958] should_fail_ex+0x512/0x640 [ 693.283646][T16958] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 693.283685][T16958] should_failslab+0xc2/0x120 [ 693.283722][T16958] __kmalloc_node_noprof+0xe0/0x8a0 [ 693.283753][T16958] ? lockdep_init_map_type+0x5c/0x280 [ 693.283792][T16958] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 693.283831][T16958] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 693.283867][T16958] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 693.283900][T16958] ? __pfx_idr_alloc+0x10/0x10 [ 693.283940][T16958] loop_add+0x3b2/0xb70 [ 693.283978][T16958] ? __pfx_loop_add+0x10/0x10 [ 693.284037][T16958] ? find_held_lock+0x2b/0x80 [ 693.284073][T16958] loop_control_ioctl+0x13e/0x630 [ 693.284108][T16958] ? __pfx_loop_control_ioctl+0x10/0x10 [ 693.284148][T16958] ? __pfx_loop_control_ioctl+0x10/0x10 [ 693.284186][T16958] __x64_sys_ioctl+0x18b/0x210 [ 693.284229][T16958] do_syscall_64+0xcd/0x4b0 [ 693.284264][T16958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.284291][T16958] RIP: 0033:0x7f530c18eec9 [ 693.284312][T16958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 693.284337][T16958] RSP: 002b:00007f530d018038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 693.284367][T16958] RAX: ffffffffffffffda RBX: 00007f530c3e5fa0 RCX: 00007f530c18eec9 [ 693.284386][T16958] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 693.284403][T16958] RBP: 00007f530c211f91 R08: 0000000000000000 R09: 0000000000000000 [ 693.284419][T16958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 693.284436][T16958] R13: 00007f530c3e6038 R14: 00007f530c3e5fa0 R15: 00007ffeb2476b68 [ 693.284473][T16958] [ 694.833059][T16971] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2667'. [ 696.835159][T17003] netlink: 'syz.3.2677': attribute type 4 has an invalid length. [ 696.870400][T17003] netlink: 'syz.3.2677': attribute type 5 has an invalid length. [ 696.956651][T16999] FAULT_INJECTION: forcing a failure. [ 696.956651][T16999] name failslab, interval 1, probability 0, space 0, times 0 [ 696.978176][T17003] netlink: 10 bytes leftover after parsing attributes in process `syz.3.2677'. [ 696.995010][T17004] netlink: 268 bytes leftover after parsing attributes in process `syz.0.2676'. [ 697.013013][T16999] CPU: 0 UID: 0 PID: 16999 Comm: syz.2.2675 Not tainted syzkaller #0 PREEMPT(full) [ 697.013054][T16999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 697.013079][T16999] Call Trace: [ 697.013088][T16999] [ 697.013101][T16999] dump_stack_lvl+0x16c/0x1f0 [ 697.013141][T16999] should_fail_ex+0x512/0x640 [ 697.013177][T16999] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 697.013215][T16999] should_failslab+0xc2/0x120 [ 697.013250][T16999] __kmalloc_node_noprof+0xe0/0x8a0 [ 697.013283][T16999] ? lockdep_init_map_type+0x5c/0x280 [ 697.013322][T16999] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 697.013360][T16999] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 697.013388][T16999] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 697.013419][T16999] ? __pfx_idr_alloc+0x10/0x10 [ 697.013458][T16999] loop_add+0x3b2/0xb70 [ 697.013495][T16999] ? __pfx_loop_add+0x10/0x10 [ 697.013826][T16999] ? find_held_lock+0x2b/0x80 [ 697.013886][T16999] loop_control_ioctl+0x13e/0x630 [ 697.014043][T16999] ? __pfx_loop_control_ioctl+0x10/0x10 [ 697.014091][T16999] ? __pfx_loop_control_ioctl+0x10/0x10 [ 697.014133][T16999] __x64_sys_ioctl+0x18b/0x210 [ 697.014179][T16999] do_syscall_64+0xcd/0x4b0 [ 697.014216][T16999] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 697.014245][T16999] RIP: 0033:0x7ff24ab8eec9 [ 697.014267][T16999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 697.014293][T16999] RSP: 002b:00007ff24ba50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 697.014320][T16999] RAX: ffffffffffffffda RBX: 00007ff24ade5fa0 RCX: 00007ff24ab8eec9 [ 697.014339][T16999] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 697.014356][T16999] RBP: 00007ff24ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 697.014373][T16999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 697.014390][T16999] R13: 00007ff24ade6038 R14: 00007ff24ade5fa0 R15: 00007ffd96137ac8 [ 697.014427][T16999] [ 700.254069][T17042] FAULT_INJECTION: forcing a failure. [ 700.254069][T17042] name failslab, interval 1, probability 0, space 0, times 0 [ 700.289227][T17042] CPU: 1 UID: 0 PID: 17042 Comm: syz.3.2687 Not tainted syzkaller #0 PREEMPT(full) [ 700.289252][T17042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 700.289262][T17042] Call Trace: [ 700.289268][T17042] [ 700.289276][T17042] dump_stack_lvl+0x16c/0x1f0 [ 700.289299][T17042] should_fail_ex+0x512/0x640 [ 700.289321][T17042] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 700.289343][T17042] should_failslab+0xc2/0x120 [ 700.289364][T17042] __kmalloc_node_noprof+0xe0/0x8a0 [ 700.289404][T17042] ? lockdep_init_map_type+0x5c/0x280 [ 700.289431][T17042] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 700.289453][T17042] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 700.289469][T17042] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 700.289487][T17042] ? __pfx_idr_alloc+0x10/0x10 [ 700.289508][T17042] loop_add+0x3b2/0xb70 [ 700.289529][T17042] ? __pfx_loop_add+0x10/0x10 [ 700.289560][T17042] ? find_held_lock+0x2b/0x80 [ 700.289580][T17042] loop_control_ioctl+0x13e/0x630 [ 700.289600][T17042] ? __pfx_loop_control_ioctl+0x10/0x10 [ 700.289624][T17042] ? __pfx_loop_control_ioctl+0x10/0x10 [ 700.289645][T17042] __x64_sys_ioctl+0x18b/0x210 [ 700.289669][T17042] do_syscall_64+0xcd/0x4b0 [ 700.289688][T17042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 700.289704][T17042] RIP: 0033:0x7f7e7798eec9 [ 700.289717][T17042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 700.289732][T17042] RSP: 002b:00007f7e787a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 700.289747][T17042] RAX: ffffffffffffffda RBX: 00007f7e77be5fa0 RCX: 00007f7e7798eec9 [ 700.289756][T17042] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 700.289766][T17042] RBP: 00007f7e77a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 700.289774][T17042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 700.289783][T17042] R13: 00007f7e77be6038 R14: 00007f7e77be5fa0 R15: 00007ffe63411ec8 [ 700.289801][T17042] [ 701.320981][T17054] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2689'. [ 701.508971][ T5851] block nbd51: Receive control failed (result -107) [ 703.403593][ T30] audit: type=1804 audit(4294967332.750:26): pid=17080 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2694" name="/newroot/62/file0" dev="tmpfs" ino=356 res=1 errno=0 [ 703.584748][T17089] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2696'. [ 703.671629][ T5851] block nbd52: Receive control failed (result -107) [ 706.366006][T17117] delete_channel: no stack [ 706.890790][T17123] netlink: 268 bytes leftover after parsing attributes in process `syz.0.2703'. [ 707.335381][T17132] ICMPv6: process `syz.2.2712' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 708.370842][T17142] FAULT_INJECTION: forcing a failure. [ 708.370842][T17142] name failslab, interval 1, probability 0, space 0, times 0 [ 708.438716][T17142] CPU: 0 UID: 0 PID: 17142 Comm: syz.4.2705 Not tainted syzkaller #0 PREEMPT(full) [ 708.438753][T17142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 708.438769][T17142] Call Trace: [ 708.438781][T17142] [ 708.438793][T17142] dump_stack_lvl+0x16c/0x1f0 [ 708.438835][T17142] should_fail_ex+0x512/0x640 [ 708.438857][T17142] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 708.438879][T17142] should_failslab+0xc2/0x120 [ 708.438900][T17142] __kmalloc_node_noprof+0xe0/0x8a0 [ 708.438917][T17142] ? lockdep_init_map_type+0x5c/0x280 [ 708.438939][T17142] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 708.438960][T17142] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 708.438975][T17142] blk_mq_alloc_tag_set+0x577/0x12e0 [ 708.438992][T17142] ? idr_alloc_u32+0x263/0x2f0 [ 708.439014][T17142] loop_add+0x3b2/0xb70 [ 708.439035][T17142] ? __pfx_loop_add+0x10/0x10 [ 708.439065][T17142] ? find_held_lock+0x2b/0x80 [ 708.439084][T17142] loop_control_ioctl+0x13e/0x630 [ 708.439105][T17142] ? __pfx_loop_control_ioctl+0x10/0x10 [ 708.439128][T17142] ? __pfx_loop_control_ioctl+0x10/0x10 [ 708.439149][T17142] __x64_sys_ioctl+0x18b/0x210 [ 708.439180][T17142] do_syscall_64+0xcd/0x4b0 [ 708.439200][T17142] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 708.439216][T17142] RIP: 0033:0x7f530c18eec9 [ 708.439229][T17142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 708.439243][T17142] RSP: 002b:00007f530d018038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 708.439258][T17142] RAX: ffffffffffffffda RBX: 00007f530c3e5fa0 RCX: 00007f530c18eec9 [ 708.439268][T17142] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 708.439277][T17142] RBP: 00007f530c211f91 R08: 0000000000000000 R09: 0000000000000000 [ 708.439289][T17142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 708.439302][T17142] R13: 00007f530c3e6038 R14: 00007f530c3e5fa0 R15: 00007ffeb2476b68 [ 708.439325][T17142] [ 709.333133][T17149] FAULT_INJECTION: forcing a failure. [ 709.333133][T17149] name failslab, interval 1, probability 0, space 0, times 0 [ 709.382754][T17149] CPU: 1 UID: 0 PID: 17149 Comm: syz.3.2707 Not tainted syzkaller #0 PREEMPT(full) [ 709.382779][T17149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 709.382789][T17149] Call Trace: [ 709.382796][T17149] [ 709.382803][T17149] dump_stack_lvl+0x16c/0x1f0 [ 709.382828][T17149] should_fail_ex+0x512/0x640 [ 709.382849][T17149] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 709.382878][T17149] should_failslab+0xc2/0x120 [ 709.382903][T17149] __kmalloc_node_noprof+0xe0/0x8a0 [ 709.382925][T17149] ? lockdep_init_map_type+0x5c/0x280 [ 709.382959][T17149] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 709.382986][T17149] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 709.383011][T17149] blk_mq_alloc_tag_set+0x577/0x12e0 [ 709.383039][T17149] ? idr_alloc_u32+0x263/0x2f0 [ 709.383073][T17149] loop_add+0x3b2/0xb70 [ 709.383107][T17149] ? __pfx_loop_add+0x10/0x10 [ 709.383162][T17149] ? find_held_lock+0x2b/0x80 [ 709.383207][T17149] loop_control_ioctl+0x13e/0x630 [ 709.383243][T17149] ? __pfx_loop_control_ioctl+0x10/0x10 [ 709.383282][T17149] ? __pfx_loop_control_ioctl+0x10/0x10 [ 709.383316][T17149] __x64_sys_ioctl+0x18b/0x210 [ 709.383354][T17149] do_syscall_64+0xcd/0x4b0 [ 709.383389][T17149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.383420][T17149] RIP: 0033:0x7f7e7798eec9 [ 709.383443][T17149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 709.383469][T17149] RSP: 002b:00007f7e787a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 709.383492][T17149] RAX: ffffffffffffffda RBX: 00007f7e77be5fa0 RCX: 00007f7e7798eec9 [ 709.383508][T17149] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 709.383523][T17149] RBP: 00007f7e77a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 709.383537][T17149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 709.383553][T17149] R13: 00007f7e77be6038 R14: 00007f7e77be5fa0 R15: 00007ffe63411ec8 [ 709.383588][T17149] [ 709.866772][T17151] netlink: 268 bytes leftover after parsing attributes in process `syz.0.2706'. [ 710.287609][T17153] FAULT_INJECTION: forcing a failure. [ 710.287609][T17153] name failslab, interval 1, probability 0, space 0, times 0 [ 710.372676][T17153] CPU: 1 UID: 0 PID: 17153 Comm: syz.4.2708 Not tainted syzkaller #0 PREEMPT(full) [ 710.372716][T17153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 710.372734][T17153] Call Trace: [ 710.372745][T17153] [ 710.372756][T17153] dump_stack_lvl+0x16c/0x1f0 [ 710.372796][T17153] should_fail_ex+0x512/0x640 [ 710.372831][T17153] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 710.372869][T17153] should_failslab+0xc2/0x120 [ 710.372905][T17153] __kmalloc_node_noprof+0xe0/0x8a0 [ 710.372938][T17153] ? lockdep_init_map_type+0x5c/0x280 [ 710.372975][T17153] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 710.373012][T17153] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 710.373039][T17153] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 710.373069][T17153] ? __pfx_idr_alloc+0x10/0x10 [ 710.373107][T17153] loop_add+0x3b2/0xb70 [ 710.373143][T17153] ? __pfx_loop_add+0x10/0x10 [ 710.373201][T17153] ? find_held_lock+0x2b/0x80 [ 710.373236][T17153] loop_control_ioctl+0x13e/0x630 [ 710.373271][T17153] ? __pfx_loop_control_ioctl+0x10/0x10 [ 710.373311][T17153] ? __pfx_loop_control_ioctl+0x10/0x10 [ 710.373459][T17153] __x64_sys_ioctl+0x18b/0x210 [ 710.373572][T17153] do_syscall_64+0xcd/0x4b0 [ 710.373614][T17153] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 710.373645][T17153] RIP: 0033:0x7f530c18eec9 [ 710.373675][T17153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 710.373701][T17153] RSP: 002b:00007f530d018038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 710.373726][T17153] RAX: ffffffffffffffda RBX: 00007f530c3e5fa0 RCX: 00007f530c18eec9 [ 710.373741][T17153] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 710.373755][T17153] RBP: 00007f530c211f91 R08: 0000000000000000 R09: 0000000000000000 [ 710.373768][T17153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 710.373780][T17153] R13: 00007f530c3e6038 R14: 00007f530c3e5fa0 R15: 00007ffeb2476b68 [ 710.373809][T17153] [ 711.433896][T17166] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2714'. [ 711.573799][ T5851] block nbd53: Receive control failed (result -107) [ 712.132391][T17180] FAULT_INJECTION: forcing a failure. [ 712.132391][T17180] name failslab, interval 1, probability 0, space 0, times 0 [ 712.152809][T17180] CPU: 1 UID: 0 PID: 17180 Comm: syz.0.2724 Not tainted syzkaller #0 PREEMPT(full) [ 712.152845][T17180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 712.152857][T17180] Call Trace: [ 712.152862][T17180] [ 712.152870][T17180] dump_stack_lvl+0x16c/0x1f0 [ 712.152896][T17180] should_fail_ex+0x512/0x640 [ 712.152918][T17180] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 712.152939][T17180] should_failslab+0xc2/0x120 [ 712.152962][T17180] __kmalloc_node_noprof+0xe0/0x8a0 [ 712.152980][T17180] ? lockdep_init_map_type+0x5c/0x280 [ 712.153003][T17180] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 712.153023][T17180] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 712.153038][T17180] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 712.153055][T17180] ? __pfx_idr_alloc+0x10/0x10 [ 712.153076][T17180] loop_add+0x3b2/0xb70 [ 712.153097][T17180] ? __pfx_loop_add+0x10/0x10 [ 712.153137][T17180] ? find_held_lock+0x2b/0x80 [ 712.153157][T17180] loop_control_ioctl+0x13e/0x630 [ 712.153179][T17180] ? __pfx_loop_control_ioctl+0x10/0x10 [ 712.153202][T17180] ? __pfx_loop_control_ioctl+0x10/0x10 [ 712.153231][T17180] __x64_sys_ioctl+0x18b/0x210 [ 712.153259][T17180] do_syscall_64+0xcd/0x4b0 [ 712.153281][T17180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 712.153296][T17180] RIP: 0033:0x7f733818eec9 [ 712.153309][T17180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 712.153323][T17180] RSP: 002b:00007f7339054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 712.153338][T17180] RAX: ffffffffffffffda RBX: 00007f73383e5fa0 RCX: 00007f733818eec9 [ 712.153352][T17180] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000006 [ 712.153361][T17180] RBP: 00007f7338211f91 R08: 0000000000000000 R09: 0000000000000000 [ 712.153370][T17180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 712.153378][T17180] R13: 00007f73383e6038 R14: 00007f73383e5fa0 R15: 00007fff2c7f4708 [ 712.153396][T17180] [ 712.735789][T17183] netlink: 268 bytes leftover after parsing attributes in process `syz.2.2716'. [ 713.792864][T17209] usbip-vudc usbip-vudc.0: gadget not bound [ 715.422318][T17226] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2727'. [ 715.516318][ T5851] block nbd54: Receive control failed (result -107) [ 716.116576][T17241] FAULT_INJECTION: forcing a failure. [ 716.116576][T17241] name failslab, interval 1, probability 0, space 0, times 0 [ 716.182736][T17241] CPU: 0 UID: 0 PID: 17241 Comm: syz.3.2731 Not tainted syzkaller #0 PREEMPT(full) [ 716.182777][T17241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 716.182828][T17241] Call Trace: [ 716.182841][T17241] [ 716.182854][T17241] dump_stack_lvl+0x16c/0x1f0 [ 716.182896][T17241] should_fail_ex+0x512/0x640 [ 716.182935][T17241] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 716.182975][T17241] should_failslab+0xc2/0x120 [ 716.183012][T17241] __kmalloc_node_noprof+0xe0/0x8a0 [ 716.183045][T17241] ? lockdep_init_map_type+0x5c/0x280 [ 716.183086][T17241] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 716.183122][T17241] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 716.183151][T17241] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 716.183182][T17241] ? __pfx_idr_alloc+0x10/0x10 [ 716.183222][T17241] loop_add+0x3b2/0xb70 [ 716.183260][T17241] ? __pfx_loop_add+0x10/0x10 [ 716.183320][T17241] ? find_held_lock+0x2b/0x80 [ 716.183357][T17241] loop_control_ioctl+0x13e/0x630 [ 716.183394][T17241] ? __pfx_loop_control_ioctl+0x10/0x10 [ 716.183430][T17241] ? __pfx_loop_control_ioctl+0x10/0x10 [ 716.183468][T17241] __x64_sys_ioctl+0x18b/0x210 [ 716.183511][T17241] do_syscall_64+0xcd/0x4b0 [ 716.183546][T17241] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 716.183669][T17241] RIP: 0033:0x7f7e7798eec9 [ 716.183693][T17241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 716.183721][T17241] RSP: 002b:00007f7e787a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 716.183748][T17241] RAX: ffffffffffffffda RBX: 00007f7e77be5fa0 RCX: 00007f7e7798eec9 [ 716.183766][T17241] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 716.183785][T17241] RBP: 00007f7e77a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 716.183821][T17241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 716.183839][T17241] R13: 00007f7e77be6038 R14: 00007f7e77be5fa0 R15: 00007ffe63411ec8 [ 716.183877][T17241] [ 717.735734][T17267] usbip-vudc usbip-vudc.0: gadget not bound [ 718.766810][ T5851] Bluetooth: hci2: command 0x0406 tx timeout [ 718.817577][T17281] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2739'. [ 719.206029][ T5851] block nbd55: Receive control failed (result -107) [ 719.553592][T17293] FAULT_INJECTION: forcing a failure. [ 719.553592][T17293] name failslab, interval 1, probability 0, space 0, times 0 [ 719.571341][T17293] CPU: 0 UID: 0 PID: 17293 Comm: syz.2.2741 Not tainted syzkaller #0 PREEMPT(full) [ 719.571379][T17293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 719.571396][T17293] Call Trace: [ 719.571404][T17293] [ 719.571415][T17293] dump_stack_lvl+0x16c/0x1f0 [ 719.571455][T17293] should_fail_ex+0x512/0x640 [ 719.571499][T17293] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 719.571531][T17293] should_failslab+0xc2/0x120 [ 719.571562][T17293] __kmalloc_node_noprof+0xe0/0x8a0 [ 719.571585][T17293] ? lockdep_init_map_type+0x5c/0x280 [ 719.571618][T17293] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 719.571648][T17293] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 719.571670][T17293] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 719.571694][T17293] ? __pfx_idr_alloc+0x10/0x10 [ 719.571728][T17293] loop_add+0x3b2/0xb70 [ 719.571764][T17293] ? __pfx_loop_add+0x10/0x10 [ 719.571809][T17293] ? find_held_lock+0x2b/0x80 [ 719.571838][T17293] loop_control_ioctl+0x13e/0x630 [ 719.571867][T17293] ? __pfx_loop_control_ioctl+0x10/0x10 [ 719.571902][T17293] ? __pfx_loop_control_ioctl+0x10/0x10 [ 719.571931][T17293] __x64_sys_ioctl+0x18b/0x210 [ 719.571965][T17293] do_syscall_64+0xcd/0x4b0 [ 719.571993][T17293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 719.572019][T17293] RIP: 0033:0x7ff24ab8eec9 [ 719.572041][T17293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 719.572067][T17293] RSP: 002b:00007ff24ba50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 719.572095][T17293] RAX: ffffffffffffffda RBX: 00007ff24ade5fa0 RCX: 00007ff24ab8eec9 [ 719.572114][T17293] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 000000000000000a [ 719.572130][T17293] RBP: 00007ff24ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 719.572151][T17293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 719.572166][T17293] R13: 00007ff24ade6038 R14: 00007ff24ade5fa0 R15: 00007ffd96137ac8 [ 719.572197][T17293] [ 720.069449][ T5892] smpboot: CPU 1 is now offline [ 722.171290][T17326] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2749'. [ 722.975358][T17349] FAULT_INJECTION: forcing a failure. [ 722.975358][T17349] name failslab, interval 1, probability 0, space 0, times 0 [ 723.117278][T17349] CPU: 0 UID: 0 PID: 17349 Comm: syz.0.2754 Not tainted syzkaller #0 PREEMPT(full) [ 723.117418][T17349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 723.117428][T17349] Call Trace: [ 723.117435][T17349] [ 723.117442][T17349] dump_stack_lvl+0x16c/0x1f0 [ 723.117468][T17349] should_fail_ex+0x512/0x640 [ 723.117489][T17349] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 723.117513][T17349] should_failslab+0xc2/0x120 [ 723.117534][T17349] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 723.117553][T17349] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 723.117802][T17349] ? fib_notifier_ops_register+0x32/0x270 [ 723.117827][T17349] ? lockdep_hardirqs_on+0x7c/0x110 [ 723.117850][T17349] ? kmemdup_noprof+0x29/0x60 [ 723.117867][T17349] kmemdup_noprof+0x29/0x60 [ 723.117931][T17349] fib_notifier_ops_register+0x32/0x270 [ 723.117957][T17349] fib4_notifier_init+0x4f/0xd0 [ 723.117981][T17349] fib_net_init+0xbf/0x3f0 [ 723.117994][T17349] ? __pfx___register_sysctl_table+0x10/0x10 [ 723.118253][T17349] ? __pfx_fib_net_init+0x10/0x10 [ 723.118270][T17349] ? lockdep_init_map_type+0x5c/0x280 [ 723.118313][T17349] ? do_init_timer+0xc9/0x110 [ 723.118335][T17349] ? devinet_init_net+0x5c2/0x910 [ 723.118354][T17349] ? __pfx_fib_net_init+0x10/0x10 [ 723.118368][T17349] ops_init+0x1e2/0x5f0 [ 723.118399][T17349] setup_net+0x100/0x390 [ 723.118421][T17349] ? __pfx_setup_net+0x10/0x10 [ 723.118444][T17349] ? debug_mutex_init+0x37/0x70 [ 723.118464][T17349] copy_net_ns+0x2f8/0x690 [ 723.118481][T17349] create_new_namespaces+0x3ea/0xa90 [ 723.118505][T17349] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 723.118525][T17349] ksys_unshare+0x45b/0xa40 [ 723.118546][T17349] ? __pfx_ksys_unshare+0x10/0x10 [ 723.118568][T17349] ? xfd_validate_state+0x61/0x180 [ 723.118598][T17349] __x64_sys_unshare+0x31/0x40 [ 723.118620][T17349] do_syscall_64+0xcd/0x4b0 [ 723.118641][T17349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 723.118657][T17349] RIP: 0033:0x7f733818eec9 [ 723.118671][T17349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 723.118687][T17349] RSP: 002b:00007f7339033038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 723.118701][T17349] RAX: ffffffffffffffda RBX: 00007f73383e6090 RCX: 00007f733818eec9 [ 723.118712][T17349] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 723.118722][T17349] RBP: 00007f7338211f91 R08: 0000000000000000 R09: 0000000000000000 [ 723.118732][T17349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 723.118741][T17349] R13: 00007f73383e6128 R14: 00007f73383e6090 R15: 00007fff2c7f4708 [ 723.118768][T17349] [ 723.611101][T17339] Process accounting paused [ 723.705223][T17356] netlink: 146 bytes leftover after parsing attributes in process `syz.2.2756'. [ 724.513397][T17367] netlink: 'syz.2.2759': attribute type 1 has an invalid length. [ 725.036326][T17378] input input14: cannot allocate more than FF_MAX_EFFECTS effects [ 725.064860][T17378] Invalid ELF header magic: != ELF [ 725.771366][T17368] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 726.679399][T17400] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2769'. [ 728.562275][T17427] netlink: 334 bytes leftover after parsing attributes in process `syz.4.2775'. [ 728.998630][T17435] FAULT_INJECTION: forcing a failure. [ 728.998630][T17435] name failslab, interval 1, probability 0, space 0, times 0 [ 729.102598][T17435] CPU: 0 UID: 0 PID: 17435 Comm: syz.4.2778 Not tainted syzkaller #0 PREEMPT(full) [ 729.102626][T17435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 729.102637][T17435] Call Trace: [ 729.102644][T17435] [ 729.102651][T17435] dump_stack_lvl+0x16c/0x1f0 [ 729.102679][T17435] should_fail_ex+0x512/0x640 [ 729.102705][T17435] ? __kmalloc_noprof+0xca/0x880 [ 729.102725][T17435] should_failslab+0xc2/0x120 [ 729.102754][T17435] __kmalloc_noprof+0xdd/0x880 [ 729.102777][T17435] ? lsm_blob_alloc+0x68/0x90 [ 729.102802][T17435] ? lsm_blob_alloc+0x68/0x90 [ 729.102820][T17435] lsm_blob_alloc+0x68/0x90 [ 729.102841][T17435] security_prepare_creds+0x30/0x270 [ 