last executing test programs: 14.936280696s ago: executing program 2 (id=1509): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r0 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000240)='/dev/cpu/0/cpuid\x00', 0xad02, 0x0) readv$auto(r0, &(0x7f0000000680)={0x0, 0x40200}, 0x3) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/sctp/rto_max\x00', 0x50b041, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) ppoll$auto(&(0x7f0000000180)={0xffffffffffffffff, 0x1142, 0x1ffe}, 0x4, 0x0, 0x0, 0x8) modify_ldt$auto(0x1, 0x0, 0x8) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/pci0000:00/0000:00:03.0/resource4_wc\x00', 0x20002, 0x0) read$auto(r3, 0x0, 0x9) read$auto(r2, 0x0, 0x7) openat$auto_tracing_stats_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/stats\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xfffd}, 0x3) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x9}, 0x3) r5 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r5, 0x405c5503, &(0x7f0000000300)={{0x0, 0xf2cf, 0x3, 0x4}, "6a034a07c7b82d90b69a29e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6594824588a2eb412ba165f", 0x7a2a}) ioctl$auto_UI_DEV_CREATE(r5, 0x5501, 0x0) mremap$auto(0x200000001000, 0x4, 0x4, 0x3, 0x100000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x42, 0x0) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/oss\x00', 0x88400, 0x0) read$auto_proc_reg_file_ops_compat_inode(r6, &(0x7f0000000080)=""/200, 0xc8) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) ioctl$auto(0x3, 0x541b, 0x7f) 12.817104473s ago: executing program 2 (id=1514): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, 0x0, 0x100000a3d9) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x40000) setsockopt$auto(r0, 0x77, 0x129, 0x0, 0x80004) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x5, 0x6, 0xa9, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x3, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x6}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) socket(0x3, 0x80000, 0x6) sendto$auto(0xffffffffffffffff, 0x0, 0xb, 0xc, 0x0, 0x1c) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/icmp\x00', 0xc0880, 0x0) 9.835855022s ago: executing program 3 (id=1519): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x981082, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) setsockopt$auto_SO_RCVBUF(r0, 0xffff, 0x8, &(0x7f0000000000)='\x00', 0x7fff) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) setgroups$auto(0xe32, 0x0) prctl$auto(0x23, 0x8, 0x2008, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socket(0x2, 0x3, 0x2) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) 8.928002468s ago: executing program 0 (id=1521): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, 0x0, 0x100000a3d9) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x40000) setsockopt$auto(r0, 0x77, 0x129, 0x0, 0x80004) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x5, 0x6, 0xa9, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x3, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x6}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) socket(0x3, 0x80000, 0x6) socket(0x2, 0x2, 0x1) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/icmp\x00', 0xc0880, 0x0) 8.604324977s ago: executing program 2 (id=1522): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) open(&(0x7f0000000280)='./cgroup\x00', 0x5d52c0, 0x0) r0 = socket(0xa, 0x2, 0x3a) r1 = open_by_handle_at$auto(r0, 0x0, 0xffffffff) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r2 = openat$auto_dev_fops_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x60000, 0x0) read$auto_dev_fops_plock(r2, &(0x7f00000001c0)=""/132, 0x84) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x300, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/wireless\x00', 0x80, 0x0) pread64$auto(r3, 0x0, 0x1ff, 0xf4) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x100000010000, 0x1, 0x2, {0x2100000000, 0x10000}, 0x3, 0x8, 0x7, 0x1008000, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x1800}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TCP_METRICS_CMD_GET(r4, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b00)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="9bff29bdffffff7fdfd576d03923"], 0x14}}, 0x0) setuid$auto(0x800000000008) memfd_secret$auto(0x0) ioctl$auto_SNDCTL_DSP_POST(r1, 0x5008, &(0x7f0000000340)="6ded102cb0a76bd9bf061bd55cc083c9d7bdf2b35242b7738d849b0abe49b91fe88ccefca6101fc83e672998a2496c043b00c25ab5f27ddc3a7d34f727ee5d62ec98c84bd492da2f359bd0fa1aff18dcc14cd82245ba8b5158c3c4c725574ccf183ac87c3561241f44bec06c098de8f621a080fa9b724f0bc22e0633d251042620a06e1e649281148792ed8beb0bcce500974443358563c7366f010559f1f3de758c8c5c5eb7f2972798d96039de5a") ioctl$auto_IMADDTIMER(r1, 0x80044940, 0x0) select$auto(0x1, &(0x7f0000000040)={[0xffffffff00000001, 0xfffffffffffffff7, 0x100, 0x7fff, 0x79, 0x3, 0x9, 0x6, 0xa80d, 0x8000000010000, 0x0, 0x7c43, 0x9, 0x0, 0x4, 0xd133]}, 0x0, &(0x7f00000001c0)={[0x800000000, 0x2, 0x80000012, 0x2, 0x4e4bcd3b, 0x8, 0x5, 0x4, 0x5, 0x12, 0xfffffffffffffffe, 0x1, 0xffffffff00000001, 0xe25, 0x48, 0x8]}, &(0x7f00000000c0)={0x100}) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000002140), 0xa002, 0x0) acct$auto(&(0x7f00000000c0)='/dev/cachefiles\x00') r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_UNEXPECTED_FRAME(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2c000000e6e5fa995b06629681a9efddc3f249aec8f10b88f1fea2177eb7779637b4dab589f96eba1104f6c0b782bbd5edd30cb0f49e7b0129c5b6508aa50704368d6eef49a787dfce343a0e7cf649bbd051d1223812b104856105ece77dec7bd84ab0a32c7054973111e8ef18eac03f83a2fdd9c93905698e41387cc03f2a412038f8fe0ffba244076f67538bb54fbf602c79447100691be3e6eb74a2d9c2a492d66556ca63b7b3a2a45b0f44ef949ad23828a9e934e45e8daecbced86dd84058bb", @ANYRES16=r5, @ANYBLOB="000429bd7000fbdbdf255300000005001e000400000006003600060000000600f70009090000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000800}, 0x4011) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfffffdef) 7.419838231s ago: executing program 1 (id=1524): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0x8) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x9, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) process_mrelease$auto(0xffffffffffffffff, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) inotify_init1$auto(0x403) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x201, 0x7, 0x1f, 0x7181, 0x1ffde, 0x7, 0x40000000001, 0x9, 0xa, 0x0, 0x4, 0x1, 0xb8, 0x9, 0x8, 0x10003, 0x9, 0x4, 0x0, 0xa, 0x1, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x3, 0x0, 0x3, 0x3, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001]}, 0x1fe, 0xd) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) bpf$auto_BPF_BTF_LOAD(0x12, &(0x7f0000000040)=@bpf_attr_7={@btf_id=0x400, 0x10000}, 0xc) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) getsockopt$auto_SO_REUSEPORT(r0, 0x1, 0xf, &(0x7f0000000000)='nl802154\x00', 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES16=r1], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r2 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x14}}, 0x4000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) 7.043053898s ago: executing program 1 (id=1525): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3d, 0xffffffffffffffff, 0x0, 0x1, 0x400001) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r0, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2]\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\rj\xda\x8etU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\x00\xce\xbbY8@Z5`\xa4m\xffb\x17\xbbh\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf#f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd3>\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\x84\xf9\x98\x8fD\xd9|\x85V\x04\xf32z\xfe$\xf5kE8\xa0\xb9\x18\xb3\xbf\xd5\x80c\xcf\x84E\xe9\xe9\xdd\x99\x1a=\x1ec\x87_=\x91m\xd4\xf4\xc7N\xba%\xa3\xf1\x04\x1f\ty\x04\xe9\x92\x8f\xf63\x1c\xd4\x05\xa1\xc7{\xb8\x80\xa6Heoct3\xa8\xdfl\xdb_\xf8\v\x87?\xb1\xfb\xb6\xb6\xdd\xd3$1s\xc3\xbc\xae\xd7+\b\x19\xfa\xfb\x15\xf7\x9a\"\xd2\x03\xe1\xd5\'`\x1a\xd1\xa5>\xde\x00\x043\xe3\xbd\xb0\xe2B\xb6aM\xdb$\rA\x13\x11\xe7\x88*3\xde/m?\xfd\xf7R\x1b6B\xc1\xdd\xecm.\x90\xe2\x02{\x01\xb0\x19\xf1\"H\xe5\x99:c2\xf1\x8a\x8f\x17$\xfeZ,\xc2\xe5b\x06\xf0\xf9\xed}\xe2\xa3\xac5C\xf9\x8f\xc8\x0e\x06\x04@\x8d\xcd|\ay\xe0\xa1\n\x85\xce}\xf4Y\xa5T\a\xc4b\'\x11\x80\x01\x0e\xcaDi\x83\xe0H!h\x10L\xbd\x7fJ\x155|\xa4\xde7\x99\x9f\x00\x00\x00\x00\x00\x00\x00\xe4\x95\x0fgL\xbf\x857\xbd\x80S\x92RCk\xac\xdd\xb4\xf0\xed\xbc\xc3\x9f \x0e\xc0=\x84\xf6k\"\xf7xx\x0f\x97\x1c*\x06\x00N>Ut\xb2\x9bsg\x95\x86\xc7\xd5\xf3`\xf1\x12\x92\'>\xce{>GZ\xc3?\x87\xe9d\xf1\x16\xd6D\xde\xe7\x87\xd1\xf6\x03r\xe5\xcb\xec\x87\a7\xe4\xd5\xb7\xb6\xe5\xa1\x8d\x8d\x1e\x8f;p\xe6\xb0_\x00\x00\x00\x00\x00\x00\x00\x14\xe9\xdc,\xf8\x13\x91\x04\xfe`>\x88\x81\x0f\x9d\x00\x90\xf2\x00'/552, 0x8100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0xfffffffffffffffd, 0x5, 0x19) brk$auto(0xffffffffffffff66) fstatfs$auto(0xffffffffffffffff, 0x0) msgrcv$auto(0x9, 0x0, 0xfffffffffffffffd, 0x6, 0x80008) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r1 = ioctl$auto_TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x62c00, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x400702, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x84703, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2200, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) mmap$auto(0xfffffffffffffffe, 0x5, 0xffff, 0x40eb2, r3, 0x300000000000) connect$auto(0x3, 0x0, 0x10) unshare$auto(0x40000080) r4 = socket(0xa, 0x2, 0x73) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYRES32=r5, @ANYRES16=r6, @ANYRESOCT=r1, @ANYRES32=r4], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x6c040) close_range$auto(r2, 0x8, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) 6.390583179s ago: executing program 0 (id=1526): unshare$auto(0x40000080) r0 = open(&(0x7f0000000000)='./file0\x00', 0x200000, 0x1b0) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40000, 0x31) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x11, r2, 0x4, 0x0) ptrace$auto(0x8, r2, 0xfffffffffffffffa, 0x8) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'pim6reg1\x00'}) mmap$auto(0xf000, 0x1, 0x3ff, 0x12, r1, 0x0) r3 = openat$auto_dfs_sched_itmt_fops_itmt(0xffffffffffffff9c, &(0x7f0000001440)='/sys/kernel/debug/netdevsim/netdevsim0/udp_ports_ipv4_only\x00', 0x1, 0x0) read$auto_ptdump_fops_(r1, &(0x7f00000005c0)=""/4096, 0x1000) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) bind$auto(0x3, 0x0, 0x6a) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) sendmmsg$auto(r3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x800002, 0x7) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 5.739383754s ago: executing program 3 (id=1527): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000280)="e971") ioctl$auto_TIOCSETD2(r0, 0x5423, &(0x7f0000000000)="3542623f8a5034589f363523f5077e906cec0de38db42f08e862887968d83410cdb47d372ea4a83c0f20626339d660e62fd376bb11cf74a5ac58419b252061403b2e71f606db6f2664a13926aece77e535ce862e439df24b96d62d30732faf9a9eff2b19c6203e6e6e6e217b3934faadc6e4253ad1bccd365a91d3b3749d9dc6b20a324dab825876b72eabe8c7cd48e5b6fb5075ea19e85c4bb968700e736ead933cc214164334b2b130d006784a2183fc73fc255940488cbf66845e4b0cadded38de85639280d301d7079a05d4dfdc16b71a859ec074cb9492c755a4870ffed") landlock_create_ruleset$auto(&(0x7f0000000100)={0x5, 0x9, 0x7}, 0x400, 0x10001) r1 = openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000140), 0xc0000, 0x0) close_range$auto(r1, r0, 0xffffbfff) r2 = socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getsockopt$auto(r2, 0x6a, 0x2, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = epoll_create$auto(0x3e) lsm_list_modules$auto(&(0x7f0000000180)=0x80000000, &(0x7f00000001c0)=0x7, 0x14e) r4 = socket(0x1e, 0x4, 0x0) epoll_ctl$auto(r3, 0x1, r4, 0x0) socket(0x11, 0x80003, 0x300) ioctl$auto(0x3, 0x5411, 0xfffffffffffff4e0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) (async) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) (async) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000280)="e971") (async) ioctl$auto_TIOCSETD2(r0, 0x5423, &(0x7f0000000000)="3542623f8a5034589f363523f5077e906cec0de38db42f08e862887968d83410cdb47d372ea4a83c0f20626339d660e62fd376bb11cf74a5ac58419b252061403b2e71f606db6f2664a13926aece77e535ce862e439df24b96d62d30732faf9a9eff2b19c6203e6e6e6e217b3934faadc6e4253ad1bccd365a91d3b3749d9dc6b20a324dab825876b72eabe8c7cd48e5b6fb5075ea19e85c4bb968700e736ead933cc214164334b2b130d006784a2183fc73fc255940488cbf66845e4b0cadded38de85639280d301d7079a05d4dfdc16b71a859ec074cb9492c755a4870ffed") (async) landlock_create_ruleset$auto(&(0x7f0000000100)={0x5, 0x9, 0x7}, 0x400, 0x10001) (async) openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000140), 0xc0000, 0x0) (async) close_range$auto(r1, r0, 0xffffbfff) (async) socket(0x1d, 0x2, 0x6) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) getsockopt$auto(r2, 0x6a, 0x2, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) epoll_create$auto(0x3e) (async) lsm_list_modules$auto(&(0x7f0000000180)=0x80000000, &(0x7f00000001c0)=0x7, 0x14e) (async) socket(0x1e, 0x4, 0x0) (async) epoll_ctl$auto(r3, 0x1, r4, 0x0) (async) socket(0x11, 0x80003, 0x300) (async) ioctl$auto(0x3, 0x5411, 0xfffffffffffff4e0) (async) 5.507834598s ago: executing program 0 (id=1528): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x802, 0x1) socketpair$auto(0x3, 0x5, 0x7, 0x0) setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0x2000000}, 0x6b) r0 = socket(0x2b, 0x1, 0x1) ioctl$auto(r0, 0x89a0, 0x4) 5.111960786s ago: executing program 3 (id=1529): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x100000000021, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0) write$auto(r0, &(0x7f0000000140)='0[.[\x00', 0xcd04) r1 = socket(0x10, 0x2, 0x14) sendmsg$auto_NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x200, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x400000c) sysfs$auto(0x2, 0x101000000000007, 0x0) keyctl$auto(0x2000000000000017, 0x8000, 0x2d, 0xc4, 0x20803) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) mmap$auto(0x2, 0x42, 0x5, 0x17, r0, 0x1ff) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) io_setup$auto(0x80002, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_FORWARD2(0xffffffffffffffff, 0x40084149, &(0x7f0000001080)=0x7) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x42501, 0x0) mmap$auto(0x0, 0x7, 0x619, 0xeb1, 0xfffffffffffffffa, 0x8007) mmap$auto(0x0, 0x400008, 0x5f, 0x1b5e, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r3 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) signalfd$auto(r3, 0x0, 0x8) mmap$auto(0xfffffffffffffff9, 0x0, 0x36, 0x9b72, r2, 0x28003) prctl$auto(0x1000000003b, 0x1, 0x4, 0x4, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000001040), 0x40, 0x0) fcntl$auto(0x2, 0x401, 0x80000001) ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0) r4 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r4, &(0x7f0000000040)=""/4096, 0xfffffe82) migrate_pages$auto(0x0, 0x2, 0x0, &(0x7f0000000480)=0x86b) 5.084613539s ago: executing program 2 (id=1530): sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000440)='/sys/kernel/tracing/dynamic_events\x00', 0x42, 0x0) rt_sigqueueinfo$auto(0x0, 0x4, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x7e73, @_timer={0x0, 0x80000001, @sival_ptr=0x0, 0x5}}}) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r3, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/v4l-subdev2\x00', 0x2000, 0x0) statx$auto(0xffffffffffffffff, &(0x7f00000002c0)='./file0\x00', 0x1, 0x2, &(0x7f0000000300)={0x7, 0xff, 0x9, 0xf, 0xffffffffffffffff, 0xee00, 0x4, 0x4be5, 0x832, 0x8000000000000000, 0x7, 0x3, {0xc1d, 0x3}, {0x100000000cc, 0xa}, {0x2, 0xc}, {0x10000, 0x5}, 0x15, 0x9, 0x7, 0x0, 0x0, 0xea79, 0x7, 0x562b, 0x2800, 0x6, 0xafa, 0x5, [0x1, 0x5, 0xc, 0x200000000000, 0x5, 0x6, 0x8, 0x4, 0x1000]}) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x80000001, &(0x7f0000000280)={&(0x7f0000002580)="ca281998e04aacb1515ab8e6e373c31e7f7a506b8151242397c2945919c7b950f711736212daa28ce31488aa589b731967e5d77d6958662212b696199fd802411d854939a1df53ca3fc9594a98fe3de832426ec5424be7f6a553c0a7e3d802c3b499e67819febc0b6eb1d0883ac554afe8141c8a6323ade40c167d9ac45cb1edc63b10a99386dfb49fa0768b9911c0b142326d9508badc992904cc96636981b7a5cc12cae2d09d130a1a75e9446e22ebff54dac5295de6d8e71832f94237a8ab87f330d09e32c10c2edf33ed27501100f400000000000000000000000000000024ac1451d54aaa8fed28c554dd64bd4428d74aaf08c6c3dc95561a4e6dd080da06a5bf2043f56e300f1fdbaacfec8ea399968d7ba189c5b1e0498d0b2067e712322f461d5158a809d06c3142961bfc5d07e87882ed633c4294", 0xffffffff}, 0x6, 