729.102862][T17435] prepare_creds+0x56f/0x7d0 [ 729.102880][T17435] __sys_setfsgid+0xe3/0x380 [ 729.102899][T17435] ? rcu_is_watching+0x12/0xc0 [ 729.102919][T17435] do_syscall_64+0xcd/0x4b0 [ 729.102939][T17435] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.102956][T17435] RIP: 0033:0x7f530c18eec9 [ 729.103103][T17435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 729.103121][T17435] RSP: 002b:00007f530d018038 EFLAGS: 00000246 ORIG_RAX: 000000000000007b [ 729.103139][T17435] RAX: ffffffffffffffda RBX: 00007f530c3e5fa0 RCX: 00007f530c18eec9 [ 729.103151][T17435] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 729.103161][T17435] RBP: 00007f530c211f91 R08: 0000000000000000 R09: 0000000000000000 [ 729.103171][T17435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 729.103185][T17435] R13: 00007f530c3e6038 R14: 00007f530c3e5fa0 R15: 00007ffeb2476b68 [ 729.103205][T17435] [ 731.391364][T17472] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2788'. [ 731.537068][ T5851] block nbd56: Receive control failed (result -107) [ 731.609984][T17480] FAULT_INJECTION: forcing a failure. [ 731.609984][T17480] name failslab, interval 1, probability 0, space 0, times 0 [ 731.706377][T17480] CPU: 0 UID: 0 PID: 17480 Comm: syz.0.2790 Not tainted syzkaller #0 PREEMPT(full) [ 731.706409][T17480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 731.706420][T17480] Call Trace: [ 731.706428][T17480] [ 731.706435][T17480] dump_stack_lvl+0x16c/0x1f0 [ 731.706463][T17480] should_fail_ex+0x512/0x640 [ 731.706487][T17480] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 731.706512][T17480] should_failslab+0xc2/0x120 [ 731.706536][T17480] __kmalloc_node_noprof+0xe0/0x8a0 [ 731.706552][T17480] ? lockdep_init_map_type+0x5c/0x280 [ 731.706575][T17480] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 731.706596][T17480] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 731.706611][T17480] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 731.706628][T17480] ? __pfx_idr_alloc+0x10/0x10 [ 731.706649][T17480] loop_add+0x3b2/0xb70 [ 731.706671][T17480] ? __pfx_loop_add+0x10/0x10 [ 731.706702][T17480] ? find_held_lock+0x2b/0x80 [ 731.706721][T17480] loop_control_ioctl+0x13e/0x630 [ 731.706741][T17480] ? __pfx_loop_control_ioctl+0x10/0x10 [ 731.706762][T17480] ? __pfx_loop_control_ioctl+0x10/0x10 [ 731.706782][T17480] __x64_sys_ioctl+0x18b/0x210 [ 731.706807][T17480] do_syscall_64+0xcd/0x4b0 [ 731.706827][T17480] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.706844][T17480] RIP: 0033:0x7f733818eec9 [ 731.706856][T17480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 731.706871][T17480] RSP: 002b:00007f7339054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 731.706887][T17480] RAX: ffffffffffffffda RBX: 00007f73383e5fa0 RCX: 00007f733818eec9 [ 731.706898][T17480] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000004 [ 731.706907][T17480] RBP: 00007f7338211f91 R08: 0000000000000000 R09: 0000000000000000 [ 731.706917][T17480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 731.706925][T17480] R13: 00007f73383e6038 R14: 00007f73383e5fa0 R15: 00007fff2c7f4708 [ 731.706944][T17480] [ 732.805842][T17499] usbip-vudc usbip-vudc.0: gadget not bound [ 732.986352][T17501] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2795'. [ 733.165392][T17503] FAULT_INJECTION: forcing a failure. [ 733.165392][T17503] name failslab, interval 1, probability 0, space 0, times 0 [ 733.306503][T17503] CPU: 0 UID: 0 PID: 17503 Comm: syz.2.2794 Not tainted syzkaller #0 PREEMPT(full) [ 733.306526][T17503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 733.306536][T17503] Call Trace: [ 733.306541][T17503] [ 733.306548][T17503] dump_stack_lvl+0x16c/0x1f0 [ 733.306571][T17503] should_fail_ex+0x512/0x640 [ 733.306594][T17503] ? fs_reclaim_acquire+0xae/0x150 [ 733.306616][T17503] should_failslab+0xc2/0x120 [ 733.306636][T17503] __kmalloc_noprof+0xdd/0x880 [ 733.306651][T17503] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 733.306672][T17503] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 733.306686][T17503] tomoyo_realpath_from_path+0xc2/0x6e0 [ 733.306704][T17503] ? tomoyo_profile+0x47/0x60 [ 733.306729][T17503] tomoyo_path_number_perm+0x245/0x580 [ 733.306750][T17503] ? tomoyo_path_number_perm+0x237/0x580 [ 733.306773][T17503] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 733.306795][T17503] ? rcu_read_unlock+0x17/0x60 [ 733.306819][T17503] ? do_raw_spin_lock+0x12c/0x2b0 [ 733.306834][T17503] ? find_held_lock+0x2b/0x80 [ 733.306859][T17503] ? find_held_lock+0x2b/0x80 [ 733.306875][T17503] ? __pfx___d_add+0x10/0x10 [ 733.306893][T17503] ? d_alloc+0x176/0x1e0 [ 733.306909][T17503] ? current_check_access_path+0x33c/0x460 [ 733.306926][T17503] ? __pfx_current_check_access_path+0x10/0x10 [ 733.306944][T17503] ? simple_lookup+0x105/0x1d0 [ 733.306966][T17503] tomoyo_path_mknod+0x10c/0x190 [ 733.306988][T17503] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 733.307007][T17503] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 733.307027][T17503] security_path_mknod+0x161/0x310 [ 733.307051][T17503] do_mknodat+0x239/0x5d0 [ 733.307070][T17503] ? __pfx_do_mknodat+0x10/0x10 [ 733.307084][T17503] ? getname_flags.part.0+0x1c5/0x550 [ 733.307104][T17503] ? syscall_user_dispatch+0x78/0x140 [ 733.307124][T17503] __x64_sys_mknod+0x87/0xb0 [ 733.307142][T17503] do_syscall_64+0xcd/0x4b0 [ 733.307161][T17503] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 733.307176][T17503] RIP: 0033:0x7ff24ab8eec9 [ 733.307188][T17503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 733.307202][T17503] RSP: 002b:00007ff24ba50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 733.307215][T17503] RAX: ffffffffffffffda RBX: 00007ff24ade5fa0 RCX: 00007ff24ab8eec9 [ 733.307225][T17503] RDX: 0000000000000004 RSI: 0000000000001001 RDI: 0000200000000000 [ 733.307234][T17503] RBP: 00007ff24ba50090 R08: 0000000000000000 R09: 0000000000000000 [ 733.307242][T17503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 733.307250][T17503] R13: 00007ff24ade6038 R14: 00007ff24ade5fa0 R15: 00007ffd96137ac8 [ 733.307270][T17503] [ 733.311565][T17503] ERROR: Out of memory at tomoyo_realpath_from_path. [ 734.304260][T17523] FAULT_INJECTION: forcing a failure. [ 734.304260][T17523] name failslab, interval 1, probability 0, space 0, times 0 [ 734.390633][T17523] CPU: 0 UID: 0 PID: 17523 Comm: syz.3.2800 Not tainted syzkaller #0 PREEMPT(full) [ 734.390658][T17523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 734.390668][T17523] Call Trace: [ 734.390676][T17523] [ 734.390684][T17523] dump_stack_lvl+0x16c/0x1f0 [ 734.390722][T17523] should_fail_ex+0x512/0x640 [ 734.390747][T17523] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 734.390769][T17523] should_failslab+0xc2/0x120 [ 734.390792][T17523] __kmalloc_node_noprof+0xe0/0x8a0 [ 734.390809][T17523] ? lockdep_init_map_type+0x5c/0x280 [ 734.390831][T17523] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 734.390852][T17523] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 734.390867][T17523] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 734.390884][T17523] ? __pfx_idr_alloc+0x10/0x10 [ 734.390906][T17523] loop_add+0x3b2/0xb70 [ 734.390927][T17523] ? __pfx_loop_add+0x10/0x10 [ 734.390958][T17523] ? find_held_lock+0x2b/0x80 [ 734.390977][T17523] loop_control_ioctl+0x13e/0x630 [ 734.390997][T17523] ? __pfx_loop_control_ioctl+0x10/0x10 [ 734.391019][T17523] ? __pfx_loop_control_ioctl+0x10/0x10 [ 734.391039][T17523] __x64_sys_ioctl+0x18b/0x210 [ 734.391062][T17523] do_syscall_64+0xcd/0x4b0 [ 734.391081][T17523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 734.391097][T17523] RIP: 0033:0x7f7e7798eec9 [ 734.391109][T17523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 734.391124][T17523] RSP: 002b:00007f7e787a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 734.391138][T17523] RAX: ffffffffffffffda RBX: 00007f7e77be5fa0 RCX: 00007f7e7798eec9 [ 734.391148][T17523] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000006 [ 734.391157][T17523] RBP: 00007f7e77a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 734.391165][T17523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 734.391173][T17523] R13: 00007f7e77be6038 R14: 00007f7e77be5fa0 R15: 00007ffe63411ec8 [ 734.391192][T17523] [ 737.190559][T17559] FAULT_INJECTION: forcing a failure. [ 737.190559][T17559] name failslab, interval 1, probability 0, space 0, times 0 [ 737.268975][T17559] CPU: 0 UID: 0 PID: 17559 Comm: syz.3.2809 Not tainted syzkaller #0 PREEMPT(full) [ 737.269000][T17559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 737.269010][T17559] Call Trace: [ 737.269016][T17559] [ 737.269023][T17559] dump_stack_lvl+0x16c/0x1f0 [ 737.269047][T17559] should_fail_ex+0x512/0x640 [ 737.269068][T17559] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 737.269091][T17559] should_failslab+0xc2/0x120 [ 737.269112][T17559] __kmalloc_node_noprof+0xe0/0x8a0 [ 737.269129][T17559] ? lockdep_init_map_type+0x5c/0x280 [ 737.269151][T17559] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 737.269172][T17559] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 737.269187][T17559] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 737.269203][T17559] ? __pfx_idr_alloc+0x10/0x10 [ 737.269225][T17559] loop_add+0x3b2/0xb70 [ 737.269246][T17559] ? __pfx_loop_add+0x10/0x10 [ 737.269277][T17559] ? find_held_lock+0x2b/0x80 [ 737.269297][T17559] loop_control_ioctl+0x13e/0x630 [ 737.269318][T17559] ? __pfx_loop_control_ioctl+0x10/0x10 [ 737.269341][T17559] ? __pfx_loop_control_ioctl+0x10/0x10 [ 737.269363][T17559] __x64_sys_ioctl+0x18b/0x210 [ 737.269386][T17559] do_syscall_64+0xcd/0x4b0 [ 737.269406][T17559] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 737.269421][T17559] RIP: 0033:0x7f7e7798eec9 [ 737.269433][T17559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 737.269448][T17559] RSP: 002b:00007f7e787a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 737.269462][T17559] RAX: ffffffffffffffda RBX: 00007f7e77be5fa0 RCX: 00007f7e7798eec9 [ 737.269472][T17559] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005 [ 737.269482][T17559] RBP: 00007f7e77a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 737.269498][T17559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 737.269507][T17559] R13: 00007f7e77be6038 R14: 00007f7e77be5fa0 R15: 00007ffe63411ec8 [ 737.269526][T17559] [ 739.009462][ T5851] Bluetooth: hci3: command 0x0406 tx timeout [ 739.455216][T17584] netlink: 268 bytes leftover after parsing attributes in process `syz.0.2817'. [ 740.188789][T17599] binder: 17597:17599 ioctl 40046210 0 returned -14 [ 743.545848][T17639] netlink: 'syz.0.2828': attribute type 11 has an invalid length. [ 743.665364][T17639] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2828'. [ 744.177242][T17639] netlink: 172 bytes leftover after parsing attributes in process `syz.0.2828'. [ 744.815380][T17650] binder: 17648:17650 ioctl c00c6211 0 returned -14 [ 745.383040][T17666] can: request_module (can-proto-4) failed. [ 745.420162][T17664] netlink: set zone limit has 8 unknown bytes [ 745.710297][T17674] FAULT_INJECTION: forcing a failure. [ 745.710297][T17674] name failslab, interval 1, probability 0, space 0, times 0 [ 745.839842][T17674] CPU: 0 UID: 0 PID: 17674 Comm: syz.0.2839 Not tainted syzkaller #0 PREEMPT(full) [ 745.839882][T17674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 745.839894][T17674] Call Trace: [ 745.839900][T17674] [ 745.839908][T17674] dump_stack_lvl+0x16c/0x1f0 [ 745.839938][T17674] should_fail_ex+0x512/0x640 [ 745.839970][T17674] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 745.839994][T17674] should_failslab+0xc2/0x120 [ 745.840018][T17674] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 745.840036][T17674] ? __d_alloc+0x32/0xae0 [ 745.840060][T17674] ? __d_alloc+0x32/0xae0 [ 745.840077][T17674] __d_alloc+0x32/0xae0 [ 745.840097][T17674] d_alloc_pseudo+0x1c/0xc0 [ 745.840135][T17674] alloc_file_pseudo+0xcf/0x230 [ 745.840163][T17674] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 745.840189][T17674] ? alloc_fd+0x471/0x7d0 [ 745.840209][T17674] sock_alloc_file+0x50/0x210 [ 745.840235][T17674] __sys_socket+0x1c0/0x260 [ 745.840254][T17674] ? __pfx___sys_socket+0x10/0x10 [ 745.840270][T17674] ? xfd_validate_state+0x61/0x180 [ 745.840285][T17674] ? __pfx_ksys_write+0x10/0x10 [ 745.840312][T17674] __x64_sys_socket+0x72/0xb0 [ 745.840330][T17674] ? lockdep_hardirqs_on+0x7c/0x110 [ 745.840351][T17674] do_syscall_64+0xcd/0x4b0 [ 745.840373][T17674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.840390][T17674] RIP: 0033:0x7f733818eec9 [ 745.840403][T17674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 745.840418][T17674] RSP: 002b:00007f7339054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 745.840436][T17674] RAX: ffffffffffffffda RBX: 00007f73383e5fa0 RCX: 00007f733818eec9 [ 745.840449][T17674] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 745.840459][T17674] RBP: 00007f7338211f91 R08: 0000000000000000 R09: 0000000000000000 [ 745.840468][T17674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.840477][T17674] R13: 00007f73383e6038 R14: 00007f73383e5fa0 R15: 00007fff2c7f4708 [ 745.840495][T17674] [ 746.421688][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 746.432934][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 749.242893][ T5852] Bluetooth: hci0: command 0x0406 tx timeout [ 750.130976][T17734] FAULT_INJECTION: forcing a failure. [ 750.130976][T17734] name failslab, interval 1, probability 0, space 0, times 0 [ 750.309009][T17734] CPU: 0 UID: 0 PID: 17734 Comm: syz.2.2850 Not tainted syzkaller #0 PREEMPT(full) [ 750.309035][T17734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 750.309045][T17734] Call Trace: [ 750.309051][T17734] [ 750.309059][T17734] dump_stack_lvl+0x16c/0x1f0 [ 750.309087][T17734] should_fail_ex+0x512/0x640 [ 750.309111][T17734] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 750.309132][T17734] should_failslab+0xc2/0x120 [ 750.309155][T17734] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 750.309172][T17734] ? __d_alloc+0x32/0xae0 [ 750.309196][T17734] ? __d_alloc+0x32/0xae0 [ 750.309213][T17734] __d_alloc+0x32/0xae0 [ 750.309242][T17734] d_alloc_pseudo+0x1c/0xc0 [ 750.309273][T17734] alloc_file_pseudo+0xcf/0x230 [ 750.309300][T17734] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 750.309323][T17734] ? alloc_fd+0x471/0x7d0 [ 750.309343][T17734] sock_alloc_file+0x50/0x210 [ 750.309368][T17734] __sys_socket+0x1c0/0x260 [ 750.309387][T17734] ? __pfx___sys_socket+0x10/0x10 [ 750.309404][T17734] ? xfd_validate_state+0x61/0x180 [ 750.309419][T17734] ? __pfx_ksys_write+0x10/0x10 [ 750.309439][T17734] __x64_sys_socket+0x72/0xb0 [ 750.309455][T17734] ? lockdep_hardirqs_on+0x7c/0x110 [ 750.309472][T17734] do_syscall_64+0xcd/0x4b0 [ 750.309491][T17734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 750.309507][T17734] RIP: 0033:0x7ff24ab8eec9 [ 750.309520][T17734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 750.309536][T17734] RSP: 002b:00007ff24ba50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 750.309552][T17734] RAX: ffffffffffffffda RBX: 00007ff24ade5fa0 RCX: 00007ff24ab8eec9 [ 750.309563][T17734] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 750.309572][T17734] RBP: 00007ff24ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 750.309581][T17734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 750.309590][T17734] R13: 00007ff24ade6038 R14: 00007ff24ade5fa0 R15: 00007ffd96137ac8 [ 750.309608][T17734] [ 751.250249][T17751] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2854'. [ 751.570834][T17754] usbip-vudc usbip-vudc.0: gadget not bound [ 751.706303][T17751] block nbd57: Unsupported socket: should be TCP or UNIX. [ 752.548935][T17772] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2859'. [ 754.056463][T17783] block2mtd: parameter too long [ 756.400779][T17789] Process accounting resumed [ 757.087353][T15584] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 761.146516][T17881] netlink: zone id is out of range [ 761.182759][T17881] netlink: del zone limit has 4 unknown bytes [ 761.485068][T17893] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2886'. [ 763.359271][T17949] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2889'. [ 769.572796][T18057] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 770.903228][T18082] FAULT_INJECTION: forcing a failure. [ 770.903228][T18082] name failslab, interval 1, probability 0, space 0, times 0 [ 771.081458][T18082] CPU: 0 UID: 0 PID: 18082 Comm: syz.4.2916 Not tainted syzkaller #0 PREEMPT(full) [ 771.081483][T18082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 771.081494][T18082] Call Trace: [ 771.081500][T18082] [ 771.081507][T18082] dump_stack_lvl+0x16c/0x1f0 [ 771.081531][T18082] should_fail_ex+0x512/0x640 [ 771.081552][T18082] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 771.081573][T18082] should_failslab+0xc2/0x120 [ 771.081594][T18082] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 771.081610][T18082] ? __lock_acquire+0xb97/0x1ce0 [ 771.081632][T18082] ? alloc_inode+0xc3/0x240 [ 771.081656][T18082] ? alloc_inode+0xc3/0x240 [ 771.081674][T18082] alloc_inode+0xc3/0x240 [ 771.081694][T18082] new_inode+0x22/0x1c0 [ 771.081717][T18082] configfs_new_inode+0x24/0x4a0 [ 771.081739][T18082] configfs_create+0xd9/0x3a0 [ 771.081762][T18082] configfs_lookup+0x38f/0x780 [ 771.081777][T18082] ? __pfx_configfs_lookup+0x10/0x10 [ 771.081791][T18082] lookup_open.isra.0+0x4d7/0x1580 [ 771.081810][T18082] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 771.081836][T18082] ? mnt_get_write_access+0x1e9/0x2f0 [ 771.081859][T18082] path_openat+0x893/0x2cb0 [ 771.081886][T18082] ? __pfx_path_openat+0x10/0x10 [ 771.081909][T18082] do_filp_open+0x20b/0x470 [ 771.081925][T18082] ? __pfx_do_filp_open+0x10/0x10 [ 771.081957][T18082] ? alloc_fd+0x471/0x7d0 [ 771.081978][T18082] do_sys_openat2+0x11b/0x1d0 [ 771.082001][T18082] ? __pfx_do_sys_openat2+0x10/0x10 [ 771.082030][T18082] __x64_sys_openat+0x174/0x210 [ 771.082052][T18082] ? __pfx___x64_sys_openat+0x10/0x10 [ 771.082084][T18082] ? syscall_user_dispatch+0x78/0x140 [ 771.082108][T18082] do_syscall_64+0xcd/0x4b0 [ 771.082129][T18082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 771.082144][T18082] RIP: 0033:0x7f530c18eec9 [ 771.082157][T18082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 771.082171][T18082] RSP: 002b:00007f530cfd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 771.082186][T18082] RAX: ffffffffffffffda RBX: 00007f530c3e6180 RCX: 00007f530c18eec9 [ 771.082196][T18082] RDX: 0000000000189002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 771.082205][T18082] RBP: 00007f530c211f91 R08: 0000000000000000 R09: 0000000000000000 [ 771.082214][T18082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 771.082223][T18082] R13: 00007f530c3e6218 R14: 00007f530c3e6180 R15: 00007ffeb2476b68 [ 771.082243][T18082] [ 776.359773][T18156] netlink: 274 bytes leftover after parsing attributes in process `syz.4.2931'. [ 778.215965][T18192] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 779.738448][T18194] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 780.860964][T18186] openvswitch: netlink: IP tunnel dst address not specified [ 785.987159][T18070] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow. [ 788.901138][T18302] Process accounting paused [ 790.381252][T18336] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2966'. [ 790.469447][T18337] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2965'. [ 790.650941][T18329] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2965'. [ 791.572612][T18315] openvswitch: netlink: IP tunnel dst address not specified [ 792.865526][ T30] audit: type=1800 audit(4294967422.220:27): pid=18353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2969" name="features" dev="configfs" ino=67379 res=0 errno=0 [ 796.630930][T18404] FAULT_INJECTION: forcing a failure. [ 796.630930][T18404] name failslab, interval 1, probability 0, space 0, times 0 [ 796.736698][T18404] CPU: 0 UID: 0 PID: 18404 Comm: syz.3.2979 Not tainted syzkaller #0 PREEMPT(full) [ 796.736723][T18404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 796.736732][T18404] Call Trace: [ 796.736738][T18404] [ 796.736744][T18404] dump_stack_lvl+0x16c/0x1f0 [ 796.736768][T18404] should_fail_ex+0x512/0x640 [ 796.736792][T18404] should_failslab+0xc2/0x120 [ 796.736813][T18404] kmem_cache_alloc_noprof+0x75/0x6e0 [ 796.736830][T18404] ? skb_clone+0x190/0x3f0 [ 796.736854][T18404] ? skb_clone+0x190/0x3f0 [ 796.736873][T18404] skb_clone+0x190/0x3f0 [ 796.736894][T18404] netlink_deliver_tap+0xabd/0xd30 [ 796.736920][T18404] netlink_dump+0xa5f/0xd30 [ 796.736943][T18404] ? __pfx_netlink_dump+0x10/0x10 [ 796.736977][T18404] netlink_recvmsg+0x7dc/0xa90 [ 796.736999][T18404] ? __pfx_netlink_recvmsg+0x10/0x10 [ 796.737022][T18404] ? iovec_from_user+0xbb/0x140 [ 796.737048][T18404] ____sys_recvmsg+0x5f9/0x6b0 [ 796.737067][T18404] ? __pfx_____sys_recvmsg+0x10/0x10 [ 796.737089][T18404] ? kfree+0x252/0x6d0 [ 796.737101][T18404] ? __lock_acquire+0x62e/0x1ce0 [ 796.737127][T18404] ___sys_recvmsg+0x114/0x1a0 [ 796.737149][T18404] ? __pfx____sys_recvmsg+0x10/0x10 [ 796.737183][T18404] ? __pfx___might_resched+0x10/0x10 [ 796.737205][T18404] do_recvmmsg+0x2fe/0x750 [ 796.737229][T18404] ? __pfx_do_recvmmsg+0x10/0x10 [ 796.737253][T18404] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 796.737283][T18404] ? __fget_files+0x20e/0x3c0 [ 796.737303][T18404] __x64_sys_recvmmsg+0x22a/0x280 [ 796.737325][T18404] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 796.737352][T18404] do_syscall_64+0xcd/0x4b0 [ 796.737371][T18404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 796.737386][T18404] RIP: 0033:0x7f7e7798eec9 [ 796.737398][T18404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 796.737413][T18404] RSP: 002b:00007f7e78781038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 796.737427][T18404] RAX: ffffffffffffffda RBX: 00007f7e77be6090 RCX: 00007f7e7798eec9 [ 796.737437][T18404] RDX: 000000000000010a RSI: 0000200000000180 RDI: 0000000000000003 [ 796.737446][T18404] RBP: 00007f7e78781090 R08: 0000000000000000 R09: 0000000000000000 [ 796.737455][T18404] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000002 [ 796.737463][T18404] R13: 00007f7e77be6128 R14: 00007f7e77be6090 R15: 00007ffe63411ec8 [ 796.737482][T18404] [ 797.537062][T18411] FAULT_INJECTION: forcing a failure. [ 797.537062][T18411] name failslab, interval 1, probability 0, space 0, times 0 [ 797.579428][T18411] CPU: 0 UID: 0 PID: 18411 Comm: syz.2.2982 Not tainted syzkaller #0 PREEMPT(full) [ 797.579453][T18411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 797.579463][T18411] Call Trace: [ 797.579469][T18411] [ 797.579476][T18411] dump_stack_lvl+0x16c/0x1f0 [ 797.579500][T18411] should_fail_ex+0x512/0x640 [ 797.579522][T18411] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 797.579543][T18411] should_failslab+0xc2/0x120 [ 797.579565][T18411] __kmalloc_node_noprof+0xe0/0x8a0 [ 797.579581][T18411] ? lockdep_init_map_type+0x5c/0x280 [ 797.579604][T18411] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 797.579625][T18411] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 797.579640][T18411] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 797.579657][T18411] ? __pfx_idr_alloc+0x10/0x10 [ 797.579679][T18411] loop_add+0x3b2/0xb70 [ 797.579699][T18411] ? __pfx_loop_add+0x10/0x10 [ 797.579730][T18411] ? find_held_lock+0x2b/0x80 [ 797.579750][T18411] loop_control_ioctl+0x13e/0x630 [ 797.579770][T18411] ? __pfx_loop_control_ioctl+0x10/0x10 [ 797.579791][T18411] ? __pfx_loop_control_ioctl+0x10/0x10 [ 797.579812][T18411] __x64_sys_ioctl+0x18b/0x210 [ 797.579835][T18411] do_syscall_64+0xcd/0x4b0 [ 797.579854][T18411] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 797.579869][T18411] RIP: 0033:0x7ff24ab8eec9 [ 797.579881][T18411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 797.579895][T18411] RSP: 002b:00007ff24ba50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 797.579910][T18411] RAX: ffffffffffffffda RBX: 00007ff24ade5fa0 RCX: 00007ff24ab8eec9 [ 797.579920][T18411] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 797.579929][T18411] RBP: 00007ff24ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 797.579937][T18411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 797.579946][T18411] R13: 00007ff24ade6038 R14: 00007ff24ade5fa0 R15: 00007ffd96137ac8 [ 797.579965][T18411] [ 798.576395][T18423] futex_wake_op: syz.4.2985 tries to shift op by -2048; fix this program [ 798.827622][T18426] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 799.311575][T18438] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2989'. [ 801.017846][T18459] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2991'. [ 