0x0) r6 = fcntl$getown(r1, 0x9) ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f0000000400)={0x2, 0x7, 0x6, 0x3, 0x2, r2}) msgctl$auto_MSG_INFO(0x7, 0xc, &(0x7f0000000640)={{0x7, 0xee01, 0xee00, 0xfffff43e, 0x8, 0xfffffff8}, 0x0, &(0x7f0000000500)=0xa, 0x8, 0x5, 0x6, 0x0, 0x2, 0xfff3, 0x5, 0xba29, @raw=0x401, @raw}) capset$auto(&(0x7f00000005c0)={0xa, r2}, &(0x7f0000000600)={0x2, 0xd58b, 0x3}) sendmsg$auto_TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000002540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000002500)={&(0x7f00000026c0)=ANY=[@ANYBLOB="a41e0000", @ANYRES16=0x0, @ANYBLOB="200028bd7000fcdbdf25050000008811088014002a00fe8000000000000000000000000000aa04005a00b700d680040049800400df80489a52332fa3ec6d45b89b4dd3d7b57d08a6c789e715f1ec69bd3c8fdce45f88938b65873058a345089a69c805a481ea28d74808d5ceabd8e005646145b686092071ff25ac7785d2baa99e7cb8f91bd87303db1833927e1414648414bc9542da39aff2c2b78d1dbd1f96560ad6c770a5b42ec52c12c1352aa44e5907c922991aabbef5282cafb4194f3927c5905334ddf76f2b08001500ac14143a08009d00", @ANYRES32=r4, @ANYBLOB="040011800400d180008247e6792c37d7f269539fbe9bef0a193afba3293308ca217e51f7e956cead47635f097368b7110826338d75db089a5be50e470964a2a9a6475a5451894d5e732b6367b81fe5c56d0236f46388e36b5099faa5ddb9e0fb506aef14e3e80dea805f4678863cb43cb49b59b8b30754a36a0d06c5b78cde0f020553e3e767748e27f550bb5e6977699b13e2aa8876cf40db87db6079df7285879937a2dfddd1f37f6046914c50f36c26c2e375428a01e8dd2f064225939a1990ddbed1ace94ec558a5a7090b34dac243ed47db2b17d85c640f0031f7e6e4ca8577ebb50978421949a369bb77d4267d808bba44a385c91c8acd0a3d14ed5da5dfd14585ed56b08f5e4a40d0057bcb997bbf60d6d4b2e2cdde334c697f93d8f5cc1b950254d8eb2932dfcb4ed8072a78f57f5bec4320a1c4338b3bda2703d798181c3005f180a40dc6f1a72a1a9d610ffe09a3db378b56b115c483284e9a73e132050c7c1f54fbf9cf3bbb482dfd4e97e70e538793a7ad9791f2d535f99c1993a39ad5b5377bbb263e68025be44545a0ee8b3eead000cdcbbe22cd8d42a01bb9836a0ccd6caaec146ca4a2968d2a946c651ba873e10ea8503701bad1fc668cb9c62ec644da16e0259287289c6eb47ad3e9df5c37b4771532e865ca31fe91297e9ae4754167a7c8707cb2034c5be21b4ad385695c41445c558b043a3da73d335f7ae0db57ddcf276946e8931445a319b33358dae8cb18458e31c2d48a82f075b00a883f9fce2bb1908758a4292dd91a2a34099f3c8ac38312daf43bc60152ac9dffa8a5cca1fc265a12db5d4efd1df0e62510ebc997e988e576ce867d418553f55c13a82b19b61081335caafc558671664a85a5cb180f5e1533cadfe47b36c7701639063cdd6155f4fbf0fc489eb1ae21bad7274a903f16170b4db00bbf87eeebe848e090731d5e40f7228986ac286688bcb95f6f5650153dad674a80506e26e5d6542f8b5ceef829b07d7a410eb0a3415520e6794b2eba4a33984ddf284dc37dd83cc3439e29063c283920299a75fbc4917c8ffeb737e7a3f758137c2bce67a2e30b28493a1237dcb6d196868d9ba959225e551ee1dfb805994d2bb8a7dfbcaa91f22986d119de9d33d8ccdfbf5cb2b99e52646ab7a688159f88899c0f12a4a0a120bfa9b5ccddcdb543afb39a27d02d28b9ec48526b19b1271c19723b5ac2d0b86a96d81f4879e62fb79f8bf80d1eceb4bde97ddefb83efb57fc62a902d7c3d81e088f9a3033890f4ff19b8eca6aebdf07125495d7e25888036cb244c7549c73eeadd19ca354ddc08b377caa92196edf48b23181bc9cf74047a4ad8211f0a988ec9367ec35149e47869af777d9f050df42adcc2330a868a1b85b273de274446db2bd51df50755f8b335f431256eedb209162793436cf4c55ff6c663c9b62f7e2f9e4afca8a44c54489aefa0a7c03bcdbd8c7f0957e2626fdd70a392ed1a547087e8a33034c2044a8dc1e99a6c22b2a689ed29defee64cc702fe0aca71e8da4c9d1393cc117f1605c8a2d4e57e2b5c77250b7d00ee112168d1ef8157f0cd874a0d0311c91879d45f99ba305e15550df628925261f165d6aaa80441217b6ebe2957f45cb8a98f8c0a4759a8f303aa58b147201c12bd271613842fc51b0a9843ad65953dc74583d83764de84c9413d5c6fd82ab47403531ac3ab8f31b950fc16f3009db73dce2b4b02d1af76a05e9286541d33954e8d22667daf584e2bad450f1b46fa66b92388fe827b18ce51258c49ff1e0376665d0b1f61456341b4b91359d5fae9a69bb1a2adebe7e87c738b2f3feb378e0ea14cbde1fabb921b3f0fcda61222ed17dbf8500b13ec57b2b143905ba9906e62ef5eef0d37e3daa112e730a08be34c30c707052374012327a53f6cac6cc92d114b03f8220e5ddb1f00b4e6cd40824e54b71226edd73a68760ef29a27a9a86322f3a8d07e6eadc573d83ed2ff9ee85219247bd0030a8274e3017d2d275c7bbc5e135e32a52c93d1f6b806a74bf9d106cad1de9af4cb5734e26043dac56b6651de90325e3500547d50c024040d14d96e03d3bc7c394a7b4a1a29c76ecbcbb0ea1b9538511b018297d906cedbd00735a62c3852c6b35b7cc9103ad25c03008c6c44c33849107fb8463c1ac66f5487e9fb1c419baae82815bd2eead54f014e611e02c2658017b26532c09d9295c7cdb56e0dd2f395a25a636b0999df15da9b3cfeb04ae57fda27989fcb90d987d736d4658c58f6b4e7c06dd70cc681d4e2a9a10bdf7433fccb826ac887f05b6eeadb0a1429baf04f4c6ba94c7cc6c1f0b48bcc0158ac997595cb48defa6428460aaf924c9356b5ad1b0b30975fdffaf178888c1130180ac79706088c3f54e95879c5700e88709375376ecf67b774e4621e70054e06b8e30003c6bbd88cd32eca24d36f781bf60907becfba84dc651632fa35a72cd0f5399227e14ebc6c9597859722bf0da2c425c55c625b2b8bddb1268c182852b8ea6069d9388b41e41ad316096895ca338a471081755d3d0f7e5822de2cb19d701f94b66e94b746777ee7ec4201ec195bd0eeb182e861dcd31f3018eae5004abc9af45a1251b3b197b7deee302196a3b8d3d3e401554066f1f01d2287f6394acbea6416162d24af8bc5dadaaadd9348a69017e1e8b36ae73b12209a5a226a18b57577d14a08fdc48c8c936703d678e4dd50fca5888222fa8f3ef484f09a1ef53bf245c2e4fee6d1aa46109a7c5cd5bcd9381e2e3b99292f317ec196c442f2815a8c68b684944aee676c5bb1a3a1be590619ded1d73e2e31e67e6e5574cd36916bc3c788766b942d5c1a3715d1e388c0504bc53c9ca95632bde9c2bfe212de1e2101f7cbf1ef3451e49185fc205d1ff22497855434316d6ea227f5998170ba735b66e87c11d5f2adfe33836537b89ab5712c9ccd01e9dfd1703eedb2b7f3ec07af942109b2057f3be2a2fa0120208b2d830f61a8b68e1ac3eb6913e1eebd8dda66f01de363b99c7d81b86071a970f2568b67944c3e2bea539a6114db290cfb950a0b112e934ee62b85cea8e7670f9177eaa90a1a2cad74075d6ba16e033fd5282ec3cfd7cd2022ed8b68c6ccbbc500aa4d32a62d8352d6f2972b1bf2431e67b4310d34eab0a661b0208dedac71cf571c3b4adbb5212de1c6b4295d0f3c6fa31705a08e749c1f1c29950fc578050619c9e82070e394a602f30d570bb09e5df4b8d95b125d42a5369587a7423c845221678eb4762e39c057ecc6c8f4a46c25ac26ab0797881af009f941d0f11a6cf1e8d66a646da74bcb5ace1214667e9bdee46aaaaabfc3af4fa64b6707c484d577018eccd5597e6c0d300b1993c8861948724317e3783ae041d0fedebe7f1d4a8488c165ae019f58c0f7abfbd9da3e9d5b0e62761f1e03e1f57262d1814d57dd15255765f9bc9417f42aba4bb6e793cc685a4d11df041d6bdf5f0bbf3c5ad28f99e38dfc02a7d12c0d8713dea88a4dc2f40fcc94b148bd5aa80162b77206c5d0d7660e4548ee1c9e1b8e9cc3402848cfdce80c91b31c26be1ff26e53489060e6b5548067024516f6be1aac678a94b61323fb54bb2ee355e27b78ac3a1df1880c731acef0f88a4ef66cd56814483d077f77d47cf3f76afac383aebe59217997452b7fb23f8ad96ec74921f077b02665e8a283549932ede312dff9b7e94a2a3761239f35b56fe75b6d0582643529c7a797b4962290c3a04b6da15e149c9e8fe9e4383b96db9d38ad6c4daf7326d358018d05f8e3274d2b12744b6ef5df7f3e11f63811808e12ed1fecc0c7e2a1bf34054bc91dd4eb87026e9997300d5c46b707b45896dd5d7387baac86a24a75d31d49901c744a7d19e50a8ac98a08cb3e1934beb44b9b3429fe86e945fb9cc3cc4d2fd2cb6c71195777816b8447146a6c2890586053d3b69ccd48d3322750d9f4b694a0bbdd834437d9133719aca5152d574f7b13cd4986625b67a8b86d10d8551035a674284bdb25e23af4581df5f602f5afd6d69310c7cfac8c28a54a63e7b731b607e9428552cdff768ee472b7003d282b6c016c6c750a15828a15d3070ef5fac89456dc7891c8cd2900a49b090b77664bf9b91b24d606f2d90bc48d25dd9142fc0e915fe79e7225539d7546f14317eec4f376db634895f576decf1a810a46fddaf0dba3bb2b4dd69c6f920b2eea6643097d4c58e9aa45066e7ccaa249a025ccd14f269caec1d6ae67fb7c858109f4f068cd19ddd9f87eb93ecb827486e1a67db790cc17c1bb522cdf7c5ba8cd1d11242a45f723d26ad6eb8e76953e92ca5100f5f8b2ae65b2baba3928323ee68c34c7452e8349d985eb080620be2c8a4ea07b1a448bdf62facf20b60faa1b2582de1be00c0d826e94c942805683f4e0361e4bc48bbfe325c3e3f56bac1b139dac7817186b5b69aa8798e3f635a990d94294f33b4f6856289a5860f8fd02c20d25007d073bae24cd711b16c496d50db052497ee5c3cd350f1b4101b65dba83e747572887288e449e7278e0ed9cbf66bea16a7dd66776ca759536790756d88603cb347d5ffd8f11582b12a943a2f2f74058b10ddbbd136ee8ad4a90730fdadf3fe7300eb10a8bbd774bf9841ab5abefab5561f67e6dc6fc052723902d8a3a77540520b874f0a14ca5d4a872199f433d498c51166ff362cc0e596c458426a6a29bd88258b44d8f8f0bd83a7566c0cb7db3b9aa7e5762a3cdc6f36af693cfabc6f7c968d539cf8f26148bf95509fc0b46dff1cf0dedac787e9cc50c4bad059d975e4d5eafa324df929ac2912cc89ed36bed92620db8d449deade260ab1b0fe14fa50799e36e4f1db1dd8bf6c008b06a139a623535247b64fa00f253560b1cb3cb03b347f855bc56ddfcdec8ce2a5ba71e6b9e780d30706b13966b71ee6fd10e7766fcca96e9d8d4e23f7fabb9041d29df95f9c6fd12b5d908a221f83caae83efc03b8befc0694d93745eea0249b389dffbcd0292d1d4269725ce9714c228ffc9d33c34326e9f54829459a1c9a6ffda4bb829a03faa84f935d77f3aa44e2abab7128b0d05b94bb4b4c765460dbc14fc8f043c0a553a8dbe93d50e286a270e2454c87a8a9124c703f7cc645aca9c1154431a89d461f6505e651e266b8d8d165a5d863f015fa53e4cf4ae972b09bc143443061b04d54a755d24445547cca54fbdcb9f72159a83b3c1d226499eb67ccd93b6c9d4683b327f92f7facacabadcfb3cc8f95787e164231fed28ec935d4ac8e10940222fe0b84159f7ca1e0d3337a456f45cae4b691798cda159a2f4f67241862e8b9faef06e5522efc7c98e0a3b606df37049577cd39c0daa679bd37bdd280f5ee4e4c37a4bfd4c9e85387f0568156bc844713f9b155ab8607e5d5ca5ee8e1f5ba3f9e401a8d5fbfbdbf7c1424f14784a887b71862f73761eb888a9deee6d4a3ecc9d9bdab18a72a33fac1e4d4eb9c2e07d874cf575d349861884a66a0571cd2f1a1e99f2880126d45a4ead6da33fc8d9937c856bb0f07528c258ad9d17814a3ee64b50784edb5b1dea456b735c168e5df09e30902a136e5de1d80c9e28a1f799073a2a0b00ade0ae416cf8f7e3677a03335051bbc82b720430ba602b5aadaf9ab8164866bc3bab09b979b15e2d94a266fe160d1a13064a83a3f320c9cd24eb05cd82cf16e66c26a88f8fbdb6a76056707f053de5e5602040c887358e954211a7a9a3acb9b499dbbda99cd1442d9854bf9a296458c6016b2c6c61b561ab229742823bf212922c0bf1d7356c33a2ff7595cb609342af26242ff3d6a3518421a26192a18d140030c81c647d724d0a6a488d6c43ff2de70229ae5800c889cebd802a1ec9ac7a7f54af996893053b906b4e50f881dc83bb2e0c18445d8d8b710333ac3fe0ba264ca7fd0cfbc7d2386cb9e34109b403902283204327984895829a0af37b1dd8b7435c0a4223ac5d06c00391db4ec214a5bd129c37851947aa948d17c2480c2680802aac47fd41b4fb35d9b965fd95093059a0e4836d6261e7b87202fb479f702a9ed8ebbfd6098ae08a87e31d52cab84e576000480054d730606578582b1b93420289c20b1aff218510dcd48704aa4cea1c1d1ea194e1ca1a2caa1009353a69a4fd15f216f3e0cd9519ab5fdd65a4dc3bde85291df1257a6101a7c215ebf981d0eeb1f21522baf191bedebf278b9c1", @ANYRES32=r2, @ANYBLOB="6200a1806c8eed541dbfb59120104fa45cdf29426b6dfce917d81d15b391309d6f0795e675ecfc7f27457a5698c10ee9d84534fe8e8f00bbff9e0800ed00c7910000040027800400108004001380040019800800fb00", @ANYRES32=r5, @ANYBLOB="070032005d9f00000000ae1f4916d15603a1c7b59a8a5de3251cb3447a8bce93e5542dabc0583b219677800954a8320a5d6eee20b9af6dbc84510290a61910071f3f33698a8697ba6be3d5ec9909c4bda4970c9e71bb786f9d2870c38ca96873973a4c67520c6a199ce6152bec1ba288d251160ed6650cfff82da3897ae9eb725d290c184451aaf3ee1ec9e8de190610bae1e3a065e238b647677710f9a88a625fd3771c3c133dac6331d1b738be017ee886068aa84251c17b8e8c49692e71e8e7c3c72398ec44b44a16d884c9ac528cd554ff882c3d417d319103f095d504809c564879dc6f0110e9438a383ef7e1badf60f978c7e2a16ca9f300af9ec85ec83130ec824f3d218f1e377f24379ed65e0045bbe69da1289d6a4a7d0c9c0e2d9efcfb19a189350d102250202c1fd373303e10090eccf1592b62fa0e69d1b997b1b6bc8565c9a0322dd616d12514b4a6518dac45f91b27e52b66afa7e3a0dfc4a1b4ff52eb8bd743b6172e6c5e5e52dcee1004450bb6f94ea7ce516606ba0d38db50e1e7c92e82acd919ef7d1f157c5851b50baf0ba55929637bb1f9a70e859ca7b6105191b3d61e31b82d86c8a93b7689f5c8b8575004c84a72cfd5650e1614960c6ed2c1bc57bcecda9dc5dc230150f31265b8188ad9eb539cccf6e14efccf9996322296fe88eb0800c000", @ANYRES32=r6, @ANYBLOB="ad7856cd440b2ed9fd9fcc7a0f512fdf576eac277ee49fe431b30cb1498fedf4aff7d121d37b24f31357db64500ca58e8283805fb0e70c00b800000000001a01f08008004e0000000000", @ANYRES32=r3, @ANYBLOB="040014800400ad803511a78b8831a2fcff43b38088af694066a22e7957fb7684716428fc5894ff4fa44e7f853c803300853f54b0c1dc3ca26a76892e15fd8576b74ba6913b187188c02edc46e2bd6196fa60e388dddb0132d1f33719f3368e725e38602c230800f400", @ANYRES32=r2, @ANYBLOB="c155baa78ec099bb2266ce3d62f614f702f05bf1dcc9fb7768fb5f5f3e1fe3ed7cdc35139e040c27e3a82cdfe5ed62ee075ff2816f992b3ad54f2c080c7e285c8db905321d506852fac176bed2a5e557b13eb9a54b6b1c0ea980fdbaec435705f3c13a8b04bfa9a24150f3881d0c13e0a37556e0e76a1eb7add851cf1bd3b7e3be98b8770c57fb5adc5209e0562afbd9b3141a64184581ad5b5352591439e5a63d00001b01ef806a5d139872925d1029c0f54c3dd299e1210de9cb42dee8459d942c6c703c7c05543ba95465c31435e4e49eb4939ec374e76fb606300c1e842b5ee196804f091eaefc97b8290434120d89e3a33762b983dbefc27d60d3509453a9eead2f277b64e67d8696bf2bab606447080968a9737cb6b44f1435f141ae3aee7c83affecc1127f091ebc217e0671b40cf3efc8ab6c8a972ef66590dd8daa6b4d5d5e386493e4c2966f2c63b851001843dc65e663889ea504dc1b631464ad93706fcc4e20e0629b3bcf91cb44394c39a966423d506c797072eecd42af096c3fc7bf079ed263ff2a8cacfeb86e667e5aa0aa6d510485f97d0ca2bf208f7d9bb2c6125e2d540b7c268612a1145a24f583d8a8585999f6ebb23fa040028800000040504805568c9d07c54f98a29d9a24348356a23f364547aff1752e63f34450aa3fae2aa871e74f108091037fbf4de5519bffe94f69567bfa56933adbaf4e2f90bd23188f480cd5a1fabf9344fe1c2ee5a4863e6ad72b0406c78557a25588781ca07f8dddf1a5e7afb1ad6a97726ec0f562be8f4c2c9ae79a02f61dd41b402ec50df4b6d3247752b8f8b150ad8074cccc1039e7b25f8872d214f43018561b94821166f652dc7b4e332d780131351966525fb9930f7b2a2f657a544a0f2d2dc7d18dc366ebf208935f5ac0b77a845a28c46aa588c4d3c5c48607a5bb47ba67a4a28adf53a31c01f22606eda006064a9b21d9a63ae6239e100db65800a8d06001e00260000002c0008801f00d1002f70726f632f7468726561642d73656c662f6661696c2d6e7468000008005000", @ANYRES32=r7, @ANYBLOB="dc004b80e1fee9a804a43c587d0663b570c6f09f810e6eee12e238368bf0b7dc2295f56dbb3fea57a10e3869c7cbba59118a03baaf98044604c968317c6ff7cf7238bde4046f7503b31d5dc566602f2649f99d05d5e12d1711bc5fa5fd0566edfa367c054b60b8420c73caa604e3fed5f1ee3340050fd50127fe8c7b06d069bf8498ddec984da41edb4f505a6ab74554e948fbd4d8cba45253fca9dd5d19974a306a68616c4489733cf1a4995406c1017927a8e57e263d563e2e3d61d97bcec6343b7bc16e90f03c1a0690d270a38ba8b9e8da3c34798465f9d5131f0f076c31b0fe3e35f128681fe47b15504c3f3fdc4a4df7545b541174736e6e692b0ff1523d5640f53340a4c5b224457db7a861cef0b4928466fa257e1f4090cee2ebb0a315cf8916d75de92498c1856a003d0047df5298b7250af29a8aa8bd128947ecd42496261bf0bb858288554a8383c1009126d9ecf0f5aa1a8220eaee3a77823473260d836b71b156d861662b0188b7cb56f3414047366c4ae7bcac892029d4f3c7acc7ef8c1ff373de4dfcf6563b75b2ffbda498462f0000a9009980f484aa98480cdf6577567b10dd8e8322a0ec5a94e7f1555b33ebe079e16a731d91636a105f04625afaeb26180a8d3f073a041f0483e5c2cb74e5d38a5ef1fdba2d46c4a30ef6050ed895de348f21991cb62a70a699da52d2431f363b72cd5caa97974a9887ba23c9490469deb8575b7791ef4ab63c4e70ae07c81dc25c78cbec051ceb801eb9b4d5778f298a767409193d1490e9ccd121fbf9d367d1690a0d54888dbad5eb0000000c9629cee089fceea52d862d91a2008924b502edc98c7203180994022325c667391096bb03f126b19cad796f9e94c9547125677e44faf6ce7190ec8614bb9d99ccc339e585d4908e6876916a5abcbd9ca4d949b7419d1b117ce0171daa42756c8912a1ce65aa40e563b9d1812172ea212215c18d58148e209a9af6c6568331785b80b1d432a22a4156a8aca980354a3b8183c1d293f18300f3dc4f8a141e718eb0e7788847ea98af26105280784ac939788996e39a95ddd35624c018a811715d9714ee9c23dfd3120c0618aa60e350943c4f5ce204307ac986ebb5d3d5a7dcdb3cf7e75d31fe552bf2ed50691f00fd002f70726f632f7468726561642d73656c662f6661696c2d6e746800008100e9807bc3f1b9c9c73d8cb65fa2812cb15cdcf22607b49606fc77e2242667844a34212d5a5a54efc8aca9d1ac3b9dc422352e7d89eaf7fb5e0c674a98012f9b517700356904e868fb39aa999e03896ef0596000758f1611f1cbdbeede7dbd2dcbb236a8374836939ccb065821c4a9dfb0202539d75c96bdc420fc82aa29b578000000ad000980e78058253f0847a16052959e1fa4a5a300bcaafd3b3f275a18c3404c055428ec017b41973649d01d7dcb9530f732efb8f8cfc6da17060cb98387f072ba477a1c4b93f1eb3e01870c2e8649e472116872a54b09689fc98e641d084f7e4c6cad8147ba7a673a2df5a28b78c3f93ae9f35e4148f2e211748cb10eaf9f34fbab7b7b89a1893f8815130d8a4183ea06d6bbc8803a830cd36ee170bef1e576aa7eaa41e8c3fc1620274945db000000f80107801401be8014002e00ff01000000000000000000000000000104009b80f300c00068a27230b87cc21a3a613f289eee2b1e89feba766c24166088f8443733bf914cfe9adadf949bfccb5df36af4dd5b3b841924e979eecc75f0e0fe14b10e005fbd584fd784f669f834d5bc2d1d72d22e77e7cbaad71736c8bdb0f8eac9b4112ae2f1e8efd99365ce12a78b0cb10ed09f7d0c4c6befd6baae59c8a08d1fbae9a7f0878beb609c2255a109435b9cf6c29fb9492b4fb2b63c8c2327e9098d6a6ba90a826a6ba8582747ec83f659bbc3238cd1ebc09e8f256267e9251a90592e4bea265005d096661104e8abf7a9a6b84c525b867ee0ab59481f7d7537c8c4113095cfe229b9a991b17dfaf3eafc6ce9eefb0004003e8073b261f1b2fa3b400f0182a556eceda751e6d61c6f292aebd2709a67bb4e21efa4e9ae00588457519e7e58937b9aeb52e0ca0501b4c6efa39e76f93e0d881543d9ee410507f2f0e08dfddedd7b861b89ba9fa0406b6959f824caf4f320c77bcbfc510d25536ebc0bc637bb539869fe45db68f350ebafe25331f551f763003c8008004f00", @ANYRES32=r8, @ANYBLOB="0c0011000700000000000000f9cbd396f48eefcf5efb831a5467f86357270007ccc2c0acd54de5c0e276b021bb22527887b1f39d455ba009000b00f5232a29000000000400758008009b00", @ANYRES32=r2, @ANYBLOB="08002700ac14143100110002800800db8004006a807dbadaa2aa000000"], 0x1ea4}, 0x1, 0x0, 0x0, 0x20000000}, 0x80) openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2, 0x0) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x5, 0x1ff, 0x7fa, 0x2104, 0x9, 0x7, 0x7ff, 0x20010180, 0x4000000f}, 0x98) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7115}, 0xb) r9 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r9, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, 0x0, 0x7, 0x0, 0x5, 0xe}, 0x5}, 0x1, 0x101) write$auto_dynamic_events_ops_trace_dynevent(r1, &(0x7f0000000480)="0a451f44a544", 0x6) r10 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x800, 0x0) read$auto(r10, 0x0, 0x20) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket(0x2, 0x5, 0x106) 4.844086765s ago: executing program 0 (id=1531): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000005880)='/dev/bus/usb/002/001\x00', 0x2082, 0x0) mmap$auto(0x7, 0x0, 0xdf, 0xeb1, r0, 0x8000) socket(0x23, 0x80805, 0x0) setsockopt$auto(0xffffffffffffffff, 0x113, 0xffffffff, 0x0, 0x81) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x0, 0x0) socket(0x2, 0x4, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0xc, 0x0, 0x4) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3a, 0xfff, 0x948b, 0x8, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x12, 0x0, 0x0, &(0x7f00000002c0)={[0x203, 0x7, 0xd, 0x1, 0x948b, 0x6, 0x15f4da07, 0x3, 0x8, 0x2, 0x8000001f, 0x2, 0x8006d3e, 0x9, 0x5, 0x7f]}, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000) syslog$auto(0x3, &(0x7f0000007980)='\n)&*%#.