804.015910][T18497] random: crng reseeded on system resumption [ 804.470902][T18508] netlink: 268 bytes leftover after parsing attributes in process `syz.2.3000'. [ 807.866825][T18544] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3007'. [ 808.010424][T18543] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3007'. [ 808.609794][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.616966][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.578401][T18570] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3014'. [ 811.889408][T18608] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 812.051705][T18614] FAULT_INJECTION: forcing a failure. [ 812.051705][T18614] name failslab, interval 1, probability 0, space 0, times 0 [ 812.138319][T18614] CPU: 0 UID: 0 PID: 18614 Comm: syz.0.3023 Not tainted syzkaller #0 PREEMPT(full) [ 812.138345][T18614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 812.138356][T18614] Call Trace: [ 812.138363][T18614] [ 812.138370][T18614] dump_stack_lvl+0x16c/0x1f0 [ 812.138397][T18614] should_fail_ex+0x512/0x640 [ 812.138421][T18614] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 812.138442][T18614] should_failslab+0xc2/0x120 [ 812.138464][T18614] __kmalloc_node_noprof+0xe0/0x8a0 [ 812.138480][T18614] ? lockdep_init_map_type+0x5c/0x280 [ 812.138503][T18614] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 812.138524][T18614] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 812.138538][T18614] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 812.138555][T18614] ? __pfx_idr_alloc+0x10/0x10 [ 812.138578][T18614] loop_add+0x3b2/0xb70 [ 812.138599][T18614] ? __pfx_loop_add+0x10/0x10 [ 812.138630][T18614] ? find_held_lock+0x2b/0x80 [ 812.138650][T18614] loop_control_ioctl+0x13e/0x630 [ 812.138670][T18614] ? __pfx_loop_control_ioctl+0x10/0x10 [ 812.138692][T18614] ? __pfx_loop_control_ioctl+0x10/0x10 [ 812.138712][T18614] __x64_sys_ioctl+0x18b/0x210 [ 812.138735][T18614] do_syscall_64+0xcd/0x4b0 [ 812.138754][T18614] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 812.138769][T18614] RIP: 0033:0x7f733818eec9 [ 812.138782][T18614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 812.138795][T18614] RSP: 002b:00007f7339033038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 812.138810][T18614] RAX: ffffffffffffffda RBX: 00007f73383e6090 RCX: 00007f733818eec9 [ 812.138820][T18614] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000008 [ 812.138829][T18614] RBP: 00007f7338211f91 R08: 0000000000000000 R09: 0000000000000000 [ 812.138838][T18614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 812.138846][T18614] R13: 00007f73383e6128 R14: 00007f73383e6090 R15: 00007fff2c7f4708 [ 812.138865][T18614] [ 812.388241][ C0] vkms_vblank_simulate: vblank timer overrun [ 813.714785][T18637] netlink: 268 bytes leftover after parsing attributes in process `syz.4.3024'. [ 813.896624][T18641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3031'. [ 814.585480][T18656] FAULT_INJECTION: forcing a failure. [ 814.585480][T18656] name failslab, interval 1, probability 0, space 0, times 0 [ 814.659016][T18656] CPU: 0 UID: 0 PID: 18656 Comm: syz.3.3034 Not tainted syzkaller #0 PREEMPT(full) [ 814.659040][T18656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 814.659051][T18656] Call Trace: [ 814.659056][T18656] [ 814.659064][T18656] dump_stack_lvl+0x16c/0x1f0 [ 814.659088][T18656] should_fail_ex+0x512/0x640 [ 814.659109][T18656] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 814.659136][T18656] should_failslab+0xc2/0x120 [ 814.659156][T18656] __kmalloc_node_noprof+0xe0/0x8a0 [ 814.659174][T18656] ? lockdep_init_map_type+0x5c/0x280 [ 814.659197][T18656] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 814.659218][T18656] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 814.659233][T18656] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 814.659249][T18656] ? __pfx_idr_alloc+0x10/0x10 [ 814.659271][T18656] loop_add+0x3b2/0xb70 [ 814.659291][T18656] ? __pfx_loop_add+0x10/0x10 [ 814.659322][T18656] ? find_held_lock+0x2b/0x80 [ 814.659341][T18656] loop_control_ioctl+0x13e/0x630 [ 814.659371][T18656] ? __pfx_loop_control_ioctl+0x10/0x10 [ 814.659394][T18656] ? __pfx_loop_control_ioctl+0x10/0x10 [ 814.659415][T18656] __x64_sys_ioctl+0x18b/0x210 [ 814.659441][T18656] do_syscall_64+0xcd/0x4b0 [ 814.659461][T18656] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 814.659476][T18656] RIP: 0033:0x7f7e7798eec9 [ 814.659489][T18656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 814.659503][T18656] RSP: 002b:00007f7e78781038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 814.659518][T18656] RAX: ffffffffffffffda RBX: 00007f7e77be6090 RCX: 00007f7e7798eec9 [ 814.659540][T18656] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000008 [ 814.659550][T18656] RBP: 00007f7e77a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 814.659559][T18656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 814.659568][T18656] R13: 00007f7e77be6128 R14: 00007f7e77be6090 R15: 00007ffe63411ec8 [ 814.659587][T18656] [ 814.927554][T18658] random: crng reseeded on system resumption [ 819.430386][T18693] Process accounting resumed [ 821.685740][T18727] kexec: Could not allocate control_code_buffer [ 822.836096][T18782] FAULT_INJECTION: forcing a failure. [ 822.836096][T18782] name failslab, interval 1, probability 0, space 0, times 0 [ 822.899993][T18780] FAULT_INJECTION: forcing a failure. [ 822.899993][T18780] name failslab, interval 1, probability 0, space 0, times 0 [ 822.924877][T18782] CPU: 0 UID: 0 PID: 18782 Comm: syz.3.3055 Not tainted syzkaller #0 PREEMPT(full) [ 822.924899][T18782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 822.924909][T18782] Call Trace: [ 822.924914][T18782] [ 822.924921][T18782] dump_stack_lvl+0x16c/0x1f0 [ 822.924945][T18782] should_fail_ex+0x512/0x640 [ 822.924965][T18782] ? __kmalloc_cache_noprof+0x5f/0x780 [ 822.924983][T18782] should_failslab+0xc2/0x120 [ 822.925004][T18782] __kmalloc_cache_noprof+0x72/0x780 [ 822.925017][T18782] ? __thp_vma_allowable_orders+0x1c8/0xcd0 [ 822.925038][T18782] ? madvise_collapse+0x1a9/0xab0 [ 822.925061][T18782] ? madvise_collapse+0x1a9/0xab0 [ 822.925080][T18782] madvise_collapse+0x1a9/0xab0 [ 822.925104][T18782] ? find_held_lock+0x2b/0x80 [ 822.925122][T18782] ? __pfx_madvise_collapse+0x10/0x10 [ 822.925142][T18782] ? is_bpf_text_address+0x8a/0x1a0 [ 822.925163][T18782] ? bpf_ksym_find+0x101/0x1c0 [ 822.925185][T18782] madvise_vma_behavior+0x1096/0x2d50 [ 822.925209][T18782] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 822.925227][T18782] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 822.925248][T18782] ? mas_prev+0x9b/0xf0 [ 822.925265][T18782] ? __pfx_mas_prev+0x10/0x10 [ 822.925288][T18782] ? find_vma_prev+0xd3/0x150 [ 822.925308][T18782] ? __pfx_find_vma_prev+0x10/0x10 [ 822.925337][T18782] madvise_walk_vmas+0x31f/0x9c0 [ 822.925361][T18782] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 822.925388][T18782] madvise_do_behavior+0x1e2/0x530 [ 822.925411][T18782] ? __pfx_madvise_do_behavior+0x10/0x10 [ 822.925433][T18782] ? down_read+0x13d/0x480 [ 822.925462][T18782] do_madvise+0x176/0x240 [ 822.925482][T18782] ? __pfx_do_madvise+0x10/0x10 [ 822.925505][T18782] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 822.925528][T18782] ? __fget_files+0x20e/0x3c0 [ 822.925550][T18782] ? __pfx_ksys_write+0x10/0x10 [ 822.925570][T18782] __x64_sys_madvise+0xa9/0x110 [ 822.925590][T18782] ? lockdep_hardirqs_on+0x7c/0x110 [ 822.925606][T18782] do_syscall_64+0xcd/0x4b0 [ 822.925624][T18782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 822.925640][T18782] RIP: 0033:0x7f7e7798eec9 [ 822.925652][T18782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 822.925666][T18782] RSP: 002b:00007f7e78760038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 822.925680][T18782] RAX: ffffffffffffffda RBX: 00007f7e77be6180 RCX: 00007f7e7798eec9 [ 822.925690][T18782] RDX: 0000000000000019 RSI: 0000000000200007 RDI: 0000000000000000 [ 822.925698][T18782] RBP: 00007f7e78760090 R08: 0000000000000000 R09: 0000000000000000 [ 822.925707][T18782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 822.925716][T18782] R13: 00007f7e77be6218 R14: 00007f7e77be6180 R15: 00007ffe63411ec8 [ 822.925735][T18782] [ 823.477778][T18780] CPU: 0 UID: 0 PID: 18780 Comm: syz.0.3057 Not tainted syzkaller #0 PREEMPT(full) [ 823.477804][T18780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 823.477818][T18780] Call Trace: [ 823.477826][T18780] [ 823.477833][T18780] dump_stack_lvl+0x16c/0x1f0 [ 823.477859][T18780] should_fail_ex+0x512/0x640 [ 823.477880][T18780] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 823.477902][T18780] should_failslab+0xc2/0x120 [ 823.477924][T18780] __kmalloc_node_noprof+0xe0/0x8a0 [ 823.477941][T18780] ? lockdep_init_map_type+0x5c/0x280 [ 823.477964][T18780] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 823.477985][T18780] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 823.478000][T18780] blk_mq_alloc_tag_set+0x577/0x12e0 [ 823.478017][T18780] ? idr_alloc_u32+0x263/0x2f0 [ 823.478038][T18780] loop_add+0x3b2/0xb70 [ 823.478060][T18780] ? __pfx_loop_add+0x10/0x10 [ 823.478090][T18780] ? find_held_lock+0x2b/0x80 [ 823.478110][T18780] loop_control_ioctl+0x13e/0x630 [ 823.478130][T18780] ? __pfx_loop_control_ioctl+0x10/0x10 [ 823.478154][T18780] ? __pfx_loop_control_ioctl+0x10/0x10 [ 823.478176][T18780] __x64_sys_ioctl+0x18b/0x210 [ 823.478200][T18780] do_syscall_64+0xcd/0x4b0 [ 823.478219][T18780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 823.478236][T18780] RIP: 0033:0x7f733818eec9 [ 823.478248][T18780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 823.478263][T18780] RSP: 002b:00007f7339054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 823.478277][T18780] RAX: ffffffffffffffda RBX: 00007f73383e5fa0 RCX: 00007f733818eec9 [ 823.478287][T18780] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 823.478295][T18780] RBP: 00007f7338211f91 R08: 0000000000000000 R09: 0000000000000000 [ 823.478304][T18780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 823.478312][T18780] R13: 00007f73383e6038 R14: 00007f73383e5fa0 R15: 00007fff2c7f4708 [ 823.478331][T18780] [ 825.173341][T18818] Falling back ldisc for ttyS2. [ 825.482885][T18802] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3061'. [ 825.912797][T18830] FAULT_INJECTION: forcing a failure. [ 825.912797][T18830] name failslab, interval 1, probability 0, space 0, times 0 [ 826.023982][T18830] CPU: 0 UID: 0 PID: 18830 Comm: syz.0.3067 Not tainted syzkaller #0 PREEMPT(full) [ 826.024008][T18830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 826.024019][T18830] Call Trace: [ 826.024026][T18830] [ 826.024033][T18830] dump_stack_lvl+0x16c/0x1f0 [ 826.024059][T18830] should_fail_ex+0x512/0x640 [ 826.024081][T18830] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 826.024104][T18830] should_failslab+0xc2/0x120 [ 826.024125][T18830] __kmalloc_node_noprof+0xe0/0x8a0 [ 826.024143][T18830] ? lockdep_init_map_type+0x5c/0x280 [ 826.024167][T18830] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 826.024188][T18830] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 826.024203][T18830] blk_mq_alloc_tag_set+0x577/0x12e0 [ 826.024220][T18830] ? idr_alloc_u32+0x263/0x2f0 [ 826.024241][T18830] loop_add+0x3b2/0xb70 [ 826.024262][T18830] ? __pfx_loop_add+0x10/0x10 [ 826.024293][T18830] ? find_held_lock+0x2b/0x80 [ 826.024312][T18830] loop_control_ioctl+0x13e/0x630 [ 826.024333][T18830] ? __pfx_loop_control_ioctl+0x10/0x10 [ 826.024355][T18830] ? __pfx_loop_control_ioctl+0x10/0x10 [ 826.024376][T18830] __x64_sys_ioctl+0x18b/0x210 [ 826.024400][T18830] do_syscall_64+0xcd/0x4b0 [ 826.024420][T18830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 826.024436][T18830] RIP: 0033:0x7f733818eec9 [ 826.024449][T18830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 826.024464][T18830] RSP: 002b:00007f7339054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 826.024480][T18830] RAX: ffffffffffffffda RBX: 00007f73383e5fa0 RCX: 00007f733818eec9 [ 826.024497][T18830] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 826.024507][T18830] RBP: 00007f7338211f91 R08: 0000000000000000 R09: 0000000000000000 [ 826.024517][T18830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 826.024526][T18830] R13: 00007f73383e6038 R14: 00007f73383e5fa0 R15: 00007fff2c7f4708 [ 826.024547][T18830] [ 827.631847][T18864] netlink: 268 bytes leftover after parsing attributes in process `syz.3.3070'. [ 827.657384][T18868] netlink: 268 bytes leftover after parsing attributes in process `syz.2.3071'. [ 828.874150][T18884] FAULT_INJECTION: forcing a failure. [ 828.874150][T18884] name failslab, interval 1, probability 0, space 0, times 0 [ 828.968382][T18884] CPU: 0 UID: 0 PID: 18884 Comm: syz.0.3075 Not tainted syzkaller #0 PREEMPT(full) [ 828.968408][T18884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 828.968419][T18884] Call Trace: [ 828.968424][T18884] [ 828.968431][T18884] dump_stack_lvl+0x16c/0x1f0 [ 828.968456][T18884] should_fail_ex+0x512/0x640 [ 828.968482][T18884] should_failslab+0xc2/0x120 [ 828.968504][T18884] kmem_cache_alloc_noprof+0x75/0x6e0 [ 828.968522][T18884] ? skb_clone+0x190/0x3f0 [ 828.968547][T18884] ? skb_clone+0x190/0x3f0 [ 828.968566][T18884] skb_clone+0x190/0x3f0 [ 828.968588][T18884] netlink_deliver_tap+0xabd/0xd30 [ 828.968614][T18884] netlink_unicast+0x64c/0x870 [ 828.968638][T18884] ? __pfx_netlink_unicast+0x10/0x10 [ 828.968668][T18884] netlink_sendmsg+0x8c8/0xdd0 [ 828.968693][T18884] ? __pfx_netlink_sendmsg+0x10/0x10 [ 828.968717][T18884] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 828.968741][T18884] __sys_sendto+0x4a0/0x520 [ 828.968761][T18884] ? __pfx___sys_sendto+0x10/0x10 [ 828.968786][T18884] ? find_held_lock+0x2b/0x80 [ 828.968818][T18884] __x64_sys_sendto+0xe0/0x1c0 [ 828.968836][T18884] ? do_syscall_64+0x91/0x4b0 [ 828.968854][T18884] ? lockdep_hardirqs_on+0x7c/0x110 [ 828.968870][T18884] do_syscall_64+0xcd/0x4b0 [ 828.968888][T18884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 828.968904][T18884] RIP: 0033:0x7f7338190d5c [ 828.968918][T18884] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 828.968932][T18884] RSP: 002b:00007f7339052ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 828.968946][T18884] RAX: ffffffffffffffda RBX: 00007f7339052fc0 RCX: 00007f7338190d5c [ 828.968956][T18884] RDX: 000000000000001c RSI: 00007f7339053010 RDI: 0000000000000007 [ 828.968964][T18884] RBP: 0000000000000000 R08: 00007f7339052f14 R09: 000000000000000c [ 828.968973][T18884] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000007 [ 828.968981][T18884] R13: 00007f7339052f68 R14: 00007f7339053010 R15: 0000000000000000 [ 828.969000][T18884] [ 829.288053][T18893] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 829.371425][T18894] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3074'. [ 829.474643][T18881] zswap: compressor not available [ 832.378637][T18937] __vm_enough_memory: pid: 18937, comm: syz.2.3086, bytes: 4398046511104 not enough memory for the allocation [ 832.611177][T18940] netlink: 268 bytes leftover after parsing attributes in process `syz.0.3085'. [ 833.421237][T18965] FAULT_INJECTION: forcing a failure. [ 833.421237][T18965] name failslab, interval 1, probability 0, space 0, times 0 [ 833.502384][T18965] CPU: 0 UID: 0 PID: 18965 Comm: syz.3.3091 Not tainted syzkaller #0 PREEMPT(full) [ 833.502409][T18965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 833.502421][T18965] Call Trace: [ 833.502427][T18965] [ 833.502434][T18965] dump_stack_lvl+0x16c/0x1f0 [ 833.502464][T18965] should_fail_ex+0x512/0x640 [ 833.502489][T18965] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 833.502514][T18965] should_failslab+0xc2/0x120 [ 833.502536][T18965] __kmalloc_node_noprof+0xe0/0x8a0 [ 833.502555][T18965] ? lockdep_init_map_type+0x5c/0x280 [ 833.502578][T18965] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 833.502599][T18965] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 833.502615][T18965] blk_mq_alloc_tag_set+0x577/0x12e0 [ 833.502632][T18965] ? idr_alloc_u32+0x263/0x2f0 [ 833.502653][T18965] loop_add+0x3b2/0xb70 [ 833.502674][T18965] ? __pfx_loop_add+0x10/0x10 [ 833.502705][T18965] ? find_held_lock+0x2b/0x80 [ 833.502736][T18965] loop_control_ioctl+0x13e/0x630 [ 833.502760][T18965] ? __pfx_loop_control_ioctl+0x10/0x10 [ 833.502786][T18965] ? __pfx_loop_control_ioctl+0x10/0x10 [ 833.502810][T18965] __x64_sys_ioctl+0x18b/0x210 [ 833.502836][T18965] do_syscall_64+0xcd/0x4b0 [ 833.502855][T18965] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 833.502870][T18965] RIP: 0033:0x7f7e7798eec9 [ 833.502884][T18965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 833.502898][T18965] RSP: 002b:00007f7e78781038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 833.502912][T18965] RAX: ffffffffffffffda RBX: 00007f7e77be6090 RCX: 00007f7e7798eec9 [ 833.502922][T18965] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000008 [ 833.502931][T18965] RBP: 00007f7e77a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 833.502940][T18965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 833.502949][T18965] R13: 00007f7e77be6128 R14: 00007f7e77be6090 R15: 00007ffe63411ec8 [ 833.502967][T18965] [ 834.419771][T18989] netlink: 504 bytes leftover after parsing attributes in process `syz.4.3096'. [ 834.512316][T18990] netlink: 504 bytes leftover after parsing attributes in process `syz.4.3096'. [ 835.236566][T19007] FAULT_INJECTION: forcing a failure. [ 835.236566][T19007] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 835.314732][T19007] CPU: 0 UID: 0 PID: 19007 Comm: syz.0.3101 Not tainted syzkaller #0 PREEMPT(full) [ 835.314756][T19007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 835.314765][T19007] Call Trace: [ 835.314771][T19007] [ 835.314777][T19007] dump_stack_lvl+0x16c/0x1f0 [ 835.314800][T19007] should_fail_ex+0x512/0x640 [ 835.314823][T19007] _copy_from_user+0x2e/0xd0 [ 835.314845][T19007] copy_msghdr_from_user+0x98/0x160 [ 835.314868][T19007] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 835.314891][T19007] ? kfree+0x252/0x6d0 [ 835.314908][T19007] ? __lock_acquire+0x62e/0x1ce0 [ 835.314934][T19007] ___sys_recvmsg+0xdb/0x1a0 [ 835.314954][T19007] ? __pfx____sys_recvmsg+0x10/0x10 [ 835.314990][T19007] ? __pfx___might_resched+0x10/0x10 [ 835.315012][T19007] do_recvmmsg+0x2fe/0x750 [ 835.315039][T19007] ? __pfx_do_recvmmsg+0x10/0x10 [ 835.315063][T19007] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 835.315087][T19007] ? __fget_files+0x20e/0x3c0 [ 835.315107][T19007] __x64_sys_recvmmsg+0x22a/0x280 [ 835.315130][T19007] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 835.315156][T19007] do_syscall_64+0xcd/0x4b0 [ 835.315175][T19007] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 835.315190][T19007] RIP: 0033:0x7f733818eec9 [ 835.315202][T19007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 835.315216][T19007] RSP: 002b:00007f7339054038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 835.315233][T19007] RAX: ffffffffffffffda RBX: 00007f73383e5fa0 RCX: 00007f733818eec9 [ 835.315243][T19007] RDX: 000000000000010a RSI: 0000200000000180 RDI: 0000000000000003 [ 835.315252][T19007] RBP: 00007f7339054090 R08: 0000000000000000 R09: 0000000000000000 [ 835.315261][T19007] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000002 [ 835.315270][T19007] R13: 00007f73383e6038 R14: 00007f73383e5fa0 R15: 00007fff2c7f4708 [ 835.315288][T19007] [ 835.804692][T19021] bridge0: port 4(gretap0) entered blocking state [ 835.819282][T19021] bridge0: port 4(gretap0) entered disabled state [ 835.833283][T19021] gretap0: entered allmulticast mode [ 835.841290][T19021] gretap0: entered promiscuous mode [ 835.884201][T19021] bridge0: port 4(gretap0) entered blocking state [ 835.892600][T19021] bridge0: port 4(gretap0) entered forwarding state [ 835.920652][T19022] netlink: 268 bytes leftover after parsing attributes in process `syz.2.3103'. [ 835.957585][T19025] netlink: 62 bytes leftover after parsing attributes in process `syz.0.3106'. [ 835.990756][T19025] netlink: 62 bytes leftover after parsing attributes in process `syz.0.3106'. [ 836.013797][T19025] netlink: 62 bytes leftover after parsing attributes in process `syz.0.3106'. [ 836.062628][T19025] netlink: 62 bytes leftover after parsing attributes in process `syz.0.3106'. [ 836.086745][T19025] netlink: 62 bytes leftover after parsing attributes in process `syz.0.3106'. [ 836.336208][T19033] random: crng reseeded on system resumption [ 837.948854][T19065] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3116'. [ 838.803759][T19084] netlink: 268 bytes leftover after parsing attributes in process `syz.2.3119'. [ 839.419843][T19104] FAULT_INJECTION: forcing a failure. [ 839.419843][T19104] name failslab, interval 1, probability 0, space 0, times 0 [ 839.461748][T19104] CPU: 0 UID: 0 PID: 19104 Comm: syz.3.3123 Not tainted syzkaller #0 PREEMPT(full) [ 839.461774][T19104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 839.461784][T19104] Call Trace: [ 839.461790][T19104] [ 839.461797][T19104] dump_stack_lvl+0x16c/0x1f0 [ 839.461823][T19104] should_fail_ex+0x512/0x640 [ 839.461844][T19104] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 839.461867][T19104] should_failslab+0xc2/0x120 [ 839.461888][T19104] __kmalloc_node_noprof+0xe0/0x8a0 [ 839.461904][T19104] ? lockdep_init_map_type+0x5c/0x280 [ 839.461927][T19104] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 839.461948][T19104] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 839.461963][T19104] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 839.461980][T19104] ? __pfx_idr_alloc+0x10/0x10 [ 839.462001][T19104] loop_add+0x3b2/0xb70 [ 839.462022][T19104] ? __pfx_loop_add+0x10/0x10 [ 839.462053][T19104] ? find_held_lock+0x2b/0x80 [ 839.462072][T19104] loop_control_ioctl+0x13e/0x630 [ 839.462093][T19104] ? __pfx_loop_control_ioctl+0x10/0x10 [ 839.462126][T19104] ? __pfx_loop_control_ioctl+0x10/0x10 [ 839.462149][T19104] __x64_sys_ioctl+0x18b/0x210 [ 839.462177][T19104] do_syscall_64+0xcd/0x4b0 [ 839.462198][T19104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 839.462214][T19104] RIP: 0033:0x7f7e7798eec9 [ 839.462227][T19104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 839.462242][T19104] RSP: 002b:00007f7e787a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 839.462257][T19104] RAX: ffffffffffffffda RBX: 00007f7e77be5fa0 RCX: 00007f7e7798eec9 [ 839.462266][T19104] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 839.462276][T19104] RBP: 00007f7e77a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 839.462285][T19104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 839.462294][T19104] R13: 00007f7e77be6038 R14: 00007f7e77be5fa0 R15: 00007ffe63411ec8 [ 839.462314][T19104] [ 839.674620][ C0] vkms_vblank_simulate: vblank timer overrun [ 841.265663][T19145] netlink: 268 bytes leftover after parsing attributes in process `syz.2.3134'. [ 842.076528][T19159] FAULT_INJECTION: forcing a failure. [ 842.076528][T19159] name failslab, interval 1, probability 0, space 0, times 0 [ 842.175335][T19159] CPU: 0 UID: 0 PID: 19159 Comm: syz.3.3139 Not tainted syzkaller #0 PREEMPT(full) [ 842.175365][T19159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 842.175377][T19159] Call Trace: [ 842.175384][T19159] [ 842.175392][T19159] dump_stack_lvl+0x16c/0x1f0 [ 842.175420][T19159] should_fail_ex+0x512/0x640 [ 842.175444][T19159] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 842.175469][T19159] should_failslab+0xc2/0x120 [ 842.175495][T19159] __kmalloc_node_noprof+0xe0/0x8a0 [ 842.175515][T19159] ? lockdep_init_map_type+0x5c/0x280 [ 842.175539][T19159] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 842.175560][T19159] ? blk_mq_alloc_tag_set+0x577/0x12e0 [ 842.175576][T19159] blk_mq_alloc_tag_set+0x577/0x12e0 [ 842.175594][T19159] ? idr_alloc_u32+0x263/0x2f0 [ 842.175618][T19159] loop_add+0x3b2/0xb70 [ 842.175640][T19159] ? __pfx_loop_add+0x10/0x10 [ 842.175671][T19159] ? find_held_lock+0x2b/0x80 [ 842.175691][T19159] loop_control_ioctl+0x13e/0x630 [ 842.175721][T19159] ? __pfx_loop_control_ioctl+0x10/0x10 [ 842.175747][T19159] ? __pfx_loop_control_ioctl+0x10/0x10 [ 842.175771][T19159] __x64_sys_ioctl+0x18b/0x210 [ 842.175802][T19159] do_syscall_64+0xcd/0x4b0 [ 842.175825][T19159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 842.175841][T19159] RIP: 0033:0x7f7e7798eec9 [ 842.175854][T19159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 842.175869][T19159] RSP: 002b:00007f7e787a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 842.175889][T19159] RAX: ffffffffffffffda RBX: 00007f7e77be5fa0 RCX: 00007f7e7798eec9 [ 842.175900][T19159] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 