+&%\r\x00', 0x0) fsopen$auto(0x0, 0x1) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SEND_BEACONS(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="46431d01ce1767bb03f0f47afdfa7c4bebb915d149f944640cd1b7de77ad11f4dc8f7959c0ffe35f1a5a2a6fa464e4e822c6a6d82b02137bbd12bb3f63a2a1cb37263096dc4b30a9e05e6b79f33e3310b9bf41fd6f5e53eea6f2d5d30805031f0172f38dceecf1e401a32cea4ccff829b514b7350b56d4d045a0af12596c03d6693f6ace0e91e8d5edea893456a9002920c2d795da4a3a5d421a01496e8baa746fb2fcb85a74146c0bd56273a23cf66cbc0b8c", @ANYRESHEX=r1, @ANYRESOCT], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4) r4 = socket(0x28, 0x5, 0x8) ioctl$auto_TUNSETOFFLOAD2(r3, 0x400454d0, &(0x7f0000000080)=0xfffffffe) mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) splice$auto(r4, 0x0, r4, 0x0, 0x804, 0x5) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/i8042/serio1/firmware_id\x00', 0x800, 0x0) read$auto(r5, &(0x7f0000000000)='/sys/devices/platform/vhci_hcd.11/usb31/31-0:1.0/bInterfaceNumber\x00', 0x8) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nl80211(0x0, r4) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x98e02, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) 2.804307794s ago: executing program 3 (id=1532): r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000003640), 0x0, 0x0) ioctl$auto_RTC_PARAM_GET(r0, 0x40187013, &(0x7f0000003680)={0x7, @uvalue=0x2c, 0x4}) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x620801, 0x0) ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f0000000340)="7fb9d5") 2.800678416s ago: executing program 2 (id=1533): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') (async) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (async) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x100000001ff, 0x7, 0x3, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x5, 0x62, 0x80000001, 0x5, 0x5, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) (async) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) (async) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) pwrite64$auto(r2, &(0x7f0000000000)='./cgroup/memory.pressure\x00', 0x6bc, 0x5) readahead$auto(r2, 0x4, 0x4) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) (async) r3 = io_uring_setup$auto(0x6, 0x0) (async) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x101803, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) ioctl$auto(r4, 0xc1205531, r3) (async) sysfs$auto(0x5, 0x100000074e, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) init_module$auto(0x0, 0xffff9, 0x0) (async) madvise$auto(0x0, 0xa, 0x8000401) (async) madvise$auto(0x0, 0x8000000000000000, 0x15) (async) madvise$auto(0x0, 0x2000000080000001, 0x3) (async) r5 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r5) (async) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) 2.46148343s ago: executing program 1 (id=1534): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="8873c413cf5b000426bd7000ffb8d42aafa6c9a4b1db"], 0x1c}, 0x1, 0x0, 0x0, 0x4040004}, 0x40c1) unshare$auto(0x40000080) mmap$auto(0x1000000000008, 0x40009, 0xa, 0x12, 0x2, 0x100000028000) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r2) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_allowed_congestion_control\x00', 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) sysfs$auto(0x2, 0x0, 0x0) getsockopt$auto(0x100000006, 0x0, 0x50, 0x0, 0x0) 2.266125088s ago: executing program 3 (id=1535): sendmsg$auto_GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002d0008000700"/18, @ANYRES32, @ANYBLOB="0800080004"], 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x0) (async) sendmsg$auto_GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002d0008000700"/18, @ANYRES32, @ANYBLOB="0800080004"], 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0xc01) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x1, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) quotactl_fd$auto(r0, 0x4, 0xffffffffffffffff, 0x0) setpgid$auto(0x0, 0x0) (async) setpgid$auto(0x0, 0x0) getdents64$auto(0xffffffffffffffff, 0x0, 0x400) ioctl$auto_VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, 0x0) madvise$auto(0x0, 0x8000000000000000, 0x15) capget$auto(0x0, 0xfffffffffffffffe) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) 1.969299329s ago: executing program 0 (id=1536): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x981082, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) setsockopt$auto_SO_RCVBUF(r0, 0xffff, 0x8, &(0x7f0000000000)='\x00', 0x7fff) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) setgroups$auto(0xe32, 0x0) prctl$auto(0x23, 0x8, 0x2008, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socket(0x2, 0x3, 0x2) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) 1.696061398s ago: executing program 3 (id=1537): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, 0x0, 0x100000a3d9) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x40000) setsockopt$auto(r0, 0x77, 0x129, 0x0, 0x80004) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x5, 0x6, 0xa9, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x3, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x6}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) socket(0x3, 0x80000, 0x6) sendto$auto(0xffffffffffffffff, 0x0, 0xb, 0xc, 0x0, 0x1c) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/icmp\x00', 0xc0880, 0x0) 1.675405995s ago: executing program 1 (id=1538): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x5, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) (fail_nth: 34) io_uring_enter$auto(0x3, 0x5, 0x5f3, 0x3, 0x0, 0x2) socket(0xa, 0x3, 0xff) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) 1.077522535s ago: executing program 1 (id=1539): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC2\x00', 0x101a02, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0) waitid$auto(0x1, 0xffffffffffffffff, &(0x7f0000000300)={@_si_pad}, 0x2, &(0x7f0000000380)={{0x6, 0x7}, {0x73, 0x9}, 0x10000, 0xfef, 0x4008b41, 0x9, 0x6, 0x5bec, 0x10000096ca, 0x5, 0x100000000, 0x401, 0x1, 0x4, 0xe, 0x8000000000000001}) ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x40101286, 0x0) mmap$auto(0x1, 0x20009, 0xdf, 0x80000000000eb1, 0x40000000000a5, 0x8000) mmap$auto(0x7fff, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8002) close_range$auto(r0, 0xfffffffffffff000, 0xfffffffe) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0xfffffffd) landlock_restrict_self$auto(r1, 0x0) r2 = syz_clone(0x10108000, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r2, 0x1, 0x2008000040006) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_BEARER_SET(r3, &(0x7f0000002040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='A2?>', @ANYRES16=r4, @ANYBLOB="01002dbd7000fedbdf250500000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x44}, 0x40044) socket(0x1e, 0x4, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x4) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x0, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r5, 0x4c01, 0x0) rseq$auto(&(0x7f0000000000)={0x3, 0x401, 0x0, 0x80000000, 0xffffffff, 0x2, "d04111b58564c569db6b15547a4c8fedb91ab92548aa074f94d38c19afbd743fa9d20f3929a7c19e8a553356563ee8d95dd86349f367505839acc96bc29bfb6c3c742b35438de67bc8911dcf0b6f6adb2f7fbb869d6b7f11dd21b650fce5661bcc471843678d612d"}, 0x8, 0xfffffffe, 0xfffffffb) r6 = socketpair$auto(0x1e, 0x2, 0x5, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, r6, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) sendmsg$auto_IOAM6_CMD_DEL_SCHEMA(r6, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="00042abd7000fedbdf25050000000800040005000000080004000740000008000400412a000008000400c7070000080004000700000008000400ffffff7f0800040000000008"], 0x4c}, 0x1, 0x0, 0x0, 0x24040090}, 0x24010400) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) fanotify_init$auto(0x5, 0x2000000000002) 680.081087ms ago: executing program 2 (id=1540): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop6\x00', 0x8081, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) ioctl$auto_BLKGETDISKSEQ(r0, 0x80081280, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x5, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85513, &(0x7f0000000840)={{@raw=0x8, 0x7, 0xba28, 0x0, "708c58271a7985a7f5ed0dd58af8d149fc53d81fd4a7553c2ff48b48a8a57689adcc1ca6d2cbfa93b50590c9", @raw=0xd}, 0x0, @bytes=@data="5d29f0ff6c66da3c8d62e8f6a2d4d6190eb2a0bbb3c176faaad23caeb55f27ef7a2e9b9f7e49b11925d33aea2094c0dcc3dadfdd6832a3f720c28eab70a927730ed2d2b21950da0c88c6324fcdf01c7de6422a24593aa05b868299926883690ae0d17f54a2670e87978f049c39c7252db666a3d5253948f6f27676017827eee8cfff1cfe902ab7ebdce6c091aa2ecbae3bc1a43296c74d0df6c7ad02109c6b24af67cfe5e8d583895c31668c6b5bf138574b71bcf68cc021e9c742cb020689061fa2579fd1659f0d75d6ca04e4bda7108da59fa513b0976ede7ebc87f5f9c66574f93e9629171c487085f23fc7cf3991ce264714903f5c83c2a199717f8dd62404add28aea76c977fee9481cd70f03d445d5d21a41b390fc1543d947f62347fef920a304a9227fd71201da2572539effbb2b9f8ba6adb28c586bac6eaafdb522ffd990a70761bd67428afc7488bdd303ff354fde37412c549af73a8a2b8ef44ae2ba59cbf8c016f1c5f043879aff54749fb99713f0459a1b16333e337c4347601a3070a1f885bd42472340feca71030e014ebe88096e3c6379fff202017e06cff06babb272374799da26a46ad623953231bcd75c3e10f0fc0e0326539a41e6ea0aa148c4951661677726f637574aaf2f7da85023bb77386a08088bd094ad7f8982d03131e9a8aeb7962e95be195c3777b6f220efa6b76e5a432703d83548a8d3", "fa491e08108961dd5708680f1134935851612a52d629535f54f3832490fc4e7f79daef312b3df3307044713a4801d409aefe3f932f78fc311771094e769c0095f94ee6d74f2517f34a0bbbf502bf3392ac4d93bde5f733ba936c0890312cf035bc44117db9b683eedc5e02a703fc82750d8d6ebac0c3019ef8e6c1eecea33a59"}) io_uring_enter$auto(0x3, 0x5, 0x5f3, 0x3, 0x0, 0x2) socket(0xa, 0x3, 0xff) sendmmsg$auto(0x3, 0x0, 0x7, 0x0) 281.3173ms ago: executing program 0 (id=1541): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x100000000021, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0) write$auto(r0, &(0x7f0000000140)='0[.[\x00', 0xcd04) r1 = socket(0x10, 0x2, 0x14) sendmsg$auto_NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x200, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x400000c) sysfs$auto(0x2, 0x101000000000007, 0x0) keyctl$auto(0x2000000000000017, 0x8000, 0x2d, 0xc4, 0x20803) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) mmap$auto(0x2, 0x42, 0x5, 0x17, r0, 0x1ff) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) io_setup$auto(0x80002, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_FORWARD2(0xffffffffffffffff, 0x40084149, &(0x7f0000001080)=0x7) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x42501, 0x0) mmap$auto(0x0, 0x7, 0x619, 0xeb1, 0xfffffffffffffffa, 0x8007) mmap$auto(0x0, 0x400008, 0x5f, 0x1b5e, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r3 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) signalfd$auto(r3, 0x0, 0x8) mmap$auto(0xfffffffffffffff9, 0x0, 0x36, 0x9b72, r2, 0x28003) prctl$auto(0x1000000003b, 0x1, 0x4, 0x4, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000001040), 0x40, 0x0) fcntl$auto(0x2, 0x401, 0x80000001) ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0) r4 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r4, &(0x7f0000000040)=""/4096, 0xfffffe82) migrate_pages$auto(0x0, 0x2, 0x0, &(0x7f0000000480)=0x86b) 0s ago: executing program 1 (id=1542): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8003) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x21, 0x5, 0x9) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/airtime_flags\x00', 0x2, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/ram10/queue/minimum_io_size\x00', 0x42e00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000001c0)=""/109, 0x6d) write$auto(0x3, 0x0, 0xffd8) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdc, 0xeb1, r1, 0x7ffc) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) ioctl$auto_BLKPG(r2, 0x1269, 0x0) sendmmsg$auto(0x3, 0x0, 0x7879, 0x7000000) r3 = socket(0x10, 0x2, 0x6) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/udp\x00', 0x240, 0x0) pread64$auto(r3, 0x0, 0x1, 0x2f4a3a21) sendto$auto(r3, &(0x7f0000000000)="742c0ff953f57b9c89ef", 0x3ff, 0x2, &(0x7f0000000040)=@generic={0x1, "73dbc23a8e2ae588470a34006abd"}, 0xfffffc00) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bus/usb/004/001\x00', 0x100, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) io_uring_setup$auto(0x7, 0x0) mmap$auto(0x3, 0x8, 0x800000df, 0x9b72, r2, 0x40008000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) setrlimit$auto(0x9, 0x0) mremap$auto(0x0, 0x1000004, 0xabd, 0x1000007, 0xfffffffe) sendmmsg$auto(0x3, 0x0, 0x2, 0x9) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/nbd4/queue/wbt_lat_usec\x00', 0x2202, 0x0) write$auto_proc_pid_attr_operations_base(r4, &(0x7f0000000ec0)='9', 0x1) kernel console output (not intermixed with test programs): [ 143.574721][ T6296] [U] [ 143.577486][ T6296] [U] [ 143.580261][ T6296] [U] [ 143.584602][ T6296] [U] [ 143.587392][ T6296] [U] [ 143.590170][ T6296] [U] [ 143.592933][ T6296] [U] [ 143.596139][ T6296] [U] [ 143.598928][ T6296] [U] [ 143.601699][ T6296] [U] [ 143.604471][ T6296] [U] [ 143.621023][ T6296] [U] [ 143.623846][ T6296] [U] [ 143.626614][ T6296] [U] [ 143.629385][ T6296] [U] [ 143.708764][ T6295] rnbd_client L213: map_device: Parameters missing [ 143.745187][ T6296] [U] [ 143.748013][ T6296] [U] [ 143.750773][ T6296] [U] [ 143.753534][ T6296] [U] [ 143.773565][ T6296] [U] [ 143.776369][ T6296] [U] [ 143.779114][ T6296] [U] [ 143.781873][ T6296] [U] [ 143.785041][ T6296] [U] [ 143.787828][ T6296] [U] [ 143.790574][ T6296] [U] [ 143.793314][ T6296] [U] [ 143.796502][ T6296] [U] [ 143.799288][ T6296] [U] [ 143.802054][ T6296] [U] [ 143.804815][ T6296] [U] [ 143.807993][ T6296] [U] [ 143.810774][ T6296] [U] [ 143.813550][ T6296] [U] [ 143.816338][ T6296] [U] [ 143.826312][ T6296] [U] [ 143.829858][ T6296] [U] [ 143.829928][ T6296] [U] [ 143.829983][ T6296] [U] [ 143.830451][ T6296] [U] [ 143.830511][ T6296] [U] [ 143.830569][ T6296] [U] [ 143.830625][ T6296] [U] [ 143.830890][ T6296] [U] [ 143.830947][ T6296] [U] [ 143.831004][ T6296] [U] [ 143.831061][ T6296] [U] [ 143.831384][ T6296] [U] [ 143.831447][ T6296] [U] [ 143.831503][ T6296] [U] [ 143.831560][ T6296] [U] [ 143.831773][ T6296] [U] [ 143.831830][ T6296] [U] [ 143.831888][ T6296] [U] [ 143.844930][ T6294] [U] [ 144.210426][ T6329] rnbd_client L213: map_device: Parameters missing [ 144.823383][ T6332] netlink: 338 bytes leftover after parsing attributes in process `syz.2.108'. [ 144.924815][ T6332] netlink: 338 bytes leftover after parsing attributes in process `syz.2.108'. [ 147.013488][ T6367] Invalid ELF header magic: != ELF [ 148.545209][ T6392] netlink: 338 bytes leftover after parsing attributes in process `syz.2.119'. [ 148.577746][ T6392] netlink: 338 bytes leftover after parsing attributes in process `syz.2.119'. [ 149.511021][ T1306] ieee802154 phy0 wpan0: encryption failed: -22 [ 149.542769][ T1306] ieee802154 phy1 wpan1: encryption failed: -22 [ 149.934443][ T6418] netlink: 338 bytes leftover after parsing attributes in process `syz.3.125'. [ 150.034935][ T6418] netlink: 338 bytes leftover after parsing attributes in process `syz.3.125'. [ 150.597438][ T6438] FAULT_INJECTION: forcing a failure. [ 150.597438][ T6438] name failslab, interval 1, probability 0, space 0, times 0 [ 150.678544][ T6438] CPU: 1 UID: 0 PID: 6438 Comm: syz.2.128 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 150.678587][ T6438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 150.678604][ T6438] Call Trace: [ 150.678613][ T6438] [ 150.678625][ T6438] dump_stack_lvl+0x16c/0x1f0 [ 150.678674][ T6438] should_fail_ex+0x512/0x640 [ 150.678710][ T6438] ? fs_reclaim_acquire+0xae/0x150 [ 150.678742][ T6438] ? tomoyo_encode2+0x100/0x3e0 [ 150.678775][ T6438] should_failslab+0xc2/0x120 [ 150.678799][ T6438] __kmalloc_noprof+0xd2/0x510 [ 150.678836][ T6438] ? d_absolute_path+0x136/0x1a0 [ 150.678866][ T6438] tomoyo_encode2+0x100/0x3e0 [ 150.678906][ T6438] tomoyo_encode+0x29/0x50 [ 150.678939][ T6438] tomoyo_realpath_from_path+0x18f/0x6e0 [ 150.678979][ T6438] ? tomoyo_profile+0x47/0x60 [ 150.679021][ T6438] tomoyo_path_number_perm+0x245/0x580 [ 150.679050][ T6438] ? tomoyo_path_number_perm+0x237/0x580 [ 150.679082][ T6438] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 150.679115][ T6438] ? find_held_lock+0x2b/0x80 [ 150.679175][ T6438] ? find_held_lock+0x2b/0x80 [ 150.679198][ T6438] ? hook_file_ioctl_common+0x145/0x410 [ 150.679233][ T6438] ? __fget_files+0x20e/0x3c0 [ 150.679273][ T6438] security_file_ioctl+0x9b/0x240 [ 150.679306][ T6438] __x64_sys_ioctl+0xb7/0x210 [ 150.679338][ T6438] do_syscall_64+0xcd/0x490 [ 150.679381][ T6438] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.679406][ T6438] RIP: 0033:0x7fbfb818e929 [ 150.679426][ T6438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.679450][ T6438] RSP: 002b:00007fbfb8f53038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 150.679473][ T6438] RAX: ffffffffffffffda RBX: 00007fbfb83b5fa0 RCX: 00007fbfb818e929 [ 150.679490][ T6438] RDX: 0000000000000003 RSI: 00000000400454d9 RDI: 04000000000000c8 [ 150.679505][ T6438] RBP: 00007fbfb8f53090 R08: 0000000000000000 R09: 0000000000000000 [ 150.679520][ T6438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 150.679535][ T6438] R13: 0000000000000000 R14: 00007fbfb83b5fa0 R15: 00007fff03f6a7b8 [ 150.679571][ T6438] [ 150.679674][ T6438] ERROR: Out of memory at tomoyo_realpath_from_path. [ 150.786316][ T6441] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 150.817255][ T5155] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 150.912336][ T6441] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 150.980689][ T5155] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 150.988445][ T5155] Bluetooth: hci3: Dropping invalid advertising data [ 150.995605][ T5155] Bluetooth: hci3: unknown advertising packet type: 0xe9 [ 150.995646][ T5155] Bluetooth: hci3: Dropping invalid advertising data [ 151.010331][ T5155] Bluetooth: hci3: Malformed LE Event: 0x02 [ 151.979389][ T6454] netlink: 'syz.0.135': attribute type 11 has an invalid length. [ 151.997597][ T6454] netlink: 'syz.0.135': attribute type 11 has an invalid length. [ 152.007447][ T6454] netlink: 'syz.0.135': attribute type 11 has an invalid length. [ 152.141826][ T6465] i2c i2c-0: delete_device: Can't parse I2C address [ 152.261263][ T6456] usb usb36: usbfs: process 6456 (syz.3.133) did not claim interface 0 before use [ 152.712620][ T6468] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78030 [ 152.817185][ T6468] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 152.926322][ T6468] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 152.953873][ T6468] page_type: f5(slab) [ 152.958476][ T6468] raw: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001 [ 152.967165][ T6468] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 152.998474][ T6468] head: 00fff00000000040 ffff88801b442140 0000000000000000 dead000000000001 [ 153.059011][ T6468] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 153.068281][ T6468] head: 00fff00000000003 ffffea0001e00c01 00000000ffffffff 00000000ffffffff [ 153.077179][ T6468] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 153.086580][ T6468] page dumped because: unmovable page [ 153.086831][ T6471] could not allocate digest TFM handle binfmt_misc [ 153.107895][ T6468] page_owner tracks the page as allocated [ 153.114663][ T6468] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 14, tgid 14 (kworker/u8:1), ts 134211924778, free_ts 133879807127 [ 153.313052][ T6468] post_alloc_hook+0x1c0/0x230 [ 153.357751][ T6476] sctp: failed to load transform for md5: -2 [ 153.408160][ T6468] get_page_from_freelist+0x1321/0x3890 [ 153.424465][ T6468] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 153.447193][ T6468] alloc_pages_mpol+0x1fb/0x550 [ 153.453070][ T6468] new_slab+0x23b/0x330 [ 153.457435][ T6468] ___slab_alloc+0xd9c/0x1940 [ 153.467096][ T6468] __slab_alloc.constprop.0+0x56/0xb0 [ 153.473691][ T6468] __kmalloc_node_track_caller_noprof+0x2ee/0x510 [ 153.482976][ T6468] kmalloc_reserve+0xef/0x2c0 [ 153.489141][ T6468] __alloc_skb+0x166/0x380 [ 153.494020][ T6468] nsim_dev_trap_report_work+0x2b1/0xcf0 [ 153.502439][ T6468] process_one_work+0x9cf/0x1b70 [ 153.511615][ T6468] worker_thread+0x6c8/0xf10 [ 153.516427][ T6468] kthread+0x3c2/0x780 [ 153.523783][ T6468] ret_from_fork+0x5d4/0x6f0 [ 153.529971][ T6468] ret_from_fork_asm+0x1a/0x30 [ 153.534959][ T6468] page last free pid 6155 tgid 6155 stack trace: [ 153.547332][ T6468] __free_frozen_pages+0x7fe/0x1180 [ 153.564932][ T6468] __put_partials+0x16d/0x1c0 [ 153.576750][ T6468] qlist_free_all+0x4d/0x120 [ 153.584635][ T6468] kasan_quarantine_reduce+0x195/0x1e0 [ 153.592552][ T6468] __kasan_slab_alloc+0x69/0x90 [ 153.601314][ T6468] __kmalloc_noprof+0x1d4/0x510 [ 153.606339][ T6468] tomoyo_realpath_from_path+0xc2/0x6e0 [ 153.614674][ T6468] tomoyo_check_open_permission+0x2ab/0x3c0 [ 153.623668][ T6468] tomoyo_file_open+0x6b/0x90 [ 153.631091][ T6468] security_file_open+0x84/0x1e0 [ 153.636211][ T6468] do_dentry_open+0x596/0x1c10 [ 153.645575][ T6468] vfs_open+0x82/0x3f0 [ 153.652444][ T6468] path_openat+0x1de4/0x2cb0 [ 153.660928][ T6468] do_filp_open+0x20b/0x470 [ 153.670644][ T6468] do_sys_openat2+0x11b/0x1d0 [ 153.676545][ T6468] __x64_sys_openat+0x174/0x210 [ 153.989883][ T6489] FAULT_INJECTION: forcing a failure. [ 153.989883][ T6489] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 154.003324][ T6489] CPU: 1 UID: 0 PID: 6489 Comm: syz.3.140 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 154.003366][ T6489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 154.003384][ T6489] Call Trace: [ 154.003394][ T6489] [ 154.003405][ T6489] dump_stack_lvl+0x16c/0x1f0 [ 154.003459][ T6489] should_fail_ex+0x512/0x640 [ 154.003520][ T6489] _copy_from_user+0x2e/0xd0 [ 154.003572][ T6489] __tun_chr_ioctl+0x1de/0x47a0 [ 154.003632][ T6489] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 154.003688][ T6489] ? hook_file_ioctl_common+0x145/0x410 [ 154.003733][ T6489] ? __fget_files+0x20e/0x3c0 [ 154.003781][ T6489] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 154.003832][ T6489] __x64_sys_ioctl+0x18e/0x210 [ 154.003873][ T6489] do_syscall_64+0xcd/0x490 [ 154.003926][ T6489] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.003958][ T6489] RIP: 0033:0x7f65c758e929 [ 154.003983][ T6489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.004013][ T6489] RSP: 002b:00007f65c832e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 154.004043][ T6489] RAX: ffffffffffffffda RBX: 00007f65c77b5fa0 RCX: 00007f65c758e929 [ 154.004074][ T6489] RDX: 0000000000000003 RSI: 00000000400454d9 RDI: 04000000000000c8 [ 154.004094][ T6489] RBP: 00007f65c832e090 R08: 0000000000000000 R09: 0000000000000000 [ 154.004112][ T6489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 154.004128][ T6489] R13: 0000000000000000 R14: 00007f65c77b5fa0 R15: 00007fff17d09b08 [ 154.004166][ T6489] [ 154.298909][ T6495] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 154.308937][ T6495] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 154.445508][ T6496] netlink: 338 bytes leftover after parsing attributes in process `syz.0.139'. [ 154.494992][ T6496] netlink: 338 bytes leftover after parsing attributes in process `syz.0.139'. [ 154.508830][ T6505] FAULT_INJECTION: forcing a failure. [ 154.508830][ T6505] name failslab, interval 1, probability 0, space 0, times 0 [ 154.531427][ T6505] CPU: 1 UID: 0 PID: 6505 Comm: syz.1.141 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 154.531478][ T6505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 154.531497][ T6505] Call Trace: [ 154.531507][ T6505] [ 154.531519][ T6505] dump_stack_lvl+0x16c/0x1f0 [ 154.531573][ T6505] should_fail_ex+0x512/0x640 [ 154.531620][ T6505] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 154.531676][ T6505] should_failslab+0xc2/0x120 [ 154.531707][ T6505] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 154.531756][ T6505] ? __d_alloc+0x31/0xaa0 [ 154.531811][ T6505] __d_alloc+0x31/0xaa0 [ 154.531869][ T6505] d_alloc_pseudo+0x1c/0xc0 [ 154.531905][ T6505] alloc_file_pseudo+0xcf/0x230 [ 154.531941][ T6505] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 154.531975][ T6505] ? alloc_fd+0x471/0x7d0 [ 154.532025][ T6505] sock_alloc_file+0x50/0x210 [ 154.532059][ T6505] __sys_socket+0x1c0/0x260 [ 154.532100][ T6505] ? __pfx___sys_socket+0x10/0x10 [ 154.532138][ T6505] ? xfd_validate_state+0x61/0x180 [ 154.532178][ T6505] ? __pfx___do_sys_prctl+0x10/0x10 [ 154.532237][ T6505] __x64_sys_socket+0x72/0xb0 [ 154.532274][ T6505] ? lockdep_hardirqs_on+0x7c/0x110 [ 154.532321][ T6505] do_syscall_64+0xcd/0x490 [ 154.532373][ T6505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.532405][ T6505] RIP: 0033:0x7f68aa38e929 [ 154.532436][ T6505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.532467][ T6505] RSP: 002b:00007f68ab1cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 154.532502][ T6505] RAX: ffffffffffffffda RBX: 00007f68aa5b5fa0 RCX: 00007f68aa38e929 [ 154.532522][ T6505] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000002d [ 154.532540][ T6505] RBP: 00007f68aa410b39 R08: 0000000000000000 R09: 0000000000000000 [ 154.532557][ T6505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 154.532575][ T6505] R13: 0000000000000000 R14: 00007f68aa5b5fa0 R15: 00007fff36ac82f8 [ 154.532615][ T6505] [ 155.753108][ T6519] FAULT_INJECTION: forcing a failure. [ 155.753108][ T6519] name fail_futex, interval 1, probability 0, space 0, times 1 [ 155.776302][ T6519] CPU: 1 UID: 0 PID: 6519 Comm: syz.2.146 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 155.776340][ T6519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 155.776356][ T6519] Call Trace: [ 155.776365][ T6519] [ 155.776376][ T6519] dump_stack_lvl+0x16c/0x1f0 [ 155.776455][ T6519] should_fail_ex+0x512/0x640 [ 155.776507][ T6519] get_futex_key+0x1d0/0x1540 [ 155.776549][ T6519] ? __pfx_get_futex_key+0x10/0x10 [ 155.776591][ T6519] ? stack_trace_save+0x8e/0xc0 [ 155.776639][ T6519] futex_wait_setup+0x9d/0x550 [ 155.776698][ T6519] __futex_wait+0x194/0x2f0 [ 155.776745][ T6519] ? __pfx___futex_wait+0x10/0x10 [ 155.776798][ T6519] ? __pfx_futex_wake_mark+0x10/0x10 [ 155.776868][ T6519] futex_wait+0xe8/0x380 [ 155.776912][ T6519] ? __pfx_futex_wait+0x10/0x10 [ 155.776982][ T6519] do_futex+0x229/0x350 [ 155.777022][ T6519] ? __pfx_do_futex+0x10/0x10 [ 155.777063][ T6519] ? __pfx___might_resched+0x10/0x10 [ 155.777102][ T6519] __x64_sys_futex+0x1e0/0x4c0 [ 155.777142][ T6519] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 155.777183][ T6519] ? __pfx___x64_sys_futex+0x10/0x10 [ 155.777219][ T6519] ? xfd_validate_state+0x61/0x180 [ 155.777249][ T6519] ? __pfx___do_sys_close_range+0x10/0x10 [ 155.777294][ T6519] do_syscall_64+0xcd/0x490 [ 155.777335][ T6519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.777360][ T6519] RIP: 0033:0x7fbfb818e929 [ 155.777378][ T6519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.777400][ T6519] RSP: 002b:00007fbfb8f530e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 155.777421][ T6519] RAX: ffffffffffffffda RBX: 00007fbfb83b5fa8 RCX: 00007fbfb818e929 [ 155.777436][ T6519] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fbfb83b5fa8 [ 155.777450][ T6519] RBP: 00007fbfb83b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 155.777463][ T6519] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fbfb83b5fac [ 155.777477][ T6519] R13: 0000000000000000 R14: 00007fff03f6a6d0 R15: 00007fff03f6a7b8 [ 155.777515][ T6519] [ 156.283553][ T6543] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 156.308149][ T6545] FAULT_INJECTION: forcing a failure. [ 156.308149][ T6545] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 156.403737][ T6545] CPU: 0 UID: 0 PID: 6545 Comm: syz.0.151 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 156.403782][ T6545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 156.403811][ T6545] Call Trace: [ 156.403819][ T6545] [ 156.403831][ T6545] dump_stack_lvl+0x16c/0x1f0 [ 156.403884][ T6545] should_fail_ex+0x512/0x640 [ 156.403935][ T6545] _copy_to_user+0x32/0xd0 [ 156.403986][ T6545] simple_read_from_buffer+0xcb/0x170 [ 156.404031][ T6545] proc_fail_nth_read+0x197/0x270 [ 156.404068][ T6545] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 156.404125][ T6545] ? rw_verify_area+0xcf/0x680 [ 156.404165][ T6545] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 156.404202][ T6545] vfs_read+0x1e1/0xc60 [ 156.404253][ T6545] ? __pfx___mutex_lock+0x10/0x10 [ 156.404316][ T6545] ? __pfx_vfs_read+0x10/0x10 [ 156.404373][ T6545] ? __fget_files+0x20e/0x3c0 [ 156.404432][ T6545] ksys_read+0x12a/0x250 [ 156.404475][ T6545] ? __pfx_ksys_read+0x10/0x10 [ 156.404522][ T6545] ? fput+0x70/0xf0 [ 156.404559][ T6545] do_syscall_64+0xcd/0x490 [ 156.404612][ T6545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.404644][ T6545] RIP: 0033:0x7f7c1078d33c [ 156.404669][ T6545] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 156.404699][ T6545] RSP: 002b:00007f7c11553030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 156.404728][ T6545] RAX: ffffffffffffffda RBX: 00007f7c109b5fa0 RCX: 00007f7c1078d33c [ 156.404748][ T6545] RDX: 000000000000000f RSI: 00007f7c115530a0 RDI: 0000000000000003 [ 156.404766][ T6545] RBP: 00007f7c11553090 R08: 0000000000000000 R09: 0000000000000000 [ 156.404783][ T6545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 156.404800][ T6545] R13: 0000000000000000 R14: 00007f7c109b5fa0 R15: 00007ffd55d073a8 [ 156.404840][ T6545] [ 157.429542][ T6567] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 157.545472][ T6567] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 157.675062][ T6565] netlink: 338 bytes leftover after parsing attributes in process `syz.1.154'. [ 157.697344][ T6565] netlink: 338 bytes leftover after parsing attributes in process `syz.1.154'. [ 160.420999][ T6607] netlink: 28 bytes leftover after parsing attributes in process `syz.1.161'. [ 161.283737][ T6626] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 161.306680][ T6626] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 161.846779][ T6638] rnbd_client L202: map_device: Unknown parameter or missing value '#' [ 162.469141][ T6634] ptm ptm60: ldisc open failed (-12), clearing slot 60 [ 164.430170][ T6678] netlink: 338 bytes leftover after parsing attributes in process `syz.2.174'. [ 164.451121][ T6678] netlink: 338 bytes leftover after parsing attributes in process `syz.2.174'. [ 164.589856][ T6688] netlink: 338 bytes leftover after parsing attributes in process `syz.1.175'. [ 164.631551][ T6688] netlink: 338 bytes leftover after parsing attributes in process `syz.1.175'. [ 172.448710][ T6803] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 172.476546][ T6803] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 173.196562][ T6822] FAULT_INJECTION: forcing a failure. [ 173.196562][ T6822] name fail_futex, interval 1, probability 0, space 0, times 0 [ 173.210728][ T6822] CPU: 1 UID: 0 PID: 6822 Comm: syz.0.209 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 173.210769][ T6822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 173.210786][ T6822] Call Trace: [ 173.210795][ T6822] [ 173.210808][ T6822] dump_stack_lvl+0x16c/0x1f0 [ 173.210863][ T6822] should_fail_ex+0x512/0x640 [ 173.210913][ T6822] get_futex_key+0x1d0/0x1540 [ 173.210954][ T6822] ? __pfx_get_futex_key+0x10/0x10 [ 173.211006][ T6822] futex_wake+0xea/0x530 [ 173.211058][ T6822] ? rcu_is_watching+0x12/0xc0 [ 173.211089][ T6822] ? __pfx_futex_wake+0x10/0x10 [ 173.211137][ T6822] ? kmem_cache_free+0x2d1/0x4d0 [ 173.211178][ T6822] ? find_held_lock+0x2b/0x80 [ 173.211206][ T6822] ? putname+0x154/0x1a0 [ 173.211236][ T6822] ? do_sys_openat2+0x1b0/0x1d0 [ 173.211273][ T6822] do_futex+0x1e3/0x350 [ 173.211312][ T6822] ? __pfx_do_futex+0x10/0x10 [ 173.211363][ T6822] __x64_sys_futex+0x1e0/0x4c0 [ 173.211403][ T6822] ? __x64_sys_openat+0x174/0x210 [ 173.211438][ T6822] ? __pfx___x64_sys_futex+0x10/0x10 [ 173.211493][ T6822] do_syscall_64+0xcd/0x490 [ 173.211544][ T6822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.211577][ T6822] RIP: 0033:0x7f7c1078e929 [ 173.211602][ T6822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.211630][ T6822] RSP: 002b:00007f7c115320e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 173.211658][ T6822] RAX: ffffffffffffffda RBX: 00007f7c109b6088 RCX: 00007f7c1078e929 [ 173.211677][ T6822] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7c109b608c [ 173.211695][ T6822] RBP: 00007f7c109b6080 R08: 00007f7c11554000 R09: 0000000000000000 [ 173.211712][ T6822] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f7c109b608c [ 173.211730][ T6822] R13: 0000000000000000 R14: 00007ffd55d072c0 R15: 00007ffd55d073a8 [ 173.211769][ T6822] [ 173.271403][ T6819] sp0: Synchronizing with TNC [ 173.702875][ T6831] netlink: 338 bytes leftover after parsing attributes in process `syz.0.211'. [ 173.731872][ T6831] netlink: 338 bytes leftover after parsing attributes in process `syz.0.211'. [ 175.887994][ T6860] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 176.035944][ T6863] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 176.054024][ T6863] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 176.875197][ T6876] netlink: 338 bytes leftover after parsing attributes in process `syz.3.223'. [ 176.896423][ T6879] netlink: 338 bytes leftover after parsing attributes in process `syz.3.223'. [ 179.647573][ T6919] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [2147479552]. [ 181.618354][ T6956] ima: policy update failed [ 181.645425][ T6955] can: request_module (can-proto-4) failed. [ 181.678115][ T30] audit: type=1802 audit(4294967496.575:2): pid=6956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.241" res=0 errno=0 [ 181.938230][ T6969] netlink: 338 bytes leftover after parsing attributes in process `syz.1.244'. [ 181.975787][ T6969] netlink: 338 bytes leftover after parsing attributes in process `syz.1.244'. [ 182.099784][ T6980] sp0: Synchronizing with TNC [ 182.598598][ T6992] FAULT_INJECTION: forcing a failure. [ 182.598598][ T6992] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 182.638100][ T6992] CPU: 0 UID: 0 PID: 6992 Comm: syz.2.250 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 182.638144][ T6992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 182.638162][ T6992] Call Trace: [ 182.638172][ T6992] [ 182.638188][ T6992] dump_stack_lvl+0x16c/0x1f0 [ 182.638244][ T6992] should_fail_ex+0x512/0x640 [ 182.638298][ T6992] _copy_to_user+0x32/0xd0 [ 182.638352][ T6992] simple_read_from_buffer+0xcb/0x170 [ 182.638397][ T6992] proc_fail_nth_read+0x197/0x270 [ 182.638435][ T6992] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 182.638477][ T6992] ? rw_verify_area+0xcf/0x680 [ 182.638516][ T6992] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 182.638552][ T6992] vfs_read+0x1e1/0xc60 [ 182.638602][ T6992] ? __pfx___mutex_lock+0x10/0x10 [ 182.638653][ T6992] ? __pfx_vfs_read+0x10/0x10 [ 182.638708][ T6992] ? __fget_files+0x20e/0x3c0 [ 182.638765][ T6992] ksys_read+0x12a/0x250 [ 182.638809][ T6992] ? __pfx_ksys_read+0x10/0x10 [ 182.638867][ T6992] do_syscall_64+0xcd/0x490 [ 182.638928][ T6992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.638961][ T6992] RIP: 0033:0x7fbfb818d33c [ 182.638992][ T6992] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 182.639021][ T6992] RSP: 002b:00007fbfb8f53030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 182.639051][ T6992] RAX: ffffffffffffffda RBX: 00007fbfb83b5fa0 RCX: 00007fbfb818d33c [ 182.639070][ T6992] RDX: 000000000000000f RSI: 00007fbfb8f530a0 RDI: 0000000000000004 [ 182.639089][ T6992] RBP: 00007fbfb8f53090 R08: 0000000000000000 R09: 0000000000000000 [ 182.639107][ T6992] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001 [ 182.639126][ T6992] R13: 0000000000000000 R14: 00007fbfb83b5fa0 R15: 00007fff03f6a7b8 [ 182.639167][ T6992] [ 183.712360][ T7015] netlink: 342 bytes leftover after parsing attributes in process `syz.0.257'. [ 183.962503][ T7015] netlink: 342 bytes leftover after parsing attributes in process `syz.0.257'. [ 185.301521][ T7037] sp0: Synchronizing with TNC [ 188.804839][ T7075] ip_vti0: entered allmulticast mode [ 191.553293][ T7121] FAULT_INJECTION: forcing a failure. [ 191.553293][ T7121] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 191.627965][ T7121] CPU: 1 UID: 0 PID: 7121 Comm: syz.3.281 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 191.628008][ T7121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 191.628025][ T7121] Call Trace: [ 191.628034][ T7121] [ 191.628045][ T7121] dump_stack_lvl+0x16c/0x1f0 [ 191.628095][ T7121] should_fail_ex+0x512/0x640 [ 191.628145][ T7121] _copy_to_user+0x32/0xd0 [ 191.628196][ T7121] simple_read_from_buffer+0xcb/0x170 [ 191.628238][ T7121] proc_fail_nth_read+0x197/0x270 [ 191.628275][ T7121] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 191.628314][ T7121] ? rw_verify_area+0xcf/0x680 [ 191.628361][ T7121] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 191.628406][ T7121] vfs_read+0x1e1/0xc60 [ 191.628453][ T7121] ? __pfx___mutex_lock+0x10/0x10 [ 191.628503][ T7121] ? __pfx_vfs_read+0x10/0x10 [ 191.628557][ T7121] ? __fget_files+0x20e/0x3c0 [ 191.628623][ T7121] ksys_read+0x12a/0x250 [ 191.628664][ T7121] ? __pfx_ksys_read+0x10/0x10 [ 191.628719][ T7121] do_syscall_64+0xcd/0x490 [ 191.628769][ T7121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.628800][ T7121] RIP: 0033:0x7f65c758d33c [ 191.628824][ T7121] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 191.628852][ T7121] RSP: 002b:00007f65c832e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 191.628879][ T7121] RAX: ffffffffffffffda RBX: 00007f65c77b5fa0 RCX: 00007f65c758d33c [ 191.628898][ T7121] RDX: 000000000000000f RSI: 00007f65c832e0a0 RDI: 0000000000000004 [ 191.628915][ T7121] RBP: 00007f65c832e090 R08: 0000000000000000 R09: 0000000000000000 [ 191.628932][ T7121] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001 [ 191.628949][ T7121] R13: 0000000000000000 R14: 00007f65c77b5fa0 R15: 00007fff17d09b08 [ 191.628988][ T7121] [ 192.218493][ T7125] rnbd_client L213: map_device: Parameters missing [ 193.801147][ T7156] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 193.844170][ T7156] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 193.861845][ T7147] netlink: 338 bytes leftover after parsing attributes in process `syz.1.290'. [ 193.876707][ T7147] netlink: 338 bytes leftover after parsing attributes in process `syz.1.290'. [ 196.572529][ T7186] syz.0.298 (7186) used greatest stack depth: 17976 bytes left [ 196.752550][ T7212] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 196.787941][ T7212] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 196.846954][ T30] audit: type=1800 audit(4294967551.747:3): pid=7217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.303" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 197.452975][ T7227] rnbd_client L213: map_device: Parameters missing [ 200.023403][ T7265] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 200.373070][ T7265] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 200.730123][ T7272] netlink: 338 bytes leftover after parsing attributes in process `syz.3.316'. [ 200.755648][ T7272] netlink: 338 bytes leftover after parsing attributes in process `syz.3.316'. [ 205.485543][ T7358] Line length is too long: Should be less than 4094 [ 205.504786][ T7351] netlink: 338 bytes leftover after parsing attributes in process `syz.1.334'. [ 205.533105][ T7351] netlink: 338 bytes leftover after parsing attributes in process `syz.1.334'. [ 206.743532][ T7375] FAULT_INJECTION: forcing a failure. [ 206.743532][ T7375] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 206.743575][ T7375] CPU: 0 UID: 0 PID: 7375 Comm: syz.2.340 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 206.743613][ T7375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 206.743631][ T7375] Call Trace: [ 206.743640][ T7375] [ 206.743653][ T7375] dump_stack_lvl+0x16c/0x1f0 [ 206.743725][ T7375] should_fail_ex+0x512/0x640 [ 206.743777][ T7375] _copy_from_user+0x2e/0xd0 [ 206.743823][ T7375] memdup_user+0x6b/0xe0 [ 206.743868][ T7375] dvb_get_property.isra.0+0x162/0x650 [ 206.743917][ T7375] ? __pfx_dvb_get_property.isra.0+0x10/0x10 [ 206.743961][ T7375] ? kasan_save_stack+0x42/0x60 [ 206.744002][ T7375] ? kasan_save_stack+0x33/0x60 [ 206.744043][ T7375] ? kasan_save_track+0x14/0x30 [ 206.744143][ T7375] ? kasan_quarantine_put+0x10a/0x240 [ 206.744185][ T7375] ? lockdep_hardirqs_on+0x7c/0x110 [ 206.744237][ T7375] dvb_frontend_handle_ioctl+0x143e/0x3060 [ 206.744292][ T7375] ? __pfx_dvb_frontend_handle_ioctl+0x10/0x10 [ 206.744342][ T7375] ? do_raw_spin_lock+0x12c/0x2b0 [ 206.744390][ T7375] ? find_held_lock+0x2b/0x80 [ 206.744423][ T7375] ? rcu_is_watching+0x12/0xc0 [ 206.744451][ T7375] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 206.744494][ T7375] ? lockdep_hardirqs_on+0x7c/0x110 [ 206.744544][ T7375] dvb_frontend_do_ioctl+0x1c8/0x2f0 [ 206.744595][ T7375] dvb_usercopy+0x167/0x340 [ 206.744640][ T7375] ? __pfx_dvb_frontend_do_ioctl+0x10/0x10 [ 206.744686][ T7375] ? __pfx_dvb_usercopy+0x10/0x10 [ 206.744755][ T7375] ? __fget_files+0x20e/0x3c0 [ 206.744803][ T7375] dvb_frontend_ioctl+0x50/0x80 [ 206.744842][ T7375] ? __pfx_dvb_frontend_ioctl+0x10/0x10 [ 206.744884][ T7375] __x64_sys_ioctl+0x18e/0x210 [ 206.744923][ T7375] do_syscall_64+0xcd/0x490 [ 206.744973][ T7375] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.745004][ T7375] RIP: 0033:0x7fbfb818e929 [ 206.745029][ T7375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.745058][ T7375] RSP: 002b:00007fbfb8f53038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 206.745087][ T7375] RAX: ffffffffffffffda RBX: 00007fbfb83b5fa0 RCX: 00007fbfb818e929 [ 206.745107][ T7375] RDX: 0000000000000004 RSI: 0000000080106f53 RDI: 0000000000000003 [ 206.745124][ T7375] RBP: 00007fbfb8f53090 R08: 0000000000000000 R09: 0000000000000000 [ 206.745141][ T7375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 206.745158][ T7375] R13: 0000000000000000 R14: 00007fbfb83b5fa0 R15: 00007fff03f6a7b8 [ 206.745196][ T7375] [ 206.922567][ T7382] netlink: 'syz.3.341': attribute type 1 has an invalid length. [ 208.739647][ T7401] netlink: 28 bytes leftover after parsing attributes in process `syz.2.345'. [ 208.883024][ T7401] ip6_vti0: entered allmulticast mode [ 208.949063][ T7371] tty tty25: ldisc open failed (-12), clearing slot 24 [ 209.311183][ T7409] netlink: 28 bytes leftover after parsing attributes in process `'. [ 209.571598][ T7410] netlink: 338 bytes leftover after parsing attributes in process `syz.1.347'. [ 209.721902][ T7410] netlink: 338 bytes leftover after parsing attributes in process `syz.1.347'. [ 210.603588][ T7433] bdi 43:96: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 210.952911][ T1306] ieee802154 phy0 wpan0: encryption failed: -22 [ 210.959851][ T1306] ieee802154 phy1 wpan1: encryption failed: -22 [ 212.320656][ T7463] netlink: 28 bytes leftover after parsing attributes in process `'. [ 212.448983][ T7465] FAULT_INJECTION: forcing a failure. [ 212.448983][ T7465] name failslab, interval 1, probability 0, space 0, times 0 [ 212.507564][ T7465] CPU: 1 UID: 0 PID: 7465 Comm: syz.2.359 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 212.507604][ T7465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 212.507621][ T7465] Call Trace: [ 212.507630][ T7465] [ 212.507641][ T7465] dump_stack_lvl+0x16c/0x1f0 [ 212.507692][ T7465] should_fail_ex+0x512/0x640 [ 212.507732][ T7465] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 212.507777][ T7465] should_failslab+0xc2/0x120 [ 212.507805][ T7465] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 212.507852][ T7465] ? vma_merge_new_range+0x37f/0xa00 [ 212.507893][ T7465] ? vm_area_alloc+0x1f/0x160 [ 212.507932][ T7465] vm_area_alloc+0x1f/0x160 [ 212.507969][ T7465] __mmap_region+0xf0e/0x25e0 [ 212.508015][ T7465] ? __pfx___mmap_region+0x10/0x10 [ 212.508063][ T7465] ? rcu_is_watching+0x12/0xc0 [ 212.508103][ T7465] ? rcu_is_watching+0x12/0xc0 [ 212.508135][ T7465] ? trace_sched_exit_tp+0xde/0x130 [ 212.508172][ T7465] ? __schedule+0x1181/0x5de0 [ 212.508254][ T7465] ? __pfx___schedule+0x10/0x10 [ 212.508361][ T7465] ? trace_cap_capable+0x18d/0x200 [ 212.508407][ T7465] mmap_region+0x1ab/0x3f0 [ 212.508456][ T7465] ? __get_unmapped_area+0x267/0x440 [ 212.508496][ T7465] do_mmap+0xa3e/0x1210 [ 212.508539][ T7465] ? __pfx_do_mmap+0x10/0x10 [ 212.508574][ T7465] ? __pfx_down_write_killable+0x10/0x10 [ 212.508616][ T7465] vm_mmap_pgoff+0x281/0x450 [ 212.508656][ T7465] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 212.508697][ T7465] ? __x64_sys_futex+0x1e0/0x4c0 [ 212.508734][ T7465] ? __x64_sys_futex+0x1e9/0x4c0 [ 212.508778][ T7465] ksys_mmap_pgoff+0x7d/0x5c0 [ 212.508810][ T7465] ? xfd_validate_state+0x61/0x180 [ 212.508848][ T7465] ? __pfx___x64_sys_clock_settime+0x10/0x10 [ 212.508901][ T7465] __x64_sys_mmap+0x125/0x190 [ 212.508949][ T7465] do_syscall_64+0xcd/0x490 [ 212.509001][ T7465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.509032][ T7465] RIP: 0033:0x7fbfb818e929 [ 212.509058][ T7465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.509087][ T7465] RSP: 002b:00007fbfb8f53038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 212.509115][ T7465] RAX: ffffffffffffffda RBX: 00007fbfb83b5fa0 RCX: 00007fbfb818e929 [ 212.509135][ T7465] RDX: 00000000000000df RSI: 0000000000400005 RDI: 0000000000000000 [ 212.509153][ T7465] RBP: 00007fbfb8210b39 R08: 0000000000000002 R09: 0000000000008000 [ 212.509171][ T7465] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 212.509188][ T7465] R13: 0000000000000000 R14: 00007fbfb83b5fa0 R15: 00007fff03f6a7b8 [ 212.509238][ T7465] [ 213.197023][ T7470] netlink: 338 bytes leftover after parsing attributes in process `syz.0.361'. [ 213.227464][ T7470] netlink: 338 bytes leftover after parsing attributes in process `syz.0.361'. [ 213.907753][ T7491] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 213.926613][ T7491] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 217.434119][ T7537] [U] [ 217.436901][ T7537] [U] [ 217.439625][ T7537] [U] [ 217.442345][ T7537] [U] [ 217.447164][ T7537] [U] [ 217.449976][ T7537] [U] [ 217.452759][ T7537] [U] [ 217.455523][ T7537] [U] [ 217.467837][ T7537] [U] [ 217.470614][ T7537] [U] [ 217.473333][ T7537] [U] [ 217.476053][ T7537] [U] [ 217.499346][ T7537] [U] [ 217.502175][ T7537] [U] [ 217.504941][ T7537] [U] [ 217.507704][ T7537] [U] [ 217.511860][ T7537] [U] [ 217.514659][ T7537] [U] [ 217.517424][ T7537] [U] [ 217.520204][ T7537] [U] [ 217.551325][ T7537] [U] [ 217.554128][ T7537] [U] [ 217.556890][ T7537] [U] [ 217.559661][ T7537] [U] [ 217.565428][ T7537] [U] [ 217.568228][ T7537] [U] [ 217.571017][ T7537] [U] [ 217.573794][ T7537] [U] [ 217.591936][ T7537] [U] [ 217.594770][ T7537] [U] [ 217.597631][ T7537] [U] [ 217.600409][ T7537] [U] [ 217.626538][ T7537] [U] [ 217.629345][ T7537] [U] [ 217.632102][ T7537] [U] [ 217.634871][ T7537] [U] [ 217.747203][ T7537] [U] [ 217.750153][ T7537] [U] [ 217.752874][ T7537] [U] [ 217.755600][ T7537] [U] [ 217.778649][ T7542] ubi0: attaching mtd0 [ 217.858384][ T7542] ubi0: scanning is finished [ 217.863166][ T7542] ubi0: empty MTD device detected [ 217.900077][ T7537] [U] [ 217.902902][ T7537] [U] [ 217.905676][ T7537] [U] [ 217.908474][ T7537] [U] [ 217.983011][ T7542] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 218.034800][ T7536] [U] [ 218.526021][ T7542] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 218.874459][ T7551] FAULT_INJECTION: forcing a failure. [ 218.874459][ T7551] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 218.918917][ T7551] CPU: 1 UID: 0 PID: 7551 Comm: syz.2.380 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 218.918961][ T7551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 218.918979][ T7551] Call Trace: [ 218.918988][ T7551] [ 218.919000][ T7551] dump_stack_lvl+0x16c/0x1f0 [ 218.919056][ T7551] should_fail_ex+0x512/0x640 [ 218.919109][ T7551] _copy_from_user+0x2e/0xd0 [ 218.919165][ T7551] copy_msghdr_from_user+0x98/0x160 [ 218.919216][ T7551] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 218.919275][ T7551] ? __lock_acquire+0x622/0x1c90 [ 218.919325][ T7551] ___sys_recvmsg+0xdb/0x1a0 [ 218.919377][ T7551] ? __pfx____sys_recvmsg+0x10/0x10 [ 218.919431][ T7551] ? find_held_lock+0x2b/0x80 [ 218.919489][ T7551] do_recvmmsg+0x2fe/0x750 [ 218.919548][ T7551] ? __pfx_do_recvmmsg+0x10/0x10 [ 218.919616][ T7551] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 218.919680][ T7551] ? __fget_files+0x20e/0x3c0 [ 218.919734][ T7551] __x64_sys_recvmmsg+0x22a/0x280 [ 218.919766][ T7551] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 218.919811][ T7551] do_syscall_64+0xcd/0x490 [ 218.919864][ T7551] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.919893][ T7551] RIP: 0033:0x7fbfb818e929 [ 218.919916][ T7551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.919945][ T7551] RSP: 002b:00007fbfb8f53038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 218.919974][ T7551] RAX: ffffffffffffffda RBX: 00007fbfb83b5fa0 RCX: 00007fbfb818e929 [ 218.919994][ T7551] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000006 [ 218.920012][ T7551] RBP: 00007fbfb8f53090 R08: 0000000000000000 R09: 0000000000000000 [ 218.920029][ T7551] R10: 00000000000066a6 R11: 0000000000000246 R12: 0000000000000001 [ 218.920046][ T7551] R13: 0000000000000000 R14: 00007fbfb83b5fa0 R15: 00007fff03f6a7b8 [ 218.920085][ T7551] [ 219.116365][ C1] vkms_vblank_simulate: vblank timer overrun [ 219.172847][ T7558] netlink: zone id is out of range [ 219.180692][ T7558] netlink: zone id is out of range [ 219.185864][ T7558] netlink: zone id is out of range [ 219.195065][ T7558] netlink: zone id is out of range [ 219.200316][ T7558] netlink: zone id is out of range [ 219.207270][ T7558] netlink: zone id is out of range [ 219.215715][ T7558] netlink: zone id is out of range [ 219.220996][ T7558] netlink: zone id is out of range [ 219.226148][ T7558] netlink: zone id is out of range [ 219.254991][ T7558] netlink: zone id is out of range [ 224.301118][ T7599] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 225.464309][ T7646] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 225.596614][ T7650] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 225.705284][ T7650] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 225.824252][ T30] audit: type=1800 audit(4294967660.732:4): pid=7651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.395" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 226.016568][ T7647] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 228.559463][ T7701] ubi0: attaching mtd0 [ 228.601633][ T7701] ubi0: scanning is finished [ 228.635796][ T7701] ubi0: empty MTD device detected [ 228.781942][ T7701] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 229.104766][ T7701] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 230.372361][ T7730] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 230.418347][ T7730] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 231.480158][ T7736] vivid-001: ================= START STATUS ================= [ 231.524714][ T7736] vivid-001: Radio HW Seek Mode: Bounded [ 231.550102][ T7736] vivid-001: Radio Programmable HW Seek: false [ 231.601004][ T7736] vivid-001: RDS Rx I/O Mode: Block I/O [ 231.606678][ T7736] vivid-001: Generate RBDS Instead of RDS: false [ 231.646224][ T7736] vivid-001: RDS Reception: true [ 231.655316][ T7736] vivid-001: RDS Program Type: 0 inactive [ 231.661933][ T7736] vivid-001: RDS PS Name: inactive [ 231.667410][ T7736] vivid-001: RDS Radio Text: inactive [ 231.701567][ T7736] vivid-001: RDS Traffic Announcement: false inactive [ 231.712478][ T7736] vivid-001: RDS Traffic Program: false inactive [ 231.721490][ T7736] vivid-001: RDS Music: false inactive [ 231.727288][ T7736] vivid-001: ================== END STATUS ================== [ 233.290137][ T7766] sctp: Changing rto_alpha or rto_beta may lead to suboptimal rtt/srtt estimations! [ 233.315819][ T7759] netlink: 338 bytes leftover after parsing attributes in process `syz.2.417'. [ 233.359047][ T7759] netlink: 338 bytes leftover after parsing attributes in process `syz.2.417'. [ 234.418280][ T7787] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 234.770665][ T7787] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 235.632977][ T7801] binder: 7800:7801 ioctl 541b 38 returned -22 [ 235.956067][ T7811] sp0: Synchronizing with TNC [ 236.775504][ T7832] program syz.3.430 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 236.821029][ T7832] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 237.457705][ T7838] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 237.480720][ T7838] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 237.553379][ T7839] net_ratelimit: 21 callbacks suppressed [ 237.553407][ T7839] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 237.566053][ T7839] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 238.633715][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 238.636684][ T5849] Bluetooth: hci3: command 0x0406 tx timeout [ 238.644408][ T5838] Bluetooth: hci1: command 0x0406 tx timeout [ 238.647992][ T5849] Bluetooth: hci0: command 0x0406 tx timeout [ 239.252354][ T5155] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 243.012487][ T7923] netlink: 4 bytes leftover after parsing attributes in process `syz.3.447'. [ 243.426787][ T7937] netlink: 338 bytes leftover after parsing attributes in process `syz.2.449'. [ 243.444077][ T7946] netlink: 338 bytes leftover after parsing attributes in process `syz.2.449'. [ 244.345944][ T7954] netlink: 'syz.2.452': attribute type 11 has an invalid length. [ 246.685276][ T7988] netlink: 338 bytes leftover after parsing attributes in process `syz.2.460'. [ 246.728185][ T7988] netlink: 338 bytes leftover after parsing attributes in process `syz.2.460'. [ 254.215264][ T8078] netlink: zone id is out of range [ 254.237635][ T8078] netlink: zone id is out of range [ 254.254875][ T8078] netlink: zone id is out of range [ 254.270430][ T8078] netlink: zone id is out of range [ 254.275647][ T8078] netlink: zone id is out of range [ 254.331797][ T8078] netlink: zone id is out of range [ 254.376944][ T8078] netlink: zone id is out of range [ 254.383278][ T8078] netlink: zone id is out of range [ 254.410407][ T8078] netlink: zone id is out of range [ 254.429620][ T8078] netlink: zone id is out of range [ 254.874251][ T8078] block2mtd: illegal erase size [ 256.730389][ T8116] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 256.788127][ T8116] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 258.341938][ T8140] netlink: 338 bytes leftover after parsing attributes in process `syz.3.494'. [ 258.367095][ T8140] netlink: 338 bytes leftover after parsing attributes in process `syz.3.494'. [ 259.199948][ T8166] netlink: 338 bytes leftover after parsing attributes in process `syz.0.500'. [ 259.256654][ T8166] netlink: 338 bytes leftover after parsing attributes in process `syz.0.500'. [ 260.125154][ T8191] netlink: 338 bytes leftover after parsing attributes in process `syz.1.505'. [ 260.136076][ T8191] netlink: 338 bytes leftover after parsing attributes in process `syz.1.505'. [ 261.523310][ T8220] ubi0: attaching mtd0 [ 261.563952][ T8227] IPVS: length: 131 != 8 [ 261.573309][ T8220] ubi0: scanning is finished [ 261.596027][ T8220] ubi0: empty MTD device detected [ 261.856619][ T8220] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 261.864891][ T8220] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 261.872929][ T8220] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 261.896980][ T8220] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 261.936368][ T8220] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 261.972214][ T8220] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 261.982688][ T8240] net_ratelimit: 76 callbacks suppressed [ 261.982710][ T8240] netlink: zone id is out of range [ 262.032504][ T8228] netlink: 338 bytes leftover after parsing attributes in process `syz.3.512'. [ 262.045210][ T8240] netlink: zone id is out of range [ 262.051050][ T8240] netlink: zone id is out of range [ 262.056385][ T8240] netlink: zone id is out of range [ 262.063019][ T8240] netlink: zone id is out of range [ 262.068752][ T8240] netlink: zone id is out of range [ 262.074207][ T8240] netlink: zone id is out of range [ 262.084334][ T8240] netlink: zone id is out of range [ 262.092399][ T8220] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3302534537 [ 262.153117][ T8220] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 262.169581][ T8240] netlink: zone id is out of range [ 262.188184][ T8240] netlink: zone id is out of range [ 262.254571][ T8239] ubi0: background thread "ubi_bgt0d" started, PID 8239 [ 262.635779][ T8236] block2mtd: illegal erase size [ 263.381721][ T8263] netlink: 28 bytes leftover after parsing attributes in process `syz.0.519'. [ 263.582093][ T8264] hub 8-0:1.0: USB hub found [ 263.589391][ T8264] hub 8-0:1.0: 1 port detected [ 267.342195][ T8319] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 267.368220][ T8319] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 268.084777][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b06d000: rx timeout, send abort [ 268.095288][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805b06d000: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 269.280188][ T8334] net_ratelimit: 76 callbacks suppressed [ 269.280212][ T8334] openvswitch: netlink: Flow key attribute not present in set flow. [ 271.461836][ T8363] netlink: 4 bytes leftover after parsing attributes in process `syz.0.541'. [ 272.383728][ T1306] ieee802154 phy0 wpan0: encryption failed: -22 [ 272.398143][ T1306] ieee802154 phy1 wpan1: encryption failed: -22 [ 273.379196][ T8408] netlink: 4 bytes leftover after parsing attributes in process `syz.3.552'. [ 277.356777][ T30] audit: type=1800 audit(4294967848.261:5): pid=8469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.562" name="file0" dev="tmpfs" ino=786 res=0 errno=0 [ 277.546369][ T8474] ubi: mtd0 is already attached to ubi0 [ 278.058688][ T8487] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 278.078363][ T8487] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 280.049578][ T8528] snd_aloop snd_aloop.0: control 16781581:65533:1073741830:é'x?F¢é/èìzFË·fCªáª:45170 is already present [ 280.465683][ T8539] netlink: 338 bytes leftover after parsing attributes in process `syz.0.574'. [ 280.480250][ T8539] netlink: 338 bytes leftover after parsing attributes in process `syz.0.574'. [ 280.941308][ T8561] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 280.957323][ T8561] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 286.251904][ T8636] nvme_fabrics: missing parameter 'transport=%s' [ 286.305487][ T8652] random: crng reseeded on system resumption [ 286.313351][ T8636] nvme_fabrics: missing parameter 'nqn=%s' [ 286.403841][ T8644] netlink: 338 bytes leftover after parsing attributes in process `syz.0.599'. [ 286.476893][ T8644] netlink: 338 bytes leftover after parsing attributes in process `syz.0.599'. [ 286.491093][ T8641] kAFS: No cell specified [ 287.371130][ T30] audit: type=1804 audit(4294967890.274:6): pid=8668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.602" name="/newroot/167/file0" dev="tmpfs" ino=892 res=1 errno=0                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      syzkaller syzkaller login: [ 627.546022][T12614] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1326'. [ 627.579647][T12614] netlink: 'syz.1.1326': attribute type 1 has an invalid length. [ 627.618122][T12614] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1326'. [ 628.458157][ T6660] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1368 with max blocks 15 with error 117 [ 628.576101][ T6660] EXT4-fs (sda1): This should not happen!! Data will be lost [ 628.576101][ T6660] [ 632.344933][T12692] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1341'. [ 635.848340][T12737] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1352'. [ 635.874679][T12737] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1352'. [ 636.166352][T12753] zswap: compressor not available [ 638.138101][T12777] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1359'. [ 638.192497][T12777] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1359'. [ 638.868394][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 4 with max blocks 1 with error 117 [ 638.912428][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 638.912428][ T12] [ 641.024991][ T1306] ieee802154 phy0 wpan0: encryption failed: -22 [ 641.031739][ T1306] ieee802154 phy1 wpan1: encryption failed: -22 [ 641.886313][T12829] zram: Removed device: zram0 [ 651.643299][T12927] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1391'. [ 651.725819][T12931] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1391'. [ 652.658102][T12939] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1393'. [ 652.740340][T12939] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1393'. [ 654.860276][T12975] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1399'. [ 655.298648][T12965] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 655.305472][T12965] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 655.408936][T12965] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 655.427687][T12965] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 655.451142][T12974] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 656.381075][T11895] Bluetooth: hci0: command 0x0406 tx timeout [ 657.338005][T11895] Bluetooth: hci1: command 0x0406 tx timeout [ 657.417771][T11895] Bluetooth: hci2: command 0x0406 tx timeout [ 657.497604][T11895] Bluetooth: hci3: command 0x0406 tx timeout [ 658.246585][T13007] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1405'. [ 659.097966][ T6667] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1374 with max blocks 9 with error 117 [ 659.145013][ T6667] EXT4-fs (sda1): This should not happen!! Data will be lost [ 659.145013][ T6667] [ 660.325878][ T30] audit: type=1800 audit(4294968509.231:12): pid=13028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1407" name="dbroot" dev="configfs" ino=31503 res=0 errno=0 [ 662.283417][T13053] Console: switching to colour VGA+ 80x25 [ 662.638471][T13058] FAULT_INJECTION: forcing a failure. [ 662.638471][T13058] name failslab, interval 1, probability 0, space 0, times 0 [ 662.747699][T13058] CPU: 1 UID: 7 PID: 13058 Comm: syz.1.1412 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 662.747744][T13058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 662.747761][T13058] Call Trace: [ 662.747771][T13058] [ 662.747783][T13058] dump_stack_lvl+0x16c/0x1f0 [ 662.747838][T13058] should_fail_ex+0x512/0x640 [ 662.747884][T13058] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 662.747936][T13058] should_failslab+0xc2/0x120 [ 662.747967][T13058] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 662.748013][T13058] ? __proc_create+0xc3/0x8c0 [ 662.748057][T13058] ? __proc_create+0x2ce/0x8c0 [ 662.748112][T13058] __proc_create+0x2ce/0x8c0 [ 662.748178][T13058] ? __pfx___proc_create+0x10/0x10 [ 662.748223][T13058] ? _raw_write_unlock+0x28/0x50 [ 662.748269][T13058] ? proc_register+0x314/0x5f0 [ 662.748334][T13058] _proc_mkdir+0xb9/0x200 [ 662.748386][T13058] ? __pfx__proc_mkdir+0x10/0x10 [ 662.748435][T13058] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 662.748489][T13058] ? __pfx_netfilter_net_init+0x10/0x10 [ 662.748541][T13058] netfilter_net_init+0x37b/0x4b0 [ 662.748588][T13058] ? sysctl_net_init+0x27/0x30 [ 662.748618][T13058] ops_init+0x1e2/0x5f0 [ 662.748652][T13058] setup_net+0x1ff/0x510 [ 662.748679][T13058] ? lockdep_init_map_type+0x5c/0x280 [ 662.748721][T13058] ? __pfx_setup_net+0x10/0x10 [ 662.748755][T13058] ? debug_mutex_init+0x37/0x70 [ 662.748788][T13058] copy_net_ns+0x2a6/0x5f0 [ 662.748828][T13058] create_new_namespaces+0x3ea/0xa90 [ 662.748873][T13058] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 662.748911][T13058] ksys_unshare+0x45b/0xa40 [ 662.748953][T13058] ? __pfx_ksys_unshare+0x10/0x10 [ 662.748996][T13058] ? xfd_validate_state+0x61/0x180 [ 662.749050][T13058] __x64_sys_unshare+0x31/0x40 [ 662.749090][T13058] do_syscall_64+0xcd/0x490 [ 662.749152][T13058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 662.749184][T13058] RIP: 0033:0x7f68aa38e929 [ 662.749209][T13058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 662.749242][T13058] RSP: 002b:00007f68ab1cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 662.749272][T13058] RAX: ffffffffffffffda RBX: 00007f68aa5b5fa0 RCX: 00007f68aa38e929 [ 662.749291][T13058] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 662.749309][T13058] RBP: 00007f68aa410b39 R08: 0000000000000000 R09: 0000000000000000 [ 662.749326][T13058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 662.749344][T13058] R13: 0000000000000000 R14: 00007f68aa5b5fa0 R15: 00007fff36ac82f8 [ 662.749385][T13058] [ 662.749399][T13058] cannot create netfilter proc entry [ 663.403011][T13068] FAULT_INJECTION: forcing a failure. [ 663.403011][T13068] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 663.462029][T13068] CPU: 0 UID: 0 PID: 13068 Comm: syz.2.1415 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 663.462078][T13068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 663.462097][T13068] Call Trace: [ 663.462107][T13068] [ 663.462120][T13068] dump_stack_lvl+0x16c/0x1f0 [ 663.462178][T13068] should_fail_ex+0x512/0x640 [ 663.462232][T13068] _copy_from_user+0x2e/0xd0 [ 663.462285][T13068] copy_msghdr_from_user+0x98/0x160 [ 663.462340][T13068] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 663.462403][T13068] ? __lock_acquire+0x622/0x1c90 [ 663.462455][T13068] ___sys_recvmsg+0xdb/0x1a0 [ 663.462507][T13068] ? __pfx____sys_recvmsg+0x10/0x10 [ 663.462565][T13068] ? find_held_lock+0x2b/0x80 [ 663.462625][T13068] do_recvmmsg+0x2fe/0x750 [ 663.462771][T13068] ? __pfx_do_recvmmsg+0x10/0x10 [ 663.462836][T13068] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 663.462903][T13068] ? __fget_files+0x20e/0x3c0 [ 663.462960][T13068] __x64_sys_recvmmsg+0x22a/0x280 [ 663.462994][T13068] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 663.463042][T13068] do_syscall_64+0xcd/0x490 [ 663.463110][T13068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 663.463145][T13068] RIP: 0033:0x7fbfb818e929 [ 663.463172][T13068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 663.463205][T13068] RSP: 002b:00007fbfb5ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 663.463238][T13068] RAX: ffffffffffffffda RBX: 00007fbfb83b6240 RCX: 00007fbfb818e929 [ 663.463262][T13068] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 663.463283][T13068] RBP: 00007fbfb5ff6090 R08: 0000000000000000 R09: 0000000000000000 [ 663.463303][T13068] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 663.463323][T13068] R13: 0000000000000000 R14: 00007fbfb83b6240 R15: 00007fff03f6a7b8 [ 663.463366][T13068] [ 664.513096][T13080] FAULT_INJECTION: forcing a failure. [ 664.513096][T13080] name fail_futex, interval 1, probability 0, space 0, times 0 [ 664.559354][ T30] audit: type=1804 audit(4294968513.471:13): pid=13079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1417" name="/newroot/362/file0" dev="tmpfs" ino=1921 res=1 errno=0 [ 664.581739][T13080] CPU: 1 UID: 0 PID: 13080 Comm: syz.1.1417 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 664.581786][T13080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 664.581806][T13080] Call Trace: [ 664.581817][T13080] [ 664.581829][T13080] dump_stack_lvl+0x16c/0x1f0 [ 664.581885][T13080] should_fail_ex+0x512/0x640 [ 664.581940][T13080] get_futex_key+0x1d0/0x1540 [ 664.582004][T13080] ? __pfx_get_futex_key+0x10/0x10 [ 664.582050][T13080] ? __pfx___schedule+0x10/0x10 [ 664.582117][T13080] futex_wait_setup+0x9d/0x550 [ 664.582199][T13080] __futex_wait+0x194/0x2f0 [ 664.582257][T13080] ? __pfx___futex_wait+0x10/0x10 [ 664.582328][T13080] ? __pfx_futex_wake_mark+0x10/0x10 [ 664.582409][T13080] futex_wait+0xe8/0x380 [ 664.582463][T13080] ? __pfx_futex_wait+0x10/0x10 [ 664.582533][T13080] ? __pfx_set_user_sigmask+0x10/0x10 [ 664.582594][T13080] ? find_held_lock+0x2b/0x80 [ 664.582636][T13080] do_futex+0x229/0x350 [ 664.582681][T13080] ? __pfx_do_futex+0x10/0x10 [ 664.582726][T13080] ? __pfx_do_pselect.constprop.0+0x10/0x10 [ 664.582791][T13080] __x64_sys_futex+0x1e0/0x4c0 [ 664.582844][T13080] ? __pfx___x64_sys_futex+0x10/0x10 [ 664.582890][T13080] ? xfd_validate_state+0x61/0x180 [ 664.582935][T13080] ? __pfx___x64_sys_pselect6+0x10/0x10 [ 664.583001][T13080] do_syscall_64+0xcd/0x490 [ 664.583063][T13080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 664.583102][T13080] RIP: 0033:0x7f68aa38e929 [ 664.583132][T13080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 664.583178][T13080] RSP: 002b:00007f68ab1690e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 664.583216][T13080] RAX: ffffffffffffffda RBX: 00007f68aa5b6248 RCX: 00007f68aa38e929 [ 664.583242][T13080] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f68aa5b6248 [ 664.583266][T13080] RBP: 00007f68aa5b6240 R08: 0000000000000000 R09: 0000000000000000 [ 664.583290][T13080] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f68aa5b624c [ 664.583311][T13080] R13: 0000000000000000 R14: 00007fff36ac8210 R15: 00007fff36ac82f8 [ 664.583358][T13080] [ 664.804977][ T30] audit: type=1800 audit(4294968513.471:14): pid=13079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1417" name="file0" dev="tmpfs" ino=1921 res=0 errno=0 [ 666.234601][T13101] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 668.149024][T13102] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 670.722843][T13131] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1428'. [ 671.415581][T13142] zswap: compressor not available [ 672.774520][T13153] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 673.436030][T13171] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1435'. [ 676.778204][T13205] zswap: compressor not available [ 677.419999][T13224] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1445'. [ 678.478745][T13229] Process accounting resumed [ 682.268498][T13267] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1453'. [ 682.329584][T13267] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1453'. [ 682.689810][T13276] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1455'. [ 684.552029][T13291] Invalid ELF header magic: != ELF [ 687.482548][T13363] FAULT_INJECTION: forcing a failure. [ 687.482548][T13363] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 687.560710][T13363] CPU: 0 UID: 0 PID: 13363 Comm: syz.0.1469 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 687.560753][T13363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 687.560771][T13363] Call Trace: [ 687.560783][T13363] [ 687.560795][T13363] dump_stack_lvl+0x16c/0x1f0 [ 687.560887][T13363] should_fail_ex+0x512/0x640 [ 687.560938][T13363] _copy_from_user+0x2e/0xd0 [ 687.560990][T13363] copy_msghdr_from_user+0x98/0x160 [ 687.561038][T13363] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 687.561091][T13363] ? kfree+0x24f/0x4d0 [ 687.561206][T13363] ? __lock_acquire+0x622/0x1c90 [ 687.561252][T13363] ___sys_recvmsg+0xdb/0x1a0 [ 687.561300][T13363] ? __pfx____sys_recvmsg+0x10/0x10 [ 687.561372][T13363] ? __pfx___might_resched+0x10/0x10 [ 687.561426][T13363] do_recvmmsg+0x2fe/0x750 [ 687.561489][T13363] ? __pfx_do_recvmmsg+0x10/0x10 [ 687.561548][T13363] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 687.561612][T13363] ? __fget_files+0x20e/0x3c0 [ 687.561666][T13363] __x64_sys_recvmmsg+0x22a/0x280 [ 687.561699][T13363] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 687.561741][T13363] do_syscall_64+0xcd/0x490 [ 687.561802][T13363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 687.561836][T13363] RIP: 0033:0x7f7c1078e929 [ 687.561886][T13363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 687.561918][T13363] RSP: 002b:00007f7c11511038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 687.561950][T13363] RAX: ffffffffffffffda RBX: 00007f7c109b6160 RCX: 00007f7c1078e929 [ 687.561970][T13363] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 687.561988][T13363] RBP: 00007f7c11511090 R08: 0000000000000000 R09: 0000000000000000 [ 687.562007][T13363] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 687.562025][T13363] R13: 0000000000000000 R14: 00007f7c109b6160 R15: 00007ffd55d073a8 [ 687.562065][T13363] [ 688.417621][T13375] i2c i2c-0: new_device: Instantiated device card: at 0x01 [ 688.642339][T13373] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1472'. [ 688.684510][T13373] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1472'. [ 691.247404][T13418] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1480'. [ 691.293101][T13413] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1480'. [ 691.616915][T13428] FAULT_INJECTION: forcing a failure. [ 691.616915][T13428] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 691.640622][T13428] CPU: 1 UID: 0 PID: 13428 Comm: syz.2.1482 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 691.640665][T13428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 691.640683][T13428] Call Trace: [ 691.640694][T13428] [ 691.640705][T13428] dump_stack_lvl+0x16c/0x1f0 [ 691.640770][T13428] should_fail_ex+0x512/0x640 [ 691.640824][T13428] _copy_from_user+0x2e/0xd0 [ 691.640876][T13428] copy_msghdr_from_user+0x98/0x160 [ 691.640927][T13428] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 691.640985][T13428] ? kfree+0x24f/0x4d0 [ 691.641035][T13428] ___sys_recvmsg+0xdb/0x1a0 [ 691.641085][T13428] ? __pfx____sys_recvmsg+0x10/0x10 [ 691.641160][T13428] ? __pfx___might_resched+0x10/0x10 [ 691.641203][T13428] do_recvmmsg+0x2fe/0x750 [ 691.641262][T13428] ? __pfx_do_recvmmsg+0x10/0x10 [ 691.641321][T13428] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 691.641386][T13428] ? __fget_files+0x20e/0x3c0 [ 691.641439][T13428] __x64_sys_recvmmsg+0x22a/0x280 [ 691.641473][T13428] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 691.641514][T13428] do_syscall_64+0xcd/0x490 [ 691.641565][T13428] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 691.641599][T13428] RIP: 0033:0x7fbfb818e929 [ 691.641624][T13428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 691.641655][T13428] RSP: 002b:00007fbfb5ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 691.641686][T13428] RAX: ffffffffffffffda RBX: 00007fbfb83b6240 RCX: 00007fbfb818e929 [ 691.641707][T13428] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 691.641726][T13428] RBP: 00007fbfb5ff6090 R08: 0000000000000000 R09: 0000000000000000 [ 691.641745][T13428] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 691.641785][T13428] R13: 0000000000000000 R14: 00007fbfb83b6240 R15: 00007fff03f6a7b8 [ 691.641829][T13428] [ 693.975520][T13443] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1487'. [ 694.230943][T13453] could not allocate digest TFM handle [ 694.388134][T13465] FAULT_INJECTION: forcing a failure. [ 694.388134][T13465] name failslab, interval 1, probability 0, space 0, times 0 [ 694.613411][T13465] CPU: 1 UID: 0 PID: 13465 Comm: syz.0.1489 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 694.613461][T13465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 694.613490][T13465] Call Trace: [ 694.613501][T13465] [ 694.613515][T13465] dump_stack_lvl+0x16c/0x1f0 [ 694.613572][T13465] should_fail_ex+0x512/0x640 [ 694.613620][T13465] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 694.613681][T13465] should_failslab+0xc2/0x120 [ 694.613715][T13465] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 694.613771][T13465] ? kvasprintf_const+0x66/0x1a0 [ 694.613810][T13465] kvasprintf+0xbc/0x160 [ 694.613840][T13465] ? __pfx_kvasprintf+0x10/0x10 [ 694.613872][T13465] ? lockdep_hardirqs_on+0x7c/0x110 [ 694.613923][T13465] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 694.613972][T13465] ? __debug_object_init+0x2de/0x3d0 [ 694.614015][T13465] kvasprintf_const+0x66/0x1a0 [ 694.614049][T13465] kobject_set_name_vargs+0x5a/0x140 [ 694.614086][T13465] dev_set_name+0xc7/0x100 [ 694.614124][T13465] ? __pfx_dev_set_name+0x10/0x10 [ 694.614167][T13465] ? lockdep_init_map_type+0x5c/0x280 [ 694.614214][T13465] ? __init_waitqueue_head+0xca/0x150 [ 694.614403][T13465] ? input_allocate_device+0x271/0x350 [ 694.614462][T13465] input_allocate_device+0x293/0x350 [ 694.614508][T13465] uinput_ioctl_handler.isra.0+0x8bb/0x1df0 [ 694.614550][T13465] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 694.614604][T13465] ? find_held_lock+0x2b/0x80 [ 694.614659][T13465] ? __pfx_uinput_ioctl+0x10/0x10 [ 694.614694][T13465] __x64_sys_ioctl+0x18e/0x210 [ 694.614740][T13465] do_syscall_64+0xcd/0x490 [ 694.614799][T13465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 694.614834][T13465] RIP: 0033:0x7f7c1078e929 [ 694.614864][T13465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 694.614898][T13465] RSP: 002b:00007f7c0e1f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 694.614934][T13465] RAX: ffffffffffffffda RBX: 00007f7c109b6240 RCX: 00007f7c1078e929 [ 694.614956][T13465] RDX: 0000200000000300 RSI: 00000000405c5503 RDI: 0000000000000007 [ 694.614975][T13465] RBP: 00007f7c10810b39 R08: 0000000000000000 R09: 0000000000000000 [ 694.614994][T13465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 694.615012][T13465] R13: 0000000000000000 R14: 00007f7c109b6240 R15: 00007ffd55d073a8 [ 694.615055][T13465] [ 695.039304][T13466] input (null): cannot allocate more than FF_MAX_EFFECTS effects [ 695.364493][T13453] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1488'. [ 699.648545][T13527] FAULT_INJECTION: forcing a failure. [ 699.648545][T13527] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 699.891636][T13531] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1501'. [ 699.916929][T13527] CPU: 0 UID: 0 PID: 13527 Comm: syz.2.1500 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 699.916972][T13527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 699.916992][T13527] Call Trace: [ 699.917001][T13527] [ 699.917011][T13527] dump_stack_lvl+0x16c/0x1f0 [ 699.917053][T13527] should_fail_ex+0x512/0x640 [ 699.917092][T13527] _copy_from_user+0x2e/0xd0 [ 699.917131][T13527] copy_msghdr_from_user+0x98/0x160 [ 699.917169][T13527] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 699.917212][T13527] ? kfree+0x24f/0x4d0 [ 699.917240][T13527] ? __lock_acquire+0x622/0x1c90 [ 699.917291][T13527] ___sys_recvmsg+0xdb/0x1a0 [ 699.917343][T13527] ? __pfx____sys_recvmsg+0x10/0x10 [ 699.917400][T13527] ? __pfx___might_resched+0x10/0x10 [ 699.917433][T13527] do_recvmmsg+0x2fe/0x750 [ 699.917475][T13527] ? __pfx_do_recvmmsg+0x10/0x10 [ 699.917520][T13527] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 699.917569][T13527] ? __fget_files+0x20e/0x3c0 [ 699.917610][T13527] __x64_sys_recvmmsg+0x22a/0x280 [ 699.917634][T13527] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 699.917667][T13527] do_syscall_64+0xcd/0x490 [ 699.917709][T13527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 699.917735][T13527] RIP: 0033:0x7fbfb818e929 [ 699.917755][T13527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 699.917779][T13527] RSP: 002b:00007fbfb5ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 699.917802][T13527] RAX: ffffffffffffffda RBX: 00007fbfb83b6240 RCX: 00007fbfb818e929 [ 699.917819][T13527] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 699.917834][T13527] RBP: 00007fbfb5ff6090 R08: 0000000000000000 R09: 0000000000000000 [ 699.917850][T13527] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000002 [ 699.917865][T13527] R13: 0000000000000000 R14: 00007fbfb83b6240 R15: 00007fff03f6a7b8 [ 699.917896][T13527] [ 700.266492][T13531] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1501'. [ 702.464809][ T1306] ieee802154 phy0 wpan0: encryption failed: -22 [ 702.475271][T13572] FAULT_INJECTION: forcing a failure. [ 702.475271][T13572] name failslab, interval 1, probability 0, space 0, times 0 [ 702.475651][ T1306] ieee802154 phy1 wpan1: encryption failed: -22 [ 702.745720][T13572] CPU: 0 UID: 0 PID: 13572 Comm: syz.2.1509 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 702.745821][T13572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 702.745842][T13572] Call Trace: [ 702.745853][T13572] [ 702.745868][T13572] dump_stack_lvl+0x16c/0x1f0 [ 702.745926][T13572] should_fail_ex+0x512/0x640 [ 702.745972][T13572] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 702.746023][T13572] should_failslab+0xc2/0x120 [ 702.746071][T13572] __kmalloc_cache_noprof+0x6a/0x3e0 [ 702.746130][T13572] ? input_allocate_device+0xc5/0x350 [ 702.746185][T13572] input_allocate_device+0xc5/0x350 [ 702.746233][T13572] uinput_ioctl_handler.isra.0+0x8bb/0x1df0 [ 702.746276][T13572] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 702.746323][T13572] ? find_held_lock+0x2b/0x80 [ 702.746379][T13572] ? __pfx_uinput_ioctl+0x10/0x10 [ 702.746415][T13572] __x64_sys_ioctl+0x18e/0x210 [ 702.746457][T13572] do_syscall_64+0xcd/0x490 [ 702.746511][T13572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 702.749301][T13572] RIP: 0033:0x7fbfb818e929 [ 702.749329][T13572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 702.749361][T13572] RSP: 002b:00007fbfb5bf4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 702.749413][T13572] RAX: ffffffffffffffda RBX: 00007fbfb83b6240 RCX: 00007fbfb818e929 [ 702.749436][T13572] RDX: 0000200000000300 RSI: 00000000405c5503 RDI: 0000000000000007 [ 702.749456][T13572] RBP: 00007fbfb8210b39 R08: 0000000000000000 R09: 0000000000000000 [ 702.749476][T13572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 702.749497][T13572] R13: 0000000000000000 R14: 00007fbfb83b6240 R15: 00007fff03f6a7b8 [ 702.749543][T13572] [ 704.224048][T13588] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1513'. [ 704.327065][T13595] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1513'. [ 707.265301][T13631] FAULT_INJECTION: forcing a failure. [ 707.265301][T13631] name failslab, interval 1, probability 