842.175909][T19159] RBP: 00007f7e77a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 842.175918][T19159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 842.175927][T19159] R13: 00007f7e77be6038 R14: 00007f7e77be5fa0 R15: 00007ffe63411ec8 [ 842.175945][T19159] [ 842.743124][T19171] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input22 [ 842.778649][T19171] FAULT_INJECTION: forcing a failure. [ 842.778649][T19171] name failslab, interval 1, probability 0, space 0, times 0 [ 842.795722][T19171] CPU: 0 UID: 0 PID: 19171 Comm: syz.3.3143 Not tainted syzkaller #0 PREEMPT(full) [ 842.795750][T19171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 842.795770][T19171] Call Trace: [ 842.795777][T19171] [ 842.795785][T19171] dump_stack_lvl+0x16c/0x1f0 [ 842.795815][T19171] should_fail_ex+0x512/0x640 [ 842.795841][T19171] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 842.795864][T19171] should_failslab+0xc2/0x120 [ 842.795891][T19171] kmem_cache_alloc_noprof+0x75/0x6e0 [ 842.795906][T19171] ? __asan_memcpy+0x3c/0x60 [ 842.795921][T19171] ? __kernfs_new_node+0xd2/0x8e0 [ 842.795945][T19171] ? __kernfs_new_node+0xd2/0x8e0 [ 842.795962][T19171] __kernfs_new_node+0xd2/0x8e0 [ 842.795983][T19171] ? __pfx___kernfs_new_node+0x10/0x10 [ 842.796008][T19171] ? find_held_lock+0x2b/0x80 [ 842.796026][T19171] ? kernfs_root+0xee/0x2a0 [ 842.796049][T19171] kernfs_new_node+0x13c/0x1e0 [ 842.796074][T19171] kernfs_create_dir_ns+0x4c/0x1a0 [ 842.796098][T19171] sysfs_create_dir_ns+0x13a/0x2b0 [ 842.796117][T19171] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 842.796134][T19171] ? find_held_lock+0x2b/0x80 [ 842.796154][T19171] ? do_raw_spin_unlock+0x172/0x230 [ 842.796171][T19171] kobject_add_internal+0x2c4/0x9b0 [ 842.796194][T19171] kobject_add+0x16e/0x240 [ 842.796213][T19171] ? __pfx_kobject_add+0x10/0x10 [ 842.796234][T19171] ? do_raw_spin_unlock+0x172/0x230 [ 842.796249][T19171] ? kobject_put+0xab/0x5a0 [ 842.796273][T19171] device_add+0x288/0x1aa0 [ 842.796294][T19171] ? __pfx_device_add+0x10/0x10 [ 842.796310][T19171] ? __pfx_exact_lock+0x10/0x10 [ 842.796331][T19171] ? kobject_get+0xbb/0x150 [ 842.796351][T19171] cdev_device_add+0xc2/0x1e0 [ 842.796372][T19171] evdev_connect+0x3a4/0x4c0 [ 842.796395][T19171] input_attach_handler.isra.0+0x176/0x250 [ 842.796416][T19171] input_register_device+0xab9/0x1180 [ 842.796436][T19171] ? input_ff_create+0x161/0x350 [ 842.796460][T19171] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 842.796479][T19171] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 842.796505][T19171] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 842.796526][T19171] ? find_held_lock+0x2b/0x80 [ 842.796553][T19171] ? __pfx_uinput_ioctl+0x10/0x10 [ 842.796568][T19171] __x64_sys_ioctl+0x18b/0x210 [ 842.796592][T19171] do_syscall_64+0xcd/0x4b0 [ 842.796613][T19171] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 842.796629][T19171] RIP: 0033:0x7f7e7798eec9 [ 842.796643][T19171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 842.796658][T19171] RSP: 002b:00007f7e787a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 842.796673][T19171] RAX: ffffffffffffffda RBX: 00007f7e77be5fa0 RCX: 00007f7e7798eec9 [ 842.796684][T19171] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000006 [ 842.796699][T19171] RBP: 00007f7e77a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 842.796709][T19171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 842.796719][T19171] R13: 00007f7e77be6038 R14: 00007f7e77be5fa0 R15: 00007ffe63411ec8 [ 842.796739][T19171] [ 842.796796][T19171] kobject: kobject_add_internal failed for event4 (error: -12 parent: input22) [ 843.177784][ T5852] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 843.210617][ T5852] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 843.239131][ T5851] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 843.300831][ T5851] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 843.336508][ T5851] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 843.911252][T19171] input: failed to attach handler evdev to device input22, error: -12 [ 843.979292][T19190] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3147'. [ 844.029526][T19190] bridge0: port 2(bridge_slave_1) entered disabled state [ 844.176292][T19190] bridge_slave_1 (unregistering): left allmulticast mode [ 844.195420][T19190] bridge_slave_1 (unregistering): left promiscuous mode [ 844.220526][T19190] bridge0: port 2(bridge_slave_1) entered disabled state [ 844.294349][T19162] chnl_net:caif_netlink_parms(): no params data found [ 844.347909][T19196] FAULT_INJECTION: forcing a failure. [ 844.347909][T19196] name failslab, interval 1, probability 0, space 0, times 0 [ 844.476484][T19196] CPU: 0 UID: 0 PID: 19196 Comm: syz.2.3147 Not tainted syzkaller #0 PREEMPT(full) [ 844.476525][T19196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 844.476536][T19196] Call Trace: [ 844.476543][T19196] [ 844.476550][T19196] dump_stack_lvl+0x16c/0x1f0 [ 844.476577][T19196] should_fail_ex+0x512/0x640 [ 844.476599][T19196] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 844.476622][T19196] should_failslab+0xc2/0x120 [ 844.476644][T19196] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 844.476664][T19196] ? sysctl_route_net_init+0x42/0x2c0 [ 844.476682][T19196] ? __pfx_sysctl_route_net_init+0x10/0x10 [ 844.476697][T19196] ? kmemdup_noprof+0x29/0x60 [ 844.476713][T19196] kmemdup_noprof+0x29/0x60 [ 844.476729][T19196] sysctl_route_net_init+0x42/0x2c0 [ 844.476745][T19196] ? __pfx_sysctl_route_net_init+0x10/0x10 [ 844.476761][T19196] ops_init+0x1e2/0x5f0 [ 844.476785][T19196] setup_net+0x100/0x390 [ 844.476806][T19196] ? __pfx_setup_net+0x10/0x10 [ 844.476829][T19196] ? debug_mutex_init+0x37/0x70 [ 844.476848][T19196] copy_net_ns+0x2f8/0x690 [ 844.476865][T19196] create_new_namespaces+0x3ea/0xa90 [ 844.476888][T19196] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 844.476909][T19196] ksys_unshare+0x45b/0xa40 [ 844.476930][T19196] ? __pfx_ksys_unshare+0x10/0x10 [ 844.476951][T19196] ? xfd_validate_state+0x61/0x180 [ 844.476971][T19196] __x64_sys_unshare+0x31/0x40 [ 844.476991][T19196] do_syscall_64+0xcd/0x4b0 [ 844.477011][T19196] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 844.477025][T19196] RIP: 0033:0x7ff24ab8eec9 [ 844.477038][T19196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 844.477052][T19196] RSP: 002b:00007ff24ba0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 844.477066][T19196] RAX: ffffffffffffffda RBX: 00007ff24ade6180 RCX: 00007ff24ab8eec9 [ 844.477076][T19196] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 844.477085][T19196] RBP: 00007ff24ac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 844.477094][T19196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 844.477102][T19196] R13: 00007ff24ade6218 R14: 00007ff24ade6180 R15: 00007ffd96137ac8 [ 844.477121][T19196] [ 845.395239][T19162] bridge0: port 1(bridge_slave_0) entered blocking state [ 845.403231][ T5851] Bluetooth: hci1: command tx timeout [ 845.439697][T19162] bridge0: port 1(bridge_slave_0) entered disabled state [ 845.485649][T19162] bridge_slave_0: entered allmulticast mode [ 845.518721][T19162] bridge_slave_0: entered promiscuous mode [ 845.569441][T19162] bridge0: port 2(bridge_slave_1) entered blocking state [ 845.615452][T19162] bridge0: port 2(bridge_slave_1) entered disabled state [ 845.657574][T19162] bridge_slave_1: entered allmulticast mode [ 845.713422][T19162] bridge_slave_1: entered promiscuous mode [ 846.114455][T19162] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 846.186396][T19162] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 846.428758][T19162] team0: Port device team_slave_0 added [ 846.475312][T19162] team0: Port device team_slave_1 added [ 846.578757][T19232] [ 846.581770][T19232] ====================================================== [ 846.589405][T19232] WARNING: possible circular locking dependency detected [ 846.596872][T19232] syzkaller #0 Not tainted [ 846.602337][T19232] ------------------------------------------------------ [ 846.609848][T19232] syz.0.3156/19232 is trying to acquire lock: [ 846.616438][T19232] ffff8880721c60e8 (&resv_map->rw_sema){++++}-{4:4}, at: hugetlb_vma_lock_read+0xff/0x130 [ 846.626465][T19232] [ 846.626465][T19232] but task is already holding lock: [ 846.633851][T19232] ffff888143ea6728 (&hugetlb_fault_mutex_table[i]){+.+.}-{4:4}, at: hugetlb_fault+0x302/0x2f40 [ 846.644593][T19232] [ 846.644593][T19232] which lock already depends on the new lock. [ 846.644593][T19232] [ 846.655220][T19232] [ 846.655220][T19232] the existing dependency chain (in reverse order) is: [ 846.666975][T19232] [ 846.666975][T19232] -> #8 (&hugetlb_fault_mutex_table[i]){+.+.}-{4:4}: [ 846.679450][T19232] __mutex_lock+0x193/0x1060 [ 846.687251][T19232] hugetlb_fault+0x302/0x2f40 [ 846.694988][T19232] handle_mm_fault+0xbfa/0xd10 [ 846.701736][T19232] do_user_addr_fault+0x7a6/0x1370 [ 846.710634][T19232] exc_page_fault+0x5c/0xb0 [ 846.717496][T19232] asm_exc_page_fault+0x26/0x30 [ 846.722989][T19232] rep_movs_alternative+0x4a/0x90 [ 846.728562][T19232] _copy_from_user+0x98/0xd0 [ 846.733703][T19232] csum_and_copy_from_iter_full+0x21a/0x1f90 [ 846.740215][T19232] ip_generic_getfrag+0x170/0x270 [ 846.745768][T19232] raw_getfrag+0x22d/0x2a0 [ 846.750711][T19232] __ip_append_data+0x34ec/0x41a0 [ 846.756266][T19232] ip_append_data+0x10f/0x1a0 [ 846.761545][T19232] raw_sendmsg+0xeee/0x38b0 [ 846.766570][T19232] inet_sendmsg+0x119/0x140 [ 846.772303][T19232] ____sys_sendmsg+0x973/0xc70 [ 846.777862][T19232] ___sys_sendmsg+0x134/0x1d0 [ 846.783331][T19232] __sys_sendmmsg+0x200/0x420 [ 846.788805][T19232] __x64_sys_sendmmsg+0x9c/0x100 [ 846.794265][T19232] do_syscall_64+0xcd/0x4b0 [ 846.799478][T19232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 846.806299][T19232] [ 846.806299][T19232] -> #7 (sk_lock-AF_INET){+.+.}-{0:0}: [ 846.814031][T19232] lock_sock_nested+0x41/0xf0 [ 846.819242][T19232] inet_shutdown+0x67/0x440 [ 846.824429][T19232] nbd_mark_nsock_dead+0xae/0x5d0 [ 846.830320][T19232] recv_work+0x671/0xa80 [ 846.835181][T19232] process_one_work+0x9cc/0x1b70 [ 846.841059][T19232] worker_thread+0x6c8/0xf10 [ 846.846631][T19232] kthread+0x3c5/0x780 [ 846.851597][T19232] ret_from_fork+0x56a/0x730 [ 846.856708][T19232] ret_from_fork_asm+0x1a/0x30 [ 846.861987][T19232] [ 846.861987][T19232] -> #6 (&nsock->tx_lock){+.+.}-{4:4}: [ 846.871312][T19232] __mutex_lock+0x193/0x1060 [ 846.876694][T19232] nbd_queue_rq+0x423/0x12d0 [ 846.881895][T19232] blk_mq_dispatch_rq_list+0x413/0x1e20 [ 846.888070][T19232] __blk_mq_sched_dispatch_requests+0xcb7/0x15f0 [ 846.895269][T19232] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 846.901864][T19232] blk_mq_run_hw_queue+0x239/0x670 [ 846.907937][T19232] blk_mq_dispatch_list+0x514/0x1310 [ 846.913767][T19232] blk_mq_flush_plug_list+0x130/0x600 [ 846.919661][T19232] __blk_flush_plug+0x2c4/0x4b0 [ 846.925024][T19232] __submit_bio+0x545/0x690 [ 846.930039][T19232] submit_bio_noacct_nocheck+0x53d/0xc10 [ 846.936220][T19232] submit_bio_noacct+0xbbb/0x1f60 [ 846.941756][T19232] block_read_full_folio+0x4db/0x850 [ 846.947562][T19232] filemap_read_folio+0xc5/0x2a0 [ 846.953104][T19232] do_read_cache_folio+0x263/0x5c0 [ 846.958731][T19232] read_part_sector+0xd4/0x370 [ 846.967420][T19232] adfspart_check_ICS+0x93/0x940 [ 846.975298][T19232] bdev_disk_changed+0x723/0x1520 [ 846.983845][T19232] blkdev_get_whole+0x187/0x290 [ 846.991322][T19232] bdev_open+0x2c7/0xe40 [ 846.997193][T19232] blkdev_open+0x34e/0x4f0 [ 847.004956][T19232] do_dentry_open+0x982/0x1530 [ 847.013283][T19232] vfs_open+0x82/0x3f0 [ 847.018353][T19232] path_openat+0x1de4/0x2cb0 [ 847.025716][T19232] do_filp_open+0x20b/0x470 [ 847.031008][T19232] do_sys_openat2+0x11b/0x1d0 [ 847.036386][T19232] __x64_sys_openat+0x174/0x210 [ 847.041806][T19232] do_syscall_64+0xcd/0x4b0 [ 847.047283][T19232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 847.053801][T19232] [ 847.053801][T19232] -> #5 (&cmd->lock){+.+.