0, space 0, times 0 [ 707.318107][T13631] CPU: 1 UID: 0 PID: 13631 Comm: syz.0.1520 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 707.318149][T13631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 707.318166][T13631] Call Trace: [ 707.318178][T13631] [ 707.318189][T13631] dump_stack_lvl+0x16c/0x1f0 [ 707.318255][T13631] should_fail_ex+0x512/0x640 [ 707.318294][T13631] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 707.318334][T13631] should_failslab+0xc2/0x120 [ 707.318359][T13631] __kmalloc_cache_noprof+0x6a/0x3e0 [ 707.318394][T13631] ? snd_seq_port_connect+0x61/0x550 [ 707.318425][T13631] snd_seq_port_connect+0x61/0x550 [ 707.318449][T13631] ? _raw_read_unlock+0x28/0x50 [ 707.318504][T13631] ? check_subscription_permission.isra.0+0xf5/0x240 [ 707.318537][T13631] snd_seq_ioctl_subscribe_port+0x211/0x450 [ 707.318571][T13631] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 707.318615][T13631] snd_seq_kernel_client_ctl+0x10a/0x1c0 [ 707.318647][T13631] snd_seq_oss_midi_open+0x442/0x660 [ 707.318685][T13631] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 707.318720][T13631] ? __mutex_trylock_common+0xe9/0x250 [ 707.318767][T13631] ? rcu_is_watching+0x12/0xc0 [ 707.318792][T13631] ? trace_contention_end+0xdd/0x130 [ 707.318833][T13631] snd_seq_oss_synth_reset+0x437/0x880 [ 707.318871][T13631] ? __pfx_snd_seq_oss_synth_reset+0x10/0x10 [ 707.318908][T13631] ? __pfx___fsnotify_parent+0x10/0x10 [ 707.318949][T13631] snd_seq_oss_reset+0x73/0x290 [ 707.318981][T13631] ? __pfx_odev_release+0x10/0x10 [ 707.319005][T13631] snd_seq_oss_release+0x7c/0x180 [ 707.319034][T13631] odev_release+0x4c/0x70 [ 707.319057][T13631] __fput+0x402/0xb70 [ 707.319090][T13631] task_work_run+0x150/0x240 [ 707.319132][T13631] ? __pfx_task_work_run+0x10/0x10 [ 707.319178][T13631] ? __pfx___do_sys_close_range+0x10/0x10 [ 707.319232][T13631] exit_to_user_mode_loop+0xeb/0x110 [ 707.319276][T13631] do_syscall_64+0x3f6/0x490 [ 707.319322][T13631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 707.319350][T13631] RIP: 0033:0x7f7c1078e929 [ 707.319373][T13631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 707.319400][T13631] RSP: 002b:00007f7c11553038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 707.319426][T13631] RAX: 0000000000000000 RBX: 00007f7c109b5fa0 RCX: 00007f7c1078e929 [ 707.319443][T13631] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 707.319459][T13631] RBP: 00007f7c10810b39 R08: 0000000000000000 R09: 0000000000000000 [ 707.319476][T13631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 707.319492][T13631] R13: 0000000000000000 R14: 00007f7c109b5fa0 R15: 00007ffd55d073a8 [ 707.319526][T13631] [ 709.532045][T13657] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1524'. [ 709.542440][T13657] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1524'. [ 710.963490][T13630] Process accounting paused [ 711.914605][T13686] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 712.008943][T13686] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 712.030033][T13686] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 712.127412][T13686] page_type: f5(slab) [ 712.147368][T13686] raw: 00fff00000000040 ffff88801ca94640 0000000000000000 dead000000000001 [ 712.263148][T13689] could not allocate digest TFM handle binfmt_misc [ 712.326408][T13686] raw: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 712.386657][T13686] head: 00fff00000000040 ffff88801ca94640 0000000000000000 dead000000000001 [ 712.497897][T13686] head: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 712.614459][T13686] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 712.743697][T13686] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 712.755398][T13686] page dumped because: unmovable page [ 712.761318][T13686] page_owner tracks the page as allocated [ 712.768151][T13686] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5213, tgid 5213 (udevd), ts 72254399707, free_ts 72226800766 [ 712.888009][T13686] post_alloc_hook+0x1c0/0x230 [ 712.892929][T13686] get_page_from_freelist+0x1321/0x3890 [ 712.989237][T13686] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 713.106378][T13686] alloc_pages_mpol+0x1fb/0x550 [ 713.233723][T13686] new_slab+0x23b/0x330 [ 713.277680][T13686] ___slab_alloc+0xd9c/0x1940 [ 713.389529][T13686] __slab_alloc.constprop.0+0x56/0xb0 [ 713.445210][T13686] kmem_cache_alloc_noprof+0xef/0x3b0 [ 713.466465][T13686] getname_flags.part.0+0x4c/0x550 [ 713.497151][T13686] getname_flags+0x93/0xf0 [ 713.527085][T13686] do_sys_openat2+0xb8/0x1d0 [ 713.536069][T13686] __x64_sys_openat+0x174/0x210 [ 713.556423][T13686] do_syscall_64+0xcd/0x490 [ 713.567155][T13686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.573629][T13686] page last free pid 5213 tgid 5213 stack trace: [ 713.583032][T13686] __free_frozen_pages+0x7fe/0x1180 [ 713.588770][T13686] __put_partials+0x16d/0x1c0 [ 713.604576][T13686] qlist_free_all+0x4d/0x120 [ 713.609670][T13686] kasan_quarantine_reduce+0x195/0x1e0 [ 713.615602][T13686] __kasan_slab_alloc+0x69/0x90 [ 713.623859][T13686] __kmalloc_cache_noprof+0x1f1/0x3e0 [ 713.639681][T13686] kernfs_fop_open+0x244/0xda0 [ 713.644562][T13686] do_dentry_open+0x741/0x1c10 [ 713.681450][T13686] vfs_open+0x82/0x3f0 [ 713.685702][T13686] path_openat+0x1de4/0x2cb0 [ 713.698698][T13686] do_filp_open+0x20b/0x470 [ 713.703557][T13686] do_sys_openat2+0x11b/0x1d0 [ 713.713793][T13686] __x64_sys_openat+0x174/0x210 [ 713.720356][T13686] do_syscall_64+0xcd/0x490 [ 713.725361][T13686] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.102070][T13702] tipc: can't start tipc receive workqueue [ 714.787642][T13722] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1535'. [ 715.527993][T13732] Invalid ELF header magic: != ELF [ 716.677855][T13748] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 716.687881][T13748] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 716.717402][T13748] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 716.745428][T13748] page_type: f5(slab) [ 716.749686][T13748] raw: 00fff00000000040 ffff88801ca94640 0000000000000000 dead000000000001 [ 716.770018][T13748] raw: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 716.817804][T13748] head: 00fff00000000040 ffff88801ca94640 0000000000000000 dead000000000001 [ 716.927481][T13748] head: 0000000000000000 0000000000070007 00000000f5000000 0000000000000000 [ 717.000428][T13748] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 717.012335][T13748] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 717.022431][T13756] [ 717.024818][T13756] ====================================================== [ 717.031873][T13756] WARNING: possible circular locking dependency detected [ 717.039026][T13756] 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 Not tainted [ 717.047128][T13756] ------------------------------------------------------ [ 717.054619][T13756] syz.1.1542/13756 is trying to acquire lock: [ 717.060739][T13756] ffffffff8e52ea68 (pcpu_alloc_mutex){+.+.}-{4:4}, at: pcpu_alloc_noprof+0xb4c/0x1470 [ 717.070462][T13756] [ 717.070462][T13756] but task is already holding lock: [ 717.078198][T13756] ffff8881433d4520 (&q->q_usage_counter(io)#53){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 717.089668][T13756] [ 717.089668][T13756] which lock already depends on the new lock. [ 717.089668][T13756] [ 717.101075][T13756] [ 717.101075][T13756] the existing dependency chain (in reverse order) is: [ 717.110934][T13756] [ 717.110934][T13756] -> #2 (&q->q_usage_counter(io)#53){++++}-{0:0}: [ 717.120087][T13756] blk_alloc_queue+0x619/0x760 [ 717.125686][T13756] blk_mq_alloc_queue+0x175/0x290 [ 717.131438][T13756] __blk_mq_alloc_disk+0x29/0x120 [ 717.137496][T13756] nbd_dev_add+0x4a0/0xbc0 [ 717.143591][T13756] nbd_init+0x181/0x320 [ 717.148304][T13756] do_one_initcall+0x120/0x6e0 [ 717.153633][T13756] kernel_init_freeable+0x5c2/0x900 [ 717.159387][T13756] kernel_init+0x1c/0x2b0 [ 717.164265][T13756] ret_from_fork+0x5d4/0x6f0 [ 717.169490][T13756] ret_from_fork_asm+0x1a/0x30 [ 717.174839][T13756] [ 717.174839][T13756] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 717.182173][T13756] fs_reclaim_acquire+0x102/0x150 [ 717.187763][T13756] prepare_alloc_pages+0x162/0x610 [ 717.193466][T13756] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 717.199921][T13756] __alloc_pages_noprof+0xb/0x1b0 [ 717.205520][T13756] pcpu_populate_chunk+0x110/0xb00 [ 717.211201][T13756] pcpu_alloc_noprof+0x86a/0x1470 [ 717.216877][T13756] xt_percpu_counter_alloc+0x13e/0x1b0 [ 717.222905][T13756] find_check_entry.constprop.0+0xbc/0x9b0 [ 717.229292][T13756] translate_table+0xc98/0x1720 [ 717.234699][T13756] ipt_register_table+0x102/0x430 [ 717.240286][T13756] iptable_security_table_init+0x40/0x60 [ 717.246480][T13756] xt_find_table_lock+0x2e1/0x520 [ 717.252070][T13756] xt_request_find_table_lock+0x28/0xf0 [ 717.258210][T13756] get_info+0x190/0x610 [ 717.262941][T13756] do_ipt_get_ctl+0x169/0xa10 [ 717.268267][T13756] nf_getsockopt+0x7c/0xe0 [ 717.273255][T13756] ip_getsockopt+0x18c/0x1e0 [ 717.279027][T13756] tcp_getsockopt+0x9e/0x100 [ 717.284299][T13756] do_sock_getsockopt+0x3ff/0x800 [ 717.290249][T13756] __sys_getsockopt+0x123/0x1b0 [ 717.295743][T13756] __x64_sys_getsockopt+0xbd/0x160 [ 717.301684][T13756] do_syscall_64+0xcd/0x490 [ 717.306754][T13756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.313212][T13756] [ 717.313212][T13756] -> #0 (pcpu_alloc_mutex){+.+.}-{4:4}: [ 717.320996][T13756] __lock_acquire+0x126f/0x1c90 [ 717.326400][T13756] lock_acquire+0x179/0x350 [ 717.331469][T13756] __mutex_lock+0x199/0xb90 [ 717.336531][T13756] pcpu_alloc_noprof+0xb4c/0x1470 [ 717.342149][T13756] blk_stat_alloc_callback+0xc8/0x280 [ 717.348089][T13756] wbt_init+0xac/0x540 [ 717.352714][T13756] queue_wb_lat_store+0x354/0x3d0 [ 717.358827][T13756] queue_attr_store+0x279/0x320 [ 717.364323][T13756] sysfs_kf_write+0xf2/0x150 [ 717.369477][T13756] kernfs_fop_write_iter+0x351/0x510 [ 717.375312][T13756] vfs_write+0x6c4/0x1150 [ 717.380743][T13756] ksys_write+0x12a/0x250 [ 717.385736][T13756] do_syscall_64+0xcd/0x490 [ 717.391360][T13756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.397905][T13756] [ 717.397905][T13756] other info that might help us debug this: [ 717.397905][T13756] [ 717.408179][T13756] Chain exists of: [ 717.408179][T13756] pcpu_alloc_mutex --> fs_reclaim --> &q->q_usage_counter(io)#53 [ 717.408179][T13756] [ 717.421894][T13756] Possible unsafe locking scenario: [ 717.421894][T13756] [ 717.429634][T13756] CPU0 CPU1 [ 717.435185][T13756] ---- ---- [ 717.440758][T13756] lock(&q->q_usage_counter(io)#53); [ 717.446351][T13756] lock(fs_reclaim); [ 717.453232][T13756] lock(&q->q_usage_counter(io)#53); [ 717.461263][T13756] lock(pcpu_alloc_mutex); [ 717.465893][T13756] [ 717.465893][T13756] *** DEADLOCK *** [ 717.465893][T13756] [ 717.474420][T13756] 6 locks held by syz.1.1542/13756: [ 717.479836][T13756] #0: ffff88801efa55f8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 717.488999][T13756] #1: ffff888035d8c428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 717.498236][T13756] #2: ffff88805985fc88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 717.508041][T13756] #3: ffff888023773d28 (kn->active#204){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 717.518200][T13756] #4: ffff8881433d4520 (&q->q_usage_counter(io)#53){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 717.530180][T13756] #5: ffff8881433d4558 (&q->q_usage_counter(queue)#5){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 717.542256][T13756] [ 717.542256][T13756] stack backtrace: [ 717.548188][T13756] CPU: 1 UID: 0 PID: 13756 Comm: syz.1.1542 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 717.548222][T13756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 717.548238][T13756] Call Trace: [ 717.548245][T13756] [ 717.548253][T13756] dump_stack_lvl+0x116/0x1f0 [ 717.548295][T13756] print_circular_bug+0x275/0x350 [ 717.548327][T13756] check_noncircular+0x14c/0x170 [ 717.548359][T13756] __lock_acquire+0x126f/0x1c90 [ 717.548394][T13756] lock_acquire+0x179/0x350 [ 717.548422][T13756] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 717.548456][T13756] ? __pfx___might_resched+0x10/0x10 [ 717.548479][T13756] ? ksys_write+0x12a/0x250 [ 717.548511][T13756] ? do_syscall_64+0xcd/0x490 [ 717.548547][T13756] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.548573][T13756] __mutex_lock+0x199/0xb90 [ 717.548608][T13756] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 717.548640][T13756] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 717.548672][T13756] ? __pfx___mutex_lock+0x10/0x10 [ 717.548717][T13756] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 717.548747][T13756] pcpu_alloc_noprof+0xb4c/0x1470 [ 717.548783][T13756] ? __pfx_wbt_data_dir+0x10/0x10 [ 717.548817][T13756] ? __pfx_wb_timer_fn+0x10/0x10 [ 717.548838][T13756] blk_stat_alloc_callback+0xc8/0x280 [ 717.548876][T13756] ? kasan_save_track+0x14/0x30 [ 717.548911][T13756] wbt_init+0xac/0x540 [ 717.548934][T13756] queue_wb_lat_store+0x354/0x3d0 [ 717.548970][T13756] ? __pfx_queue_wb_lat_store+0x10/0x10 [ 717.549006][T13756] ? __mutex_trylock_common+0xe9/0x250 [ 717.549038][T13756] ? __pfx_queue_wb_lat_store+0x10/0x10 [ 717.549073][T13756] queue_attr_store+0x279/0x320 [ 717.549108][T13756] ? __pfx_queue_attr_store+0x10/0x10 [ 717.549151][T13756] ? __lock_acquire+0x622/0x1c90 [ 717.549188][T13756] ? find_held_lock+0x2b/0x80 [ 717.549211][T13756] ? sysfs_file_kobj+0xe4/0x290 [ 717.549240][T13756] ? __pfx_queue_attr_store+0x10/0x10 [ 717.549277][T13756] sysfs_kf_write+0xf2/0x150 [ 717.549306][T13756] kernfs_fop_write_iter+0x351/0x510 [ 717.549329][T13756] ? __pfx_sysfs_kf_write+0x10/0x10 [ 717.549359][T13756] vfs_write+0x6c4/0x1150 [ 717.549392][T13756] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 717.549418][T13756] ? __pfx___mutex_lock+0x10/0x10 [ 717.549456][T13756] ? __pfx_vfs_write+0x10/0x10 [ 717.549498][T13756] ksys_write+0x12a/0x250 [ 717.549532][T13756] ? __pfx_ksys_write+0x10/0x10 [ 717.549570][T13756] do_syscall_64+0xcd/0x490 [ 717.549609][T13756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.549633][T13756] RIP: 0033:0x7f68aa38e929 [ 717.549652][T13756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 717.549676][T13756] RSP: 002b:00007f68ab1cc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 717.549699][T13756] RAX: ffffffffffffffda RBX: 00007f68aa5b5fa0 RCX: 00007f68aa38e929 [ 717.549715][T13756] RDX: 0000000000000001 RSI: 0000200000000ec0 RDI: 0000000000000008 [ 717.549731][T13756] RBP: 00007f68aa410b39 R08: 0000000000000000 R09: 0000000000000000 [ 717.549746][T13756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 717.549761][T13756] R13: 0000000000000000 R14: 00007f68aa5b5fa0 R15: 00007fff36ac82f8 [ 717.549783][T13756] [ 717.961284][T13748] page dumped because: unmovable page [ 717.971537][T13748] page_owner tracks the page as allocated [ 718.017337][T13748] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5213, tgid 5213 (udevd), ts 72254399707, free_ts 72226800766 [ 718.404042][T13748] post_alloc_hook+0x1c0/0x230 [ 718.492303][T13750] could not allocate digest TFM handle binfmt_misc [ 718.517325][T13748] get_page_from_freelist+0x1321/0x3890 [ 718.522989][T13748] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 718.587380][T13748] alloc_pages_mpol+0x1fb/0x550 [ 718.612648][T13748] new_slab+0x23b/0x330 [ 718.616944][T13748] ___slab_alloc+0xd9c/0x1940 [ 718.677346][T13748] __slab_alloc.constprop.0+0x56/0xb0 [ 718.687548][T13748] kmem_cache_alloc_noprof+0xef/0x3b0 [ 718.703234][T13748] getname_flags.part.0+0x4c/0x550 [ 718.713371][T13748] getname_flags+0x93/0xf0 [ 718.723823][T13748] do_sys_openat2+0xb8/0x1d0 [ 718.734102][T13748] __x64_sys_openat+0x174/0x210 [ 718.739586][T13748] do_syscall_64+0xcd/0x490 [ 718.744309][T13748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 718.752192][T13748] page last free pid 5213 tgid 5213 stack trace: [ 718.759358][T13748] __free_frozen_pages+0x7fe/0x1180 [ 718.764925][T13748] __put_partials+0x16d/0x1c0 [ 718.787412][T13748] qlist_free_all+0x4d/0x120 [ 718.792401][T13748] kasan_quarantine_reduce+0x195/0x1e0 [ 718.801755][T13748] __kasan_slab_alloc+0x69/0x90 [ 718.817385][T13748] __kmalloc_cache_noprof+0x1f1/0x3e0 [ 718.822874][T13748] kernfs_fop_open+0x244/0xda0 [ 718.837380][T13748] do_dentry_open+0x741/0x1c10 [ 718.847582][T13748] vfs_open+0x82/0x3f0 [ 718.851949][T13748] path_openat+0x1de4/0x2cb0 [ 718.857039][T13748] do_filp_open+0x20b/0x470 [ 718.862108][T13748] do_sys_openat2+0x11b/0x1d0 [ 718.866882][T13748] __x64_sys_openat+0x174/0x210 [ 718.872218][T13748] do_syscall_64+0xcd/0x490 [ 718.877112][T13748] entry_SYSCALL_64_after_hwframe+0x77/0x7f