}-{4:4}: [ 847.061834][T19232] __mutex_lock+0x193/0x1060 [ 847.067347][T19232] nbd_queue_rq+0xbd/0x12d0 [ 847.072910][T19232] blk_mq_dispatch_rq_list+0x413/0x1e20 [ 847.079893][T19232] __blk_mq_sched_dispatch_requests+0xcb7/0x15f0 [ 847.088267][T19232] blk_mq_sched_dispatch_requests+0xd8/0x1b0 [ 847.095105][T19232] blk_mq_run_hw_queue+0x239/0x670 [ 847.103307][T19232] blk_mq_dispatch_list+0x514/0x1310 [ 847.111661][T19232] blk_mq_flush_plug_list+0x130/0x600 [ 847.118895][T19232] __blk_flush_plug+0x2c4/0x4b0 [ 847.126178][T19232] __submit_bio+0x545/0x690 [ 847.132105][T19232] submit_bio_noacct_nocheck+0x53d/0xc10 [ 847.138633][T19232] submit_bio_noacct+0xbbb/0x1f60 [ 847.144295][T19232] block_read_full_folio+0x4db/0x850 [ 847.150352][T19232] filemap_read_folio+0xc5/0x2a0 [ 847.156016][T19232] do_read_cache_folio+0x263/0x5c0 [ 847.162103][T19232] read_part_sector+0xd4/0x370 [ 847.167589][T19232] adfspart_check_ICS+0x93/0x940 [ 847.173154][T19232] bdev_disk_changed+0x723/0x1520 [ 847.178984][T19232] blkdev_get_whole+0x187/0x290 [ 847.185625][T19232] bdev_open+0x2c7/0xe40 [ 847.190486][T19232] blkdev_open+0x34e/0x4f0 [ 847.196211][T19232] do_dentry_open+0x982/0x1530 [ 847.201906][T19232] vfs_open+0x82/0x3f0 [ 847.206793][T19232] path_openat+0x1de4/0x2cb0 [ 847.212883][T19232] do_filp_open+0x20b/0x470 [ 847.218189][T19232] do_sys_openat2+0x11b/0x1d0 [ 847.223728][T19232] __x64_sys_openat+0x174/0x210 [ 847.229303][T19232] do_syscall_64+0xcd/0x4b0 [ 847.234541][T19232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 847.241062][T19232] [ 847.241062][T19232] -> #4 (set->srcu){.+.+}-{0:0}: [ 847.248244][T19232] __synchronize_srcu+0xa1/0x290 [ 847.253735][T19232] blk_mq_quiesce_queue+0x149/0x1b0 [ 847.259659][T19232] elevator_switch+0x17d/0x810 [ 847.265660][T19232] elevator_change+0x391/0x5d0 [ 847.271926][T19232] elevator_set_default+0x2e9/0x380 [ 847.279384][T19232] blk_register_queue+0x384/0x4e0 [ 847.285466][T19232] __add_disk+0x74a/0xf00 [ 847.291478][T19232] add_disk_fwnode+0x13f/0x5d0 [ 847.297970][T19232] nbd_dev_add+0x783/0xbb0 [ 847.304928][T19232] nbd_init+0x181/0x320 [ 847.310166][T19232] do_one_initcall+0x120/0x6e0 [ 847.316014][T19232] kernel_init_freeable+0x5c2/0x910 [ 847.321980][T19232] kernel_init+0x1c/0x2b0 [ 847.327078][T19232] ret_from_fork+0x56a/0x730 [ 847.332386][T19232] ret_from_fork_asm+0x1a/0x30 [ 847.338720][T19232] [ 847.338720][T19232] -> #3 (&q->elevator_lock){+.+.}-{4:4}: [ 847.346863][T19232] __mutex_lock+0x193/0x1060 [ 847.352024][T19232] elevator_change+0x17d/0x5d0 [ 847.357337][T19232] elv_iosched_store+0x315/0x3c0 [ 847.362914][T19232] queue_attr_store+0x268/0x310 [ 847.369196][T19232] sysfs_kf_write+0xf2/0x150 [ 847.374844][T19232] kernfs_fop_write_iter+0x3af/0x570 [ 847.382036][T19232] vfs_write+0x7d3/0x11d0 [ 847.386933][T19232] ksys_write+0x12a/0x250 [ 847.391827][T19232] do_syscall_64+0xcd/0x4b0 [ 847.397132][T19232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 847.403738][T19232] [ 847.403738][T19232] -> #2 (&q->q_usage_counter(io)#62){++++}-{0:0}: [ 847.415644][T19232] blk_alloc_queue+0x619/0x760 [ 847.421011][T19232] blk_mq_alloc_queue+0x172/0x280 [ 847.427833][T19232] __blk_mq_alloc_disk+0x29/0x120 [ 847.433661][T19232] nbd_dev_add+0x492/0xbb0 [ 847.442395][T19232] nbd_init+0x181/0x320 [ 847.449984][T19232] do_one_initcall+0x120/0x6e0 [ 847.455727][T19232] kernel_init_freeable+0x5c2/0x910 [ 847.462209][T19232] kernel_init+0x1c/0x2b0 [ 847.468132][T19232] ret_from_fork+0x56a/0x730 [ 847.473618][T19232] ret_from_fork_asm+0x1a/0x30 [ 847.482302][T19232] [ 847.482302][T19232] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 847.490154][T19232] fs_reclaim_acquire+0x102/0x150 [ 847.497116][T19232] prepare_alloc_pages+0x162/0x610 [ 847.502955][T19232] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 847.509604][T19232] alloc_pages_mpol+0x1fb/0x550 [ 847.515425][T19232] alloc_pages_noprof+0x131/0x390 [ 847.521270][T19232] __pmd_alloc+0x3b/0x8b0 [ 847.526908][T19232] huge_pte_alloc+0x41d/0x5b0 [ 847.532333][T19232] hugetlb_fault+0x373/0x2f40 [ 847.537621][T19232] handle_mm_fault+0xbfa/0xd10 [ 847.542905][T19232] do_user_addr_fault+0x7a6/0x1370 [ 847.548722][T19232] exc_page_fault+0x5c/0xb0 [ 847.554119][T19232] asm_exc_page_fault+0x26/0x30 [ 847.560227][T19232] strncpy_from_user+0x147/0x2e0 [ 847.566070][T19232] getname_flags.part.0+0x8f/0x550 [ 847.573114][T19232] getname_flags+0x93/0xf0 [ 847.579464][T19232] do_sys_openat2+0xb8/0x1d0 [ 847.584936][T19232] __x64_sys_openat+0x174/0x210 [ 847.590832][T19232] do_syscall_64+0xcd/0x4b0 [ 847.596041][T19232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 847.602502][T19232] [ 847.602502][T19232] -> #0 (&resv_map->rw_sema){++++}-{4:4}: [ 847.611035][T19232] __lock_acquire+0x12a6/0x1ce0 [ 847.617463][T19232] lock_acquire+0x179/0x350 [ 847.622743][T19232] down_read+0x9b/0x480 [ 847.627709][T19232] hugetlb_vma_lock_read+0xff/0x130 [ 847.634059][T19232] hugetlb_fault+0x30a/0x2f40 [ 847.639269][T19232] handle_mm_fault+0xbfa/0xd10 [ 847.644542][T19232] do_user_addr_fault+0x7a6/0x1370 [ 847.650561][T19232] exc_page_fault+0x5c/0xb0 [ 847.655788][T19232] asm_exc_page_fault+0x26/0x30 [ 847.661589][T19232] rep_movs_alternative+0x30/0x90 [ 847.667524][T19232] _copy_from_user+0x98/0xd0 [ 847.674205][T19232] user_termios_to_kernel_termios+0x21/0x30 [ 847.681720][T19232] set_termios+0x233/0x880 [ 847.687563][T19232] tty_mode_ioctl+0xbd8/0xd30 [ 847.693258][T19232] n_tty_ioctl_helper+0x4b/0x2b0 [ 847.699533][T19232] n_tty_ioctl+0x7f/0x370 [ 847.704923][T19232] tty_ioctl+0x6fd/0x1680 [ 847.709888][T19232] __x64_sys_ioctl+0x18b/0x210 [ 847.715912][T19232] do_syscall_64+0xcd/0x4b0 [ 847.721289][T19232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 847.727998][T19232] [ 847.727998][T19232] other info that might help us debug this: [ 847.727998][T19232] [ 847.740814][T19232] Chain exists of: [ 847.740814][T19232] &resv_map->rw_sema --> sk_lock-AF_INET --> &hugetlb_fault_mutex_table[i] [ 847.740814][T19232] [ 847.759870][T19232] Possible unsafe locking scenario: [ 847.759870][T19232] [ 847.768020][T19232] CPU0 CPU1 [ 847.774471][T19232] ---- ---- [ 847.781352][T19232] lock(&hugetlb_fault_mutex_table[i]); [ 847.788250][T19232] lock(sk_lock-AF_INET); [ 847.795718][T19232] lock(&hugetlb_fault_mutex_table[i]); [ 847.806317][T19232] rlock(&resv_map->rw_sema); [ 847.812311][T19232] [ 847.812311][T19232] *** DEADLOCK *** [ 847.812311][T19232] [ 847.821694][T19232] 3 locks held by syz.0.3156/19232: [ 847.827011][T19232] #0: ffff88806262b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 847.837223][T19232] #1: ffff88807daf01e0 (&mm->mmap_lock){++++}-{4:4}, at: lock_mm_and_find_vma+0x35/0x6e0 [ 847.847166][T19232] #2: ffff888143ea6728 (&hugetlb_fault_mutex_table[i]){+.+.}-{4:4}, at: hugetlb_fault+0x302/0x2f40 [ 847.858238][T19232] [ 847.858238][T19232] stack backtrace: [ 847.864764][T19232] CPU: 0 UID: 0 PID: 19232 Comm: syz.0.3156 Not tainted syzkaller #0 PREEMPT(full) [ 847.864786][T19232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 847.864795][T19232] Call Trace: [ 847.864803][T19232] [ 847.864811][T19232] dump_stack_lvl+0x116/0x1f0 [ 847.864833][T19232] print_circular_bug+0x275/0x350 [ 847.864855][T19232] check_noncircular+0x14c/0x170 [ 847.864876][T19232] __lock_acquire+0x12a6/0x1ce0 [ 847.864900][T19232] lock_acquire+0x179/0x350 [ 847.864919][T19232] ? hugetlb_vma_lock_read+0xff/0x130 [ 847.864957][T19232] ? __pfx___might_resched+0x10/0x10 [ 847.864976][T19232] down_read+0x9b/0x480 [ 847.864993][T19232] ? hugetlb_vma_lock_read+0xff/0x130 [ 847.865011][T19232] ? __pfx_down_read+0x10/0x10 [ 847.865028][T19232] ? find_held_lock+0x2b/0x80 [ 847.865044][T19232] ? mt_find+0x749/0xa20 [ 847.865062][T19232] hugetlb_vma_lock_read+0xff/0x130 [ 847.865081][T19232] hugetlb_fault+0x30a/0x2f40 [ 847.865097][T19232] ? __pfx_hugetlb_fault+0x10/0x10 [ 847.865114][T19232] ? find_vma+0xbf/0x140 [ 847.865131][T19232] ? __pfx_find_vma+0x10/0x10 [ 847.865148][T19232] handle_mm_fault+0xbfa/0xd10 [ 847.865161][T19232] ? trace_raw_output_exceptions+0x141/0x150 [ 847.865181][T19232] do_user_addr_fault+0x7a6/0x1370 [ 847.865200][T19232] ? rcu_is_watching+0x12/0xc0 [ 847.865219][T19232] exc_page_fault+0x5c/0xb0 [ 847.865235][T19232] asm_exc_page_fault+0x26/0x30 [ 847.865249][T19232] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 847.865271][T19232] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 cd 23 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 847.865285][T19232] RSP: 0018:ffffc9000e307a08 EFLAGS: 00050206 [ 847.865298][T19232] RAX: 0000000000000001 RBX: 0000000000000038 RCX: 000000000000002c [ 847.865307][T19232] RDX: fffff52001c60f63 RSI: 0000000000000038 RDI: ffffc9000e307af0 [ 847.865316][T19232] RBP: 000000000000002c R08: 0000000000000001 R09: fffff52001c60f63 [ 847.865324][T19232] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 847.865333][T19232] R13: ffffc9000e307af0 R14: ffffc9000e307af0 R15: dffffc0000000000 [ 847.865347][T19232] _copy_from_user+0x98/0xd0 [ 847.865368][T19232] user_termios_to_kernel_termios+0x21/0x30 [ 847.865387][T19232] set_termios+0x233/0x880 [ 847.865403][T19232] ? __pfx_set_termios+0x10/0x10 [ 847.865418][T19232] ? __lock_acquire+0xb97/0x1ce0 [ 847.865442][T19232] tty_mode_ioctl+0xbd8/0xd30 [ 847.865458][T19232] ? __pfx_tty_mode_ioctl+0x10/0x10 [ 847.865476][T19232] ? __pfx___ldsem_down_read_nested+0x10/0x10 [ 847.865494][T19232] ? __pfx_n_tty_ioctl+0x10/0x10 [ 847.865506][T19232] n_tty_ioctl_helper+0x4b/0x2b0 [ 847.865522][T19232] n_tty_ioctl+0x7f/0x370 [ 847.865535][T19232] ? __pfx_n_tty_ioctl+0x10/0x10 [ 847.865546][T19232] tty_ioctl+0x6fd/0x1680 [ 847.865566][T19232] ? __pfx_tty_ioctl+0x10/0x10 [ 847.865586][T19232] ? find_held_lock+0x2b/0x80 [ 847.865601][T19232] ? hook_file_ioctl_common+0x145/0x410 [ 847.865617][T19232] ? __fget_files+0x20e/0x3c0 [ 847.865633][T19232] ? __pfx_tty_ioctl+0x10/0x10 [ 847.865652][T19232] __x64_sys_ioctl+0x18b/0x210 [ 847.865675][T19232] do_syscall_64+0xcd/0x4b0 [ 847.865692][T19232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 847.865705][T19232] RIP: 0033:0x7f733818eec9 [ 847.865717][T19232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 847.865730][T19232] RSP: 002b:00007f7339054038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 847.865742][T19232] RAX: ffffffffffffffda RBX: 00007f73383e5fa0 RCX: 00007f733818eec9 [ 847.865752][T19232] RDX: 0000000000000038 RSI: 00000000402c542b RDI: 0000000000000003 [ 847.865760][T19232] RBP: 00007f7338211f91 R08: 0000000000000000 R09: 0000000000000000 [ 847.865768][T19232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 847.865777][T19232] R13: 00007f73383e6038 R14: 00007f73383e5fa0 R15: 00007fff2c7f4708 [ 847.865790][T19232] [ 847.865858][ C0] vkms_vblank_simulate: vblank timer overrun [ 848.317388][ C0] vkms_vblank_simulate: vblank timer overrun [ 848.328343][T19234] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 848.367832][T19162] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 848.375981][T19162] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 848.402651][ C0] vkms_vblank_simulate: vblank timer overrun [ 848.409886][T19162] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 848.424185][T19162] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 848.432539][T19162] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 848.461348][T19162] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 848.555020][T19162] hsr_slave_0: entered promiscuous mode [ 848.561290][T19162] hsr_slave_1: entered promiscuous mode [ 848.568635][T19162] debugfs: 'hsr0' already exists in 'hsr' [ 848.574514][T19162] Cannot create hsr debugfs directory [ 848.634546][ T5851] Bluetooth: hci1: command tx timeout SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 849.615301][T18070] bridge_slave_1: left allmulticast mode [ 849.622115][T18070] bridge_slave_1: left promiscuous mode [ 849.630986][T18070] bridge0: port 2(bridge_slave_1) entered disabled state [ 849.640452][T18070] bridge_slave_0: left allmulticast mode [ 849.646950][T18070] bridge_slave_0: left promiscuous mode [ 849.653829][T18070] bridge0: port 1(bridge_slave_0) entered disabled state [ 849.706051][T18070] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 849.718343][T18070] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 849.730935][T18070] bond0 (unregistering): Released all slaves [ 849.808120][T18070] hsr_slave_0: left promiscuous mode [ 849.815445][T18070] hsr_slave_1: left promiscuous mode [ 849.825288][T18070] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 849.844825][T18070] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 849.940268][T18070] team0 (unregistering): Port device team_slave_1 removed [ 849.976675][T18070] team0 (unregistering): Port device team_slave_0 removed